Taiwan doesn't have parking meters, writes long-time Slashdot reader Badlands, "but rather roving armies of maids on electric scooters that cruise their area with their smartphone and take a pic of your license plate and timestamp it, leaving a receipt under your windshield wipers." But now one city will try "smart parking" services - which will also help drivers find vacant parking spots, according to Taiwan News:The service will utilize 3,471 geomagnetic sensors installed along 122 stretches of roadway in Banqiao, Yonghe, Zhonghe and Xindian Districts, according to a press release. The sensors will be linked to a publicly available online database to indicate where open parking spaces are available. The "New Taipei Street Parking Inquiry Service" will be accessible through a main website run by the Department of Transportation. The service is also linked to two smartphone applications... Payments can be made automatically by linking one's app profile to their smartphone's telecommunications provider... For drivers that use spaces without linking their phone and vehicle to the smart network, cameras located along the street where the sensors are installed will allow the city to identify and bill drivers via mail, based on their vehicle's registration information.Read more of this story at Slashdot.
"NASA said Friday it is shutting down a $2 billion satellite refueling project," reports UPI, "after criticizing the project's contractor for poor performance."The agency in a statement said it will discontinue the On-orbit Servicing, Assembly and Manufacturing 1 project after nearly a decade of work due to "continued technical, cost, and schedule challenges, and a broader community evolution away from refueling unprepared spacecraft, which has led to a lack of a committed partner." [...] The spacecraft would have utilized an attached Space Infrastructure Dexterous Robot (SPIDER) to refuel the Landsat, assemble a communications antenna and demonstrate in-space manufacture of a 32-foot carbon fiber composite beam to verify the capability of constructing large spacecraft structures in orbit... An audit from NASA's Inspector General, however, found OSAM-1 was on track to exceed the projected $2.05 billion budget and would not make its December 2026 launch date, laying the blame on the "poor performance of Maxar." "NASA and Maxar officials acknowledged that Maxar underestimated the scope and complexity of the work, lacked full understanding of NASA technical requirements, and were deficient in necessary expertise," the report read. The report also noted Maxar was "no longer profiting from their work on OSAM-1," after which the xproject appeared not "to be a high priority for Maxar in terms of the quality of its staffing." Thanks to long-time Slashdot reader schwit1 for sharing the news.Read more of this story at Slashdot.
Long-time Slashdot reader Greymane shared this article from Wired:[I]n a demonstration of the risks of connected, autonomous AI ecosystems, a group of researchers has created one of what they claim are the first generative AI worms - which can spread from one system to another, potentially stealing data or deploying malware in the process. "It basically means that now you have the ability to conduct or to perform a new kind of cyberattack that hasn't been seen before," says Ben Nassi, a Cornell Tech researcher behind the research. Nassi, along with fellow researchers Stav Cohen and Ron Bitton, created the worm, dubbed Morris II, as a nod to the original Morris computer worm that caused chaos across the Internet in 1988. In a research paper and website shared exclusively with WIRED, the researchers show how the AI worm can attack a generative AI email assistant to steal data from emails and send spam messages - breaking some security protections in ChatGPT and Gemini in the process...in test environments [and not against a publicly available email assistant]... To create the generative AI worm, the researchers turned to a so-called "adversarial self-replicating prompt." This is a prompt that triggers the generative AI model to output, in its response, another prompt, the researchers say. In short, the AI system is told to produce a set of further instructions in its replies... To show how the worm can work, the researchers created an email system that could send and receive messages using generative AI, plugging into ChatGPT, Gemini, and open source LLM, LLaVA. They then found two ways to exploit the system - by using a text-based self-replicating prompt and by embedding a self-replicating prompt within an image file. In one instance, the researchers, acting as attackers, wrote an email including the adversarial text prompt, which "poisons" the database of an email assistant using retrieval-augmented generation (RAG), a way for LLMs to pull in extra data from outside its system. When the email is retrieved by the RAG, in response to a user query, and is sent to GPT-4 or Gemini Pro to create an answer, it "jailbreaks the GenAI service" and ultimately steals data from the emails, Nassi says. "The generated response containing the sensitive user data later infects new hosts when it is used to reply to an email sent to a new client and then stored in the database of the new client," Nassi says. In the second method, the researchers say, an image with a malicious prompt embedded makes the email assistant forward the message on to others. "By encoding the self-replicating prompt into the image, any kind of image containing spam, abuse material, or even propaganda can be forwarded further to new clients after the initial email has been sent," Nassi says. In a video demonstrating the research, the email system can be seen forwarding a message multiple times. The researchers also say they could extract data from emails. "It can be names, it can be telephone numbers, credit card numbers, SSN, anything that is considered confidential," Nassi says. The researchers reported their findings to Google and OpenAI, according to the article, with OpenAI confirming "They appear to have found a way to exploit prompt-injection type vulnerabilities by relying on user input that hasn't been checked or filtered." OpenAI says they're now working to make their systems "more resilient." Google declined to comment on the research.Read more of this story at Slashdot.
Microsoft built two datacenters west of Phoenix, with plans for seven more (serving, among other companies, OpenAI). "Microsoft has been adding data centers at a stupendous rate, spending more than $10 billion on cloud-computing capacity in every quarter of late," writes the Atlantic. "One semiconductor analyst called this "the largest infrastructure buildout that humanity has ever seen." But is this part of a concerning trend?Microsoft plans to absorb its excess heat with a steady flow of air and, as needed, evaporated drinking water. Use of the latter is projected to reach more than 50 million gallons every year. That might be a burden in the best of times. As of 2023, it seemed absurd. Phoenix had just endured its hottest summer ever, with 55 days of temperatures above 110 degrees. The weather strained electrical grids and compounded the effects of the worst drought the region has faced in more than a millennium. The Colorado River, which provides drinking water and hydropower throughout the region, has been dwindling. Farmers have already had to fallow fields, and a community on the eastern outskirts of Phoenix went without tap water for most of the year... [T]here were dozens of other facilities I could visit in the area, including those run by Apple, Amazon, Meta, and, soon, Google. Not too far from California, and with plenty of cheap land, Greater Phoenix is among the fastest-growing hubs in the U.S. for data centers.... Microsoft, the biggest tech firm on the planet, has made ambitious plans to tackle climate change. In 2020, it pledged to be carbon-negative (removing more carbon than it emits each year) and water-positive (replenishing more clean water than it consumes) by the end of the decade. But the company also made an all-encompassing commitment to OpenAI, the most important maker of large-scale AI models. In so doing, it helped kick off a global race to build and deploy one of the world's most resource-intensive digital technologies. Microsoft operates more than 300 data centers around the world, and in 2021 declared itself "on pace to build between 50 and 100 new datacenters each year for the foreseeable future...." Researchers at UC Riverside estimated last year... that global AI demand could cause data centers to suck up 1.1 trillion to 1.7 trillion gallons of freshwater by 2027. A separate study from a university in the Netherlands, this one peer-reviewed, found that AI servers' electricity demand could grow, over the same period, to be on the order of 100 terawatt hours per year, about as much as the entire annual consumption of Argentina or Sweden... [T]ensions over data centers' water use are cropping up not just in Arizona but also in Oregon, Uruguay, and England, among other places in the world. The article points out that Microsoft "is transitioning some data centers, including those in Arizona, to designs that use less or no water, cooling themselves instead with giant fans." And an analysis (commissioned by Microsoft) on the impact of one building said it would use about 56 million gallons of drinking water each year, equivalent to the amount used by 670 families, according to the article. "In other words, a campus of servers pumping out ChatGPT replies from the Arizona desert is not about to make anyone go thirsty."Read more of this story at Slashdot.
Long-time Slashdot reader theodp writes: CACM [Communications of the ACM] Is Now Open Access," proclaims the Association for Computing Machinery (ACM) in its tear-down-this-CACM-paywall announcement. "More than six decades of CACM's renowned research articles, seminal papers, technical reports, commentaries, real-world practice, and news articles are now open to everyone, regardless of whether they are members of ACM or subscribe to the ACM Digital Library." Ironically, clicking on Google search results for older CACM articles on Aaron Swartz currently returns page-not-found error messages and the CACM's own search can't find Aaron Swarz either, so perhaps there's some work that remains to be done with the transition to CACM's new website. ACM plans to open its entire archive of over 600,000 articles when its five-year transition to full Open Access is complete (January 2026 target date). "They are right..." the site's editor-in-chief told Slashdot. "We need to get Google to reindex the new site ASAP."Read more of this story at Slashdot.
Long-time Slashdot reader AmiMoJo quotes Tom's Hardware: A Geekbench 6 result features what is likely the first-ever look at the single-core performance of the Taishan V120, developed by Huawei's HiSilicon subsidiary (via @Olrak29_ on X). The single-core score indicates that Taishan V120 cores are roughly on par with AMD's Zen 3 cores from late 2020, which could mean Huawei's technology isn't that far behind cutting-edge Western chip designers. The Taishan V120 core was first spotted in Huawei's Kirin 9000s smartphone chip, which uses four of the cores alongside two efficiency-focused Arm Cortex A510 cores. Since Kirin 9000s chips are produced using SMIC's second-generation 7nm node (which may make it illegal to sell internationally according to U.S. lawmakers), it would also seem likely that the Taishan V120 core tested in Geekbench 6 is also made on the second-generation 7nm node. The benchmark result doesn't really say much about what the actual CPU is, with the only hint being 'Huawei Cloud OpenStack Nova.' This implies it's a Kunpeng server CPU, which may either be the Kunpeng 916, 920, or 930. While we can only guess which one it is, it's almost certain to be the 930 given the high single-core performance shown in the result. By contrast, the few Geekbench 5 results for the Kunpeng 920 show it performing well behind AMD's first-generation Epyc Naples from 2017.Read more of this story at Slashdot.
This week Linux Foundation Charities launched "a groundbreaking open source software solution for real-time fraud prevention" named Tazama - "with support from the Bill & Melinda Gates Foundation." They're calling it "the first-ever open source platform dedicated to enhancing fraud management in digital payments."Until now, the financial industry has grappled with proprietary and often costly solutions that have limited access and adaptability for many, especially in developing economies. This challenge is underscored by the Global Anti-Scam Alliance, which reported that nearly $1 trillion was lost to online fraud in 2022. Tazama challenges this status quo by providing a powerful, scalable, and cost-effective alternative that democratizes access to advanced financial monitoring tools that can help combat fraud... The solution's architecture emphasizes data sovereignty, privacy, and transparency, aligning with the priorities of governments worldwide. Hosted by LF Charities, which will support the operation and function of the project, Tazama showcases the scalability and robustness of open source solutions, particularly in critical infrastructure like national payment switches. Jim Zemlin, executive director of the Linux Foundation, described their reaction as "excited to see an open source solution that not only enhances financial security but also provides a platform for our community to actively contribute to a project with broad societal impacts." And the announcement also includes a comment from the Bill & Melinda Gates Foundation's deputy director for payment systems. "This pioneering open source platform helps address critical challenges like fraud detection and compliance and paves the way for innovative, inclusive financial solutions that serve everyone, especially those in low-income countries. "The launch of Tazama signifies another stride towards securing and democratizing digital financial services."Read more of this story at Slashdot.
"These days in San Francisco, every major business closure triggers a rush to assign blame," argues the San Francisco Standard:When Macy's announced this week that it would shutter its flagship store in Union Square, it unleashed a wave of mourning and recriminations... Mayor London Breed and other local pols like state Sen. Scott Wiener tried to allay fears that Macy's was leaving because of crime, noting the planned closure is one of 150 nationwide. But in a tough election year, it seems few had the appetite to listen to her call for nuance... The unavoidable truth is the pandemic hollowed out downtown San Francisco's offices and led to an exodus of tech staffers who preferred remote work. It meant the loss of thousands of people who had reason to regularly stroll by Macy's and so many other corporate retailers. Meanwhile, everybody else had even less reason to go shopping in an urban core. Why bother dressing up and schlepping downtown when you could get the same layaway deals online...? [R]etail has been recovering. But it should be no surprise that the recovery has happened largely in suburban markets, which have not experienced a mass exit of workers... Elsewhere, the reality is simple: Malls and department stores have been dying for the last decade, struggling to attract young people and redevelop growing vacant space into desirable uses. Although Macy's is a legacy name, industry reports show it has been in a real doom loop of its own making. Everyone is angry about retail "shrinkage," an industry term for losses in inventory due to external theft, employee theft and mismanagement. However, reporting by CNBC and others has demonstrated that while corporate retailers may be seeing a bump in retail shrink, it is a smaller factor than other operational missteps. Industry experts suggest that "shrink" can be an excuse for poor inventory management and staffing issues, and brands like Lowe's, Foot Locker and Walgreens are now downplaying organized theft as a primary cause of revenue loss. The reality is that a swath of American retail chains have needed to downsize to remain profitable... [R]eactionary cries for police crackdowns on petty theft and homelessness miss how similar retail shutdowns are happening in cities with tougher crime laws and less visible poverty. Consider that Macy's has already conducted layoffs and cut employee benefits to remain afloat, triggering a worker strike in 2022. Then there's Macy's faltering credit card revenue, which the company said accounted for nearly triple the revenue loss as retail shrink. While The Standard has reported on Macy's workers blaming theft for the closure, my own visit to Macy's on Tuesday and conversations with longtime sales associates in multiple departments suggested that low staffing, an aging clientele and dips in seasonal shopping have greatly affected business... Turns out, "scary people stealing things" is a boogeyman that feels more tangible than the obscure machinations of a faltering corporation. The San Francsico Standard itself was funded in part by billionaire venture capitalist Michael Moritz of Sequoia Capital...Read more of this story at Slashdot.
Rust's official survey team released results from their 8th annual survey "focused on gathering insights and feedback from Rust users".In terms of operating systems used by Rustaceans, the situation is very similar to the results from 2022, with Linux being the most popular choice of Rust users [69.7%], followed by macOS [33.5%] and Windows [31.9%], which have a very similar share of usage. Rust programmers target a diverse set of platforms with their Rust programs, even though the most popular target by far is still a Linux machine [85.4%]. We can see a slight uptick in users targeting WebAssembly [27.1%], embedded and mobile platforms, which speaks to the versatility of Rust. We cannot of course forget the favourite topic of many programmers: which IDE (developer environment) do they use. Visual Studio Code still seems to be the most popular option [61.7%], with RustRover (which was released last year) also gaining some traction [16.4%]. The site ITPro spoke to James Governor, co-founder of the developer-focused analyst firm RedMonk, who said Rust's usage is "steadily increasing", pointing to its adoption among hyperscalers and cloud companies and in new infrastructure projects. "Rust is not crossing over yet as a general-purpose programming language, as Python did when it overtook Java, but it's seeing steady growth in adoption, which we expect to continue. It seems like a sustainable success story at this point." But InfoWorld writes that "while the use of Rust language by professional programmers continues to grow, Rust users expressed concerns about the language becoming too complex and the low level of Rust usage in the tech industry."Among the 9,374 respondents who shared their main worries for the future of Rust, 43% were most concerned about Rust becoming too complex, a five percentage point increase from 2022; 42% were most concerned about low usage of Rust in the tech industry; and 32% were most concerned about Rust developers and maintainers not being properly supported, a six percentage point increase from 2022. Further, the percentage of respondents who were not at all concerned about the future of Rust fell, from 30% in 2022 to 18% in 2023.Read more of this story at Slashdot.
It completed the most precise landing ever on the moon - albeit upside-down. And then it faced a "lunar night" lasting about two weeks where temperatures drop to -270 degrees Fahrenheit, reports the Times of India. But then, "Despite not being designed for the extreme temperatures, SLIM surprised scientists by coming back to life after the two-week-long lunar night."More from Space.com:The lander woke up on February 26 during extremely hot temperatures of 212 Fahrenheit (100 Celsius) in its region and has been making contact here and there with Earth in the days since. Most recently, SLIM attempted observations with its multiband spectroscopic camera, but "it did not work properly," JAXA officials wrote. "This seems to be due to the effects of overnight," the update continued, referring to the frigid two-week-long lunar night that SLIM experienced before the sun shone near Shioli crater again. "But we will continue to investigate based on the data we have obtained for the next opportunity...." "We received so much support for our operations after the lunar night," the agency posted on social media - adding "thank you!" The Times of India reports that "JAXA officially announced SLIM's return to a dormant state on March 1, sharing an image of the lunar surface captured by the probe." Above the photo, JAXA posted this hopeful message. "Although the probability of a failure increases with the repeated severe temperature cycles, SLIM operation will attempt to resume when the sun rises (late March). #GoodAfterMoon." And Space.com notes that "Despite all, SLIM has met both main and extended mission objectives: Landing precisely on the moon, deploying two tiny rovers and conducting science with its navigation camera and its spectroscopic camera, particularly searching for signs of olivine on the surface." Thanks to long-time Slashdot reader AmiMoJo for sharing the news.Read more of this story at Slashdot.
Some news from "Copyleft Currents", the blog of open-source/IP lawyer Heather Meeker:On February 14, 2024, the Court of Appeal of Paris issued an order stating that Orange, a major French telecom provider, had infringed the copyight of Entr'Ouvert's Lasso software and violated the GPL. They ordered Orange to pay 500,000 in compensatory damages and 150,000 for moral damages. This case has been ongoing for many years. Entr'ouvert is the publisher of Lasso, a reference library for the Security Assertion Markup Language (SAML) protocol, an open standard for identity providers to authenticate users and pass authentication tokens to online services. This is the open protocol that enables single sign-on (SSO). The Lasso product is dual licensed by Entr'Ouvert under GPL or commercial licenses. In 2005, Orange won a contract with the French Agency for the Development of Electronic Administration to develop parts of the service-public.fr portal, which allows users to interact online with the government for administrative procedures. Orange used the Lasso software in the solution, but did not pass on the rights to its modifications free of charge under GPL, or make the source code to its modifications available. Entr'Ouvert sued Orange in 2010, and the case wended its way through the courts, turning on, among other things, issues of proof of Entr'Ouvert 's copyright interest in the software, and whether the case properly sounded in breach of contract or copyright infringement... The compensatory damages were based on both lost profits of the plaintiff and disgorgement of profits of Orange. Moral damages compensate the plaintiff for harm to reputation or other non-monetary injury. Thanks to long-time Slashdot reader AmiMoJo for sharing the article.Read more of this story at Slashdot.
America's Federal Aviation administration "will require a fix for a new 737 MAX design problem discovered by Boeing that, although it's a remote possibility, could theoretically disable the jet's engine anti-ice system," reports the Seattle Times:A different flaw in the MAX's engine anti-ice system design drew scrutiny in January and forced the company to drop a request for an exemption from key safety regulations. And now, it's not just the MAX with an engine anti-ice system problem. Airlines have reported a separate issue with a similar system on Boeing's 787 Dreamliner that has caused what the FAA calls "relatively minor" damage to the engine inlets on some two dozen of these widebody jets in service. Though the FAA considers neither problem to be an immediate risk to flight safety, in February it issued separate notices of two proposed airworthiness directives to require the fix for the engine anti-ice system on the MAX and to lay out inspection and repair procedures for that system on the 787, pending a redesign that provides a permanent fix... When there is an immediate safety risk, the FAA issues a more urgent emergency directive that must be acted upon before further flight. Jets are grounded until it's dealt with. That's not the case with these two proposed airworthiness directives. Indicating that the risk is considered slight, both of the proposed directives will be open for public comments until April. Only after that will action be mandated... On the MAX, the proposed FAA directive states that Boeing identified a potential single point of failure when it reviewed the internal design of the unit that provides a backup power supply to aircraft systems if the primary electrical system fails. Such a failure could potentially result in the loss of the anti-ice systems on both engines, with no indication or warning that would alert the pilots, the FAA directive states... In November 2022, Boeing sent a service bulletin alerting airlines and describing the required fix, which the FAA will now mandate... Unlike this MAX issue, the fault discovered on the 787 Dreamliner has resulted in actual damage to engines on passenger aircraft. The FAA airworthiness directive on the 787 states that "damage was found during overhaul on multiple inlets around the Engine Anti-Ice duct within the inlet aft compartment." Rather than a production issue, it was a matter of the seals being insufficiently durable. Even when the plane was flying in dry air and the anti-ice system was not switched on, the seal degradation led to hot air leaking into the inlet compartment, "exposing inlet components to high temperatures," the FAA states. Boeing said this resulted in "thermal damage and discoloration to a limited area of the surrounding composite and metallic structure inside the inlet...." The FAA's proposed airworthiness directive warns that heat damage to the inlet structure could lead to "reduced structural strength and departure of the inlet from the airplane." "Departure of the inlet" is a bland way of describing the front of the pod around the engine fan detaching, potentially striking the jet's wing, tail or fuselage. Such disintegration could result in "subsequent loss of continued safe flight and landing or injury to occupants," the airworthiness directive states... "A separate question is how this flaw with the 787 anti-ice duct seals and the single point of failure in the backup power supply on the MAX slipped through the FAA's original certification of these aircraft." Business Insider also reports that Boeing "is holding off on a planned expansion of production for its 737 Max planes after an Alaska Airlines flight lost a chunk of the plane while airborne in January."Read more of this story at Slashdot.
Space.com writes that NASA's plan to return samples from Mars to the earth "is facing major challenges, according to a new report. "Design, cost and scheduling are all significant obstacles, an audit report of NASA's Mars Sample Return (MSR) Program by the agency's Office of Inspector General (OIG) finds..."It involves landing on Mars to collect samples taken by the Perseverance rover and launching those samples to rendezvous with an orbiter, which will haul them to Earth. Perseverance is already on Mars, snagging and storing samples. But the program still needs to build a Sample Retrieval Lander and an Earth Return Orbiter, the latter being developed and funded by the European Space Agency. The Mars Sample Return program is one of the most technically complex, operationally demanding and ambitious robotic science missions ever undertaken by NASA, according to the OIG report. The report notes design, architecture and schedule issues with the Capture Containment and Return System. These design issues resulted in adding about $200 million to the budget and one year of lost schedule... There is concern that, due to the number and significance of cost increase indicators so far, the $7.4 billion estimate is "premature and may be insufficient," the report finds. Now, the complexity... could drive costs to between $8 billion to $11 billion, the OIG report notes, citing a September 2023 Independent Review Board report. Notably, a July 2020 estimate listed costs of $2.5 to $3 billion. These new figures indicate significant financial challenges and uncertainties... Issues include inflation, supply chain problems and increases in funding requests for specific program components.Read more of this story at Slashdot.
Microsoft is "delighted to introduce some useful new features" for its "Copilot Preview for Windows 11," according to a recent blog post. TechRepublic adds that "most features will be enabled by default... rolling out from today until April 2024."Windows 11 users will be able to change system settings through prompts typed directly into Copilot in Windows, currently accessible in the Copilot Preview via an icon on the taskbar, or by pressing Windows + C. Microsoft Copilot will be able to perform the following actions: - Turn on/off battery saver.- Show device information.- Show system information.- Show battery information.- Open storage page.- Launch Live Captions.- Launch Narrator.- Launch Screen Magnifier.- Open Voice Access page.- Open Text size page.- Open contrast themes page.- Launch Voice input.- Show available Wi-Fi network.- Display IP Address.- Show Available Storage. The new third-party app integrations for Copilot will give Windows 11 users new ways to interact with various applications. For example, making business lunch reservations through OpenTable... Other new AI features for Windows 11 rolling out today include a new, AI-powered Generative Erase tool, which sounds reminiscent of Google's Magic Eraser tool for Google Photos. Generative Erase allows users to remove unwanted objects or artifacts from their photos in the Photos app. Likewise, Microsoft's video editing tool Clipchamp is receiving a Silence Removal tool, which functions much as the name implies A - it allows users to remove gaps in conversation or audio from a video clip. Voice access is another focal point of Microsoft's latest Windows 11 update, detailed in a separate blog post by Windows Commercial Product Marketing Manager Harjit Dhaliwal. Users can now use voice controls to navigate between multiple displays, aided by number and grid overlays that provide easy switching between screens. A Copilot icon has already started appearing in the taskbar of some Windows systems. If you Google "microsoft installs copilot preview windows," Google adds these helpful suggestions. People also ask: Why is Copilot preview on my computer? How do I get rid of Copilot preview on Windows 10? "Apparently there was some sort of update..." writes one Windows users. "Anyway, there is a logo at the bottom of the screen that is distracting and I'd like to get rid of it." Lifehacker has already published an article titled "How to Hide (or Disable) Copilot in Windows 11." "Artificial intelligence is feeling harder and harder to avoid," it begins, "but you still have options."Read more of this story at Slashdot.
Americans filing their taxes could face privacy threats, reports the Washington Post:"We just need your OK on a couple of things," TurboTax says as you prepare your tax return. Alarm bells should be ringing in your head at the innocuous tone. This is where America's most popular tax-prep website asks you to sign away the ironclad privacy protections of your tax return, including the details of your income, home mortgage and student loan payments. With your permission to blab your money secrets, the company earns extra income from showing you advertisements for the next three years for things like credit cards and mortgage offers targeted to your financial situation. You have the legal right to say no when TurboTax asks for your permission to "share your data" or use your tax information to "improve your experience...." The article complains that granting permission allows TurboTax to share details with "sibling" companies "such as your salary, the amount of your tax refund, whether you received a tax break for student loans and the day you printed your tax return..." "You'll see that permission request once near the beginning of the tax prep process. If you skip it then, you'll see the same screen again near the end. You'll have to say yes or no..."This is part of the corporate arms race for your personal data. Everyone including the grocery store, your apps and the manufacturer of your car are gobbling information to profit from details of your life. With TurboTax, though, you have the power to refuse to participate... TurboTax and the online tax prep service from H&R Block have been asking every year to blab your tax return. We've cautioned you about it for each of the past two tax filing seasons. (I focused only on TurboTax this year.)Read more of this story at Slashdot.
You know how like-charged objects repel - and do so regardless of the sign of their electrical charge? Maybe not always, according to new research published in Nature. "We demonstrate experimentally that the solvent plays a hitherto unforeseen but crucial role in interparticle interactions," they write. But more importantly, "interactions in the fluid phase can break charge-reversal symmetry. We show that in aqueous solution, negatively charged particles can attract at long range while positively charged particles repel. [In solvents like alcohols "that exhibit an inversion of the net molecular dipole at an interface"], positively charged particles may attract whereas negatives repel. The observations hold across a wide variety of surface chemistries: from inorganic silica and polymeric particles to polyelectrolyte- and polypeptide-coated surfaces in aqueous solution. A theory of interparticle interactions that invokes solvent structuring at an interface captures the observations. Our study establishes a nanoscopic interfacial mechanism by which solvent molecules may give rise to a strong and long-ranged force in solution, with immediate ramifications for a range of particulate and molecular processes across length scales such as self-assembly, gelation and crystallization, biomolecular condensation, coacervation, and phase segregation. The delicate interplay of interactions between objects in the fluid phase influences the behaviour, organization and properties of systems from nanometric to more macroscopic size and length scales and thus underpins a wealth of natural phenomena... Thanks to long-time Slashdot reader Greymane for sharing the article.Read more of this story at Slashdot.
"The Mandalorian & Grogu and Daisy Ridley's untitled Star Wars movie have received working titles ahead of their respective production starts," reports CBR: According to The Cosmic Circus, The Mandalorian and Grogu will be filmed under the working title "Thunder Alley", while Ridley's Star Wars movie will be known as "New Jedi Order..." The Mandalorian & Grogu will be the first Star Wars movie to enter production since 2019's The Rise of Skywalker, the ninth and final installment in The Skywalker Saga... [In Ridley's untitled Star Wars movie], Ridley will reprise her role from the Star Wars sequel trilogy as Rey, with the new movie set to follow the fan-favorite Jedi as she rebuilds the Jedi Order roughly 15 years after the events of The Rise of Skywalker... Other Star Wars movies in the works include James Mangold's upcoming feature about the origins of The Force, set during the Dawn of the Jedi era; and Dave Filoni's feature-length film set in the New Republic era that will conclude post-Return of the Jedi storylines that began in The Mandalorian, The Book of Boba Fett, Ahsoka and the upcoming Skeleton Crew. "California's Film Commission announced in a news release Monday that Lucasfilm's upcoming feature film The Mandalorian & Grogu will be produced entirely in the state," reports the Press Democrat, "one of 15 movie productions coming to fruition thanks to California's Film and TV Tax Credit Program."Based on the popular Disney+ series and directed by "The Mandalorian" creator Jon Favreau, "The Mandalorian & Grogu" is set to be the first film in the franchise's 46-year history to be shot entirely in the state and the biggest blockbuster in the history of the commission's tax credit program, bringing approximately $166 million to the state's economy through wages and expenditures, the release said. According to The Hollywood Reporter, the film will get $21.8 million in tax credits. The Mandalorian & Grogu, which is due to begin filming later this year and is currently expected to be released sometime in 2026, will continue the story of the titular lone bounty hunter and his alien baby companion that began in the three-season series, Lucasfilm announced last month.Read more of this story at Slashdot.
An anonymous Slashdot reader shared this report from The Washington Post:A YouTube contractor was addressing the Austin City Council on Thursday, calling on them to urge Google to negotiate with his union, when a colleague interrupted him with jaw-dropping news: His 43-person team of contractors had all been laid off... The YouTube workers, who work for Google and Cognizant, unanimously voted to unionize under the Alphabet Workers Union-CWA in April 2023. Since then, the workers say that Google has refused to bargain with them. Thursday's layoff signifies continued tensions between Google and its workers, some of whom in 2021 formed a union... Workers had about 20 minutes to gather their belongings and leave the premises before they were considered trespassing. Video footage of the moment is embedded at the top of the article. "I was speechless, shocked," said the contractor who'd been speaking. He told the Washington Post "I didn't know what to do. But angered, that was the main feeling."The council meeting was streaming live online and has since spread on social media. The contractors view the layoff as retaliation for unionizing, but Google and information technology subcontractor Cognizant said it was the normal end of a business contract. The ability for layoffs to spread over social media highlights how the painful experience of a job loss is frequently being made public, from employees sharing recordings of Zoom meetings to posting about their unemployment. The increasing tension between YouTube's contractors and Google comes as massive layoffs continue to hit the tech industry - leaving workers uneasy and companies emboldened. Google already has had rounds of cuts the past two years. Google has been in a long-running battle with many of its contractors as they seek the perks and high pay that full-time Google workers are accustomed to. The company has tens of thousands of contractors doing everything from food service to sales to writing code... Google maintains that Cognizant is responsible for the contractors' employment and working conditions, and therefore isn't responsible for bargaining with them. Cognizant said it is offering the workers seven weeks of paid time to explore other roles at the company and use its training resources. Last year, the National Labor Relations Board ruled that Cognizant and Google are joint employers of the contractors. In January, the NLRB sent a cease-and-desist letter to both employers for failing to bargain with the union. Since then the issue of joint employment, which would ultimately determine which company is responsible for bargaining, has landed in an appeals court and has yet to be ruled on. "Workers say they don't have sick pay, receive minimal benefits and are paid as little as $19 an hour," according to the article, "forcing some to work multiple jobs to make ends meet."Sam Regan, a data analyst contractor for YouTube Music, told the Washington Post that he was one of the last workers to leave the meeting where the layoffs were announced. "Upon leaving, he heard one of the security guards call the non-emergency police line to report trespassers."Read more of this story at Slashdot.
In 2005 Gabe Rivera was a compiler software engineer at Intel - before starting the tech-news aggregator Techmeme. And last year his Threads profile added the words "This is a little self-serving, but I want all social networks to be as open as possible." Friday Threads engineer Jesse Chen posted that it was Rivera's post when Threads launched asking for an API that "convinced us to go for it." And Techmeme just made its first post using the API, according to Chen.The Verge reports :Threads plans to release its API by the end of June after testing it with a limited set of partners, including Hootsuite, Sprinklr, Sprout Social, Social News Desk, and Techmeme. The API will let developers build third-party apps for Threads and allow sites to publish directly to the platform. More from TechCrunch: Engineer Jesse Chen posted that the company has been building the API for the past few months. The API currently allows users to authenticate, publish threads and fetch the content they post through these tools. "Over the past few months, we've been building the Threads API to enable creators, developers, and brands to manage their Threads presence at scale and easily share fresh, new ideas with their communities from their favorite third-party applications," he said... The engineer added that Threads is looking to add more capabilities to APIs for moderation and insights gathering.Read more of this story at Slashdot.
"A ransomware gang once thought to have been crippled by law enforcement has snarled prescription processing for millions of Americans over the past week..." reports the Washington Post. "The hackers stole data about patients, encrypted company files and demanded money to unlock them, prompting the company to shut down most of its network as it worked to recover."Insurance giant UnitedHealthcare Group said the hackers struck its Change Health business unit, which routes prescription claims from pharmacies to companies that determine whether patients are covered by insurance and what they should pay... Change Health and a rival, CoverMyMeds, are the two biggest players in the so-called switch business, charging pharmacies a small fee for funneling claims to insurers. "When one of them goes down, obviously it's a major problem," said Patrick Berryman, a senior vice president at the National Community Pharmacists Association... UnitedHealth estimated that more than 90 percent of the nation's 70,000-plus pharmacies have had to alter how they process electronic claims as a result of the Change Health outage. But it said only a small number of patients have been unable to get their prescriptions at some price. At CVS, which operates one of the largest pharmacy networks in the nation, a spokesperson said there are "a small number of cases in which our pharmacies are not able to process insurance claims" as a result of the outage. It said workarounds were allowing it to fill prescriptions, however... For pharmacies that were not able to quickly route claims to a different company, the Change Health outage left pharmacists to try to manually calculate a patient's co-pay or offer them the cash price. Compounding the impact, thousands of organizations cut off Change Health from their systems to ensure the hackers did not infect their networks as well... The attack on Change Health has left many pharmacies in a cash-flow bind, as they face bills from the companies that deliver the medication without knowing when they will be reimbursed by insurers. Some pharmacies are requiring customers to pay full price for their prescriptions when they cannot tell if they are covered by insurance. In some cases, that means people are paying more than $1,000 out of pocket, according to social media posts. The situation has been "extremely disruptive," said Erin Fox, associate chief pharmacy officer at University of Utah Health. "At our system, our retail pharmacies were providing three-day gratis emergency supplies for patients who could not afford to pay the cash price," Fox said by email. "In some cases, like for inhalers, we had to send product out at risk, not knowing if we will ever get paid, but we need to take care of the patients." Axis Pharmacy Northwest near Seattle is "going out on a limb and dispensing product with absolutely no inkling if we'll get paid or not," said Richard Molitor, the pharmacist in charge.Read more of this story at Slashdot.
An anonymous reader quotes a report from MacRumors: Spotify, Epic Games, Deezer, Paddle, and several other developers and EU associations today sent a joint letter to the European Commission to complain about Apple's "proposed scheme for compliance" with the Digital Markets Act (DMA). The 34 companies and associations do not believe Apple's plans "meet the law's requirements." Apple's changes "disregard both the spirit and letter of the law" and if left unchanged, will "make a mockery of the DMA," according to the letter. Several specific components of Apple's plan are highlighted, including the Core Technology Fee, the Notarization process, and the terms that developers must accept: - Apple's requirement to stay with the current App Store terms or opt in to new terms provides developers with "an unworkable choice" that adds complexity and confusion. The letter suggests that neither option is DMA compliant and would "consolidate Apple's stronghold over digital markets."- The Core Technology Fee and transaction fees will hamper competition and will prevent developers from agreeing to the "unjust terms."- Apple is using "unfounded privacy and security concerns" to limit user choice. The "scare screens" that Apple plans to show users will "mislead and degrade the user experience."- Apple is not allowing sideloading, and it is making the installation and use of new app stores "difficult, risky and financially unattractive for developers." The companies and associations are urging the European Union to take "swift, timely and decisive action against Apple." The way the European Commission responds to Apple's proposal "will serve as a litmus test of the DMA and whether it can deliver for Europe's citizens and economy." Further reading: Apple Backtracks on Removing EU Home Screen Web Apps in iOS 17.4Read more of this story at Slashdot.
An upcoming April release of Copilot for OneDrive will be able to find, summarize, and extract information from a wide range of files, including text documents, presentations, spreadsheets, HTML pages and PDF files. "Users can ask Copilot to tailor summaries to their liking, such as only including key points or highlights from a specific section," reports The Verge. From the report: The chatbot will also be able to respond to natural language prompts and answer highly specific questions about the contents of a user's files. Some examples given by Microsoft included asking Copilot to tabulate a week's worth of beverage sales and throw the data in a table view by day. Or, asking it to list the pros and cons of a project, or display the most recent or relevant files. Users can even ask Copilot for advice on how to make their documents better. Copilot on OneDrive will also be able to create outlines, tables, and lists for users, based on existing files. A few examples given were: - Using the /sales-enablement.docx as reference, create an outline of a sales pitch to a new customer.- For these selected resumes, create a table with names, current title, years of experience, educational qualifications, and current location.- Create a list of frequently asked questions about project Moonshot.Read more of this story at Slashdot.
The desert planet Arrakis in Frank Herbert's science fiction novel Dune is plausible, says Alexander Farnsworth, a climate modeler at the University of Bristol in England. According to Science News, the world would be a harsh place for humans to live, and they probably wouldn't have to worry about getting eaten by extraterrestrial helminths. From the report: For their Arrakis climate simulation, which you can explore at the website Climate Archive, Farnsworth and colleagues started with the well-known physics that drive weather and climate on Earth. Using our planet as a starting point makes sense, Farnsworth says, partly because Herbert drew inspiration for Arrakis from "some sort of semi-science of looking at dune systems on the Earth itself." The team then added nuggets of information about the planet from details in Herbert's novels and in the Dune Encyclopedia. According to that intel, the fictional planet's atmosphere is similar to Earth's with a couple of notable differences. Arrakis has less carbon dioxide in the atmosphere than Earth -- about 350 parts per million on the desert planet compared with 417 parts per million on Earth. But Dune has far more ozone in its lower atmosphere: 0.5 percent of the gases in the atmosphere compared to Earth's 0.000001 percent. All that extra ozone is crucial for understanding the planet. Ozone is a powerful greenhouse gas, about 65 times as potent at warming the atmosphere as carbon dioxide is, when measured over a 20-year period. "Arrakis would certainly have a much warmer atmosphere, even though it has less CO2 than Earth today," Farnsworth says. In addition to warming the planet, so much ozone in the lower atmosphere could be bad news. "For humans, that would be incredibly toxic, I think, almost fatal if you were to live under such conditions," Farnsworth says. People on Arrakis would probably have to rely on technology to scrub ozone from the air. Of course, ozone in the upper atmosphere could help shield Arrakis from harmful radiation from its star, Canopus. (Canopus is a real star also known as Alpha Carinae. It's visible in the Southern Hemisphere and is the second brightest star in the sky. Unfortunately for Dune fans, it isn't known to have planets.) If Arrakis were real, it would be located about as far from Canopus as Pluto is from the sun, Farnsworth says. But Canopus is a large white star calculated to be about 7,200 degrees Celsius. "That's significantly hotter than the sun," which runs about 2,000 degrees cooler, Farnsworth says. But "there's a lot of supposition and assumptions they made in here, and whether those are accurate numbers or not, I can't say." The climate simulation revealed that Arrakis probably wouldn't be exactly as Herbert described it. For instance, in one throwaway line, the author described polar ice caps receding in the summer heat. But Farnsworth and colleagues say it would be far too hot at the poles, about 70A C during the summer, for ice caps to exist at all. Plus, there would be too little precipitation to replenish the ice in the winter. High clouds and other processes would warm the atmosphere at the poles and keep it warmer than lower latitudes, especially in the summertime. Although Herbert's novels have people living in the midlatitudes and close to the poles, the extreme summer heat and bone-chilling -40C to -75C temperatures in the winters would make those regions nearly unlivable without technology, Farnsworth says. Temperatures in Arrakis' tropical latitudes would be relatively more pleasant at 45C in the warmest months and about 15C in colder months. On Earth, high humidity in the tropics makes it far warmer than at the poles. But on Arrakis, "most of the atmospheric moisture was essentially removed from the tropics," making even the scorching summers more tolerable. The poles are where clouds and the paltry amount of moisture gather and heat the atmosphere. But the tropics on Arrakis pose their own challenges. Hurricane force winds would regularly sandblast inhabitants and build dunes up to 250 meters tall, the researchers calculate. It doesn't mean people couldn't live on Arrakis, just that they'd need technology and lots of off-world support to bring in food and water, Farnsworth says. "I'd say it's a very livable world, just a very inhospitable world."Read more of this story at Slashdot.
An anonymous reader quotes a report from CBS News: Scientists and researchers are celebrating what they call a "dream" discovery after an exploratory drill confirmed a high concentration of helium buried deep in Minnesota's Iron Range. Thomas Abraham-James, CEO of Pulsar Helium, said the confirmed presence of helium could be one of the most significant such finds in the world. CBS News Minnesota toured the drill site soon after the drill rig first broke ground at the beginning of February. The discovery happened more than three weeks later at about 2 a.m. Thursday, as a drill reached its depth of 2,200 feet below the surface. According to Abraham-James, the helium concentration was measured at 12.4%, which is higher than forecasted and roughly 30 times the industry standard for commercial helium. "12.4% is just a dream. It's perfect," he said. Now that helium is confirmed to be underground in Babbitt, Abraham-James said the next phase of the project is a feasibility study by an independent third party to study the size of the well and whether it could support a full-service helium plant. "It's not just about drilling one hole, but now proving up the geological models, being able to get some really good data that wasn't captured in the original discovery," he explained. "It has the potential to really contribute to local society." The company said the feasibility study could take until the end of the year to complete.Read more of this story at Slashdot.
Since implementing a remote-first policy in 2021, Yelp says it's experienced a surge in job applications and a more satisfied workforce. Fortune reports: Last year, the total number of job applicants was 43% higher compared to 2021, according to Yelp's 2024 Remote Work Report released earlier this month. The number of applicants for sales roles skyrocketed by 103%, and prospects for its general and administrative (G&A) positions shot up 52% over the same time period. Those increases fall in line with data that shows a tidal wave of applicants clamoring for remote jobs. "It's rewarding to see both the level of interest and the quality of our applicants," Carmen Amara, chief people officer at Yelp, told Fortune. "Remote work has allowed us to attract a number of candidates who previously would not have applied to Yelp due to their location." Despite arguments that remote work weakens workers' connections and growth opportunities, Yelp says it has found the opposite to be true. About 90% of the company's more than 4,700 employees say they have found effective ways to collaborate remotely, and 91% say they are confident in upward career mobility while working out of the office. Flexible schedules have also facilitated a healthy work-life balance -- about 89% of the company's workers say they can manage personal and professional demands, and the same amount say that the remote model has allowed them to make positive changes for their wellbeing. Notably, Yelp's global tenure has increased to 3.5 years in 2023, compared to 2.8 years the year prior. The company says it's using the money it saved from shutting down its underutilized offices in New York City, Chicago, and Washington D.C., to funnel back into employee benefits, professional development, and wellness reimbursements.Read more of this story at Slashdot.
Emma Roth reports via The Verge: If you still haven't migrated your Oculus account to a Meta one, you might want to do that soon. In an email sent to users, the company says it will delete Oculus accounts on March 29th, 2024, preventing you from reactivating or retrieving your apps, in-app purchases, store credits, and more. You'll lose your achievements, friends list, and any content created with your Oculus account if you don't migrate to a Meta account before then. Oculus accounts have been on the way out since 2020, when the company then known as Facebook started requiring new users to sign up with Facebook accounts instead. However, it added the ability to create a Meta account in 2022, offering an alternative to users who didn't want to link their Facebook account to their Quest headset. Meta stopped letting users log in to their Oculus accounts in January 2023. If you've got a Quest gathering dust in a drawer somewhere, now's your last chance to migrate your Oculus account to a Meta one. You can migrate your account by heading to this page and signing up for a Meta account with the same email you've used for Oculus. From there, you'll be able to access all of the same games, data, and other purchases saved to your Oculus account.Read more of this story at Slashdot.
The California Public Utilities Commission (CPUC) approved Alphabet's Waymo robotaxi service to operate in Los Angeles and some cities near San Francisco. Reuters reports: Waymo, which already operates in San Francisco and Phoenix, applied on Jan 19 to expand its driverless services, saying it would work with policymakers, first responders and community organizations. Last month, the CPUC suspended the application "for further staff review." "Waymo may begin fared driverless passenger service operations in the specified areas of Los Angeles and the San Francisco Peninsula, effective today," the regulator said on a notice posted to its website Friday.Read more of this story at Slashdot.
An anonymous reader quotes a report from Gizmodo: For 20 years, a loosely organized group of Wikipedia editors toiled away curating a collection of 15,000 articles on a single subject: the roads and highways of the United States. Despite minor disagreements, the US Roads Project mostly worked in harmony, but recently, a long-simmering debate over the website's rules drove this community to the brink. Efforts at compromise fell apart. There was a schism, and in the fall of 2023, the editors packed up their articles and moved over to a website dedicated to roads and roads alone. It's called AARoads, a promised land where the editors hope, at last, that they can find peace. "Roads are a background piece. People drive on them every day, but they don't give them much attention," said editor Michael Gronseth, who goes by Imzadi1979 on Wikipedia, where he dedicated his work to Michigan highways, specifically. But a road has so much to offer if you look beyond the asphalt. It's the nexus of history, geography, travel, and government, a seemingly perfect subject for the hyper-fixations of Wikipedia. "But there was a shift about a year ago," Gronseth said. "More editors started telling us that what we're doing isn't important enough, and we should go work on more significant topics." [...] The Roads Project had a number of adversaries, but the chief rival is a group known as the New Page Patrol, or the NPP for short. The NPP has a singular mission. When a new page goes up on Wikipedia, it gets reviewed by the NPP. The Patrol has special editing privileges and if a new article doesn't meet the website's standards, the NPP takes it down. "There's a faction of people who feel that basically anything is valid to be published on Wikipedia. They say, 'Hey, just throw it out there! Anything goes.' That's not where I come down." said Bil Zeleny, a former member of the NPP who goes by onel5969 on Wikipedia, a reference to the unusual spelling of his first name. At his peak, Zeleny said he was reviewing upwards of 100,000 articles a year, and he rejected a lot of articles about roads during his time. After years of frustration, Zeleny felt he was seeing too many new road articles that weren't following the rules -- entire articles that cited nothing other than Google Maps, he said. Enough was enough. Zeleny decided it was time to bring the subject to the council. Zeleny brought up the problem on the NPP discussion forum, sparking months of heated debate. Eventually, the issue became so serious that some editors proposed an official policy change on the use of maps as a source. Rule changes require a process called "Request for Comment," where everyone is invited to share their thoughts on the issue. Over the course of a month, Wikipedia users had written more than 56,000 words on the subject. For reference, that's about twice as long as Ernest Hemingway's novel The Old Man and the Sea. In the end, the roads project was successful. The vote was decisive, and Wikipedia updated its "No Original Research" policy to clarify that it's ok to cite maps and other visual sources. But this, ultimately, was a victory with no winners. "Some of us felt attacked," Gronseth said. On the US Roads Project's Discord channel, a different debate was brewing. The website didn't feel safe anymore. What would happen at the next request for comment? The community decided it was time to fork. "We don't want our articles deleted. It didn't feel like we had a choice," he said. The Wikipedia platform is designed for interoperability. If you want to start your own Wiki, you can split off and take your Wikipedia work with you, a process known as "forking." [...] Over the course of several months, the US Roads Project did the same. Leaving Wikipedia was painful, but the fight that drove the roads editors away was just as difficult for people on the other side. Some editors embroiled in the roads fights deleted their accounts, though none of these ex-Wikipedian's responded to Gizmodo's requests for comment. Bil Zeleny was among the casualties. After almost six years of hard work on the New Post Patrol, he reached the breaking point. The controversy had pushed him too far, and Zeleny resigned from the NPP. [...] AARoads actually predates Wikipedia, tracing its origins all the way back to the prehistoric internet days of the year 2000, complete with articles, maps, forums, and a collection of over 10,000 photos of highway signs and markers. When the US Roads Project needed a new home, AARoads was happy to oblige. It's a beautiful resource. It even has backlinks to relevant non-roads articles on the regular Wikipedia. But for some, it isn't home. "There are members who disagree with me, but my ultimate goal is to fork back," said Gronseth. "We made our articles license-compatible, so they can be exported back to Wikipedia someday if that becomes an option. I don't want to stay separate. I want to be part of the Wikipedia community. But we don't know where things will land, and for now, we've struck out on our own."Read more of this story at Slashdot.
Paul Kunert writes in an exclusive report for The Register: IBM is asking staff who want to take voluntary redundancy to raise their hand as it embarks on a new round of global job cuts, though roles in Europe and within a handful of departments are expected to shoulder the brunt. The Resource Action, as Big Blue likes to euphemistically refer to layoffs, shouldn't be a massive surprise to anyone with more than a passing interest in IBM as it was signaled last month in a Q4 earnings call. Insiders told us this latest process is not considered to be financial but "transformative," although IBM was quite clear in January when CFO James Kavanaugh discussed achieving "$3 billion annual run rate in savings by the end of 2024." This is a third bigger than the initial ambition. The Reg understands that 80 percent of the reduction target is aimed at Enterprise Operations & Support (EO&S) and Q2C missions, Finance & Operations (including Procurement, CIO, HR, Marketing & Comms and Global Real Estate). The European Works Council, one IBMer told us, has informed staff that circa 50 percent of IBM's reduction goal will impact staffing levels across the European continent. As if often the preferred route, IBM is seeking employees that are happy to take voluntary redundancy, rather than ditching someone that doesn't want to leave. The sources we spoke to did not reveal the total population in scope for redundancies or the numbers of volunteers being sought. IBM did not confirm the numbers either. [...] Slovakia, we're told, is to feel the tightest squeeze with around a third of IBM's cuts in Europe landing on its International (shared services) Center in Bratislava; the Center in Hungary that supports EO&S/ Q2C, as well as the Finance function in Bulgaria are also going to absorb what our sources described as the most dramatic staff reductions.Read more of this story at Slashdot.
The Supreme Court of Canada ruled today that police must now have a warrant or court order to obtain a person or organization's IP address. CBC News reports: The top court was asked to consider whether an IP address alone, without any of the personal information attached to it, was protected by an expectation of privacy under the Charter. In a five-four split decision, the court said a reasonable expectation of privacy is attached to the numbers making up a person's IP address, and just getting those numbers alone constitutes a search. Writing for the majority, Justice Andromache Karakatsanis wrote that an IP address is "the crucial link between an internet user and their online activity." "Thus, the subject matter of this search was the information these IP addresses could reveal about specific internet users including, ultimately, their identity." Writing for the four dissenting judges, Justice Suzanne Cote disagreed with that central point, saying there should be no expectation of privacy around an IP address alone. [...] In the Supreme Court majority decision, Karakatsanis said that only considering the information associated with an IP address to be protected by the Charter and not the IP address itself "reflects piecemeal reasoning" that ignores the broad purpose of the Charter. The ruling said the privacy interests cannot be limited to what the IP address can reveal on its own "without consideration of what it can reveal in combination with other available information, particularly from third-party websites." It went on to say that because an IP address unlocks a user's identity, it comes with a reasonable expectation of privacy and is therefore protected by the Charter. "If [the Charter] is to meaningfully protect the online privacy of Canadians in today's overwhelmingly digital world, it must protect their IP addresses," the ruling said. Justice Cote, writing on behalf of justices Richard Wagner, Malcolm Rowe and Michelle O'Bonsawin, acknowledged that IP addresses "are not sought for their own sake" but are "sought for the information they reveal." "However, the evidentiary record in this case establishes that an IP address, on its own, reveals only limited information," she wrote. Cote said the biographical personal information the law was designed to protect are not revealed through having access to an IP address. Police must use that IP address to access personal information that is held by an ISP or a website that tracks customers' IP addresses to determine their habits. "On its own, an IP address does not even reveal browsing habits," Cote wrote. "What it reveals is a user's ISP -- hardly a more private piece of information than electricity usage or heat emissions." Cote said placing a reasonable expectation of privacy on an IP address alone upsets the careful balance the Supreme Court has struck between Canadians' privacy interests and the needs of law enforcement. "It would be inconsistent with a functional approach to defining the subject matter of the search to effectively hold that any step taken in an investigation engages a reasonable expectation of privacy," the dissenting opinion said.Read more of this story at Slashdot.
An anonymous reader quotes a report from TechCrunch: A technology company that routes millions of SMS text messages across the world has secured an exposed database that was spilling one-time security codes that may have granted users' access to their Facebook, Google and TikTok accounts. The Asian technology and internet company YX International manufactures cellular networking equipment and provides SMS text message routing services. SMS routing helps to get time-critical text messages to their proper destination across various regional cell networks and providers, such as a user receiving an SMS security code or link for logging in to online services. YX International claims to send 5 million SMS text messages daily. But the technology company left one of its internal databases exposed to the internet without a password, allowing anyone to access the sensitive data inside using only a web browser, just with knowledge of the database's public IP address. Anurag Sen, a good-faith security researcher and expert in discovering sensitive but inadvertently exposed datasets leaking to the internet, found the database. Sen said it was not apparent who the database belonged to, nor who to report the leak to, so Sen shared details of the exposed database with TechCrunch to help identify its owner and report the security lapse. Sen told TechCrunch that the exposed database included the contents of text messages sent to users, including one-time passcodes and password reset links for some of the world's largest tech and online companies, including Facebook and WhatsApp, Google, TikTok, and others. The database had monthly logs dating back to July 2023 and was growing in size by the minute. In the exposed database, TechCrunch found sets of internal email addresses and corresponding passwords associated with YX International, and alerted the company to the spilling database. The database went offline a short time later.Read more of this story at Slashdot.
Stack Overflow has launched an API that will require all AI models trained on its coding question-and-answer content to attribute sources linking back to its posts. And it will cost money to use the site's content. From a report: "All products based on models that consume public Stack Overflow data are required to provide attribution back to the highest relevance posts that influenced the summary given by the model," it confirmed in a statement. The Overflow API is designed to act as a knowledge database to help developers build more accurate and helpful code-generation models. Google announced it was using the service to access relevant information from Stack Overflow via the API and integrate the data with its latest Gemini models, and for its cloud storage console.Read more of this story at Slashdot.
Rates of obesity in the U.S. and around the world have more than doubled over the past three decades, according to a new study in The Lancet. From a report: More than 1 billion people worldwide now have obesity, a sign of worsening nutrition that's also raising the risk of leading causes of death and disease such as high blood pressure, cancer and diabetes. The global rate of obesity more than doubled among women, from 8.8% to 18.5%, and nearly tripled in men, from 4.8% to 14.0%, between 1990 and 2022, according to research that pulls from over 3,600 studies. The obesity rate among children and adolescents increased by roughly four times, from 1.7% to 6.9% in girls and 2.1% to 9.3% in boys. Just over 4 in 10 adults and 2 in 5 kids in the U.S. are obese. The U.S. now has the world's 10th-highest male obesity rate and 36th-highest female obesity rate. In 1990, the U.S. had the world's 17th-highest male obesity rate and the 41st-highest female obesity rate.Read more of this story at Slashdot.
Energy-related emissions of carbon dioxide hit a record high in 2023, the International Energy Agency (IEA) said in a report on Friday. The IEA analysis showed that it rose by 410 million tonnes, or 1.1%, in 2023 to 37.4 billion tonnes. From a report: "Far from falling rapidly -- as is required to meet the global climate goals set out in the Paris Agreement -- CO2 emissions reached a new record high," the IEA said. However, the Paris-based watchdog also found clean energy including wind and solar energy, as well as electric vehicles, had helped to offset the impact of the continued burning of coal and oil growth, which was 1.3% in 2022. The reopening of China's economy after the COVID-19 pandemic and a recovery in the aviation sector contributed to an overall rise, the IEA said in its report. Severe droughts last year in China, the United States, India, and other countries hampered hydropower production. It accounted for around 40% of the rise in emissions or 170 million tonnes of CO2. "Without this effect, emissions from the global electricity sector would have fallen in 2023," the IEA said. Carbon dioxide emissions from coal accounted for the remaining increase. The IEA analysis showed that 2023 was the first year in which at least half of electricity generation in industrialized countries came from low-emission sources such as renewable energy and nuclear power. Energy-related emissions in the United States fell by 4.1%, and 9% in the European Union, driven by a surge in renewable power generation.Read more of this story at Slashdot.
Startup wind-down services are seeing rapid growth as failed startups look for help shutting down. Pitchbook: On the phone with a founder who recently wound down his seed-stage software startup, I asked him what his plan was next. Having laid off all of his employees in autumn of last year, he was the last man standing: tasked with the thankless job of shutting down the company, returning capital, and dealing with tax documents. To handle the bureaucracy, the founder used Sunset, one of the companies that sprung up last year to respond to the burgeoning industry of failed startups. In a sign of the times, such wind-down startups are growing rapidly. Sunset saw 9x quarter-over-quarter revenue growth and a 65% monthly customer growth rate between November 2023 and January 2024. Competitor SimpleClosure, which closed a $4 million seed round this month led by Infinity Ventures, has passed the $1 million mark in annualized revenue and also recorded a monthly growth rate of over 50% in the same period. Since its public launch in September, the startup's revenue has increased more than 14x. Even larger startups are interested in the additional help. "We've now had multiple companies that have become customers that have raised tens of millions [in venture funding]," said Dori Yona, co-founder and CEO of SimpleClosure. In early February, equity management platform Carta joined the bandwagon: CEO Henry Ward announced in a blog post a new startup shutdown service, Carta Conclusions. "[T]he work of dissolving a company is exceptionally unpleasant. It is also, by definition, zero-value to the founder, the company, and the world," Ward wrote. Carta's entrance could disrupt its competitors, given its existing relationships with a large customer base of startups and access to internal startup data on cap table management, which could help it to accurately target prospects. Founders never want to think about the possibility of failure, but the vast majority of startups never make it to a successful liquidity event.Read more of this story at Slashdot.
Nikon is working with NASA to make a mirrorless camera that astronauts will use during the agency's incoming Artemis III mission to document their return to the Moon. From a report: On Thursday, NASA announced that it had entered a Space Act agreement with Nikon to develop the Handheld Universal Lunar Camera (HULC), a camera system designed to capture imagery in low light and survive the harsh lunar environment. The crewed Artemis III mission -- which will launch "no earlier than September 2026" -- aims to explore the lunar south pole, a region of the Moon that contains water ice within permanently shadowed craters. That makes it an area of scientific interest, but the extreme lighting and temperature conditions pose particular technical challenges for operating equipment within the lunar south pole region. Nikon's full-frame Z9 flagship has already been used in thermal, vacuum, and radiation testing before the agreement, with a modified version of the camera forming the base of the HULC system alongside Nikkor lenses. The HULC design also implements thermal blankets designed by NASA to protect the camera from dust and extreme temperatures and modified electrical components to minimize potential issues caused by radiation. A custom grip with modified buttons has been used to make it easier for suited crew members to operate the camera system while wearing gloves.Read more of this story at Slashdot.
Russian space officials have acknowledged a continuing air leak from the Russian segment of the International Space Station, but said it poses no danger to its crew. From a report: The Roscosmos state corporation said that specialists were monitoring the leak and the crew "regularly conducts work to locate and fix possible spots of the leak." It said in a statement carried by Russian news agencies: "There is no threat to the crew or the station itself." Joel Montalbano, Nasa's station project manager, had noted on Wednesday that the leak in the Russian segment has increased but emphasised that it remained small and posed no threat to the crew's safety or vehicle operations. As the space outpost is ageing, the crew has to spend more time to repair and maintain it, Roscosmos said. Russian space officials first reported a leak in the Zvezda module in August 2020 and later that year Russian crew members located what they believed was its source and tried to fix it. In November 2021, another potentially leaky spot was found in a different part of the Russian section of the station. Roscosmos and Nasa have said the leak posed no danger to the crew and did not affect operations on the station. There have been other glitches. In October, coolant leaked from an external backup radiator for Russia's new science lab, Nauka, although its main thermal control system was working normally and space officials said the crew and the station were not in danger.Read more of this story at Slashdot.
Apple is reversing its previous decision to remove support for Home Screen web apps in iOS 17.4 for EU users. Apple's statement: Previously, Apple announced plans to remove the Home Screen web apps capability in the EU as part of our efforts to comply with the DMA. The need to remove the capability was informed by the complex security and privacy concerns associated with web apps to support alternative browser engines that would require building a new integration architecture that does not currently exist in iOS. We have received requests to continue to offer support for Home Screen web apps in iOS, therefore we will continue to offer the existing Home Screen web apps capability in the EU. This support means Home Screen web apps continue to be built directly on WebKit and its security architecture, and align with the security and privacy model for native apps on iOS. Developers and users who may have been impacted by the removal of Home Screen web apps in the beta release of iOS in the EU can expect the return of the existing functionality for Home Screen web apps with the availability of iOS 17.4 in early March.Read more of this story at Slashdot.
HP launched a subscription service this week that rents people a printer, allots them a specific amount of printed pages, and sends them ink for a monthly fee. From a report: HP is framing its service as a way to simplify printing for families and small businesses, but the deal also comes with monitoring and a years-long commitment. Prices range from $6.99 per month for a plan that includes an HP Envy printer (the current model is the 6020e) and 20 printed pages. The priciest plan includes an HP OfficeJet Pro rental and 700 printed pages for $35.99 per month. HP says it will provide subscribers with ink deliveries when they're running low and 24/7 support via phone or chat (although it's dubious how much you want to rely on HP support). Support doesn't include on or offsite repairs or part replacements. The subscription's terms of service (TOS) note that the service doesn't cover damage or failure caused by, unsurprisingly, "use of non-HP media supplies and other products" or if you use your printer more than what your plan calls for. HP calls this an All-In-Plan; if you subscribe, the tech company will be all in on your printing activities. One of the most perturbing aspects of the subscription plan is that it requires subscribers to keep their printers connected to the Internet. HP seeks two-year subscriber commitments, charging up to $270 plus taxes if canceled early.Read more of this story at Slashdot.
A number of government agencies in the European Union and elsewhere have voiced concerns about security risks as Apple opens up its iPhones and iPads to rival app stores to comply with EU tech rules, Apple said on Friday. From a report: Under the Digital Markets Act, from March 7 Apple will be required to offer alternative app stores on iPhones and allow developers to opt out of using its in-app payment system, which charges fees of up to 30%. The U.S. tech giant, which on Jan. 24 detailed the changes to bring its App Store in line with the EU rules, said "sideloading" has sparked concerns from both EU and non-EU government agencies and users.Read more of this story at Slashdot.
Google is cracking down on rooted Android devices, blocking multiple people from using the RCS message feature in Google Messages. From a report: Users with rooted phones -- a process that unlocks privileged access to the Android operating system, like jailbreaking iPhones -- have made several reports on the Google Messages support page, Reddit, and XDA's web forum over the last few months, finding they're suddenly unable to send or receive RCS messages. One example from Reddit user u/joefuf shows that RCS messages would simply vanish after hitting the send button. Several reports also mention that Google Messages gave no indication that RCS chat was no longer working, and was still showing as connected and working in Google Messages. In a statement sent to the Verge where we asked if Google is blocking rooted devices from using RCS, Google communications manager Ivy Hunt said the company is "ensuring that message-issuing/receiving devices are following the operating measures defined by the RCS standard" in a bid to prevent spam and abuse on Google Messages. In other words, yes, Google is blocking RCS on rooted devices.Read more of this story at Slashdot.
An anonymous reader shares a report: Google pulled more than a dozen popular Indian apps including recruitment platform Naukri, matrimony service Shaadi, audio storytelling platforms Kuku FM and Stage and real-estate manager 99acres from Play Store on Friday after warning that it will be taking actions against developers who have persistently not complied with its billing policies, escalating a three-year dispute in what is the company's largest market by users. Google said that 10 companies in the country, including "many well-established" names it did not disclose, had avoided paying fees despite benefiting from the platform. The Android-maker, owned by Alphabet, said a small group of developers in India had more than three years to prepare and comply with Play Store's payments policy but opted against it. These firms continue to comply with payment policies of other app stores, Google said. Some Android apps of matrimony platforms Shaadi, Matrimony.com and Bharat Matrimony were pulled from the Play Store Friday. Info Edge's Naukri and 99acres, audio storytelling apps Kuku FM and Stage, Alt Balaji's Altt, dating service Quack Quack were also axed from the store. Murugavel Janakiraman, chief executive of Bharat Matrimony, said Google had pulled about 10 of the Indian firm's apps from the store. Bharat Matrimony is evaluating legal options, he told TechCrunch, adding that he believes Google has violated an Indian antitrust watchdog's order in its removal of the apps today. It's a "dark day for the India internet," he added. Lal Chand Bisu, co-founder and chief executive of Kuku FM lambasted at Google, saying the Android-maker had turned "the most evil" partner to do business with and the Indian startup ecosystem was "completely" in its control.Read more of this story at Slashdot.
Elon Musk has sued OpenAI, its co-founders Sam Altman and Greg Brockman and affiliated entities, alleging the ChatGPT makers have breached their original contractual agreements by pursuing profits instead of the non-profit's founding mission to develop AI that benefits humanity. TechCrunch: Musk, a co-founder and early backer of OpenAI, claims Altman and Brockman convinced him to help found and bankroll the startup in 2015 with promises it would be a non-profit focused on countering the competitive threat from Google. The founding agreement required OpenAI to make its technology "freely available" to the public, the lawsuit alleges. The lawsuit, filed in a court in San Francisco late Thursday, says that OpenAI, the world's most valuable AI startup, has shifted to a for-profit model focused on commercializing its AGI research after partnering with Microsoft, the world's most valuable company that has invested about $13 billion into the startup. "In reality, however, OpenAI, Inc. has been transformed into a closed-source de facto subsidiary of the largest technology company in the world: Microsoft. Under its new board, it is not just developing but is actually refining an AGI to maximize profits for Microsoft, rather than for the benefit of humanity," the lawsuit adds. "This was a stark betrayal of the Founding Agreement."Read more of this story at Slashdot.
An anonymous reader quotes an excerpt from a Wired article: In 2019, a government contractor and technologist named Mike Yeagley began making the rounds in Washington, DC. He had a blunt warning for anyone in the country's national security establishment who would listen: The US government had a Grindr problem. A popular dating and hookup app, Grindr relied on the GPS capabilities of modern smartphones to connect potential partners in the same city, neighborhood, or even building. The app can show how far away a potential partner is in real time, down to the foot. But to Yeagley, Grindr was something else: one of the tens of thousands of carelessly designed mobile phone apps that leaked massive amounts of data into the opaque world of online advertisers. That data, Yeagley knew, was easily accessible by anyone with a little technical know-how. So Yeagley -- a technology consultant then in his late forties who had worked in and around government projects nearly his entire career -- made a PowerPoint presentation and went out to demonstrate precisely how that data was a serious national security risk. As he would explain in a succession of bland government conference rooms, Yeagley was able to access the geolocation data on Grindr users through a hidden but ubiquitous entry point: the digital advertising exchanges that serve up the little digital banner ads along the top of Grindr and nearly every other ad-supported mobile app and website. This was possible because of the way online ad space is sold, through near-instantaneous auctions in a process called real-time bidding. Those auctions were rife with surveillance potential. You know that ad that seems to follow you around the internet? It's tracking you in more ways than one. In some cases, it's making your precise location available in near-real time to both advertisers and people like Mike Yeagley, who specialized in obtaining unique data sets for government agencies. Working with Grindr data, Yeagley began drawing geofences -- creating virtual boundaries in geographical data sets -- around buildings belonging to government agencies that do national security work. That allowed Yeagley to see what phones were in certain buildings at certain times, and where they went afterwards. He was looking for phones belonging to Grindr users who spent their daytime hours at government office buildings. If the device spent most workdays at the Pentagon, the FBI headquarters, or the National Geospatial-Intelligence Agency building at Fort Belvoir, for example, there was a good chance its owner worked for one of those agencies. Then he started looking at the movement of those phones through the Grindr data. When they weren't at their offices, where did they go? A small number of them had lingered at highway rest stops in the DC area at the same time and in proximity to other Grindr users -- sometimes during the workday and sometimes while in transit between government facilities. For other Grindr users, he could infer where they lived, see where they traveled, even guess at whom they were dating. Intelligence agencies have a long and unfortunate history of trying to root out LGBTQ Americans from their workforce, but this wasn't Yeagley's intent. He didn't want anyone to get in trouble. No disciplinary actions were taken against any employee of the federal government based on Yeagley's presentation. His aim was to show that buried in the seemingly innocuous technical data that comes off every cell phone in the world is a rich story -- one that people might prefer to keep quiet. Or at the very least, not broadcast to the whole world. And that each of these intelligence and national security agencies had employees who were recklessly, if obliviously, broadcasting intimate details of their lives to anyone who knew where to look. As Yeagley showed, all that information was available for sale, for cheap. And it wasn't just Grindr, but rather any app that had access to a user's precise location -- other dating apps, weather apps, games. Yeagley chose Grindr because it happened to generate a particularly rich set of data and its user base might be uniquely vulnerable. The report goes into great detail about how intelligence and data analysis techniques, notably through a program called Locomotive developed by PlanetRisk, enabled the tracking of mobile devices associated with Russian President Vladimir Putin's entourage. By analyzing commercial adtech data, including precise geolocation information collected from mobile advertising bid requests, analysts were able to monitor the movements of phones that frequently accompanied Putin, indicating the locations and movements of his security personnel, aides, and support staff. This capability underscored the surveillance potential of commercially available data, providing insights into the activities and security arrangements of high-profile individuals without directly compromising their personal devices.Read more of this story at Slashdot.
In a series of tests using fake data, a U.S. government watchdog was able to steal more than 1GB of seemingly sensitive personal data from the cloud systems of the U.S. Department of the Interior. The experiment is detailed in a new report by the Department of the Interior's Office of the Inspector General (OIG), published last week. TechCrunch reports: The goal of the report was to test the security of the Department of the Interior's cloud infrastructure, as well as its "data loss prevention solution," software that is supposed to protect the department's most sensitive data from malicious hackers. The tests were conducted between March 2022 and June 2023, the OIG wrote in the report. The Department of the Interior manages the country's federal land, national parks and a budget of billions of dollars, and hosts a significant amount of data in the cloud. According to the report, in order to test whether the Department of the Interior's cloud infrastructure was secure, the OIG used an online tool called Mockaroo to create fake personal data that "would appear valid to the Department's security tools." The OIG team then used a virtual machine inside the Department's cloud environment to imitate "a sophisticated threat actor" inside of its network, and subsequently used "well-known and widely documented techniques to exfiltrate data." "We used the virtual machine as-is and did not install any tools, software, or malware that would make it easier to exfiltrate data from the subject system," the report read. The OIG said it conducted more than 100 tests in a week, monitoring the government department's "computer logs and incident tracking systems in real time," and none of its tests were detected nor prevented by the department's cybersecurity defenses. "Our tests succeeded because the Department failed to implement security measures capable of either preventing or detecting well-known and widely used techniques employed by malicious actors to steal sensitive data," said the OIG's report. "In the years that the system has been hosted in a cloud, the Department has never conducted regular required tests of the system's controls for protecting sensitive data from unauthorized access." That's the bad news: The weaknesses in the Department's systems and practices "put sensitive [personal information] for tens of thousands of Federal employees at risk of unauthorized access," read the report. The OIG also admitted that it may be impossible to stop "a well-resourced adversary" from breaking in, but with some improvements, it may be possible to stop that adversary from exfiltrating the sensitive data.Read more of this story at Slashdot.
Wikipedia has downgraded tech website CNET's reliability rating following extensive discussions among its editors regarding the impact of AI-generated content on the site's trustworthiness. "The decision reflects concerns over the reliability of articles found on the tech news outlet after it began publishing AI-generated stories in 2022," adds Ars Technica. Futurism first reported the news. From the report: Wikipedia maintains a page called "Reliable sources/Perennial sources" that includes a chart featuring news publications and their reliability ratings as viewed from Wikipedia's perspective. Shortly after the CNET news broke in January 2023, Wikipedia editors began a discussion thread on the Reliable Sources project page about the publication. "CNET, usually regarded as an ordinary tech RS [reliable source], has started experimentally running AI-generated articles, which are riddled with errors," wrote a Wikipedia editor named David Gerard. "So far the experiment is not going down well, as it shouldn't. I haven't found any yet, but any of these articles that make it into a Wikipedia article need to be removed." After other editors agreed in the discussion, they began the process of downgrading CNET's reliability rating. As of this writing, Wikipedia's Perennial Sources list currently features three entries for CNET broken into three time periods: (1) before October 2020, when Wikipedia considered CNET a "generally reliable" source; (2) between October 2020 and present, when Wikipedia notes that the site was acquired by Red Ventures in October 2020, "leading to a deterioration in editorial standards" and saying there is no consensus about reliability; and (3) between November 2022 and January 2023, when Wikipedia considers CNET "generally unreliable" because the site began using an AI tool "to rapidly generate articles riddled with factual inaccuracies and affiliate links." Futurism reports that the issue with CNET's AI-generated content also sparked a broader debate within the Wikipedia community about the reliability of sources owned by Red Ventures, such as Bankrate and CreditCards.com. Those sites published AI-generated content around the same period of time as CNET. The editors also criticized Red Ventures for not being forthcoming about where and how AI was being implemented, further eroding trust in the company's publications. This lack of transparency was a key factor in the decision to downgrade CNET's reliability rating. A CNET spokesperson said in a statement: "CNET is the world's largest provider of unbiased tech-focused news and advice. We have been trusted for nearly 30 years because of our rigorous editorial and product review standards. It is important to clarify that CNET is not actively using AI to create new content. While we have no specific plans to restart, any future initiatives would follow our public AI policy."Read more of this story at Slashdot.
An anonymous reader quotes a report from NPR: ExxonMobil faces dozens of lawsuits from states and localities alleging the company lied for decades about its role in climate change and the dangers of burning fossil fuels. But now, ExxonMobil is going on the offensive with a lawsuit targeting investors who want the company to slash pollution that's raising global temperatures. Investors in publicly-traded companies like ExxonMobil try to shape corporate policies by filing shareholder proposals that are voted on at annual meetings. ExxonMobil says it's fed up with a pair of investor groups that it claims are abusing the system by filing similar proposals year after year in an effort to micromanage its business. ExxonMobil's lawsuit points to growing tensions between companies and activist investors calling for corporations to do more to shrink their climate impact and prepare for a hotter world. Interest groups on both sides of the case say it could unleash a wave of corporate litigation against climate activists. It is happening at a time when global temperatures continue to rise, and corporate analysts say most companies aren't on track to meet targets they set to reduce their heat-trapping emissions. "Exxon is really upping the ante here in a big way by bringing this case," says Josh Zinner, chief executive of an investor coalition called the Interfaith Center on Corporate Accountability, whose members include a defendant in the ExxonMobil case. "Other companies could use this tactic not just to block resolutions," Zinner says, "but to intimidate their shareholders from even bringing these [climate] issues to the table." ExxonMobil said in an email that it is suing the investor groups Arjuna Capital and Follow This because the U.S. Securities and Exchange Commission (SEC) isn't enforcing rules governing when investors can resubmit shareholder proposals. A court is the "the right place to get clarity on SEC rules," ExxonMobil said, adding that the case "is not about climate change." Other corporations are watching ExxonMobil's case, says Charles Crain, a vice president at the National Association of Manufacturers, which represents ExxonMobil and other industrial companies. "If companies are decreasingly able to get the SEC to allow them to exclude proposals that are obviously politically motivated, then the next question is, well, can the courts succeed where the SEC has failed -- or, more accurately, not even tried?," Crain says. "The shareholder proposal from Arjuna and Follow This called for ExxonMobil to cut emissions faster from its own operations and from its supply chain, including the pollution that's created when customers burn its oil and natural gas," notes NPR. "That indirect pollution, known as Scope 3 emissions, accounts for 90% of ExxonMobil's carbon footprint." "ExxonMobil says it is committed to cutting emissions from its operations. But the idea that activist investors like Arjuna and Follow This can quickly push the company out of the oil and gas business with new climate policies is 'simplistic and against the interests of the vast majority of ExxonMobil shareholders,' the company said in a court filing in Texas." The company added that while shareholders are entitled to submit proposals, they don't have "an unlimited right to put forth any proposal to do anything." "Their intent is to advance their agenda rather than creating long-term value for shareholders," ExxonMobil said of Arjuna and Follow This.Read more of this story at Slashdot.
Hackers targeting individuals in the cryptocurrency sector are using a sophisticated phishing scheme that begins with a malicious link on Calendly. "The attackers impersonate established cryptocurrency investors and ask to schedule a video conference call," reports Krebs on Security. "But clicking the meeting link provided by the scammers prompts the user to run a script that quietly installs malware on macOS systems." From the report: A search in Google for a string of text from that script turns up a December 2023 blog post from cryptocurrency security firm SlowMist about phishing attacks on Telegram from North Korean state-sponsored hackers. "When the project team clicks the link, they encounter a region access restriction," SlowMist wrote. "At this point, the North Korean hackers coax the team into downloading and running a 'location-modifying' malicious script. Once the project team complies, their computer comes under the control of the hackers, leading to the theft of funds." SlowMist says the North Korean phishing scams used the "Add Custom Link" feature of the Calendly meeting scheduling system on event pages to insert malicious links and initiate phishing attacks. "Since Calendly integrates well with the daily work routines of most project teams, these malicious links do not easily raise suspicion," the blog post explains. "Consequently, the project teams may inadvertently click on these malicious links, download, and execute malicious code." SlowMist said the malware downloaded by the malicious link in their case comes from a North Korean hacking group dubbed BlueNoroff, which Kaspersky Labs says is a subgroup of the Lazarus hacking group. "A financially motivated threat actor closely connected with Lazarus that targets banks, casinos, fin-tech companies, POST software and cryptocurrency businesses, and ATMs," Kaspersky wrote of BlueNoroff in Dec. 2023.Read more of this story at Slashdot.
Stephanie Kirchgaessner reports via The Guardian: NSO Group, the maker of one the world's most sophisticated cyber weapons, has been ordered by a US court to hand its code for Pegasus and other spyware products to WhatsApp as part of the company's ongoing litigation. The decision by Judge Phyllis Hamilton is a major legal victory for WhatsApp, the Meta-owned communication app which has been embroiled in a lawsuit against NSO since 2019, when it alleged that the Israeli company's spyware had been used against 1,400 WhatsApp users over a two-week period. NSO's Pegasus code, and code for other surveillance products it sells, is seen as a closely and highly sought state secret. NSO is closely regulated by the Israeli ministry of defense, which must review and approve the sale of all licences to foreign governments. In reaching her decision, Hamilton considered a plea by NSO to excuse it of all its discovery obligations in the case due to "various US and Israeli restrictions." Ultimately, however, she sided with WhatsApp in ordering the company to produce"all relevant spyware" for a period of one year before and after the two weeks in which WhatsApp users were allegedly attacked: from 29 April 2018 to 10 May 2020. NSO must also give WhatsApp information "concerning the full functionality of the relevant spyware." Hamilton did, however, decide in NSO's favor on a different matter: the company will not be forced at this time to divulge the names of its clients or information regarding its server architecture.Read more of this story at Slashdot.
According to the Washington Post (paywalled), the FBI is using mobile push notification data to unmask people suspected of serious crimes, such as pedophilia, terrorism, and murder. Gizmodo reports: The Post did a little digging into court records and found evidence of at least 130 search warrants filed by the feds for push notification data in cases spanning 14 states. In those cases, FBI officials asked tech companies like Google, Apple, and Facebook to fork over data related to a suspect's mobile notifications, then used the data to implicate the suspect in criminal behavior linked to a particular app, even though many of those apps were supposedly anonymous communication platforms, like Wickr. How exactly is this possible? Push notifications, which are provided by a mobile operating system provider, include embedded metadata that can be examined to understand the use of the mobile apps on a particular phone. Apps come laced with a quiet identifier, a "push token," which is stored on the corporate servers of a company like Apple or another phone manufacturer after a user signs up to use a particular app. Those tokens can later be used to identify the person using the app, based on the information associated with the device on which the app was downloaded. Even turning off push notifications on your device doesn't necessarily disable this feature, experts contend. [...] If finding new ways to catch pedophiles and terrorists doesn't seem like the worst thing in the world, the Post article highlights the voices of critics who fear that this kind of mobile data could be used to track people who have not committed serious crimes -- like political activists or women seeking abortions in states where the procedure has been restricted.Read more of this story at Slashdot.
Slashdot