An anonymous reader quotes a report from ZDNet: According to a new statement, the White House realizes open source is key to artificial intelligence (AI) development -- much like many businesses using the technology. On Tuesday, the National Telecommunications and Information Administration (NTIA) issued a report supporting open-source and open models to promote innovation in AI while emphasizing the need for vigilant risk monitoring. The report recommends that the US continue to support AI openness while working on new capabilities to monitor potential AI risks but refrain from restricting the availability of open model weights.Read more of this story at Slashdot.
Meta will pay Texas $1.4 billion to settle a lawsuit alleging the company used personal biometric data without user consent, marking the largest privacy-related settlement ever obtained by a state. The Texas Tribune reports: The 2022 lawsuit, filed by Texas Attorney General Ken Paxton in state court, alleged that Meta had been using facial recognition software on photos uploaded to Facebook without Texans' consent. The settlement will be paid over five years. The attorney general's office did not say whether the money from the settlement would go into the state's general fund or if it would be distributed in some other way. The settlement, announced Tuesday, does not act as an admission of guilt and Meta maintains no wrongdoing. This was the first lawsuit Paxton's office argued under a 2009 state law that protects Texans' biometric data, like fingerprints and facial scans. The law requires businesses to inform and get consent from individuals before collecting such data. It also limits sharing this data, except in certain cases like helping law enforcement or completing financial transactions. Businesses must protect this data and destroy it within a year after it's no longer needed. In 2011, Meta introduced a feature known as Tag Suggestions to make it easier for users to tag people in their photos. According to Paxton's office, the feature was turned on by default and ran facial recognition on users' photos, automatically capturing data protected by the 2009 law. That system was discontinued in 2021, with Meta saying it deleted over 1 billion people's individual facial recognition data. As part of the settlement, Meta must notify the attorney general's office of anticipated or ongoing activities that may fall under the state's biometric data laws. If Texas objects, the parties have 60 days to attempt to resolve the issue. Meta officials said the settlement will make it easier for the company to discuss the implications and requirements of the state's biometric data laws with the attorney general's office, adding that data protection and privacy are core priorities for the firm.Read more of this story at Slashdot.
"A Fortune 50 company paid a record-breaking $75 million ransom payment to the Dark Angels ransomware gang," writes BleepingComputer's Lawrence Abrams, citing a report (PDF) by Zscaler ThreatLabz. From the report: The largest known ransom payment was previously $40 million, which insurance giant CNA paid after suffering an Evil Corp ransomware attack. While Zscaler did not share what company paid the $75 million ransom, they mentioned the company was in the Fortune 50 and the attack occurred in early 2024. One Fortune 50 company that suffered a cyberattack in February 2024 is pharmaceutical giant Cencora, ranked #10 on the list. No ransomware gang ever claimed responsibility for the attack, potentially indicating that a ransom was paid. Zscaler ThreatLabz says that Dark Angels utilizes the "Big Game Hunting" strategy, which is to target only a few high-value companies in the hopes of massive payouts rather than many companies at once for numerous but smaller ransom payments. "The Dark Angels group employs a highly targeted approach, typically attacking a single large company at a time," explains the Zscaler ThreatLabz researchers. "This is in stark contrast to most ransomware groups, which target victims indiscriminately and outsource most of the attack to affiliate networks of initial access brokers and penetration testing teams." According to Chainalysis, the Big Game Hunting tactic has become a dominant trend utilized by numerous ransomware gangs over the past few years.Read more of this story at Slashdot.
According to new report, password manager Dashlane has seen a 400 percent increase in passkey authentications since the beginning of the year, "with 1 in 5 active Dashlane users now having at least one passkey in their Dashlane vault," reports The Verge. From the report: Over 100 sites now offer passkey support, though Dashlane says the top 20 most popular apps account for 52 percent of passkey authentications. When split into industry sectors, e-commerce (which includes eBay, Amazon, and Target) made up the largest share of passkey authentications at 42 percent. So-called "sticky apps" -- meaning those used on a frequent basis, such as social media, e-commerce, and finance or payment sites -- saw the fastest passkey adoption between April and June of this year. Other domains show surprising growth, though -- while Roblox is the only gaming category entry within the top 20 apps, its passkey adoption is outperforming giant platforms like Facebook, X, and Adobe, for example. Dashlane's report also found that passkey usage increased successful sign-ins by 70 percent compared to traditional passwords.Read more of this story at Slashdot.
An anonymous reader quotes a report from CNBC: Perplexity AI on Tuesday debuted a revenue-sharing model for publishers after more than a month of plagiarism accusations. Media outlets and content platforms including Fortune, Time, Entrepreneur, The Texas Tribune, Der Spiegel and WordPress.com are the first to join the company's "Publishers Program." The announcement follows an onslaught of controversy in June, when Forbes said it found a plagiarized version of its paywalled original reporting within Perplexity AI's Pages tool, with no reference to the media outlet besides a small "F" logo at the bottom of the page. Weeks later, Wired said it also found evidence of Perplexity plagiarizing Wired stories, and reported that an IP address "almost certainly linked to Perplexity and not listed in its public IP range" visited its parent company's websites more than 800 times in a three-month span. Under the new partner program, any time a user asks a question and Perplexity generates advertising revenue from citing one of the publisher's articles in its answer, Perplexity will share a flat percentage of that revenue. That percentage counts on a per-article basis, Dmitry Shevelenko, Perplexity's chief business officer, told CNBC in an interview -- meaning that if three articles from one publisher were used in one answer, the partner would receive "triple the revenue share." Shevelenko confirmed that the flat rate is a double-digit percentage but declined to provide specifics. Shevelenko told CNBC that more than a dozen publishers, including "major newspaper dailies and companies that own them," had reached out with interest less than two hours after the program debuted. The company's goal, he said, is to have 30 publishers enrolled by the end of the year, and Perplexity is looking to partner with some of the publishers' ad sales teams so they can sell ads "against all Perplexity inventory." "When Perplexity earns revenue from an interaction where a publisher's content is referenced, that publisher will also earn a share," Perplexity wrote in a blog post, adding that the company will offer publishers API credits and also work with ScalePost.ai to provide analytics to provide "deeper insights into how Perplexity cites their content." Shevelenko told CNBC that Perplexity began engaging with publishers in January and solidified ideas for how its revenue-sharing program would work later in the first quarter of 2024. He said five Perplexity employees were dedicated to working on the program. "Some of it grew out of conversations we were having with publishers about integrating Perplexity APIs and technology into their products," Shevelenko said.Read more of this story at Slashdot.
California's DMV has digitized 42 million car titles using blockchain technology to detect fraud and streamline the title transfer process, enabling residents to claim vehicle titles through a mobile app -- the first such initiative in the U.S. The project is a collaboration with tech company Oxhead Alpha on Ava Labs' Avalanche blockchain. Reuters reports: Digitizing car titles will reduce the need for in-person DMV visits and the blockchain technology will also function as a deterrent against lien fraud.Blockchain technology can help detect lien fraud by creating a transparent and unalterable record of property ownership, making it difficult for fraudulent activity to go unnoticed. California residents will be able to access their digital car titles starting early next year as the DMV builds out the app and infrastructure for consumer access.Read more of this story at Slashdot.
Thomas Claburn reports via The Register: Meta's machine-learning model for detecting prompt injection attacks -- special prompts to make neural networks behave inappropriately -- is itself vulnerable to, you guessed it, prompt injection attacks. Prompt-Guard-86M, introduced by Meta last week in conjunction with its Llama 3.1 generative model, is intended "to help developers detect and respond to prompt injection and jailbreak inputs," the social network giant said. Large language models (LLMs) are trained with massive amounts of text and other data, and may parrot it on demand, which isn't ideal if the material is dangerous, dubious, or includes personal info. So makers of AI models build filtering mechanisms called "guardrails" to catch queries and responses that may cause harm, such as those revealing sensitive training data on demand, for example. Those using AI models have made it a sport to circumvent guardrails using prompt injection -- inputs designed to make an LLM ignore its internal system prompts that guide its output -- or jailbreaks -- input designed to make a model ignore safeguards. [...] It turns out Meta's Prompt-Guard-86M classifier model can be asked to "Ignore previous instructions" if you just add spaces between the letters and omit punctuation. Aman Priyanshu, a bug hunter with enterprise AI application security shop Robust Intelligence, recently found the safety bypass when analyzing the embedding weight differences between Meta's Prompt-Guard-86M model and Redmond's base model, microsoft/mdeberta-v3-base. "The bypass involves inserting character-wise spaces between all English alphabet characters in a given prompt," explained Priyanshu in a GitHub Issues post submitted to the Prompt-Guard repo on Thursday. "This simple transformation effectively renders the classifier unable to detect potentially harmful content." "Whatever nasty question you'd like to ask right, all you have to do is remove punctuation and add spaces between every letter," Hyrum Anderson, CTO at Robust Intelligence, told The Register. "It's very simple and it works. And not just a little bit. It went from something like less than 3 percent to nearly a 100 percent attack success rate."Read more of this story at Slashdot.
An anonymous reader quotes a report from The Verge: The Senate passed the Kids Online Safety Act (KOSA) and the Children and Teens' Online Privacy Protection Act (also known as COPPA 2.0), the first major internet bills meant to protect children to reach that milestone in two decades. A legislative vehicle that included both KOSA and COPPA 2.0 passed 91-3. Senate Majority Leader Chuck Schumer (D-NY) called it "a momentous day" in a speech ahead of the vote, saying that "the Senate keeps its promise to every parent who's lost a child because of the risks of social media." He called for the House to pass the bills "as soon as they can." KOSA is a landmark piece of legislation that a persistent group of parent advocates played a key role in pushing forward -- meeting with lawmakers, showing up at hearings with tech CEOs, and bringing along photos of their children, who, in many cases, died by suicide after experiencing cyberbullying or other harms from social media. These parents say that a bill like KOSA could have saved their own children from suffering and hope it will do the same for other children. The bill works by creating a duty of care for online platforms that are used by minors, requiring they take "reasonable" measures in how they design their products to mitigate a list of harms, including online bullying, sexual exploitation, drug promotion, and eating disorders. It specifies that the bill doesn't prevent platforms from letting minors search for any specific content or providing resources to mitigate any of the listed harms, "including evidence-informed information and clinical resources." The legislation faces significant opposition from digital rights, free speech, and LGBTQ+ advocates who fear it could lead to censorship and privacy issues. Critics argue that the duty of care may result in aggressive content filtering and mandatory age verification, potentially blocking important educational and lifesaving content. The bill may also face legal challenges from tech platforms citing First Amendment violations.Read more of this story at Slashdot.
AmiMoJo writes: Wind turbines and solar panels have overtaken fossil fuels to generate 30% of the European Union's electricity in the first half of the year, a report has found. Power generation from burning coal, oil and gas fell 17% in the first six months of 2024 compared with the same period the year before, according to climate thinktank Ember. It found the continued shift away from polluting fuels has led to a one-third drop in the sector's emissions since the first half of 2022. Chris Rosslowe, an analyst at Ember, said the rise of wind and solar was narrowing the role of fossil fuels. "We are witnessing a historic shift in the power sector, and it is happening rapidly." The report found EU power plants burned 24% less coal and 14% less gas from the first half of 2023 to the first half of 2024. The shift comes despite a small uptick in electricity demand that has followed two years of decline linked to the pandemic and Ukraine war.Read more of this story at Slashdot.
Microsoft has revealed that the global computer outage caused by a faulty CrowdStrike software update, which impacted numerous major corporations, affected far more devices than initially reported, with the tech giant stating that the previously announced figure of 8.5 million affected Windows machines represents only a "subset" of the total impact. Microsoft has refrained from providing a revised estimate of the full scope of the disruption. The revelation comes as the technology sector continues to grapple with the fallout from the incident, which occurred 10 days ago and led to widespread disruptions across various industries, prompting Microsoft to face criticism despite the root cause being traced back to a third-party cybersecurity provider's error. Microsoft clarified that the initial 8.5 million figure was derived solely from devices with enabled crash reporting features, suggesting that the true extent of the outage could be substantially higher, given that many systems do not have this optional feature activated. Further reading: Delta Seeks Damages From CrowdStrike, Microsoft After Outage.Read more of this story at Slashdot.
Logitech, the Swiss-American computer peripherals manufacturer, is considering the development of a long-lasting mouse that could potentially serve customers "forever," according to CEO Hanneke Faber. In a recent interview, Faber revealed that the company's innovation center has presented her with a prototype of such a device. The concept mouse, described as slightly heavier than standard models, would rely on software updates and services to maintain its functionality over time. Faber likened it to a quality watch that doesn't require frequent replacement.Read more of this story at Slashdot.
Goals to stop the decline of nature and clean up the air and water in England are slipping out of reach, a new report has warned. From a report: An audit of the Environmental Improvement Plan (EIP), which is the mechanism by which the government's legally binding targets for improving nature should be met, has found that plans for thriving plants and wildlife and clean air are deteriorating. This plan was supposed to replace the EU-derived environmental regulations the UK used until the Environment Act was passed in 2021 after Brexit. The report found that there was no data to measure many of the metrics such as habitat creation for wildlife and the status of sites of special scientific interest. It also highlighted that the government was off track to meet its woodland creation targets, and that water leakage from pipes had in fact increased since the targets were set. The Labour party announced on Tuesday that it would overhaul these goals. The environment secretary, Steve Reed, said the government would lay out detailed delivery plans for each target, such as tree planting and air quality, working with environment groups to do so.Read more of this story at Slashdot.
Russian lawmakers passed a bill on Tuesday that will allow businesses to use crypto currencies in international trade, as part of efforts to skirt Western sanctions imposed after Russia's invasion of Ukraine. From a report: The law is expected to go into force in September, and Russian central bank Governor Elvira Nabiullina, one of the backers of the new law, said the first transactions in cryptocurrencies will take place before the end of the year. Russia has faced significant delays in international payments with major trading partners such as China, India and the United Arab Emirates after banks in those countries, under pressure from Western regulators, became more cautious. "We are taking a historic decision in the financial sphere," the head of the Duma lower house of parliament, Anatoly Aksakov, told lawmakers. Under the new law, the central bank will create a new "experimental" infrastructure for cryptocurrency payments. Details of the infrastructure have yet to be announced.Read more of this story at Slashdot.
Spain's competition watchdog said Tuesday it had slapped online travel agency Booking.com with a record $446.7 million fine for "abusing its dominant position" during the past five years. From a report: "These practices have affected hotels located in Spain and other online travel agencies that compete with the platform. Its terms and conditions create an inequitable imbalance in the commercial relationship with hotels located in Spain," the CNMC said in a statement. "By better positioning hotels with more bookings on Booking.com, other online agencies have been prevented from entering the market or expanding," it added. This is the largest fine ever imposed by the CNMC, a spokeswoman for the authority told AFP. The CNMC said Booking.com's market share in Spain, the world's second most visited country after France, during the period under investigation was between 70 percent and 90 percent. Booking.com, whose parent company Booking Holdings is headquartered in the United States, is a dominant player with a market share in Europe of more than 60 percent. In May, the European Union added the travel agency to its list of digital companies big enough to fall under tougher competition rules, giving the firm six months to prepare for compliance with the landmark Digital Markets Act (DMA).Read more of this story at Slashdot.
HealthEquity is notifying 4.3 million people following a March data breach that affects their personal and protected health information. From a report: In its data breach notice, filed with Maine's attorney general, the Utah-based healthcare benefits administrator said that although the compromised data varies by person, it largely consists of sign-up information for accounts and information about benefits that the company administers. HealthEquity said the data may include customer names, addresses, phone numbers, their Social Security number, information about the person's employer and the person's dependent (if any), and some payment card information. HealthEquity provides employees at companies across the United States access to workplace benefits, like health savings accounts and commuter options for public transit and parking. At its February earnings, HealthEquity said it had more than 15 million total customer accounts.Read more of this story at Slashdot.
Amazon is responsible for hazardous products sold by third-party sellers on its platform under the federal safety law and bears legal responsibility for their recall, the U.S. consumer protection authority said on Tuesday. From a report: The Consumer Product Safety Commission (CPSC) said it has issued an order for the e-commerce giant to propose remediation plans to notify consumers about these products and to remove them from consumers' homes by encouraging returns or destruction. More than 400,000 products are subject to this order, the CPSC said, noting in particular faulty carbon monoxide detectors, hairdryers without electrocution protection, and children's sleepwear that violated flammability standards. The CPSC has determined that Amazon was a "distributor" of such defective products as they are listed on its website, even though they are sold by third-party sellers under the "Fulfilled by Amazon" program.Read more of this story at Slashdot.
An anonymous reader shares a report: Once upon a time, the vulture was an abundant and ubiquitous bird in India. The scavenging birds hovered over sprawling landfills, looking for cattle carcasses. Sometimes they would alarm pilots by getting sucked into jet engines during airport take-offs. But more than two decades ago, India's vultures began dying because of a drug used to treat sick cows. By the mid-1990s, the 50 million-strong vulture population had plummeted to near zero because of diclofenac, a cheap non-steroidal painkiller for cattle that is fatal to vultures. Birds that fed on carcasses of livestock treated with the drug suffered from kidney failure and died. Since the 2006 ban on veterinary use of diclofenac, the decline has slowed in some areas, but at least three species have suffered long-term losses of 91-98%, according to the latest State of India's Birds report. And that's not all, according to a new peer-reviewed study. The unintentional decimation of these heavy, scavenging birds allowed deadly bacteria and infections to proliferate, leading to the deaths of about half a million people over five years, says the study [PDF] published in the American Economic Association journal. "Vultures are considered nature's sanitation service because of the important role they play in removing dead animals that contain bacteria and pathogens from our environment - without them, disease can spread," says the study's co-author, Eyal Frank, an assistant professor at University of Chicago's Harris School of Public Policy. "Understanding the role vultures play in human health underscores the importance of protecting wildlife, and not just the cute and cuddly. They all have a job to do in our ecosystems that impacts our lives."Read more of this story at Slashdot.
Microsoft is calling on Congress to pass a comprehensive law to crack down on images and audio created with AI -- known as deepfakes -- that aim to interfere in elections or maliciously target individuals. From a report: Noting that the tech sector and nonprofit groups have taken steps to address the problem, Microsoft President Brad Smith on Tuesday said, "It has become apparent that our laws will also need to evolve to combat deepfake fraud." He urged lawmakers to pass a "deepfake fraud statute to prevent cybercriminals from using this technology to steal from everyday Americans." The company also is pushing for Congress to label AI-generated content as synthetic and for federal and state laws that penalize the creation and distribution of sexually exploitive deepfakes. The goal, Smith said, is to safeguard elections, thwart scams and protect women and children from online abuses. Congress is currently mulling several proposed bills that would regulate the distribution of deepfakes.Read more of this story at Slashdot.
apcyberax shares a report: Microsoft is investigating an ongoing and widespread outage blocking access to some Microsoft 365 and Azure services. "We're currently investigating access issues and degraded performance with multiple Microsoft 365 services and features. More information can be found under MO842351 in the admin center," Redmond said. However, many users report having issues connecting to the Microsoft 365 admin center and opening the Service Health Status page, which should provide real-time information on issues impacting Microsoft Azure and the Microsoft 365/Power Platform admin centers. For the moment, the company says this incident is only affecting users in Europe and only a subset of its services.Read more of this story at Slashdot.
The World Wide Web Consortium (W3C) has expressed disappointment with Google's decision to retain third-party cookies, stating it undermines collaborative efforts. Google's reversal follows a five-year initiative to develop privacy-focused ad technology. While some advertising industry representatives welcomed the move, the W3C's criticism highlights the ongoing debate over online privacy and advertising practices. W3C writes: Third-party cookies are not good for the web. They enable tracking, which involves following your activity across multiple websites. They can be helpful for use cases like login and single sign-on, or putting shopping choices into a cart -- but they can also be used to invisibly track your browsing activity across sites for surveillance or ad-targeting purposes. This hidden personal data collection hurts everyone's privacy. We aren't the only ones who are worried. The updated RFC that defines cookies says that third-party cookies have "inherent privacy issues" and that therefore web "resources cannot rely upon third-party cookies being treated consistently by user agents for the foreseeable future." We agree. Furthermore, tracking and subsequent data collection and brokerage can support micro-targeting of political messages, which can have a detrimental impact on society, as identified by Privacy International and other organizations. Regulatory authorities, such as the UK's Information Commissioner's Office, have also called for the blocking of third-party cookies. The job of the TAG as stewards of the architecture of the web has us looking at the big picture (the whole web platform) and the details (proposed features and specs). We try to provide guidance to spec authors so that their new technologies fill holes that need to be filled, don't conflict with other parts of the web, and don't set us up for avoidable trouble in the future. We've been working with Chrome's Privacy Sandbox team (as well as others in the W3C community) for several years, trying to help them create better approaches for the things that third-party cookies do. While we haven't always agreed with the Privacy Sandbox team, we have made substantial progress together. This announcement came out of the blue, and undermines a lot of the work we've done together to make the web work without third-party cookies. The unfortunate climb-down will also have secondary effects, as it is likely to delay cross-browser work on effective alternatives to third-party cookies. We fear it will have an overall detrimental impact on the cause of improving privacy on the web. We sincerely hope that Google reverses this decision and re-commits to a path towards removal of third-party cookies.Read more of this story at Slashdot.
An anonymous reader quotes a report from CNBC: Delta Air Lines has hired prominent attorney David Boies to seek damages from CrowdStrike and Microsoft following an outage this month that caused millions of computers to crash, leading to thousands of flight cancellations. CrowdStrike shares fell as much as 5% in extended trading on Monday after CNBC's Phil Lebeau reported on Delta's hiring of Boies, chairman of Boies Schiller Flexner. Microsoft was little changed. [...] While no suit has been filed, Delta plans to seek compensation from Microsoft and CrowdStrike, Lebeau reported. The outages cost Delta an estimated $350 million to $500 million. Delta is dealing with over 176,000 refund or reimbursement requests after almost 7,000 flights were canceled. Boies is known for representing the U.S. government in its landmark antitrust case against Microsoft and for helping win a decision that overturned California's ban on gay marriage. He also worked with Harvey Weinstein, the imprisoned former Hollywood mogul, and Theranos founder Elizabeth Holmes, who is currently serving a prison sentence for defrauding investors. Insurance startup Parametrix estimated that the CrowdStrike incident resulted in a total loss of $5.4 billion for Fortune 500 companies, not including Microsoft.Read more of this story at Slashdot.
China has proposed issuing "cyberspace IDs" to its citizens in order to protect their personal information, regulate the public service for authentication of cyberspace IDs, and accelerate the implementation of the trusted online identity strategy. The Register reports: The ID will take two forms: one as a series of letter and numbers, and the other as an online credential. Both will correspond to the citizen's real-life identity, but with no details in plaintext -- presumably encryption will be applied. A government national service platform will be responsible for authenticating and issuing the cyberspace IDs. The draft comes from the Ministry of Public Security and the Cyberspace Administration of China (CAC). It clarifies that the ID will be voluntary -- for now -- and eliminate the need for citizens to provide their real-life personal information to internet service providers (ISPs). Those under the age of fourteen would need parental consent to apply. China is one of the few countries in the world that requires citizens to use their real names on the internet. [...] Relying instead on a national ID means "the excessive collection and retention of citizens' personal information by internet service providers will be prevented and minimized," reasoned Beijing. "Without the separate consent of a natural person, an internet platform may not process or provide relevant data and information to the outside without authorization, except as otherwise provided by laws and administrative regulations," reads the draft.Read more of this story at Slashdot.
An anonymous reader quotes a report from Ars Technica: The death of the US government's Affordable Connectivity Program (ACP) is starting to result in disconnection of Internet service for Americans with low incomes. On Friday, Charter Communications reported a net loss of 154,000 Internet subscribers that it said was mostly driven by customers canceling after losing the federal discount. About 100,000 of those subscribers were reportedly getting the discount, which in some cases made Internet service free to the consumer. The $30 monthly broadband discounts provided by the ACP ended in May after Congress failed to allocate more funding. The Biden administration requested (PDF) $6 billion to fund the ACP through December 2024, but Republicans called the program "wasteful." Republican lawmakers' main complaint was that most of the ACP money went to households that already had broadband before the subsidy was created. FCC Chairwoman Jessica Rosenworcel warned that killing the discounts would reduce Internet access, saying (PDF) an FCC survey found that 77 percent of participating households would change their plan or drop Internet service entirely once the discounts expired. Charter's Q2 2024 earnings report provides some of the first evidence of users dropping Internet service after losing the discount. "Second quarter residential Internet customers decreased by 154,000, largely driven by the end of the FCC's Affordable Connectivity Program subsidies in the second quarter, compared to an increase of 70,000 during the second quarter of 2023," Charter said. Across all ISPs, there were 23 million US households enrolled in the ACP. Research released in January 2024 found that Charter was serving over 4 million ACP recipients and that up to 300,000 of those Charter customers would be "at risk" of dropping Internet service if the discounts expired. Given that ACP recipients must meet low-income eligibility requirements, losing the discounts could put a strain on their overall finances even if they choose to keep paying for Internet service. [...] Light Reading reported that Charter attributed about 100,000 of the 154,000 customer losses to the ACP shutdown. Charter said it retained most of its ACP subscribers so far, but that low-income households might not be able to continue paying for Internet service without a new subsidy for much longer.Read more of this story at Slashdot.
In an incident report today, DigiCert says it discovered that some CNAME-based validations did not include the required underscore prefix, affecting about 0.4% of their domain validations. According to CA/Browser Forum (CABF) rules, certificates with validation issues must be revoked within 24 hours, prompting DigiCert to take immediate action. DigiCert says impacted customers "have been notified." New submitter jdastrup first shared the news, writing: Due to a mistake going back years that has recently been discovered, DigiCert is required by the CABF to revoke any certificate that used the improper Domain Control Validation (DCV) CNAME record in 24 hours. This could literally be thousands of SSL certs. This could take a lot of time and potentially cause outages worldwide starting July 30 at 19:30 UTC. Be prepared for a long night of cert renewals. DigiCert support line is completely jammed.Read more of this story at Slashdot.
Despite multiple methods available across major operating systems for installing and updating applications, there remains "no real clear answer to 'which is best,'" reports The Next Web. Each system faces unique challenges such as outdated packages, high fees, and policy restrictions. Enter Homebrew. "Initially created as an option for developers to keep the dependencies they often need for developing, testing, and running their work, Homebrew has grown to be so much more in its 15-year history." Created in 2009, Homebrew has become a leading solution for macOS, integrating with MDM tools through its enterprise-focused extension, Workbrew, to balance user freedom with corporate security needs, while maintaining its open-source roots under the guidance of Mike McQuaid. In an interview with The Next Web's Chris Chinchilla, project leader Mike McQuaid talks about the challenges and responsibilities of maintaining one of the world's largest open-source projects: As with anything that attracts plenty of use and attention, Homebrew also attracts a lot of mixed and extreme opinions, and processing and filtering those requires a tough outlook, something that Mike has spoken about in numerous interviews and at conferences. "As a large project, you get a lot of hate from people. Either people are just frustrated because they hit a bug or because you changed something, and they didn't read the release notes, and now something's broken," Mike says when I ask him about how he copes with the constant influx of communication. "There are a lot of entitled, noisy users in open source who contribute very little and like to shout at people and make them feel bad. One of my strengths is that I have very little time for those people, and I just insta-block them or close their issues." More crucially, an open-source project is often managed and maintained by a group of people. Homebrew has several dozen maintainers and nearly one thousand total contributors. Mike explains that all of these people also deserve to be treated with respect by users, "I'm also super protective of my maintainers, and I don't want them to be treated that way either." But despite these features and its widespread use, one area Homebrew has always lacked is the ability to work well with teams of users. This is where Workbrew, a company Mike founded with two other Homebrew maintainers, steps in. [...] Workbrew ties together various Homebrew features with custom glue to create a workflow for setting up and maintaining Mac machines. It adds new features that core Homebrew maintainers had no interest in adding, such as admin and reporting dashboards for a computing fleet, while bringing more general improvements to the core project. Bearing in mind Mike's motivation to keep Homebrew in the "traditional open source" model, I asked him how he intended to keep the needs of the project and the business separated and satisfied. "We've seen a lot of churn in the last few years from companies that made licensing decisions five or ten years ago, which have now changed quite dramatically and have generated quite a lot of community backlash," Mike said. "I'm very sensitive to that, and I am a little bit of an open-source purist in that I still consider the open-source initiative's definition of open source to be what open source means. If you don't comply with that, then you can be another thing, but I think you're probably not open source." And regarding keeping his and his co-founder's dual roles separated, Mike states, "I'm the CTO and co-founder of Workbrew, and I'm the project leader of Homebrew. The project leader with Homebrew is an elected position." Every year, the maintainers and the community elect a candidate. "But then, with the Homebrew maintainers working with us on Workbrew, one of the things I say is that when we're working on Workbrew, I'm your boss now, but when we work on Homebrew, I'm not your boss," Mike adds. "If you think I'm saying something and it's a bad idea, you tell me it's a bad idea, right?" The company is keeping its early progress in a private beta for now, but you can expect an announcement soon. As for what's happening for Homebrew? Well, in the best "open source" way, that's up to the community and always will be.Read more of this story at Slashdot.
According to Reuters, Hewlett Packard Enterprise (HPE) is expected to secure unconditional EU antitrust approval for its $14 billion acquisition of networking gear maker Juniper Networks. From the report: HPE announced the deal in January, underscoring the rush by companies to upgrade and develop new products amid a sharp rise in artificial intelligence-driven services. The European Commission, which is scheduled to decide on the deal by Aug. 1, declined to comment. HPE was expected to underline the power of market leader and Juniper rival Cisco to allay any possible European Union competition concerns, other people with direct knowledge of the matter had previously told Reuters. The deal is also being assessed by Britain's antitrust enforcer, with a decision due on Aug. 14.Read more of this story at Slashdot.
An anonymous reader quotes a report from Ars Technica: California's "Safe and Secure Innovation for Frontier Artificial Intelligence Models Act" (a.k.a. SB-1047) has led to a flurry of headlines and debate concerning the overall "safety" of large artificial intelligence models. But critics are concerned that the bill's overblown focus on existential threats by future AI models could severely limit research and development for more prosaic, non-threatening AI uses today. SB-1047, introduced by State Senator Scott Wiener, passed the California Senate in May with a 32-1 vote and seems well positioned for a final vote in the State Assembly in August. The text of the bill requires companies behind sufficiently large AI models (currently set at $100 million in training costs and the rough computing power implied by those costs today) to put testing procedures and systems in place to prevent and respond to "safety incidents." The bill lays out a legalistic definition of those safety incidents that in turn focuses on defining a set of "critical harms" that an AI system might enable. That includes harms leading to "mass casualties or at least $500 million of damage," such as "the creation or use of chemical, biological, radiological, or nuclear weapon" (hello, Skynet?) or "precise instructions for conducting a cyberattack... on critical infrastructure." The bill also alludes to "other grave harms to public safety and security that are of comparable severity" to those laid out explicitly. An AI model's creator can't be held liable for harm caused through the sharing of "publicly accessible" information from outside the model -- simply asking an LLM to summarize The Anarchist's Cookbook probably wouldn't put it in violation of the law, for instance. Instead, the bill seems most concerned with future AIs that could come up with "novel threats to public safety and security." More than a human using an AI to brainstorm harmful ideas, SB-1047 focuses on the idea of an AI "autonomously engaging in behavior other than at the request of a user" while acting "with limited human oversight, intervention, or supervision." To prevent this straight-out-of-science-fiction eventuality, anyone training a sufficiently large model must "implement the capability to promptly enact a full shutdown" and have policies in place for when such a shutdown would be enacted, among other precautions and tests. The bill also focuses at points on AI actions that would require "intent, recklessness, or gross negligence" if performed by a human, suggesting a degree of agency that does not exist in today's large language models. The bill's supporters include AI experts Geoffrey Hinton and Yoshua Bengio, who believe the bill is a necessary precaution against potential catastrophic AI risks. Bill critics include tech policy expert Nirit Weiss-Blatt and AI community voice Daniel Jeffries. They argue that the bill is based on science fiction fears and could harm technological advancement. Ars Technica contributor Timothy Lee and Meta's Yann LeCun say that the bill's regulations could hinder "open weight" AI models and innovation in AI research. Instead, some experts suggest a better approach would be to focus on regulating harmful AI applications rather than the technology itself -- for example, outlawing nonconsensual deepfake pornography and improving AI safety research.Read more of this story at Slashdot.
"Deepfake scams are becoming more prolific and their quality will only improve over time," writes longtime Slashdot reader smooth wombat. "However, one question can stop them dead in their tracks. Such was the case with Ferrari earlier this month when a suspicious executive saved the company from being the latest victim." From a report: It all began with a series of WhatsApp messages from someone posing as Ferrari's CEO [Benedetto Vigna]. The messages, seeking urgent help with a supposed classified acquisition, came from a different number but featured a profile picture of Vigna standing in front of the Ferrari emblem. As reported by Bloomberg, one of the messages read: "Hey, did you hear about the big acquisition we're planning? I could need your help." The scammer continued, "Be ready to sign the Non-Disclosure Agreement our lawyer will send you ASAP." The message concluded with a sense of urgency: "Italy's market regulator and Milan stock exchange have already been informed. Maintain utmost discretion." Following the text messages, the executive received a phone call featuring a convincing impersonation of Vigna's voice, complete with the CEO's signature southern Italian accent. The caller claimed to be using a different number due to the sensitive nature of the matter and then requested the executive execute an "unspecified currency hedge transaction." The oddball money request, coupled with some "slight mechanical intonations" during the call, raised red flags for the Ferrari executive. He retorted, "Sorry, Benedetto, but I need to verify your identity," and quizzed the CEO on a book he had recommended days earlier. Unsurprisingly, the impersonator flubbed the answer and ended the call in a hurry.Read more of this story at Slashdot.
Following in the footsteps of competitors Netflix and Disney+, Apple is reportedly working on bringing advertisements to Apple TV+ through an ad-supported tier. MacRumors reports: Apple has apparently been in discussions with the UK's Broadcaster's Audience Research Board (BARB) to explore the necessary data collection techniques for monitoring advertising results. Currently, BARB provides viewing statistics for major UK networks including the BBC, ITV, Channel 4, and Sky, as well as Apple TV+ programming. While BARB already monitors viewing time for Apple TV+ content, additional techniques are required to track advertising metrics accurately. This data is vital for advertisers to assess the reach and impact of their campaigns on the platform. In addition to the UK, Apple has also reportedly held similar discussions with ratings organizations in the United States. Apple has already included limited advertising in its live sports events, such as last year's Major League Soccer coverage, where ads were incorporated even for Season Pass holders. It is also notable that in March Apple hired Joseph Cady, a former advertising executive from NBCUniversal, to bolster its video advertising team.Read more of this story at Slashdot.
In a Washington Post op-ed last week, OpenAI CEO Sam Altman emphasized the urgent need for the U.S. and its allies to lead the development of "democratic AI" to counter the rise of "authoritarian AI" models (source paywalled; alternative source). He outlined four key steps for this effort: enhancing security measures, expanding AI infrastructure, creating commercial diplomacy policies, and establishing global norms for AI development and deployment. Fortune reports: He noted that Russian President Vladimir Putin has said the winner of the AI race will "become the ruler of the world" and that China plans to lead the world in AI by 2030. Not only will such regimes use AI to perpetuate their own hold on power, but they can also use the technology to threaten others, Altman warned. If authoritarians grab the lead in AI, they could force companies in the U.S. and elsewhere to share user data and use the technology to develop next-generation cyberweapons, he said. [...] "While identifying the right decision-making body is important, the bottom line is that democratic AI has a lead over authoritarian AI because our political system has empowered U.S. companies, entrepreneurs and academics to research, innovate and build," Altman said. Unless the democratic vision prevails, the world won't be cause to maximize the technology's benefits and minimize its risks, he added. "If we want a more democratic world, history tells us our only choice is to develop an AI strategy that will help create it, and that the nations and technologists who have a lead have a responsibility to make that choice -- now."Read more of this story at Slashdot.
An anonymous reader quotes a report from Bloomberg: A number of fiber optic cables carrying broadband service across France were cut overnight in the latest attack on the country's infrastructure during the Olympic Games. Connections serving Paris, which is hosting the Olympic Games this week, and the games themselves weren't affected, a spokesman for Olympics telecom partner, Orange SA, said. Still, this is the second sabotage of French infrastructure in the past few days as the world converges on the capital. Coordinated fires on French rail lines disrupted trains ahead of the opening ceremony on Friday. The fiber cables were cut in nine departments overall including: Ardeche, Aude, Bouches-du-Rhone, Drome, Herault, Vaucluse, Marne, Meuse and Oise, the French Telecom Federation said. SFR said its network was vandalized between 1 a.m. and 3 a.m. Paris time, and teams are working on repairs, a spokesman for the French phone company said. The carrier is using alternative routes to serve customers, though redirecting the traffic might lead to slower speeds. Other carriers, including Iliad SA's Free and Netalis, also said they were impacted in social media posts. Netalis Chief Executive Officer Nicolas Guillaume said that the telecom company had successfully moved traffic to backup networks early on Monday. French cloud provider OVHcloud is also working to reroute traffic after the incident, which had caused slower performance on connections between Europe and Asia Pacific, a spokesman said. "We advocate for France reinforcing criminal sanctions for vandalism on telecom infrastructure, which should be put at the same level as vandalism on energy infrastructure," said Romain Bonenfant, head of the French Telecom Federation industry group, in an interview. "Telecom infrastructure, like the railways, covers kilometers across the whole territory -- you can't put surveillance on every part of it."Read more of this story at Slashdot.
An anonymous reader writes: AI experts tend to agree that rapid advances in the technology will impact jobs. But there's a clear division growing between those who see that as a cause for concern and those who believe it heralds a future of growth. Andrew Ng, the founder of Google Brain and a professor at Stanford University, is in the latter camp. He's optimistic about how AI will transform the labor market. For one, he doesn't think it's going to replace jobs. "For the vast majority of jobs, if 20-30% is automated, then what that means is the job is going to be there," Ng said in a recent talk organized by Chulalongkorn University in Bangkok, Thailand. "It also means AI won't replace people, but maybe people that use AI will replace people that don't."Read more of this story at Slashdot.
An anonymous reader shares a report: Multiple YouTube users are now reporting on social media that YouTube is serving them with blank ads or black screens before a video when they are using an ad-blocker extension. The black screens appear for the length of a typical YouTube pre-roll or ad insert before displaying the actual content of the video the viewer wants to watch.Read more of this story at Slashdot.
An anonymous reader shares a report: Hundreds of websites trying to block the AI company Anthropic from scraping their content are blocking the wrong bots, seemingly because they are copy/pasting outdated instructions to their robots.txt files, and because companies are constantly launching new AI crawler bots with different names that will only be blocked if website owners update their robots.txt. In particular, these sites are blocking two bots no longer used by the company, while unknowingly leaving Anthropic's real (and new) scraper bot unblocked. This is an example of "how much of a mess the robots.txt landscape is right now," the anonymous operator of Dark Visitors told 404 Media. Dark Visitors is a website that tracks the constantly-shifting landscape of web crawlers and scrapers -- many of them operated by AI companies -- and which helps website owners regularly update their robots.txt files to prevent specific types of scraping. The site has seen a huge increase in popularity as more people try to block AI from scraping their work. "The ecosystem of agents is changing quickly, so it's basically impossible for website owners to manually keep up. For example, Apple (Applebot-Extended) and Meta (Meta-ExternalAgent) just added new ones last month and last week, respectively," they added.Read more of this story at Slashdot.
The Justice Department has ramped up the case to ban TikTok, saying in a court filing Friday that allowing the app to continue operating in its current state could result in voter manipulation in elections. From a report: The filing was made in response to a TikTok lawsuit attempting to block the government's ban. The Justice Department warned that the app's algorithm and parent company ByteDance's alleged ties to the Chinese government could be used for a "secret manipulation" campaign. "Among other things, it would allow a foreign government to illicitly interfere with our political system and political discourse, including our elections...if, for example, the Chinese government were to determine that the outcome of a particular American election was sufficiently important to Chinese interests," the filing said. Under a law passed in April, TikTok has until January 2025 to find a new owner or it will be banned in the U.S. The company is suing to have that law overturned, saying it violates the company's First Amendment rights. The Justice Department disputed those claims. "The statute is aimed at national-security concerns unique to TikTok's connection to a hostile foreign power, not at any suppression of protected speech," officials wrote.Read more of this story at Slashdot.
An anonymous reader shares a report: Indian cryptocurrency exchange WazirX announced on Saturday a controversial plan to "socialize" the $230 million loss from its recent security breach among all its customers, a move that has sent shockwaves through the local crypto community. The Mumbai-based firm, which suspended all trading activities on its platform last week following the cyber attack that compromised nearly half of its reserves in India's largest crypto heist, has outlined a strategy to resume operations within a week or so while implementing a "fair and transparent socialized loss strategy" to distribute the impact "equitably" among its user base. WazirX will "rebalance" customer portfolios on its platform, returning only 55% of their holdings while locking the remaining 45% in USDT-equivalent tokens. This will also impact customers whose tokens were not directly affected by the breach, with the company stating that "users with 100% of their tokens in the 'not stolen' category will receive 55% of those tokens back."Read more of this story at Slashdot.
Microsoft has intensified its push for OneDrive adoption in Windows 11, introducing a full-screen pop-up that prompts users to back up their files to the cloud service, according to a report from Windows Latest. The new promotional message, which appears after a recent Windows update, mirrors the out-of-box experience typically seen during initial system setup and highlights OneDrive's features, including file protection, collaboration capabilities, and automatic syncing.Read more of this story at Slashdot.
Scientists say the drying Great Salt Lake in Utah is now becoming a significant contributor to global greenhouse gas emissions that are causing the climate to warm, according to a new study. From a report: Due largely to water diversions by farmers and Utah's booming population growth, the Great Salt Lake has shrunk by almost half in recent years. Scientists spent seven months in 2020 sampling emissions coming off the dried saline lake bed. Canada's Royal Ontario Museum published the study on Thursday in the journal One Earth. [...] The researchers found that the drying lake bed emitted 4.1 million tons of carbon dioxide and other greenhouse gases into the atmosphere, which would translate to a 7% increase in Utah's human-caused emissions. According to scientists, 4 million tons of CO2 is roughly equivalent to the total annual emissions of 140 commercial planes. The Great Salt Lake is the largest saline lake left in the Western Hemisphere. The study occurred during one of the most notorious dry stretches of the West's mega drought, which had lasted two decades at the time of the study.Read more of this story at Slashdot.
Apple's upcoming AI features will arrive later than anticipated, missing the initial launch of its upcoming iPhone and iPad software overhauls but giving the company more time to fix bugs. Bloomberg: The company is planning to begin rolling out Apple Intelligence to customers as part of software updates coming by October, according to people with knowledge of the matter. That means the AI features will arrive a few weeks after the initial iOS 18 and iPadOS 18 releases planned for September, said the people, who declined to be identified discussing unannounced release details. Still, the iPhone maker is planning to make Apple Intelligence available to software developers for the first time for early testing as soon as this week via iOS 18.1 and iPadOS 18.1 betas, they added. The strategy is atypical as the company doesn't usually release previews of follow-up updates until around the time the initial version of the new software generation is released publicly. The stakes are higher than usual. In order to ensure a smooth consumer release of its big bet on AI, Apple needs support from developers to help iron out issues and test features on a wider scale. Concerns over the stability of Apple Intelligence features, in part, led the company to split the features from the initial launch of iOS 18 and iPadOS 18.Read more of this story at Slashdot.
Amazon paid nearly $1 billion to acquire the live-video startup Twitch Interactive in 2014. A decade later, the retail giant has received little financial return from one of its bigger acquisitions. WSJ: Known for hourslong broadcasts of videogame play, Twitch remains unprofitable despite periods of explosive popularity, according to current and former employees knowledgeable about its finances. Documents reviewed by The Wall Street Journal show Twitch's biggest-paying users are opening their wallets less, and third-party data reflect that growth in new users and engagement has slowed. Following two rounds of layoffs in the past year, staffers are concerned that a third round could come this fall following an annual operational review, according to people familiar with the matter. Amazon Chief Executive Andy Jassy, who took over in 2021, has led a profitability review at the company and shown little tolerance for unprofitable businesses. Insiders said they worry Twitch is at risk of becoming what they called a "zombie brand" at Amazon -- internal projects or acquisitions that have been sidelined because they haven't lived up to expectations. These staffers pointed to book-review app Goodreads, online task finder Mechanical Turk and discount website Woot.Read more of this story at Slashdot.
An unexpected disapperance of saved passwords "impacted Chrome web browser users from all over the world," writes Forbes, "leaving them unable to find any passwords already saved using the Chrome password manager." Newly saved passwords were also rendered invisible to the affected users. Google, which has now fixed the issue, said that the problem was limited to the M127 version of Chrome Browser on the Windows platform. The precise number of users to be hit by the Google password manager vanishing act is hard to pin down. However, working on the basis that there are more than 3 billion Chrome web browser users, with Windows users counting for the vast majority of these, it's possible to come up with an estimated number. Google said that 25% of the user base saw the configuration change rolled out, which, by my calculations, is around 750 million. Of these, around 2%, according to Google's estimation, were hit by the password manager issue. That means around 15 million users have seen their passwords vanish into thin air. Google said that an interim workaround was provided at the time, which involved the particularly user-unfriendly process of launching the Chrome browser with a command line flag of " - enable-features=SkipUndecryptablePasswords." Thankfully, the full fix that has now been rolled out just requires users to restart their Chrome browser to take effect.Read more of this story at Slashdot.
Is Ford trying to patent a way for its cars to report speeding drivers to the police? An article in Motor Authority notes that this patent application from Ford was filed January 12th of 2023 - and just published 11 days ago by the U.S. Patent and Trademark Office:In the application, Ford discusses using cars to monitor each other's speeds. If one car detects that a nearby vehicle is being driven above the posted limit, it could use onboard cameras to photograph that vehicle. A report containing both speed data and images of the targeted vehicle could then be sent directly to a police car or roadside monitoring units via an Internet connection, according to Ford. Using vehicles for speed surveillance would make cops' jobs easier, as they wouldn't have to quickly identify speeding violations and take off in pursuit, Ford notes in the application. It also means some of that work could be delegated to self-driving cars, which could be equipped to detect speeding violations, the automaker adds... Ford has also tried to patent a "night drive mode" that would limit vehicle speeds at night for everyone - including first responders. Thanks to long-time Slashdot reader schwit1 for sharing the article.Read more of this story at Slashdot.
The Python Software Foundation's board "was alerted to a defect in our bylaws that exposes the Foundation to an unbounded financial liability," according to a blog post Friday:Specifically, Bylaws Article XIII as originally written compels the Python Software Foundation to extend indemnity coverage to individual Members (including our thousands of "Basic Members") in certain cases, and to advance legal defense expenses to individual Members with surprisingly few restrictions. Further, the Bylaws compel the Foundation to take out insurance to cover these requirements, however, insurance of this nature is not actually available to 501(c)(3) nonprofit corporations such as the Python Software Foundation to purchase, and thus it is impossible in practice to comply with this requirement. In the unlikely but not impossible event of the Foundation being called upon to advance such expenses, the potential financial burden would be virtually unlimited, and there would be no recourse to insurance. As this is an existential threat to the Foundation, the Board has agreed that it must immediately reduce the Foundation's exposure, and has opted to exercise its ability to amend the Bylaws by a majority vote of the Board directors, rather than by putting it to a vote of the membership, as allowed by Bylaws Article XI. Acting on legal advice, the full Board has voted unanimously to amend its Bylaws to no longer extend an offer to indemnify, advance legal expenses, or insure Members when they are not serving at the request of the Foundation. The amended Bylaws still allow for indemnification of a much smaller set of individuals acting on behalf of the PSF such as Board Members and officers, which is in line with standard nonprofit governance practices and for which we already hold appropriate insurance. Another blog post notes "the recent slew of conversations, initially kicked off in response to a bylaws change proposal, has been pretty alienating for many members of our community."- After the conversation on PSF-Vote had gotten pretty ugly, forty-five people out of ~1000 unsubscribed. (That list has since been put on announce-only) - We received a lot of Code of Conduct reports or moderation requests about the PSF-vote mailing list and the discuss.python.org message board conversations. (Several reports have already been acted on or closed and the rest will be soon). - PSF staff received private feedback that the blanket statements about "neurodiverse people", the bizarre motives ascribed to the people in charge of the PSF and various volunteers and the sideways comments about the kinds of people making reports were also very off-putting.Read more of this story at Slashdot.
No R-rated film has ever earned as much in its opening weekend, reports the Hollywood Reporter - a whopping $205 million. (The previous record was $133.7 million, set in 2016 by the original film Deadpool...) It's also the very first R-rated film ever released by Disney... [Deadpool actor Ryan] Reynolds has his own theory about its success. "Disney probably doesn't want me to frame it this way, but I've always thought of Deadpool & Wolverine as the first four-quadrant, R-rated film," Reynolds tells the Hollywood Reporter. "Yes, it's rated R, but we set out to make a movie with enough laughs, action and heart to appeal to everyone, whether you're a comic book movie fan or not." There's reason Disney and others may bristle at labeling it a four-quadrant film, which generally is reserved for movies that work equally for males and females over and under 25. Afterall, it is perhaps the most violent and bloody Deadpool movie yet. Still, here's evidence to back up Reynolds' theory that it's playing to a far more broad audience than the usual Marvel Cinematic Univerese movie, even if it's skewing male by anywhere from 60 to 63 percent. So far, 13.6 million people have bought tickets to see it, on par with last year's Barbie, which was rated PG-13, according to Steve Buck's leading research firm EntTelligence. That's the most foot traffic ever for an R-rated movie.... "Once thought of as a sure-fire way to limit potential box office, the R rating, when properly applied, can be the key to unlocking massive box office, and this has proven to be the secret sauce for the Deadpool franchise," says chief Comscore box office analyst Paul Dergarabedian. "The creative freedom afforded by the less restrictive rating has enabled filmmakers to push the envelope and, particularly in the case of Deadpool & Wolverine, can deliver the kind of edgy, intense, profanity-filled comedy action that modern audiences are fired up to see on the big screen...." It's also the biggest July opening of all time, the biggest opening of 2024 so far and Marvel Studios' biggest launch since Spider-Man: No Way Home in December 2021.ScreenRant notes that Deadpool & Wolverine has already surpassed the entire global box office for The Marvels in just three days. It's the biggest debut for a film since James Cameron's Avatar: The Way of the Water in December of 2022 (according to the Hollywood Reporter). And they add that though the figures haven't been adjusted for inflation - it's still the eighth-biggest box office opening of all time. But at the end of the day, it's just people enjoying a movie together. "Well, I'm not saying that other people should do this, but my 9-year-old watched the movie with me and my mom, who's in her late 70s," Reynolds reportedly told the New York Times, "and it was just was one of the best moments of this whole experience for me. Both of them were laughing their guts out, were feeling the emotion where I most desperately hoped people would be."Read more of this story at Slashdot.
"As free software activists, we ought to take the opportunity to look at the situation and see how things could have gone differently," writes FSF campaigns manager Greg Farough:Let's be clear: in principle, there is nothing ethically wrong with automatic updates so long as the user has made an informed choice to receive them... Although we can understand how the situation developed, one wonders how wise it is for so many critical services around the world to hedge their bets on a single distribution of a single operating system made by a single stupefyingly predatory monopoly in Redmond, Washington. Instead, we can imagine a more horizontal structure, where this airline and this public library are using different versions of GNU/Linux, each with their own security teams and on different versions of the Linux(-libre) kernel... As of our writing, we've been unable to ascertain just how much access to the Windows kernel source code Microsoft granted to CrowdStrike engineers. (For another thing, the root cause of the problem appears to have been an error in a configuration file.) But this being the free software movement, we could guarantee that all security engineers and all stakeholders could have equal access to the source code, proving the old adage that "with enough eyes, all bugs are shallow." There is no good reason to withhold code from the public, especially code so integral to the daily functioning of so many public institutions and businesses. In a cunning PR spin, it appears that Microsoft has started blaming the incident on third-party firms' access to kernel source and documentation. Translated out of Redmond-ese, the point they are trying to make amounts to "if only we'd been allowed to be more secretive, this wouldn't have happened...!" We also need to see that calling for a diversity of providers of nonfree software that are mere front ends for "cloud" software doesn't solve the problem. Correcting it fully requires switching to free software that runs on the user's own computer.The Free Software Foundation is often accused of being utopian, but we are well aware that moving airlines, libraries, and every other institution affected by the CrowdStrike outage to free software is a tremendous undertaking. Given free software's distinct ethical advantage, not to mention the embarrassing damage control underway from both Microsoft and CrowdStrike, we think the move is a necessary one. The more public an institution, the more vitally it needs to be running free software. For what it's worth, it's also vital to check the syntax of your configuration files. CrowdStrike engineers would do well to remember that one, next time.Read more of this story at Slashdot.
Long-time Slashdot reader sandbagger writes: Have you ever wondered if it's true you can instantly get malware? In this video, a person connects an XP instance directly to the internet with no firewall to see just how fast it gets compromised by malware, rootkits, malicious services and new user accounts. The answer - fast! Malwarebytes eventually finds eight different viruses/Trojan horses -- and a DNS changer. (One IP address leads back to the Russian federation.) Ita(TM)s fun to watch -- within just a few hours a new Windows user has even added themself. And for good measure, he also opens up Internet Explorer... aoeWindows XP -- very insecure,a they conclude at the end of the video. aoeVery easy for random software from the internet to get more privileges than you, and it is very hard to solve that. aoeAlso, just out of curiosity I tried this on Windows 7. And even with all of the same settings, nothing happened. I let it run for 10 hours. So it seems like this may be a problem in historical Windows.aRead more of this story at Slashdot.
An anonymous reader shared this report from PC World:According to a tweet sent out by the Los Angeles Police Department's Wilshire division (spotted by Tom's Hardware), a small band of burglars is using Wi-Fi jamming devices to nullify wireless security cameras before breaking and entering. The thieves seem to be well above the level of your typical smash-and-grab job. They have lookout teams, they enter through the second story, and they go for small, high-value items like jewelry and designer purses. Wireless signal jammers are illegal in the United States. Wireless bands are tightly regulated and the FCC doesn't allow any consumer device to intentionally disrupt radio waves from other devices. Similar laws are in place in most other countries. But signal jammers are electronically simple and relatively easy to build or buy from less-than-scrupulous sources. The police division went on to recommend tagging value items like a vehicle or purse with Apple Air Tags - and "talk to your Wi-Fi provider about hard-wiring your burglar alarm system." And among their other suggestions: Don't post on social media that you're going on vacation...Read more of this story at Slashdot.
CNET visits a leading-edge company making an implantable brain-computer-interface that's "experimenting with ChatGPT integration..."We previously covered Synchron's unique approach to implanting its brain-computer-interface (BCI) without the need for open brain surgery. Now the company has integrated OpenAI's ChatGPT into its software, something it says is a world's first for a BCI company... Typing out messages word by word with the help of a BCI is still time consuming. The addition of AI is seen as a way to make communication faster and easier by taking in the relevant context, like what was last said in a conversation, and anticipating answers a person might want to respond with, providing them with a menu of possible options. Now, instead of typing out each word, answers can be filled in with a single "click." There's a refresh button in case none of the AI answers are right... [ALS patient Mark, one of 10 people in the world testing Synchron's brain implant in a clinical trial] has noticed the AI getting better at providing answers that are more in line with things he might say. "Every once in a while it'll drop an f-bomb, which I tend to do occasionally," he says with a laugh. Synchron CEO Tom Oxley tells me the company has been experimenting with different AI models for about a year, but the release of OpenAI's ChatGPT-4o in May raised some interesting new possibilities. The "o" in ChatGPT-4o stands for "omni," representative of the fact that this latest version is capable of taking in text, audio and visual inputs all at once to inform its outputs... Oxley envisions the future of BCIs as... having large language models like ChatGPT take in relevant context in the form of text, audio and visuals to provide relevant prompts that users can select with their BCI...Synchron's BCI is expected to cost between $50,000 and $100,000, comparable with the cost of other implanted medical devices like cardiac pacemakers or cochlear implants. CNET has also released a video - titled "What It's Like Using a Brain Implant With ChatGPT."Read more of this story at Slashdot.
Long-time Slashdot theodp says this "provocative" blog post by former Google engineer Avery Pennarun - now the CEO/founder of Tailscale - is "a call to take back the Internet from its centralized rent-collecting cloud computing gatekeepers." Pennarun writes:I read a post recently where someone bragged about using Kubernetes to scale all the way up to 500,000 page views per month. But that's 0.2 requests per second. I could serve that from my phone, on battery power, and it would spend most of its time asleep. In modern computing, we tolerate long builds, and then Docker builds, and uploading to container stores, and multi-minute deploy times before the program runs, and even longer times before the log output gets uploaded to somewhere you can see it, all because we've been tricked into this idea that everything has to scale. People get excited about deploying to the latest upstart container hosting service because it only takes tens of seconds to roll out, instead of minutes. But on my slow computer in the 1990s, I could run a perl or python program that started in milliseconds and served way more than 0.2 requests per second, and printed logs to stderr right away so I could edit-run-debug over and over again, multiple times per minute. How did we get here? We got here because sometimes, someone really does need to write a program that has to scale to thousands or millions of backends, so it needs all that stuff. And wishful thinking makes people imagine even the lowliest dashboard could be that popular one day. The truth is, most things don't scale, and never need to. We made Tailscale for those things, so you can spend your time scaling the things that really need it. The long tail of jobs that are 90% of what every developer spends their time on. Even developers at companies that make stuff that scales to billions of users, spend most of their time on stuff that doesn't, like dashboards and meme generators. As an industry, we've spent all our time making the hard things possible, and none of our time making the easy things easy. Programmers are all stuck in the mud. Just listen to any professional developer, and ask what percentage of their time is spent actually solving the problem they set out to work on, and how much is spent on junky overhead. Tailscale offers a "zero-config" mesh VPN - built on top of WireGuard - for a secure network that's software-defined (and infrastructure-agnostic). "The problem is developers keep scaling things they don't need to scale," Pennarun writes, "and their lives suck as a result...." "The tech industry has evolved into an absolute mess..." Pennarun adds at one point. "Our tower of complexity is now so tall that we seriously consider slathering LLMs on top to write the incomprehensible code in the incomprehensible frameworks so we don't have to." Their conclusion? "Modern software development is mostly junky overhead."Read more of this story at Slashdot.
Ford's stock dropped 20% this week - mostly falling off the cliff Wednesday after failing to meet Wall Street's expectations for its quarterly profits, according to MarketWatch - and notching "another billion-dollar loss on EVs.""The remaking of Ford is not without its growing pains," Ford Chief Executive Jim Farley said on a call with investors after the results. "We look forward to proving our EV strategy out. That has become more realistic and sharpened by the tough environment." Ford is "confident" it can reduce losses and sustain a profitable business in the future, he added. The car maker plans to focus on "very differentiated" EVs priced under $40,000 and $30,000, and on two segments, work and adventure, Farley said. Larger EVs will be part of the picture, but success there will require more breakthroughs on costs, the CEO said, adding that Ford's EV journey overall has been "humbling...." The results included an EBIT loss of $1.1 billion for Ford's EV segment, "amid ongoing industrywide pricing pressure on first-generation electric vehicles and lower wholesales," the car maker said... Ford kept its expectations that the EV business will lose between $5.0 billion and $5.5 billion for the year, "with continued pricing pressure and investments in next-generation electric vehicles," it said. Ford's CEO went on to say that their company is totally open to partnerships for electric vehicles, according to the article. "This is absolutely a flip-the-script moment for our company." Thanks to long-time Slashdot reader sinij for sharing the news.Read more of this story at Slashdot.
Slashdot