An anonymous reader shares a report: Google is introducing improvements to search suggestions in Chrome, the company announced today. As part of the changes, users will start to get more helpful search suggestions in Chrome based on what others are searching for, see more images for suggested searches and find search suggestions even with a poor connection. Search suggestions are the drop-down list of suggested completions that appear before you finish typing out your query in Google. The feature generates predictions to help users save time and speed up their search. With these new updates, Google is expanding the availability of search suggestions and using them to boost inspiration. When users are signed into Chrome on desktop and open a new tab, they will now start to see suggestions in the search box related to their previous searches based on what other people are searching for.Read more of this story at Slashdot.
Several internet-connected doorbell cameras have a security flaw that allows hackers to take over the camera by just holding down a button, among other issues, according to research by Consumer Reports. From a report: On Thursday, the non-profit Consumer Reports published research that detailed four security and privacy flaws in cameras made by EKEN, a company based in Shenzhen, China, which makes cameras branded as EKEN, but also, apparently, Tuck and other brands. These relatively cheap doorbell cameras were available on online marketplaces like Walmart and Temu, which removed them from sale after Consumer Reports reached out to the companies to flag the problems. These doorbell cameras are, however, still available elsewhere. According to Consumer Reports, the most impactful issue is that if someone is in close proximity to a EKEN doorbell camera, they can take "full control" of it by simply downloading its official app -- called Aiwit -- and putting the camera in pairing mode by simply holding down the doorbell's button for eight seconds. Aiwit's app has more than a million downloads on Google Play, suggesting it is widely used. At that point, the malicious user can create their own account on the app, scan the QR code generated by the app by putting it in front of the doorbell's camera.Read more of this story at Slashdot.
Rockstar Games, a division of Take-Two Interactive Software, will ask employees to return to the office five days a week beginning in April as the video-game maker enters the final stages of development on its next game, the hotly anticipated Grand Theft Auto VI. Bloomberg: In an email to staff on Wednesday reviewed by Bloomberg, Rockstar Head of Publishing Jenn Kolbe said the decision was made for productivity and security reasons. The company has faced several security breaches including a massive dump of early footage from the new Grand Theft Auto and an early trailer that leaked in December. Kolbe wrote that the company also found "tangible benefits" from in-person work. "Making these changes now puts us in the best position to deliver the next Grand Theft Auto at the level of quality and polish we know it requires, along with a publishing roadmap that matches the scale and ambition of the game," she wrote.Read more of this story at Slashdot.
Apple plans to disclose more about its plans to put generative AI to use later this year, Chief Executive Officer Tim Cook said during the company's annual shareholder meeting on Wednesday. From a report: Cook said that the iPhone maker sees "incredible breakthrough potential for generative AI, which is why we're currently investing significantly in this area. We believe that will unlock transformative opportunities for users when it comes to productivity, problem solving and more." Apple has been slower in rolling out generative AI, which can generate human-like responses to written prompts, than rivals such as Microsoftand Alphabet's Google, which are weaving them into products. On Wednesday, Cook argued that AI is already at work behind the scenes in Apple's products but said there would be more news on explicit AI features later this year. Bloomberg previously reported Apple plans to use AI to improve the ability to search through data stored on Apple devices. "Every Mac that is powered by Apple silicon is an extraordinarily capable AI machine. In fact, there's no better computer for AI on the market today," Cook said.Read more of this story at Slashdot.
Microsoft has outlined a new Windows API designed to offer a seamless way for game developers to integrate super resolution AI-upscaling features from Nvidia, AMD, and Intel. From a report: In a new blog post, program manager Joshua Tucker describes Microsoft's new DirectSR API as the "missing link" between games and super resolution technologies, and says it should provide "a smoother, more efficient experience that scales across hardware." "This API enables multi-vendor SR [super resolution] through a common set of inputs and outputs, allowing a single code path to activate a variety of solutions including Nvidia DLSS Super Resolution, AMD FidelityFX Super Resolution, and Intel XeSS," the post reads. The pitch seems to be that developers will be able to support this DirectSR API, rather than having to write code for each and every upscaling technology. The blog post comes a couple of weeks after an "Automatic Super Resolution" feature was spotted in a test version of Windows 11, which promised to "use AI to make supported games play more smoothly with enhanced details." Now, it seems the feature will plug into existing super resolution technologies like DLSS, FSR, and XeSS rather than offering a Windows-level alternative.Read more of this story at Slashdot.
Eating ultraprocessed foods raises the risk of developing or dying from dozens of adverse health conditions, according to a new review of 45 meta-analyses on almost 10 million people. From a report: "We found consistent evidence linking higher intakes of ultra-processed foods with over 70% of the 45 different health outcomes we assessed," said senior author Wolfgang Marx, a senior research fellow at the Food & Mood Centre at Deakin University in Geelong, Australia, in an email. A higher intake was considered about one serving or about 10% more ultraprocessed foods per day, said Heinz Freisling, a scientist in the nutrition and metabolism branch of the World Health Organization's International Agency for Research on Cancer, in an email. "This proportion can be regarded as 'baseline' and for people consuming more than this baseline, the risk might increase," said Freisling, who was not involved in the study. Researchers graded each study as having credible or strong, highly suggestive, suggestive, weak or no evidence. All the studies in the review were published in the past three years, and none was funded by companies involved in the production of ultraprocessed foods, the authors said. "Strong evidence shows that a higher intake of ultra-processed foods was associated with approximately 50% higher risk of cardiovascular disease-related death and common mental disorders," said lead author Dr. Melissa Lane, a postdoctoral research fellow at Deakin, in an email. Cardiovascular disease encompasses heart attacks, stroke, clogged arteries and peripheral artery disease. The study: Ultra-processed food exposure and adverse health outcomes: umbrella review of epidemiological meta-analyses (BMJ)Read more of this story at Slashdot.
Angie Byron, a long-time member of the Drupal community, offers guidance on avoiding common mistakes and general good-practices for those new to contributing to open-source projects: [...] You might not know it yet, but as a newcomer to an open source project, you have this AMAZING superpower: you are often-times the only one in that whole project capable of reading the documentation through new eyes. Because I can guarantee, the people who wrote that documentation are not new. :-) So take time to read the docs and file issues (or better yet, pull requests) for anything that was unclear. This lets you get a "feel" for contributing in a project/community without needing to go way down the deep end of learning coding standards and unit tests and commit signing and whatever other bananas things they're about to make you do. :) Also, people are more likely to take time to help you, if you've helped them first!Read more of this story at Slashdot.
Journalist Eric Newcomer, writing at The Free Press: There was a time when I believed that self-driving cars should be held to the standard of airplanes. Every mistake needed to be rigorously understood and any human death was unforgivable. But my view has evolved over time as human drivers have continued to kill tens of thousands of people a year. We need a solution that's meaningfully better than human drivers, yes, but we shouldn't wait for perfection before we start getting dangerous human drivers off the streets. Lost in all the fulminating about automation and big-tech tyranny is the fact that self-driving cars are an attempt to solve a very serious problem. Traffic fatalities are a leading cause of death in the United States for anyone between the ages of 1 and 54. About 40,000 people die in car crashes a year in the U.S., with about one-third involving drunk drivers. There's a natural, though irrational, human bias toward the status quo. We tend to believe that things are the way they are for a good reason. But of course, technology has drastically improved human lives and human life spans already. Why stop now that more powerful computer chips and sophisticated artificial intelligence models open up new possibilities? [...] Leaving aside seething hostility toward tech and private capital, and worries over job losses, the most credible objection to self-driving cars from the left is the fear that deploying them means doubling down on roads and sprawl, and undermining support for public transportation projects. But there's no reason self-driving cars and public transportation need to be at odds. They can fulfill different needs. Autonomous vehicles are being deployed in San Francisco in fleets through ride-hailing programs, reducing the need for personal car ownership. If we can get self-driving cars working, self-driving buses on regular routes should be even easier. And contrary to the view that driverless cars are being deployed unilaterally by tech billionaires, the people's representatives -- government officials -- gave Alphabet-owned Waymo a license to operate. Our roads and motor vehicles are tightly regulated. Single incidents have derailed self-driving car projects, from Uber and more recently, GM-owned Cruise, while human drivers kill tens of thousands a year unimpeded.Read more of this story at Slashdot.
Jacob Kaplan-Moss, one of the lead developers of Django, writes in a long post that he says has come from a place of frustration: [...] Instead, every time a maintainer finds a way to get paid, people show up to criticize and complain. Non-OSI licenses "don"t count" as open source. Someone employed by Microsoft is "beholden to corporate interests" and not to be trusted. Patreon is "asking for handouts." Raising money through GitHub sponsors is "supporting Microsoft's rent-seeking." VC funding means we're being set up for a "rug pull" or "enshitification." Open Core is "bait and switch." None of this is hypothetical; each of these examples are actual things I've seen said about maintainers who take money for their work. One maintainer even told me he got criticized for selling t-shirts! Look. There are absolutely problems with every tactic we have to support maintainers. It's true that VC investment comes with strings attached that often lead to problems down the line. It sucks that Patreon or GitHub (and Stripe) take a cut of sponsor money. The additional restrictions imposed by PolyForm or the BSL really do go against the Freedom 0 ideal. I myself am often frustrated by discovering that some key feature I want out of an open core tool is only available to paid licensees. But you can criticize these systems while still supporting and celebrating the maintainers! Yell at A16Z all you like, I don't care. (Neither do they.) But yelling at a maintainer because they took money from a VC is directing that anger in the wrong direction. The structural and societal problems that make all these different funding models problematic aren't the fault of the people trying to make a living doing open source. It's like yelling at someone for shopping at Dollar General when it's the only store they have access to. Dollar General's predatory business model absolutely sucks, as do the governmental policies that lead to food deserts, but none of that is on the shoulders of the person who needs milk and doesn't have alternatives.Read more of this story at Slashdot.
Citing potential national security risks, the Biden administration says it will investigate Chinese-made "smart cars" that can gather sensitive information about Americans driving them. From a report: The probe could lead to new regulations aimed at preventing China from using sophisticated technology in electric cars and other so-called connected vehicles to track drivers and their personal information. Officials are concerned that features such as driver assistance technology could be used to effectively spy on Americans. While the action stops short of a ban on Chinese imports, President Joe Biden said he is taking unprecedented steps to safeguard Americans' data. "China is determined to dominate the future of the auto market, including by using unfair practices," Biden said in a statement Thursday. "China's policies could flood our market with its vehicles, posing risks to our national security. I'm not going to let that happen on my watch." Biden and other officials noted that China has imposed wide-ranging restrictions on American autos and other foreign vehicles. Commerce Secretary Gina Raimondo said connected cars "are like smart phones on wheels" and pose a serious national security risk.Read more of this story at Slashdot.
Adobe has announced a new prototype tool called Project Music GenAI Control that allows users to create original music by inputting text prompts, then edit the audio without switching to separate software. Users can specify musical styles in their prompts to produce tracks like "happy dance" or "sad jazz." Adobe says integrated editing controls let users tweak patterns, tempo, intensity and structure of the AI-generated music. Sections can be remixed and looped as backing tracks or background music. The tool can also adjust audio "based on a reference melody" and extend clip length for set animations or podcasts. Details on editing interface and upload options for custom reference tracks are unclear.Read more of this story at Slashdot.
Michael Larabel, reporting at Phoronix: One of the limitations of AMD's open-source Linux graphics driver has been the inability to implement HDMI 2.1+ functionality on the basis of legal requirements by the HDMI Forum. AMD engineers had been working to come up with a solution in conjunction with the HDMI Forum for being able to provide HDMI 2.1+ capabilities with their open-source Linux kernel driver, but it looks like those efforts for now have concluded and failed. For three years there has been a bug report around 4K@120Hz being unavailable via HDMI 2.1 on the AMD Linux driver. Similarly, there have been bug reports like 5K @ 240Hz not possible either with the AMD graphics driver on Linux. As covered back in 2021, the HDMI Forum closing public specification access is hurting open-source support. AMD as well as the X.Org Foundation have been engaged with the HDMI Forum to try to come up with a solution to be able to provide open-source implementations of the now-private HDMI specs. AMD Linux engineers have spent months working with their legal team and evaluating all HDMI features to determine if/how they can be exposed in their open-source driver. AMD had code working internally and then the past few months were waiting on approval from the HDMI Forum. Sadly, the HDMI Forum has turned down AMD's request for open-source driver support.Read more of this story at Slashdot.
An anonymous reader quotes a report from Ars Technica: GitHub is struggling to contain an ongoing attack that's flooding the site with millions of code repositories. These repositories contain obfuscated malware that steals passwords and cryptocurrency from developer devices, researchers said. The malicious repositories are clones of legitimate ones, making them hard to distinguish to the casual eye. An unknown party has automated a process that forks legitimate repositories, meaning the source code is copied so developers can use it in an independent project that builds on the original one. The result is millions of forks with names identical to the original one that add a payload that's wrapped under seven layers of obfuscation. To make matters worse, some people, unaware of the malice of these imitators, are forking the forks, which adds to the flood. "Most of the forked repos are quickly removed by GitHub, which identifies the automation," Matan Giladi and Gil David, researchers at security firm Apiiro, wrote Wednesday. "However, the automation detection seems to miss many repos, and the ones that were uploaded manually survive. Because the whole attack chain seems to be mostly automated on a large scale, the 1% that survive still amount to thousands of malicious repos." Given the constant churn of new repos being uploaded and GitHub's removal, it's hard to estimate precisely how many of each there are. The researchers said the number of repos uploaded or forked before GitHub removes them is likely in the millions. They said the attack "impacts more than 100,000 GitHub repositories." GitHub issued the following statement: "GitHub hosts over 100M developers building across over 420M repositories, and is committed to providing a safe and secure platform for developers. We have teams dedicated to detecting, analyzing, and removing content and accounts that violate our Acceptable Use Policies. We employ manual reviews and at-scale detections that use machine learning and constantly evolve and adapt to adversarial tactics. We also encourage customers and community members to report abuse and spam."Read more of this story at Slashdot.
Emily Shugerman reports via The Daily Beast: Gemini, the crypto startup owned by the Winklevoss twins, will have to return $1.1 billion to customers who lost money in their partnership with the now-bankrupt crypto lender Genesis. In a deal with the New York State Department of Financial Services, Gemini agreed to return the funds lost by customers of its Earn program, in which users could loan their crypto to Genesis in exchange for interest payments. According to the Department of Financial Services, Gemini "did not fully vet or sufficiently monitor [Genesis] throughout the life of Earn," and the company defaulted on its loans and then went bankrupt, leaving some 200,000 Earn customers empty-handed. "Gemini failed to conduct due diligence on an unregulated third party, later accused of massive fraud, harming Earn customers who were suddenly unable to access their assets after Genesis Global Capital experienced a financial meltdown," DFS Superintendent Adrienne A.Harris said in a statement. "Today's settlement is a win for Earn customers, who have a right to the assets they entrusted to Gemini." In a tweet, Gemini said it was "pleased to announce that we have finally reached a settlement in principle with Genesis and other creditors in the Genesis Bankruptcy that will, if approved by the Bankruptcy Court, result in all Earn users receiving 100% of their digital assets back in kind." The DFS said Gemini would also pay $40 million to the Genesis bankruptcy for the benefit of Earn customers, as well as a $37 million fine for "significant failures that threatened the safety and soundness of the company."Read more of this story at Slashdot.
Astronomers are investigating a star system 100 light-years away with six sub-Neptune planets in near-perfect orbital resonance, piquing the interest of scientists searching for alien technology, or technosignatures. Space.com reports: To be clear, no such evidence was found in the system, dubbed HD 110067. However, the researchers say they're not done looking yet. HD 11067 remains an interesting target for similar observations in the future. In our own tiny pocket of the cosmos, radio waves from satellites and telescopes beaming out in the plane of our solar system, meaning that if somebody outside our solar system watched Earth cross the face of our sun, they'd maybe be able to pick up a signal that coincides with the planet's transit. HD 110067 is viewed edge on from Earth, so we are seeing the six planets in the plane of their system -- a view that gives us an excellent chance of picking up such a signal if there exists one, study co-author Steve Croft, a radio astronomer working with the life-searching Breakthrough Listen program at the University of California, Berkeley, told Space.com "Our technology in our own solar system has spread outside the habitable zone," Croft told Space.com. So technology-friendly civilization in HD 110067, if any, may have communication relays set up on multiple planets in the system, he said. "Even if it is a negative result, that still tells us something." When HD 110067's discovery was announced, Croft and his team used the world's largest fully steerable telescope, the Green Bank Telescope (GBT) in West Virginia, and searched the system for signs of alien technology. The researchers looked for signals that were continuously present when the telescope was pointed at the system and absent when directed away, the smoking gun of technosignatures local to HD 110067. But such signals are difficult to distinguish from natural sources of radio waves and humankind's own technological signals, such as radio waves beaming from cell phones connected to Wi-Fi, SpaceX's Starlink satellite network in low Earth orbit. This creates a haystack of signals in which researchers look for a needle of a potential extraterrestrial signal, said Croft. "I should add we don't know if there are needles in the haystack," he said. "We don't really know what the needles look like." The research has been published in the journal Research Notes of the AAS.Read more of this story at Slashdot.
An anonymous reader quotes a report from The Independent: Wildfires sweeping across Texas briefly forced the evacuation of America's main nuclear weapons facility as strong winds, dry grass and unseasonably warm temperatures fed the blaze. Pantex Plant, the main facility that assembles and disassembles America's nuclear arsenal, shut down its operations on Tuesday night as the Windy Deuce fire roared towards the Potter County location. Pantex re-opened and resumed operations as normal on Wednesday morning. Pantex is about 17 miles (27.36 kilometers) northeast of Amarillo and some 320 miles (515 kilometers) northwest of Dallas. Since 1975 it has been the US's main assembly and disassembly site for its atomic bombs. It assembled the last new bomb in 1991. "We have evacuated our personnel, non-essential personnel from the site, just in an abundance of caution," said Laef Pendergraft, a spokesperson for National Nuclear Security Administration's Production Office at Pantex. "But we do have a well-equipped fire department that has trained for these scenarios, that is on-site and watching and ready should any kind of real emergency arise on the plant site."Read more of this story at Slashdot.
The Intercept, Raw Story, and AlterNet have filed separate lawsuits against OpenAI and Microsoft, alleging copyright infringement and the removal of copyright information while training AI models. The Verge reports: The publications said ChatGPT "at least some of the time" reproduces "verbatim or nearly verbatim copyright-protected works of journalism without providing author, title, copyright or terms of use information contained in those works." According to the plaintiffs, if ChatGPT trained on material that included copyright information, the chatbot "would have learned to communicate that information when providing responses." Raw Story and AlterNet's lawsuit goes further (PDF), saying OpenAI and Microsoft "had reason to know that ChatGPT would be less popular and generate less revenue if users believed that ChatGPT responses violated third-party copyrights." Both Microsoft and OpenAI offer legal cover to paying customers in case they get sued for violating copyright for using Copilot or ChatGPT Enterprise. The lawsuits say that OpenAI and Microsoft are aware of potential copyright infringement. As evidence, the publications point to how OpenAI offers an opt-out system so website owners can block content from its web crawlers. The New York Times also filed a lawsuit in December against OpenAI, claiming ChatGPT faithfully reproduces journalistic work. OpenAI claims the publication exploited a bug on the chatbot to regurgitate its articles.Read more of this story at Slashdot.
Michael Larabel reports via Phoronix: Back in 2022 Cloudflare announced they were ditching Nginx for an in-house, Rust-written software called Pingora. Today Cloudflare is open-sourcing the Pingora framework. Cloudflare announced today that they have open-sourced Pingora under an Apache 2.0 license. Pingora is a Rust async multi-threaded framework for building programmable network services. Pingora has long been used internally within Cloudflare and is capable of sustaining a lot of traffic while now Pingora is being open-sourced for helping to build infrastructure outside of Cloudflare. The Pingora Rust code is available on GitHub.Read more of this story at Slashdot.
Longtime Slashdot reader Kant shares a report from Euractiv: The European Parliament decided to ban Amazon representatives from accessing its buildings on Tuesday (February 27), due to multiple events where the global retailing giant did not attend meetings requested by members of the European Parliament, the European Parliament press service confirmed Euractiv. "In line with rule 123/3 and at the request of the [Employment and Social Affairs] Committee, the Quaestors have authorized the Secretary General [Alessandro Chiocchetti] to withdraw the long-term access badges of the interest representatives of Amazon." It is now the responsibility of the secretary general to concretely initiate the process of withdrawing their badges and to determine the duration of the ban, a European Parliament source close to the matter told Euractiv. According to the EMPL chair Dragos Pislaru, who signed the letter, the US e-commerce company refuses to attend more than one meeting with EU lawmakers to discuss the condition of Amazon workers. Four cases are mentioned in the letter. The first occurred in May 2021, when Amazon did not attend a parliamentary committee meeting on "Amazon attacks on fundamental workers' rights and freedoms: freedom of assembly and association, and the right to collective bargain and action." The second event concerns the refusal by Amazon CEO Jeff Bezos to attend an exchange of views with EU lawmakers -- instead, the company sent a written answer. The last two episodes happened in December 2023 and January 2024. In the former event, Amazon refused access to its facilities in German and Poland to a MEP, while on the latter, the company did not attend another parliamentary committee meeting dedicated to Amazon workers' conditions. In a statement to Euractiv, an Amazon spokesperson said: "We are very disappointed with this decision, as we want to engage constructively with policymakers. [...] Our commitment continues despite this decision. Amazon regularly participates in activities organized by the European Parliament and other EU institutions -- including Parliamentary hearings -- and we remain committed to participating in balanced, constructive dialogue on issues that affect European citizens."Read more of this story at Slashdot.
An anonymous reader quotes a report from TechCrunch: Perceiving the demand for alternatives, AI startup Hugging Face several years ago teamed up with ServiceNow, the workflow automation platform, to create StarCoder, an open source code generator with a less restrictive license than some of the others out there. The original came online early last year, and work has been underway on a follow-up, StarCoder 2, ever since. StarCoder 2 isn't a single code-generating model, but rather a family. Released today, it comes in three variants, the first two of which can run on most modern consumer GPUs: A 3-billion-parameter (3B) model trained by ServiceNow; A 7-billion-parameter (7B) model trained by Hugging Face; and A 15-billion-parameter (15B) model trained by Nvidia, the newest supporter of the StarCoder project. (Note that "parameters" are the parts of a model learned from training data and essentially define the skill of the model on a problem, in this case generating code.)a Like most other code generators, StarCoder 2 can suggest ways to complete unfinished lines of code as well as summarize and retrieve snippets of code when asked in natural language. Trained with 4x more data than the original StarCoder (67.5 terabytes versus 6.4 terabytes), StarCoder 2 delivers what Hugging Face, ServiceNow and Nvidia characterize as "significantly" improved performance at lower costs to operate. StarCoder 2 can be fine-tuned "in a few hours" using a GPU like the Nvidia A100 on first- or third-party data to create apps such as chatbots and personal coding assistants. And, because it was trained on a larger and more diverse data set than the original StarCoder (~619 programming languages), StarCoder 2 can make more accurate, context-aware predictions -- at least hypothetically. [I]s StarCoder 2 really superior to the other code generators out there -- free or paid? Depending on the benchmark, it appears to be more efficient than one of the versions of Code Llama, Code Llama 33B. Hugging Face says that StarCoder 2 15B matches Code Llama 33B on a subset of code completion tasks at twice the speed. It's not clear which tasks; Hugging Face didn't specify. StarCoder 2, as an open source collection of models, also has the advantage of being able to deploy locally and "learn" a developer's source code or codebase -- an attractive prospect to devs and companies wary of exposing code to a cloud-hosted AI. Hugging Face, ServiceNow and Nvidia also make the case that StarCoder 2 is more ethical -- and less legally fraught -- than its rivals. [...] As opposed to code generators trained using copyrighted code (GitHub Copilot, among others), StarCoder 2 was trained only on data under license from the Software Heritage, the nonprofit organization providing archival services for code. Ahead of StarCoder 2's training, BigCode, the cross-organizational team behind much of StarCoder 2's roadmap, gave code owners a chance to opt out of the training set if they wanted. As with the original StarCoder, StarCoder 2's training data is available for developers to fork, reproduce or audit as they please. StarCoder 2's license may still be a roadblock for some. "StarCoder 2 is licensed under the BigCode Open RAIL-M 1.0, which aims to promote responsible use by imposing 'light touch' restrictions on both model licensees and downstream users," writes TechCrunch's Kyle Wiggers. "While less constraining than many other licenses, RAIL-M isn't truly 'open' in the sense that it doesn't permit developers to use StarCoder 2 for every conceivable application (medical advice-giving apps are strictly off limits, for example). Some commentators say RAIL-M's requirements may be too vague to comply with in any case -- and that RAIL-M could conflict with AI-related regulations like the EU AI Act."Read more of this story at Slashdot.
As part of its IPO filing with the SEC, Reddit disclosed that it has invested some of its excess cash in bitcoin, ether and Polygon. From a report: Based on the document, the firm now holds BTC and ETH in its balance sheet. Notably, Reddit filing came as part of the IPO registration statement with the SEC. Apart from ETH and BTC, the filing revealed Reddit's investment in Polygon (MATIC). According to the document, the social media platform plans to use both Ether and Polygon as a form of payment for digital goods. Further, Reddit noted that the amount of Polygon and Ethereum from virtual goods is currently immaterial. However, it indicated the possibility of a continuous addition of Bitcoin and Ethereum to its treasury. Also, it plans to keep trying out its passion for virtual goods. Moreover, the document revealed that Reddit made the investments using some of its excess cash reserves. However, the firm didn't disclose details of the crypto investments it made. Reddit's filing document revealed why the popular social media platform dabbled into crypto. According to the firm, it holds Bitcoin and Ethereum to enable its engineering and product teams to use them. Further, it cited the present regulatory stance that suggests these two assets are potentially non-securities under US laws. Also, Reddit disclosed its plans to expand its crypto holding by including other digital assets in its balance sheet. However, it highlighted that such a move will depend on future regulations that exempt crypto as a security.Read more of this story at Slashdot.
"Today, the KDE Community is announcing a new major release of Plasma 6.0 and Gear 24.02," writes longtime Slashdot reader jrepin. "The new version brings new windows and desktop overview effects, improved color management, a cleaner theme, better overall performance, and much more." From the announcement: KDE Plasma is a modern, feature-rich desktop environment for Linux-based operating systems. Known for its sleek design, customizable interface, and extensive set of applications, it is also open source, devoid of ads, and makes protecting your privacy and personal data a priority. With Plasma 6, the technology stack has undergone two major upgrades: a transition to the latest version of the application framework, Qt 6, and a migration to the modern Linux graphics platform, Wayland. We will continue providing support for the legacy X11 session for users who prefer to stick with it for now. [...] KDE Gear 24.02 brings many applications to Qt 6. In addition to the changes in Breeze, many applications adopted a more frameless look for their interface.Read more of this story at Slashdot.
An anonymous reader quotes a report from Ars Technica: Convicted FTX fraudster Sam Bankman-Fried pleaded for a lenient prison sentence in a court filing yesterday, saying that he isn't motivated by greed and "is already being punished." Bankman-Fried requested a sentence of 63 to 78 months, or 5.25 to 6.5 years. Because of "Sam's charitable works and demonstrated commitment to others, a sentence that returns Sam promptly to a productive role in society would be sufficient, but not greater than necessary, to comply with the purposes of sentencing," the court filing (PDF) said. Bankman-Fried's filing also said that he maintains his innocence and intends to appeal his convictions. A presentence investigation report (PSR) prepared by a probation officer recommended that Bankman-Fried be sentenced to 100 years in prison, according to the filing. "That recommendation is grotesque," SBF's filing said, arguing that it is based on an erroneously calculated loss of $10 billion. The $10 billion loss asserted in the PSR is "illusory" because the "victims are poised to recover -- were always poised to recover -- a hundred cents on the dollar" in bankruptcy proceedings, SBF's filing said. The filing urged the court to "reject the PSR's barbaric proposal" of 100 years, saying that such sentences should only be for "heinous conduct" like terrorism and child sexual abuse. The founder and ex-CEO of cryptocurrency exchange FTX, Bankman-Fried was convicted on seven charges with a combined maximum sentence of 110 years after a monthlong trial in US District Court for the Southern District of New York. The charges included wire fraud and conspiracy to commit wire fraud, securities fraud, commodities fraud, and money laundering. US government prosecutors are required to make a sentencing recommendation by March 15, and US District Judge Lewis Kaplan is scheduled to issue a sentence on March 28.Read more of this story at Slashdot.
Intel's previously-unannounced Intel 10A (analogous to 1nm) will enter production/development in late 2027, marking the arrival of the company's first 1nm node, and its 14A (1.4nm) node will enter production in 2026. The company is also working to create fully autonomous AI-powered fabs in the future. Tom's Hardware: Intel's Keyvan Esfarjani, the company's EVP and GM and Foundry Manufacturing and Supply, held a very insightful session that covered the company's latest developments and showed how the roadmap unfolds over the coming years. Here, we can see two charts, with the first outlining the company's K-WSPW (thousands of wafer starts per week) capacity for Intel's various process nodes. Notably, capacity typically indicates how many wafers can be started, but not the total output -- output varies based on yields. You'll notice there isn't a label for the Y-axis, which would give us a direct read on Intel's production volumes. However, this does give us a solid idea of the proportionality of Intel's planned node production over the next several years. Intel did not specify the arrival date of its coming 14A node in its previous announcements, but here, the company indicates it will begin production of the Intel 14A node in 2026. Even more importantly, Intel will begin production/development of its as-yet-unannounced 10A node in late 2027, filling out its roster of nodes produced with EUV technology. Intel's 'A' suffix in its node naming convention represents Angstroms, and 10 Angstroms converts to 1nm, meaning this is the company's first 1nm-class node. Intel hasn't shared any details about the 10A/1nm node but has told us that it classifies a new node as at least having a double-digit power/performance improvement. Intel CEO Pat Gelsinger has told us the cutoff for a new node is around a 14% to 15% improvement, so we can expect that 10A will have at least that level of improvement over the 14A node. (For example, the difference between Intel 7 and Intel 4 was a 15% improvement.)Read more of this story at Slashdot.
EU lawmakers on Wednesday approved draft rules governing patents key to technologies for telecom equipment and connected cars in the face of criticism from Nokia, Ericsson and other patent holders. From a report: The draft rules proposed by the European Commission in April last year seek to end costly and lengthy litigation over patents used in technologies for telecom equipment, mobile phones, computers, connected cars and smart devices. The European Parliament will now have to thrash out the details of the proposed rules with EU countries before it can become law. Nokia, Ericsson and Siemens in a letter to EU lawmakers in January, highlighted concerns from the European Patent Office, standard-setting body ETSI and other bodies on the draft rules. Lobbying group IP Europe, which counts Nokia, Ericsson and Qualcomm as its members, reiterated its opposition to the draft rules. "The beneficiaries would not be SMEs as claimed but big tech," IP Europe's managing director Patrick McCutcheon said ahead of the lawmakers' vote.Read more of this story at Slashdot.
San Francisco will vote next week on a divisive ballot measure that would authorize police to use surveillance cameras, drones and AI-powered facial recognition as the city struggles to restore a reputation tarnished by street crime and drugs. From a report: The Safer San Francisco initiative, formally called Proposition E, is championed by Mayor London Breed who believes disgruntled citizens will approve the proposal on Tuesday. Although technology fueled the Silicon Valley-adjacent city's decades-long boom, residents have a history of being deeply suspicious. In 2019, San Francisco, known for its progressive politics, became the first large U.S. city to ban government use of facial recognition due to concerns about privacy and misuse. Breed, who is running for re-election in November, played down the potential for abuse under the ballot measure, saying safeguards are in place. "I get that people are concerned about privacy rights and other things, but technology is all around us," she said in an interview. "It's coming whether we want it to or not. And everyone is walking around with AI in their hands with their phones, recording, videotaping," Breed said. Critics of the proposal contend it could hurt disadvantaged communities and lead to false arrests, arguing surveillance technology requires greater oversight.Read more of this story at Slashdot.
President Joe Biden will issue an executive order on Wednesday aimed at curbing foreign governments' ability to buy Americans' sensitive personal information such as heath and geolocation data, according to senior US officials. From a report: The move marks a rare policy effort to address a longstanding US national security concern: the ease with which anyone, including a foreign intelligence services, can legally buy Americans' data and then use the information for espionage, hacking and blackmail. The issue, a senior Justice Department official told reporters this week, is a "growing threat to our national security." The executive order will give the Justice Department the authority to regulate commercial transactions that "pose an unacceptable risk" to national security by, for example, giving a foreign power large-scale access to Americans' personal data, the Justice Department official said. The department will also issue regulations that require better protection of sensitive government information, including geolocation data on US military members, according to US officials. A lot of the online trade in personal information runs through so-called data brokers, which buy information on people's Social Security numbers, names, addresses, income, employment history and criminal background, as well as other items. "Countries of concern, such as China and Russia, are buying Americans' sensitive personal data from data brokers," a separate senior administration official told reporters. In addition to health and location data, the executive order is expected to cover other sensitive information like genomic and financial data. Administration officials told reporters the new executive order would be applied narrowly so as not to hurt business transactions that do not pose a national security risk. The White House's press release.Read more of this story at Slashdot.
Buy-now-pay-later lender Klarna said its AI assistant, powered by OpenAI, is doing the equivalent work of 700 full-time agents and has had 2.3 million conversations, equal to two-thirds of the company's customer service chats, within the first month of being deployed. The AI tool resolved errands much faster and matched human levels on customer satisfaction, Klarna said.Read more of this story at Slashdot.
Over the past four centuries quadrillions of ants have created a strange and turbulent global society that shadows our own. An excerpt from an Aeon article: In their native ranges, these multi-nest colonies can grow to a few hundred metres across, limited by physical barriers or other ant colonies. This turns the landscape to a patchwork of separate groups, with each chemically distinct society fighting or avoiding others at their borders. Species and colonies coexist, without any prevailing over the others. However, for the 'anonymous societies' of unicolonial ants, as they're known, transporting a small number of queens and workers to a new place can cause the relatively stable arrangement of groups to break down. As new nests are created, colonies bud and spread without ever drawing boundaries because workers treat all others of their own kind as allies. What was once a patchwork of complex relationships becomes a simplified, and unified, social system. The relative genetic homogeneity of the small founder population, replicated across a growing network of nests, ensures that members of unicolonial species tolerate each other. Spared the cost of fighting one another, these ants can live in denser populations, spreading across the land as a plant might, and turning their energies to capturing food and competing with other species. Chemical badges keep unicolonial ant societies together, but also allow those societies to rapidly expand.Read more of this story at Slashdot.
Tontoman shares a report: The White House Office of the National Cyber Director (ONCD) urged tech companies to switch to memory-safe programming languages, such as Rust, to improve software security by reducing the number of memory safety vulnerabilities. Such vulnerabilities are coding errors or weaknesses within software that can lead to memory management issues when memory can be accessed, written, allocated, or deallocated. They occur when software accesses memory in unintended or unsafe ways, resulting in various security risks and issues like buffer overflow, use after free, use of uninitialized memory, and double free that attackers can exploit. Successful exploitation carries severe risks, potentially enabling threat actors to gain unauthorized access to data or execute malicious code with the privileges of the system owner. "For over 35 years, this same class of vulnerability has vexed the digital ecosystem. The challenge of eliminating entire classes of software vulnerabilities is an urgent and complex problem. Looking forward, new approaches must be taken to mitigate this risk," ONCD's report says. "The highest leverage method to reduce memory safety vulnerabilities is to secure one of the building blocks of cyberspace: the programming language. Using memory safe programming languages can eliminate most memory safety errors."Read more of this story at Slashdot.
An anonymous reader shares a report (paywalled): As Google grapples with the backlash over the historically inaccurate responses on its Gemini chatbot, Meta Platforms is dealing with a related issue. As part of its work on the forthcoming version of its large language model, Llama 3, Meta is trying to overcome a problem perceived in Llama 2: Its answers to anything at all contentious aren't helpful. Safeguards added to Llama 2, which Meta released last July and which powers the artificial intelligence assistant in its apps, prevent the LLM from answering a broad range of questions deemed controversial. These guardrails have made Llama 2 appear too "safe" in the eyes of Meta's senior leadership, as well as among some researchers who worked on the model itself, according to people who work at Meta. [...] Meta's conservative approach with Llama 2 was designed to ward off any public relations disasters, said the people who work at Meta. But researchers are now trying to loosen up Llama 3 so it engages more with users when they ask about difficult topics, offering context rather than just shutting down tricky questions, said two of the people who work at Meta. The new version of the model will in theory be able to better distinguish when a word has multiple meanings. For example, Llama 3 might understand that a question about how to kill a vehicle's engine means asking how to shut it off rather than end its life. Meta also plans to appoint someone internally in the coming weeks to oversee tone and safety training as part of its efforts to make the model's responses more nuanced, said one of the people. The company plans to release Llama 3 in July, though the timeline could still change, they added.Read more of this story at Slashdot.
Google CEO Sundar Pichai addressed the company's Gemini controversy Tuesday evening, calling the AI app's problematic responses around race unacceptable and vowing to make structural changes to fix the problem. The memo: I want to address the recent issues with problematic text and image responses in the Gemini app (formerly Bard). I know that some of its responses have offended our users and shown bias -- to be clear, that's completely unacceptable and we got it wrong. Our teams have been working around the clock to address these issues. We're already seeing a substantial improvement on a wide range of prompts. No AI is perfect, especially at this emerging stage of the industry's development, but we know the bar is high for us and we will keep at it for however long it takes. And we'll review what happened and make sure we fix it at scale. Our mission to organize the world's information and make it universally accessible and useful is sacrosanct. We've always sought to give users helpful, accurate, and unbiased information in our products. That's why people trust them. This has to be our approach for all our products, including our emerging AI products. We'll be driving a clear set of actions, including structural changes, updated product guidelines, improved launch processes, robust evals and red-teaming, and technical recommendations. We are looking across all of this and will make the necessary changes. Even as we learn from what went wrong here, we should also build on the product and technical announcements we've made in AI over the last several weeks. That includes some foundational advances in our underlying models e.g. our 1 million long-context window breakthrough and our open models, both of which have been well received. We know what it takes to create great products that are used and beloved by billions of people and businesses, and with our infrastructure and research expertise we have an incredible springboard for the AI wave. Let's focus on what matters most: building helpful products that are deserving of our users' trust.Read more of this story at Slashdot.
Thrasio, which acquires third-party Amazon sellers, filed for Chapter 11 bankruptcy protection and received commitments for $90 million in new financing from existing shareholders, it said on Wednesday. From a report: Thrasio also entered into a restructuring agreement with some of its lenders to reduce debt of $495 million from its existing debt pile, it said in a statement. It listed its estimated assets in the range of $1 billion to $10 billion and estimated liabilities of $500 million to $1 billion, according to a document filed with the New Jersey bankruptcy court. Billions of dollars, primarily in loans and other debt instruments, were invested into newly-formed startups aggregating third-party merchants on Amazon's marketplace during the COVID-19 pandemic as investors bet heavily on a prolonged explosion in online shopping. But as lockdowns eased and consumers returned to brick-and-mortar stores, sales growth on Amazon slowed, leaving these heavily-indebted "roll-up" companies struggling to service interest payments.Read more of this story at Slashdot.
An anonymous reader quotes a report from Fortune: Zurich authorities have apologized to city employees after a technical glitch caused a double payment of monthly salaries that local officials are now trying to claw back. About 175 million francs ($200 million) was sent in error on Monday, which was the payday for February, according to a statement. Workers can't keep the money, and officials are trying to devise a streamlined process so that the 30,000 employees affected can easily return it. A technical error at state-owned Zuercher Kantonalbank, which handles the city's salary transfers, is to blame. The bank itself said that faulty software from one of Swisscom AG's contractors caused the glitch. "Swisscom is aware of the seriousness of this incident and apologizes for the inconvenience caused," the telecommunications company said in a statement shared by the bank. The unexpected windfall prompted a flurry of employees calling up the city's offices to ask about the extra money, according to Swiss newspapers. Others mockingly described it as "inflation compensation" on the city's intranet, and demanded a repeat.Read more of this story at Slashdot.
According to a new study published in the journal Proceedings of the National Academy of Sciences, West Antarctica's Thwaites Glacier began rapidly receding in the 1940s -- much earlier than scientists had previous thought. The Hill notes that it's often referred to as the "doomsday glacier" due to the potentially catastrophic consequences of its hypothetical collapse. From the report: While scientists had already observed the glacier's accelerated retreat by the 1970s, they did not know when it began. Coupled with earlier research about Thwaites's neighboring Pine Island Glacier, the study also provides new, potentially alarming, insight into the cause of the glacier's melting. Scientists tried to reconstruct the glacier's history using analysis of the marine sedimentary record, and they found the Thwaites and Pine Island glaciers both lost contact with the seafloor highs in the 1940s -- at around the same time. These significant changes happened against the backdrop of a massive El Nino weather phenomenon, the scientists found, showing the glaciers "were responding to the same driver(s)." "The synchronous ice retreat of these two major ice streams suggests that, rather than being driven by internal dynamics unique to each glacier, retreat in the Amundsen Sea drainage sector results from external oceanographic and atmospheric drivers, which recent modeling studies show are modulated by climate variability," the study read. The scientists note that the glaciers' continued retreat shows how difficult it can be to reverse some of the consequences of naturally occurring weather events -- which they say is made even more difficult by human activity. "That ice streams such as Thwaites Glacier and Pine Island Glacier have continued to retreat since then indicates that they were unable to recover after the exceptionally large El Nino event of the 1940s," the scientists wrote. "This may reflect the increasing dominance of anthropogenic forcing since that time but implies that this involved large-scale, in additional to local, atmospheric and ocean circulation changes."Read more of this story at Slashdot.
Nintendo has filed a 41-page lawsuit against the makers of Yuzu, an open-source Nintendo Switch emulator, accusing them of "facilitating piracy at a colossal scale." Polygon reports: Yuzu is a free emulator that was released in 2018 months after the Nintendo Switch originally launched. The same folks who made Citra, a Nintendo 3DS emulator, made this one. Basically, it's a piece of software that lets people play Nintendo Switch games on Windows PC, Linux, and Android devices. (It also runs on Steam Deck, which Valve showed -- then wiped -- in a Steam Deck video clip.) Emulators aren't necessarily illegal, but pirating games to play on them is. But Nintendo said in its lawsuit that there's no way to legal way to use Yuzu. Nintendo argued that Yuzu executes codes that "defeat" Nintendo's security measures, including decryption using "an illegally-obtained copy of prod.keys." "In other words, without Yuzu's decryption of Nintendo's encryption, unauthorized copies of games could not be played on PCs or Android devices," Nintendo wrote in the lawsuit. As to the alleged damages created by Yuzu, Nintendo pointed to the release of The Legend of Zelda: Tears of the Kingdom. Tears of the Kingdom leaked almost two weeks earlier than the game's May 12 release date. The pirated version of the game spread quickly; Nintendo said it was downloaded more than 1 million times before Tears of the Kingdom's release date. People used Yuzu to play the game; Nintendo said more than 20% of download links pointed people to Yuzu. Though Yuzu doesn't give out pirated copies of games, Nintendo repeatedly said that most ROM sites point people toward Yuzu to play whatever games they've downloaded. Nintendo said its "expended significant resources to stop the illegal copying, marketing, sale, and distribution" of its Nintendo Switch games. It says that Yuzu earns the team $30,000 per month on its Patreon from more than 7,000 patrons. Nintendo said the company has earned at least $50,000 in paid Yuzu downloads. Nintendo said that Yuzu's Patreon doubled its paid members in the period between May 1 and May 12, when Tears of the Kingdom was released. Nintendo is asking the court to shut down the emulator, and for damages.Read more of this story at Slashdot.
An anonymous reader quotes a report from The Guardian: Microplastics have been found in every human placenta tested in a study, leaving the researchers worried about the potential health impacts on developing fetuses. The scientists analyzed 62 placental tissue samples and found the most common plastic detected was polyethylene, which is used to make plastic bags and bottles. A second study revealed microplastics in all 17 human arteries tested and suggested the particles may be linked to clogging of the blood vessels. [...] Prof Matthew Campen, at the University of New Mexico, US, who led the research, said: "If we are seeing effects on placentas, then all mammalian life on this planet could be impacted. That's not good." He said the growing concentration of microplastics in human tissue could explain puzzling increases in some health problems, including inflammatory bowel disease (IBD), colon cancer in people under 50, and declining sperm counts. A 2021 study found people with IBD had 50% more microplastics in their feces. Campen said he was deeply concerned by the growing global production of plastics because it meant the problem of microplastics in the environment "is only getting worse." The research, published in the Toxicological Sciences journal, found microplastics in all the placenta samples tested, with concentrations ranging from 6.5 to 790 micrograms per gram of tissue. PVC and nylon were the most common plastics detected, after polyethylene. The microplastics were analyzed by using chemicals and a centrifuge to separate them from the tissue, then heating them and analyzing the characteristic chemical signature of each plastic. The same technique was used by scientists at the Capital Medical University in Beijing, China, to detect microplastics in human artery samples. The concentration of microplastics in placentas was especially troubling, Campen said. The tissue grows for only eight months, as it starts to form about a month into pregnancy. "Other organs of your body are accumulating over much longer periods of time," he added.Read more of this story at Slashdot.
A federal judge in Texas has granted a temporary order blocking the U.S. government from monitoring the energy usage of cryptocurrency mining operations, stating that the industry had shown it would suffer "irreparable injury" if it was made to comply. The Guardian reports: The US Department of Energy had launched an "eemergency" initiative last month aimed at surveying the energy use of mining operations, which typically use vast amounts of computing power to solve various mathematical puzzles to add new tokens to an online network known as a blockchain, allowing the mining of currency such as bitcoin. The growth of cryptocurrency, and the associated mining of it, has been blamed for a surge in electricity use as data centers have sprung up across the US, even reviving, in some cases, ailing coal plants to help power the mining. [...] "The massive energy consumption of cryptocurrency mining and its rapid growth in the United States threaten to undermine progress towards achieving climate goals, and threaten grids, communities and ratepayers," said Mandy DeRoche, deputy managing attorney of the clean energy program at Earthjustice. Until now, a lack of publicly available information has only benefited an "industry that has thrived in the shadows," DeRoche added. The crypto mining industry, however, has claimed it is the victim of a "politically motivated campaign" by Joe Biden's administration and has, for now, succeeded in averting a survey that it contends is unfairly onerous. "This is an attack against legitimate American businesses with the administration feigning an emergency to score political points," said Lee Bratcher, president the Texas Blockchain Council, one of the groups that sued to stop the survey. "The White House has been clear that they desire to 'to limit or eliminate' bitcoin miners from operating in the United States. "Although bitcoin is resilient and cannot be banned, the administration is seeking to make the lives of bitcoin miners, their employees, and their communities too difficult to bear operating in the United States. This is deeply concerning."Read more of this story at Slashdot.
"Documentation authors at Canonical have launched the Open Documentation Academy to offer an easy way to get started contributing to open-source projects," writes longtime Slashdot reader tykev. From the blog post: Open and inclusive collaboration, and the sharing of ideas, remains the best way to develop software (and to do many other things!), but we also recognise that this "getting involved" step can be difficult. Where do you start? Who do you ask? What needs to be done? We all very much want to help people become open source contributors by building an on-ramp process. It may take some time, and we will need to adapt, but this is exactly why we've started our Open Documentation Academy. To help you get involved, the Open Documentation Academy provides a curated list of documentation tasks. Choose one, let us know, and get started. Tasks include testing and fixing tutorials, updating the outdated, restructuring large documents, and anything else you may want to suggest. Our list is growing, and a big part of the Documentation Academy will be ensuring there's always a wide range of tasks available, across as many projects and technologies as possible. And of course, we're here to help. We'll guide you through your first contributions, provide advice on approaches, and help you build your confidence.Read more of this story at Slashdot.
Fast food chain Wendy's announced it's adopting a similar approach to Uber's Surge Pricing policy by dynamically adjusting the prices of its menu items during peak demand periods at certain locations. The controversial strategy seeks to leverage real-time data to align pricing and demand, enhancing efficiency and potentially improving customer satisfaction. From a report: During a conference call earlier this month, Wendy's CEO Kirk Tanner said the fast-food chain would experiment with dynamic pricing as early as next year. "Beginning as early as 2025, we will begin testing more enhanced features like dynamic pricing and daypart offerings, along with AI-enabled menu changes and suggestive selling," he said. "As we continue to show the benefit of this technology in our company-operated restaurants, franchisee interest in digital menu boards should increase, further supporting sales and profit growth across the system." Prices seesaw all the time on the sites of online retailers like Amazon that use algorithms and artificial intelligence to monitor competitors and glean insights into individual shoppers, adjusting prices depending on interest in the product or in the brand, said Timothy Webb, an assistant professor at the University of Delaware's hospitality and sport business management program. Coupons and other offers are also routinely dangled in mobile apps to encourage people to make purchases. "A lot of this stuff is already happening even if you don't realize that it is happening. If you have the Starbucks app and I have the Starbucks app, we probably have different offers," Webb said. "We might not be in the drive-through and they just increased the prices, but we are already paying different prices for the same products." But, he says, Wendy's fans will likely see moderate, not massive, price swings during periods of peak demand. "It's not like $200 or $300 on a flight. This is a hypercompetitive industry. If Wendy's goes up $2 to $3 on a burger at dinner time, I would be shocked. People have too many options. They will just walk down the street and eat at Burger King instead," Webb said. "There will just be little price changes here."Read more of this story at Slashdot.
An anonymous reader quotes a report from Ars Technica: The FBI and partners from 10 other countries are urging owners of Ubiquiti EdgeRouters to check their gear for signs they've been hacked and are being used to conceal ongoing malicious operations by Russian state hackers. The Ubiquiti EdgeRouters make an ideal hideout for hackers. The inexpensive gear, used in homes and small offices, runs a version of Linux that can host malware that surreptitiously runs behind the scenes. The hackers then use the routers to conduct their malicious activities. Rather than using infrastructure and IP addresses that are known to be hostile, the connections come from benign-appearing devices hosted by addresses with trustworthy reputations, allowing them to receive a green light from security defenses. "In summary, with root access to compromised Ubiquiti EdgeRouters, APT28 actors have unfettered access to Linux-based operating systems to install tooling and to obfuscate their identity while conducting malicious campaigns," FBI officials wrote in an advisory Tuesday. APT28 -- one of the names used to track a group backed by the Russian General Staff Main Intelligence Directorate known as GRU -- has been doing just for at least the past four years, the FBI has alleged. Earlier this month, the FBI revealed that it had quietly removed Russian malware from routers in US homes and businesses. The operation, which received prior court authorization, went on to add firewall rules that would prevent APT28 -- also tracked under names including Sofacy Group, Forest Blizzard, Pawn Storm, Fancy Bear, and Sednit -- from being able to regain control of the devices. On Tuesday, FBI officials noted that the operation only removed the malware used by APT28 and temporarily blocked the group using its infrastructure from reinfecting them. The move did nothing to patch any vulnerabilities in the routers or to remove weak or default credentials hackers could exploit to once again use the devices to surreptitiously host their malware. "The US Department of Justice, including the FBI, and international partners recently disrupted a GRU botnet consisting of such routers," they warned. "However, owners of relevant devices should take the remedial actions described below to ensure the long-term success of the disruption effort and to identify and remediate any similar compromises." Those actions include: - Perform a hardware factory reset to remove all malicious files - Upgrade to the latest firmware version - Change any default usernames and passwords - Implement firewall rules to restrict outside access to remote management servicesRead more of this story at Slashdot.
Emanuel Maiberg reports via 404 Media: Dozens of Ghost kitchens, restaurants that serve food exclusively by delivery on apps like DoorDash and Grubhub, are selling food that they promote to customers with AI-generated images. It's common for advertisements to stage or edit pictures of food to make it look more enticing, but in these cases the ghost kitchens are showing people pictures of food that literally doesn't exist, and looks nothing like the actual items they're selling, sometimes because the faulty AI is producing physically impossible food items. [...] Some ghost kitchens exist as unmarked commercial kitchens with no actual restaurant you can visit that simply fulfill orders for a variety of brands that only exist on the food delivery services. Other ghost kitchens piggyback on existing, real restaurant kitchens to fulfill orders for those brands that exist only on food delivery apps. [The food from a business on DoorDash called Pasta Lovers] actually comes from Tony's Pizzeria in North Brooklyn, which also fulfills orders for a cheesesteak brand called Philly Cheez, a hero sandwich brand called Hero Mania, and a wrap brand called That's A Wrap. All of these brands deliver food from different ghost kitchens across the country, and all of them feature the same type of AI-generated images to promote their food, some of which looks ridiculous. [...] "We don't allow the use of AI-generated images and if we find a merchant is using any, we will remove those images from their menu," Grubhub, which also operates Seamless, told me in an email. However, at the time of writing the AI-generated images on Seamless I sent the company are still live on its site. "We know how important it is for diners to have realistic expectations of what they are ordering and should expect to receive, which is why we share image guidelines with our partners and our system reviews image submissions before they're allowed on our platform." "DoorDash is committed to showcasing realistic representations of meals that customers would receive when ordering online," DoorDash told me in an email. "Showcasing high-quality, accurate, and realistic menu images is crucial for maintaining customer trust and generating sales through DoorDash Marketplace." "This is all incredibly depressing," concludes Maiberg. "A local pizzeria can't get by unless it makes sandwiches for ghost kitchen brands, the people who make a living taking photographs of food are being displaced by AI tools, and gigantic food delivery apps are still making money by taking a cut from restaurants and screwing over gig delivery drivers." "AI-generated images of food that people can order and eat finally brings us to a shockingly literal manifestation of Jean Baudrillard's Simulacra. Baudrillard would say the Spicy Philly Cheese from Philly Cheez is "never that which conceals the truth -- it is the truth which conceals that there is none."Read more of this story at Slashdot.
Apple has filed a lawsuit against the U.S. Patent and Trademark Office for refusing to grant trademarks covering the company's augmented-reality software development tools "Reality Composer" and "Reality Converter." Reuters reports: Apple, whose augmented-reality technology is a centerpiece of its newly released Vision Pro headset, asked the court (PDF) on Friday to reverse the USPTO's decision that the phrases were not distinctive enough to receive federal trademark protection. "Consumers must exercise imagination to understand how the nonsensical phrases 'reality composer' and 'reality converter' -- which sound like science fiction impossibilities -- relate to Apple's products," the complaint said. "They are suggestive, just as Burger King is a fast-food chain, not an actual monarch." Apple's Reality Composer and Reality Converter allow developers to create and alter 3-D augmented-reality content for Apple apps. The content is compatible with Apple devices including the Vision Pro mixed-reality headset, which the tech giant began selling earlier this month. Turkish visual-effects company ZeroDensity challenged Apple's trademark applications at the USPTO, arguing that the phrases could not receive federal trademarks because they merely describe what the software does. ZeroDensity also said Apple's trademarks would cause confusion with its own "Reality"-related marks. ZeroDensity, the named defendant in the case, said in a statement on Monday that it was "surprised and concerned by [Apple's] misinterpretation and misrepresentation of our company" and is "resolute in defending our 'Reality' trademarks." A USPTO tribunal agreed with ZeroDensity that Apple's marks were descriptive without addressing whether they would confuse consumers. Apple said in Friday's complaint that its phrases were "made-up terms coined by Apple that do not describe the underlying software development tools." "In contrast, descriptive terms like Raisin Bran or American Airlines straightforwardly describe the goods and services offered under the brand name," Apple said. "As innovative as Apple is, it cannot 'compose' or 'convert' reality." Apple argued that its marks would not cause consumer confusion and accused ZeroDensity of trying to "claim broad rights in the word 'reality,' which no one entity can monopolize."Read more of this story at Slashdot.
An anonymous reader quotes a report from Ars Technica: Meta will soon begin "collecting anonymized data" from users of its Quest headsets, a move that could see the company aggregating information about hand, body, and eye tracking; camera information; "information about your physical environment"; and information about "the virtual reality events you attend." In an email sent to Quest users Monday, Meta notes that it currently collects "the data required for your Meta Quest to work properly." Starting with the next software update, though, the company will begin collecting and aggregating "anonymized data about... device usage" from Quest users. That anonymized data will be used "for things like building better experiences and improving Meta Quest products for everyone," the company writes. A linked help page on data sharing clarifies that Meta can collect anonymized versions of any of the usage data included in the "Supplemental Meta Platforms Technologies Privacy Policy," which was last updated in October. That document lists a host of personal information that Meta can collect from your headset, including: - "Your audio data, when your microphone preferences are enabled, to animate your avatar's lip and face movement" - "Certain data" about hand, body, and eye tracking, "such as tracking quality and the amount of time it takes to detect your hands and body" - Fitness-related information such as the "number of calories you burned, how long you've been physically active, [and] your fitness goals and achievements" - "Information about your physical environment and its dimensions" such as "the size of walls, surfaces, and objects in your room and the distances between them and your headset" - "Voice interactions" used when making audio commands or dictations, including audio recordings and transcripts that might include "any background sound that happens when you use those services" (these recordings and transcriptions are deleted "immediately" in most cases, Meta writes) - Information about "your activity in virtual reality," including "the virtual reality events you attend" The anonymized collection data is used in part to "analyz[e] device performance and reliability" to "improve the hardware and software that powers your experiences with Meta VR Products." Meta's help page also lists a small subset of "additional data" that headset users can opt out of sharing with Meta. But there's no indication that Quest users can opt out of the new anonymized data collection policies entirely. These policies only seem to apply to users who make use of a Meta account to access their Quest headsets, and those users are also subject to Meta's wider data-collection policies. Those who use a legacy Oculus account are subject to a separate privacy policy that describes a similar but more limited set of data-collection practices.Read more of this story at Slashdot.
Amazon has issued an update to Fire TV streaming devices and televisions that has broken apps that let users bypass the Fire OS home screen. From a report: The tech giant claims that its latest Fire OS update is about security but has refused to detail any potential security concerns. Users and app developers have reported that numerous apps that used to work with Fire TV devices for years have suddenly stopped working. As first reported by AFTVnews, the update has made apps unable to establish local Android Debug Bridge (ADB) connections and execute ADB commands with Fire TV devices. The update, Fire OS 7.6.6.9, affects several Fire OS-based TVs, including models from TCL, Toshiba, Hisense, and Amazon's Fire TV Omni QLED Series. Other devices running the update include Amazon's first Fire TV Stick 4K Max, the third-generation Fire TV Stick, as well as the third and second-generation Fire TV Cubes and the Fire TV Stick Lite. A code excerpt shared with AFTVnews by what the publication described as an "affected app developer," which you can view here, shows a line of code indicating that Fire TVs would not be allowed to make ADB connections with a local device or app. As pointed out by AFTVnews, such apps have been used by Fire TV modders for abilities like clearing installed apps' cache and using a different home screen than the Fire OS default.Read more of this story at Slashdot.
An anonymous reader shares a report: Microsoft is already testing Windows 11 24H2, this fall's big new Windows release. The company has already demonstrated a few new features, like 80Gbps USB4 support and Sudo for Windows, and the new version could also give a significant refresh to the Windows installer for the first time since the Windows Vista days. But there's one big update you might not notice at all. Late last week, Microsoft released "servicing updates" with no new features to Windows Insiders in the Dev and Canary channels. The updates were "designed to test [Microsoft's] servicing pipeline for Windows 11." It's pretty common for Insiders to get these kinds of updates-that-exist-only-to-test-the-update-process, but the twist here is that PCs with Virtualization Based Security (VBS) enabled could apply the update without rebooting. Sources speaking to Windows Central say this isn't a fluke -- Microsoft reportedly intends to use a Windows Server feature called hotpatching to deliver more Windows 11 security updates without requiring a reboot, making it easier to stay up to date without disrupting whatever you're doing. You'll still need to reboot "every few months" -- Microsoft's documentation says a reboot is needed roughly once every three months, though it can happen more often than that for unanticipated zero-day patches and others that can't be fixed via hotpatching. The Arm versions of Windows 11 also won't get the feature for another year or so, according to Windows Central.Read more of this story at Slashdot.
Bloomberg News: Apple is canceling a decade-long effort to build an electric car, according to people with knowledge of the matter, abandoning one of the most ambitious projects in the history of the company. Apple made the disclosure internally Tuesday, surprising the nearly 2,000 employees working on the project, said the people, who asked not to be identified because the announcement wasn't public. The decision was shared by Chief Operating Officer Jeff Williams and Kevin Lynch, a vice president in charge of the effort, according to the people. The two executives told staffers that the project will begin winding down and that many employees on the team working on the car -- known as the Special Projects Group, or SPG -- will be shifted to the artificial intelligence division under executive John Giannandrea. Those employees will focus on generative AI projects, an increasingly key priority for the company. The Apple car team also has several hundred hardware engineers and car designers. It's possible that they will be able to apply for jobs on other Apple teams. There will be layoffs, but it's unclear how many. The decision to ultimately wind down the project is a bombshell for the company, ending a multibillion-dollar effort that would have vaulted Apple into a whole new industry. The tech giant started working on a car around 2014, setting its sights on a fully autonomous electric vehicle with a limousine-like interior and voice-guided navigation. But the project struggled nearly from the start, with Apple changing the team's leadership and strategy several times. Lynch and Williams took over the undertaking a few years ago -- following the departure of Doug Field, now a senior executive at Ford Motor.Read more of this story at Slashdot.
Tumblr and Wordpress are preparing to sell user data to Midjourney and OpenAI, 404Media reported Tuesday, citing a source with internal knowledge about the deals and internal documents. From the report: The exact types of data from each platform going to each company are not spelled out in documentation we've reviewed, but internal communications reviewed by 404 Media make clear that deals between Automattic, the platforms' parent company, and OpenAI and Midjourney are imminent. The internal documentation details a messy and controversial process within Tumblr itself. One internal post made by Cyle Gage, a product manager at Tumblr, states that a query made to prepare data for OpenAI and Midjourney compiled a huge number of user posts that it wasn't supposed to. It is not clear from Gage's post whether this data has already been sent to OpenAI and Midjourney, or whether Gage was detailing a process for scrubbing the data before it was to be sent.Read more of this story at Slashdot.
OpenAI has asked a federal judge to dismiss parts of the New York Times' copyright lawsuit against it, arguing that the newspaper "hacked" its chatbot ChatGPT and other AI systems to generate misleading evidence for the case. From a report: OpenAI said in a filing in Manhattan federal court on Monday that the Times caused the technology to reproduce its material through "deceptive prompts that blatantly violate OpenAI's terms of use." "The allegations in the Times's complaint do not meet its famously rigorous journalistic standards," OpenAI said. "The truth, which will come out in the course of this case, is that the Times paid someone to hack OpenAI's products." OpenAI did not name the "hired gun" who it said the Times used to manipulate its systems and did not accuse the newspaper of breaking any anti-hacking laws.Read more of this story at Slashdot.
Undersea data cables in the Red Sea have reportedly been damaged, months after Yemeni Houthi rebels threatened to do so. From a report: At least 15 submarine cables pass through the Bab al-Mandab Strait at the southern end of the Red Sea, a body of water just 26km wide at some points. Yemen is the Strait's northern shore. The first reports of damage to submarine cables off the coast of Yemen began emerged on Monday morning, with Israeli news outlet Globes claiming that four cables (EIG, AAE-1, Seacom and TGN-EA) had experienced damage. Seacom has reportedly confirmed damage to a cable it operates on a stretch between Kenya and Egypt. "The location of the cable break is significant due to its geopolitical sensitivity and ongoing tensions, making it a challenging environment for maintenance and repair operations," Seacom said. "The team is currently working towards restoration timelines and will communicate these plans with our clients." Globes attributed the outages to the Iran-backed Houthis, and claimed the damage was "significant, but not critical," because several other undersea cables serve the region. Seacom has already reassured customers it has re-routed traffic onto other cables. While the world has a decent supply of cable repair ships, they are booked up well in advance so finding one ready to work is not always possible. Nor are cable repairs easy: it takes time to find and retrieve a damaged segment and reconnect it.Read more of this story at Slashdot.
Slashdot