Slashdot

New submitter ole_timer shares a report from Wired: TikTok to Huawei routers to DJI drones, rising tensions between China and the US have made Americans -- and the US government -- increasingly wary of Chinese-owned technologies. But thanks to the complexity of the hardware supply chain, encryption chips sold by the subsidiary of a company specifically flagged in warnings from the US Department of Commerce for its ties to the Chinese military have found their way into the storage hardware of military and intelligence networks across the West. In July of 2021, the Commerce Department's Bureau of Industry and Security added the Hangzhou, China-based encryption chip manufacturer Hualan Microelectronics, also known as Sage Microelectronics, to its so-called "Entity List," a vaguely named trade restrictions list that highlights companies "acting contrary to the foreign policy interests of the United States." Specifically, the bureau noted that Hualan had been added to the list for "acquiring and ... attempting to acquire US-origin items in support of military modernization for [China's] People's Liberation Army." Yet nearly two years later, Hualan -- and in particular its subsidiary known as Initio, a company originally headquartered in Taiwan that it acquired in 2016 -- still supplies encryption microcontroller chips to Western manufacturers of encrypted hard drives, including several that list as customers on their websites Western governments' aerospace, military, and intelligence agencies: NASA, NATO, and the US and UK militaries. Federal procurement records show that US government agencies from the Federal Aviation Administration to the Drug Enforcement Administration to the US Navy have bought encrypted hard drives that use the chips, too. The disconnect between the Commerce Department's warnings and Western government customers means that chips sold by Hualan's subsidiary have ended up deep inside sensitive Western information networks, perhaps due to the ambiguity of their Initio branding and its Taiwanese origin prior to 2016. The chip vendor's Chinese ownership has raised fears among security researchers and China-focused national security analysts that they could have a hidden backdoor that would allow China's government to stealthily decrypt Western agencies' secrets. And while no such backdoor has been found, security researchers warn that if one did exist, it would be virtually impossible to detect it. "If a company is on the Entity List with a specific warning like this one, it's because the US government says this company is actively supporting another country's military development," says Dakota Cary, a China-focused research fellow at the Atlantic Council, a Washington, DC-based think tank. "It's saying you should not be purchasing from them, not just because the money you're spending is going to a company that will use those proceeds in the furtherance of another country's military objectives, but because you can't trust the product." [...] The mere fact that so many Western government agencies are buying products that include chips sold by the subsidiary of a company on the Commerce Department's trade restrictions list points to the complexities of navigating the computing hardware supply chain, says the Atlantic Council's Cary. "At minimum, it's a real oversight. Organizations that should be prioritizing this level of security are apparently not able to do so, or are making mistakes that have allowed for these products to get into their environments," he says. "It seems very significant. And it's probably not a one-off mistake."Read more of this story at Slashdot.

Cybersecurity experts at CyberCX have demonstrated a simple method for consistently accessing older BIOS-locked laptops by shorting pins on the EEPROM chip with a screwdriver, enabling full access to the BIOS settings and bypassing the password. Tom's Hardware reports: Before we go further, it is worth pointing out that CyberCX's BIOS password bypass demonstration was done on several Lenovo laptops that it had retired from service. The blog shows that the easily reproducible bypass is viable on the Lenovo ThinkPad L440 (launched Q4 2013) and the Lenovo ThinkPad X230 (launched Q3 2012). Other laptop and desktop models and brands that have a separate EEPROM chip where passwords are stored may be similarly vulnerable. [...] From reading various documentation and research articles, CyberCX knew that it needed to follow the following process on its BIOS-locked Lenovo laptops: Locate the correct EEPROM chip; Locate the SCL and SDA pins; and Short the SCL and SDA pins at the right time. Checking likely looking chips on the mainboard and looking up series numbers eventually lead to being able to target the correct EEPROM. In the case of the ThinkPad L440, the chip is marked L08-1 X (this may not always be the case). An embedded video in the CyberCX blog post shows just how easy this 'hack' is to do. Shorting the L08-1 X chip pins requires something as simple as a screwdriver tip being held between two of the chip legs. Then, once you enter the BIOS, you should find that all configuration options are open to be changed. There is said to be some timing needed, but the timing isn't so tight, so there is some latitude. You can watch the video for a bit of 'technique.' CyberCX includes some quite in-depth analysis of how its BIOS hack works and explains that you can't just short the EEPROM chips straight away as you turn the machine on (hence the need for timing). Some readers may be wondering about their own laptops or BIOS-locked machines they have seen on eBay and so on. CyberCX says that some modern machines with the BIOS and EEPROM packages in one Surface Mount Device (SMD) would be more difficult to hack in this way, requiring an "off-chip attack." The cyber security firm also says that some motherboard and system makers do indeed already use an integrated SMD. Those particularly worried about their data, rather than their system, should implement "full disk encryption [to] prevent an attacker from obtaining data from the laptop's drive," says the security outfit.Read more of this story at Slashdot.

The new Mac Studio started shipping to customers this week, giving product reviewers a chance to test Apple's "most capable chip ever." According to new benchmarks by YouTuber Luke Miani, the M2 Ultra features nearly double the GPU performance of last year's M1 Ultra, with notable performance improvements in other areas. 9to5Mac reports: While the M1 Max and M1 Ultra are blazing fast, the difference between the two wasn't as notable as some expected. In many tasks, the much cheaper M1 Max wasn't too far off from the top-end M1 Ultra variant, especially in video editing, photo editing, and 3D rendering. Despite the M1 Ultra literally being 2 M1 Max's fused, the performance was never doubled. For the M2 series, Apple has made some significant changes under the hood, especially in GPU scaling. In Luke's testing, he found that in some GPU heavy applications, like Blender 3D and 3DMark, the M2 Ultra was sometimes precisely twice the performance of M2 Max -- perfect GPU scaling! In Final Cut Pro exports, it nearly doubled again. He also found that the M2 Ultra doubled the GPU performance of the M1 Ultra in these same benchmarks -- a genuinely remarkable year-over-year upgrade. The reason for the massive performance improvement is that Apple added a memory controller chip to the M2 generation that balances the load between all of M2 Ultra's cores -- M1 Ultra required the ram to be maxed out before using all cores. M1 Ultra was very good at doing many tasks simultaneously but struggled to do one task, such as benchmarking or rendering, faster than the M1 Max. With M2 Ultra, because of this new memory controller, Apple can now achieve the same incredible performance without the memory buffer needing to be maxed out. It's important to note that some applications cannot take advantage of the M2 Ultra fully, and in non-optimized applications, you should not expect double the performance. Despite this incredible efficiency and performance, the better deal might be the M2 Max. In Luke's testing, the M2 Max performed very similarly or outperformed last year's M1 Ultra. In Blender, Final Cut Pro, 3DMark, and Rise of the Tomb Raider, the M2 Max consistently performed the same or better than the M1 Ultra. Instead of finding an M1 Ultra on eBay, it might be best to save money and get the M2 Max if you're planning on doing tasks that heavily utilize the GPU. While the GPU performance is similar, the M1 Ultra still has the advantage of far more CPU cores, and will outperform the M2 Max in CPU heavy workloads.Read more of this story at Slashdot.

Chinese President Xi Jinping met with Bill Gates to discuss the global rise of artificial intelligence, expressing his support for U.S. companies bringing their AI technology to China. Reuters reports: Xi also discussed Microsoft's business development in China during their meeting in Beijing, one of the sources said. The comments on AI made at the meeting between Xi and Gates were not disclosed in reports of the meeting published by Chinese state media or in a Friday post by Gates reflecting on his China trip. Xi has previously said China needs to seize opportunities to use AI to drive economic development, but has also cautioned about its risks, with the country weighing up a new law on the technology as well as rules for generative AI.Read more of this story at Slashdot.

An anonymous reader quotes a report from the BBC: iPhone maker Foxconn is betting big on electric cars and redrawing some of its supply chains as it navigates a new era of icy Washington-Beijing relations. In an exclusive interview, chairman and boss Young Liu told the BBC what the future may hold for the Taiwanese firm. He said even as Foxconn shifts some supply chains away from China, electric vehicles (EVs) are what will drive its growth in the coming decades. As US-China tensions soar, Mr Liu said, Foxconn must prepare for the worst. "We hope peace and stability will be something the leaders of these two countries will keep in mind," 67-year-old Mr Liu told us, in his offices in Taipei, Taiwan's capital. "But as a business, as a CEO, I have to think about what if the worst case happens?" The scenarios could include attempts by Beijing to blockade Taiwan, which it claims as part of China, or worse, to invade the self-ruled island. Mr Liu said "business continuity planning" was already under way, and pointed out that some production lines, particularly those linked to "national security products" were already being moved from China to Mexico and Vietnam. He was likely to be referring to servers Foxconn makes that are used in data centers, and can contain sensitive information. [...] Foxconn's hopes to capture about 5% of the global electric vehicle market in the next few years -- an ambitious target given the firm has only made a handful of models so far. But it is a gamble that Mr Liu is confident will pay off. "It doesn't make sense for you to make [EVs] in one place, so regionalized production for cars is very natural," he added. Foxconn car factories will be based in Ohio in the US, in Thailand, Indonesia and perhaps even in India, he said. For now, the company will keep focusing on what it does best -- making electronic products for clients. But perhaps not too far in the future, Foxconn will do the same for clients with electric cars. Either way, with the foray into electric cars, Foxconn is diversifying not just production but also supply lines -- both of which, Mr Liu believes, hold the key to the company's future.Read more of this story at Slashdot.

Microsoft says it is no longer making games for the Xbox One but will continue to support ongoing previous-generation titles like Minecraft and Halo Infinite. Engadget reports: "We've moved on to gen 9," Xbox Game Studios head Matt Booty told Axios, referring to the Xbox Series X/S consoles. The company also makes its games for PC. This move had to happen at some point to avoid newer and more complex games being hamstrung by the hardware limitations of the decade-old Xbox One. Still, it'll be possible for those clinging onto an Xbox One to play Series X/S titles such as Starfield and Forza Motorsport through Xbox Cloud Gaming. "That's how we're going to maintain support," Booty said. The move away from Xbox One will free Microsoft's teams from the shackles of the previous generation. However, some third-party developers have raised concerns that the Xbox Series S, which is less powerful than the Series X, is holding them back too. Booty conceded that making sure games run well on the Series S requires "more work." Still, he noted Microsoft's studios (particularly those working on their second games for this generation of consoles) are now able to better optimize their projects for the Series S.Read more of this story at Slashdot.

Daniel Ellsberg, a military analyst who leaked what came to be known as the Pentagon Papers, died on Friday at the age of 92. The cause was pancreatic cancer. The New York Times reports: The disclosure of the Pentagon Papers -- 7,000 government pages of damning revelations about deceptions by successive presidents who exceeded their authority, bypassed Congress and misled the American people -- plunged a nation that was already wounded and divided by the war deeper into angry controversy. It led to illegal countermeasures by the White House to discredit Mr. Ellsberg, halt leaks of government information and attack perceived political enemies, forming a constellation of crimes known as the Watergate scandal that led to the disgrace and resignation of President Richard M. Nixon. And it set up a First Amendment confrontation between the Nixon administration and The New York Times, whose publication of the papers was denounced by the government as an act of espionage that jeopardized national security. The U.S. Supreme Court upheld the freedom of the press. Mr. Ellsberg was charged with espionage, conspiracy and other crimes and tried in federal court in Los Angeles. But on the eve of jury deliberations, the judge threw out the case, citing government misconduct, including illegal wiretapping, a break-in at the office of Mr. Ellsberg's former psychiatrist and an offer by President Nixon to appoint the judge himself as director of the Federal Bureau of Investigation. "The demystification and de-sanctification of the president has begun," Mr. Ellsberg said after being released. "It's like the defrocking of the Wizard of Oz." The story of Daniel Ellsberg in many ways mirrored the American experience in Vietnam, which began in the 1950s as a struggle to contain communism in Indochina and ended in 1975 with humiliating defeat in a corrosive war that killed more than 58,000 Americans and millions of Vietnamese, Cambodians and Laotians. [...] Over the years, Ellsberg was mentioned on Slashdot several times. In late 2000, Ellsberg was mentioned in a story about Clinton's veto of what would have been a new law to prevent leaks of classified information. Ellsberg also expressed his support for WikiLeaks founder Julian Assange in 2010 and called Edward Snowden the "greatest patriot whistleblower of our time." He was also featured in a Slashdot story for his view on the growing role of internet companies in the public sphere. In 2011, Ellsberg said companies such as Google, Facebook, and Twitter need to take a stand and push back on excessive requests for personal data.Read more of this story at Slashdot.

An anonymous reader quotes a report from TechCrunch: Wargraphs, a one-man-band startup behind a popular companion app for League of Legends called Porofessor, which helps players track and improve their playing stats, is getting acquired for up to [$54 million], half up front and half based on meeting certain earnings and growth targets. MOBA Networks, a company founded out of Sweden that buys, grows and runs online gaming communities (MOBA is short for "multiplayer online battle arena"), is buying the startup and its existing products. The plan is to expand them to more markets, in particular across Asia, and to build analytics for more titles. I write "startup", but that might be with the loosest interpretation of the term. There is only a single employee, the mild-mannered Jean-Nicholas, and he has also entirely bootstrapped the business on his own. But that hasn't held him back. Wargraphs currently also builds analytics for Legends of Runeterra and Teamfight Tactics, but the League of Legends business has been its biggest it by far. Porofessor has had 10 million downloads of its app on Overwolf -- which is where Porofessor was built -- and more than 1.25 million daily active users if you combine traffic both from that platform and its own direct website. The company, such as it is, has been around for some 10 years, has pretty much always been profitable with revenues of 12.3 million euros in its last fiscal year. Jean-Nicholas told TechCrunch's Ingrid Lunden that he wants to build "a game" next. "Specifically, a card game that will compete against Hearthstone, coincidentally published by Activision Blizzard," writes Lunden. "He has no plans to raise outside funding for this, but he might hire an employee or two."Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: HP printers have received a lot of flak historically and recently for invasive firmware updates that end up preventing customers from using ink with their printers. HP also encourages printer customers to sign up for HP+, a program that includes a free ink-subscription trial and irremovable firmware that allows HP to brick the ink when it sees fit. Despite this, HP markets dozens of its printers with Dynamic Security and the optional HP+ feature as being in the Electronic Product Environmental Assessment Tool (EPEAT) registry, suggesting that these printers are built with the environment in mind and, more specifically, do not block third-party ink cartridges. Considering Dynamic Security and HP+ printers do exactly that, the International Imaging Technology Council (IITC) wants the General Electronics Council (GEC), which is in charge of the EPEAT registry, to revoke at least 101 HP printer models from the EPEAT registry, which HP has "made a mockery of." For a printer to make the EPEAT registry, it's supposed to comply with the EPEAT Imaging Equipment Category Criteria, which is based on the 1680.2-2012 IEEE Standard for Environmental Assessment of Imaging Equipment (PDF). The IITC is hung up on section 4.9.2.1, which requires that registered products do not "prevent the use of nonmanufacturer cartridges and non-manufacturer containers" and that vendors provide documentation showing that the device isn't "designed to prevent the use of a non-manufacturer cartridge or non-manufacturer container." Well, as the IITC and consumers who found their inked bricked mid-print will tell you, that sounds an awful lot like what HP does with its Dynamic Security printers. Diving deeper, the IITC's complaint claims that "in the last 8 weeks alone, HP has released 4 killer firmware updates targeting dozens of EPEAT-registered inkjet printers." "At least one of these recent updates specifically targeted a single producer of remanufactured cartridges while not having any impact on non-remanufactured third-party cartridges using functionally identical non-HP chips," the complaint reads. The trade group also claimed at least 26 "killer firmware updates" occurred on EPEAT-registered HP laser printers since October 2020. The complaint argues that the error message that users see -- "The indicated cartridges have been blocked by the printer firmware because they contain non-HP chips. This printer is intended to work only with new or reused cartridges that have a new or reused HP chip. Replace the indicated cartridges to continue printing" -- go against EPEAT requirements, yet HP markets dozens of Dynamic Security printers with EPEAT ecolabels. "The nonprofit trade association was founded in 2000 and says it represents 'toner and inkjet cartridge remanufacturers, component suppliers, and cartridge collectors in North America,'" notes Ars. "So its members stand to lose a lot of money from tactics like Dynamic Security. The IITC already filed a complaint to the GEC about HP in 2019 for firmware blocking non-HP ink, but there didn't seem to be any noticeable results." "The group is biased regarding this topic, but its complaint still mirrors many problems and concerns that consumers and class-action lawsuits have detailed regarding HP printers' exclusive stance on ink. You can find the full complaint here."Read more of this story at Slashdot.

Forty years ago, a young boy's review of "Return of the Jedi" on NPR's All Things Considered led to uproar from listeners, prompting an on-air apology from host Susan Stamberg for airing spoilers. NPR reports: This was part of the boy's review: "Han Solo and Luke Skywalker are about to go in the pit. And just as he was about to walk the plank, R2D2 fired a laser gun from his head, and Han catched it. And he blew up the whole ship. And the big guy -- the boss of the monsters -- well, he got choked and died." In fact, his review wasn't quite right. It was a lightsaber that R2D2 fired out, which Luke Skywalker caught. At the time, though, these plot details really rankled NPR listeners. So much so that the next day Stamberg issued an on-air apology. Well, sort of. Here's what she said: "Well, the comic book was a goof, but we certainly goofed last night. We goofed so badly that we changed our program before rebroadcasting it to the West Coast, which means that you West Coast listeners won't know what I'm talking about. But enough of you on the East Coast called to complain that we want to apologize publicly to everybody. Calls -- there were more phone calls on this one than we ever got in the middle of the hottest Middle East disputes. Calls -- there were more phone calls than Richard Gere would get if he listed his number. And all because last night on All Things Considered, we permitted a six-and-a-half-year-old boy to tell us everything -- and I mean everything -- about Return Of The Jedi. "You gave the plot away," you said. "I've been waiting for that movie for three years, and now you have ruined it for me. How could you do a thing like that?" Well, we are sorry. We're contrite, and we're fascinated. Usually you get angry when we get our facts wrong. This time we got them right, and you got angry. It's the difference between fact and fiction, of course, and the power of fantasy in our lives -- the need for mystery, for wonderful stories that spill themselves out for us. Of course, if they are wonderful enough -- this may be an excuse, but I doubt it -- if they're wonderful enough, they will come to us new, even though we've seen them a hundred times. That's why people keep going back to see Romeo And Juliet over and over again or The Wizard Of Oz. We know how they end but find great pleasure and nourishment watching them proceed to that ending. Two years from now, that's how we'll feel about the Return Of The Jedi. For now, though, our apologies -- we will not do that again. But listen, I have just seen the new Superman III, and Superman and Lois Lane..."Read more of this story at Slashdot.

After three years of upgrades, the gravitational-wave detector known as LIGO, or Laser Interferometer Gravitational-Wave Observatory, has resumed searching for colliding black holes and other cosmic cataclysms. "The improvements should allow the facility to pick up signals from colliding black holes every two to three days, compared with once a week or so during its previous run in 2019-20," reports Nature. From the report: The Virgo detector near Pisa, Italy, which has undergone its own $9-million upgrade, was meant to join in, but technical issues are forcing its team to extend its shutdown and perform further maintenance. "Our expectation is we'll be able to restart by the end of summer or early autumn," says Virgo spokesperson Gianluca Gemme, a physicist at Italy's National Institute for Nuclear Physics in Genoa. KAGRA, a gravitational-wave detector located under Mount Ikenoyama, Japan, is also restarting on 24 May. Its technology, although more advanced -- it was inaugurated in 2020 -- is being fine-tuned, and its sensitivity is still lower than LIGO's was in 2015. Principal investigator Takaaki Kajita, a Nobel Prize-winning physicist at the University of Tokyo, says that KAGRA will join LIGO's run for a month and then shut down again for another period of commissioning. At that point, the team will cool the interferometer's four main mirrors to 20 kelvin, Kajita says -- a feature that sets KAGRA apart from the other detectors that will serve as the model for next-generation observatories. In upgrades carried out before the 2019-20 run, LIGO and Virgo tackled some of this noise with a technique called light squeezing. This approach deals with inherent noise caused by the fact that light is made of individual particles: when the beams arrive at the sensor, each individual photon can arrive slightly too early or too late, which means that the laser waves don't overlap and cancel out perfectly even in the absence of gravitational waves. "It's like dropping a bucket of BBs [lead pellets]: it's going to make a loud hiss, but they all hit randomly," physicist Lee McCuller explained while showing a prototype of the LIGO interferometers at the Massachusetts Institute of Technology (MIT) in Cambridge. Light squeezing injects an auxiliary laser beam into the interferometer that reduces that effect. "Its photons arrive more regularly, with less noise," said McCuller, who is now at the California Institute of Technology in Pasadena.Read more of this story at Slashdot.

An anonymous reader quotes a report from The Guardian: Ten lighthouses that for generations have stood like sentinels along America's shorelines protecting mariners from peril and guiding them to safety are being given away at no cost or sold at auction by the federal government. The aim of the program run by the General Services Administration is to preserve the properties, most of which are more than a century old. The development of modern technology, including GPS, means lighthouses are no longer essential for navigation, said John Kelly of the GSA's office of real property disposition. And while the Coast Guard often maintains aids to navigation at or near lighthouses, the structures themselves are often no longer mission critical. Yet the public remains fascinated by the evocative beacons, which are popular tourist attractions, beloved local landmarks and the subject of countless photographers and artists, standing lonely but strong against tides and storms, day and night and flashing life-saving beams of light whatever the weather. "People really appreciate the heroic role of the solitary lighthouse keeper," he said, explaining their allure. "They were really the instruments to provide safe passage into some of these perilous harbors which afforded communities great opportunities for commerce, and they're often located in prominent locations that offer breathtaking views." The GSA has been transferring ownership of lighthouses since Congress passed the National Historic Lighthouse Preservation Act in 2000. About 150 lighthouses have been transferred, 80 or so given away and another 70 auctioned, raising more than $10m. This year, six lighthouses are being offered at no cost to federal, state or local government agencies, non-profits, educational organizations or other entities that are willing to maintain and preserve them and make them publicly available for educational, recreational or cultural purposes. [...] Some past lighthouse sales have ended up with them converted into private residences.Read more of this story at Slashdot.

Bitwarden, the popular open-source password management program, has launched Bitwarden Passwordless.dev, a developer toolkit for integrating FIDO2 WebAuthn-based passkeys into websites and applications. The New Stack reports: Bitwarden Passwordless.dev uses an easy-to-use application programming interface (API) to provide a simplified approach to implementing passkey-based authentication with your existing code. This enables developers to create seamless authentication experiences swiftly and efficiently. For example, you can use it to integrate with FIDO2 WebAuthn applications such as Face ID, fingerprint, and Windows Hello. Enterprises also face challenges in integrating passkey-based authentication into their existing applications. Another way Bitwarden Passwordless.dev addresses this issue is by including an admin console. This enables programmers to configure applications, manage user attributes, monitor passkey usage, deploy code, and get started instantly. "Passwordless authentication is rapidly gaining popularity due to its enhanced security and streamlined user login experience," said Michael Crandell, CEO of Bitwarden. "Bitwarden equips developers with the necessary tools and flexibility to implement passkey-based authentication swiftly and effortlessly, thereby improving user experiences while maintaining optimal security levels."Read more of this story at Slashdot.

According to investigative reporter Will Evans, Amazon recently backed out of a commitment to make 50% of its shipments net-zero carbon by 2030. "Amazon said (PDF) in a statement that it would roll this goal into a broader Climate Pledge to reach net-zero carbon across all its operations by 2040," reports Insider. "That's a decade later than the 50% goal, which was called 'Shipment Zero' at the time." From the report: "As we examined our work toward The Climate Pledge, we realized that it no longer made sense to have a separate and more narrow Shipment Zero goal that applied to only one part of our business, so we've decided to eliminate it," Amazon wrote in the statement. The investigative reporter Will Evans squeezed this information from Amazon and tweeted about it Thursday. Last year, Evans uncovered a study that said the company had drastically undercounted its carbon footprint. At the time, an Amazon spokesman reiterated the company's commitment to cutting emissions, including ordering a fleet of electric delivery vans and buying renewable energy for its electricity needs. Dropping the specific shipment pledge is noteworthy because Amazon's ecommerce operation relies on vast fleets of vehicles and aircraft to deliver packages to consumers quickly. Most of this activity chews up vast quantities of fossil fuels and spews out greenhouse gases. However, fast delivery is a key selling point for shoppers and the main reason millions subscribe to the company's Prime program. Amazon announced the Shipment Zero initiative in a blog a few years ago. The company has since deleted the post. However, through the magic of the Internet Archive's Wayback Machine, large corporations cannot rewrite online history. Here's a version of the blog.Read more of this story at Slashdot.

Google has been ordered to pay Sonos $32.5 million after a jury verdict found that Google's smart speakers and media players infringed on one of Sonos' patents. The Verge reports: The legal battle started in 2020 when Sonos accused Google of copying its patented multiroom audio technology after the companies partnered in 2013. Sonos went on to win its case at the US International Trade Commission, resulting in a limited import ban on some of the Google devices in question. Google has also had to pull some features from its lineup of smart speakers and smart displays. Last August, Google sued Sonos over allegations that the audio company infringed on Google's smart speakers and voice control technology. This most recent trial started earlier this month, with Google spokesperson Jose Castaneda telling Reuters at the time that the case pertains to "some very specific features that are not commonly used" and that Sonos "mischaracterized our partnership and technology." Neither Google nor Sonos immediately responded to The Verge's request for comment. Sonos didn't come out of the case completely victorious, however, as the jury decided that Google's Home app didn't infringe on a separate patent filed by Sonos. The judge also told jurors to "disregard a $90 million damages estimate from a Sonos expert witness, saying he had decided that some of the evidence provided was inadmissible," Law360 reports.Read more of this story at Slashdot.

An anonymous reader quotes a report from KrebsOnSecurity: The number of phishing websites tied to domain name registrar Freenom dropped precipitously in the months surrounding a recent lawsuit from social networking giant Meta, which alleged the free domain name provider has a long history of ignoring abuse complaints about phishing websites while monetizing traffic to those abusive domains. Freenom is the domain name registry service provider for five so-called "country code top level domains" (ccTLDs), including .cf for the Central African Republic; .ga for Gabon; .gq for Equatorial Guinea; .ml for Mali; and .tk for Tokelau. Freenom has always waived the registration fees for domains in these country-code domains, but the registrar also reserves the right to take back free domains at any time, and to divert traffic to other sites -- including adult websites. And there are countless reports from Freenom users who've seen free domains removed from their control and forwarded to other websites. By the time Meta initially filed its lawsuit in December 2022, Freenom was the source of well more than half of all new phishing domains coming from country-code top-level domains. Meta initially asked a court to seal its case against Freenom, but that request was denied. Meta withdrew its December 2022 lawsuit and re-filed it in March 2023. "The five ccTLDs to which Freenom provides its services are the TLDs of choice for cybercriminals because Freenom provides free domain name registration services and shields its customers' identity, even after being presented with evidence that the domain names are being used for illegal purposes," Meta's complaint charged. "Even after receiving notices of infringement or phishing by its customers, Freenom continues to license new infringing domain names to those same customers." Meta pointed to research from Interisle Consulting Group, which discovered in 2021 and again last year that the five ccTLDs operated by Freenom made up half of the Top Ten TLDs most abused by phishers. Interisle partner Dave Piscitello said something remarkable has happened in the months since the Meta lawsuit. "We've observed a significant decline in phishing domains reported in the Freenom commercialized ccTLDs in months surrounding the lawsuit," Piscitello wrote on Mastodon. "Responsible for over 60% of phishing domains reported in November 2022, Freenom's percentage has dropped to under 15%." Piscitello said it's too soon to tell the full impact of the Freenom lawsuit, noting that Interisle's sources of spam and phishing data all have different policies about when domains are removed from their block lists.Read more of this story at Slashdot.

The online stock-photo marketplace Shutterstock announced Tuesday it would acquire Giphy from Meta Platforms for $53 million, a significant loss for Meta, which acquired Giphy in 2020 for $315 million. From a report: The acquisition is an all-cash deal, and in an investor presentation, Shutterstock said it would maintain its full-year revenue guidance. The acquisition would add "minimal revenue in 2023," Shutterstock noted. The deal is expected to close in June. Shutterstock's shares rose nearly 2% in morning trading Tuesday. U.K.'s Competition and Markets Authority had ordered Meta to divest Giphy in 2022, citing potential anti-competitive effects. The CMA disclosed it was probing the deal in June 2020. Giphy, which is a platform for searching for and using animated images in messaging apps, was well-integrated into Meta's ecosystem, and had been an acquisition target for the social-media company years before Meta acquired it in 2020.Read more of this story at Slashdot.

Apple on Tuesday announced a new multiyear, multibillion-dollar agreement with Broadcom, a leading U.S. technology and advanced manufacturing company. From a report: Through this collaboration, Broadcom will develop 5G radio frequency components -- including FBAR filters -- and cutting-edge wireless connectivity components. The FBAR filters will be designed and built in several key American manufacturing and technology hubs, including Fort Collins, Colorado, where Broadcom has a major facility. "We're thrilled to make commitments that harness the ingenuity, creativity, and innovative spirit of American manufacturing," said Tim Cook, Apple's CEO. "All of Apple's products depend on technology engineered and built here in the United States, and we'll continue to deepen our investments in the U.S. economy because we have an unshakable belief in America's future." Apple already helps support more than 1,100 jobs in Broadcom's Fort Collins FBAR filter manufacturing facility, and the partnership will enable Broadcom to continue to invest in critical automation projects and upskilling with technicians and engineers. Across the country, Apple supports more than 2.7 million jobs through direct employment, developer jobs in the thriving iOS app economy, and spending with more than 9,000 U.S. suppliers and manufacturers of all sizes in all 50 states across dozens of sectors.Read more of this story at Slashdot.

Sundar Pichai, CEO of Google and Alphabet, writing at Financial Times: While some have tried to reduce this moment to just a competitive AI race, we see it as so much more than that. At Google, we've been bringing AI into our products and services for over a decade and making them available to our users. We care deeply about this. Yet, what matters even more is the race to build AI responsibly and make sure that as a society we get it right. We're approaching this in three ways. First, by boldly pursuing innovations to make AI more helpful to everyone. We're continuing to use AI to significantly improve our products -- from Google Search and Gmail to Android and Maps. These advances mean that drivers across Europe can now find more fuel-efficient routes; tens of thousands of Ukrainian refugees are helped to communicate in their new homes; flood forecasting tools are able to predict floods further in advance. Google DeepMind's work on AlphaFold, in collaboration with the European Molecular Biology Laboratory, resulted in a groundbreaking understanding of over 200mn catalogued proteins known to science, opening up new healthcare possibilities. Our focus is also on enabling others outside of our company to innovate with AI, whether through our cloud offerings and APIs, or with new initiatives like the Google for Startups Growth program, which supports European entrepreneurs using AI to benefit people's health and wellbeing. We're launching a social innovation fund on AI to help social enterprises solve some of Europe's most pressing challenges. Second, we are making sure we develop and deploy the technology responsibly, reflecting our deep commitment to earning the trust of our users. That's why we published AI principles in 2018, rooted in a belief that AI should be developed to benefit society while avoiding harmful applications. We have many examples of putting those principles into practice, such as building in guardrails to limit misuse of our Universal Translator. This experimental AI video dubbing service helps experts translate a speaker's voice and match their lip movements. It holds enormous potential for increasing learning comprehension but we know the risks it could pose in the hands of bad actors and so have made it accessible to authorised partners only. As AI evolves, so does our approach: this month we announced we'll provide ways to identify when we've used it to generate content in our services.Read more of this story at Slashdot.

According to Ars Technica, some SanDisk Extreme SSDs are wiping people's data. While SanDisk told Ars that a firmware fix is coming "soon," owners with 2TB drives are out of luck. From the report: An Ars reader tipped us (thanks!) to online discussions filled with panicked and disappointed users detailing experiences with recently purchased Extreme V2 and Extreme Pro V2 portable SSDs. Most users seemed to be using a 4TB model, but there were also complaints from owners of 2TB drives. Until now, there has been little public response from SanDisk, which has mostly referred online users to open a support ticket with SanDisk's technical support team. Questions about refunds have been left unanswered. When Ars contacted SanDisk about the issue, a company representative said: "Western Digital is aware of reports indicating some customers have experienced an issue with 4TB SanDisk Extreme and/or Extreme Pro portable SSDs (SDSSDE61-4T00 and SDSSDE81-4T00 respectively). We have resolved the issue and will publish a firmware update to our website soon. Customers with questions or who are experiencing issues should contact our Customer Support team for assistance." SanDisk didn't answer our questions about refunds, whether or not the firmware would address issues with the 2TB models, what caused the issue, or when exactly this firmware fix will come. Some Reddit users have suggested that SanDisk has dragged its feet on the monthlong saga, with ian__ claiming they needed to collect "data to prove to SanDisk that it actually is more than a fluke." SanDisk's brief response to Ars' questions fails to clarify what's been going on behind the scenes.Read more of this story at Slashdot.

The FBI misused surveillance powers granted by Section 702 of the Foreign Intelligence Surveillance Act (FISA) over 278,000 times between 2020 and early 2021 to conduct warrantless searches on George Floyd protesters, January 6 Capitol rioters, and donors to a congressional campaign, according to a newly unclassified court opinion. The Register reports: On Friday, the US Foreign Intelligence Surveillance Court made public a heavily redacted April 2022 opinion [PDF] that details hundreds of thousands of violations of Section 702 of the Foreign Intelligence Surveillance Act (FISA) -- the legislative instrument that allows warrantless snooping. The Feds were found to have abused the spy law in a "persistent and widespread" manner, according to the court, repeatedly failing to adequately justify the need to go through US citizens' communications using a law aimed at foreigners. The court opinion details FBI queries run on thousands of individuals between 2020 and early 2021. This includes 133 people arrested during the George Floyd protests and more than 19,000 donors to a congressional campaign. In the latter, "the analyst who ran the query advised that the campaign was a target of foreign influence, but NSD determined that only eight identifiers used in the query had sufficient ties to foreign influence activities to comply with the querying standard," the opinion says, referring to the Justice Department's National Security Division (NSD). In other words, there wasn't a strong enough foreign link to fully justify the communications search. For the Black Lives Matter protests, the division determined that the FBI queries "were not reasonably likely to retrieve foreign intelligence information or evidence of a crime." Again, an overreach of foreign surveillance powers. Additional "significant violations of the querying standard" occurred in searched related to the January 6, 2021 breach of the US Capitol, domestic drug and gang investigations, and domestic terrorism probes, according to the court. It's said that more than 23,000 queries were run on people suspected of storming the Capitol.Read more of this story at Slashdot.

Climate litigation poses a financial risk to fossil fuel companies because it lowers the share price of big polluters, research has found. From a report: A study to be published on Tuesday by LSE's Grantham Research Institute examines how the stock market reacts to news that a fresh climate lawsuit has been filed or a corporation has lost its case. The researchers hope their work will encourage lenders, financial regulators and governments to consider the effect of climate litigation when making investment decisions in a warmer future, and ultimately drive greener corporate behaviour. The study, which is currently being peer reviewed, analysed 108 climate crisis lawsuits around the world between 2005 and 2021 against 98 companies listed in the US and Europe. It found that the filing of a new case or a court decision against a company reduced its expected value by an average of 0.41%. The stock market responded most strongly in the days after cases against carbon majors, which include the world's largest energy, utility and materials firms, cutting the relative value of those companies by an average of 0.57% after a case was filed and by 1.5% after an unfavourable judgment. Although modest, the researchers conclude that the drop in the value of big polluters is statistically significant and therefore down to the legal challenges.Read more of this story at Slashdot.

An anonymous reader quotes a report from Agence France-Presse: The French government unveiled a plan on Monday to accelerate cuts to its greenhouse gas emissions, targeting a reduction of 50 percent by 2030 compared with 1990 levels. Unveiled by Prime Minister Elisabeth Borne, the roadmap includes detailed figures for reductions for individual sectors of the economy, ranging from the transport industry to households. The objectives -- from speeding up the transition to electric cars or switching freight from road to rivers -- are aimed at bringing France's ambitions for slashing carbon pollution into line with the EU's target for 2030. France has so far cut its emissions by 25 percent compared with 1990 levels, requiring major fresh efforts if it is to hit the new 50-percent target. "We're asking for a bit from the smallest (polluters) and a lot from the biggest," an aide to Borne told reporters, meaning around half of efforts would be for companies, a quarter for households and a quarter for local administrations. "Among other developed countries, the United Kingdom has the most ambitious short-term goals of any major economy, with an objective of 2030 emissions being 68 percent below 1990 levels," notes AFP. "The United States has committed to cut greenhouse gases 50-52 percent by 2030 below 2005 levels, while Germany has set a 65 percent reduction target compared to 1990."Read more of this story at Slashdot.

A class-action lawsuit has been filed against DoorDash, alleging that the company uses deceptive and fraudulent practices to charge higher delivery fees to iPhone users compared to Android users. Ars Technica reports: The lawsuit (PDF), filed May 5 in the District of Maryland, came in hot. Plaintiff Ross Hecox, in addition to his two children and a presumptive class of similarly situated customers, briefly defines DoorDash as an online marketplace with 32 million users and billions of dollars in annual revenue. "Yet, DoorDash generates its revenues not only through heavy-handed tactics that take advantage of struggling merchants and a significant immigrant driver workforce, but also through deceptive, misleading, and fraudulent practices that illegally deprive consumers of millions, if not billions, of dollars annually," the suit adds. "This lawsuit details DoorDash's illegal pricing scheme and seeks to hold DoorDash accountable for its massive fraud on consumers, including one of the most vulnerable segments of society, minor children." Specifically, the suit claims that DoorDash misleads and defrauds customers by - Making its "Delivery Fee" seem related to distance or demand, even though none of it goes to the delivery person.- Offering an "Express" option that implies faster delivery, but then changing the wording to "Priority" in billing so it is not held to delivery times.- Charging an "Expanded Range Delivery" fee that seems based on distance but is really based on a restaurant's subscription level and demand.- Adding an undisclosed 99 cent "marketing fee," paid by the customer rather than the restaurant, to promote menu items that customers add to their carts.- Obscuring minimum order amounts attached to its "zero-fee" DashPass memberships and coupon offers.- Generally manipulating DashPass subscriptions to appear like substantial savings, when the company is "engineering" fees to seem reduced. One of the more interesting and provocative claims is that DoorDash's fees, based in part on "other factors," continually charge iPhone users of its app more than Android users placing the same orders. The plaintiffs and their law firm conducted a few tests of DoorDash's system, using different accounts to order the same food, from the same restaurant, at almost the same exact time, delivered to the same address, with the same account type, delivery speed, and tip. [...] The plaintiffs are asking for $1 billion in damages for those who "fell prey to DoorDash's illegal pricing" over the past four years. The suit also includes allegations that DoorDash improperly allows children to enter into contract with the company without proper vetting. "The claims put forward in the amended complaint are baseless and simply without merit," said a DoorDash spokesperson in a statement. "We ensure fees are disclosed throughout the customer experience, including on each restaurant storepage and before checkout. Building this trust is essential, and it's why the majority of delivery orders on our platform are placed by return customers. We will continue to strive to make our platform work even better for customers, and will vigorously fight these allegations."Read more of this story at Slashdot.

Longtime Slashdot reader UnknowingFool writes: YouTuber Trevor Jacob has pled guilty to felony federal obstruction of an investigation for removing and destroying wreckage of his airplane that he intentionally crashed in November 2021 for online YouTube views. Maximum sentence is 20 years. On November 24, 2021 Jacob was flying solo from Lompoc City Airport to Mammoth Lakes, California. He reported to the FAA that he had engine trouble and had to abandon the plane using a parachute. After the FAA launched an active investigation, Jacob lied about not knowing the location of wreckage for the next several weeks despite his video footage that he found the wreckage shortly after landing on the ground. On December 10, 2021 Jacob and a friend lifted the wreckage away from the national forest crash site using a helicopter. Jacob transported the wreckage back to Lompoc City Airport with a truck. He then cut up and disposed of the wreckage over then next several days using the airport's trash bins. On December 23,2021 Jacob posted a YouTube video titled, "I Crashed My Airplane" which showed his account of engine trouble and the crash. Keen viewers were immediately skeptical of Jacob's account of a flight "emergency" noting he had multiple cameras recording the event including a selfie stick and that Jacob was wearing a parachute before the engine trouble occurred. Pilots commented how Jacob failed to follow basic procedures like attempting to restart the plane or contacting air traffic control with a mayday before ditching the plane. Largely based on the his YouTube video, the FAA revoked his pilot's license in April 2022.Read more of this story at Slashdot.

schwit1 shares a report from UPI: SpaceX confirmed Wednesday it signed a contract to launch the world's first commercial space station. The company also will perform manned space flights shortly after launching the station into orbit "no later than August 2025," SpaceX said in a statement. The Haven-1 space station is being built by Vast, a private aerospace company based in Long Beach, Calif. Its "mission is to contribute to a future where billions of people are living and thriving in space -- a future in which the human population and our resources expand far beyond our current imagination." Vast is solely funded by its billionaire founder and CEO Jed McCaleb. SpaceX will use its Falcon 9 rocket to carry the Haven-1 station into orbit. Manned crews will then use the company's Dragon reusable spacecraft to get to the space station, docking for up to 30 days while in orbit. Vast plans for the initial module to become part of a larger 100-meter-long multi-module spinning space station with artificial gravity. SpaceX confirmed it also will provide crew training, as well as spacesuit and spacecraft ingress and egress exercises. SpaceX also will conduct mission simulations, as part of the agreement with Vast. Crew selection is underway, the company said Wednesday, and will be announced at a future date.Read more of this story at Slashdot.

An anonymous reader quotes a report from Reuters: The Biden administration on Thursday unveiled a sweeping plan to slash greenhouse gas emissions from the U.S. power industry, one of the biggest steps so far in its effort to decarbonize the economy to fight climate change. The proposal would limit how much carbon dioxide power plants, which are the source of more than a quarter of U.S. emissions, can chuff into the atmosphere, putting the industry on a years-long course to install billions of dollars of new equipment or shut down. Environmental groups and scientists have long argued that such steps are crucial to curb global warming, but fossil fuel-producing states argue that they represent government overreach and threaten to destabilize the electric grid. The proposal sets standards that would push power companies to install carbon capture equipment (CCS) that can siphon the CO2 from a plant's smokestack before it reaches the atmosphere, or use super-low-emissions hydrogen as a fuel. The Environmental Protection Agency projects the plan would cut carbon emissions from coal plants and new gas plants by 617 million tons between 2028 and 2042, the equivalent of reducing the annual emissions of 137 million passenger vehicles. "Today we're proposing new technology standards that will significantly reduce greenhouse gas emissions from fossil fuel power plants, protecting health and protecting our planet," EPA Administrator Michael Regan told students at the University of Maryland on their last day of school on Thursday. Regan said that the agency has wielded the power of the federal Clean Air Act to craft the new power plant rules, along with a suite of other measures aimed at tackling vehicle emissions, as well as potent greenhouse gases methane and HFCs, that would reduce the equivalent of 15 billion tonnes of greenhouse gas emissions between 2022 and 2055. The proposal, more than 18 months in the making, reflects constraints imposed on the EPA by the Supreme Court, which ruled last year that the agency cannot impose a system-wide shift from fossil fuels to renewable energy, but can regulate plants by setting technology-based standards applied on-site.Read more of this story at Slashdot.

An anonymous reader shares a report: In the latest blast of the HDD vs SSD culture wars, a Pure Storage exec is predicting that no more hard disk drives will be sold after 2028 because of electricity costs and availability, as well as NAND $/TB declines. Shawn Rosemarin, VP R&D within the Customer Engineering unit at Pure, told B&F: "The ultimate trigger here is power. It's just fundamentally coming down to the cost of electricity." Not the declining cost of SSDs and Pure's DFMs dropping below the cost of disks, although that plays a part. In his view: "Hard drive technology is 67 years old. We need to herald this technology that went from five megabytes the size of this room to where we are today. And even the latest HAMR technology, putting a laser on the top of the head in order to heat up the platters, is pretty remarkable ... But we're at the end of that era." HDD vendors sing a different tune, of course. Back in 2021, HDD vendor Seagate said the SSD most certainly would not kill disk drives. There's a VAST vs Infinidat angle to it as well, with the former also stating disk drive IO limitations would cripple the use of larger disk drives in petabyte-scale data stores, with Infidat blasting back that it "must be joking." Gartner has had a look in too, claiming that enterprise SSDs will hit 35 percent of HDD/SSD exabytes shipped by 2026 - though that would make Rosemarin's 2028 cutoff unlikely. Pure recently stated SSDs would kill HDDs in a crossover event that would happen "soon." Rosemarin, meanwhile, continued his argument: "Our CEO in many recent events has quoted that 3 percent of the world's power is in datacenters. Roughly a third of that is storage. Almost all of that is spinning disk. So if I can eliminate the spinning disk, and I can move to flash, and I can in essence reduce the power consumption by 80 or 90 percent while moving density by orders of magnitude in an environment where NAND pricing continues to fall, it's all becoming evident that hard drives go away." Are high electricity prices set to continue? "I think the UK's power has gone up almost 5x recently. And here's the thing ... when they go up, they very seldom if ever come down ... I've been asked many times do I think the cost of electricity will drop over time. And, frankly, while I wish it would and I do think there are technologies like nuclear that could help us over time. I think it'll take us several years to get there. We're already seeing countries putting quotas on electricity, and this is a really important one -- we've already seen major hyperscalers such as one last summer who tried to enter Ireland [and] was told you can't come here, we don't have enough power for you. The next logical step from that is OK, so now if you're a company and I start to say, well, we only have so much power, so I'm gonna give you X amount of kilowatts per X amount of employees, or I'm gonna give you X amount of kilowatts for X amount of revenue that you contribute to the GDP of the country or whatever metric is acceptable."Read more of this story at Slashdot.

At Google I/O on Wednesday, Google said that all Gmail users in the U.S. will soon be able to discover if their email address has been found on the dark web. The dark web report security feature will roll out over the coming weeks, and will be expanded to select international markets. BleepingComputer reports: Once enabled, it will allow Gmail users to scan the dark web for their email addresses and take action to protect their data based on guidance provided by Google. For instance, they'll be advised to turn on two-step authentication to protect their Google accounts from hijacking attempts. Google will also regularly notify Gmail users to check if their email has been linked to any data breaches that ended up on underground cybercrime forums. "Dark web report started rolling out in March 2023 to members across all Google One plans in the United States, providing a simple way to get notified when their personal information was discovered on the dark web. "Google One's dark web report helps you scan the dark web for your personal info -- like your name, address, email, phone number and Social Security number -- and will notify you if it's found," said Google One Director of Product Management Esteban Kozak in March when the feature was first announced. The company says all the personal info added to the profile can be deleted from the monitoring profile or by removing the profile in the dark web report settings.Read more of this story at Slashdot.

Sci-fi writer Ted Chiang, writing for New Yorker: So, I would like to propose another metaphor for the risks of artificial intelligence. I suggest that we think about A.I. as a management-consulting firm, along the lines of McKinsey & Company. Firms like McKinsey are hired for a wide variety of reasons, and A.I. systems are used for many reasons, too. But the similarities between McKinsey -- a consulting firm that works with ninety per cent of the Fortune 100 -- and A.I. are also clear. Social-media companies use machine learning to keep users glued to their feeds. In a similar way, Purdue Pharma used McKinsey to figure out how to "turbocharge" sales of OxyContin during the opioid epidemic. Just as A.I. promises to offer managers a cheap replacement for human workers, so McKinsey and similar firms helped normalize the practice of mass layoffs as a way of increasing stock prices and executive compensation, contributing to the destruction of the middle class in America. A former McKinsey employee has described the company as "capital's willing executioners": if you want something done but don't want to get your hands dirty, McKinsey will do it for you. That escape from accountability is one of the most valuable services that management consultancies provide. Bosses have certain goals, but don't want to be blamed for doing what's necessary to achieve those goals; by hiring consultants, management can say that they were just following independent, expert advice. Even in its current rudimentary form, A.I. has become a way for a company to evade responsibility by saying that it's just doing what âoethe algorithmâ says, even though it was the company that commissioned the algorithm in the first place.Read more of this story at Slashdot.

"My friend Ben Carlson pointed out that Apple's current market capitalization of about $2.7 trillion this week exceeds the entire market capitalization of the United Kingdom, the third biggest stock market in the world," writes CNBC's Bob Pisani. From the report: Dimensional's Matrix Book is an annual review of global returns that highlight the power of compound investing. It's a fascinating document: you can look up the compounded growth rate of the S&P 500 for every year going back to 1926. Buried on page 74 is a chapter on "World Equity Market Capitalization," listing the market capitalization of most of the world, country by country. No surprise, the U.S. is the global leader in stock market value. The $40 trillion in stock market wealth in the U.S. is almost 60% of the value of all the equities in the world. Here's where it gets fun. [...] Not only is Apple bigger than all 595 companies that list in the United Kingdom, it's bigger than all the companies in France (235 companies), and India (1,242 companies). Apple is twice the size of Germany's entire stock market, with 255 companies.Read more of this story at Slashdot.

At Google I/O on Wednesday, VP of Engineering at Android David Burke new customization features coming to Android 14 later this year. Engadget reports: The tools build on the Material You design system Google introduced in 2021 by allowing users to create a custom wallpaper by picking a few of their favorite emojis. One of the new tools allows you to add up to 14 emojis to a single wallpaper. You can then pick a pattern and a color to bring everything together. Once the wallpaper is on your home screen, the characters will react when you tap on them. If you want something more sentimental, there's a separate option to create "Cinematic" wallpapers. The feature uses on-device neural networks to animate your favorite photos. Once the photo is on your home screen, tilting your device will cause it to move, giving the image more depth and life than it would have had you not used the new feature. Burke said both cinematic and emoji wallpapers would arrive on Pixel devices next month. Come the fall, Google will also introduce a built-in AI image generator within Android's customization menu. You can use the tool to create wallpapers you can't find online. It comes with pre-populated prompts you can tweak to make the process of guiding the AI easier. Once you add an AI wallpaper to your home screen, Android's Material You system will automatically color-match all the user interface elements, including any app icons, so they don't clash with one another. Android 14 will further augment those tools with the addition of new clocks and shortcuts you can add to your lock screen. And if colors aren't your thing, Google also plans to add a new monochromatic theme for those who prefer a more understated look. At I/O, Burke also previewed Magic Compose, a Messages feature that will use Google's generative AI technology to write texts for you. The tool comes with multiple style settings you can use to give your messages a different flair. Google plans to beta test Magic Compose this summer. Separately, Google said after the keynote that Android 14 will add support for Ultra HDR, allowing for photos that feature more vivid colors and detailed shadows.Read more of this story at Slashdot.

An anonymous reader shares an excerpt from a collaborative investigation between Motherboard, lavialibera, and IrpiMedia: Mafioso Bartolo Bruzzaniti needed everyone to do their job just right. First, the Colombian suppliers would hide a massive amount of cocaine inside bananas at the port city of Turbo, Colombia. That shipping container would then be transported across the ocean to Catania, in Sicily, Italy. A corrupt port worker on the mafia's payroll would wave the shipment through and had advised the group how to package the drugs. This was so the cocaine could remain undetected even if the worker was forced to scan the shipment. Another group of on-the-ground mafiosos would then unload the cocaine outside of the port. In March 2021, Bruzzaniti, an alleged member of the infamous 'Ndrangheta mafia group and who says Milan belongs to him "by right," asked his brother Antonio to go fetch something else crucial to the traffickers' success. "Go right now," Bruzzaniti wrote in a text message later produced in court records. "It's needed urgently." Investigators know what Bruzzaniti said because European authorities had penetrated an encrypted phone network called Sky and harvested around a billion of the users' messages. These phones are the technological backbone of organized crime around the world. The thing Antonio needed to urgently fetch was a phone from a different encrypted phone network, one that the authorities appear to have not compromised and which the mafia have been using as part of their operations. To that phone, a contact sent one half of the shipping container's serial number. A reporting collaboration between Motherboard, lavialibera, and IrpiMedia has identified that encrypted phone as being run by a company called No. 1 Business Communication (No. 1 BC). The investigation has found members of the mafia and other organized crime groups turning to No. 1 BC as authorities cracked down on other platforms. The collaboration has identified multiple key players in No. 1 BC's development, sales, and legal structure. "Take the bc1 right away," Bruzzaniti wrote in another text, referring to the No. 1 BC phone.Read more of this story at Slashdot.

According to Azure CTO Mark Russinovich, the most recent Windows 11 Insider Preview build is the first to include the memory-safe programming language Rust. Thurrott reports: "If you're on the Win11 Insider ring, you're getting the first taste of Rust in the Windows kernel," Russinovich tweeted last night. It's not clear which Insider channel he is referring to, however. Regardless, that that was quick: Microsoft only went public with its plans to replace parts of the Windows kernel with Rust code in mid-April at its BlueHat IL 2023 security conference in Israel. At that event, Microsoft vice president David Weston said that "we're using Rust on the operating system along with other constructs" as part of an "aggressive and meaningful pursuit of memory safety," a key source of exploits. And it's not just the Windows kernel. Microsoft is bringing Rust to its Pluton security processor as well.Read more of this story at Slashdot.

Turkish presidential candidate Muharrem Ince withdrew from the race after an alleged sex tape circulated online. Ince claims it's a deepfake using footage taken from "an Israeli porn site." The Guardian reports: Ince, a two-time presidential candidate who also lost to Recep Tayyip Erdogan in 2018, pulled his candidacy just days away from Turkey's most consequential election in a generation saying: "I offered Turkey a third option, a third way. We couldn't succeed with this way." The former school headteacher and longtime member of the Republican People's party (CHP) said an alleged sex tape circulating online was a deepfake, using footage taken from "an Israeli porn site." He added: "If I had such images of myself, they were taken secretly in the past. But I do not have such an image, no such sound recording. This is not my private life, it's slander. It's not real." The high-profile deployment of deepfake videos has already hit Turkey's 45-day election cycle, after Erdogan played an alleged deepfake that claimed to show banned Kurdish militants declaring their support for Kilicdaroglu at a pre-election rally last weekend. "What I have seen in these last 45 days, I have not seen in 45 years," said Ince.Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: An ex-Ubiquiti engineer, Nickolas Sharp, was sentenced to six years in prison yesterday after pleading guilty in a New York court to stealing tens of gigabytes of confidential data, demanding a $1.9 million ransom from his former employer, and then publishing the data publicly when his demands were refused. Sharp had asked for no prison time, telling United States District Judge Katherine Polk Failla that the cyberattack was actually an "unsanctioned security drill" that left Ubiquiti "a safer place for itself and for its clients," Bloomberg reported. In a court document (PDF), Sharp claimed that Ubiquiti CEO Robert Pera had prevented Sharp from "resolving outstanding security issues," and Sharp told the judge that this led to an "idiotic hyperfixation" on fixing those security flaws. However, even if that was Sharp's true motivation, Failla did not accept his justification of his crimes, which include wire fraud, intentionally damaging protected computers, and lying to the FBI. "It was not up to Mr. Sharp to play God in this circumstance," Failla said. US attorney for the Southern District of New York, Damian Williams, argued (PDF) that Sharp was not a "cybersecurity vigilante" but an "inveterate liar and data thief" who was "presenting a contrived deception to the Court that this entire offense was somehow just a misguided security drill." Williams said that Sharp made "dozens, if not hundreds, of criminal decisions" and even implicated innocent co-workers to "divert suspicion." Sharp also had already admitted in pre-sentencing that the cyber attack was planned for "financial gain." Williams said Sharp did it seemingly out of "pure greed" and ego because Sharp "felt mistreated" -- overworked and underpaid -- by the IT company, Williams said. Court documents show that Ubiquiti spent "well over $1.5 million dollars and hundreds of hours of employee and consultant time" trying to remediate what Williams described as Sharp's "breathtaking" theft. But the company lost much more than that when Sharp attempted to conceal his crimes -- posing as a whistleblower, planting false media reports, and contacting US and foreign regulators to investigate Ubiquiti's alleged downplaying of the data breach. Within a single day after Sharp planted false reports, stocks plummeted, causing Ubiquiti to lose over $4 billion in market capitalization value, court documents show. Williams had pushed the court to impose a sentence between eight to 10 years, arguing that anything less would be perceived by the public as a "slap on the wrist." Sharp's six-year term is slightly less than that, but in a press release, Williams described the sentence as imposing "serious penalties" for Sharp's "callous crimes." "He was disgruntled at his employer, planning to leave the company, and wanted to extort millions of dollars and cause damage on his way out," Williams said in his sentencing memo.Read more of this story at Slashdot.

A ransomware intrusion on hardware manufacturer Micro-Star International, better known as MSI, is stoking concerns of devastating supply chain attacks that could inject malicious updates that have been signed with company signing keys that are trusted by a huge base of end-user devices, a researcher said. From a report: "ââIt's kind of like a doomsday scenario where it's very hard to update the devices simultaneously, and they stay for a while not up to date and will use the old key for authentication," Alex Matrosov, CEO, head of research, and founder of security firm Binarly, said in an interview. "It's very hard to solve, and I don't think MSI has any backup solution to actually block the leaked keys." The intrusion came to light in April when, as first reported by Bleeping Computer, the extortion portal of the Money Message ransomware group listed MSI as a new victim and published screenshots purporting to show folders containing private encryption keys, source code, and other data. A day later, MSI issued a terse advisory saying that it had "suffered a cyberattack on part of its information systems." The advisory urged customers to get updates from the MSI website only. It made no mention of leaked keys. Since then, Matrosov has analyzed data that was released on the Money Message site on the dark web. To his alarm, included in the trove were two private encryption keys. The first is the signing key that digitally signs MSI firmware updates to cryptographically prove that they are legitimate ones from MSI rather than a malicious impostor from a threat actor. This raises the possibility that the leaked key could push out updates that would infect a computer's most nether regions without triggering a warning. To make matters worse, Matrosov said, MSI doesn't have an automated patching process the way Dell, HP, and many larger hardware makers do. Consequently, MSI doesn't provide the same kind of key revocation capabilities.Read more of this story at Slashdot.

Microsoft will hold off on offering salary increases to full-time employees, CEO Satya Nadella told staffers by email Wednesday. From a report: The move aligns with Microsoft's efforts to reduce costs as revenue growth slows and clients reel in spending. In January, the software maker said it would cut 10,000 jobs, or just under 5% of its workforce. Alphabet, Amazon, Meta and other tech companies have downsized as well in recent months. Last year, as inflation rippled through the economy, Microsoft nearly doubled the budget for merit increases and boosted stock allocations for certain employees. This year, compensation will look more normal. "We will maintain our bonus and stock award budget again this year, however, we will not overfund to the extent we did last year, bringing it closer to our historical averages," Nadella wrote in the email. Microsoft did not immediately respond to a request for comment. Insider reported on the message earlier. Nadella said performance bonuses for Microsoft's top executives will be down considerably from last year.Read more of this story at Slashdot.

Britain's competition regulator has published an interim order restricting Microsoft and Activision from acquiring an interest in each other without its consent, weeks after it blocked their $69 billion merger.Read more of this story at Slashdot.

A key form of financing that startups rely on is shrinking, hurting new companies that are already starved for capital. From a report: The volume of venture debt, a type of loan that younger companies line up to help pay the bills, plunged to $3.5 billion in the US in the first quarter, according to PitchBook, the lowest level since 2017. Climbing interest rates have made the funding more expensive for companies, and one of the biggest venture lenders, Silicon Valley Bank, faced a run on the bank that forced government regulators to seize it and sell it. First Citizens BancShares, Silicon Valley Bank's buyer, says its appetite for venture financing hasn't changed. On a conference call on Wednesday, the company's president said First Citizens is better positioned to serve venture-backed companies now. But many of the biggest lenders across the economy are less willing to take risk as economic growth slows. Companies drove venture lending to record levels last year as revenue was under pressure and other forms of financing were drying up. VCs pulled back dramatically on equity investments in the second half of 2022, squeezed by rising interest rates and falling market values across the tech industry. By the first quarter of 2023, venture firms invested $79 billion in startups, less than half the $178 billion a year earlier, according to PitchBook. Raising equity in public markets is harder too: There were just $2.5 billion of initial public offerings in the US in the first quarter, the lowest for the first three months of the year since 2016, according to data compiled by Bloomberg.Read more of this story at Slashdot.

EU lawmakers on Thursday urged the European Commission to continue talks to reinforce a proposed data transfer pact with the United States, saying there were still shortcomings in the agreement. From a report: The move could further delay an accord which is critical for thousands of companies. The EU executive in a draft decision in December said that U.S. safeguards against American intelligence activities were strong enough to address EU data privacy concerns. Such worries had prompted Europe's top court to strike down two previous data transfer pacts, affecting thousands of companies that move Europeans' personal data across the Atlantic for commercial use such as financial services, human resources and e-commerce. "This new proposal contains significant improvements, but unfortunately, we are not there yet," lawmaker Juan Fernando Lopez Aguilar said after the assembly voted in a non-binding resolution against the proposed pact.Read more of this story at Slashdot.

European lawmakers came a step closer to passing new rules regulating artificial intelligence tools such as ChatGPT, following a crunch vote on Thursday where they agreed tougher draft legislation. From a report: The European Union's highly anticipated AI Act looks set to be the world's first comprehensive legislation governing the technology, with new rules around the use of facial recognition, biometric surveillance, and other AI applications. After two years of negotiations, the bill is now expected to move to the next stage of the process, in which lawmakers finalise its details with the European Commission and individual member states. Speaking ahead of the vote by two lawmakers' committees, Dragos Tudorache, one of the parliamentarians (MEPs) charged with drafting the laws, said: "It is a delicate deal. But it is a package that I think gives something to everyone that participated in these negotiations. Our societies expect us to do something determined about artificial intelligence, and the impact it has on their lives. It's enough to turn on the TV ... in the last two or three months, and every day you see how important this is becoming for citizens." Under the proposals, AI tools will be classified according to their perceived level of risk, from low to unacceptable. Governments and companies using these tools will have different obligations, depending on the risk level.Read more of this story at Slashdot.

Wind turbines have generated more electricity than gas for the first time in the UK. From a report: In the first three months of this year a third of the country's electricity came from wind farms, research from Imperial College London have shown. National Grid has also confirmed that April saw a record period of solar energy generation. By 2035 the UK aims for all of its electricity to have net zero emissions. "There are still many hurdles to reaching a completely fossil fuel-free grid, but wind out-supplying gas for the first time is a genuine milestone event," said Iain Staffell, energy researcher at Imperial College and lead author of the report. The majority of the UK's wind power has come from offshore wind farms. Installing new onshore wind turbines has effectively been banned since 2015 in England.Read more of this story at Slashdot.

SoftBank Vision Fund lost $32 billion in the financial year ending March as the Japanese investment giant, the most prolific global investor in tech startups, continues to suffer from valuation corrections across its portfolio of private and public tech companies amid a weakening global economy. From a report: The loss surged about 70% from the same period a year prior, when SoftBank had reported $19 billion in losses at the Vision Fund unit. The losses come even as SoftBank has grown very cautious about deploying new capital to startups in recent quarters. Among the losses, the Japanese conglomerate said its Vision Fund 1 made an unrealized loss of $1.6 billion each in SenseTime Group and GoTo and nearly $800 million in DoorDash. The fair value of SoftBank's portfolio was marked down over the quarter by $2.3 billion to $138 billion.Read more of this story at Slashdot.

SimilarWeb: Developers increasingly get advice from AI chatbots and GitHub CoPilot rather than Stack Overflow message boards. While traffic to OpenAI's ChatGPT has been growing exponentially, Stack Overflow has been experiencing a steady decline -- losing some of its standings as the go-to source developers turn to for answers to coding challenges. Actually, traffic to Stack Overflow's community website has been dropping since the beginning of 2022. That may be in part because of a related development, the introduction of the CoPilot coding assistant from Microsoft's GitHub business. CoPilot is built on top of the same OpenAI large language model as ChatGPT, capable of processing both human language and programming language. A plugin to the widely used Microsoft Visual Studio Code allows developers to have CoPilot write entire functions on their behalf, rather than going to Stack Overflow in search of something to copy and paste. CoPilot now incorporates the latest GPT-4 version of OpenAI's platform. On a year-over-year basis, traffic to Stack Overflow (stackoverflow.com) has been down by an average of 6% every month since January 2022 and was down 13.9% in March. ChatGPT doesn't have a year-over-year track record, having only launched at the end of November, but its website (chat.openai.com) has become one of the world's hottest digital properties in that short time, bigger than Microsoft's Bing search engine for worldwide traffic. It attracted 1.6 billion visits in March and another 920.7 million in the first half of April. The GitHub website has also been seeing strong growth, with traffic to github.com up 26.4% year-over-year in March to 524 million visits. That doesn't reflect all the usage of CoPilot, which normally takes place within an editor like Visual Studio Code, but it would include people coming to the website to get a subscription to the service. Visits to the GitHub CoPilot free trial signup page more than tripled from February to March, topping 800,000.Read more of this story at Slashdot.

When the Ethereum blockchain moved away from using a technique for verifying transactions known as proof of work last September, crypto market demand for the specialized processors that performed these calculations disappeared virtually overnight. Companies that used and hosted GPUs, or graphics processing units, saw a key part of their once-booming business vanish against an increasingly difficult backdrop for crypto. But now mining infrastructure companies like Hive Blockchain and Hut 8 Mining are finding opportunities to repurpose their GPU-based equipment for another industry on the precipice of a possible boom: artificial intelligence. From a report: "If you can reapply some of that investment in the GPU mining infrastructure and convert it to new cards and workloads, it makes sense," Hut 8 Chief Executive Officer Jaime Leverton said in an interview. GPUs -- designed to accelerate graphics rendering -- require constant maintenance and physical infrastructure not all users are prepared to provide. As such, Hut 8 and a few other miners have been using the chips to power high-performance computing, or HPC, services for clients across a range of industries. But inroads with the burgeoning and much-hyped AI sector -- which requires huge amounts of computing power -- represent the kind of transformational opportunity miners had been seeking when they originally bought the processors.Read more of this story at Slashdot.

An anonymous reader quotes a report from TechCrunch: Google is launching a new AI-powered coding bot for Android developers. During its I/O event on Wednesday, Google announced that the tool, called Studio Bot, will help developers build apps by generating code, fixing errors, and answering questions about Android. According to Google, the bot is built on Codey, the company's new foundational coding model that stems from its updated PaLM 2 large language model (LLM). Studio Bot supports both the Kotlin and Java programming languages and will live directly in the toolbar on Android Studio. There, developers can get quick answers to their questions or even have the bot debug a portion of their code. While Google notes that developers don't need to share their source code with Google in order to use Studio Bot, the company will receive data on the conversations they have with the tool. Google says the bot is still in "very early days" but that it will continue training it to improve its answers. It's also currently only available to developers in the US for now via the Canary channel, and there's no word on when it will see a global launch.Read more of this story at Slashdot.

Robinhood announced Wednesday that it will soon allow users to engage in 24-hour trading of select exchange-traded funds and stocks. As Fortune notes, this "will make it the first U.S. brokerage to provide overnight weekday trading in individual stocks." From the report: The 24-hour trading service will allow round-the-clock trading in 43 securities between 8 p.m. ET Sunday and 8 p.m. ET Friday, with plans to add more securities at a later time, Robinhood CEO Vlad Tenev told the Wall Street Journal. The feature will roll out next week in a limited capacity and will be available by June to all users, according to the Journal.Read more of this story at Slashdot.

A personalized cancer vaccine made by BioNTech, the German company that produced the Pfizer-BioNTech COVID-19 vaccine, has shown promising results against pancreatic cancer. The vaccine, which teaches patients' immune systems to attack their tumors, provoked an immune response in half of the 16 patients treated, and those patients did not experience relapses of their cancer during the study. The New York Times reports: Researchers at Memorial Sloan Kettering Cancer Center in New York, led by Dr. Vinod Balachandran, extracted patients' tumors and shipped samples of them to Germany. There, scientists at BioNTech, the company that made a highly successful COVID vaccine with Pfizer, analyzed the genetic makeup of certain proteins on the surface of the cancer cells. Using that genetic data, BioNTech scientists then produced personalized vaccines designed to teach each patient's immune system to attack the tumors. Like BioNTech's COVID shots, the cancer vaccines relied on messenger RNA. In this case, the vaccines instructed patients' cells to make some of the same proteins found on their excised tumors, potentially provoking an immune response that would come in handy against actual cancer cells. The study was small: Only 16 patients, all of them white, were given the vaccine, part of a treatment regimen that also included chemotherapy and a drug intended to keep tumors from evading people's immune responses. And the study could not entirely rule out factors other than the vaccine having contributed to better outcomes in some patients. [...] But the simple fact that scientists could create, quality-check and deliver personalized cancer vaccines so quickly -- patients began receiving the vaccines intravenously roughly nine weeks after having their tumors removed -- was a promising sign, experts said. In patients who did not appear to respond to the vaccine, the cancer tended to return around 13 months after surgery. Patients who did respond, though, showed no signs of relapse during the roughly 18 months they were tracked. Intriguingly, one patient showed evidence of a vaccine-activated immune response in the liver after an unusual growth developed there. The growth later disappeared in imaging tests. "It's anecdotal, but it's nice confirmatory data that the vaccine can get into these other tumor regions," said Dr. Nina Bhardwaj, who studies cancer vaccines at the Icahn School of Medicine at Mount Sinai. "This is the first demonstrable success -- and I will call it a success, despite the preliminary nature of the study -- of an mRNA vaccine in pancreatic cancer," said Dr. Anirban Maitra, a specialist in the disease at the University of Texas MD Anderson Cancer Center, who was not involved in the study. "By that standard, it's a milestone." The study has been published in the journal Nature.Read more of this story at Slashdot.

An anonymous reader shares an excerpt from MIT Technology Review: Today, researchers announced yet another version of the human genome map, which they say combines the complete DNA of 47 diverse individuals -- Africans, Native Americans, and Asians, among other groups -- into one giant genetic atlas that they say better captures the surprising genetic diversity of our species. The new map, called a "pangenome," has been a decade in the making, and researchers say it will only get bigger, creating an expanding view of the genome as they add DNA from another 300 people from around the globe. It was published in the journal Nature today. People's genomes are largely alike, but it's the hundreds of thousands of differences, often just single DNA letters, that explain why each of us is unique. The new pangenome, researchers say, should make it possible to observe this diversity in more detail than ever before, highlighting so-called evolutionary hot spots as well as thousands of surprisingly large differences, like deleted, inverted, or duplicated genes, that aren't observable in conventional studies. The pangenome relies on a mathematical concept called a graph, which you can imagine as a massive version of connect-the-dots. Each dot is a segment of DNA. To draw a particular person's genome, you start connecting the numbered dots. Each person's DNA can take a slightly different path, skipping some numbers and adding others. One payoff of the new pangenome could be better ways to diagnose rare diseases, although practical applications aren't easy to name. Instead, scientists say it's mainly giving them insight into some of the "dark matter" of the genome that's previously been hard to see, including strange regions of chromosomes that seem to share and exchange genes. For now, most biologists and doctors will stick to the existing "reference genome," the one first produced in draft form in 2001 and gradually improved. It answers most questions researchers are interested in, and all their computer tools work with it. The reason a reference genome is important is that when a new person's genome is sequenced, that sequence is projected onto the reference in order to organize and read the new data. Yet since the current reference is just one possible genome, missing bits that some people have, some information can't be analyzed and is usually ignored. Researchers call this effect "reference bias" or, more simply, the streetlamp problem. You don't see where you don't look. Officials with NIH said they hoped the new update to the genome map would make gene research more "equitable." That's because the more different your genome is from the current reference, the more information about you could be missed. The existing reference is largely the DNA of one African-American man, although it includes segments from several other people as well. "If the genome you want to analyze has sequences that are not in that reference, they will be missed in the analysis," says Deanna Church, a consultant with the business incubator General Inception, who previously held a key role at NIH managing the reference genome. "In reality, the notion that there is a 'human genome' is really the problem," she says. "The current version is the simplest model you can make. It made sense when we started ... But now we need better models."Read more of this story at Slashdot.