Slashdot

SC World reports:Several major end-to-end encrypted cloud storage services contain cryptographic flaws that could lead to loss of confidentiality, file tampering, file injection and more, researchers from ETH Zurich said in a paper published this month. The five cloud services studied offer end-to-end encryption (E2EE), intended to ensure files can not be read or edited by anyone other than the uploader, meaning not even the cloud storage provider can access the files. However, ETH Zurich researchers Jonas Hofmann and Kien Tuong Truong, who presented their findings at the ACM Conference on Computer and Communications Security (CCS) last week, found serious flaws in four out of the five services that could effectively bypass the security benefits provided by E2EE by enabling an attacker who managed to compromise a cloud server to access, tamper with or inject files. The E2EE cloud storage services studied were Sync, pCloud, Seafile, Icedrive and Tresorit, which have a collective total of about 22 million users. Tresorit had the fewest vulnerabilities, which could enable some metadata tampering and use of non-authentic keys when sharing files. The other four services were found to have more severe flaws posing a greater risk to file confidentiality and integrity. BleepingComputer reports that Sync is "fast-tracking fixes," while Seafile "promised to patch the protocol downgrade problem on a future upgrade." And SC World does note that all 10 of the tested exploits "would require the attacker to have already gained control of a server with the ability to read, modify and inject data. "The authors wrote that they consider this to be a realistic threat model for E2EE services, as these services are meant to protect files even if such a compromise was to occur." Thanks to Slashdot reader spatwei for sharing the article.Read more of this story at Slashdot.

SC World reports:Several major end-to-end encrypted cloud storage services contain cryptographic flaws that could lead to loss of confidentiality, file tampering, file injection and more, researchers from ETH Zurich said in a paper published this month. The five cloud services studied offer end-to-end encryption (E2EE), intended to ensure files can not be read or edited by anyone other than the uploader, meaning not even the cloud storage provider can access the files. However, ETH Zurich researchers Jonas Hofmann and Kien Tuong Truong, who presented their findings at the ACM Conference on Computer and Communications Security (CCS) last week, found serious flaws in four out of the five services that could effectively bypass the security benefits provided by E2EE by enabling an attacker who managed to compromise a cloud server to access, tamper with or inject files. The E2EE cloud storage services studied were Sync, pCloud, Seafile, Icedrive and Tresorit, which have a collective total of about 22 million users. Tresorit had the fewest vulnerabilities, which could enable some metadata tampering and use of non-authentic keys when sharing files. The other four services were found to have more severe flaws posing a greater risk to file confidentiality and integrity. BleepingComputer reports that Sync is "fast-tracking fixes," while Seafile "promised to patch the protocol downgrade problem on a future upgrade." And SC World does note that all 10 of the tested exploits "would require the attacker to have already gained control of a server with the ability to read, modify and inject data. "The authors wrote that they consider this to be a realistic threat model for E2EE services, as these services are meant to protect files even if such a compromise was to occur." Thanks to Slashdot reader spatwei for sharing the article.Read more of this story at Slashdot.

"After safely splashing down on Earth as part of NASA's SpaceX Crew-8 mission Friday, a NASA astronaut experienced a medical issue," NASA reported Friday. But today there's an update:After an overnight stay at Ascension Sacred Heart Pensacola in Florida, the NASA astronaut was released and returned to NASA's Johnson Space Center in Houston Saturday. The crew member is in good health and will resume normal post-flight reconditioning with other crew members. As part of NASA's SpaceX Crew-8 mission [SpaceX's eighth crew-rotation mission to the ISS], the astronaut was one of four crewmates who safely splashed down aboard their SpaceX Dragon spacecraft near Pensacola on October 25. The crew members completed a 235-day mission, 232 days of which were spent aboard the International Space Station conducting scientific research. To protect the crew member's medical privacy, specific details on the individual's condition and identity will not be shared.Read more of this story at Slashdot.

Slashdot reader samleecole writes: Privacy advocates gained access to a powerful tool bought by U.S. law enforcement agencies that can track smartphone locations around the world. Abortion clinics, places of worship, and individual people can all be monitored without a warrant. An investigation into tracking tool Locate X shows in the starkest terms yet how it and others - based on smartphone location data sold to various U.S. government law enforcement agencies, including state entities - could be used to monitor abortion clinic patients. This comes as more states contemplate stricter or outright bans on abortion...Read more of this story at Slashdot.

PV Magazine reports:Researchers in Australia and China have developed an innovative technology enabling direct lithium extraction from difficult-to-process sources like saltwater, which they say represents a substantial portion of the world's lithium potential. Until now, up to 75% of the world's lithium-rich saltwater sources have remained untapped because of technical limitations, but given predictions that global lithium supply could fall short of demand as early as 2025, the researchers believe they have a game-changing solution. Their technology is a type of nanofiltration system that uses ethylenediaminetetraacetic acid, or EDTA, as a chelating agent to selectively separate lithium from other minerals, especially magnesium, which is often present in brines and difficult to remove. "With some predicting global lithium supply could fall short of demand as early as 2025, the innovative technology sets a new standard in lithium processing," writes SciTechDaily:The work, co-led by Dr Zhikao Li, from the Monash Suzhou Research Institute and the Department of Chemical and Biological Engineering, and Professor Xiwang Zhang from the University of Queensland, promises to meet the surging demand for lithium and paves the way for more sustainable and efficient extraction practices... "Our technology achieves 90 percent lithium recovery, nearly double the performance of traditional methods, while dramatically reducing the time required for extraction from years to mere weeks," Dr. Li said. The technology also turns leftover magnesium into a valuable, high-quality product that can be sold, reducing waste and its impact on the environment. Beyond its advanced efficiency, the EALNF system brings innovation to address major environmental concerns associated with lithium extraction. Unlike conventional methods that deplete vital water resources in arid regions, the technology produces freshwater as a by-product. Dr Li said the system was flexible and ready for large-scale use, meaning it can quickly expand from testing to full industrial operations. "This breakthrough is crucial for avoiding a future lithium shortage, making it possible to access lithium from hard-to-reach sources and helping power the shift to clean energy." "Our scalable process minimizes environmental impact while maximizing resource utilization," according to the researchers' article in Nature Sustainability, "thereby catalysing the shift toward a more sustainable future." Thanks to long-time Slashdot reader schwit1 for sharing the news.Read more of this story at Slashdot.

In 2004 Alaa Abd El Fattah answered questions from Slashdot's readers about organizing the first-ever Linux installfest in Egypt. In 2014 he was arrested for organizing poltical protests without requesting authorization, according to Wikipedia, and then released on bail - but then sentenced to five years in prison upon retrial. He was released in late March of 2019, but then re-arrested again in September by the National Security Agency, convicted of "spreading fake news" and jailed for five years... Wikipedia describes Abd El-Fattah as an "Egyptian-British blogger, software developer and a political activist" who has been "active in developing Arabic-language versions of software and platforms." But this week an EFF blog post noticed that his released date had recently passed - and yet he was still in prison:It's been 28 days since September 29, the day that should have seen British-Egyptian blogger, coder, and activist Alaa Abd El Fattah walk free. Egyptian authorities refused to release him at the end of his sentence, in contradiction of the country's own Criminal Procedure Code, which requires that time served in pretrial detention count toward a prison sentence. [Human Rights Watch says Egyptian authorities are refusing to count more than two years of pretrial detention toward his time served. Amnesty International has also called for his release.] In the days since, Alaa's family has been able to secure meetings with high-level British officials, including Foreign Secretary David Lammy, but as of yet, the Egyptian government still has not released Alaa... Alaa deserves to finally return to his family, now in the UK, and to be reunited with his son, Khaled, who is now a teenager. We urge EFF supporters in the UK to write to their MP to place pressure on the UK's Labour government to use their power to push for Alaa's release. Last month the EFF wrote::Over 20 years ago Alaa began using his technical skills to connect coders and technologists in the Middle East to build online communities where people could share opinions and speak freely and privately. The role he played in using technology to amplify the messages of his fellow Egyptians - as well as his own participation in the uprising in Tahrir Square - made him a prominent global voice during the Arab Spring, and a target for the country's successive repressive regimes, which have used antiterrorism laws to silence critics by throwing them in jail and depriving them of due process and other basic human rights. Alaa is a symbol for the principle of free speech in a region of the world where speaking out for justice and human rights is dangerous and using the power of technology to build community is criminalized...Read more of this story at Slashdot.

It was originally created back in 2005 by Sun Microsystems for its proprietary Solaris Unix systems, "for troubleshooting kernel and application problems on production systems in real time," explains Wikipedia. "DTrace can be used to get a global overview of a running system, such as the amount of memory, CPU time, filesystem and network resources used by the active processes," explains its Wikipedia entry. But this week, Gentoo announced:The real, mythical DTrace comes to Gentoo! Need to dynamically trace your kernel or userspace programs, with rainbows, ponies, and unicorns - and all entirely safely and in production?! Gentoo is now ready for that! Just emerge dev-debug/dtrace and you're all set. All required kernel options are already enabled in the newest stable Gentoo distribution kernel... Documentation? Sure, there's lots of it. You can start with our DTrace wiki page, the DTrace for Linux page on GitHub, or the original documentation for Illumos. Enjoy! Thanks to Heraklit (Slashdot reader #29,346) for sharing the news.Read more of this story at Slashdot.

Bitwarden describes itself as an "open source password manager for business." But it also made a change its build requirement which led to an issue on the project's GitHub page titled "Desktop version 2024.10.0 is no longer free software." In the week that followed Bitwarden's official account on X.com promised a fix was coming. "It seems a packaging bug was misunderstood as something more, and the team plans to resolve it. Bitwarden remains committed to the open source licensing model in place for years, along with retaining a fully featured free version for individual users." And Thursday Bitwarden followed through with new changes to address the concerns. The Register reports the whole episode started because of a new build requirement added in a pull request a couple of weeks ago titled "Introduce SDK client."This SDK is required to compile the software from source - either the Bitwarden server or any of its client applications... [But the changed license had warned "You may not use this SDK to develop applications for use with software other than Bitwarden (including non-compatible implementations of Bitwarden) or to develop another SDK."] Phoronix picks up the story:The issue of this effectively not making the Bitwarden client free software was raised in this GitHub issue... Bitwarden founder and CTO Kyle Spearrin has commented on the ticket... "Being able to build the app as you are trying to do here is an issue we plan to resolve and is merely a bug." The ticket was subsequently locked and limited to collaborators. And Thursday it was Bitwarden founder and CTO Kyle Spearrin who again re-appeared in the Issue - first thanking the user who had highlighted the concerns. "We have made some adjustments to how the SDK code is organized and packaged to allow you to build and run the app with only GPL/OSI licenses included."The sdk-internal package references in the clients now come from a new sdk-internal repository, which follows the licensing model we have historically used for all of our clients (see LICENSE_FAQ.md for more info). The sdk-internal reference only uses GPL licenses at this time. If the reference were to include Bitwarden License code in the future, we will provide a way to produce multiple build variants of the client, similar to what we do with web vault client builds. The original sdk repository will be renamed to sdk-secrets, and retains its existing Bitwarden SDK License structure for our Secrets Manager business products. The sdk-secrets repository and packages will no longer be referenced from the client apps, since that code is not used there.Read more of this story at Slashdot.

An anonymous reader quotes a report from Reuters: Delta Air Lines on Friday sued cybersecurity firm CrowdStrike in a Georgia state court after a global outage in July caused mass flight cancellations, disrupted travel plans of 1.3 million customers and cost the carrier more than $500 million. Delta's lawsuit filed in Fulton County Superior Court called the faulty software update from CrowdStrike "catastrophic" and said the firm "forced untested and faulty updates to its customers, causing more than 8.5 million Microsoft Windows-based computers around the world to crash." [...] Delta, which has purchased CrowdStrike products since 2022, said the outage forced it to cancel 7,000 flights, impacting 1.3 million passengers over five days. "If CrowdStrike had tested the faulty update on even one computer before deployment, the computer would have crashed," Delta's lawsuit says. "Because the faulty update could not be removed remotely, CrowdStrike crippled Delta's business and created immense delays for Delta customers."Delta said that as part of its IT-planning and infrastructure, it has invested billions of dollars "in licensing and building some of the best technology solutions in the airline industry."Read more of this story at Slashdot.

Longtime Slashdot reader MattSparkes writes: NASA is working on plans to send another, much larger helicopter to Mars than Ingenuity. The "Chopper" craft would land itself after "screaming into" the planet's atmosphere at speed, before covering several kilometers a day while carrying scientific equipment. It would probably be the most graceful arrival on the red planet of any lander yet.Read more of this story at Slashdot.

According to the Wall Street Journal, Boeing is weighing the sale of its space division. "The plans, which are reportedly at an early stage, could involve Boeing offloading the Starliner spacecraft and its projects supporting the International Space Station," reports The Verge. From the report: Boeing is facing a series of predicaments, including a fraud charge over 737 Max plane crashes and Starliner issues that left two astronauts at the ISS for months. Just this week, a Boeing-made satellite for Intelsat stopped working and fell apart suddenly after suffering an "anomaly." "We're better off doing less and doing it better than doing more and not doing it well," Boeing CEO Kelly Ortberg said during an earnings call this week. "Clearly, our core of commercial airplanes and defense systems are going to stay with the Boeing Company for the long run. But there's probably some things on the fringe there that we can be more efficient with or that distract us from our main goal here." However, sources tell the WSJ that Boeing will likely continue to oversee the Space Launch System, which will eventually help bring NASA astronauts back to the Moon. It's also reportedly expected to hang onto its commercial and military satellite businesses.Read more of this story at Slashdot.

An anonymous reader quotes a report from TechCrunch: Ahead of the debut of Apple's private AI cloud next week, dubbed Private Cloud Compute, the technology giant says it will pay security researchers up to $1 million to find vulnerabilities that can compromise the security of its private AI cloud. In a post on Apple's security blog, the company said it would pay up to the maximum $1 million bounty to anyone who reports exploits capable of remotely running malicious code on its Private Cloud Compute servers. Apple said it would also award researchers up to $250,000 for privately reporting exploits capable of extracting users' sensitive information or the prompts that customers submit to the company's private cloud. Apple said it would "consider any security issue that has a significant impact" outside of a published category, including up to $150,000 for exploits capable of accessing sensitive user information from a privileged network position. "We award maximum amounts for vulnerabilities that compromise user data and inference request data outside the [private cloud compute] trust boundary," Apple said. You can learn more about Apple's Private Cloud Computer service in their blog post. Its source code and documentation is available here.Read more of this story at Slashdot.

Longtime Slashdot reader Baron_Yam writes: Memristors are the long-sought 4th fundamental circuit element. They promise analog computing capability in hardware, the ability to hold state without power, and to work with less power. A small cluster of them can replace a transistor using less space. Working and long term storage can blend together and neural networks can be implemented in hardware -- they are a game-changing innovation. Now, researchers are getting closer to putting these into production as they can now produce graphene-based memristors at wafer scale. "One of the key challenges in memristor development is device degradation, which graphene can help prevent," reports Phys.Org. "By blocking chemical pathways that degrade traditional electrodes, graphene could significantly extend the lifetime and reliability of these devices. Its remarkable transparency, transmitting 98% of light, also opens doors to advanced computing applications, particularly in AI and optoelectronics." The findings have been published in the journal ACS Advanced Electronic Materials.Read more of this story at Slashdot.

Apple was handed a victory today by a jury in Delware, which ruled that two of Masimo's smartwatches and chargers "willfully violated Apple's patent rights in smartwatch designs," according to Reuters. The reward? $250 in damages. 9to5Mac reports: Apple previously accused Masimo of using litigation to boost the launch of its own smartwatch product. In October 2022, Apple filed two patent infringement lawsuits against Masimo. The first lawsuit accused Masimo of copying the Apple Watch design. The second said that Masimo's technical features infringed on Apple patents covering technology used in the Apple Watch. Reuters reports: "Apple convinced a federal jury on Friday that health monitoring tech company Masimo's smartwatches infringe two of its design patents. The jury, in Delaware, agreed with Apple that Masimo's W1 and Freedom watches and chargers willfully violated Apple's patent rights in smartwatch designs, awarding the tech giant $250 in damages. Apple's attorneys told the court the 'ultimate purpose' of its lawsuit was to win an injunction against sales of Masimo's smartwatches after an infringement ruling." The jury, however, also determined that Masimo's smartwatches "did not infringe on Apple patents covering smartwatch inventions that the tech giant had accused Masimo of copying." The two companies continue to battle it out over patent infringements regarding the Apple Watch's blood oxygen sensor.Read more of this story at Slashdot.

Former Nvidia engineer Luke Durant, working with the Great Internet Mersenne Prime Search (GIMPS), recently discovered the largest known prime number: (2^136,279,841)-1 or M136279841 (where the number following the letter M represents the exponent). The achievement was detailed on Mersenne.org. Tom's Hardware reports: This is the largest prime number we've seen so far, with the last one, M82589933, being discovered six years prior. What makes this discovery particularly fascinating is that this is the first GIMPS discovery that used the power of data center GPUs. Mihai Preda was the first one to harness GPU muscle in 2017, says the GIMPS website, when he "wrote the GpuOwl program to test Mersenne numbers for primarilty, making his software available to all GIMPS users." When Luke joined GIMPS in 2023, they built the infrastructure needed to deploy Preda's software across several GPU servers available in the cloud. While it took a year of testing, Luke's efforts finally bore fruit when an A100 GPU in Dublin, Ireland gave the M136279841 result last October 11. This was then corroborated by an Nvidia H100 located in San Antonio, Texas, which confirmed its primality with the Lucas-Lehmer test.Read more of this story at Slashdot.

An anonymous reader quotes a report from InfoWorld: Select developers now are getting free access to JetBrains' WebStorm and Rider IDEs. The company on October 24 announced it has launched non-commercial licenses for its WebStorm JavaScript and TypeScript IDE and the Rider cross-platform .NET and game development IDE. As of now, developers using these IDEs for non-commercial purposes, such as open source project development or content creation, can use them for free. JetBrains views the move as expanding the availability of these IDEs to a broader swath of developer roles. More than two-thirds of developers code outside of work as a hobby and nearly 40% code for educational and learning purposes outside of work, the company said."Previously this year, JetBrains released other products under the same terms for non-commercial use, including RustRover, an IDE for Rust development, and Aqua, an IDE designed for test automation," notes InfoWorld. "JetBrains also provides community editions of IntelliJ and PyCharm, IDEs for Java and Python, respectively, which can be used to build proprietary and commercial software." JetBrains has an FAQ section with additional details about the change.Read more of this story at Slashdot.

The Browser Company is developing a new, much simpler browser distinct from Arc, which has proven too complex for mainstream adoption despite a strong following among power users. The Verge's David Pierce reports: Arc is not dying, [says CEO Josh Miller]. He says that over and over, in fact, even after I tell him the YouTube video the company just released sounds like the thing companies say right before they kill a product. It's just that Arc won't change much anymore. It'll get stability updates and bug fixes, and there's a team at The Browser Company dedicated to those. "In that sense," Miller says, "it feels like a complete-ish product." Most of the team's energy and time will now be dedicated to starting from scratch. "Arc was basically this front-end, tab management innovation," Miller says. "People loved it. It grew like a weed. Then it started getting slow and started crashing a lot, and we felt bad, and we had to learn how to make it fast. And we kind of lost sight, in some ways, of the fact that we've got to do the operating system part." The plan this time is to build not just a different interface for a browser, but a different kind of browser entirely -- one that is much more proactive, more powerful, more AI-centric, more in line with that original vision. Call it the iPhone of web browsers, or the "internet computer," or whatever other metaphor you like. The idea is to turn the browser into an app platform. Miller still wants to do it, and he wants to do it for everyone. What does that look like? Miller is a bit vague on the details. The new browser, which Miller intimates could launch as soon as the beginning of next year, is designed to come with no switching costs, which means among other things that it will have horizontal tabs and fewer ideas about organization. The idea is to "make the first 90 seconds effortless" in order to get more people to switch. And then, slowly, to reveal what this new browser can do.Read more of this story at Slashdot.

The Librarian of Congress has granted a DMCA exemption allowing independent repair of soft-serve machines, addressing the persistent issue of restricted repairs on McDonald's frequently malfunctioning machines. ExtremeTech reports: Section 1201 of the DMCA makes it illegal to bypass a digital lock protecting copyrighted work. That can be the DRM on a video file you download from iTunes, the carrier locks that prevent you from using a phone on other networks, or even the software running a McDonald's soft serve machine that refuses to accept third-party repairs. By locking down a product with DRM, companies can dictate when and how items are repaired under threat of legal consequences. This is an ongoing issue for people who want to fix all those busted ice cream machines. Earlier this year, iFixit and Public Knowledge submitted their request for an exemption that would have covered a wide swath of industrial equipment. The request included everything from building management software to the aforementioned ice cream machines. Unfortunately, the Copyright Office was unconvinced on some of these points. However, the Librarian of Congress must be just as sick as the rest of us to hear the ice cream machine is broken. The office granted an exception for "retail-level food preparation equipment." That means restaurant owners and independent repair professionals will be able to bypass the software locks that keep kitchen machinery offline until the "right" repair services get involved. This should lower prices and speed up repairs in such situations. Public Knowledge and iFixit express disappointment that the wider expansion was not granted, but they're still celebrating with some delicious puns (and probably ice cream). "There's nothing vanilla about this victory; an exemption for retail-level commercial food preparation equipment will spark a flurry of third-party repair activity and enable businesses to better serve their customers," said Meredith Rose, Senior Policy Counsel at Public Knowledge.Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: Earlier this year, we reported on the video game archivists asking for a legal DMCA exemption to share Internet-accessible emulated versions of their physical game collections with researchers. Today, the US Copyright Office announced once again that it was denying that request, forcing researchers to travel to far-flung collections for access to the often-rare physical copies of the games they're seeking. In announcing its decision, the Register of Copyrights for the Library of Congress sided with the Entertainment Software Association and others who argued that the proposed remote access could serve as a legal loophole for a free-to-access "online arcade" that could harm the market for classic gaming re-releases. This argument resonated with the Copyright Office despite a VGHF study that found 87 percent of those older game titles are currently out of print. "While proponents are correct that some older games will not have a reissue market, they concede there is a 'healthy' market for other reissued games and that the industry has been making 'greater concerted efforts' to reissue games," the Register writes in her decision. "Further, while the Register appreciates that proponents have suggested broad safeguards that could deter recreational uses of video games in some cases, she believes that such requirements are not specific enough to conclude that they would prevent market harms." A DMCA exemption for remote sharing already exists for non-video-game computer software that is merely "functional," as the Register notes. But the same fair use arguments that allow for that sharing don't apply to video games because they are "often highly expressive in nature," the Register writes. In an odd footnote, the Register also notes that emulation of classic game consoles, while not infringing in its own right, has been "historically associated with piracy," thus "rais[ing] a potential concern" for any emulated remote access to library game catalogs. That footnote paradoxically cites Video Game History Foundation (VGHF) founder and director Frank Cifaldi's 2016 Game Developers Conference talk on the demonization of emulation and its importance to video game preservation. "The moment I became the Joker is when someone in charge of copyright law watched my GDC talk about how it's wrong to associate emulation with piracy and their takeaway was 'emulation is associated with piracy,'" Cifaldi quipped in a social media post.Read more of this story at Slashdot.

Joe Biden's administration is investigating alleged Chinese efforts to hack US telecoms infrastructure amid reports hackers had targeted the phones of former president Donald Trump and his running mate JD Vance. Financial Times: The FBI and the Cybersecurity and Infrastructure Security Agency said they were investigating "unauthorised access to commercial telecommunications infrastructure by actors affiliated with the People's Republic of China." The statement followed a report in the New York Times that Chinese hackers had accessed US telecoms networks and targeted data on Trump and Vance's phones. The FBI declined to say if the hackers had targeted their phones. Steven Cheung, Trump's campaign spokesperson, blamed the alleged attack on Kamala Harris, the US vice-president and Democratic presidential nominee. But he declined to say if US authorities had informed the campaign about the hacking effort. Cheung said: "This is the continuation of election interference by Kamala Harris and Democrats who will stop at nothing, including emboldening China and Iran attacking critical American infrastructure, to prevent president Trump from returning to the White House. Their dangerous and violent rhetoric has given permission to those who wish to harm president Trump." Further reading:Chinese Hackers Targeted Trump and Vance's Phone Data (CNN); China Sought To Hack Trump, Vance and Campaign Phones, Officials Say (Washington Post); Chinese Hackers Targeted Phones of Trump, Vance, and Harris Campaign (Wall Street Journal); US Investigating Breach of Telecoms by China-Linked Hackers (Bloomberg); Trump, Vance Potential Targets in Broad China-Backed Hacking Operation (CBS News); Chinese Hackers Attempted To Breach Trump, Vance Cellphone Data: Report (Fox News); Chinese Hackers Believed To Have Targeted Trump, Vance Cellphones: Sources (ABC News); Chinese Hackers Targeted Cellphones Used by Trump, Vance (Associated Press).Read more of this story at Slashdot.

Climate scientists who were mocked and gaslighted after speaking up about their fears for the future have said acknowledging strong emotions is vital to their work. From a report: The researchers said these feelings should not be suppressed in an attempt to reach supposed objectivity. Seeing climate experts' fears and opinions about the climate crisis as irrelevant suggests science is separate from society and ultimately weakens it, they said. The researchers said they had been subject to ridicule by some scientists after taking part in a large Guardian survey of experts in May, during which they and many others expressed their feelings of extreme fear about future temperature rises and the world's failure to take sufficient action. They said they had been told they were not qualified to take part in this broad discussion of the climate crisis, were spreading doom and were not impartial. However, the researchers said that embracing their emotions was necessary to do good science and was a spur to working towards better ways of tackling the climate crisis and the rapidly increasing damage being done to the world. They also said that those dismissing their fears as doom-laden and alarmist were speaking frequently from a position of privilege in western countries, with little direct experience of the effects of the climate crisis.Read more of this story at Slashdot.

Anthropic's Claude chatbot can now write and run JavaScript code. TechCrunch: Today, Anthropic launched a new analysis tool that helps Claude respond with what the company describes as "mathematically precise and reproducible answers." With the tool enabled -- it's currently in preview -- Claude can perform calculations and analyze data from files like spreadsheets and PDFs, rendering the results as interactive visualizations. "Think of the analysis tool as a built-in code sandbox, where Claude can do complex math, analyze data, and iterate on different ideas before sharing an answer," Anthropic wrote in a blog post. "Instead of relying on abstract analysis alone, it can systematically process your data -- cleaning, exploring, and analyzing it step-by-step until it reaches the correct result." Anthropic gives a few examples of where this might be useful. For instance, a product manager could upload sales data and ask Claude for country-specific performance analysis, while an engineer could give Claude monthly financial data and have it create a dashboard highlighting key trends.Read more of this story at Slashdot.

The top U.S. consumer finance watchdog warned businesses about potential legal problems they could face from using new technology such as artificial intelligence or algorithmic scores to snoop on and evaluate their employees. From a report: The Consumer Financial Protection Bureau on Thursday said "invasive" new tools to monitor workers are governed by a law designed to ensure fairness in credit reporting, giving employees specific rights. Employees have the right to consent to the collection of personal information, to receive detailed information and to dispute inaccurate information, the CFPB said in the newly released guidance. "Workers shouldn't be subject to unchecked surveillance or have their careers determined by opaque third-party reports without basic protections," CFPB Director Rohit Chopra said. More companies are leaning on AI and other powerful tools throughout the employment process, using software that can, for example, interview candidates and surveillance tools that can look for unsafe behavior. Americans have expressed concerns about Big Brother-style surveillance while they are on the job.Read more of this story at Slashdot.

An anonymous reader shares a report: OpenAI says that it doesn't intend to release an AI model code-named Orion this year, countering recent reporting on the company's product roadmap. "We don't have plans to release a model code-named Orion this year," a spokesperson told TechCrunch via email. "We do plan to release a lot of other great technology." The Verge reported on Thursday that Orion, which is expected to be OpenAI's next frontier model, would launch by December, and that trusted partners would be the first to preview it ahead of a rollout through ChatGPT. According to The Verge, Microsoft, a close OpenAI collaborator and investor, expects to gain access to Orion as early as November.Read more of this story at Slashdot.

PayPal will begin sharing detailed customer purchase data, including clothing sizes and shopping preferences, with retailers for targeted advertising starting November 27, the payments company announced in a recent privacy update. The initiative affects PayPal's 391 million active consumer accounts worldwide. While customers can opt out through the app's settings, the GAO reports such opt-out rates typically remain below 7% across financial services.Read more of this story at Slashdot.

An anonymous reader shares a report: Drivers passing through San Francisco have a new roadside distraction to consider: billboards calling out businesses that don't cough up for the open source code that they use. The signs are the work of the Open Source Pledge -- a group that launched earlier this month. It asks businesses that make use of open source code to pledge $2,000 per developer to support projects that develop the code. So far, 25 companies have signed up -- but project co-founder Chad Whitacre wants bigger firms to pay their dues, too. Whitacre, whose day job is head of open source at app-monitoring biz Sentry, told The Register his employer has for three years operated a scheme to pay developers who maintain and upgrade open source code. "We do dollars per developer, the thinking being it's the developers and software engineers on the staff at a company who benefit the most from open source, who become more productive because of open source," he said. "I had one conversation with a representative from a larger firm and he's like: 'Chad, you're asking me to spend ten million on maintainers.'" Whitacre affirmed that request, and pointed out the firm "spends ten million on something anyway."Read more of this story at Slashdot.

Seven Spirals writes: A working paper [PDF], published by the National Bureau of Economic Research, studies the employment effects of a guaranteed income by providing $1,000 per month to 1,000 low-income participants for three years, compared to a control group receiving $50 per month. The results show a decrease in labor market participation by 2 percentage points and a reduction of 1.3-1.4 hours in weekly work hours. Most of the additional free time was spent on leisure, and there were no significant improvements in job quality or human capital investments. Overall, the guaranteed income led to a moderate reduction in labor supply without other substantial productive benefits.Read more of this story at Slashdot.

A government-controlled wallet that had been drained of $20 million on Thursday received most of its funds back Friday, adding another layer of mystery to transactions flagged by blockchain analysts as likely being connected to a high-profile theft. From a report: The pseudonymous blockchain sleuth ZachXBT had said in a tweet Thursday that the transfers resembled the playbook of a bad actor. Engaging with several decentralized finance protocols, the wallet had also tapped so-called instant exchanges after funds were moved across a series of transfers that "looked nefarious." About $19.3 million worth of funds had been returned to the wallet early Friday, per on-chain data collected by Arkham Intelligence, including Ethereum and the stablecoin USDC. Still, ZachXBT said in his Telegram community that funds transferred to exchanges had not yet been returned.Read more of this story at Slashdot.

Scientists from 15 countries warned in an open letter that the potential collapse of the Atlantic Ocean's main circulation system (AMOC) has been "greatly underestimated" and could have devastating global impacts, according to oceanographer Stefan Rahmstorf who spoke to The Guardian. The AMOC system, which moves heat through the northern Atlantic and influences weather patterns across Europe, has shown signs of weakening over the past 60-70 years due to global warming, with indicators including a persistent cold spot in the northern Atlantic and record-low salt levels in seawater. Rahmstorf, who heads the Earth system analysis department at Germany's Potsdam Institute for Climate Impact Research, estimates a 50% chance of the system reaching a critical tipping point this century, which could trigger severe consequences including regional cooling in northwestern Europe, shifting rainfall patterns, and rising sea levels.Read more of this story at Slashdot.

Microsoft is seeking to boost its video games business with the release of the latest instalment of the Call of Duty franchise on Friday, pushing to increase subscription revenues through the new game to offset falling Xbox console sales. Financial Times: Black Ops 6 is the first of the best-selling series to be launched on the tech giant's Game Pass subscription service. It represents the biggest test of the company's gaming strategy [non-paywalled link] since its $75bn deal to acquire Activision Blizzard -- makers of Call of Duty -- received sign-off from regulators last year. Microsoft hopes that the release will help achieve its target of reaching 110mn Game Pass subscribers by 2030, a substantial rise from 34mn in February this year. The company has shifted its focus towards its subscription games service as hardware sales have slowed in recent years. Xbox hardware revenue fell 13 per cent year-on-year in Microsoft's fiscal 2024, which ended in June. For the first time this year, subscribers to Game Pass, who can already access a growing library of Xbox titles for as long as they keep paying a monthly fee, will be able to access the latest Call of Duty without having to pay a traditional price of $70 or more for the packaged game. Microsoft is still making the game available to buy on PlayStation, after concerns from regulators during the Activision merger probe that it might make the title exclusive to its own platform.Read more of this story at Slashdot.

Four astronauts splashed down in the Gulf of Mexico on Friday after their record ISS mission stretched to eight months due to Boeing capsule malfunctions and hurricane disruptions. The SpaceX Dragon capsule landed off Florida's coast before dawn, carrying NASA astronauts Matthew Dominick, Michael Barratt, Jeanette Epps and Russian cosmonaut Alexander Grebenkin. Technical issues with Boeing's Starliner capsule in September, followed by Hurricane Milton and persistent rough seas, delayed their planned return by two months. The crew launched in March as part of NASA's commercial crew program. Their replacements include Boeing Starliner test pilots Butch Wilmore and Suni Williams, whose mission expanded from eight days to eight months, alongside two SpaceX-launched astronauts. The new crew will remain aboard the station until February.Read more of this story at Slashdot.

OFF Radio Krakow sparked controversy by replacing its journalists with AI-generated presenters in an experiment to attract younger audiences. CNN Business reports: Weeks after letting its journalists go, OFF Radio Krakow relaunched this week, with what it said was aoethe first experiment in Poland in which journalists ... are virtual characters created by AI." The station in the southern city of Krakow said its three avatars are designed to reach younger listeners by speaking about cultural, art and social issues including the concerns of LGBTQ+ people. "Is artificial intelligence more of an opportunity or a threat to media, radio and journalism? We will seek answers to this question," the station head, Marcin Pulit, wrote in a statement.Read more of this story at Slashdot.

An anonymous reader quotes a report from Reuters: The European Space Agency is in talks with SpaceX about the possibility of Elon Musk's space venture joining an international charter designed to reduce a growing swarm of debris in space, Director General Josef Aschbacher told Reuters. The 22-nation agency is spearheading one of several efforts to roll back the mass of space junk swirling round the planet from past missions that poses a risk to active satellites. Aschbacher said 110 countries or entities have joined ESA's Zero Debris charter, which aims to stop any new orbital garbage being generated by 2030. Asked whether SpaceX, whose satellites now make up some two thirds of spacecraft active in low Earth orbit, had signed up, Aschbacher said: "Not yet, but we are in discussion with them... This is a charter that keeps evolving and... we will keep raising the topics because they are so fundamental." [...] There are currently 18,897 pieces of trackable space junk in orbit, according to Jonathan McDowell, a Harvard astronomer who tracks such objects. Space debris and junk are often used interchangeably, but some consider space junk to include inactive payloads and rocket bodies as well as debris, or errant shards of broken satellites. There are no international laws on debris, but countries and space agencies have begun in recent years to devise proposals and national rules for tackling the problem.Read more of this story at Slashdot.

UnitedHealth Group said a ransomware attack in February resulted in more than 100 million individuals having their private health information stolen. The U.S. Department of Health and Human Services first reported the figure on Thursday. TechCrunch reports: The ransomware attack and data breach at Change Healthcare stands as the largest known digital theft of U.S. medical records, and one of the biggest data breaches in living history. The ramifications for the millions of Americans whose private medical information was irretrievably stolen are likely to be life lasting. UHG began notifying affected individuals in late July, which continued through October. The stolen data varies by individual, but Change previously confirmed that it includes personal information, such as names and addresses, dates of birth, phone numbers and email addresses, and government identity documents, including Social Security numbers, driver's license numbers, and passport numbers. The stolen health data includes diagnoses, medications, test results, imaging and care and treatment plans, and health insurance information -- as well as financial and banking information found in claims and payment data taken by the criminals. The cyberattack became public on February 21 when Change Healthcare pulled much of its network offline to contain the intruders, causing immediate outages across the U.S. healthcare sector that relied on Change for handling patient insurance and billing. UHG attributed the cyberattack to ALPHV/BlackCat, a Russian-speaking ransomware and extortion gang, which later took credit for the cyberattack. The ransomware gang's leaders later vanished after absconding with a $22 million ransom paid by the health insurance giant, stiffing the group's contractors who carried out the hacking of Change Healthcare out of their new financial windfall. The contractors took the data they stole from Change Healthcare and formed a new group, which extorted a second ransom from UHG, while publishing a portion of the stolen files online in the process to prove their threat. There is no evidence that the cybercriminals subsequently deleted the data. Other extortion gangs, including LockBit, have been shown to hoard stolen data, even after the victim pays and the criminals claim to have deleted the data. In paying the ransom, Change obtained a copy of the stolen dataset, allowing the company to identify and notify the affected individuals whose information was found in the data. Efforts by the U.S. government to catch the hackers behind ALPHV/BlackCat, one of the most prolific ransomware gangs today, have so far failed. The gang bounced back following a takedown operation in 2023 to seize the gang's dark web leak site. Months after the Change Healthcare breach, the U.S. State Department upped its reward for information on the whereabouts of the ALPHV/BlackCat cybercriminals to $10 million.Read more of this story at Slashdot.

An anonymous reader quotes a report from New Scientist: As the world emerged from the lockdowns of the covid-19 pandemic, many countries promised to rebuild their economies in a climate-friendly fashion, amid hopes the recovery effort could accelerate the global journey to net-zero emissions. In reality, the opposite has happened. Instead of a "green recovery," global greenhouse gas emissions are rising much faster now than they did in the decade preceding the global pandemic. Emissions rose 1.3 percent to 57.1 gigatons of carbon dioxide equivalent in 2023. That is a far faster annual rate of growth than during the decade 2010-2019, when emissions grew on average 0.8 percent per year. In fact, global greenhouse gas emissions are now just below the 59.1 gigatons peak recorded in 2019. All sources of greenhouse gas emissions except land use are rising, according to a report from the United Nations Global Environment Program (UNEP), as economies continued to rebound from covid-19. Emissions from road transport, leaks from oil and gas infrastructure such as pipelines and industrial emissions all grew rapidly in 2023, UNEP said, while aviation emissions grew 19.5 percent. Rising emissions means the world's opportunity to avert catastrophic climate change is shrinking, Inger Anderson at UNEP said in a statement. "Climate crunch time is here," she said. "I urge every nation: no more hot air, please."Read more of this story at Slashdot.

Starting next week, Google Photos will label when an image was edited with AI. The Verge reports: "Photos edited with tools like Magic Editor, Magic Eraser and Zoom Enhance already include metadata based on technical standards from The International Press Telecommunications Council (IPTC) to indicate that they've been edited using generative AI," John Fisher, engineering director of Google Photos, wrote in a blog post. "Now we're taking it a step further, making this information visible alongside information like the file name, location and backup status in the Photos app." The "AI info" section will be found in the image details view of Google Photos both on the web and in the app. These labels won't be limited strictly to generative AI, either. Google says it'll also specify when a "photo" contains elements from several different images -- such as when people use the Pixel's Best Take and Add Me features. [...] "This work is not done, and we'll continue gathering feedback and evaluating additional solutions to add more transparency around AI edits," Fisher wrote.Read more of this story at Slashdot.

The EU Court of Justice ruled in favor of Intel, dismissing the European Commission's appeal and ending a nearly two-decade-long case over allegations that Intel's rebates to computer makers were anticompetitive. Reuters reports: The European Commission had fined Intel for giving rebates to computer makers Dell, Hewlett-Packard and Lenovo for buying most of their chips from Intel, which regulators said was an attempt to block Advanced Micro Devices. Regulators generally oppose rebates offered by dominant companies because they fear they may be anticompetitive, while companies say enforcers must prove discounts have anticompetitive effects before companies are sanctioned. EU regulators had initially fined Intel 1.06 billion euros ($1.14 billion) but a lower tribunal scrapped that. Intel's case was boosted earlier this year when an adviser to the court said regulators had not properly performed an economic analysis.Read more of this story at Slashdot.

MojoKid writes: Intel has lifted the embargo on independent reviews of its new Core Ultra 200S series Arrow Lake-S processors, which mark a shift in its desktop CPU strategy with symmetrical core/thread counts (no Hyperthreading) and a dedicated 13 TOPS NPU. This series features a disaggregated tiled design for the first time in Intel's desktop chips, focusing on efficiency and power reduction. The Core Ultra 5 245, priced around $300, and the Ultra 9 285K at $589 deliver strong performance, particularly in creator workloads, competing well with AMD's Ryzen CPUs, while the Ultra 9 285K's price undercuts AMD's Ryzen 9 9950X significantly. While gaming performance shows slight regression in spots, the new chips are much more power-efficient than their predecessors. Overall, the platform offers leading-edge features, competitive pricing, and solid performance for creators, gamers and workstation pros.Read more of this story at Slashdot.

An anonymous reader quotes a report from TechCrunch: Smashing, a new app curating the best of the web from Goodreads co-founder Otis Chandler, is now available to the public. Like Goodreads, the app aims to create a community around content. But this time, instead of books, the focus is on web content -- like news articles, blog posts, social media posts, podcasts, and more. In addition, Smashing is introducing an AI Questions feature that allows you to engage with the content being shared in different ways, including by viewing a news story from different perspectives or asking the AI to poke holes in the story, among other things. By viewing different angles of a story, you can see how both the political left and right view the subject. Or, in the case of a company's stock, you might be presented with both the bull and bear case. There are a good handful of AI prompts available at launch, notes Chandler, and not all will make sense to use on every news story or piece of content. For instance, there's a silly "make it funny" prompt, and others that can simplify the story, display a timeline, or introduce "unconventional" takes that may involve thinking outside the box, helping you weigh ideas you hadn't considered yet. You can also ask your own questions, if you prefer. On the app, users are able to create multiple interest feeds to stay informed about the topics that matter to them, like politics, investing, parenting, health and wellness, and more, or even narrower interests like specific companies, sports teams, crypto, climate change, or other subtopics. The app also leverages AI to surface content from around the web and then match it to an individual reader based on what articles they tend to read, what subtopics they like, and what's already popular in the community, as determined by upvotes and downvotes. Combined, the signals tune Smashing to a user's particular interests. As part of the AI Questions feature, Smashing is also introducing AI-powered Story Overview pages, which offer grouped articles, blog posts, and social media posts all about the same story.Read more of this story at Slashdot.

Ahead of Georgia's parliamentary elections, Georgian authorities raided the homes of disinformation researchers Eto Buziashvili and Sopo Gelava, seizing personal devices. The Record: Eto Buziashvili and Sopo Gelava, both employees of the Atlantic Council think tank, had their homes searched and their own and their family members' personal devices seized by investigators working for the country's Ministry of Finance, according to friends of the pair who spoke to Recorded Future News. Both women are said to be safe, although there are concerns about the security of their devices and online accounts. The searches come a day after Buziashvili published an article detailing how the Kremlin was influencing Georgian politics by supporting the incumbent government and interfering in the upcoming elections. Local media reported that the offices of outsourcing company Concentrix and other Georgian citizens were also subject to searches. The Ministry of Finance claimed on Facebook it launched searches of "specific facilities" related to "call centers" alleged to be engaged in illegal activity. The investigations come ahead of an election that is being seen as a bellwether of the country's future direction, either pursuing closer ties to Russia under the current prime minister Irakli Kobakhidze or moving towards the West through opposition figures. Graham Brookie, the Atlantic Council's vice president for technology programs and strategy, said the organization "is deeply concerned about this development and its impact on our staff's work shortly before Georgian elections. [Gelava and Buziashvili] are engaged in independent, non-partisan work aimed at defending and strengthening democracy from those who would undermine it in online spaces, including research related to foreign influence efforts, the targeting of marginalized communities, and other online harms." "We trust that Georgian authorities will provide more clarity on their actions, ensure the safety and security of our staff, return their property, and allow them to continue their contributions to Georgian democracy."Read more of this story at Slashdot.

Amazon is shutting down its Amazon Today service, which provided same-day delivery from mall and brick-and-mortar retailers. The program will mostly wind down by December 2, 2024, with select partners fulfilling orders until January 2025. CNBC reports: A small amount of employees will be laid off and provided with severance, while others will be transitioned to other positions within Amazon, the company said. Employees who work on Amazon Today learned the news in a meeting on Monday, where some staffers were informed they would be laid off, the people said. Roughly 300 employees were working on Amazon Today, the people said. Amazon disputed the figure, saying there were approximately 175 employees in the unit. The closure of Amazon Today is the latest example of the company's broader cost-cutting efforts.Read more of this story at Slashdot.

Google is introducing a dark mode to the web version of Google Calendar and rolling out a "refreshed user interface." From a report: The new UI will include buttons, dialog boxes, and sidebars that are "more modern and accessible" with improved typefaces. The update started rolling out this week and soon it will be available to everyone, whether they're using a personal Gmail login or any sort of paid Google Workspace account. [...] Google says the updated calendar UI will also feature "iconography that is legible and crisp, with a fresh feel," using its "custom-designed and highly-legible typefaces" that bring it line with Google's Material Design 3 standards. The updates, including dark mode, will also apply to "the entire calendar web experience," including the task list view.Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: Back in May, Google augmented its Gemini AI model with SynthID, a toolkit that embeds AI-generated content with watermarks it says are "imperceptible to humans" but can be easily and reliably detected via an algorithm. Today, Google took that SynthID system open source, offering the same basic watermarking toolkit for free to developers and businesses. The move gives the entire AI industry an easy, seemingly robust way to silently mark content as artificially generated, which could be useful for detecting deepfakes and other damaging AI content before it goes out in the wild. But there are still some important limitations that may prevent AI watermarking from becoming a de facto standard across the AI industry any time soon. Google uses a version of SynthID to watermark audio, video, and images generated by its multimodal AI systems, with differing techniques that are explained briefly in this video. But in a new paper published in Nature, Google researchers go into detail on how the SynthID process embeds an unseen watermark in the text-based output of its Gemini model. The core of the text watermarking process is a sampling algorithm inserted into an LLM's usual token-generation loop (the loop picks the next word in a sequence based on the model's complex set of weighted links to the words that came before it). Using a random seed generated from a key provided by Google, that sampling algorithm increases the correlational likelihood that certain tokens will be chosen in the generative process. A scoring function can then measure that average correlation across any text to determine the likelihood that the text was generated by the watermarked LLM (a threshold value can be used to give a binary yes/no answer).Read more of this story at Slashdot.

The White House is directing the Pentagon and intelligence agencies to increase their adoption of AI, expanding the Biden administration's efforts to curb technological competition from China and other adversaries. From a report: The edict is part of a landmark national security memorandum published Thursday. It aims to make government agencies step up experiments and deployments of AI. The memo also bans agencies from using the technology in ways that "do not align with democratic values," according to a White House news release. "This is our nation's first ever strategy for harnessing the power and managing the risks of AI to advance our national security," national security adviser Jake Sullivan said in a speech Thursday. Sullivan called the speed of change in AI "breathtaking" and said it had the potential to affect fields ranging from nuclear physics to rocketry and stealth technology. The White House believes that providing clear rules for using AI will make it easier for government agencies to use the technology, according to a briefing with senior administration officials who spoke on the condition of anonymity to discuss details of the report before its publication.Read more of this story at Slashdot.

Cable companies, advertising firms, and newspapers are asking courts to block a federal "click-to-cancel" rule that would force businesses to make it easier for consumers to cancel services. From a report: Lawsuits were filed yesterday, about a week after the Federal Trade Commission approved a rule that "requires sellers to provide consumers with simple cancellation mechanisms to immediately halt all recurring charges." Cable lobby group NCTA-The Internet & Television Association and the Interactive Advertising Bureau trade group sued the FTC in the conservative US Court of Appeals for the 5th Circuit. The lawsuit claims the 5th Circuit is a proper venue because a third plaintiff, the Electronic Security Association, has its principal offices in Dallas. That group represents security companies such as ADT.Read more of this story at Slashdot.

whitroth writes: People here and elsewhere have been yelling for more nuclear power, and that renewables can't meet demand. Surprise -- the corporations are betting on them, and massive numbers of batteries can be produced a lot faster than nuclear plants can be built. The Guardian adds: Faced with worsening climate-driven disasters and an electricity grid increasingly supplied by intermittent renewables, the US is rapidly installing huge batteries that are already starting to help prevent power blackouts. From barely anything just a few years ago, the US is now adding utility-scale batteries at a dizzying pace, having installed more than 20 gigawatts of battery capacity to the electric grid, with 5GW of this occurring just in the first seven months of this year, according to the federal Energy Information Administration (EIA). This means that battery storage equivalent to the output of 20 nuclear reactors has been bolted on to America's electric grids in barely four years, with the EIA predicting this capacity could double again to 40GW by 2025 if further planned expansions occur. California and Texas, which both saw all-time highs in battery-discharged grid power this month, are leading the way in this growth, with hulking batteries helping manage the large amount of clean yet intermittent solar and wind energy these states have added in recent years.Read more of this story at Slashdot.

theodp writes: "Computer science education is a necessity for all students," argues tech-backed nonprofit Code.org in its newly-published 2024 State of Computer Science Education (Understanding Our National Imperative) report. "Students of all identities and chosen career paths need quality computer science education to become informed citizens and confident creators of content and digital tools." In the 200-page report, Code.org pays special attention to participation in "foundational computer science courses" in high school. "Across the country, 60% of public high schools offer at least one foundational computer science course," laments Code.org (curiously promoting a metric that ignores school size which nonetheless was embraced by Education Week and others). "A course that teaches foundational computer science includes a minimum amount of time applying learned concepts through programming (at least 20 hours of programming/coding for grades 9-12 high schools)," Code.org explains in a separate 13-page Defining Foundational Computer Science document. Interestingly, Code.org argues that Data and Informatics courses -- in which "students may use Oracle WebDB, SQL, PL/SQL, SPSS, and SAS" to learn "the K-12 CS Framework concepts about data and analytics" -- do not count, because "the course content focuses on querying using a scripting language rather than creating programs [the IEEE's Top Programming Languages 2024 begs to differ]." Code.org similarly dissed the use of the Wolfram Language for broad educational use back in 2016. With its insistence on the importance of kids taking Code.org-defined 'programming' courses in K-12 to promote computational thinking, it's probably no surprise to see that the data behind the 2024 State of Computer Science Education report was prepared using Python (the IEEE's top programming language) and presented to the public in a Jupyter notebook. Just kidding. Ironically, the data behind the 2024 State of Computer Science Education analysis is prepared and presented by Code.org in a no-code Tableau workbook.Read more of this story at Slashdot.

penciling_in writes: Pat Kane, Senior VP at Verisign, reports that on October 20th, ICANN and Verisign renewed the agreement under which Verisign will continue to act as Root Zone Maintainer for the Domain Name System (DNS) for another 8-year term. "The Root Zone sits atop the hierarchical architecture of the DNS and is essential to virtually all internet navigation, acting as the dynamic, cryptographically secure, global directory of all top-level domains that exist in the DNS. The Root Zone Maintainer is a unique role that ensures the cryptographic signing and publication of the Root Zone no less than once a day, without which, navigation on the internet would be impossible," the story adds.Read more of this story at Slashdot.

The chief scientist of the Asia Pacific Network Information Center has a theory about why the world hasn't moved to IPv6. From a report: In a lengthy post to the center's blog, Geoff Huston recounts that the main reason for the development of IPv6 was a fear the world would run out of IP addresses, hampering the growth of the internet. But IPv6 represented evolution -- not revolution. "The bottom line was that IPv6 did not offer any new functionality that was not already present in IPv4. It did not introduce any significant changes to the operation of IP. It was just IP, with larger addresses," Huston wrote. IPv6's designers assumed that the protocol would take off because demand for IPv4 was soaring. But in the years after IPv6 debuted, Huston observes, "There was no need to give the transition much thought." Internetworking wonks assumed applications, hosts, and networks would become dual stack and support IPv6 alongside IPv4, before phasing out the latter. But then mobile internet usage exploded, and network operators had to scale to meet unprecedented demand created by devices like the iPhone. "We could either concentrate our resources on meeting the incessant demands of scaling, or we could work on IPv6 deployment," Huston wrote.Read more of this story at Slashdot.

Ireland's data-protection watchdog fined LinkedIn 310 million euros ($334.3 million), saying the Microsoft-owned career platform's personal-data processing breached strict European Union data-privacy and security legislation. From a report: The Irish Data Protection Commission in 2018 launched a probe into LinkedIn's processing of users' personal data for behavioral analysis and targeted advertising after its French equivalent flagged a complaint it received from a non-profit organization. Irish officials raised concerns on the lawfulness, fairness and transparency of the practice, saying Thursday that LinkedIn was in breach of the EU's General Data Protection Regulation. "The lawfulness of processing is a fundamental aspect of data protection law and the processing of personal data without an appropriate legal basis is a clear and serious violation of a data subjects' fundamental right to data protection," said Graham Doyle, deputy commissioner at the Irish Data Protection Commission. In their decision, Irish officials said LinkedIn wasn't sufficiently informing users when seeking their consent to process third-party data for behavioral analysis and targeted advertising and ordered the platform to bring its processing into compliance.Read more of this story at Slashdot.