Slashdot

Black Parrot (Slashdot reader #19,622) pointed out a historic anniversary this week: On October 6, 1923, Edwin Hubble got a photo of Andromeda that showed that it contained a variable star, and therefore was an actual galaxy, ending the Great Debate over whether the universe consisted of anything beyond our own galaxy. Unless you're more than 100 years old you grew up with a completely different understanding of the universe than anyone who lived before. Even Einstein did not know about it when he proposed the theory of general relativity. It was later in the decade before Hubble discovered that the universe is expanding. A century later, the European Space Agency was announcing...A very rare, strange burst of extraordinarily bright light in the universe just got even stranger a" thanks to the eagle-eye of the NASA/ESA Hubble Space Telescope. The phenomenon, called a Luminous Fast Blue Optical Transient (LFBOT), flashed onto the scene where it wasna(TM)t expected to be found, far away from any host galaxy. Only Hubble could pinpoint its location. The Hubble results suggest astronomers know even less about these objects than previously thought by ruling out some possible theories. Bill Kendrick (Slashdot reader #19,287) writes: Edwin Hubble's discovery - thanks to a Cepheid Variable star - that the "Andromeda Nebula" was actually an entire galaxy 2.5 million light years away... NASA's Astronomy Photo of the Day for today celebrates this with an image of the original photo plate from October 6, 1923. Notice the "N" (for nova) crossed off, and "VAR!" (for variable) next to the star! The discovery of Cepheids, and the important fact that their brightening and dimming was regular, and could be used to determine a star's intrinsic brightness, was thanks to Henrietta Swan Leavitt about a decade earlier. David Butler's "How Far Away Is It?" series has an excellent episode on Andromeda on YouTube.Read more of this story at Slashdot.

Long-time Slashdot reader alaskana writes: In late 2022 it was revealed that early samples of what was to be the "Pentium 5" processor, codenamed Tejas and Jayhawk were in development and made it as far as being released to board partners for evaluation. A few of these samples made it (of course) onto Ebay and then - not surprisingly - into the hands of a YouTuber. To be fair, tech site Anandtech arguably got the first scoop on this P4 successor way back in 2004, but that story seemingly never gained much traction at that time. They wrote that Intel Prescott CPUs "could hit 5GHz+ but had huge power and temperature numbers, but Tejas was expected to clock higher than Prescott - with Intel chasing the huge 10GHz CPU clocks within 10 years between 2000 and 2011 - but it ended up not happening at all." In what was supposed to be a continuation of the "GHz is king" days of the early aughts, the Pentium 5 was in spirit a continuation of the "faster-is-better" philosophy of the P4 architecture, efficiency be damned. Speeds in excess of 7 GHz(!), and a pipeline upwards of 50 stages were rumored to be targeted by Intel, but reality (and physics) reared their ugly heads as always. WCCF Tech transcribed the remarks of Intel engineer Steve Fischer, who was involved with the project. "The thing had a pipeline depth of around 50 stages and an expected clock target at one point north of 7 GHz. I call the thing "the Death Star of processors" and half-jokingly reasoned that consumer acceptance of liquid-cooled chassis would not be a big deal." Intel kicked off Project Tejas in 2003, expected in 2004 and later pushed into 2005 after issues forced Intel to redesign the chip. Before the company could do that, the Tejas Project was shelved on May 7, 2004. In the end efficiency and parallelization was to be the rule of future CPU development, but the fact that Intel had (at least briefly) had planned on taking the P4 paradigm just a wee bit further with a true Pentium 5 is a fascinating look into the past of a future that never was to be for the venerable Pentium line.Read more of this story at Slashdot.

An anonymous reader sharedthis report from the Associated Press:A man accused of shooting down a law enforcement drone being used at a business near his Florida home could be sentenced to 10 years in federal prison... Lake County sheriff's deputies responded to a burglary at a 10-acre industrial property in July 2021 in Mount Dora, northwest of Orlando, according to a plea agreement. As deputies used a $29,000 drone in the outdoor search, gunfire from a neighboring residential property caused it to crash into a metal roof and catch fire, prosecutors said. Deputies went to the property and found Goney, who said he shot down the drone with a .22-caliber rifle because it had been "harassing" him, investigators said. The man had 29 previous felony convictions - and federal law prohibits most convicted felons from possessing firearms and ammunition...Read more of this story at Slashdot.

An anonymous reader shared this report from Gizmodo:Zoom is setting out to compete with Google and Microsoft by introducing Zoom Docs at its annual Zoomtopia 2023 event on Tuesday. Zoom Docs is the company's own version of an AI-powered workspace that will provide users with AI capabilities to draft, edit, summarize, and include information from meeting discussions. The company said in a press release that its new feature will be integrated into the meetings feature, and says it will make it "easy for teams and individuals to create, collaborate, manage projects, and stay organized." It will also reportedly include the option to include tables, charts, and images in the Zoom Doc function, according to the press release... Zoom's press release calls it "a next-gen way of collaborating, built from the ground up with AI at its core," with "traditional document capabilities, as well as wikis and drag-and-drop content blocks for tables, charts, and images"Zoom Docs users can also leverage its AI-powered functionality to populate docs with content from Zoom Meetings to inform and jumpstart creation, generate content with Zoom AI Companion, summarize content quickly, easily search documents, and more. Zoom Docs is scheduled to be generally available in 2024. Gizmodo notes that in March Microsoft added ChatGPT to its Suite 365 business software, and Google announced it was adding generative AI to Google Docs and Google Excel.Read more of this story at Slashdot.

Since 2004 October has been designated "Cybersecurity Awareness Month" in America, "a collaborative effort between government and industry to enhance cybersecurity awareness, encourage actions by the public to reduce online risk and generate discussion on cyber threats on a national and global scale." That's according to America's Cybersecurity and Infrastructure Security Agency (or CISA), the operational lead for federal cybersecurity and national coordinator for critical infrastructure security and resilience (specifically designed for collaboration and partnership). It's why the NSA is publicizing the ten most common cybersecurity misconfigurations in large organizations. But in addition, for consumers CISA is introducing a new program this year that "promotes behavioral change across the Nation, with a particular focus on how individuals, families and small to medium-sized businesses can Secure Our World by focusing on the four critical actions..." In a video the director of America's cyberdefense agency calls them steps "that everyone can take to stay safe online."Use Strong Passwords, "meaning long, random, and unique to each account. And use a password manager to generate and to save them."Turn on Multi-Factor Authentication on All Accounts That Offer It. "You need more than a password on your most important accounts, like email, social media, and financial accounts."Recognize and Report Phishing. "Be cautious of unsolicited emails, texts, or calls asking you for personal information, and don't click on links or open attachments from unknown sources. Update Your Software. "In fact, enable automatic updates on your software, so the latest security patches just keep your devices continuously up-to-date."The video ends by noting CISA is asking tech companies and software developers to create products that are "secure by design." "And let's secure our families by ensuring that our loved ones know what to look for and how to stay safe online."Read more of this story at Slashdot.

Slashdot reader TranquilVoid writes: To better understand the battles between native and invasive ants, scientists at Australia's national science agency have turned to Microsoft's classic computer game to model ant warfare. Across Australia, 50 different species of invasive ants have established themselves, including electric ants, fire ants and yellow crazy ants, with hundreds of millions of dollars spent attempting to eradicate them. "Ants are one of the few groups of animal species in which warfare resembles human warfare, in terms of scale and mortality," researcher Samuel Lymbery said. The research found small armies of strong soldiers did better in complex terrain-based battlefields and large armies of weaker soldiers fared better in simple open battlefields. In the ant world, a simple battlefield would be a footpath or park while a complex battlefield would be bushland with undergrowth and woody debris. Dr Lymbery said his work could help develop new approaches to habitat management, like adding undergrowth or more environmental complexity back into urbanised environments, to tip the competitive balance back in favour of native ants.Read more of this story at Slashdot.

An announcement from MIT News:One promising approach to treating Type 1 diabetes is implanting pancreatic islet cells that can produce insulin when needed, which can free patients from giving themselves frequent insulin injections. However, one major obstacle to this approach is that once the cells are implanted, they eventually run out of oxygen and stop producing insulin. To overcome that hurdle, MIT engineers have designed a new implantable device that not only carries hundreds of thousands of insulin-producing islet cells, but also has its own on-board oxygen factory, which generates oxygen by splitting water vapor found in the body. The researchers showed that when implanted into diabetic mice, this device could keep the mice's blood glucose levels stable for at least a month. The researchers now hope to create a larger version of the device, about the size of a stick of chewing gum, that could eventually be tested in people with Type 1 diabetes. "You can think of this as a living medical device that is made from human cells that secrete insulin, along with an electronic life support-system," says Daniel Anderson, a professor in MIT's Department of Chemical Engineering, a member of MIT's Koch Institute for Integrative Cancer Research and Institute for Medical Engineering and Science, and the senior author of the study. While the researchers' main focus is on diabetes treatment, they say that this kind of device could also be adapted to treat other diseases that require repeated delivery of therapeutic proteins. Thanks to Slashdot reader schwit1 for sharing the news.Read more of this story at Slashdot.

An anonymous reader shared this report from Reuters:In a new front in the U.S.-China tech war, President Joe Biden's administration is facing pressure from some lawmakers to restrict American companies from working on a freely available chip technology widely used in China - a move that could upend how the global technology industry collaborates across borders... RISC-V can be used as a key ingredient for anything from a smartphone chip to advanced processors for artificial intelligence... The lawmakers expressed concerns that Beijing is exploiting a culture of open collaboration among American companies to advance its own semiconductor industry, which could erode the current U.S. lead in the chip field and help China modernize its military. Their comments represent the first major effort to put constraints on work by U.S. companies on RISC-V... Executives from China's Huawei Technologies have embraced RISC-V as a pillar of that nation's progress in developing its own chips. But the United States and its allies also have jumped on the technology, with chip giant Qualcomm working with a group of European automotive firms on RISC-V chips and Alphabet's Google saying it will make Android, the world's most popular mobile operating system, work on RISC-V chips... Jack Kang, vice president of business development at SiFive, a Santa Clara, California-based startup using RISC-V, said potential U.S. government restrictions on American companies regarding RISC-V would be a "tremendous tragedy." "It would be like banning us from working on the internet," Kang said. "It would be a huge mistake in terms of technology, leadership, innovation and companies and jobs that are being created." One U.S. Representative said the Chinese Communist Party was "abusing RISC-V to get around U.S. dominance of the intellectual property needed to design chips. "U.S. persons should not be supporting a PRC tech transfer strategy that serves to degrade U.S. export control laws."Read more of this story at Slashdot.

In downtown San Francisco two vehicles were stopped at a red light on Monday night, reports the Washington Post - a regular car and a Cruise robotaxi.Both vehicles advanced when the light turned green, according to witness accounts and video recorded by the Cruise vehicle's internal cameras and reviewed by The Post. As the cars moved forward, the pedestrian entered the traffic lanes in front of them, according to the video, and was struck by the regular car. The video shows the victim rolling onto that vehicle's windshield and then being flung into the path of the driverless car, which stopped once it collided with the woman. According to Cruise spokesperson Hannah Lindow, the autonomous vehicle "braked aggressively to minimize the impact" but was unable to stop before rolling over the woman and coming to a halt. Photos published by the San Francisco Chronicle show the woman's leg sticking out from underneath the car's left rear wheel. "According to Cruise, police had directed the company to keep the vehicle stationary, apparently with the pedestrian stuck beneath it," reports the San Francisco Chronicle. Also from the San Francisco Chronicle:Austin Tutone, a bicycle delivery person, saw the woman trapped underneath the Cruise car and tried to reassure her as they waited for first-responders. "I told her, 'The ambulance is coming' and that she'd be okay. She was just screaming." He shared a photo of the aftermath with The Chronicle that appears to show the car tire on the woman's leg. San Francisco firefighters arrived and used the jaws of life to lift the car off the woman. She was transported to San Francisco General Hospital with "multiple traumatic injuries," said SFFD Capt. Justin Schorr. The victim was in critical condition as of late Tuesday afternoon, according to the hospital. It appears that once the Cruise car sensed something underneath its rear axle, it came to a halt and turned on its hazard lights, Schorr said. Firefighters obstructed the sensors of the driverless car to alert the Cruise control center. He said representatives from Cruise responded to firefighters and "immediately disabled the car remotely."More from the San Francisco Chronicle:"When it comes to someone pinned beneath a vehicle, the most effective way to unpin them is to lift the vehicle," Sgt. Kathryn Winters, a spokesperson for the department, said in an interview. Were a driver to move a vehicle with a person lying there, "you run the risk of causing more injury." Once the person is freed, the car must stay in place as police gather evidence including "the location of the vehicle and/or vehicles before, during and after the collision," said Officer Eve Laokwansathitaya, another spokesperson. The human driver who struck the pedestrian immediately fled the scene, and has not yet been identified.Read more of this story at Slashdot.

An anonymous reader quotes a report from SecurityWeek: Tens of thousands of Android devices have been shipped to end-users with backdoored firmware, according to a warning from cybersecurity vendor Human Security. As part of the global cybercriminal operation called BadBox (PDF), Human Security found a threat actor relied on supply chain compromise to infect the firmware of more than 70,000 Android smartphones, CTV boxes, and tablet devices with the Triada malware. The infected devices come from at least one Chinese manufacturer but, before they are delivered to resellers, physical retail stores, and e-commerce warehouses, a backdoor was injected into their firmware. "Products known to contain the backdoor have been found on public school networks throughout the United States," Human says. Discovered in 2016, Triada is a modular trojan residing in a device's RAM, relying on the Zygote process to hook all applications on Android, actively using root privileges to substitute system files. Over time, the malware went through various iterations and was found pre-installed on low-cost Android devices on at least two occasions. As part of the BadBox operation that Human Security discovered, the infected low-cost Android devices allow threat actors to carry out various ad-fraud schemes, including one named PeachPit, which at its peak relied on 121,000 Android and 159,000 iOS devices infected with malware, and on 39 Android, iOS, and CTV-centric apps designed to connect to a fake supply-side platform (SSP). One of the modules delivered to the infected devices from the command-and-control (C&C) server allows the creation of WebViews that are fully hidden from the user, but which "are used to request, render, and click on ads, spoofing the ad requests to look like they're coming from certain apps, referred by certain websites, and rendered" on specific devices. BadBox, Human Security notes, also includes a residential proxy module that allows the threat actors to sell access to the victim's network. Furthermore, they can create WhatsApp messaging accounts and Gmail accounts they can then use for other malicious activities. "Finally, because of the backdoor's connection to C2 servers on BadBox-infected smartphones, tablets, and CTV boxes, new apps or code can be remotely installed by the threat actors without the device owner's permission. The threat actors behind BadBox could develop entirely new schemes and deploy them on BadBox-infected devices without any interaction from the devices' owners," Human notes.Read more of this story at Slashdot.

Scientists using the H.E.S.S. observatory in Namibia have detected the highest energy gamma rays ever from a dead star called a pulsar. Phys.Org reports: The energy of these gamma rays clocked in at 20 tera-electronvolts, or about 10 trillion times the energy of visible light. This observation is hard to reconcile with the theory of the production of such pulsed gamma rays, as the international team reports in the journal Nature Astronomy. [...] The Vela pulsar, located in the Southern sky in the constellation Vela (sail of the ship), is the brightest pulsar in the radio band of the electromagnetic spectrum and the brightest persistent source of cosmic gamma rays in the giga-electronvolts (GeV) range. It rotates about eleven times per second. However, above a few GeV, its radiation ends abruptly, presumably because the electrons reach the end of the pulsar's magnetosphere and escape from it. But this is not the end of the story: using deep observations with H.E.S.S., a new radiation component at even higher energies has now been discovered, with energies of up to tens of tera-electronvolts (TeV). "That is about 200 times more energetic than all radiation ever detected before from this object," says co-author Christo Venter from the North-West University in South Africa. This very high-energy component appears at the same phase intervals as the one observed in the GeV range. However, to attain these energies, the electrons might have to travel even farther than the magnetosphere, yet the rotational emission pattern needs to remain intact. "This result challenges our previous knowledge of pulsars and requires a rethinking of how these natural accelerators work," says Arache Djannati-Atai from the Astroparticle & Cosmology (APC) laboratory in France, who led the research. "The traditional scheme according to which particles are accelerated along magnetic field lines within or slightly outside the magnetosphere cannot sufficiently explain our observations. Perhaps we are witnessing the acceleration of particles through the so-called magnetic reconnection process beyond the light cylinder, which still somehow preserves the rotational pattern? But even this scenario faces difficulties to explain how such extreme radiation is produced." Whatever the explanation, next to its other superlatives, the Vela pulsar now officially holds the record as the pulsar with the highest-energy gamma rays discovered to date. "This discovery opens a new observation window for detection of other pulsars in the tens of teraelectronvolt range with current and upcoming more sensitive gamma-ray telescopes, hence paving the way for a better understanding of the extreme acceleration processes in highly magnetized astrophysical objects," says Djannati-Atai.Read more of this story at Slashdot.

According to the European Space Agency (ESA), the ozone hole above Antarctica reached approximately 10 million square miles in area on Sept. 16, 2023 -- making it one of the largest seasonal holes ever observed. Space.com reports: One possible reason for the higher-than-normal growth is the Hunga Tonga volcanic eruption in January 2022, which introduced massive quantities of water vapor into the air. "The water vapor could have led to the heightened formation of polar stratospheric clouds, where chlorofluorocarbons (CFCs) can react and accelerate ozone depletion," said Inness. Yet despite experiencing large seasonal growth this year, the ozone hole is still decreasing in size overall. "Based on the Montreal Protocol and the decrease of anthropogenic ozone-depleting substances, scientists currently predict that the global ozone layer will reach its normal state again by around 2050," said Claus Zehner, ESA's mission manager for Copernicus Sentinel-5P.Read more of this story at Slashdot.

An anonymous reader quotes a report from The Conversation: Recently, several mammals have been reported to "glow" under ultraviolet (UV) light, including our beloved platypus. But no one knew how common it was among mammals until now. Our research, published in Royal Society Open Science today, found this glow -- known as fluorescence -- is extremely common. Almost every mammal we studied showed some form of fluorescence. [...] We started with the platypus to see if we could replicate the previously reported fluorescence. We photographed preserved and frozen platypus specimens under UV light and observed a fluorescent (although rather faint) glow. [...] We repeated this process for other mammals and found clear evidence of fluorescence in the white fur, spines and even skin and nails of koalas, Tasmanian devils, short-beaked echidnas, southern hairy-nosed wombats, quendas (bandicoots), greater bilbies and even cats. Both fresh-frozen and chemically treated museum specimens were fluorescent. This meant it wasn't preservation chemicals such as borax or arsenic causing the fluorescence. So, we concluded this was a real biological phenomenon. Using specimens from the Western Australian Museum's collection, we took the experiment to the next stage. We recorded every species of mammal that was fluorescent when we exposed the specimens to UV light. As a result, we found 125 fluorescent species of mammal, representing all known orders. Fluorescence is clearly common and widely distributed among mammals. In particular, we noticed that white and light-colored fur is fluorescent, with dark pigmentation preventing fluorescence. For example, a zebra's white stripes fluoresced while the dark stripes didn't. We then used our dataset to test if fluorescence might be more common in nocturnal species. To do this, we correlated the total area of fluorescence with ecological traits such as nocturnality, diet and locomotion. Nocturnal mammals were indeed more fluorescent, while aquatic species were less fluorescent than those that burrowed, lived in trees, or on land. Based on our results, we think fluorescence is very common in mammals. In fact, it is likely the default status of hair unless it is heavily pigmented. This doesn't mean fluorescence has a biological function -- it may just be an artifact of the structural properties of unpigmented hair. However, we suggest florescence may be important for brightening pale-colored parts of animals that are used as visual signals. This could improve their visibility, especially in poor light -- just like the fluorescent optical brighteners that are added to white paper and clothing.Read more of this story at Slashdot.

Tom Perkins writes via The Guardian: Almost half of a federal government panel that helps develop US nutritional guidelines has significant ties to big agriculture, ultra-processed food companies, pharmaceutical companies and other corporate organizations with a significant stake in the process's outcome. The revelation is part of a new report from US Right to Know, a government transparency group that looked for ties to corporate interests among the 20-member panel of food and nutrition experts that makes recommendations for updating the US government's official dietary guidelines. It found nine members had ties to Nestle, Pfizer, Coca-Cola, the National Egg Board and other prominent food lobby groups, among others. The findings raise questions about whether the panel is looking out for Americans' health or corporate profits, and "erodes confidence in dietary guidelines," said Gary Ruskin of US Right to Know. "Millions of Americans' lives are affected by this report and it's crucial that the report tell the truth to American people and it's not degraded into another sales pitch for big food and big pharma," he said. [...] "The guidelines affect the entire US food system quite strongly," Ruskin said. US Right to Know scoured public records dating back five years for conflicts of interest among the 20 panel members. In addition to the nine it found with "high-risk conflicts of interest" and connections to the food and drug industry, it found four more members who have possible conflicts of interest. It applauded the agencies for appointing seven members who did not appear to have any conflicts. At least four panelists have connections to at least two companies each among Abbott, Novo Nordisk, the National Dairy Council, Eli Lilly and Weight Watchers International. One panel member has received about $240,000 in grant funding from Eli Lilly.Read more of this story at Slashdot.

Simon Sharwood writes via The Register: The Chinese manufacturer that took over IBM's PC business announced on Thursday that it's teamed with an outfit named Esper that specializes in custom cuts of Android, plus device management offerings. Android is most commonly used in handheld devices. Lenovo's taking it in an entirely different direction by making the ThinkCentre M70a: a desktop all-in-one. The first fruit of the collaboration with Esper, the ThinkCentre M70a boasts a 21 -- inch touch screen and offers a choice of 12th-gen Intel core CPUs from the Core i3 to the almost workstation-grade Core i9, at prices from $889 to beyond $1250. What could you do with Android on a Corei9, plus the maximum 16GB DDR4 3200MHz and 512GB PCIe SSD Lenovo's machines allow? Almost anything -- but Lenovo thinks its Android effort will first be appreciated by customers in the retail, hospitality, and healthcare industries. Esper pitches its wares as ideal for point-of-sale systems, kiosks, and digital signage -- environments where users don't need to access diverse apps but do need a machine that reliably boots into custom environments. Lenovo's not just doing desktop PCs. The number one PC maker by market share has promised it will also ship Esper's wares on the small form factor ThinkCentre M70q -- a machine designed to be bolted to the back of monitors. The ThinkEdge SE30 -- a ruggedized and fanless edge client -- will also have an Android option. So will the ThinkCentre M90n-1 IoT [PDF] -- another rugged client for edge applications.Read more of this story at Slashdot.

Jonathan Greig writes via The Record: Genetic testing giant 23andMe confirmed that a data scraping incident resulted in hackers gaining access to sensitive user information and selling it on the dark web. The information of nearly 7 million 23andMe users was offered for sale on a cybercriminal forum this week. The information included origin estimation, phenotype, health information, photos, identification data and more. 23andMe processes saliva samples submitted by customers to determine their ancestry. When asked about the post, the company initially denied that the information was legitimate, calling it a "misleading claim" in a statement to Recorded Future News. The company later said it was aware that certain 23andMe customer profile information was compiled through unauthorized access to individual accounts that were signed up for the DNA Relative feature -- which allows users to opt in for the company to show them potential matches for relatives. [...] When pressed on how compromising a handful of user accounts would give someone access to millions of users, the spokesperson said the company does not believe the threat actor had access to all of the accounts but rather gained unauthorized entry to a much smaller number of 23andMe accounts and scraped data from their DNA Relative matches. A researcher approached Recorded Future News after examining the leaked database and found that much of it looked real. [...] The researcher downloaded two files from the BreachForums post and found that one had information on 1 million 23andMe users of Ashkenazi heritage. The other file included data on more than 300,000 users of Chinese heritage. The data included profile and account ID numbers, names, gender, birth year, maternal and paternal genetic markers, ancestral heritage results, and data on whether or not each user has opted into 23andme's health data. The researcher added that he discovered another issue where someone could enter a 23andme profile ID, like the ones included in the leaked data set, into their URL and see someone's profile. The data available through this only includes profile photos, names, birth years and location but does not include test results.Read more of this story at Slashdot.

An anonymous reader quotes a report from Motherboard: A man who admitted attempting to assassinate Queen Elizabeth II with a crossbow after discussing his plan with an AI-powered chatbot has been sentenced to 9 years in prison for treason. It's the UK's first treason conviction in more than 40 years. Jaswant Singh Chail, who was 19 at the time of his arrest on Christmas Day, 2021, scaled the walls of Windsor Castle's grounds with a mask and a loaded high-power crossbow. He said his intent was, as a British Sikh, to assassinate the Queen in a Star Wars-inspired plan to avenge the 1919 Jallianwalla Bagh massacre, a colonial-era atrocity during British rule in India. Prosecutors said that Chail was encouraged to undertake this plot after discussing it at length with an AI-powered chatbot that egged him on and bolstered his resolve. [...] Chail is currently being held at Broadmoor high-security hospital and will remain there until he is psychologically well enough to serve his sentence.Read more of this story at Slashdot.

Kylie Robison writes via Fortune: Beginning on Monday, Slack employees will be expected to set aside their regular work duties and to instead plug away at various modules on Salesforce's Trailhead online learning platform, Fortune has learned. The goal is for Slack's employees to reach Trailhead's Ranger level, a feat that requires roughly 40 hours on the learning platform, whose modules include topics like "Learn about the Fourth Industrial Revolution" and "Healthy Eating." A large percent of Slack's roughly 3,000 staff have neglected to hit the target, according to sources inside the company. And since Salesforce provides Trailhead to other businesses as a way to "upskill" employees, some speculate that the slackers at Slack make for bad optics. In a message to employees in mid-September, Slack CEO Lidiane Jones wrote that the one week shutdown, dubbed "Ranger Week," is intended to give everyone "dedicated time to make a lot of progress towards the goal." Jones wrote in her message that the product development engineering (PDE), customer experience (CE), Biz Ops, and communication departments are expected to participate in Ranger Week. "It's important that we all reach Ranger status this year, and I want to ensure that everyone has focus time to upskill on Trailhead," Jones wrote in the message to staff. "I know this will disrupt and slow V2MOM progress for many of us -- we are making this a priority now so we can quickly get back to work on our roadmaps," she said, referring to the company's annual forward-looking strategy planning document which stands for vision, values, methods, obstacles, and measures. [...] "We really are canceling all meetings next week to facilitate this heads-down time, even 1:1s," Slack's chief of staff to the CTO wrote to employees on Wednesday. "We don't know yet what will happen to people who haven't hit Ranger by Jan. 31. At a minimum, it will make Slack look bad compared to the other clouds. Please do use the time next week to make as much progress as you can!" [...] Still, the work stoppage is somewhat porous. Slack's CTO noted that "deploys, on-call rotations, and interviews" will still happen as normal, and while no executive has used the word "mandatory," it's considered strongly encouraged. According to Insider, some workers at Slack are "gaming" the platform to speed through the sessions.Read more of this story at Slashdot.

The National Security Agency (NSA), in partnership with the Cybersecurity and Infrastructure Security Agency (CISA), have highlighted the ten most common cybersecurity misconfigurations in large organizations. In their join cybersecurity advisory (CSA), they also detail the tactics, techniques, and procedures (TTPs) actors use to exploit these misconfigurations. From the report: Through NSA and CISA Red and Blue team assessments, as well as through the activities of NSA and CISA Hunt and Incident Response teams, the agencies identified the following 10 most common network misconfigurations: 1. Default configurations of software and applications2. Improper separation of user/administrator privilege3. Insufficient internal network monitoring4. Lack of network segmentation5. Poor patch management6. Bypass of system access controls7. Weak or misconfigured multifactor authentication (MFA) methods8. Insufficient access control lists (ACLs) on network shares and services9. Poor credential hygiene10. Unrestricted code execution NSA and CISA encourage network defenders to implement the recommendations found within the Mitigations section of this advisory -- including the following -- to reduce the risk of malicious actors exploiting the identified misconfigurations: Remove default credentials and harden configurations; Disable unused services and implement access controls; Update regularly and automate patching, prioritizing patching of known exploited vulnerabilities; and Reduce, restrict, audit, and monitor administrative accounts and privileges. NSA and CISA urge software manufacturers to take ownership of improving security outcomes of their customers by embracing secure-by-design and-default tactics, including: Embedding security controls into product architecture from the start of development and throughout the entire software development lifecycle (SDLC); Eliminating default passwords; Providing high-quality audit logs to customers at no extra charge; and Mandating MFA, ideally phishing-resistant, for privileged users and making MFA a default rather than opt-in feature. A PDF version of the report can be downloaded here (PDF).Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: Getty Images CEO Craig Peters told the Verge that he has found a solution to one of AI's biggest copyright problems: creators suing because AI models were trained on their original works without consent or compensation. To prove it's possible for AI makers to respect artists' copyrights, Getty built an AI tool using only licensed data that's designed to reward creators more and more as the tool becomes more popular over time. "I think a world that doesn't reward investment in intellectual property is a pretty sad world," Peters told The Verge. The conversation happened at Vox Media's Code Conference 2023, with Peters explaining why Getty Images -- which manages "the world's largest privately held visual archive" -- has a unique perspective on this divisive issue. In February, Getty Images sued Stability AI over copyright concerns regarding the AI company's image generator, Stable Diffusion. Getty alleged that Stable Diffusion was trained on 12 million Getty images and even imitated Getty's watermark -- controversially seeming to add a layer of Getty's authenticity to fake AI images. Now, Getty has rolled out its own AI image generator that has been trained in ways that are unlike most of the popular image generators out there. Peters told The Verge that because of Getty's ongoing mission to capture the world's most iconic images, "Generative AI by Getty Images" was intentionally designed to avoid major copyright concerns swirling around AI images -- and compensate Getty creators fairly. Rather than crawling the web for data to feed its AI model, Getty's tool is trained exclusively on images that Getty owns the rights to, Peters said. The tool was created out of rising demand from Getty Images customers who want access to AI generators that don't carry copyright risks. [...] With that as the goal, Peters told Code Conference attendees that the tool is "entirely commercially safe" and "cannot produce third-party intellectual property" or deepfakes because the AI model would have no references from which to produce such risky content. Getty's AI tool "doesn't know what the Pope is," Peters told The Verge. "It doesn't know what [Balenciaga] is, and it can't produce a merging of the two." Peters also said that if there are any lawsuits over AI images generated by Getty, then Getty will cover any legal costs for customers. "We actually put our indemnification around that so that if there are any issues, which we're confident there won't be, we'll stand behind that," Peters said. When asked how Getty creators will be paid for AI training data, Peters said that there currently isn't a tool for Getty to assess which artist deserves credit every time an AI image is generated. "Instead, Getty will rely on a fixed model that Peters said determines 'what proportion of the training set does your content represent? And then, how has that content performed in our licensing world over time? It's kind of a proxy for quality and quantity. So, it's kind of a blend of the two,'" reports Ars. "Importantly, Peters suggested that Getty isn't married to using this rewards system and would adapt its methods for rewarding creators by continually monitoring how customers are using the AI tool."Read more of this story at Slashdot.

Atari just announced preorders for a physical cartridge for the company's once-ubiquitous 2600 console. From a report: A gaming console that counts 1982 as its most successful year is releasing another new cartridge in the year 2023. The game-in-question is called Save Mary and was actually developed during the console's golden years, before being shelved when the 2600 went the way of the dodo. Save Mary was in development for two whole years, which is a lifetime in the generation of gaming that preceded the NES. The normal timeframe to produce a game back then was six to nine months, with some notorious titles taking just five or six weeks. Save Mary was originally developed by veteran Atari staffer Tod Frye, the guy behind the 2600 version of Pac-Man and the Swordquest series.Read more of this story at Slashdot.

Lawmakers in the United States last year passed bipartisan legislation intended to maintain US competitiveness with countries such as China by boosting funding for science and innovation. But concerns are mounting that the US Congress will fail to deliver on its promises. From a report: The money allotted to a handful of major US science agencies that had been targeted for a budget boost is likely to fall short of the legislation's goals by more than US$7 billion in 2024, according to a report. And overall funding for those agencies will continue to hover at a 25-year low. "We're leaving scientific opportunities on the table," says Matt Hourihan, who led the analysis for the Federation of American Scientists, an advocacy group based in Washington DC. "If we drop this ball, others will be happy to pick it up." It was precisely this fear that drove members of Congress to come together to pass the CHIPS and Science Act of 2022. The legislation promised one of the largest increases in US science funding in a long time, totalling some $280 billion over five years. Much of the spending mandated by the bill was focused on semiconductor research and manufacturing -- areas in which other countries, particularly China, have dominated. Lawmakers also authorized investments in other science and innovation programmes, but these were not mandated, and need to be approved by Congress during an appropriations process each year. That process has become increasingly contentious as political polarization in the United States has risen over the past few decades. Disputes about overall spending levels and funding for various social programmes have led to repeated delays in crafting the annual budget, at times forcing the government to shut down. This year is a prime example: Republicans, who control the US House of Representatives, blocked legislation that would have allowed the government to increase the federal debt limit and pay its bills, until they were able to secure an agreement with the Democrats in May to limit spending. And last month, a handful of extreme right-wing Republicans sought to close the government down as they pushed for further spending cuts.Read more of this story at Slashdot.

Amazon has launched its first two satellites for its Project Kuiper, the tech giant's initiative to build a massive constellation of satellites that can provide internet coverage to Earth. From a report: An Atlas V rocket, operated by United Launch Alliance, lofted the pair of satellites en route to orbit from Florida at 2:06 p.m. local time Friday. The mission is still ongoing, and it's unclear when the satellites will be deployed from the rocket. Project Kuiper's goal is to eventually put 3,326 satellites into low Earth orbit, where they will beam broadband internet service to the ground below, similar to Elon Musk's SpaceX Starlink. The two launched Friday, KuiperSat-1 and KuiperSat-2, are test satellites that will allow Amazon to demonstrate the ability to send and receive broadband signals. This mission has been long delayed. Amazon originally hoped to launch these satellites a year ago on a different, experimental rocket. However, the company wound up switching the launch vehicle for these satellites multiple times, eventually landing on ULA's workhorse Atlas V rocket, in order to get the satellites into space more quickly.Read more of this story at Slashdot.

PayPal has been hit with a class action lawsuit by consumers represented by law firm Hagens Berman alleging that the fintech giant's anti-steering rules stifle competition against lower-cost payment platforms such as Stripe and Shopify. From a report: Specifically, according to an investigation conducted by the firm's consumer rights attorneys, PayPal has subjected consumers to excess charges when purchasing from online merchants that accept PayPal or Venmo. The suit states that PayPal's merchant agreements, which all merchants must sign to accept payments via its platform, leads to consumers paying more to make purchases. The attorneys charge that "if PayPal's agreements were transparent, consumers would quickly see a price difference between PayPal and Venmo and its competitors." Specifically, per PayPal's anti-steering rules, if a retailer accepts PayPal or Venmo payments, they agree not to offer any discounts or inducements to persuade consumers to use other payment options that have a lower cost. These discounts are treated as a "surcharge" on PayPal transactions and prohibited by PayPal's anti-steering rules. Merchants also cannot tell customers that other payment methods are more cost-effective or preferred, according to the complaint, which was filed in the U.S. District Court for the Northern District of California. Merchants are also not allowed to present other forms of payment earlier in the checkout process.Read more of this story at Slashdot.

Microsoft has launched a new web version of its app store for Windows. From a report: It's designed as a replacement for the existing way to find Windows apps on the web, with links from the site opening in the Microsoft Store client on Windows 10 or Windows 11. The software giant has ditched its old React codebase from its previous web version of the Microsoft Store and replaced it with a modern web version that uses Shoelace, Lit, Vite, and a C# ASPNET backend. "The old site was a React codebase built on an obsoleted UI framework," explains Microsoft engineer Judah Gabriel in a post on X (formerly Twitter). "We created a fresh user experience with a thoughtfully designed interface, easier ways to discover new apps, modern web tech stack. I hope folks will find it useful."Read more of this story at Slashdot.

Climate activists are calling out Shell for partnering with popular video gamers and online youth influencers to promote fossil fuels to a younger generation. From a report: The oil giant, which in July reported quarterly profits of more than $5bn, worked with Fortnite creators and paid popular gamers on multiple platforms to showcase its "ultimate road trips" promotion, part of a marketing campaign for a new gasoline it calls V-Power Nitro+. According to the group Media Matters for America, the company is targeting young players on Twitch, TikTok, Instagram and YouTube, encouraging them to fill up virtual vehicles at interactive Shell gas stations and post screenshots of the game with a #Shellroadtrips hashtag. Research by the non-profit group revealed Shell sponsored livestreams of gameplay on Twitch by at least six streamers with a combined 5.5m followers. It also identified three more content creators on other platforms who were paid to promote the campaign in their videos. Those influencers, Media Matters said, have a combined 1.5 million Instagram followers, 8.5 million on TikTok and 11.6 million on YouTube.Read more of this story at Slashdot.

The Treasury Department released new guidance Friday outlining how car dealers can give customers instant access to the electric vehicle rebate starting in January 2024. It's the latest move by the Biden administration to bring down the cost of EVs in the hopes that more people will buy them. From a report: The new guidance lays out how dealers can effectively reduce the price of an EV by as much as $7,500 at the point of purchase rather than the customer having to wait until they file their taxes to claim the credit. The administration hopes that by applying the credit immediately, more people will be convinced to consider an EV for their next purchase, which will help toward achieving the goal of making EVs 50 percent of new car sales by 2030.Read more of this story at Slashdot.

South Korea's telecommunications regulator said on Friday that Alphabet's Google and Apple have abused their dominant app market position and warned of possible fines totalling up to $50.5 million. From a report: The Korea Communications Commission (KCC) said in a statement that the two tech giants forced app developers into specific payment methods and caused unfair delay in app review. The KCC is notifying the companies for corrective action, and will deliberate on the fines, the statement said. "What KCC has shared today is the pre-notice and we will carefully review and submit our response. Once the final written decision is shared with us we will carefully review to evaluate the next course of action," Google said in a statement to Reuters. Apple also issued a statement, saying: "We disagree with the conclusions made by the KCC in their Examiner's Report, and believe the changes we have implemented to the App Store comply with the Telecommunications Business Act. As we have always done, we will continue to engage with the KCC to share our views."Read more of this story at Slashdot.

Google Japan's latest DIY project is for people who can't get keyboards off their heads. From a report: Google isn't making this product. Instead, the Gboard CAPS project is another of Google Japan's joke keyboard ideas, like the 5.25-foot-long, single-row Gboard Stick Version keyboard shown off last year, used to promote Google's Gboard app. However, Google Japan seemingly prototyped the keyboard in real life. Everything you need to make this typing topper, including the firmware and hardware, is open source and available on GitHub. How do you type with the hat? It has a 6-axis sensor that reads its position. Turn the hat to select a character and press its top to enter. It pairs via Bluetooth, runs on a 3.7V, 120mAh battery, and charges via USB-C.Read more of this story at Slashdot.

OpenAI, the company behind ChatGPT, is exploring making its own AI chips and has gone as far as evaluating a potential acquisition target, Reuters reported Friday, citing people familiar with the company's plans. From the report: The company has not yet decided to move ahead, according to recent internal discussions described to Reuters. However, since at least last year it discussed various options to solve the shortage of expensive AI chips that OpenAI relies on, according to people familiar with the matter. These options have included building its own AI chip, working more closely with other chipmakers including Nvidia and also diversifying its suppliers beyond Nvidia. CEO Sam Altman has made the acquisition of more AI chips a top priority for the company. He has publicly complained about the scarcity of graphics processing units, a market dominated by Nvidia, which controls more than 80% of the global market for the chips best suited to run AI applications. The effort to get more chips is tied to two major concerns Altman has identified: a shortage of the advanced processors that power OpenAI's software and the "eye-watering" costs associated with running the hardware necessary to power its efforts and products.Read more of this story at Slashdot.

The Biden administration has urged the FCC to adopt strong rules to redress historic shortfalls that have left some communities lacking adequate broadband service. From a report: The position sets up a possible clash with large broadband providers that have warned the FCC, which is set to produce rules by next month, against unnecessary regulations. Clear rules are needed to close the digital divide that leaves millions without adequate broadband, the National Telecommunications and Information Administration said in a statement. The Commerce Department unit advises the president and develops internet policy. "Strong rules are needed to remedy unequal access to internet service, no matter what the cause may be," said Alan Davidson, the assistant secretary of commerce for communications and information, who is also the NTIA's top official. "Rules that combat digital discrimination will bring lasting relief to vulnerable communities that historically have been left behind online." The FCC is considering regulations to prevent and eliminate digital discrimination of access based on income level, race and other factors, according to Chairwoman Jessica Rosenworcel. Broadband advocates have told the agency they want deep changes that will steer spending into cities. Some urban neighborhoods have suffered from disinvestment dating back to redlining decades ago, when government-aided discriminatory lending patterns starved neighborhoods of housing resources. Many of those areas still aren't prosperous, and haven't seen network upgrades.Read more of this story at Slashdot.

An anonymous reader quotes a report from Reuters: MGM Resorts International said on Thursday a cyberattack last month that disrupted its operations would cause a $100 million hit to its third-quarter results, as it works to restore its systems. One of the world's largest gambling firms, MGM shut down its systems after detecting the attack to contain damage, it said. It expects to also incur less than $10 million as a related one-time cost in the quarter ended on Sept. 30. After the attack last month, customers posted social media images showing slot machines with error messages and queues at hotels in Las Vegas. A hacking group named AlphV claimed it was involved in the breach. Sources earlier told Reuters AlphV worked with another outfit named Scattered Spider to break into MGM systems and steal data to hold for extortion. MGM has declined to comment on whether it was asked for or paid any ransom. The private data of customers who used MGM services before March 2019, including contact information, gender, date of birth and driver's license numbers, was breached, the company said. "We also believe a more limited number of Social Security numbers and passport numbers were obtained," it said. "We have no evidence that the criminal actors have used this data to commit identity theft or account fraud." [...] The company expects the breach will have a negative impact of about $100 million to its adjusted property core profit for its Las Vegas Strip division, and expects total occupancy of 93% this October versus 94% in the same month a year ago. "Virtually all of the Company's guest-facing systems have been restored," it said, adding that it expects no impact on its full-year results from the breach. MGM said it is "well-positioned" to have a strong fourth quarter with record results in November, driven mainly by a Formula One racing event slated to take place in Las Vegas.Read more of this story at Slashdot.

Andrew Cunningham writes via Ars Technica: If you or your employer uses Microsoft Teams for communication, good news: Microsoft is releasing a fully rewritten version today for Windows PCs and Macs that promises to run faster while using fewer system resources. A preview of this app was originally released for Windows in March, but the final release covers all types of Teams instances, re-adds support for features like breakout rooms and third-party app support, and supports macOS. The new Teams app is notable for improved performance and reduced disk space usage, especially when running on Windows PCs. Microsoft says that the reformulated version of Teams is "up to two times faster while using 50 percent less memory" on Windows systems. That sound you hear is old and underspecced work PCs in offices around the world breathing a sigh of relief. Microsoft credits its Edge WebView2 backend with helping improve performance and reduce disk usage on Windows. That's possible partly because WebView2 can use many of the same system files and the same runtime as the Edge browser built into Windows 10 and Windows 11. The older Teams app used the Electron framework, also used by communication apps like Slack and Discord. Though Electron and WebView2 are based on the Chromium browser engine, each Electron app includes its own self-contained version of the browser files, which all must be stored and updated separately.Read more of this story at Slashdot.

Jonathan Josephs & Antoinette Radford reporting via the BBC: Nasa astronauts will be flying in style, with luxury fashion designer Prada helping design space suits for the 2025 moon mission. The Italian fashion house will work to design the suits alongside another private company, Axiom Space. In a press release, Axiom said Prada would bring expertise with materials and manufacturing to the project. One astronaut told the BBC he thought Prada was up to the challenge due to their design experience. That experience has been built not only on the catwalks of Milan but also through Prada's involvement in the America's Cup sailing competition. "Prada has considerable experience with various types of composite fabrics and may actually be able to make some real technical contributions to the outer layers of the new space suit," according to Professor Jeffrey Hoffman, who flew five Nasa missions and has carried out four spacewalks. But, he said people should not expect to see astronauts in "paisley spacesuits or any fancy patterns like that. Maintaining a good thermal environment is really the critical thing". "A spacesuit is really like a miniature spacecraft. It has to provide pressure, oxygen, keep you at a reasonable temperature," he added.Read more of this story at Slashdot.

An anonymous reader quotes a report from the Financial Times: Belgium's intelligence service has been monitoring Alibaba's main logistics hub in Europe for espionage following suspicions Beijing has been exploiting its growing economic presence in the west. European governments have been increasing scrutiny of the alleged security and economic risks posed by Chinese companies, which has been part of a wider reassessment of the EU's traditional openness to trade with China. In specific reference to Alibaba's logistics arm at the cargo airport in Liege, Belgium's security services told the Financial Times they were working to detect "possible espionage and/or interference activities" carried out by Chinese entities "including Alibaba". Alibaba, which denies any wrongdoing, signed an agreement with Belgium in 2018 to open the hub in Liege, Europe's fifth-largest cargo airport, ploughing 100 million euros of investment into the ailing economy of the French-speaking Walloon region. But almost two years on from the site being opened, the Belgian State Security Service (VSSE) has continued monitoring Alibaba's operations following intelligence assessments, said people familiar with the matter. One area of scrutiny includes the introduction of software systems that collate sensitive economic information. The security service said the presence of Alibaba "constitutes a point of attention for the VSSE" because of legislation forcing Chinese companies to share their data with Chinese authorities and intelligence services. "China has the intent and capacity to use this data for non-commercial purposes," the agency said. Concerns about potential espionage at the site were first raised before the hub was built, including in the Belgian parliament. At the time China strongly denied the "unprovoked insinuations" over exaggerated "so-called security risks of Chinese companies." The VSSE's statement to the FT indicate its concerns over espionage still remain after the opening of the hub. [...] The main concern is that this platform, alongside a couple of other logistical platforms that the Chinese have been proposing to European countries, is giving them a lot of insights into supply chains and into eventual vulnerabilities," said Jonathan Holslag, a professor at the Vrije Universiteit Brussel. According to a person familiar with Alibaba's relations to China's government, the logistics centers are expected to pass on information about local sentiment and report data about European trade and logistics to Beijing's authorities. "The site in Liege is the only European logistics center run by Alibaba's logistics spin-off Cainiao," reports the FT. The company is reportedly able to access data about merchants, products, transport details and flows. It may also be able to access information about final customers.Read more of this story at Slashdot.

Slash_Account_Dot shares a report from 404 Media, written by Joseph Cox: In a bombshell report, an oversight body for the Department of Homeland Security (DHS) found that Immigration and Customs Enforcement (ICE), Customs and Border Enforcement (CBP), and the Secret Service all broke the law while using location data harvested from ordinary apps installed on smartphones. In one instance, a CBP official also inappropriately used the technology to track the location of coworkers with no investigative purpose. For years U.S. government agencies have been buying access to location data through commercial vendors, a practice which critics say skirts the Fourth Amendment requirement of a warrant. During that time, the agencies have typically refused to publicly explain the legal basis on which they based their purchase and use of the data. Now, the report shows that three of the main customers of commercial location data broke the law while doing so, and didn't have any supervisory review to ensure proper use of the technology. The report also recommends that ICE stop all use of such data until it obtains the necessary approvals, a request that ICE has refused. The report, titled "CBP, ICE, and Secret Service Did Not Adhere to Privacy Policies or Develop Sufficient Policies Before Procuring and Using Commercial Telemetry Data," is dated September 28, 2023, and comes from Joseph V. Cuffari, the Inspector General for DHS. The report was originally marked as "law enforcement sensitive," but the Inspector General has now released it publicly.Read more of this story at Slashdot.

At CES 2023, a startup called Displace introduced their "truly wireless" TV with swappable batteries and a vacuum suction system that can keep the display adhered to walls without traditional mounting. To address concerns about what would happen when those batteries become depleted or when the wall/surface the TV is mounted to cracks, Displace says it has designed a built-in landing gear safety system to protect the $3,000 wireless TV. The Verge reports: Here, friends, is where Displace's "self-lowering landing gear technology" comes in. And I'm just going to quote directly from the press release so you can get the full rundown on how it supposedly works: "Sensors within the Displace TV constantly measure the battery level and pressure in the vacuum suction system, analyze the wall's surface, and check leakage on the vacuum pumps. If the vacuum pumps are in danger of not maintaining a seal or the wall's integrity falters, the Displace TV automatically deploys four quick adhesives for stability and initiates a self-lowering landing gear system. The adhesives work as anchor points, as the Displace TV begins to lower itself gently on a zipline (from as high as 10 feet) and deploys a reusable foam at the bottom to protect the TV screen." When a problem is detected, the Displace attaches an adhesive frame onto the wall and begins lowering the display to the floor (with rope) from that frame. As all of this is happening, the TV generates a lot of sound and even flashing lights in an attempt to keep the area clear of children or animals. Once it's safely on the ground, you can pull the frame off the wall and reinsert it into the back of the TV. [...] The self-landing technology works at heights of up to 10 feet. When you're ready to put the TV back in its place, you just push the foam feet back into the TV, replace the adhesive tapes, and that's it. You can watch a demo of the safety system on YouTube.Read more of this story at Slashdot.

James Hunt reports via The Block: A group of FTX U.S.-based employees stumbled across a backdoor for its affiliated trading firm Alameda Research months before the crypto exchange collapsed in Nov. 2022, the Wall Street Journal reported, citing people familiar with the matter. The backdoor allowed Alameda to have a negative balance of up to $65 billion using customer funds, according to previous court filings revealing code buried in FTX's systems. Negative balances were not possible for other FTX users, who would be automatically liquidated if they fell into the red. The employees reportedly alerted their division boss to the discovery, who discussed it with former FTX CEO Sam Bankman Fried's lieutenant Nishad Singh, but the issue was never resolved. Instead, the leader of the team who raised the concern was sacked, the WSJ said. [...] The backdoor forms a key part of the prosecution's case in Bankman-Fried's trial. Bankman-Fried faces multiple fraud charges and could serve decades in prison. He pleaded not guilty to all charges.Read more of this story at Slashdot.

An anonymous reader quotes a report from TechCrunch: Following preliminary objections over Google's data terms, set out back in January by Germany's antitrust watchdog, the tech giant has agreed to make changes that will give users a better choice over its use of their information, the country's Federal Cartel Office (FCO) said today. The commitments cover situations where Google would like to combine personal data from one Google service with personal data from other Google or non-Google sources or cross-use these data in Google services that are provided separately, per the authority. Per the FCO decision document (PDF): "The Commitments cover in principle all services operated by Google and directed to end users in Germany with more than one million monthly active users (MAU) in Germany [and Android Automotive whether it meets that threshold or not]." But, as we report below, Google's core platform services designated under the EU's DMA are not covered -- nor is Fitbit, which the document notes is already subject to "far-reaching obligations regarding the cross-service processing of health and wellness data" as a result of EU merger control. [...] Per the FCO decision document, the implementation date (in principle) for Google's commitments is September 30, 2024 - with an earlier date of March 6, 2024 for commitments covering Google Assistant and Contacts. But the FCO notes that it may provide Google with an extension upon "substantiated request". Once implemented, the commitments will have a five year duration from their start date. The document also notes that if, in the future, a Google service falls out of the DMA designation as a core platform service and meets the FCO usage threshold then these local commitments will be applied to it. The converse will also apply; meaning if the European Commission designates one of the Google services covered by this commitments to the DMA list of core platform services it would no longer fall under this arrangement. Gmail is an interesting example here as the EU recently accepted Google's arguments to exclude the web mail service from the DMA list of core platform services -- but the tech giant is facing future restrictions on how it can use Gmail users' data under the FCO commitments (even if these will only apply in Germany). Commenting in a statement, Andreas Mundt, president of the Bundeskartellamt, said: "Data are key for many business models used by large digital companies. The market power of large digital companies is based on the collection, processing and combination of data. Google's competitors do not have these data and are thus faced with serious competitive disadvantages. In the future users of Google services will have a much better choice as to what happens to their data, how Google can use them and whether their data may be used across services. This not only protects the users' right to determine the use of their data but also curbs Google's data-driven market power. Large digital companies offer a wide range of different digital services. Without the users' free and informed consent the data from Google's services and third-party services can no longer be cross-used in separate services offered by Google or even be combined. We have made sure that Google will provide a separate choice option in the future."Read more of this story at Slashdot.

Hyundai and Kia said on Thursday that they will adopt Tesla's electric vehicle charging technology in the United States. Reuters reports: Joining their global peers, including Ford Motor, General Motors and Nissan in adopting Tesla's North American Charging Standard (NACS), Hyundai's and Kia's moves take the Elon Musk-led company's superchargers closer to becoming the industry standard at the expense of the rival Combined Charging System (CCS). Hyundai and Kia's new EVs will come with a NACS port, starting in the fourth quarter of 2024 in the United States, the companies said. However, in Canada, Hyundai EVs equipped with the NACS port would be available in the first half of 2025, while Kia's EVs with the technology by the end of 2024. The move gives Hyundai and Kia EVs with NACS ports access to more than 12,000 Tesla Superchargers across the United States, Canada, and Mexico, the companies said. The South Korean automakers also said that they would offer adapters to owners of existing and future Hyundai and Kia EVs with the current CCS giving them access to Tesla's Supercharging Network in the first quarter of 2025.Read more of this story at Slashdot.

Paul Kunert writes via The Register: Talking on stage at the Canalys EMEA Forum 2023, Luca Rossi, senior vice resident at Lenovo and president of its Intelligent Devices Group, said the company has committed to a net zero emission policy by 2050, and analyzing the components used in its hardware is part of the equation. "On repairability, we have a plan that by 2025 more than 80 percent of the repair parts will be repaired again so that they they enter into the circular economy to reduce the impact to the environment." He added: "More than 80 percent of our devices will be able to be repaired at the customer, by the customer or by the channel and we are enabling this with a design for serviceability kind of approach." This means that "batteries, SSD, many things, will not any longer be sealed into the product but will be available for the customer to be to repaired on site and then save a lot of waste."Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: Within the past year, there have been approximately five times more school shooting hoaxes called in to police than actual school shootings reported in 2023. Where data from Everytown showed "at least 103 incidents of gunfire on school grounds" in 2023, The Washington Post recently uncovered what seems to be a coordinated campaign of active shooter hoaxes causing "swattings" -- where police respond with extreme force to fake crimes -- at more than 500 schools nationwide over the past year. In just one day in February, "more than 30 schools were targeted," The Post reported. The Post "examined police reports, emergency call recordings, body-camera footage, or call logs in connection with incidents in 24 states," which seemed to reveal a "distinct pattern" potentially linking swatting hoaxes nationwide. A man who "speaks with a heavy accent" -- and possibly uses a device or app to alter his voice in real time -- relies on a virtual private network (VPN) to mask his IP address, then places the hoax calls on non-emergency lines using free Internet-calling services. He frequently pretends to be a teacher hiding from the fake shooter on campus and sometimes falsely reports student shootings. To some law enforcement officials, the voice sounds too similar from call to call to be chalked up to coincidence. The Post stitched together audio that shows why many authorities believe these hoax calls might be coming from the same caller, whose motivations are currently unknown. It's possible the hoax calls are being orchestrated by one person with a hostile compulsion or by one or several perpetrators advertising swatting services available for hire online. [...] According to The Post, the FBI has been investigating this string of school shooting hoaxes, but it's unclear how far that investigation has gotten -- mostly because tracing the hoax calls has perplexed many law enforcement agencies nationwide. Tracing calls is difficult partly because many VPN providers outside the US don't always cooperate with law enforcement, and some of the most popular free Internet-calling services only require an email address to sign up. However, The Post reported that it has increasingly become clear to law enforcement that one particular Internet-calling service appears to be the most popular choice for hoax callers reporting school shootings: TextNow. One police captain in Lousiana, Shannon Mack -- who is described as specializing in "cases involving Internet-based phone services -- told The Post that "nine times out of 10," hoax calls she has investigated have come from a TextNow number.Read more of this story at Slashdot.

Microsoft has released patches to fix zero-day vulnerabilities in two popular open source libraries that affect several Microsoft products, including Skype, Teams and its Edge browser. But Microsoft won't say if those zero-days were exploited to target its products, or if the company knows either way. From a report: The two vulnerabilities -- known as zero-days because developers had no advance notice to fix the bugs -- were discovered last month, and both bugs have been actively exploited to target individuals with spyware, according to researchers at Google and Citizen Lab. The bugs were discovered in two common open source libraries, webp and libvpx, which are widely integrated into browsers, apps and phones to process images and videos. The ubiquity of these libraries coupled with a warning from security researchers that the bugs were abused to plant spyware prompted a rush by tech companies, phone makers and app developers to update the vulnerable libraries in their products. In a brief statement Monday, Microsoft said it had rolled out fixes addressing the two vulnerabilities in the webp and libvpx libraries which it had integrated into its products, and acknowledged that exploits exist for both vulnerabilities. When reached for comment, a Microsoft spokesperson declined to say if its products had been exploited in the wild, or if the company has the ability to know. Security researchers at Citizen Lab said in early September that they had discovered evidence that NSO Group customers, using the company's Pegasus spyware, had exploited a vulnerability found in the software of an up-to-date and fully patched iPhone.Read more of this story at Slashdot.

A parallel acquisition system -- buying needed apps by monthly or yearly subscription to meet changing mission requirements -- could improve deterrence by complicating an enemy's war planning, Lockheed Martin's top executive suggested Wednesday. From a report: Jim Taiclet, Lockheed's CEO, said the idea behind this approach is similar to allowing a customer to buy a 5G phone in Seoul and have it operate with new applications as needed in Washington. Although "digital insertion" in this manner "hasn't caught on yet" inside the Pentagon, across the tech industry or the broad industrial base, Taiclet said it has the potential "to move that deterrence goal post every three to six months."Traditionally, the Defense Department and defense industry think in big contracts for platforms that take years to design, build and manufacture and service. Taiclet, however, sees large defense contractors such as Lockheed Martin as a bridge from the subscription-based tech sector to the big-contract Pentagon acquisition process. "We have to get our expertise together." He added this approach "is starting to get some traction" among large investors in the tech sector.Read more of this story at Slashdot.

samleecole writes: Tickets for rapper Travis Scott's upcoming tour sold out fast. Check StubHub right now, however, and you can find thousands of tickets to "sold out" shows in many cities for between $10 and $20, far below the face value for his cheapest tickets at $61.50 before fees when they first went on sale. In ticket reseller lingo, Scott's tour is a "bloodbath," the result of overzealous brokers and noobs "overbuying" tickets based on a miscalculation of the likely value of his tickets on the secondary market. Many brokers now stand to lose a lot of money on Scott's shows. At least part of this buying frenzy was fueled by a bet placed by PFS Buyers Club, a credit card maxing site I wrote about earlier this week that has recently pivoted from buying rare coins to buying concert tickets. PFS told its members to buy as many tickets to Scott's shows as possible, according to emails viewed by 404 Media. PFS itself stands to lose more than $1 million on Travis Scott alone when all is said and done, it told members. The entire situation, which has become a complicated mess, sheds light on a little-known segment of the ticket broker industry, where resellers partner with credit card "buyers clubs" to obtain tickets. The fiasco also highlights the risks associated with ticket reselling and shows how Ticketmaster profits from the secondary market, helping it sell out artists even before their ability to sell out venues is guaranteed, and passing that risk on to resellers.Read more of this story at Slashdot.

The global average temperature for September broke records by such an absurd margin that climate experts are struggling to describe the phenomenon. From a report: "This month was -- in my professional opinion as a climate scientist -- absolutely gobsmackingly bananas," Zeke Hausfather, a researcher with Berkeley Earth, said on the social media platforms Bluesky and X. The numbers are stark. September 2023 beat the previous record for the month, set in 2020, by 0.5C (0.9F), according to data sets maintained by the Japan Meteorological Agency and the EU's Copernicus Climate Change Service. The temperature anomaly for the month was roughly 1.7C above pre-industrial levels, which is above the symbolic 1.5C mark set as the stretch goal in the Paris Agreement. "We've never really seen a jump anything quite of this magnitude," Hausfather said. "Half a degree C is analogous to slightly less than half of all the warming we've seen from pre-industrial [temperatures]." Carbon dioxide emissions from burning fossil fuels are the main driver of rising temperatures. The global average temperature this year has also seen a boost from El Nino, a natural climate shift in the Pacific. Other factors may also be pushing temperatures up incrementally, such as a decline in cooling aerosol pollution from ships. Hausfather said next September may be unlikely to have all the same compounding factors, and consequently may be not as extreme. But either way, he described September 2023 as a "sneak peek" of what the back-to-school month may feel like in a decade as climate change pushes temperatures higher.Read more of this story at Slashdot.

theodp writes: With Microsoft President Satya Nadella testifying in the Google antitrust trial that the tech titans are engaged in a Generative AI Gold Rush, it's no surprise to learn that tech giant-backed and advised nonprofit Code.org has chosen "Creativity with AI" as the theme for this December's Hour of Code, the annual global event that aims to whet K-12 schoolchildren's appetite for rigorous computer science. "We're taking Hour of Code to new heights with 'Hour of Code: Creativity with AI'," explained Code.org. "Whether it's coding new apps and algorithms, generating unique art, or crafting choreography to get us dancing, AI is opening up fresh opportunities for digital expression that expand our understanding of creativity. What's new? Did you catch that reference to 'dancing'? That's right: Code.org's Dance Party [a 'CS lesson' developed in partnership with the 'childhood to career' Amazon Future Engineer program] will be better than ever this year! Coming soon, this Hour of Code activity will use generative AI to help students add awesome backgrounds and visuals to the dance parties they build with code."Read more of this story at Slashdot.

An algorithm that takes just seconds to scan a paper for duplicated images racks up more suspicious images than a person. Nature: Scientific-image sleuth Sholto David blogs about image manipulation in research papers, a pastime that has exposed him to many accounts of scientific fraud. But other scientists "are still a little bit in the dark about the extent of the problem," David says. He decided he needed some data. The independent biologist in Pontypridd, UK, spent the best part of several months poring over hundreds of papers in one journal, looking for any with duplicated images. Then he ran the same papers through an artificial-intelligence (AI) tool. Working at two to three times David's speed, the software found almost all of the 63 suspect papers that he had identified -- and 41 that he'd missed. David described the exercise last month in a preprint, one of the first published comparisons of human versus machine for finding doctored images. The findings come as academic publishers reckon with the problem of image manipulation in scientific papers. In a 2016 study, renowned image-forensics specialist Elisabeth Bik, based in San Francisco, California, and her colleagues reported that almost 4% of papers she had visually scanned in 40 biomedical-science journals contained inappropriately duplicated images. Not all image manipulation is done with nefarious intent. Authors might tinker with images by accident, for aesthetic reasons or to make a figure more understandable. But journals and others would like to catch images with alterations that cross the line, whatever the authors' motivation. And now they are turning to AI for help. Some 200 universities, publishers and scientific societies already rely on Imagetwin, the tool that David used for his study. The software compares images in a paper with more than 25 million images from other publications -- the largest such database in the image-integrity world, according to Imagetwin's developers. Bik has been using Imagetwin regularly to supplement her own skills and calls it her "standard tool," although she emphasizes that the AI has weaknesses as well as strengths -- for instance, it can miss duplications in images with low contrast.Read more of this story at Slashdot.

A week after laying off almost 900 employees, Epic Games has said that it's increasing the price to use Unreal Engine -- just not for the game development community. From a report: The news came from Epic Games CEO Tim Sweeney himself in a presentation at Unreal Fest 2023. In a video captured by Fortnite Creative developer Immature, Sweeney explains that developers using Unreal Engine in the film, TV, automotive, and other industries can expect to start paying a per-seat licensing fee. He claimed that the pricing model will not be "unusually expensive or unusually inexpensive," and that its pricing structure will be similar to subscription services like Maya or Photoshop. Sweeney said he wanted to announce these changes now in the name of "transparency." He also shed some light on the business decisions that led to the company making unexpectedly significant business shifts in the last week. Apparently Epic Games began running into "financial problems" about 10 weeks ago, meaning that the company was facing some sort of financial downturn from late July through September. Evidently, all of Epic Games' business had been "heavily funded by Fortnite" in the last six years, and different parts of the company became "disconnected" from their revenue streams. It adds some context to previous comments made by Sweeney about the impact of declined Fortnite revenue -- if the company's signature game had started to not turn a profit, other parts of Epic Games may not have easily been able to make up for declining revenue.Read more of this story at Slashdot.

samleecole writes: 4chan users are coordinating a posting campaign where they use Microsoft Bing's AI text-to-image generator to create racist images that they can then post across the internet. The news shows how users are able to manipulate free to access, easy to use AI tools to quickly flood the internet with racist garbage, even when those tools are allegedly strictly moderated. "We're making propaganda for fun. Join us, it's comfy," the 4chan thread instructs. "MAKE, EDIT, SHARE." A visual guide hosted on Imgur that's linked in that post instructs users to use AI image generators, edit them to add captions that make them seem like political campaigns, and post them to social media sites, specifically Telegram, Twitter, and Instagram. 404 Media has also seen these images shared on a TikTok account that has since been removed. People being racist is not a technological problem. But we should pay attention to the fact that technology is "to borrow a programming concept" 10x'ing racist posters, allowing them to create more sophisticated content more quickly in a way we have not seen online before. Perhaps more importantly, they are doing so with tools that are allegedly "safe" and moderated so strictly, to a point where they will not generate completely harmless images of Julius Caesar. This means we are currently getting the worst of both worlds from Bing, an AI tool that will refuse to generate a nipple but is supercharging 4chan racists.Read more of this story at Slashdot.