Slashdot

An anonymous reader quotes a report from Ars Technica: Yesterday, Amazon failed to convince a US district court to dismiss the Federal Trade Commission's lawsuit targeting the tech giant's alleged history of tricking people into signing up for Prime. The FTC has alleged that Amazon "tricked, coerced, and manipulated consumers into subscribing to Amazon Prime," a court order said, failing to get informed consent by designing a murky sign-up process. And to keep subscriptions high, Amazon also "did not provide simple mechanisms for these subscribers to cancel their Prime memberships," the FTC alleged. Instead, Amazon forced "consumers intending to cancel to navigate a four-page, six-click, fifteen-option cancellation process." In their motion to dismiss, Amazon outright disputed these characterizations of its business, insisting its enrollment process was clear, its cancellation process was simple, and none of its executives could be held responsible for failing to fix these processes when "accidental" sign-ups became widespread. Amazon defended its current practices, arguing that some of its Prime disclosures "align with practices that the FTC encourages in its guidance documents." But the judge apparently did not find Amazon's denials completely persuasive. Viewing the FTC's complaint "in the light most favorable to the FTC," Judge John Chun concluded that "the allegations sufficiently indicate that Amazon had actual or constructive knowledge that its Prime sign-up and cancellation flows were misleading consumers." In his order (PDF), Chun also denied individual motions to dismiss from Amazon executives Russell Grandinetti, Neil Lindsay, and Jamil Ghani, who oversaw Prime operations. Executives had urged the court to dismiss the FTC's claims against them. They argued that the FTC "singled them out 'for an 'unprecedented sanction'" when the agency had "only recently started prosecuting companies for using 'dark patterns'" under Restore Online Shoppers' Confidence Act (ROSCA) and the FTC Act. They claimed that the FTC never alerted them to any wrongdoing before filing the lawsuit, so how could they have known they were violating the law? According to Chun, however, the FTC sufficiently alleged that each of these executives knew they were violating consumer protection laws when prioritizing profits over eliminating dark patterns triggering "accidental" or "nonconsensual" Prime sign-ups. Chun explained that executives may be "personally liable for corporate violations of the FTC Act if the individual 'participated directly in, or had the authority to control, the unlawful acts or practices at issue.'" For example, when Lindsay -- who in 2016 had the "most responsibility for the Prime subscription program" -- was "asked about Amazon's use of dark patterns during the Prime enrollment process," Lindsay justified the dark patterns. "Lindsay explained that once consumers become Prime members -- even unknowingly -- they will see what a great program it is and remain members, so Amazon is 'okay' with the situation," Chun's order said. And when Grandinetti, who "oversaw the Prime subscription program" in 2018, was told that the sign-up process and auto-renew feature frustrated customers, he "vetoed any changes that would reduce enrollment." Because executives seemingly prioritized profits over reducing customer friction, the FTC alleged that reasonable customers got sucked into Prime without their consent. Sometimes customers understandably got confused by the "discrepancy in size, location, and color" of Amazon's disclosures, Chun suggested. Other times, confusion struck when Amazon tried to upsell customers on Prime at checkout -- pairing their enrollment with their other shopping experience.Read more of this story at Slashdot.

A survey of 12,000 people in six countries -- Argentina, Denmark, France, Japan, the UK, and the USA -- found that very few people are regularly using AI products like ChatGPT. Unsurprisingly, the group bucking the trend are young people ages 18 to 24. The BBC reports: Dr Richard Fletcher, the report's lead author, told the BBC there was a "mismatch" between the "hype" around AI and the "public interest" in it. The study examined views on generative AI tools -- the new generation of products that can respond to simple text prompts with human-sounding answers as well as images, audio and video. "Large parts of the public are not particularly interested in generative AI, and 30% of people in the UK say they have not heard of any of the most prominent products, including ChatGPT," Dr Fletcher said. This research attempted to gauge what the public thinks, finding:- The majority expect generative AI to have a large impact on society in the next five years, particularly for news, media and science- Most said they think generative AI will make their own lives better- When asked whether generative AI will make society as a whole better or worse, people were generally more pessimistic In more detail, the study found: - While there is widespread awareness of generative AI overall, a sizable minority of the public -- between 20% and 30% of the online population in the six countries surveyed -- have not heard of any of the most popular AI tools.- In terms of use, ChatGPT is by far the most widely used generative AI tool in the six countries surveyed, two or three times more widespread than the next most widely used products, Google Gemini and Microsoft Copilot.- Younger people are much more likely to use generative AI products on a regular basis. Averaging across all six countries, 56% of 18-24s say they have used ChatGPT at least once, compared to 16% of those aged 55 and over.- Roughly equal proportions across six countries say that they have used generative AI for getting information (24%) as creating various kinds of media, including text but also audio, code, images, and video (28%).- Just 5% across the six countries covered say that they have used generative AI to get the latest news.Read more of this story at Slashdot.

Last August, PayPal became the first major financial company to roll out a stablecoin. Labeled PayPal USD, or PYUSD, the coin was issued on the Ethereum blockchain and "fully backed by U.S. dollar deposits, short-term Treasuries and similar cash equivalents." Now, the financial company is adding Solana as an option, "making PayPal's stablecoin faster and cheaper to use." "The Solana blockchain is known for processing massive amounts of transactions at high speeds with extremely low costs, providing significant benefits for commerce use cases," says the company in a press release. "As the most used blockchain for stablecoin transfers, according to data from blockchain analytics platform Artemis, Solana has emerged as the leading blockchain to run tokenized transactions and is ideal for PYUSD as it continues to be used for payment use cases."Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: When used to generate power or move vehicles, fossil fuels kill people. Particulates and ozone resulting from fossil fuel burning cause direct health impacts, while climate change will act indirectly. Regardless of the immediacy, premature deaths and illness prior to death are felt through lost productivity and the cost of treatments. Typically, you see the financial impacts quantified when the EPA issues new regulations, as the health benefits of limiting pollution typically dwarf the costs of meeting new standards. But some researchers from Lawrence Berkeley National Lab have now done similar calculations -- but focusing on the impact of renewable energy. Wind and solar, by displacing fossil fuel use, are acting as a form of pollution control and so should produce similar economic benefits. Do they ever. The researchers find that, in the U.S., wind and solar have health and climate benefits of over $100 for every Megawatt-hour produced, for a total of a quarter-trillion dollars in just the last four years. This dwarfs the cost of the electricity they generate and the total of the subsidies they received. [...] As a result, the environmental and health benefits of wind in 2022 are estimated as being $143 for each Mw-hr, with solar providing $100/Mw-hr in benefits. Given the amount of power generated by wind and solar that year, that works out to a total of $62 billion and $12 billion, respectively. For the entire 2019-2022 period, they total up to $250 billion. Due to the uncertainties in various estimates, the researchers estimate that the real value for wind is somewhere between $91 and $183 per Mw-hr, with solar having a proportionate uncertainty. For comparison, they note that the unsubsidized costs of the electricity produced by wind and solar range from $20 to $60 per Mw-hr, depending on where the facility is sited. So, in some ways, the companies that own these plants are only receiving a very small fraction of the benefits of their operation. Wind and solar do receive subsidies, but even the most generous ones provided by the Inflation Reduction Act max out below $35/Mw-hr -- again, far less than the health and environmental benefits. The researchers note that most of these benefits (about 75 percent) come from the reduction in carbon dioxide emissions. Still, the nitrogen and sulfur emissions reductions were also substantial: They displaced the equivalent of roughly 20 percent of the power sector's total emissions of these chemicals. That translates into avoiding about 1,400 premature deaths in 2022 alone. The researchers acknowledge a number of limitations to their work. "One big one is that they don't include distributed solar at all, meaning their totals for that form of production are a significant underestimate," reports Ars, noting that the Energy Information Agency estimates that, in the U.S., distributed solar accounts for over 30 percent of total solar production. "It also, as mentioned, doesn't account for the use of storage such as batteries, which are increasingly used to offset the tail-off in solar production in the evenings." "In addition, their work doesn't account for the intermittency of renewable power sources, which can sometimes result in the use of less efficient fossil fuel plants and so offset some of these benefits. The drop of wind and solar prices are also influencing decisions on what types of fossil fuel plants are getting built, disfavoring coal and increasing investments in natural gas plants that can respond quickly to changes in renewable output. Over the long term, this will result in additional benefits that can't be captured by this sort of short-term analysis." The study has been published in the journal Cell Reports Sustainability.Read more of this story at Slashdot.

schwit1 shares a report from NPR: When you first approach this bridge over Interstate 66 in northern Virginia, it may feel like you're driving on the wrong side of the road. Because, in a way, you are. "There were a lot of people who looked at me like I was a little nuts," says traffic engineer Gilbert Chlewicki, the inventor of this unconventional interchange. "Like, why are you putting me on the other side of the road?" Chlewicki agreed to meet at this intersection 35 miles west of Washington, D.C. to explain the workings of the diverging diamond interchange, as it's known. He was easy to spot, wearing a neon yellow vest for safety. As you enter the interchange, the right and left sides of the road cross over each other at a stop light. You are, in fact, driving on the left side of the road at this point. From there, left turns become a lot easier, because there's no oncoming traffic in the way. Instead of waiting for a signal, you get a free left turn. "When we do the cross-over to the left side of the road, that's when the left turns happen, so the left is very easy," says Chlewicki. That means diverging diamond interchanges can be both more efficient and safer than conventional intersections with left turn lanes. There are now more than 200 of them across the U.S., in more than 30 states. But at first, it wasn't easy to convince other traffic engineers. "Anything different is a hard sell," Chlewicki said. "Safety was the big question." In 2009, Missouri became the first state to install a diverging diamond interchange (DDI) at a congested intersection in Springfield. This new design quickly reduced traffic congestion and significantly improved safety, with crashes decreasing by 40-50%. However, drivers have mixed feelings about the design. Some, like school bus driver Logan Wilcox, feel it can be confusing and potentially dangerous for unfamiliar drivers. Others, like local driver Greg Peterson, praise it for improving traffic flow and reducing accidents.Read more of this story at Slashdot.

Satellite-to-phones service provider AST SpaceMobile announced a deal with Verizon to provide remote coverage across the United States. "Verizon's deal effectively includes a $100 million raise for AST, as well, in the form of $65 million in commercial service prepayments and $35 million in debt via convertible notes," reports CNBC. "The companies said that $45 million of the prepayments 'are subject to certain conditions' such as needed regulatory approvals and signing of a definitive commercial agreement." Shares of AST jumped 69% in trading to close at $9.02 a share -- the largest single day rise for the company's stock since it went public in 2021. From the report: AST SpaceMobile is building satellites to provide broadband service to unmodified smartphones, in the nascent "direct-to-device" communications market. [...] The Verizon partnership follows a similar pattern to AT&T's work with AST. Back in January, AT&T was a co-debt investor in the company alongside Google and Vodafone. The companies then established the commercial agreement earlier this month, which "lays out in much more detail how we will ultimately offer service together," AST's Chief Strategy Officer Scott Wisniewski said in a statement to CNBC. [...] AST expects to launch its first five commercial satellites later this year.Read more of this story at Slashdot.

Michael Larabel reports via Phoronix: A massive uptick in traffic to Fedora's package mirrors is causing problems for the Linux distribution. Some five million additional systems have started putting additional strain on Fedora's mirror resources since March and appear to be coming from Amazon's cloud. Stephen Smoogen of Red Hat wrote a blog post today around 5+ million more EPEL-7 systems beginning in March. Fedora hosts the packaging mirrors for Extra Packages For Enterprise Linux (EPEL) to augment the package selection available on RHEL, CentOS, Amazon Linux, etc. The past three months now there has been a 5+ million surge in Fedora/EPEL traffic and it's placed a strain on the systems. It's about doubling the number of unique IPs connecting to the mirror system. The massive uptick in Fedora/EPEL activity puts additional pressure on Fedora web proxies for mirror data and then the mirrors themselves that tend to be volunteer run. Much of this new traffic is coming from the Amazon/AWS cloud.Read more of this story at Slashdot.

An anonymous reader quotes an op-ed from The Globe and Mail, written by Kate Robertson and Ron Deibert. Robertson is a senior research associate and Deibert is director at the University of Toronto's Citizen Lab. From the piece: A federal cybersecurity bill, slated to advance through Parliament soon, contains secretive, encryption-breaking powers that the government has been loath to talk about. And they threaten the online security of everyone in Canada. Bill C-26 empowers government officials to secretly order telecommunications companies to install backdoors inside encrypted elements in Canada's networks. This could include requiring telcos to alter the 5G encryption standards that protect mobile communications to facilitate government surveillance. The government's decision to push the proposed law forward without amending it to remove this encryption-breaking capability has set off alarm bells that these new powers are a feature, not a bug. There are already many insecurities in today's networks, reaching down to the infrastructure layers of communication technology. The Signalling System No. 7, developed in 1975 to route phone calls, has become a major source of insecurity for cellphones. In 2017, the CBC demonstrated how hackers only needed a Canadian MP's cell number to intercept his movements, text messages and phone calls. Little has changed since: A 2023 Citizen Lab report details pervasive vulnerabilities at the heart of the world's mobile networks. So it makes no sense that the Canadian government would itself seek the ability to create more holes, rather than patching them. Yet it is pushing for potential new powers that would infect next-generation cybersecurity tools with old diseases. It's not as if the government wasn't warned. Citizen Lab researchers presented the 2023 report's findings in parliamentary hearings on Bill C-26, and leaders and experts in civil society and in Canada's telecommunications industry warned that the bill must be narrowed to prevent its broad powers to compel technical changes from being used to compromise the "confidentiality, integrity, or availability" of telecommunication services. And yet, while government MPs maintained that their intent is not to expand surveillance capabilities, MPs pushed the bill out of committee without this critical amendment last month. In doing so, the government has set itself up to be the sole arbiter of when, and on what conditions, Canadians deserve security for their most confidential communications -- personal, business, religious, or otherwise. The new powers would only make people in Canada more vulnerable to malicious threats to the privacy and security of all network users, including Canada's most senior officials. [...] "Now, more than ever, there is no such thing as a safe backdoor," the authors write in closing. "A shortcut that provides a narrow advantage for the few at the expense of us all is no way to secure our complex digital ecosystem." "Against this threat landscape, a pivot is crucial. Canada needs cybersecurity laws that explicitly recognize that uncompromised encryption is the backbone of cybersecurity, and it must be mandated and protected by all means possible."Read more of this story at Slashdot.

The notorious hacker group ShinyHunters has claimed to have breached the security of Ticketmaster-Live Nation, compromising the personal data more than half a billion users. "This massive 1.3 terabytes of data, is now being offered for sale on Breach Forums for a one-time sale for $500,000," reports Hackread. From the report: ShinyHunters has allegedly accessed a treasure trove of sensitive user information, including full names, addresses, email addresses, phone numbers, ticket sales and event details, order information, and partial payment card data. Specifically, the compromised payment data includes customer names, the last four digits of card numbers, expiration dates, and even customer fraud details. The data breach, if confirmed, could have severe implications for the affected users, leading to potential identity theft, financial fraud, and further cyber attacks. The hacker group's bold move to put this data on sale goes on to show the growing menace of cybercrime and the increasing sophistication of these cyber adversaries.Read more of this story at Slashdot.

Salesforce shares dropped as much as 17% in extended trading due to weaker-than-expected revenue and guidance that fell short of Wall Street expectations. "Revenue in the fiscal first quarter, which ended April 30, increased 11% from $8.25 billion a year earlier," reports CNBC. "It's the first time since 2006 that Salesforce fell short on revenue, according to LSEG data." From the report: Salesforce called for adjusted earnings per share in the current quarter of $2.34 to $2.36 on $9.2 billion to $9.25 billion in revenue. Analysts surveyed by LSEG had expected $2.40 in adjusted earnings per share on $9.37 billion in revenue. [...] Salesforce saw budget scrutiny and longer deal cycles than usual during the quarter, president and operating chief Brian Millham told analysts on a conference call. Management implemented go-to-market changes that cut into bookings, Millham said. All five of Salesforce's product areas contributed to the growth. But revenue from the Professional Services and Other category, at $548 million, was down 9% and under the StreetAccount consensus of $572.9 million. Net income jumped to $1.53 billion, or $1.56 per share, from $199 million, or 20 cents per share a year ago.Read more of this story at Slashdot.

An anonymous reader quotes a report from KrebsOnSecurity: The U.S. Department of the Treasury today unveiled sanctions against three Chinese nationals for allegedly operating 911 S5, an online anonymity service that for many years was the easiest and cheapest way to route one's Web traffic through malware-infected computers around the globe. KrebsOnSecurity identified one of the three men in a July 2022 investigation into 911 S5, which was massively hacked and then closed ten days later. From 2015 to July 2022, 911 S5 sold access to hundreds of thousands of Microsoft Windows computers daily, as "proxies" that allowed customers to route their Internet traffic through PCs in virtually any country or city around the globe -- but predominantly in the United States. 911 built its proxy network mainly by offering "free" virtual private networking (VPN) services. 911's VPN performed largely as advertised for the user -- allowing them to surf the web anonymously -- but it also quietly turned the user's computer into a traffic relay for paying 911 S5 customers. 911 S5's reliability and extremely low prices quickly made it one of the most popular services among denizens of the cybercrime underground, and the service became almost shorthand for connecting to that "last mile" of cybercrime. Namely, the ability to route one's malicious traffic through a computer that is geographically close to the consumer whose stolen credit card is about to be used, or whose bank account is about to be emptied. In July 2022, KrebsOnSecurity published a deep dive into 911 S5, which found the people operating this business had a history of encouraging the installation of their proxy malware by any means available. That included paying affiliates to distribute their proxy software by secretly bundling it with other software. That story named Yunhe Wang from Beijing as the apparent owner or manager of the 911 S5 proxy service. In today's Treasury action, Mr. Wang was named as the primary administrator of the botnet that powered 911 S5. Update, May 29, 12:26 p.m. ET: The U.S. Department of Justice (DOJ) just announced they have arrested Wang in connection with the 911 S5 botnet. The DOJ says 911 S5 customers have stolen billions of dollars from financial institutions, credit card issuers, and federal lending programs. [...] The third man sanctioned is Yanni Zheng, a Chinese national the U.S. Treasury says acted as an attorney for Wang and his firm -- Spicy Code Company Limited -- and helped to launder proceeds from the business into real estate holdings. Spicy Code Company was also sanctioned, as well as Wang-controlled properties Tulip Biz Pattaya Group Company Limited, and Lily Suites Company Limited. "911 S5 customers allegedly targeted certain pandemic relief programs," a DOJ statement on the arrest reads. "For example, the United States estimates that 560,000 fraudulent unemployment insurance claims originated from compromised IP addresses, resulting in a confirmed fraudulent loss exceeding $5.9 billion. Additionally, in evaluating suspected fraud loss to the Economic Injury Disaster Loan (EIDL) program, the United States estimates that more than 47,000 EIDL applications originated from IP addresses compromised by 911 S5. Millions of dollars more were similarly identified by financial institutions in the United States as loss originating from IP addresses compromised by 911 S5." "Jingping Liu assisted Yunhe Wang by laundering criminally derived proceeds through bank accounts held in her name that were then utilized to purchase luxury real estate properties for Yunhe Wang," the document continues. "These individuals leveraged their malicious botnet technology to compromise personal devices, enabling cybercriminals to fraudulently secure economic assistance intended for those in need and to terrorize our citizens with bomb threats."Read more of this story at Slashdot.

American Lidar, a company registered in Michigan in December, is a subsidiary of China-based lidar maker Hesai Group, which the U.S. has labeled a security concern, WSJ reported Wednesday, citing policymakers and national-security experts. Chinese firms facing regulatory or reputational problems are rebranding and creating U.S.-domiciled businesses to sell their wares as the Biden administration expands the government entity lists that restrict Chinese companies' business dealings in the U.S., the report said. These moves, while legal, irritate regulators who can't enforce laws when it isn't clear who is behind a company. Hesai became a target in the U.S.-China tech-trade war after allegations that its laser sensors could be used to collect sensitive American data, and was added to the Defense Department list that designates companies as Chinese military entities operating in the U.S. BGI Genomics and DJI are also facing similar challenges and are attempting to rebrand or license their technology to American startups to avoid sanctions.Read more of this story at Slashdot.

An anonymous reader shares a report: Google is killing off a messaging service! This one is the odd "Google Business Messaging" service -- basically an instant messaging client that is built into Google Maps. If you looked up a participating business in Google Maps or Google Search on a phone, the main row of buttons in the place card would read something like "Call," "Chat," "Directions," and "Website." That "Chat" button is the service we're talking about. It would launch a full messaging interface inside the Google Maps app, and businesses were expected to use it for customer service purposes. Google's deeply dysfunctional messaging strategy might lead people to joke about a theoretical "Google Maps Messaging" service, but it already exists and has existed for years, and now it's being shut down.Read more of this story at Slashdot.

An anonymous reader shares a report: At a two-hour drive from Riyadh, Saudi Arabia's capital, rows of solar panels extend to the horizon like waves on an ocean. Despite having almost limitless reserves of oil, the kingdom is embracing solar and wind power, partly in an effort to retain a leading position in the energy industry, which is vitally important to the country but fast changing. Looking out over 3.3 million panels, covering 14 square miles of desert, Faisal Al Omari, chief executive of a recently completed solar project called Sudair, said he would tell his children and grandchildren about contributing to Saudi Arabia's energy transition. Although petroleum production retains a crucial role in the Saudi economy, the kingdom is putting its chips on other forms of energy. Sudair, which can light up 185,000 homes, is the first of what could be many giant projects intended to raise output from renewable energy sources like solar and wind to around 50 percent by 2030. Currently, renewable energy accounts for a negligible amount of Saudi electricity generation. Analysts say achieving that hugely ambitious goal is unlikely. "If they get 30 percent, I would be happy because that would be a good signal," said Karim Elgendy, a climate analyst at the Middle East Institute, a research organization in Washington. Still, the kingdom is planning to build solar farms at a rapid pace. "The volumes you see here, you don't see anywhere else, only in China," said Marco Arcelli, chief executive of Acwa Power, Sudair's Saudi developer and a growing force in the international electricity and water industries. The Saudis not only have the money to expand rapidly, but are free of the long permit processes that inhibit such projects in the West. "They have a lot of investment capital, and they can move quickly and pull the trigger on project development," said Ben Cahill, a senior fellow at the Center for Strategic and International Studies, a research institution in Washington. Even Saudi Aramco, the crown jewel of the Saudi economy and the producer of nearly all its oil, sees a shifting energy landscape. To gain a foothold in solar, Aramco has taken a 30 percent stake in Sudair, which cost $920 million, the first step in a planned 40-gigawatt solar portfolio -- more than Britain's average power demand -- intended to meet the bulk of the government's ambitions for renewable energy. The company plans to set up a large business of storing greenhouse gases underground.Read more of this story at Slashdot.

Apple is seeking a senior engineer to help build a television and sports app for Android, a sign the company is finally bringing its TV+ service to the rival smartphone platform. From a report: In a job listing published in recent days, Apple said it's looking for someone to lead the development of "fun new features" and "help build an application used by millions to watch and discover TV and sports." The move suggests that the company is looking to gain market share in video streaming -- and is setting aside its rivalry with Android in order to chase additional users. It's rare for Apple to develop software for Google's Android, which competes with its iOS platform. The TV+ service, launched in 2019, is Apple's answer to Netflix or Disney+, and the company has spent heavily on feeding it with original content.Read more of this story at Slashdot.

House Republicans this week accused officials at the National Institutes of Health of orchestrating "a conspiracy at the highest levels" of the agency to hide public records related to the origins of the Covid pandemic. And the lawmakers promised to expand an investigation that has turned up emails in which senior health officials talked openly about trying to evade federal records laws. From a report: The latest accusations -- coming days before a House panel publicly questions Dr. Anthony S. Fauci, a former top N.I.H. official -- represent one front of an intensifying push by lawmakers to link American research groups and the country's premier medical research agency with the beginnings of the Covid pandemic. That push has so far yielded no evidence that American scientists or health officials had anything to do with the coronavirus outbreak. But the House panel, the Select Subcommittee on the Coronavirus Pandemic, has released a series of private emails that suggest at least some N.I.H. officials deleted messages and tried to skirt public records laws in the face of scrutiny over the pandemic. Even those N.I.H. officials whose job it was to produce records under the Freedom of Information Act may have helped their colleagues avoid their obligations under that law, several emails suggest. The law, known as FOIA, gives people the right to obtain copies of federal records.Read more of this story at Slashdot.

Mistral, the French AI startup backed by Microsoft and valued at $6 billion, has released its first generative AI model for coding, dubbed Codestral. From a report: Codestral, like other code-generating models, is designed to help developers write and interact with code. It was trained on over 80 programming languages, including Python, Java, C++ and JavaScript, explains Mistral in a blog post. Codestral can complete coding functions, write tests and "fill in" partial code, as well as answer questions about a codebase in English. Mistral describes the model as "open," but that's up for debate. The startup's license prohibits the use of Codestral and its outputs for any commercial activities. There's a carve-out for "development," but even that has caveats: the license goes on to explicitly ban "any internal usage by employees in the context of the company's business activities." The reason could be that Codestral was trained partly on copyrighted content. Codestral might not be worth the trouble, in any case. At 22 billion parameters, the model requires a beefy PC in order to run.Read more of this story at Slashdot.

Data centers could use up to 9% of total electricity generated in the United States by the end of the decade, more than doubling their current consumption, as technology companies pour funds into expanding their computing hubs, the Electric Power Research Institute said on Wednesday. From a report: Depending on the adoption pace of technology such as generative artificial intelligence, which is fueling the expansion of data centers, and the energy efficiency of new centers, the estimated annual growth rate of electricity use by the industry ranges from 3.7% to 15% through 2030, the institute's analysis said. The institute is a U.S.-based research organization funded by energy and government organizations. Data centers, along with expanding domestic manufacturing and electrification of transportation, are lifting the U.S. electricity industry out of two decades of flat growth. The centers require massive amounts of power for high-intensity computing and cooling systems, with a new large data center requiring the same amount of electricity needed to power 750,000 homes, according to numerous energy company earnings calls this year.Read more of this story at Slashdot.

IP core designer Arm announced its next-generation CPU and GPU designs for flagship smartphones: the Cortex-X925 CPU and Immortalis G925 GPU. Both are direct successors to the Cortex-X4 and Immortalis G720 that currently power MediaTek's Dimensity 9300 chip inside flagship smartphones like the Vivo X100 and X100 Pro and Oppo Find X7. From a report: Arm changed the naming convention for its Cortex-X CPU design to highlight what it says is a much faster CPU design. It claims the X925's single-core performance is 36 percent faster than the X4 (when measured in Geekbench). Arm says it increased the AI workload performance by 41 percent, time to token, with up to 3MB of private L2 cache. The Cortex-X925 brings a new generation of Cortex-A microarchitectures ("little" cores) with it, too: the Cortex-A725, which Arm says has 35 percent better performance efficiency than last-gen's A720 and a 15 percent more power-efficient Cortex-A520. Arm's new Immortalis G925 GPU is its "most performant and efficient GPU" to date, it says. It's 37 percent faster on graphics applications compared to the last-gen G720, with improved ray-tracing performance with intricate objects by 52 percent and improved AI and ML workloads by 34 percent -- all while using 30 percent less power. For the first time, Arm will offer "optimized layouts" of its new CPU and GPU designs that it says will be easier for device makers to "drop" or implement into their own system on chip (SoC) layouts. Arm says this new physical implementation solution will help other companies get their devices to market faster, which, if true, means we could see more devices with Arm Cortex-X925 and / or Immortalis G925 than the few that shipped with its last-gen ones.Read more of this story at Slashdot.

Colorado Governor Jared Polis has signed the "Consumer Right to Repair Digital Electronic Equipment" bill into law. The legislation grants consumers the right to repair their own electronic devices, including cell phones, gaming systems, computers, and televisions. According to Polis, the bill will provide Coloradans with the necessary information to repair their own equipment or choose their preferred repair provider, potentially leading to lower prices and faster repairs through increased competition. State Senator Jeff Bridges, the bill's prime sponsor, called for the federal government and other states to follow Colorado's lead, claiming that this bill is the strongest repair legislation in the country. Bridges emphasized that the law addresses issues such as "parts pairing" and repair restrictions that have prevented owners from fixing their devices in the past. The bill expands on Colorado's previous right-to-repair law for agricultural equipment, which Polis cited as a successful precedent for this new legislation.Read more of this story at Slashdot.

Helen Toner, a former OpenAI board member, said that the board didn't know about the company's 2022 launch of its chatbot ChatGPT until afterward -- and only found out about it on Twitter. From a report: In a podcast, Toner gave her fullest account to date of the events that prompted her and other board members to fire Sam Altman in November of last year. In the days that followed Chief Executive Officer Sam Altman's sudden ouster, employees threatened to quit, Altman was reinstated, and Toner and other directors left the board. "When ChatGPT came out in November 2022, the board was not informed in advance about that," Toner said on the podcast. "We learned about ChatGPT on Twitter." In a statement provided to the TED podcast, OpenAI's current board chief, Bret Taylor said, "We are disappointed that Ms. Toner continues to revisit these issues." He also said that an independent review of Altman's firing "concluded that the prior board's decision was not based on concerns regarding product safety or security, the pace of development, OpenAI's finances, or its statements to investors, customers, or business partners." [...] In the podcast, Toner also said that Altman didn't disclose his involvement with OpenAI's startup fund. And she criticized his leadership on safety. "On multiple occasions, he gave us inaccurate information about the formal safety processes that the company did have in place," she said,"meaning that it was basically impossible for the board to know how well those safety processes were working or what might need to change."Read more of this story at Slashdot.

Former FTX executive Ryan Salame has been sentenced to more than seven years in prison, "the first of the lieutenants of failed cryptocurrency mogul Sam Bankman-Fried to receive jail time for their roles in the 2022 collapse of the cryptocurrency exchange," reports the Associated Press. From the report: Salame, 30, was a high-ranking executive at FTX for most of the exchange's existence and, up until its collapse, was the co-CEO of FTX Digital Markets. He pleaded guilty last year to illegally making unlawful U.S. campaign contributions and to operating an unlicensed money-transmitting business. The sentence of 7 1/2 years in prison, plus three years of supervised release, was more than the five to seven years prosecutors had asked Judge Lewis A. Kaplan to impose on Salame in their pre-sentencing memo. While Salame was a high-level executive at FTX, he was not a major part of the government's case against Bankman-Fried at his trial earlier this year and did not testify against him. In a bid for leniency, Salame said during the sentencing hearing that he cooperated and even provided documents that aided prosecutors in their cross examination of Bankman-Fried, as well as in his own prosecution. Along with helping Bankman-Fried hide the holes in FTX's balance sheet that ultimately led to the exchange's failure, Salame was used as a conduit for Bankman-Fried to make illegal campaign contributions to help shape U.S. policy on cryptocurrencies. On the surface, Bankman-Fried mostly gave political contributions to Democrats and liberal-leaning causes, while Salame gave contributions to Republicans and right-leaning causes. But ultimately the funds that Salame used for those contributions came from Bankman-Fried. The judge also chastised Salame for pulling $5 million in cryptocurrencies out of FTX as the exchange was failing. "You tried to withdraw tens of millions more," Kaplan said. "It was me first. I'm getting in the lifeboat first. To heck with all those customers."Read more of this story at Slashdot.

A new tool called Lifeseeker could help search and rescue teams find missing people in minutes using their cellphones. The technology acts as a miniature cellphone tower, allowing rescuers to pinpoint cellphone locations within a 3-mile radius, significantly improving the efficiency and success rate of search missions in challenging terrains. The Colorado Sun reports: "As we detect the phone, basically a blotch shows up on the map and as we fly around that area, that blotch gets smaller and smaller and smaller until we can see exactly where they are," said Dr. Tim Durkin, a search and rescue program coordinator for Colorado Highland Helicopters. "That process of detecting, focusing on one specific location takes about a minute -- not really very long at all." Depending on the situation, search and rescue teams can then send in ground crews with the person's location or land the helicopter if there's a clearing nearby and conditions allow for a safe landing, Durkin said. During a test mission in La Plata Canyon northwest of Durango, search crews found the two people they were looking for within two minutes and 14 seconds, Durkin said. The technology, called Lifeseeker, was developed by Spain-based company CENTUM research & technology and is in the process of being approved by the Federal Communications Commission before it can be sold to the state or counties hoping to use it for their SAR efforts, he said. [...] The radio-based technology needs a clear view of the terrain without interference to pick up the signal of the cellphone. If the conditions and terrain are favorable, it can detect a cellphone up to nearly 20 miles away. It takes about three minutes to attach the Lifeseeker unit inside a helicopter when needed for a search and rescue mission, Durkin said. SAR can also use the tool to send text messages to the missing person, for example, advising them to stay in one area if they are hurt or move to a clearing for a helicopter to pick them up. The tool also has a broadcast function that allows SAR to send out a message to a group of people within a certain range, similar to an Amber Alert for a missing child, to warn them of a wildfire or flood, Durkin said.Read more of this story at Slashdot.

An anonymous reader quotes a report from the BBC: A sophisticated joint European-Japanese satellite has launched to measure how clouds influence the climate. Some low-level clouds are known to cool the planet, others at high altitude will act as a blanket. The Earthcare mission will use a laser and a radar to probe the atmosphere to see precisely where the balance lies. It's one of the great uncertainties in the computer models used to forecast how the climate will respond to increasing levels of greenhouse gases. "Many of our models suggest cloud cover will go down in the future and that means that clouds will reflect less sunlight back to space, more will be absorbed at the surface and that will act as an amplifier to the warming we would get from carbon dioxide," Dr Robin Hogan, from the European Centre for Medium-Range Weather Forecasts, told BBC News. The 2.3-tonne satellite was sent up from California on a SpaceX rocket. The project is led by the European Space Agency (ESA), which has described it as the organization's most complex Earth observation venture to date. Certainly, the technical challenge in getting the instruments to work as intended has been immense. It's taken fully 20 years to go from mission approval to launch. Earthcare will circle the Earth at a height of about 400km (250 miles). It's actually got four instruments in total that will work in unison to get at the information sought by climate scientists. The simplest is an imager -- a camera that will take pictures of the scene passing below the spacecraft to give context to the measurements made by the other three instruments.Earthcare's European ultraviolet laser will see the thin, high clouds and the tops of clouds lower down. It will also detect the small particles and droplets (aerosols) in the atmosphere that influence the formation and behavior of clouds. The Japanese radar will look into the clouds, to determine how much water they are carrying and how that's precipitating as rain, hail and snow. And a radiometer will sense how much of the energy falling on to Earth from the Sun is being reflected or radiated back into space.Read more of this story at Slashdot.

An anonymous reader quotes a report from the New York Times: The defense lawyer minced no words as he addressed a room full of plastic-industry executives. Prepare for a wave of lawsuits with potentially "astronomical" costs. Speaking at a conference earlier this year, the lawyer, Brian Gross, said the coming litigation could "dwarf anything related to asbestos," one of the most sprawling corporate-liability battles in United States history. Mr. Gross was referring to PFAS, the "forever chemicals" that have emerged as one of the major pollution issues of our time. Used for decades in countless everyday objects -- cosmetics, takeout containers, frying pans -- PFAS have been linked to serious health risks including cancer. Last month the federal government said several types of PFAS must be removed from the drinking water of hundreds of millions of Americans. "Do what you can, while you can, before you get sued," Mr. Gross said at the February session, according to a recording of the event made by a participant and examined by The New York Times. "Review any marketing materials or other communications that you've had with your customers, with your suppliers, see whether there's anything in those documents that's problematic to your defense," he said. "Weed out people and find the right witness to represent your company." A wide swath of the chemicals, plastics and related industries are gearing up to fight a surge in litigation related to PFAS, or per- and polyfluoroalkyl substances, a class of nearly 15,000 versatile synthetic chemicals linked to serious health problems. [...] PFAS-related lawsuits have already targeted manufacturers in the United States, including DuPont, its spinoff Chemours, and 3M. Last year, 3M agreed to pay at least $10 billion to water utilities across the United States that had sought compensation for cleanup costs. Thirty state attorneys general have also sued PFAS manufacturers, accusing the manufacturers of widespread contamination. But experts say the legal battle is just beginning. Under increasing scrutiny are a wider universe of companies that use PFAS in their products. This month, plaintiffs filed a class-action lawsuit against Bic, accusing the razor company for failing to disclose that some of its razors contained PFAS. Bic said it doesn't comment on pending litigation, and said it had a longstanding commitment to safety. The Biden administration has moved to regulate the chemicals, for the first time requiring municipal water systems to remove six types of PFAS. Last month, the Environmental Protection Agency also designated two of those PFAS chemicals as hazardous substances under the Superfund law, shifting responsibility for their cleanup at contaminated sites from taxpayers to polluters. Both rules are expected to prompt a new round of litigation from water utilities, local communities and others suing for cleanup costs. "To say that the floodgates are opening is an understatement," said Emily M. Lamond, an attorney who focuses on environmental litigation at the law firm Cole Schotz. "Take tobacco, asbestos, MTBE, combine them, and I think we're still going to see more PFAS-related litigation," she said, referring to methyl tert-butyl ether, a former harmful gasoline additive that contaminated drinking water. Together, the trio led to claims totaling hundreds of billions of dollars. Unlike tobacco, used by only a subset of the public, "pretty much every one of us in the United States is walking around with PFAS in our bodies," said Erik Olson, senior strategic director for environmental health at the Natural Resources Defense Council. "And we're being exposed without our knowledge or consent, often by industries that knew how dangerous the chemicals were, and failed to disclose that," he said. "That's a formula for really significant liability."Read more of this story at Slashdot.

Danny Goodwin reports via Search Engine Land: A trove of leaked Google documents has given us an unprecedented look inside Google Search and revealed some of the most important elements Google uses to rank content. Thousands of documents, which appear to come from Google's internal Content API Warehouse, were released March 13 on Github by an automated bot called yoshi-code-bot. These documents were shared with Rand Fishkin, SparkToro co-founder, earlier this month. What's inside. Here's what we know about the internal documents, thanks to Fishkin and [Michael King, iPullRank CEO]: Current: The documentation indicates this information is accurate as of March.Ranking features: 2,596 modules are represented in the API documentation with 14,014 attributes.Weighting: The documents did not specify how any of the ranking features are weighted -- just that they exist.Twiddlers: These are re-ranking functions that "can adjust the information retrieval score of a document or change the ranking of a document," according to King.Demotions: Content can be demoted for a variety of reasons, such as: a link doesn't match the target site; SERP signals indicate user dissatisfaction; Product reviews; Location; Exact match domains; and/or Porn. Change history: Google apparently keeps a copy of every version of every page it has ever indexed. Meaning, Google can "remember" every change ever made to a page. However, Google only uses the last 20 changes of a URL when analyzing links. Other interesting findings. According to Google's internal documents: Freshness matters -- Google looks at dates in the byline (bylineDate), URL (syntacticDate) and on-page content (semanticDate).To determine whether a document is or isn't a core topic of the website, Google vectorizes pages and sites, then compares the page embeddings (siteRadius) to the site embeddings (siteFocusScore).Google stores domain registration information (RegistrationInfo).Page titles still matter. Google has a feature called titlematchScore that is believed to measure how well a page title matches a query.Google measures the average weighted font size of terms in documents (avgTermWeight) and anchor text. What does it all mean? According to King: "[Y]ou need to drive more successful clicks using a broader set of queries and earn more link diversity if you want to continue to rank. Conceptually, it makes sense because a very strong piece of content will do that. A focus on driving more qualified traffic to a better user experience will send signals to Google that your page deserves to rank." [...] Fishkin added: "If there was one universal piece of advice I had for marketers seeking to broadly improve their organic search rankings and traffic, it would be: 'Build a notable, popular, well-recognized brand in your space, outside of Google search.'"Read more of this story at Slashdot.

Google is introducing the Gemini AI chatbot to Chromebook Plus models, enhancing features like text rewriting, image editing, and hands-free control. Here are a few of the top new features coming to ChromeOS, as summarized by Wired: The first notable feature is Help Me Write, which works in any text box. Select text in any text box and right-click -- you'll see a box next to the standard right-click context menu. You can ask Google's AI to rewrite the selected text, rephrase it in a specific way, or change the tone. I tried to use it on a few sentences in this story but did not like any of the suggestions it gave me, so your mileage may vary. Or maybe I'm a better writer than Google's AI. Who knows? Google's bringing the same generative AI wallpaper system you'll find in Android to ChromeOS. You can access this feature in ChromeOS's wallpaper settings and generate images based on specific parameters. Weirdly, you can create these when you're in a video-calling app too. You'll see a menu option next to the system tray whenever the microphone and video camera are being accessed -- tap on it and click "Create with AI" and you can generate an image for your video call's background. I'm not sure why I'd want a background of a "surreal bicycle made of flowers in pink and purple," but there you go. AI! Here's something a little more useful: Magic Editor in Google Photos. Yep, the same feature that debuted in Google's Pixel 8 smartphones is now available on Chromebook Plus laptops. In the Google Photos app, you can press Edit on a photo and you'll see the option for Magic Editor. (You'll need to download more editing tools to get started.) This feature lets you erase unwanted objects in your photos, move a subject to another area of the frame, and fill in the backgrounds of photos. I successfully erased a paint can in the background of a photo of my dog, and it worked pretty quickly. Then there's Gemini. It's available as a stand-alone app, and you can ask it to do pretty much anything. Write a cover letter, break down complex topics, ask for travel tips for a specific country. Just, you know, double-check the results and make sure there aren't any hallucinations. If you want to tap into Google's Gemini Advanced model, the company says it is offering 12 months free for new Chromebook Plus owners through the end of the year, so you have some time to redeem that offer. This is technically an upgrade from Google One, and it nets you Gemini for Workspace, 2 terabytes of storage, and a few other perks. New features coming to all Chromebooks include easy setup with Android phones via QR code for sharing Wi-Fi credentials, integration of Google Tasks into the system tray, a Game Dashboard for mapping controls and recording gameplay as GIFs, and a built-in screen recorder tool. Upcoming enhancements also include Hands-Free Control using face gestures, the Help Me Read feature with Gemini for summarizing websites and PDFs, and an Overview screen to manage open browser windows, tabs, and apps. You can check if your Chromebook is compatible with the Chromebook Plus OS update here.Read more of this story at Slashdot.

The term "auth" is ambiguous, often meaning either authentication (authn) or authorization (authz), which leads to confusion and poor system design. Instead, Nicole Tietz-Sokolskaya, a software engineer at AI market research platform Remesh, argues that the industry adopt the terms "login" for authentication and "permissions" for authorization, as these are clearer and help maintain distinct, appropriate abstractions for each concept. From their blog post: We should always use the most clear terms we have. Sometimes there's not a great option, but here, we have wonderfully clear terms. Those are "login" for authentication and "permissions" for authorization. Both are terms that will make sense with little explanation (in contrast to "authn" and "authz", which are confusing on first encounter) since almost everyone has logged into a system and has run into permissions issues. There are two ways to use "login" here: the noun and the verb form. The noun form is "login", which refers to the information you enter to gain access to the system. And the verb form is "log in", which refers to the action of entering your login to use the system. "Permissions" is just the noun form. To use a verb, you would use "check permissions." While this is long, it's also just... fine? It hasn't been an issue in my experience. Both of these are abundantly clear even to our peers in disciplines outside software engineering. This to me makes it worth using them from a clarity perspective alone. But then we have the big benefit to abstractions, as well. When we call both by the same word, there's often an urge to combine them into a single module just by dint of the terminology. This isn't necessarily wrong -- there is certainly some merit to put them together, since permissions typically require a login. But it's not necessary, either, and our designs will be stronger if we don't make that assumption and instead make a reasoned choice.Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: Some of the most infamous so-called shadow libraries have increasingly faced legal pressure to either stop pirating books or risk being shut down or driven to the dark web. Among the biggest targets are Z-Library, which the US Department of Justice has charged with criminal copyright infringement, and Library Genesis (Libgen), which was sued by textbook publishers last fall for allegedly distributing digital copies of copyrighted works "on a massive scale in willful violation" of copyright laws. But now these shadow libraries and others accused of spurning copyrights have seemingly found an unlikely defender in Nvidia, the AI chipmaker among those profiting most from the recent AI boom. Nvidia seemed to defend the shadow libraries as a valid source of information online when responding to a lawsuit from book authors over the list of data repositories that were scraped to create the Books3 dataset used to train Nvidia's AI platform NeMo. That list includes some of the most "notorious" shadow libraries -- Bibliotik, Z-Library (Z-Lib), Libgen, Sci-Hub, and Anna's Archive, authors argued. However, Nvidia hopes to invalidate authors' copyright claims partly by denying that any of these controversial websites should even be considered shadow libraries. "Nvidia denies the characterization of the listed data repositories as 'shadow libraries' and denies that hosting data in or distributing data from the data repositories necessarily violates the US Copyright Act," Nvidia's court filing said. The chipmaker did not go into further detail to define what counts as a shadow library or what potentially absolves these controversial sites from key copyright concerns raised by various ongoing lawsuits. Instead, Nvidia kept its response brief while also curtly disputing authors' petition for class-action status and defending its AI training methods as fair use. "Nvidia denies that it has improperly used or copied the alleged works," the court filing said, arguing that "training is a highly transformative process that may include adjusting numerical parameters including 'weights,' and that outputs of an LLM may be based, at least in part, on such 'weights.'" "Nvidia's argument likely depends on the court agreeing that AI models ingesting published works in order to transform those works into weights governing AI outputs is fair use," notes Ars. "However, authors have argued that 'these weights are entirely and uniquely derived from the protected expression in the training dataset' that has been copied without getting authors' consent or providing authors with compensation." "Authors suing Nvidia have taken the next step, linking the chipmaker to shadow libraries by arguing that 'these shadow libraries have long been of interest to the AI-training community because they host and distribute vast quantities of unlicensed copyrighted material. For that reason, these shadow libraries also violate the US Copyright Act.'"Read more of this story at Slashdot.

The Internet Archive is "currently in its third day of warding off an intermittent DDoS cyber-attack," writes Chris Freeland, Director of Library Services at Internet Archive, in a blog post. While library staff stress that the archives are safe, access to its services are affected, including the Wayback Machine. From the post: Since the attacks began on Sunday, the DDoS intrusion has been launching tens of thousands of fake information requests per second. The source of the attack is unknown. "Thankfully the collections are safe, but we are sorry that the denial-of-service attack has knocked us offline intermittently during these last three days," explained Brewster Kahle, founder and digital librarian of the Internet Archive. "With the support from others and the hard work of staff we are hardening our defenses to provide more reliable access to our library. What is new is this attack has been sustained, impactful, targeted, adaptive, and importantly, mean." Cyber-attacks are increasingly frequent against libraries and other knowledge institutions, with the British Library, the Solano County Public Library (California), the Berlin Natural History Museum, and Ontario's London Public Library all being recent victims. In addition to a wave of recent cyber-attacks, the Internet Archive is also being sued by the US book publishing and US recording industries associations, which are claiming copyright infringement and demanding combined damages of hundreds of millions of dollars and diminished services from all libraries. "If our patrons around the globe think this latest situation is upsetting, then they should be very worried about what the publishing and recording industries have in mind," added Kahle. "I think they are trying to destroy this library entirely and hobble all libraries everywhere. But just as we're resisting the DDoS attack, we appreciate all the support in pushing back on this unjust litigation against our library and others."Read more of this story at Slashdot.

Jan Leike, one of OpenAI's "superalignment" leaders, who resigned last week due to AI safety concerns, has joined Anthropic to continue the mission. According to Leike, the new team "will work on scalable oversight, weak-to-strong generalization, and automated alignment research." TechCrunch reports: A source familiar with the matter tells TechCrunch that Leike will report directly to Jared Kaplan, Anthropic's chief science officer, and that Anthropic researchers currently working on scalable oversight -- techniques to control large-scale AI's behavior in predictable and desirable ways -- will move to report to Leike as Leike's team spins up. In many ways, Leike's team sounds similar in mission to OpenAI's recently-dissolved Superalignment team. The Superalignment team, which Leike co-led, had the ambitious goal of solving the core technical challenges of controlling superintelligent AI in the next four years, but often found itself hamstrung by OpenAI's leadership. Anthropic has often attempted to position itself as more safety-focused than OpenAI.Read more of this story at Slashdot.

An anonymous reader quotes a report from Wired: Two years ago when "Michael," an owner of cryptocurrency, contacted Joe Grand to help recover access to about $2 million worth of bitcoin he stored in encrypted format on his computer, Grand turned him down. Michael, who is based in Europe and asked to remain anonymous, stored the cryptocurrency in a password-protected digital wallet. He generated a password using the RoboForm password manager and stored that password in a file encrypted with a tool called TrueCrypt. At some point, that file got corrupted and Michael lost access to the 20-character password he had generated to secure his 43.6 BTC (worth a total of about [...] $5,300, in 2013). Michael used the RoboForm password manager to generate the password but did not store it in his manager. He worried that someone would hack his computer and obtain the password. "At [that] time, I was really paranoid with my security," he laughs. Grand is a famed hardware hacker who in 2022 helped another crypto wallet owner recover access to $2 million in cryptocurrencyhe thought he'd lost forever after forgetting the PIN to his Trezor wallet. Since then, dozens of people have contacted Grand to help them recover their treasure. But Grand, known by the hacker handle "Kingpin," turns down most of them, for various reasons. Grand is an electrical engineer who began hacking computing hardware at age 10 and in 2008 cohosted the Discovery Channel's Prototype This show. He now consults with companies that build complex digital systems to help them understand how hardware hackers like him might subvert their systems. He cracked the Trezor wallet in 2022 using complex hardware techniques that forced the USB-style wallet to reveal its password. But Michael stored his cryptocurrency in a software-based wallet, which meant none of Grand's hardware skills were relevant this time. [...] Michael contacted multiple people who specialize in cracking cryptography; they all told him "there's no chance" of retrieving his money. But last June he approached Grand again, hoping to convince him to help, and this time Grand agreed to give it a try, working with a friend named Bruno in Germany who also hacks digital wallets. Grand and Bruno spent months reverse engineering the version of the RoboForm program that they thought Michael had used in 2013 and found that the pseudo-random number generator used to generate passwords in that version -- and subsequent versions until 2015 -- did indeed have a significant flaw that made the random number generator not so random. The RoboForm program unwisely tied the random passwords it generated to the date and time on the user's computer -- it determined the computer's date and time, and then generated passwords that were predictable. If you knew the date and time and other parameters, you could compute any password that would have been generated on a certain date and time in the past. [...] There was one problem: Michael couldn't remember when he created the password. According to the log on his software wallet, Michael moved bitcoin into his wallet for the first time on April 14, 2013. But he couldn't remember if he generated the password the same day or some time before or after this. So, looking at the parameters of other passwords he generated using RoboForm, Grand and Bruno configured RoboForm to generate 20-character passwords with upper- and lower-case letters, numbers, and eight special characters from March 1 to April 20, 2013. It failed to generate the right password. [...] Instead, they revealed that they had finally found the correct password -- no special characters. It was generated on May 15, 2013, at 4:10:40 pm GMT.Read more of this story at Slashdot.

BrianFagioli writes: Canonical has officially released the optimized Ubuntu 24.04 image for the Milk-V Mars, a credit-card-sized RISC-V single board computer (SBC) developed by Shenzhen MilkV Technology Co., Ltd. The Milk-V Mars is the world's first high-performance RISC-V SBC of its size. Powered by the StarFive JH7110 quad-core processor, the board is equipped with up to 8GB of LPDDR4 memory and supports various modern interfaces, including USB 3.0, HDMI 2.0 for 4K output, and Ethernet with PoE capabilities. It also offers comprehensive expansion options with M.2 E-Key and extensive MIPI CSI channels, making it an ideal choice for developers and tech enthusiasts.Read more of this story at Slashdot.

Russia may charge domestic companies to use foreign software, the TASS news agency quoted Digital Development Minister Maksut Shadaev as saying on Tuesday, as Moscow seeks to cut dependency on foreign technology and bolster its own. From a report: President Vladimir Putin has made achieving technological independence a key goal, as Western sanctions over the war in Ukraine seek to hamstring Moscow's ability to acquire technology and equipment from abroad that could help it on the battlefield. As part of that push, Putin signed a decree in early May which stated that at least 80% of Russian companies in key economic sectors should transition to using Russian-made software by 2030. Many Russian companies still use foreign software in their daily operations, although an EU sanctions package passed last December prohibits companies from supplying enterprise and design-related software to Russia. Shadaev said that introducing a levy on Russian firms would "equalise" foreign and Russian software.Read more of this story at Slashdot.

Tokyo Electric Power Company Holdings (TEPCO) showcased a remote-controlled robot on Tuesday that will retrieve small pieces of melted fuel debris from the damaged Fukushima Daiichi nuclear power plant later this year. The robot, developed by Mitsubishi Heavy Industries, features an extendable pipe and tongs capable of picking up granule-sized debris. TEPCO plans to remove less than 3 grams of debris during the test at the No. 2 reactor, marking the first such operation since the 2011 meltdown caused by a magnitude 9.0 earthquake and tsunami. The removal of the estimated 880 tons of highly radioactive melted fuel from the three damaged reactors is crucial for the plant's decommissioning, which critics say may take longer than the government's 30-40 year target.Read more of this story at Slashdot.

Fintech firm Klarna, one of the early adopters of generative AI said on Tuesday it is using AI for purposes such as running marketing campaigns and generating images, saving about $10 million in costs annually. From a report: The company has cut its sales and marketing budget by 11% in the first quarter, with AI responsible for 37% of the cost savings, while increasing the number of campaigns, the company said. Using GenAI tools like Midjourney, DALL-E, and Firefly for image generation, Klarna said it has reduced image production costs by $6 million.Read more of this story at Slashdot.

An anonymous reader shares a report: Commercial dot-matrix printing was yet another arena in which the needs of Chinese character I/O were not accounted for. This is witnessed most clearly in the then-dominant configuration of printer heads -- specifically the 9-pin printer heads found in mass-manufactured dot-matrix printers during the 1970s. Using nine pins, these early dot-matrix printers were able to produce low-resolution Latin alphabet bitmaps with just one pass of the printer head. The choice of nine pins, in other words, was "tuned" to the needs of Latin alphabetic script. These same printer heads were incapable of printing low-resolution Chinese character bitmaps using anything less than two full passes of the printer head, one below the other. Two-pass printing dramatically increased the time needed to print Chinese as compared to English, however, and introduced graphical inaccuracies, whether due to inconsistencies in the advancement of the platen or uneven ink registration (that is, characters with differing ink densities on their upper and lower halves). Compounding these problems, Chinese characters printed in this way were twice the height of English words. This created comically distorted printouts in which English words appeared austere and economical, while Chinese characters appeared grotesquely oversized. Not only did this waste paper, but it left Chinese-language documents looking something like large-print children's books. When consumers in the Chinese-Japanese-Korean (CJK) world began to import Western-manufactured dot-matrix printers, then, they faced yet another facet of Latin alphabetic bias.Read more of this story at Slashdot.

The WeWork founder Adam Neumann has shelved his bid to acquire the bankrupt shared office space provider. From a report: It emerged earlier this year that Neumann, who was ousted from the business in 2019 following a botched attempt to take it public on the stock market, was seeking to buy the business. His new real estate venture, Flow Global, submitted a bid of more than $500m to take over WeWork and its assets. On Tuesday morning, however, Neumann confirmed that Flow was walking away from his dream to take back control of the firm. "For several months, we tried to work constructively with WeWork to create a strategy that would allow it to thrive," he told DealBook. "Instead, the company looks to be emerging from bankruptcy with a plan that appears unrealistic and unlikely to succeed." WeWork, with over $13bn in long-term leases, filed for Chapter 11 bankruptcy protection last November in order to renegotiate these agreements. At its peak, the company had been valued at $47bn as investors including the Japanese multinational SoftBank lined up to back it. As it prepared to go public in 2019, however, analysts gave it a far lower valuation. After it eventually went public, in 2021, its market valuation tumbled to less than $50m.Read more of this story at Slashdot.

An anonymous reader shares a report: Just before Microsoft closed its acquisition of Activision Blizzard, it said that it would take some time to bring the publisher's titles to Game Pass. We've only seen one such addition so far in the form of Diablo IV, but the company has announced another, somewhat notable one. Call of Duty: Black Ops 6 will be available on Game Pass on its release day later this year. Microsoft is banking on the debut of a new Call of Duty title on its subscription service leading to a significant bump in the number of Game Pass members. It's a bit of a gamble, as for nearly every year in recent memory, the latest Call of Duty release has been the best-selling game. Microsoft is likely to see lower direct sales of Black Ops 6 on Xbox and PC, though it will still generate revenue from Game Pass and the PlayStation version (and perhaps even a Nintendo Switch release), as well as through microtransactions.Read more of this story at Slashdot.

The Biden administration on Tuesday laid out for the first time [PDF] a set of broad government guidelines around the use of carbon offsets in an attempt to shore up confidence in a method for tackling global warming that has faced growing criticism. From a report: Companies and individuals spent $1.7 billion last year voluntarily buying carbon offsets, which are intended to cancel out the climate effects of activities like air travel by funding projects elsewhere, such as the planting of trees, that remove carbon dioxide from the atmosphere, but that wouldn't have happened without the extra money. Yet a growing number of studies and reports have found that many carbon offsets simply don't work. Some offsets help fund wind or solar projects that likely would have been built anyway. And it's often extremely difficult to measure the effectiveness of offsets intended to protect forests. As a result, some scientists and researchers have argued that carbon offsets are irredeemably flawed and should be abandoned altogether. Instead, they say, companies should just focus on directly cutting their own emissions. The Biden administration is now weighing in on this debate, saying that offsets can sometimes be an important tool for helping businesses and others reduce their emissions, as long as there are guardrails in place. The new federal guidelines are an attempt to define "high-integrity" offsets as those that deliver real and quantifiable emissions reductions that wouldn't have otherwise taken place. [...] The new federal guidelines also urge businesses to focus first on reducing emissions within their own supply chains as much as possible before buying carbon offsets. Some companies have complained that it is too difficult to control their sprawling network of outside suppliers and that they should be allowed to use carbon offsets to tackle pollution associated with, for instance, the cement or steel they use.Read more of this story at Slashdot.

Sales of SUVs hit a new record in 2023, making up half of all new cars sold globally, data has revealed. Experts warned that the rising sales of the large, heavy vehicles is pushing up the carbon emissions that drive global heating. From a report: The analysis, by the International Energy Agency, found that the rising emissions from SUVs in 2023 made up 20% of the global increase in CO2, making the vehicles a major cause of the intensifying climate crisis. If SUVs were a country, the IEA said, they would be the world's fifth-largest emitter of CO2, ahead of the national emissions of both Japan and Germany. Climate-fuelled extreme weather is increasing, with urgent cuts in emissions needed. But emissions from the global transport sector have risen fast in recent years, outside of the Covid pandemic. SUV sales rose 15% in 2023, compared with a 3% rise for conventional cars. There were more than 360m SUVs on the roads worldwide in 2023, producing 1bn tonnes of CO2 emissions, up about 10% on 2022. As a result, global oil consumption rose by 600,000 barrels a day, more than a quarter of total growth in oil demand, the IEA said. SUVs weigh 200-300kg more than an average medium-sized car and emit about 20% more CO2. In rich countries, almost 20m new SUVs were sold in 2023, surpassing a market share of 50% for the first time. Globally, 48% of new cars were SUVs and, including older cars, one in four cars on the road today are SUVs, according to the IEA.Read more of this story at Slashdot.

The US stock market is finally as fast as it was about a hundred years ago. Bloomberg News: That was the last time share trades in New York settled in a single day, as they will from Tuesday under new Securities and Exchange Commission rules. The change, halving the time it takes to complete every transaction, also occurred in jurisdictions including Canada and Mexico on Monday. The switch to the system known as T+1 -- abandoned in the earlier era as volumes became unwieldy -- is ultimately intended to reduce risk in the financial system. Yet there are worries about potential teething issues, including that international investors may struggle to source dollars on time, global funds will move at different speeds to their assets, and everyone will have less time to fix errors. The hope is that everything will run smoothly, but even the SEC said last week the transition may lead to a "short-term uptick in settlement fails and challenges to a small segment of market participants." The finance world's main industry group, the Securities Industry and Financial Markets Association, has instigated what it calls the T+1 Command Center to identify problems and coordinate a response. Firms across the spectrum have been preparing for months, relocating staff, adjusting shifts and overhauling workflows, and many say they're confident in their own readiness. The worry is whether every other counterparty and intermediary is similarly organized.Read more of this story at Slashdot.

PayPal hopes to boost its growth by starting an ad network [non-paywalled link] juiced with something it already owns: data on its millions of users. From a report: The digital payments company plans to build an ad sales business around the reams of data it generates from tracking the purchases as well as the broader spending behaviors of millions of consumers who use its services, which include the more socially-enabled Venmo app. PayPal has hired Mark Grether, who formerly led Uber's advertising business, to lead the effort as senior vice president and general manager of its newly-created PayPal Ads division. In his new role, he will be responsible for developing new ad formats, overseeing sales and hiring staff to fill out the division, he said. PayPal in January introduced Advanced Offers, its first ad product, which uses AI and the company's data to help merchants target PayPal users with discounts and other personalized promotions. Advanced Offers only charges advertisers when consumers make a purchase. Online marketplaces eBay and Zazzle have begun testing it, according to a PayPal spokesman. But PayPal now aims to sell ads not only to its own customers, but to so-called non-endemic advertisers, or those that don't sell products or services through PayPal. Those companies might use PayPal data to target consumers with ads that could be displayed elsewhere, for instance, on other websites or connected TV sets.Read more of this story at Slashdot.

T-Mobile said Tuesday that it plans to acquire most of U.S. Cellular, including stores, some of the wireless operator's spectrum and its customers, in a deal worth $4.4 billion. The deal includes cash and up to $2 billion of debt. From a report: T-Mobile said it will use U.S. Cellular wireless spectrum to improve coverage in rural areas while offering better connectivity to U.S. Cellular customers around the United States. The company said it will allow U.S. Cellular customers to keep their current plans or switch to a T-Mobile plan. U.S. Cellular will retain some of its wireless spectrum and towers and will lease space on at least 2,100 additional towers to T-Mobile. The companies expect the deal to close in mid-2025.Read more of this story at Slashdot.

OpenAI said on Tuesday that it has begun training a new flagship AI model that would succeed the GPT-4 technology that drives its popular online chatbot, ChatGPT. From a report: The San Francisco start-up, which is one of the world's leading A.I. companies, said in a blog post that it expects the new model to bring "the next level of capabilities" as it strives to build "artificial general intelligence," or A.G.I., a machine that can do anything the human brain can do. The new model would be an engine for A.I. products including chatbots, digital assistants akin to Apple's Siri, search engines and image generators. OpenAI also said it was creating a new Safety and Security Committee to explore how it should handle the risks posed by the new model and future technologies. "While we are proud to build and release models that are industry-leading on both capabilities and safety, we welcome a robust debate at this important moment," the company said. OpenAI is aiming to move A.I. technology forward faster than its rivals, while also appeasing critics who say the technology is becoming increasingly dangerous, helping to spread disinformation, replace jobs and even threaten humanity. Experts disagree on when tech companies will reach artificial general intelligence, but companies including OpenAI, Google, Meta and Microsoft have steadily increased the power of A.I. technologies for more than a decade, demonstrating a noticeable leap roughly every two to three years.Read more of this story at Slashdot.

YouTube's latest move against ad blockers involves skipping videos straight to the end or muting audio for users with ad blockers enabled, according to user reports. This follows previous tests by the Google-owned platform, including blocking playback after three videos and slowing down load times for ad-blocker users.Read more of this story at Slashdot.

A hacker group called RansomHub said it was behind the cyberattack that hit the Christie's website just days before its marquee spring sales began, forcing the auction house to resort to alternatives to online bidding. From a report: In a post on the dark web on Monday, the group claimed that it had gained access to sensitive information about the world's wealthiest art collectors, posting only a few examples of names and birthdays. It was not immediately possible to verify RansomHub's claims, but several cybersecurity experts said they were a known ransomware operation and that the claim was plausible. Nor was it clear if the hackers had gained access to more sensitive information, including financial data and client addresses. The group said it would release the data, posting a countdown timer that would reach zero by the end of May. At Christie's, a spokesman said in a statement, "Our investigations determined there was unauthorized access by a third party to parts of Christie's network." The spokesman, Edward Lewine, said that the investigations "also determined that the group behind the incident took some limited amount of personal data relating to some of our clients." He added, "There is no evidence that any financial or transactional records were compromised." Hackers said that Christie's failed to pay a ransom when one was demanded.Read more of this story at Slashdot.

An anonymous reader shares a report: Similar to the GCC compiler dropping support for the Xeon Phi Knights Mill and Knights Landing accelerators a few days ago, Intel has also gone ahead and seen to the removal of Xeon Phi support for the LLVM/Clang 19 compiler. Since earlier this year in LLVM/Clang 18 the Xeon Phi Knights Mill and Knights Landing support was treated as deprecated. Now for the LLVM 19 release due out around September, the support is removed entirely. This aligns with GCC 14 having deprecated Xeon Phi support too and now in GCC 15 Git having the code removed.Read more of this story at Slashdot.

Witnessing the blood-red fires of a volcanic eruption on Earth is memorable. But to see molten rock bleed out of a volcano on a different planet would be extraordinary. That is close to what scientists have spotted on Venus: two vast, sinuous lava flows oozing from two different corners of Earth's planetary neighbor. From a report: "After you see something like this, the first reaction is 'wow,'" said Davide Sulcanese, a doctoral student at the Universita d'Annunzio in Pescara, Italy, and an author of a study reporting the discovery in the journal Nature Astronomy, published on Monday. Earth and Venus were forged at the same time. Both are made of the same primeval matter, and both are the same age and size. So why is Earth a paradise overflowing with water and life, while Venus is a scorched hellscape with acidic skies? Volcanic eruptions tinker with planetary atmospheres. One theory holds that, eons ago, several apocalyptic eruptions set off a runaway greenhouse effect on Venus, turning it from a temperate, waterlogged world into an arid desert of burned glass. To better understand its volcanism, scientists hoped to catch a Venusian eruption in the act. But although the planet is known to be smothered in volcanoes, an opaque atmosphere has prevented anyone from seeing an eruption the way spacecraft have spotted them on Io, the hypervolcanic moon of Jupiter. In the 1990s, NASA's spacecraft Magellan used cloud-penetrating radar to survey most of the planet. But back then, the relatively low-resolution images made spotting fresh molten rock a troublesome task.Read more of this story at Slashdot.

Retailers are being urged to stop making everyday products such as drinks bottles, outdoor furniture and toys out of brightly coloured plastic after researchers found it degrades into microplastics faster than plainer colours. From a report: Red, blue and green plastic became "very brittle and fragmented," while black, white and silver samples were "largely unaffected" over a three-year period, according to the findings of the University of Leicester-led project. The scale of environmental pollution caused by plastic waste means that microplastics, or tiny plastic particles, are everywhere. Indeed, they were recently found in human testicles, with scientists suggesting a possible link to declining sperm counts in men. In this case, scientists from the UK and the University of Cape Town in South Africa used complementary studies to show that plastics of the same composition degrade at different rates depending on the colour. The UK researchers put bottle lids of various colours on the roof of a university building to be exposed to the sun and the elements for three years. The South African study used plastic items found on a remote beach. "It's amazing that samples left to weather on a rooftop in Leicester and those collected on a windswept beach at the southern tip of the African continent show similar results," said Dr Sarah Key, who led the project. "What the experiments showed is that even in a relatively cool and cloudy environment for only three years, huge differences can be seen in the formation of microplastics." This field study, published in the journal Environmental Pollution, is the first such proof of this effect. It suggests that retailers and manufacturers should give more consideration to the colour of short-lived plastics.Read more of this story at Slashdot.