Slashdot

An anonymous reader quotes a report from Ars Technica: Hackers delivered malware to Windows and Mac users by compromising their Internet service provider and then tampering with software updates delivered over unsecure connections, researchers said. The attack, researchers from security firm Volexity said, worked by hacking routers or similar types of device infrastructure of an unnamed ISP. The attackers then used their control of the devices to poison domain name system responses for legitimate hostnames providing updates for at least six different apps written for Windows or macOS. The apps affected were the 5KPlayer, Quick Heal, Rainmeter, Partition Wizard, and those from Corel and Sogou. Because the update mechanisms didn't use TLS or cryptographic signatures to authenticate the connections or downloaded software, the threat actors were able to use their control of the ISP infrastructure to successfully perform machine-in-the-middle (MitM) attacks that directed targeted users to hostile servers rather than the ones operated by the affected software makers. These redirections worked even when users employed non-encrypted public DNS services such as Google's 8.8.8.8 or Cloudflare's 1.1.1.1 rather than the authoritative DNS server provided by the ISP. "That is the fun/scary part -- this was not the hack of the ISPs DNS servers," Volexity CEO Steven Adair wrote in an online interview. "This was a compromise of network infrastructure for Internet traffic. The DNS queries, for example, would go to Google's DNS servers destined for 8.8.8.8. The traffic was being intercepted to respond to the DNS queries with the IP address of the attacker's servers." In other words, the DNS responses returned by any DNS server would be changed once it reached the infrastructure of the hacked ISP. The only way an end user could have thwarted the attack was to use DNS over HTTPS or DNS over TLS to ensure lookup results haven't been tampered with or to avoid all use of apps that deliver unsigned updates over unencrypted connections. As an example, the 5KPlayer app uses an unsecure HTTP connection rather than an encrypted HTTPS one to check if an update is available and, if so, to download a configuration file named Youtube.config. StormBamboo, the name used in the industry to track the hacking group responsible, used DNS poisoning to deliver a malicious version of the Youtube.config file from a malicious server. This file, in turn, downloaded a next-stage payload that was disguised as a PNG image. In fact, it was an executable file that installed malware tracked under the names MACMA for macOS devices or POCOSTICK for Windows devices. As for the hacked ISP, the security firm said "it's not a huge one or one you'd likely know." "In our case the incident is contained but we see other servers that are actively serving malicious updates but we do not know where they are being served from. We suspect there are other active attacks around the world we do not have purview into. This could be from an ISP compromise or a localized compromise to an organization such as on their firewall."Read more of this story at Slashdot.

OpenAI co-founder John Schulman announced Monday that he is leaving to join rival AI startup Anthropic. CNBC reports: The move comes less than three months after OpenAI disbanded a superalignment team that focused on trying to ensure that people can control AI systems that exceed human capability at many tasks. Schulman had been a co-leader of OpenAI's post-training team that refined AI models for the ChatGPT chatbot and a programming interface for third-party developers, according to a biography on his website. In June, OpenAI said Schulman, as head of alignment science, would join a safety and security committee that would provide advice to the board. Schulman has only worked at OpenAI since receiving a Ph.D. in computer science in 2016 from the University of California, Berkeley. "This choice stems from my desire to deepen my focus on AI alignment, and to start a new chapter of my career where I can return to hands-on technical work," Schulman wrote in the social media post. He said he wasn't leaving because of a lack of support for new work on the topic at OpenAI. "On the contrary, company leaders have been very committed to investing in this area," he said. The leaders of the superalignment team, Jan Leike and company co-founder Ilya Sutskever, both left this year. Leike joined Anthropic, while Sutskever said he was helping to start a new company, Safe Superintelligence Inc. "Very excited to be working together again!" Leike wrote in reply to Schulman's message.Read more of this story at Slashdot.

Scientists studying lunar samples brought back by the Apollo missions have determined that the moon's thin atmosphere is produced largely by meteorite impacts. "Our findings provide a clearer picture of how the moon's surface and atmosphere interact over long timescales, [and] enhance our understanding of space weathering processes," said Dr Nicole Nie, the co-author of the new study based at MIT's department of Earth, atmospheric, and planetary sciences. The Guardian reports: Writing in the journal Science Advances, Nie and her colleagues describe how the lunar atmosphere must be constantly replenished because its atoms are continuously being lost to space, primarily because of the moon's weak gravity, or trapped on the lunar surface. Ultraviolet photons from the sun can rerelease the latter, but the researchers say replenishment of the atmosphere is thought to rely on atoms being released from within lunar minerals -- either via vaporisation by meteorite impacts, or by solar wind sputtering, a process in which charged particles from the sun hit the moon and eject atoms. But which of the two factors dominates had been unclear, with data from Nasa's lunar atmosphere and dust environment explorer, launched in 2013, suggesting both were at play. Nie and colleagues unpicked the conundrum by studying the different forms, or isotopes, of potassium and rubidium in 10 samples of lunar soil from the Apollo missions. The team say meteorite impacts and solar wind sputtering both favor the release of lighter forms of the elements, but that the actual proportion of heavy to light isotopes that end up in the lunar atmosphere and soil would differ depending on the process. "After measuring the isotopic compositions of lunar soils, we built a mathematical model taking into account various space weathering processes, and solve for the contribution of each of them by matching the measured isotopic compositions," said Nie. The results suggest about 70% of the moon's atmosphere is down to impact vaporization and 30% to solar wind sputtering.Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: Distracted driving isn't only a result of drivers using their phones when they should be paying attention. But it is a significant cause of the problem, accounting for at least 13 percent of distracted driving deaths and rising to 1 in 5 for young drivers. Now, a study conducted with customers of the Progressive insurance company has tested different strategies to get those drivers to put their phones down in the car, and it found two that significantly reduced handheld use, with the effect persisting after the end of the study. The study recruited 1,653 customers already enrolled in its Progressive Snapshot program, which involves the use of a smartphone app that detects phone use while driving. Before the start of the trial, the participants all averaged more than 6.4 minutes per hour of handheld use while driving -- Progressive says its safest customers have handheld usage of less than 1 minute per hour while driving. [...] Paying drivers on top of competitive gamification was the most effective way to get them to put down their phones. This group reduced its handheld usage by 27.6 percent, or 89 seconds/hour, compared to the control. That reduction was maintained at the same level throughout the post-intervention period for this arm.Read more of this story at Slashdot.

In a note to clients, seen by Slashdot, brokerage house Jefferies writes: Netflix's last price hike on the standard plan was in Jan 2022, its ad- supported plan remains the cheapest (among major players) in the industry, and its move into live sports increases pricing power - for these 3 reasons we suspect a price hike in Q4 or December of this year could be coming on the standard plan. As stated in the Q4 2023 letter (following the announcement of WWE Raw coming in 2025): "As we invest in and improve Netflix, we'll occasionally ask our members to pay a little extra to reflect those improvements, which in turn helps drive the positive flywheel of additional investment." We believe Netflix has been positioning itself throughout this year for a year-end price hike. December / 2025 will have major content releases supporting a pricing increase including the Christmas NFL game, Squid Game 2 on Dec. 26th (season 1 - the #1 watched NFLX show of all time), WWE Raw starting Jan 2025, and Stranger Things 5 coming in 2025 (season 3 / 4 in top 10 of all-time).Read more of this story at Slashdot.

iPhone and Apple Watch users in California will soon be able to add their digital ID and driver's license to the Wallet app, as revealed by new landing pages on the state DMV website. This feature follows a slow rollout since its announcement, with only five states currently supporting it. MacRumors reports: "Now you can add your California driver's license or state ID to Apple Wallet on iPhone and Apple Watch so you can present it easily and securely in person and in app," reads the landing page, which contains broken links and placeholder images, and is still missing a proper website security certificate. The webpages were discovered on Sunday by Jimmy Obomsawin, after someone added a link to the landing pages in an Apple Wallet Wikipedia entry last Wednesday.Read more of this story at Slashdot.

With Windows 10's end-of-life update coming next October, it appears that users are finally making the jump to its successor. As spotted by Neowin, Windows 11 crossed the 30% market share mark for the first time since its release. From the report: According to Statcounter's latest findings, last month, Windows 11 reached a new all-time high of 30.83%, gaining 1.08 points in just one month or 7.17 points year-over-year (it was at 23.66% in July 2023). Just as Windows 11 climbs, Windows 10 loses its market share. It is now below 65%, or 64.99%, to be precise, or -1.06 points in one month. Year-over-year change is 11.15 points (it was at 71.14% in July 2023).[...] Other Windows versions, which are now long unsupported, still have a fair share of customers who refuse to jump-ship. Windows 7, for one, is the third most popular Windows with a 3.04% market share (+0.08 points). Windows 8.1 is fourth with 0.42% (+0.02 points), and Windows XP is fifth with 0.38% (-0.01 points).Read more of this story at Slashdot.

Silicon Valley's fascination with AI has led to parents enrolling children as young as five in AI-focused summer camps. "It's common for kids on summer break to attend space, science or soccer camp, or even go to coding school," writes Priya Anand via the San Francisco Standard. "But the growing effort to teach kindergarteners who can barely spell their names lessons in 'Advanced AI Robot Design & AR Coding' shows how far the frenzy has extended." From the report: Parents who previously would opt for coding camps are increasingly interested in AI-specific programming, according to Eliza Du, CEO of Integem, which makes holographic augmented reality technology in addition to managing dozens of tech-focused kids camps across the country. "The tech industry understands the value of AI," she said. "Every year it's increasing." Some Bay Area parents are so eager to get their kids in on AI's ground floor that they try to sneak toddlers into advanced courses. "Sometimes they'll bring a 4-year-old, and I'm like, you're not supposed to be here," Du said. Du said Integem studied Common Core education standards to ensure its programming was suitable for those as young as 5. She tries to make sure parents understand there's only so much kids can learn across a week or two of camp. "Either they set expectations too high or too low," Du said of the parents. As an example, she recounted a confounding comment in a feedback survey from the parent of a 5-year-old. "After one week, the parent said, "My child did not learn much. My cousin is a Google engineer, and he said he's not ready to be an intern at Google yet.' What do I say to that review?" Du said, bemused. "That expectation is not realistic." Even less tech-savvy parents are getting in on the hype. Du tells of a mom who called the company to get her 12-year-old enrolled in "AL" summer camp. "She misread it," Du said, explaining that the parent had confused the "I" in AI with a lowercase "L."Read more of this story at Slashdot.

An anonymous reader quotes a report from TechCrunch: On July 19, Yelp informed select indie developers that they would have to switch to paid accounts, due to high API usage. Developers were given four days to make the change, in a move that echoes recent communication bungles by Reddit and Twitter. When the developers replied to the July 19 email, Yelp sent a deck of pricing tiers with base pricing starting from $229 per month for a limit of 1,000 API calls per day. Developers were concerned that other, more affordable options weren't mentioned in the deck. Yelp said the pricing is equivalent and simply presented in different ways. The method of communication and lack of transparency has angered developers, some of whom shuttered their services, even after Yelp gave them a 90-day leeway and apologized. While the company has issued an apology email to developers and extended their free usage by 90 days, it may not be enough to keep these frustrated developers from moving to new platforms. "We apologize for last week's abbreviated transition that impacted a small percentage of developers and have extended access to these users," a company spokesperson told TechCrunch. "Yelp sunsetted free, commercial, unlimited use of the Yelp Fusion API in 2019 and has been in the process of migrating developers to a paid program over the last several years. The developer community is important to Yelp, and we've heard their feedback about the transition period from the free Yelp Fusion API to our paid program."Read more of this story at Slashdot.

Members of the Screen Actors Guild (SAG-AFTRA) are striking against the video game industry due to failed negotiations over AI-related worker protections. "The guild began striking on Friday, July 26th, preventing over 160,000 SAG-AFTRA members from taking new video game projects and impeding games already in development from the biggest publishers to the smallest indie studios," notes The Verge. From the report: Negotiations broke down due to disagreements over worker protections around AI. The actors union, SAG-AFTRA, negotiates the terms of the interactive media agreement, or IMA, with a bargaining committee of video game publishers, including Activision, Take-Two, Insomniac Games, WB Games, and others that represent a total of 30 signatory companies. Though SAG-AFTRA and the video game bargaining group were able to agree on a number of proposals, AI remained the final stumbling block resulting in the strike. SAG-AFTRA's provisions on AI govern both voice and movement performers with respect to digital replicas -- or using an existing performance as the foundation to create new ones without the original performer -- and the use of generative AI to create performances without any initial input. However, according to SAG-AFTRA, the bargaining companies disagreed about which type of performer should be eligible for AI protections. SAG-AFTRA chief contracts officer Ray Rodriguez said that the bargaining companies initially wanted to offer protections to voice, not motion performers. "So anybody doing a stunt or creature performance, all those folks would have been left unprotected under the employers' offer," Rodriguez said in an interview with Aftermath. Rodriguez said that the companies later extended protections to motion performers, but only if "the performer is identifiable in the output of the AI digital replica." SAG-AFTRA rejected this proposal as it would potentially exclude a majority of movement performances. "Their proposal would carve out anything that doesn't look and sound identical to me," said Andi Norris, a member of SAG-AFTRA's IMA negotiating committee, during a press conference. "[The proposal] would leave movement specialists, including stunts, entirely out in the cold, to be replaced ... by soulless synthetic performers trained on our actual performances." The bargaining game companies argued that the terms went far enough and would require actors' approval. "Our offer is directly responsive to SAG-AFTRA's concerns and extends meaningful AI protections that include requiring consent and fair compensation to all performers working under the IMA. These terms are among the strongest in the entertainment industry," wrote Audrey Cooling, a representative working on behalf of the video game companies on the bargaining committee in a statement to The Verge.Read more of this story at Slashdot.

Apple has introduced a new feature for Safari that allows users to block distracting elements on web pages, such as sign-in popups, some autoplay videos and even ads (temporarily). The feature is called "Distraction Control" and is rolling out today in iOS 18 beta 5. 9to5Mac reports: Distraction Control is accessible via the same Page Menu interface in Safari as Reader and Viewer. Here, users will find a new "Hide Distracting Items" option to enable Distraction Control. Users will then be prompted to select different elements on a webpage that they feel are distracting. Users will have to manually choose each item on a webpage that they wish to hide. Distraction Control will persist through page refreshes and reloads, assuming that the hidden item does not change. Apple says that nothing is proactively hidden with this feature; only items that a user manually selects are hidden. Apple also emphasizes that this feature is not meant to serve as an ad blocker. While a user can technically use Distraction Control to hide an ad on a website temporarily, that ad will re-appear when the page is refreshed or otherwise reloaded. In fact, the first time a user activates Distraction Control, Safari will display a pop-up that emphasizes the feature will not permanently remove ads or other areas of a website that frequently change. If a user chooses to hide something like a GDPR banner or a cookies request pop-up, Distraction Control behaves in the same way as if the user manually clicked to dismiss that pop-up. This means Distraction Control will serve as neither an "Accept" nor "Decline" for that cookies request. Finally, if a user wishes to unhide an item, they can click back into the Page Menu interface in Safari and choose "Show Hidden Items."Read more of this story at Slashdot.

An anonymous reader quotes a report from Reuters: Indonesia said it has banned the privacy-oriented search engine DuckDuckGo, citing concerns that it could be used to access pornography and online gambling websites which are illegal in the country, the communications ministry said on Friday. Indonesia, with the world's biggest Muslim population, has strict rules that ban the sharing online of content deemed obscene. Social media platform Reddit and video-hosting platform Vimeo are blocked. Usman Kansong, a communications ministry official, told Reuters that DuckDuckGo had been blocked "because of the many complaints made to us about the rampant online gambling and pornography content in its search results." The ministry did not say how DuckDuckGo differs from other search engines such as Alphabet's Google but on its website, DuckDuckGo said it offered several products intended to "help people protect their online privacy" including the search engine, which it said has been praised by privacy advocates.Read more of this story at Slashdot.

Google's payments to make its search engine the default on smartphone web browsers violates US antitrust law, a federal judge ruled Monday, handing a key victory to the Justice Department. From a report: Judge Amit Mehta in Washington said that the Alphabet unit's $26 billion in payments effectively blocked any other competitor from succeeding in the market. Antitrust enforcers alleged that Google has illegally maintained a monopoly over online search and related advertising. The government said that Google has paid Apple, Samsung and others billions over decades for prime placement on smartphones and web browsers. This default position has allowed Google to build up the most-used search engine in the world, and fueled more than $300 billion in annual revenue largely generated by search ads.Read more of this story at Slashdot.

snydeq writes: CSO Online's Evan Schuman reports on a design flaw in Microsoft Authenticator that causes it to often overwrite authentication accounts when a user adds a new one via QR scan. "But because of the way the resulting lockout happens, the user is not likely to realize the issue resides with Microsoft Authenticator. Instead, the company issuing the authentication is considered the culprit, resulting in wasted corporate helpdesk hours trying to fix an issue not of that company's making." Schuman writes: "The core of the problem? Microsoft Authenticator will overwrite an account with the same username. Given the prominent use of email addresses for usernames, most users' apps share the same username. Google Authenticator and just about every other authenticator app add the name of the issuer -- such as a bank or a car company -- to avoid this issue. Microsoft only uses the username." The flaw appears to have been in place since Authenticator was released in 2016. Users have complained about this issue in the past to no avail. In its two correspondences with Schuman, Microsoft first laid blame on users, then on issuers. Several IT experts confirmed the flaw, with one saying, "It's possible that this problem occurs more often than anyone realizes because [users] don't realize what the cause is. If you haven't picked an authentication app, why would you pick Microsoft?"Read more of this story at Slashdot.

Illinois Governor J.B. Pritzker has signed a bill into law that will significantly curb the penalties companies could face for improperly collecting and using fingerprints and other biometric data from workers and consumers. From a report: The bill passed by the legislature in May and signed by Pritzker, a Democrat, on Friday amends the state's Biometric Information Privacy Act (BIPA) so that companies can be held liable only for a single violation per person, rather than for each time biometric data is allegedly misused. The amendments will dramatically limit companies' exposure in BIPA cases and could discourage plaintiffs' lawyers from filing many lawsuits in the first place, management-side lawyers said. "By limiting statutory damages to a single recovery per individual ... companies in most instances will no longer face the prospect of potentially annihilative damages awards that greatly outpace any privacy harms," David Oberly, of counsel at Baker Donelson in Washington, D.C., said before the bill was signed. BIPA, a 2008 law, requires companies to obtain permission before collecting fingerprints, retinal scans and other biometric information from workers and consumers. The law imposes penalties of $1,000 per violation and $5,000 for reckless or intentional violations.Read more of this story at Slashdot.

Reeling from security and optics issues, Microsoft appears to be trying to correct its story. An anonymous reader shares a report: Microsoft made it clear earlier this year that it was planning to make security its top priority, following years of security issues and mounting criticisms. Starting today, the software giant is now tying its security efforts to employee performance reviews. Kathleen Hogan, Microsoft's chief people officer, has outlined what the company expects of employees in an internal memo obtained by The Verge. "Everyone at Microsoft will have security as a Core Priority," says Hogan. "When faced with a tradeoff, the answer is clear and simple: security above all else." A lack of security focus for Microsoft employees could impact promotions, merit-based salary increases, and bonuses. "Delivering impact for the Security Core Priority will be a key input for managers in determining impact and recommending rewards," Microsoft is telling employees in an internal Microsoft FAQ on its new policy. Microsoft has now placed security as one of its key priorities alongside diversity and inclusion. Both are now required to be part of performance conversations -- internally called a "Connect" -- for every employee, alongside priorities that are agreed upon between employees and their managers.Read more of this story at Slashdot.

Nvidia scraped videos from YouTube, Netflix and other online platforms to compile training data for its AI products, 404 Media reported Monday, citing internal documents. The tech giant used this content to develop various AI projects, including its Omniverse 3D world generator and self-driving car systems, the report said. Some employees expressed concerns about potential legal issues surrounding the use of such content, the report said, adding that the management assured them of executive-level approval. Nvidia defended its actions, asserting they were "in full compliance with the letter and the spirit of copyright law" and emphasizing that copyright protects specific expressions rather than facts or ideas.Read more of this story at Slashdot.

Elon Musk has reignited his legal battle against OpenAI, the creators of ChatGPT, by filing a new lawsuit in a California federal court. The suit, which revives a six-year-old dispute, accuses OpenAI founders Sam Altman and Greg Brockman of breaching the company's founding principles by prioritizing commercial interests over public benefit. Musk's complaint alleges that OpenAI's multibillion-dollar partnership with Microsoft contradicts the original mission to develop AI responsibly for humanity's benefit. The lawsuit describes the alleged betrayal in dramatic terms, claiming "perfidy and deceit... of Shakespearean proportions." OpenAI has not yet commented on the new filing. In response to Musk's previous lawsuit, which was withdrawn seven weeks ago, the company stated its commitment to building safe artificial general intelligence for the benefit of humanity.Read more of this story at Slashdot.

CrowdStrike says that it isn't to blame for Delta Air Lines' dayslong meltdown following the tech outage caused by the cybersecurity company, and that it isn't responsible for all of the money that the carrier says it lost. From a report: In a letter responding to the airline's recent public comments and hiring of a prominent lawyer, CrowdStrike said Delta's threats of a lawsuit have contributed to a "misleading narrative" that the cybersecurity company was responsible for the airline's tech decisions and response to the outage. "Should Delta pursue this path, Delta will have to explain to the public, its shareholders, and ultimately a jury why CrowdStrike took responsibility for its actions -- swiftly, transparently, and constructively -- while Delta did not," wrote Michael Carlinsky, an attorney at law firm Quinn Emanuel Urquhart & Sullivan. The letter to Delta's legal team Sunday evening is the latest move in a growing conflict between the cybersecurity firm and the airline, which was thrown into several days of disarray following the outage. Delta Chief Executive Ed Bastian said in an interview on CNBC last week that the outage cost the airline about $500 million, including lost revenue and compensation costs. The airline has alerted CrowdStrike and Microsoft that it is planning to pursue legal claims to recover its losses, and has hired litigation firm Boies Schiller Flexner to assist, according to a memo Bastian sent to Delta employees last week. CrowdStrike said Sunday that its liability is contractually capped at an amount in the "single-digit millions."Read more of this story at Slashdot.

Charles Schwab and other retail brokerage users reported outages as a global stocks selloff surged when trading in the US market opened on Monday. From a report: More than 14,000 users reported an outage at Schwab at 9:50 a.m. in New York, according to the website Downdetector. The outage comes at a time when global financial markets are experiencing a significant downturn as a widespread sell-off intensified following Friday's disappointing US employment data, which heightened concerns about a potential recession in the world's largest economy. The turbulence was particularly pronounced in Asian markets, with Japanese stocks leading the decline, while cryptocurrencies, oil prices, and European equities also suffered losses. The volatility spread to the US, where stocks plummeted at the opening bell, and the yield curve briefly inverted as investors increased their bets on imminent Federal Reserve interest rate cuts.Read more of this story at Slashdot.

OpenAI has developed a sophisticated anticheating tool for detecting AI-generated content, particularly essays and research papers, but has refrained from releasing it due to internal debates and ethical considerations, according to WSJ. This tool, which has been ready for deployment for approximately a year, utilizes a watermarking technique that subtly alters token selection in ChatGPT's output, creating an imperceptible pattern detectable only by OpenAI's technology. While boasting a 99.9% effectiveness rate for substantial AI-generated text, concerns persist regarding potential workarounds and the challenge of determining appropriate access to the detection tool, as well as its potential impact on non-native English speakers and the broader AI ecosystem.Read more of this story at Slashdot.

A CNN reporter spent more than two hours waiting for EV chargers - thanks to "ill-mannered charger hogs who don't respect EV etiquette."[T]o protect batteries from damage, charging speeds slow way down once batteries get beyond 80% full. In fact, it can take as long, or even longer, to go from 80% charged to completely full than to reach 80%. Meanwhile, lines of electric vehicles wait behind almost-full cars. I was waiting behind people with batteries that were 92%, 94% and even 97% full, as I could see on the charger screens. Still, they stayed there. I made my own situation worse by giving up on one location and going to another with more chargers, but there were even more EVs waiting there. Given that a lack of public charging is turning many consumers off to EVs, according to multiple surveys, this is a major issue. Both Electrify America and EVgo said they are rapidly expanding their networks to, as EVgo's Rafalson put it, "skate ahead of the puck," trying to make sure there are enough chargers to meet future demand... "I think what you're seeing is demand for public fast charging is really skyrocketing," said Sara Rafalson, executive vice president for policy at EV charging company EVgo, "and I would say we've been really at an inflection point in the last year, year and a half, with demand...." Electrify America, one of America's biggest charging companies, is experimenting with a solution to the problem of charger hogs who can make it slow and unpleasant to travel in an EV. At 10 of the busiest EV fast charging stations in California, Electrify America has enacted a strict limit. Once a car's batteries are 85% charged, charging will automatically stop and the driver will be told to unplug and leave or face additional 40-cent-per-minute "idle time" fees for taking the space. It's similar to something Tesla vehicles do automatically. When a Tesla car, truck or SUV plugs into a particularly heavily-used Supercharger station, the vehicle itself may automatically limit charging to just 80% "to reduce congestion," according to Tesla's on-line Supercharger Support web page. In that case, though, the user can still override the limit using the vehicle's touchscreen. There will be no getting around Electrify America's limit. Electrify America's president points out an EV driver could need a full charge (if they're travelling somewhere with fewer charges) - or if they're driving an EV with a relatively short range. So the article notse that some EV charging companies "have experimented with plans that charge different amounts of money at different times to give drivers incentives to fill their batteries at less busy hours... "For the time being, let's just hope that EV drivers who don't really need to fill all the way up will learn to be more considerate."Read more of this story at Slashdot.

This week America's Securities and Exchange Commission filed fraud charges against the former CEO of the startup social media site "IRL" The BBC reports:IRL - which was once considered a potential rival to Facebook - took its name from its intention to get its online users to meet up in real life. However, the initial optimism evaporated after it emerged most of IRL's users were bots, with the platform shutting in 2023... The SEC says it believes [CEO Abraham] Shafi raised about $170m by portraying IRL as the new success story in the social media world. It alleges he told investors that IRL had attracted the vast majority its supposed 12 million users through organic growth. In reality, it argues, IRL was spending millions of dollars on advertisements which offered incentives to prospective users to download the IRL app. That expenditure, it is alleged, was subsequently hidden in the company's books. IRL received multiple rounds of venture capital financing, eventually reaching "unicorn status" with a $1.17 billion valuation, according to TechCrunch. But it shut down in 2023 "after an internal investigation by the company's board found that 95% of the app's users were 'automated or from bots'." TechCrunch notes it's the second time in the same week - and at least the fourth time in the past several months - that the SEC has charged a venture-backed founder on allegations of fraud...Earlier this week, the SEC charged BitClout founder Nader Al-Naji with fraud and unregistered offering of securities, claiming he used his pseudonymous online identity "DiamondHands" to avoid regulatory scrutiny while he raised over $257 million in cryptocurrency. BitClout, a buzzy crypto startup, was backed by high-profile VCs such as a16z, Sequoia, Chamath Palihapitiya's Social Capital, Coinbase Ventures and Winklevoss Capital. In June, the SEC charged Ilit Raz, CEO and founder of the now-shuttered AI recruitment startup Joonko, with defrauding investors of at least $21 million. The agency alleged Raz made false and misleading statements about the quantity and quality of Joonko's customers, the number of candidates on its platform and the startup's revenue. The agency has also gone after venture firms in recent months. In May, the SEC charged Robert Scott Murray and his firm Trillium Capital LLC with a fraudulent scheme to manipulate the stock price of Getty Images Holdings Inc. by announcing a phony offer by Trillium to purchase Getty Images.Read more of this story at Slashdot.

America's Defense Department has launched a project "that aims to develop machine-learning tools that can automate the conversion of legacy C code into Rust," reports the Register - with an online event already scheduled later this month for those planning to submit proposals: The reason to do so is memory safety. Memory safety bugs, such buffer overflows, account for the majority of major vulnerabilities in large codebases. And DARPA's hope [that's the Defense Department's R&D agency] is that AI models can help with the programming language translation, in order to make software more secure. "You can go to any of the LLM websites, start chatting with one of the AI chatbots, and all you need to say is 'here's some C code, please translate it to safe idiomatic Rust code,' cut, paste, and something comes out, and it's often very good, but not always," said Dan Wallach, DARPA program manager for TRACTOR, in a statement. "The research challenge is to dramatically improve the automated translation from C to Rust, particularly for program constructs with the most relevance...." DARPA's characterization of the situation suggests the verdict on C and C++ has already been rendered. "After more than two decades of grappling with memory safety issues in C and C++, the software engineering community has reached a consensus," the research agency said, pointing to the Office of the National Cyber Director's call to do more to make software more secure. "Relying on bug-finding tools is not enough...." Peter Morales, CEO of Code Metal, a company that just raised $16.5 million to focus on transpiling code for edge hardware, told The Register the DARPA project is promising and well-timed. "I think [TRACTOR] is very sound in terms of the viability of getting there and I think it will have a pretty big impact in the cybersecurity space where memory safety is already a pretty big conversation," he said. DARPA's statement had an ambitious headline: "Eliminating Memory Safety Vulnerabilities Once and For All." "Rust forces the programmer to get things right," said DARPA project manager Wallach. "It can feel constraining to deal with all the rules it forces, but when you acclimate to them, the rules give you freedom. They're like guardrails; once you realize they're there to protect you, you'll become free to focus on more important things." Code Metal's Morales called the project "a DARPA-hard problem," noting the daunting number of edge cases that might come up. And even DARPA's program manager conceded to the Register that "some things like the Linux kernel are explicitly out of scope, because they've got technical issues where Rust wouldn't fit." Thanks to long-time Slashdot reader RoccamOccam for sharing the news.Read more of this story at Slashdot.

In 2006 MySpace reportedly became America's most-visited web site - passing both Google and Yahoo Mail. So what happened? TribLive reports:The co-founders, Tom Anderson and Chris DeWolfe, sold MySpace to Rupert Murdoch's News Corporation for $580 million in 2005, and that company sold it to the online advertising company Specific Media and Justin Timberlake in 2011, which later became the ad tech firm Viant, according to SlashGear. Viant was bought by Time in 2016, which was acquired by Meredith Corporation at the end of 2017, according to The Guardian. Meredith then sold Myspace to Viant Technology LLC, which currently operates the platform, SlashGear said. During its time under Timberlake, Myspace morphed from a social media platfrom and turned over a new leaf as a music discovery site, SlashGear reported. The once booming online atmosphere has turned into a ghost town, according to The Guardian. Despite the number of people on Myspace dwindling, a handful of devoted users remains. The glory days of MySpace drew this bittersweet remembrance from TechRadar:Not everyone on the TechRadar team looks back on those early MySpace years fondly, with our US editor in chief Lance Ulanoff recalling that it "it was like peoples' brains had been turned inside out and whatever didn't stick, dropped onto the page and was represented as a GIF". Many of us do, though, remember picking our Top 8s (the site's weird ranking system for your friends) and decorating our MySpace pages with as many flashing lights as possible.Read more of this story at Slashdot.

Late Friday Elon Musk appeared on Lex Fridman's podcast for a special eight-hour episode about Neuralink. It's already been viewed 1,702,036 times on YouTube - and resulted in this report from Reuters:Neuralink has successfully implanted in a second patient its device designed to give paralyzed patients the ability to use digital devices by thinking alone, according to the startup's owner Elon Musk... [Musk] gave few details about the second participant beyond saying the person had a spinal cord injury similar to the first patient, who was paralyzed in a diving accident. Musk said 400 of the implant's electrodes on the second patient's brain are working. Neuralink on its website states that its implant uses 1,024 electrodes... Musk said he expects Neuralink to provide the implants to eight more patients this year as part of its clinical trials. Neuralink's device "has allowed the first patient to play video games, browse the internet, post on social media and move a cursor on his laptop," according to the article:The first patient, Noland Arbaugh, was also interviewed on the podcast, along with three Neuralink executives, who gave details about how the implant and the robot-led surgery work. Before Arbaugh received his implant in January, he used a computer by employing a stick in his mouth to tap the screen of a tablet device. Arbaugh said with the implant he now can merely think about what he wants to happen on the computer screen, and the device makes it happen... Arbaugh has improved on his previous world record for the speed at which he can control a cursor with thoughts alone "with only roughly 10, 15% of the electrodes working," Musk said on the podcast. Fridman said his interview with Musk was "the longest podcast I've ever done," calling their conversation "fascinating, super technical, and wide-ranging... I loved every minute of it."Read more of this story at Slashdot.

An anonymous Slashdot reader shared this report from Phoronix:The Redox OS project that is a from scratch open-source operating system written in the Rust programming language now has a working web server, among other improvements achieved during the month of July... Notable new software work includes getting the Simple HTTP Server running as the first web (HTTP) server for the platform. Simple HTTP Server itself is written in Rust as well. There is also an ongoing effort to bring the Apache HTTP server to Redox OS too. Another app milestone is the wget program now working on Redox OS. There's also been more work on getting the COSMIC desktop apps working on Redox OS, build system improvements, and other changes.Read more of this story at Slashdot.

America's Senate "overwhelmingly passed major online safety reforms to protect children on social media," reports the Guardian. "But with ongoing pushback from the tech industry and freedom of speech organizations, the legislation faces an uncertain future in the House.""It's a terrible idea to let politicians and bureaucrats decide what people should read and view online," freedom of speech group the Electronic Frontier Foundation said of the Senate's passage of Kosa... Advocates of Kosa reject these critiques, noting the bill has been revised to address many of those concerns - including shifting enforcement from attorneys general to the federal trade commission and focusing the "duty of care" provisions on product design features of the site or app rather than content specifically. A number of major LGBTQ+ groups dropped their opposition to the legislation following these changes, including the Human Rights Campaign, GLAAD and the Trevor Project. After passing the Senate this week, the bill has now moved onto the House, which is on a six-week summer recess until September. Proponents are now directing their efforts towards House legislators to turn the bill into law. Joe Biden has indicated he would sign it if it passes. In a statement Tuesday encouraging the House to pass the legislation, the US president said: "We need action by Congress to protect our kids online and hold big tech accountable for the national experiment they are running on our children for profit...." House speaker Mike Johnson of Louisiana has expressed support for moving forward on Kosa and passing legislation this Congress, but it's unclear if he will bring the bill up in the House immediately. Some experts say the bill is unlikely to be passed in the House in the form passed by the Senate. "Given the concerns about potential censorship and the possibility of minors' lacking access to vital information, pausing KOSA makes eminent sense," said Gautam Hans, associate clinical professor of law and associate director of the First Amendment Clinic at Cornell Law School. He added that the House may put forward its own similar legislation instead, or modify KOSA to further address some of these concerns. The political news site Punchbowl News also noted this potentially significant quote:A House GOP leadership aide told us this about KOSA: "We've heard concerns across our Conference and the Senate bill cannot be brought up in its current form." TechDirt argues that "Senator Rand Paul's really excellent letter laying out the reasons he couldn't support the bill may have had an impact." Thanks to long-time Slashdot reader SonicSpike for sharing the news.Read more of this story at Slashdot.

Seattle is the smartest city in America, with Miami and then Austin close behind. That's according to a promotional study from smart-building tools company ProptechOS. Newsweek reports:The evaluation of tech infrastructure and connectivity was based on several factors, including the number of free Wi-Fi hot spots, the quantity and density of AI and IoT companies, average broadband download speeds, median 5G coverage per network provider, and the number of airports. Meanwhile, green infrastructure was assessed based on air quality, measured by exposure to PM2.5, tiny particles in the air that can harm health. Other factors include 10-year changes in tree coverage, both loss and gain; the number of electric vehicle charging points and their density per 100,000 people; and the number of LEED-certified green buildings. The tech job market was evaluated on the number of tech jobs advertised per 100,000 people. Seattle came in first after assessing 16 key indicators across connectivity/infrastructure, sustainability, and tech jobs - "boasting 34 artificial intelligence companies and 13 Internet of Things companies per 100,000 residents." In terms of sustainability, Seattle has enhanced its tree coverage by 13,700 hectares from 2010 to 2020 and has established the equivalent of 10 electric vehicle charging points per 100,000 residents. Seattle has edged out last year's top city, Austin, to claim the title of the smartest city in the U.S., with an overall score of 75.7 out of 100. Miami wasn't far behind, achieving a score of 75.4. However, Austin still came out on top for smart city infrastructure, scoring 86.2 out of 100. This is attributed to its high broadband download speed of 275.60 Mbps - well above the U.S. average of 217.14 Mbps - and its concentration of 337 AI companies, or 35 per 100,000 people. You can see the full listings here. The article notes that the same study also ranked Paris as the smartest city in Europe - slipping ahead of London - thanks to Paris's 99.5% 5G coverage, plus "the second-highest number of AI companies in Europe and the third-highest number of free Wi-Fi hot spots. Paris is also recognized for its traffic management systems, which monitor noise levels and air quality." Newsweek also shares this statement from ProptechOS's founder/chief ecosystem officer. "Advancements in smart cities and future technologies such as next-generation wireless communication and AI are expected to reduce environmental impacts and enhance living standards." In April CNBC reported on an alternate list of the smartest cities in the world, created from research by the World Competitiveness Center. It defined smart cities as "an urban setting that applies technology to enhance the benefits and diminish the shortcomings of urbanization for its citizens." And CNBC reported that based on the list, "Smart cities in Europe and Asia are gaining ground globally while North American cities have fallen down the ranks... Of the top 10 smart cities on the list, seven were in Europe."Here are the top 10 smart cities, according to the 2024 Smart City Index. - Zurich, Switzerland- Oslo, Norway- Canberra, Australia- Geneva, Switzerland- Singapore- Copenhagen, Denmark- Lausanne, Switzerland- London, England- Helsinki, Finland- Abu Dhabi, United Arab Emirates Notably, for the first time since the index's inception in 2019, there is an absence of North American cities in the top 20... The highest ranking U.S. city this year is New York City which ranked 34th, followed by Boston at 36th and Washington DC, coming in at 50th place.Read more of this story at Slashdot.

A new type of antibiotic "targets bacteria in two ways," writes SciTechDaily, which "could make it 100 million times harder for bacteria to develop resistance, according to recent research from the University of Illinois Chicago."Their experiments demonstrate that [a class of synthetic drugs called] macrolones can work two different ways - either by interfering with protein production or corrupting DNA structure. Because bacteria would need to implement defenses to both attacks simultaneously, the researchers calculated that drug resistance is nearly impossible. "The beauty of this antibiotic is that it kills through two different targets in bacteria," said Alexander Mankin, distinguished professor of pharmaceutical sciences at UIC. "If the antibiotic hits both targets at the same concentration, then the bacteria lose their ability to become resistant via the acquisition of random mutations in any of the two targets." Macrolones are synthetic antibiotics that combine the structures of two widely used antibiotics with different mechanisms. Macrolides, such as erythromycin, block the ribosome, the protein manufacturing factories of the cell. Fluoroquinolones, such as ciprofloxacin, target a bacteria-specific enzyme called DNA gyrase.... "The main outcome from all of this work is the understanding of how we need to go forward," Mankin said. "And the understanding that we're giving to chemists is that you need to optimize these macrolones to hit both targets." Thanks to long-time Slashdot reader schwit1 for sharing the news.Read more of this story at Slashdot.

America's National Institute of Standards and Technology (NIST) has released a new open-source software tool called Dioptra for testing the resilience of machine learning models to various types of attacks. "Key features that are new from the alpha release include a new web-based front end, user authentication, and provenance tracking of all the elements of an experiment, which enables reproducibility and verification of results," a NIST spokesperson told SC Media:Previous NIST research identified three main categories of attacks against machine learning algorithms: evasion, poisoning and oracle. Evasion attacks aim to trigger an inaccurate model response by manipulating the data input (for example, by adding noise), poisoning attacks aim to impede the model's accuracy by altering its training data, leading to incorrect associations, and oracle attacks aim to "reverse engineer" the model to gain information about its training dataset or parameters, according to NIST. The free platform enables users to determine to what degree attacks in the three categories mentioned will affect model performance and can also be used to gauge the use of various defenses such as data sanitization or more robust training methods. The open-source testbed has a modular design to support experimentation with different combinations of factors such as different models, training datasets, attack tactics and defenses. The newly released 1.0.0 version of Dioptra comes with a number of features to maximize its accessibility to first-party model developers, second-party model users or purchasers, third-party model testers or auditors, and researchers in the ML field alike. Along with its modular architecture design and user-friendly web interface, Dioptra 1.0.0 is also extensible and interoperable with Python plugins that add functionality... Dioptra tracks experiment histories, including inputs and resource snapshots that support traceable and reproducible testing, which can unveil insights that lead to more effective model development and defenses. NIST also published final versions of three "guidance" documents, according to the article. "The first tackles 12 unique risks of generative AI along with more than 200 recommended actions to help manage these risks. The second outlines Secure Software Development Practices for Generative AI and Dual-Use Foundation Models, and the third provides a plan for global cooperation in the development of AI standards." Thanks to Slashdot reader spatwei for sharing the news.Read more of this story at Slashdot.

An anonymous reader shared this report from Ars Technica:[I]t might be worth spending more to get a panel that converts more of the incoming sunlight to electricity, since it allows you to get more out of the price paid to get each panel installed. But silicon panels are already pushing up against physical limits on efficiency. Which means our best chance for a major boost in panel efficiency may be to combine silicon with an additional photovoltaic material. Right now, most of the focus is on pairing silicon with a class of materials called perovskites. Perovskite crystals can be layered on top of silicon, creating a panel with two materials that absorb different areas of the spectrum - plus, perovskites can be made from relatively cheap raw materials. Unfortunately, it has been difficult to make perovskites that are both high-efficiency and last for the decades that the silicon portion will.Lots of labs are attempting to change that, though. And two of them reported some progress this week, including a perovskite/silicon system that achieved 34 percent efficiency. One team of researchers "sent a sample to a European test lab, which came out with an efficiency of 33.7 percent," Ars Technica notes. "The researchers have a few ideas that should boost this to 35 percent, but didn't attempt them for this paper. "For comparison, the maximum efficiency for silicon alone is in the area of 27 percent, so that represents a very significant boost and is one of the highest perovskite/silicon combinations ever reported."Read more of this story at Slashdot.

"Five years ago, Brian Frye set an elaborate trap," writes Decrypt.co. "Now the law professor is teaming up with a singer-songwriter to finally spring it" on America's Security and Exchange Commission "in a novel lawsuit - and in the process, prevent the regulator from ever coming after NFT art projects again." Over and again, the SEC has sued cherry-picked NFT projects it says qualify as unregistered securities - but never once has the regulator defined what types of NFT projects are legal and which are not, casting a chill over the nascent industry... [In 2019] Frye, an expert in securities law and a fan of novel technologies, minted an NFT of a letter he sent to the SEC in which he declared his art project to constitute an illegal, unregistered security. If the conceptual art project wasn't a security, Frye challenged the agency, then it needed to say so. The SEC never responded to Frye - not then, and not after several more self-incriminating correspondences from the professor. But in due time, the agency began vigorously pursuing, and suing, NFT projects. So 10 months ago, Jonathan Mann - who writes a new song every day and shares it online - crafted a song titled "This Song is A Security." As a seller of NFTs himself, Mann wrote the song "to fight back against the SEC, and defend his right - plus the rights of other artists like him - to earn revenue," according to the article:Frye, who'd practically been salivating for such an opportunity for half a decade, was a natural fit.... In the lawsuit filed against the SEC in Louisiana earlier this week, they challenged the SEC's standing to regulate their NFT-backed artworks as securities, and demanded the agency declare that their respective art projects do not constitute illegal, unregistered securities offerings. More from the International Business Times:The complaint asked the court to clarify whether the SEC should regulate art and whether artists were supposed to "register" their artworks before selling the pieces to the general public. The complaint also asked whether artists should be "forced to make public disclosures about the 'risks' of buying their art," and whether artists should be "required to comply" with federal securities laws... The Blockchain Association, a collective crypto group that includes some of the biggest digital asset firms, asserted that the SEC has no authority over NFT art. "We support the plaintiffs in their quest for legal clarity," the group said. In an interview with Slashdot, Mann says he started his "Song a Day" project almost 17 years ago (when he was 26 years old) - and his interest in NFTs is sincere:"Over the years, I've always sought a way to make Song A Day sustainable financially, through video contests, conference gigs, ad revenue, royalties, Patreon and more. "When I came across NFTs in 2017, they didn't have a name. We just called them 'digital collectibles'. For the last 2+ years, NFTs have become that self-sustaining model for my work. "I know most people believe NFTs are a joke at best and actively harmful at worst. Even most people in the crypto community have given up on them. Despite all that, I still believe they're worth pursuing. "Collecting an NFT from an artist you love is the most direct way to support them. There's no multinational corporation, no payment processor, and no venture capitalists between you and the artist you want to support." Slashdot also tracked down the SEC's Office of Public Affairs, and got an official response from SEC public affairs specialist Ryan White. Slashdot: The suit argues that the SEC's approach "threatens the livelihoods of artists and creators that are simply experimenting with a novel, fast-growing technology," and seeks guidance in the face of a "credible threat of enforcement". Is the SEC going to respond to this lawsuit? And if you don't have an answer at this time, can you give me a general comment on the issues and concerns being raised? SEC Public Affairs Specialist Ryan White: We would decline comment. Decrypt.co points out that the lawsuit "has no guarantee of offering some conclusive end to the NFT regulation question... That may only come with concrete legislation or a judgment by the Supreme Court." But Mann's song still makes a very public show out of their concerns - with Mann even releasing a follow-up song titled "I'm Suing the SEC." (Its music video mixes together wacky clips of Mila Kunis's Stoner Cats and Fonzie jumping a shark with footage of NFT critics like Elizabeth Warren and SEC chairman Gary Gensler.) And an earlier song also used auto-tune to transform Gensler's remarks about cryptocurrencies into the chorus of a song titled "Hucksters, Fraudsters, Scam Artists, Ponzi Schemes". Mann later auctioned an NFT of the song - for over $3,000 in Ethereum.Read more of this story at Slashdot.

An anonymous Slashdot reader shared this report from the blog 9to5Mac:In 2022, Apple agreed to pay a $50 million dollar settlement for certain eligible 2015-2019 MacBook owners who experienced problems with their butterfly keyboards. The claims process opened in late 2022, and the settlement got final approval last May. Starting today, eligible MacBook owners are finally receiving their payouts... Apple finally moved away from the butterfly keyboard on the 16-inch MacBook Pro in late 2019. By mid 2020, the 13-inch MacBook Pro and MacBook Air also moved to the new Magic Keyboard. However, that wouldn't be the end of the story for Apple... In mid 2022, Apple was required to pay a $50 million settlement. The claims process started later that year, although there were some caveats. For one, you could only claim this settlement if you lived in California, Florida, Illinois, Michigan, New Jersey, New York, or Washington. This excludes 43 US states, so a good number of people with butterfly keyboards weren't even covered. Additionally, the estimated payout amount varied depending on the severity of your keyboard problems: - Up to $395 for 2 or more top case replacements- Up to $125 for 1 top case replacement- Up to $50 for keycap replacements Obviously, this wasn't the most ideal outcome for customers, but if you were eligible and filed a claim (or multiple), you're in luck! The original goal "was to make the keyboards thinner and the laptops slimmer," remembers ZDNet.This backfired spectacularly as MacBook owners started complaining that the keys would easily stick or get jammed by dust, crumbs, or other tiny objects. Noted tech blogger John Gruber even called the new keyboards "the worst products in Apple's history." Gruber's headline? "Appl Still Hasn't Fixd Its MacBook Kyboad Problm"Read more of this story at Slashdot.

Stack Overflow says over 65,000 developers took their annual survey - and "For the first time this year, we asked if developers felt AI was a threat to their job..." Some analysis from The New Stack: Unsurprisingly, only 12% of surveyed developers believe AI is a threat to their current job. In fact, 70% are favorably inclined to use AI tools as part of their development workflow... Among those who use AI tools in their development workflow, 81% said productivity is one of its top benefits, followed by an ability to learn new skills quickly (62%). Much fewer (30%) said improved accuracy is a benefit. Professional developers' adoption of AI tools in the development process has risen rapidly, going from 44% in 2023 to 62% in 2024... Seventy-one percent of developers with less than five years of experience reported using AI tools in their development process, as compared to just 49% of developers with 20 years of experience coding... At 82%, [ChatGPT] is twice as likely to have been used than GitHub Copilot. Among ChatGPT users, 74% want to continue using it. But "only 43% said they trust the accuracy of AI tools," according to Stack Overflow's blog post, "and 45% believe AI tools struggle to handle complex tasks." More analysis from The New Stack:The latest edition of the global annual survey found full-time employment is holding steady, with over 80% reporting that they have full-time jobs. The percentage of unemployed developers has more than doubled since 2019 but is still at a modest 4.4% worldwide... The median annual salary of survey respondents declined significantly. For example, the average full-stack developer's median 2024 salary fell 11% compared to the previous year, to $63,333... Wage pressure may be the result of more competition from an increase in freelancing. Eighteen percent of professional developers in the 2024 survey said they are independent contractors or self-employed, which is up from 9.5% in 2020. Part-time employment has also risen, presenting even more pressure on full-time salaries... Job losses at tech companies have contributed to a large influx of talent into the freelance market, noted Stack Overflow CEO Prashanth Chandrasekar in an interview with The New Stack. Since COVID-19, he added, the emphasis on remote work means more people value job flexibility. In the 2024 survey, only 20% have returned to full-time in-person work, 38% are full-time remote, while the remainder are in a hybrid situation. Anticipation of future productivity growth due to AI may also be creating uncertainty about how much to pay developers. Two stats jumped out for Visual Studio magazine: In this year's big Stack Overflow developer survey things are much the same for Microsoft-centric data points: VS Code and Visual Studio still rule the IDE roost, while .NET maintains its No. 1 position among non-web frameworks. It's been this way for years, though in 2021 it was .NET Framework at No. 1 among IDEs, while the new .NET Core/.NET 5 entry was No. 3. Among IDEs, there has been less change. "Visual Studio Code is used by more than twice as many developers than its nearest (and related) alternative, Visual Studio," said the 2024 Stack Overflow Developer survey, the 14th in the series of massive reports. Stack Overflow shared some other interesting statistics:"Javascript (62%), HTML/CSS (53%), and Python (51%) top the list of most used languages for the second year in a row... [JavaScript] has been the most popular language every year since the inception of the Developer Survey in 2011.""Python is the most desired language this year (users that did not indicate using this year but did indicate wanting to use next year), overtaking JavaScript.""The language that most developers used and want to use again is Rust for the second year in a row with an 83% admiration rate. ""Python is most popular for those learning to code...""Technical debt is a problem for 62% of developers, twice as much as the second- and third-most frustrating problems for developers: complex tech stacks for building and deployment."Read more of this story at Slashdot.

A professor in the University of Chicago's department of geophysical sciences "believes that by intentionally releasing sulfur dioxide into the stratosphere, it would be possible to lower temperatures worldwide," reports the New York Times. He's not the only one promoting the idea. "Harvard University has a solar geoengineering program that has received grants from Microsoft co-founder Bill Gates, the Alfred P. Sloan Foundation and the William and Flora Hewlett Foundation. It's being studied by the Environmental Defense Fund along with the World Climate Research Program.... But many scientists and environmentalists fear that it could result in unpredictable calamities."Because it would be used in the stratosphere and not limited to a particular area, solar geoengineering could affect the whole world, possibly scrambling natural systems, like creating rain in one arid region while drying out the monsoon season elsewhere. Opponents worry it would distract from the urgent work of transitioning away from fossil fuels. They object to intentionally releasing sulfur dioxide, a pollutant that would eventually move from the stratosphere to ground level, where it can irritate the skin, eyes, nose and throat and can cause respiratory problems. And they fear that once begun, a solar geoengineering program would be difficult to stop... Keith, a professor in the University of Chicago's department of geophysical sciences, countered that the risks posed by solar geoengineering are well understood, not as severe as portrayed by critics and dwarfed by the potential benefits. If the technique slowed the warming of the planet by even just 1 degree Celsius, or 1.8 degrees Fahrenheit, over the next century, Keith said, it could help prevent millions of heat-related deaths each decade... Opponents of solar geoengineering cite several main risks. They say it could create a "moral hazard," mistakenly giving people the impression that it is not necessary to rapidly reduce fossil fuel emissions. The second main concern has to do with unintended consequences. "This is a really dangerous path to go down," said Beatrice Rindevall, the chair of the Swedish Society for Nature Conservation, which opposed the experiment. "It could shock the climate system, could alter hydrological cycles and could exacerbate extreme weather and climate instability." And once solar geoengineering began to cool the planet, stopping the effort abruptly could result in a sudden rise in temperatures, a phenomenon known as "termination shock." The planet could experience "potentially massive temperature rise in an unprepared world over a matter of five to 10 years, hitting the Earth's climate with something that it probably hasn't seen since the dinosaur-killing impactor," Pierrehumbert said. On top of all this, there are fears about rogue actors using solar geoengineering and concerns that the technology could be weaponized. Not to mention the fact that sulfur dioxide can harm human health. Keith is adamant that those fears are overblown. And while there would be some additional air pollution, he claims the risk is negligible compared to the benefits. The opposition is making it hard to even conduct tests, according to the article - like when Keith "wanted to release a few pounds of mineral dust at an altitude of roughly 20 kilometers and track how the dust behaved as it floated across the sky." The experiment was called off after opposition from numerous groups - including Greta Thunberg and an organization representing Indigenous people who felt the experiment was disrespecting nature.Read more of this story at Slashdot.

Somewhere in America's Defense Department, the DARPA R&D agency is running a two-year contest to write an AI-powered program "that can scan millions of lines of open-source code, identify security flaws and fix them, all without human intervention," reports the Washington Post. [Alternate URL here.] But as they see it, "The contest is one of the clearest signs to date that the government sees flaws in open-source software as one of the country's biggest security risks, and considers artificial intelligence vital to addressing it."Free open-source programs, such as the Linux operating system, help run everything from websites to power stations. The code isn't inherently worse than what's in proprietary programs from companies like Microsoft and Oracle, but there aren't enough skilled engineers tasked with testing it. As a result, poorly maintained free code has been at the root of some of the most expensive cybersecurity breaches of all time, including the 2017 Equifax disaster that exposed the personal information of half of all Americans. The incident, which led to the largest-ever data breach settlement, cost the company more than $1 billion in improvements and penalties. If people can't keep up with all the code being woven into every industrial sector, DARPA hopes machines can. "The goal is having an end-to-end 'cyber reasoning system' that leverages large language models to find vulnerabilities, prove that they are vulnerabilities, and patch them," explained one of the advising professors, Arizona State's Yan Shoshitaishvili.... Some large open-source projects are run by near-Wikipedia-size armies of volunteers and are generally in good shape. Some have maintainers who are given grants by big corporate users that turn it into a job. And then there is everything else, including programs written as homework assignments by authors who barely remember them. "Open source has always been 'Use at your own risk,'" said Brian Behlendorf, who started the Open Source Security Foundation after decades of maintaining a pioneering free server software, Apache, and other projects at the Apache Software Foundation. "It's not free as in speech, or even free as in beer," he said. "It's free as in puppy, and it needs care and feeding." 40 teams entered the contest, according to the article - and seven received $1 million in funding to continue on to the next round, with the finalists to be announced at this year's Def Con, according to the article. "Under the terms of the DARPA contest, all finalists must release their programs as open source," the article points out, "so that software vendors and consumers will be able to run them."Read more of this story at Slashdot.

Slashdot reader Applehu Akbar shared this report from MacRumors:Epic Games CEO Tim Sweeney commented on Apple's 'Find My' service, referring to it as "super creepy surveillance tech" that "shouldn't exist." Sweeney went on to explain that several years ago, "a kid" stole a Mac laptop out of his car. Years later, Sweeney was checking Find My, and as the Mac was still connected to his Apple ID account, it showed him the location where the thief lived. When someone asked Sweeney if he'd at least gotten his laptop back, Sweeney answered "No. I was creeped the hell out by having unexpectedly received the kid's address, and turned off Find My iPhone on all of my devices." Slashdot reader crmarvin42 quipped "Tell me you are stupidly rich, without telling me you are stupidly rich... Next someone will be saying that it is 'Creepy' to have security footage of someone taking your Amazon packages off of your porch." And they also questioned Sweeney's sincerity, suggesting that he's "just saying that to try and make Apple look bad because of all the lawsuits going on." MacRumors followed the ensuing discussion:Sweeney said that the location of a device in someone's possession can't be tracked without tracking the person, and "people have a right to privacy." ["This right applies to second hand device buyers and even to thieves."] He claims that detection and recovery of a lost or stolen device should be "mediated by due process of law" and not exposed to the device owner "in vigilante fashion." Some responded to Sweeney's comments by sharing the headline of a Vox news story about Epic's own privacy polices. ("Fortnite maker Epic Games has to pay $520 million for tricking kids and violating their privacy.") MacRumors cited a 2014 report that thefts of iPhones dropped after the introduction of Apple's "Activation Lock" feature (which prevents the disabling of 'Find My' without a password). But when the blog AppleInsider accused Sweeney of "an incredibly bad leap of logic" - Sweeney responded. "You're idealizing this issue as good guys tracking criminals to their lairs, but when Find My or Google's similar tech points a device owner to a device possessor's home, one must anticipate the presence of families and kids and innocent used device buyers, and ask whether it's really appropriate for a platform to use GPS and shadowy mesh network tech to set up physical confrontations among individuals." Sweeney also posted a quote from Steve Jobs about how at Apple, "we worry that some 14-year-old is going to get stalked and something terrible is going to happen because of our phone."Read more of this story at Slashdot.

America's National Football League "is the latest organization to turn to facial authentication to bolster event security," reports the Record, citing a new announcement this week: All 32 NFL stadiums will start using the technology this season, after the league signed a contract with a company that uses facial scans to verify the identity of people entering event venues and other secure spaces. The facial authentication platform, which counts the Cleveland Browns' owners as investors, will be used to "streamline and secure" entry for thousands of credentialed media, officials, staff and guests so they can easily access restricted areas such as press boxes and locker rooms, Jeff Boehm, the chief operating officer of Wicket, said in a LinkedIn post Monday. "Credential holders simply take a selfie before they come, and then Wicket verifies their identity and checks their credentials with Accredit (a credentialing platform) as they walk through security checkpoints," Boehm added. Wicket technology was deployed in a handful of NFL stadiums last year as part of a pilot program. Other stadiums will start rolling it out beginning on Aug. 8, when the pre-season kicks off. Some teams also have extended their use of the technology to scan the faces of ticket holders. The Cleveland Browns, Atlanta Falcons and New York Mets all have used the company's facial authentication software to authenticate fans with tickets, according to Stadium Tech Report. "Fans come look at the tablet and, instantly, the tablet recognizes the fan," Brandon Covert, the vice president of information technology for the Cleveland Browns, said in a testimonial appearing on Wicket's website. "It's almost a half-second stop. It's not even a stop - more of a pause." "The Browns also use Wicket to verify the ages of fans purchasing alcohol at concession stands, according to Wicket's LinkedIn page," the article points out. And a July report from Privacy International found that 25 of the top 100 soccer stadiums in the world are already using facial recognition technology. Thanks to long-time Slashdot reader schwit1 for sharing the news.Read more of this story at Slashdot.

An anonymous reader shared this report from BleepingComputer:A Chinese hacking group tracked as StormBamboo has compromised an undisclosed internet service provider (ISP) to poison automatic software updates with malware. Also tracked as Evasive Panda, Daggerfly, and StormCloud, this cyber-espionage group has been active since at least 2012, targeting organizations across mainland China, Hong Kong, Macao, Nigeria, and various Southeast and East Asian countries. On Friday, Volexity threat researchers revealed that the Chinese cyber-espionage gang had exploited insecure HTTP software update mechanisms that didn't validate digital signatures to deploy malware payloads on victims' Windows and macOS devices... To do that, the attackers intercepted and modified victims' DNS requests and poisoned them with malicious IP addresses. This delivered the malware to the targets' systems from StormBamboo's command-and-control servers without requiring user interaction. Volexity's blog post says they observed StormBamboo "targeting multiple software vendors, who use insecure update workflows..." and then "notified and worked with the ISP, who investigated various key devices providing traffic-routing services on their network. As the ISP rebooted and took various components of the network offline, the DNS poisoning immediately stopped." BleepingComputer notes that "aAfter compromising the target's systems, the threat actors installed a malicious Google Chrome extension (ReloadText), which allowed them to harvest and steal browser cookies and mail data."Read more of this story at Slashdot.

The planet Mercury could have "a layer of diamonds," reports CNN, citing new research suggesting that about 310 miles (500 kilometers) below the surface...could be a layer of diamonds 11 miles (18 kilometers) thick. And the study's co-author believes lava might carry some of those diamonds up to the surface:The diamonds might have formed soon after Mercury itself coalesced into a planet about 4.5 billion years ago from a swirling cloud of dust and gas, in the crucible of a high-pressure, high-temperature environment. At this time, the fledgling planet is believed to have had a crust of graphite, floating over a deep magma ocean. A team of researchers recreated that searing environment in an experiment, with a machine called an anvil press that's normally used to study how materials behave under extreme pressure but also for the production of synthetic diamonds. "It's a huge press, which enables us to subject tiny samples at the same high pressure and high temperature that we would expect deep inside the mantle of Mercury, at the boundary between the mantle and the core," said Bernard Charlier, head of the department of geology at the University of Liege in Belgium and a coauthor of a study reporting the findings. The team inserted a synthetic mixture of elements - including silicon, titanium, magnesium and aluminum - inside a graphite capsule, mimicking the theorized composition of Mercury's interior in its early days. The researchers then subjected the capsule to pressures almost 70,000 times greater than those found on Earth's surface and temperatures up to 2,000 degrees Celsius (3,630 degrees Fahrenheit), replicating the conditions likely found near Mercury's core billions of years ago. After the sample melted, the scientists looked at changes in the chemistry and minerals under an electron microscope and noted that the graphite had turned into diamond crystals. The researchers believe this mechanism "can not only give us more insight into the secrets hidden below Mercury's surface, but on planetary evolution and the internal structure of exoplanets with similar characteristics."Read more of this story at Slashdot.

Apple's elaborate new ad campaign promises that Safari is "a browser that protects your privacy." And the Washington Post says Apple "deserves credit for making many privacy protections automatic with Safari..." "But Albert Fox Cahn, executive director of the Surveillance Technology Oversight Project, said Safari is no better than the fourth-best web browser for your privacy.""If browser privacy were a sport at the Olympics, Apple isn't getting on the medal stand," Cahn said. (Apple did not comment about this.) Safari stops third-party cookies anywhere you go on the web. So do Mozilla's Firefox and the Brave browser... Chrome allows third-party cookies in most cases unless you turn them off... Even without cookies, a website can pull information like the resolution of your computer screen, the fonts you have installed, add-on software you use and other technical details that in aggregate can help identify your device and what you're doing on it. The measures, typically called "fingerprinting," are privacy-eroding tracking by another name. Nick Doty with the Center for Democracy & Technology said there's generally not much you can do about fingerprinting. Usually you don't know you're being tracked that way. Apple says it defends against common fingerprinting techniques but Cahn said Firefox, Brave and the Tor Browser all are better at protecting you from digital surveillance. That's why he said Safari is no better than the fourth-best browser for privacy. Safari's does offer extra privacy protections in its "private" mode, the article points out. "When you use this option, Apple says it does more to block use of 'advanced' fingerprinting techniques. It also steps up defenses against tracking that adds bits of identifying information to the web links you click." The article concludes that Safari users can "feel reasonably good about the privacy (and security) protections, but you can probably do better - either by tweaking your Apple settings or using a web browser that's even more private than Safari."Read more of this story at Slashdot.

"As media bosses scramble to decide if and how they should partner with AI companies, workers are increasingly concerned that the technology could imperil their jobs or degrade their work..." reports the Washington Post. The latest example? "Two months after the Atlantic reached a licensing deal with OpenAI, staffers at the storied magazine are demanding the company ensure their jobs and work are protected." (Nearly 60 journalists have now signed a letter demanding the company "stop prioritizing its bottom line and champion the Atlantic's journalism.")The unionized staffers want the Atlantic bosses to include AI protections in the union contract, which the two sides have been negotiating since 2022. "Our editorial leaders say that The Atlantic is a magazine made by humans, for humans," the letter says. "We could not agree more..." The Atlantic's new deal with OpenAI grants the tech firm access to the magazine's archives to train its AI tools. While the Atlantic in return will have special access to experiment with these AI tools, the magazine says it is not using AI to create journalism. But some journalists and media observers have raised concerns about whether AI tools are accurately and fairly manipulating the human-written text they work with. The Atlantic staffers' letter noted a pattern by ChatGPT of generating gibberish web addresses instead of the links intended to attribute the reporting it has borrowed, as well as sending readers to sites that have summarized Atlantic stories rather than the original work... Atlantic spokeswoman Anna Bross said company leaders "agree with the general principles" expressed by the union. For that reason, she said, they recently proposed a commitment to not to use AI to publish content "without human review and editorial oversight." Representatives from the Atlantic Union bargaining committee told The Washington Post that "the fact remains that the company has flatly refused to commit to not replacing employees with AI." The article also notes that last month the union representing Lifehacker, Mashable and PCMag journalists "ratified a contract that protects union members from being laid off because AI has impacted their roles and requires the company to discuss any such plans to implement AI tools ahead of time."Read more of this story at Slashdot.

"Generation X and millennials are at an increased risk of developing certain cancers compared with older generations," reports the Washington Post, "a shift that is probably due to generational changes in diet, lifestyle and environmental exposures, a large new study suggests." Researchers from the American Cancer analyzed data from more than 23.5 million patients who had been diagnosed with 34 types of cancer from 2000 to 2019 - and also studied mortality data that included 7 million deaths in the U.S. from 25 types of cancer among people ages 25 to 84.[The researchers reported] that cancer rates for 17 of the 34 most common cancers are increasing in progressively younger generations. The findings included: - Cancers with the most significant increased risk are kidney, pancreatic and small intestine, which are two to three times as high for millennial men and women as baby boomers.- Millennial women also are at higher risk of liver and bile duct cancers compared with baby boomers.- Although the risk of getting cancer is rising, for most cancers, the risk of dying of the disease stabilized or declined among younger people. But mortality rates increased for gallbladder, colorectal, testicular and uterine cancers, as well as for liver cancer among younger women. "It is a concern," said Ahmedin Jemal, senior vice president of the American Cancer Society's surveillance and health equity science department, who was the senior author of the study. If the current trend continues, the increased cancer and mortality rates among younger people may "halt or even reverse the progress that we have made in reducing cancer mortality over the past several decades," he added. While there is no clear explanation for the increased cancer rates among younger people, the researchers suggest that there may be several contributing factors, including rising obesity rates; altered microbiomes from unhealthy diets high in saturated fats, red meat and ultra-processed foods or antibiotic use; poor sleep; sedentary lifestyles; and environmental factors, including exposure to pollutants and carcinogenic chemicals.Read more of this story at Slashdot.

Thursday Go's long-time tech lead Russ Cox made an announcement:Starting September 1, Austin Clements will be taking over as the tech lead of Go: both the Go team at Google and the overall Go project. Austin is currently the tech lead for what we sometimes call the "Go core", which encompasses compiler toolchain, runtime, and releases. Cherry Mui will be stepping up to lead those areas. I am not leaving the Go project, but I think the time is right for a change... I will be shifting my focus to work more on Gaby [or "Go AI bot," an open-source contributor agent] and Oscar [an open-source contributor agent architecture], trying to make useful contributions in the Go issue tracker to help all of you work more productively. I am hopeful that work on Oscar will uncover ways to help open source maintainers that will be adopted by other projects, just like some of Go's best ideas have been adopted by other projects. At the highest level, my goals for Oscar are to build something useful, learn something new, and chart a path for other projects. These are the same broad goals I've always had for our work on Go, so in that sense Oscar feels like a natural continuation.The post notes that new tech lead Austin Clements "has been working on Go at Google since 2014" (and Mui since 2016). "Their judgment is superb and their knowledge of Go and the systems it runs on both broad and deep. When I have general design questions or need to better understand details of the compiler, linker, or runtime, I turn to them."It's important to remember that tech lead - like any position of leadership - is a service role, not an honorary title. I have been leading the Go project for over 12 years, serving all of you, and trying to create the right conditions for all of you to do your best work. Large projects like Go absolutely benefit from stable leadership, but they can also benefit from leadership changes. New leaders bring new strengths and fresh perspectives. For Go, I think 12+ years of one leader is enough stability; it's time for someone new to serve in this role. In particular, I don't believe that the "BDFL" (benevolent dictator for life) model is healthy for a person or a project. It doesn't create space for new leaders. It's a single point of failure. It doesn't give the project room to grow. I think Python benefited greatly from Guido stepping down in 2018 and letting other people lead, and I've had in the back of my mind for many years that we should have a Go leadership change eventually.... I am going to consciously step back from decision making and create space for Austin and the others to step forward, but I am not disappearing. I will still be available to talk about Go designs, review CLs, answer obscure history questions, and generally help and support you all in whatever way I can. I will still file issues and send CLs from time to time, I have been working on a few potential new standard libraries, I will still advocate for Go across the industry, and I will be speaking about Go at GoLab in Italy in November... I am incredibly proud of the work we have all accomplished together, and I am confident in the leaders both on the Go team at Google and in the Go community. You are all doing remarkable work, and I know you will continue to do that.Read more of this story at Slashdot.

A professor at Brigham Young University "has figured out a way to shave critical years off the complicated design and licensing processes for modern nuclear reactors," according to an announcement from the university. "AI is teaming up with nuclear power."The typical time frame and cost to license a new nuclear reactor design in the United States is roughly 20 years and $1 billion. To then build that reactor requires an additional five years and between $5 and $30 billion. By using AI in the time-consuming computational design process, [chemical engineering professor Matt] Memmott estimates a decade or more could be cut off the overall timeline, saving millions and millions of dollars in the process - which should prove critical given the nation's looming energy needs.... "Being able to reduce the time and cost to produce and license nuclear reactors will make that power cheaper and a more viable option for environmentally friendly power to meet the future demand...." Engineers deal with elements from neutrons on the quantum scale all the way up to coolant flow and heat transfer on the macro scale. [Memmott] also said there are multiple layers of physics that are "tightly coupled" in that process: the movement of neutrons is tightly coupled to the heat transfer which is tightly coupled to materials which is tightly coupled to the corrosion which is coupled to the coolant flow. "A lot of these reactor design problems are so massive and involve so much data that it takes months of teams of people working together to resolve the issues," he said... Memmott's is finding AI can reduce that heavy time burden and lead to more power production to not only meet rising demands, but to also keep power costs down for general consumers... Technically speaking, Memmott's research proves the concept of replacing a portion of the required thermal hydraulic and neutronics simulations with a trained machine learning model to predict temperature profiles based on geometric reactor parameters that are variable, and then optimizing those parameters. The result would create an optimal nuclear reactor design at a fraction of the computational expense required by traditional design methods. For his research, he and BYU colleagues built a dozen machine learning algorithms to examine their ability to process the simulated data needed in designing a reactor. They identified the top three algorithms, then refined the parameters until they found one that worked really well and could handle a preliminary data set as a proof of concept. It worked (and they published a paper on it) so they took the model and (for a second paper) put it to the test on a very difficult nuclear design problem: optimal nuclear shield design. The resulting papers, recently published in academic journal Nuclear Engineering and Design, showed that their refined model can geometrically optimize the design elements much faster than the traditional method. In two days Memmott's AI algorithm determined an optimal nuclear-reactor shield design that took a real-world molten salt reactor company spent six months. "Of course, humans still ultimately make the final design decisions and carry out all the safety assessments," Memmott says in the announcement, "but it saves a significant amount of time at the front end.... "Our demand for electricity is going to skyrocket in years to come and we need to figure out how to produce additional power quickly. The only baseload power we can make in the Gigawatt quantities needed that is completely emissions free is nuclear power." Thanks to long-time Slashdot reader schwit1 for sharing the article.Read more of this story at Slashdot.

A proposed European Union law seeks to ensure that video games sold or licensed in the EU remain playable even if servers are shut down or studios close. The law would require publishers of sold and free-to-play games with microtransactions to provide resources to keep games functional, such as allowing players to host their own servers. Through a process called the "European Citizens Initiative," the petition needs one million signatures just to have a chance at becoming law. PC Gamer reports: "An increasing number of publishers are selling videogames that are required to connect through the internet to the game publisher, or 'phone home' to function," the petition reads. "While this is not a problem in itself, when support ends for these types of games, very often publishers simply sever the connection necessary for the game to function, proceed to destroy all working copies of the game, and implement extensive measures to prevent the customer from repairing the game in any way." Understanding that developers and publishers can't support games forever, the initiative would expect "the publisher to provide resources for the said videogame once they discontinue it while leaving it in a reasonably functional (playable) state." That means giving players the tools to host the game on their own servers, for example, and removing the requirement for games to connect to the publisher's (defunct) servers in order to be played. This is what the developer behind Knockout City did when it pulled the plug on the game's official servers. Not only does this initiative apply to games that are sold, but includes free to play games that have microtransactions for assets (like skins) or other paid-for features. The thought is, if you purchase an item in a free game, you should have the right to continue to use it indefinitely -- which means keeping that free game playable in some form. It's important to note that even a million signatures doesn't mean an automatic win, just that it'll go forward to the European Union as a proposal to become a law.Read more of this story at Slashdot.

New preliminary evidence for phosphine and ammonia in Venus's atmosphere deepens the mystery of their origins, suggesting the possibility of a biological source. The detections, made using the James Clerk Maxwell Telescope and the Green Bank Telescope, point to potential microbial life in Venus's clouds despite the planet's extreme surface conditions. Space.com reports: The new detections of phosphine and ammonia were obtained by a team led by Jane Greaves of the University of Cardiff using submillimeter radio wavelength data collected by the James Clerk Maxwell Telescope (JCMT) in Hawaii and the Green Bank Telescope in West Virginia. "We don't know how you make phosphine or ammonia in an oxygenating atmosphere like that of Venus," said team member and astrophysicist Dave Clements of Imperial College, London, in an interview with Space.com. Then again, it's not clear why biology on Earth produces phosphine, either." Whether it's in penguin poop or badger guts, we don't know why bacteria make phosphine, but they do." The JCMT's initial detection of phosphine on Venus in 2020 by Greaves and her team was met by fierce disagreement from some quarters. This disagreement focused on how the data was processed and whether that was creating spurious signals since observations by other telescopes struggled to detect the phosphine. Clements said those technical disagreements have now been resolved and that the latest measurements, using a new detector on the JCMT called Namakanui (meaning 'Big Eyes' in Hawaiian), have come from three observing campaigns, each providing 140 times as much data as the initial detection. [...] Clements is open to the possibility that both phosphine and ammonia are being produced by some rare photochemistry in Venus' upper atmosphere involving solar ultraviolet breaking up molecules and allowing phosphine and ammonia to form from the molecular debris. If that is the case, nobody has observed this process yet, not even in the laboratory. Another possibility that has been mooted is that the phosphine could be produced by Venusian volcanoes. Clements also pointed out that the European Space Agency's Jupiter Icy Moons Explorer (JUICE) is making a fly-by of Venus in August 2025 to help slingshot it towards the Jovian system. JUICE carries instruments capable of detecting phosphine and ammonia, but there's no guarantee that its instruments will be switched on and deployed at Venus.Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: The US government will pay Moderna $176 million to develop an mRNA vaccine against a pandemic influenza -- an award given as the highly pathogenic bird flu virus H5N1 continues to spread widely among US dairy cattle. The funding flows through BARDA, the Biomedical Advanced Research and Development Authority, as part of a new Rapid Response Partnership Vehicle (RRPV) Consortium. The program is intended to set up partnerships with industry to help the country better prepare for pandemic threats and develop medical countermeasures, the Department of Health and Human Services said in a press announcement Tuesday. In its own announcement on Tuesday, Moderna noted that it began a Phase 1/2 trial of a pandemic influenza virus vaccine last year, which included versions targeting H5 and H7 varieties of bird flu viruses. The company said it expects to release the results of that trial this year and that those results will direct the design of a Phase 3 trial, anticipated to begin in 2025. The funding deal will support late-stage development of a "pre-pandemic vaccine against H5 influenza virus," Moderna said. But, the deal also includes options for additional vaccine development in case other public health threats arise. US health officials have said previously that they were in talks with Moderna and Pfizer about the development of a pandemic bird flu vaccine. The future vaccine will be in addition to standard protein-based bird flu vaccines that are already developed. In recent weeks, the health department has said it is working to manufacture 4.8 million vials of H5 influenza vaccine in the coming months. The plans come three months into the H5N1 dairy outbreak, which is very far from the initial hopes of containment. [...] The more the virus expands its footprint across US dairy farms, adapts to its newfound mammalian host, and comes in contact with humans, the more and more chances it has to leap to humans and gain the ability to spread among us. "The award made today is part of our longstanding commitment to strengthen our preparedness for pandemic influenza," said Dawn O'Connell, assistant secretary for Preparedness and Response. "Adding this technology to our pandemic flu toolkit enhances our ability to be nimble and quick against the circulating strains and their potential variants." In a separate article, Ars Technica reports on a small study in Texas that suggests human cases are going undetected on dairy farms where the H5N1 virus has spread in cows.Read more of this story at Slashdot.

Apple reported a new June quarter revenue record of $85.8 billion, up 5 percent from a year ago, fueled largely by new iPad sales. iPad "saw the biggest category increase for the quarter, up from $5.8 billion to $7.2 billion year-over-year," reports TechCrunch. It helped counter slowed iPhone revenue, "which dropped from $39.7 billion to $39.3 billion year-on-year." From the report: In spite of a drop for the quarter, iPhone remained Apple's most important category by a wide margin, followed by service, which includes software offerings like iCloud, Apple TV+ and Apple Music. That category continued to grow, up to $24.2 billion from $21.2 billion over the same three-month period last year. Much of the iPhone slowdown can be attributed to the greater China region. Overall, the region dropped from $15.8 billion to $14.7 billion for the quarter. Canalys figures from last week show a marked decline in iPhone sales, down 6.7% from 10.4 million to 9.7 million for the quarter, Reuters reported. The drop in Apple's third-largest region (behind the Americas and Europe) had a clear impact on the company's bottom line. The company aggressively discounted iPhone prices in China starting in May, as competition intensified from domestic rivals. The strategy resulted in strong iPhone sales that month, up close to 40% from a year prior. [...] Q3 marked the second consecutive quarter decline for global iPhone sales. The news puts additional pressure on the generative AI strategy that the company laid out at WWDC in June.Read more of this story at Slashdot.