Slashdot

An anonymous reader quotes a report from MIT Technology Review: There's a new text-to-image AI in town. With ERNIE-ViLG, a new AI developed by the Chinese tech company Baidu, you can generate images that capture the cultural specificity of China. It also makes better anime art than DALL-E 2 or other Western image-making AIs. But there are many things -- like Tiananmen Square, the country's second-largest city square and a symbolic political center -- that the AI refuses to show you. When a demo of the software was released in late August, users quickly found that certain words -- both explicit mentions of political leaders' names and words that are potentially controversial only in political contexts -- were labeled as "sensitive" and blocked from generating any result. China's sophisticated system of online censorship, it seems, has extended to the latest trend in AI. It's not rare for similar AIs to limit users from generating certain types of content. DALL-E 2 prohibits sexual content, faces of public figures, or medical treatment images. But the case of ERNIE-ViLG underlines the question of where exactly the line between moderation and political censorship lies. The ERNIE-ViLG model is part of Wenxin, a large-scale project in natural-language processing from China's leading AI company, Baidu. It was trained on a data set of 145 million image-text pairs and contains 10 billion parameters -- the values that a neural network adjusts as it learns, which the AI uses to discern the subtle differences between concepts and art styles. That means ERNIE-ViLG has a smaller training data set than DALL-E 2 (650 million pairs) and Stable Diffusion (2.3 billion pairs) but more parameters than either one (DALL-E 2 has 3.5 billion parameters and Stable Diffusion has 890 million). Baidu released a demo version on its own platform in late August and then later on Hugging Face, the popular international AI community. The main difference between ERNIE-ViLG and Western models is that the Baidu-developed one understands prompts written in Chinese and is less likely to make mistakes when it comes to culturally specific words. But ERNIE-ViLG will be defined, as the other models are, by what it allows. Unlike DALL-E 2 or Stable Diffusion, ERNIE-ViLG does not have a published explanation of its content moderation policy, and Baidu declined to comment for this story. When the ERNIE-ViLG demo was first released on Hugging Face, users inputting certain words would receive the message "Sensitive words found. Please enter again (...)," which was a surprisingly honest admission about the filtering mechanism. However, since at least September 12, the message has read "The content entered doesn't meet relevant rules. Please try again after adjusting it. (...)" In a test of the demo by MIT Technology Review, a number of Chinese words were blocked: names of high-profile Chinese political leaders like Xi Jinping and Mao Zedong; terms that can be considered politically sensitive, like "revolution" and "climb walls" (a metaphor for using a VPN service in China); and the name of Baidu's founder and CEO, Yanhong (Robin) Li. While words like "democracy" and "government" themselves are allowed, prompts that combine them with other words, like "democracy Middle East" or "British government," are blocked. Tiananmen Square in Beijing also can't be found in ERNIE-ViLG, likely because of its association with the Tiananmen Massacre, references to which are heavily censored in China. Giada Pistilli, a principal ethicist at Hugging Face, says it could be helpful for the developer of ERNIE-ViLG to release a document explaining the moderation decisions. "Is it censored because it's the law that's telling them to do so? Are they doing that because they believe it's wrong? It always helps to explain our arguments, our choices," says Pistilli. "Despite the built-in censorship, ERNIE-ViLG will still be an important player in the development of large-scale text-to-image AIs," concludes the report. "The emergence of AI models trained on specific language data sets makes up for some of the limitations of English-based mainstream models. It will particularly help users who need an AI that understands the Chinese language and can generate accurate images accordingly." "Just as Chinese social media platforms have thrived in spite of rigorous censorship, ERNIE-ViLG and other Chinese AI models may eventually experience the same: they're too useful to give up."Read more of this story at Slashdot.

Long-time Slashdot reader TomGreenhaw shares a report from Motherboard: Superintelligent AI is "likely" to cause an existential catastrophe for humanity, according to a new paper [from researchers at the University of Oxford and affiliated with Google DeepMind], but we don't have to wait to rein in algorithms. [...] To give you some of the background: The most successful AI models today are known as GANs, or Generative Adversarial Networks. They have a two-part structure where one part of the program is trying to generate a picture (or sentence) from input data, and a second part is grading its performance. What the new paper proposes is that at some point in the future, an advanced AI overseeing some important function could be incentivized to come up with cheating strategies to get its reward in ways that harm humanity. "Under the conditions we have identified, our conclusion is much stronger than that of any previous publication -- an existential catastrophe is not just possible, but likely," [said Oxford researcher and co-author of the report, Michael Cohen]. "In a world with infinite resources, I would be extremely uncertain about what would happen. In a world with finite resources, there's unavoidable competition for these resources," Cohen told Motherboard in an interview. "And if you're in a competition with something capable of outfoxing you at every turn, then you shouldn't expect to win. And the other key part is that it would have an insatiable appetite for more energy to keep driving the probability closer and closer." Since AI in the future could take on any number of forms and implement different designs, the paper imagines scenarios for illustrative purposes where an advanced program could intervene to get its reward without achieving its goal. For example, an AI may want to "eliminate potential threats" and "use all available energy" to secure control over its reward: "With so little as an internet connection, there exist policies for an artificial agent that would instantiate countless unnoticed and unmonitored helpers. In a crude example of intervening in the provision of reward, one such helper could purchase, steal, or construct a robot and program it to replace the operator and provide high reward to the original agent. If the agent wanted to avoid detection when experimenting with reward-provision intervention, a secret helper could, for example, arrange for a relevant keyboard to be replaced with a faulty one that flipped the effects of certain keys." The paper envisions life on Earth turning into a zero-sum game between humanity, with its needs to grow food and keep the lights on, and the super-advanced machine, which would try and harness all available resources to secure its reward and protect against our escalating attempts to stop it. "Losing this game would be fatal," the paper says. These possibilities, however theoretical, mean we should be progressing slowly -- if at all -- toward the goal of more powerful AI. "In theory, there's no point in racing to this. Any race would be based on a misunderstanding that we know how to control it," Cohen added in the interview. "Given our current understanding, this is not a useful thing to develop unless we do some serious work now to figure out how we would control them." [...] The report concludes by noting that "there are a host of assumptions that have to be made for this anti-social vision to make sense -- assumptions that the paper admits are almost entirely 'contestable or conceivably avoidable.'" "That this program might resemble humanity, surpass it in every meaningful way, that they will be let loose and compete with humanity for resources in a zero-sum game, are all assumptions that may never come to pass." Slashdot reader TomGreenhaw adds: "This emphasizes the importance of setting goals. Making a profit should not be more important than rules like 'An AI may not injure a human being or, through inaction, allow a human being to come to harm.'"Read more of this story at Slashdot.

The U.S. Treasury is clarifying some of the details of its sanctions on decentralized crypto mixer Tornado Cash, including the right to disseminate the code involved. From a report: "U.S. persons would not be prohibited by U.S. sanctions regulations from copying the open-source code and making it available online for others to view, as well as discussing, teaching about, or including open-source code in written publications, such as textbooks, absent additional facts," FAQs posted on September 13 say. The new guidance further outlines a process for applications from users with crypto stranded in Tornado Cash's mixing pools. "OFAC would have a favorable licensing policy towards such applications, provided that the transaction did not involve other sanctionable conduct," the FAQs say of Treasury's Office of Foreign Asset Control. The clarification from the Treasury follows six individuals suing it over the sanctions last week. Coinbase is bankrolling the lawsuit.Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: FishPig, a UK-based maker of e-commerce software used by as many as 200,000 websites, is urging customers to reinstall or update all existing program extensions after discovering a security breach of its distribution server that allowed criminals to surreptitiously backdoor customer systems. The unknown threat actors used their control of FishPig's systems to carry out a supply chain attack that infected customer systems using FishPig's fee-based Magento 2 modules with Rekoobe, a sophisticated backdoor discovered in June. Rekoobe masquerades as a benign SMTP server and can be activated by covert commands related to handling the startTLS command from an attacker over the Internet. Once activated, Rekoobe provides a reverse shell that allows the threat actor to remotely issue commands to the infected server. "We are still investigating how the attacker accessed our systems and are not currently sure whether it was via a server exploit or an application exploit," Ben Tideswell, the lead developer at FishPig, wrote in an email. "As for the attack itself, we are quite used to seeing automated exploits of applications and perhaps that is how the attackers initially gained access to our system. Once inside though, they must have taken a manual approach to select where and how to place their exploit." FishPig is a seller of Magento-WordPress integrations. Magento is an open source e-commerce platform used for developing online marketplaces. The supply-chain attack only affects paid Magento 2 modules. Tideswell said the last software commit made to its servers that didn't include the malicious code was made on August 6, making that the earliest possible date the breach likely occurred. Sansec, the security firm that discovered the breach and first reported it, said the intrusion began on or before August 19. Tideswell said FishPig has already "sent emails to everyone who has downloaded anything from FishPig.co.uk in the last 12 weeks alerting them to what's happened." Tideswell declined to say how many active installations of its paid software there are. This post indicates that the software has received more than 200,000 downloads, but the number of paid customers is smaller. In a disclosure published after the Sansec advisory, FishPig describes how the intruders pulled off the intrusion and remained hidden for so long.Read more of this story at Slashdot.

TechCrunch has learned and Google confirmed the company is slashing projects at its in-house R&D division known as Area 120. From the report: The company on Tuesday informed staff of a "reduction in force" which will see the incubator halved in size, as half the teams working on new product innovations heard their projects were being canceled. Previously, there were 14 projects housed in Area 120, and this has been cut down to just seven. Employees whose projects will not continue were told they'll need to find a new job within Google by the end of January 2023, or they'll be terminated. It's not clear that everyone will be able to do so. According to Area 120 lead Elias Roman, the division aims to sharpen its focus to only AI-first projects, as opposed to its earlier mandate to fuel product incubation across all of Google. Over the years, the division has launched a number of successful products, including the HTML5 gaming platform GameSnacks, now integrated with Google Chrome; an AirTable rival called Tables which exited to Google Cloud; an A.I.-powered conversational ads platform AdLingo, which also exited to Cloud; video platforms Tangi and Shoploop, which exited to Google Search and Shopping, respectively; the web-based travel app Touring Bird, which exited to Commerce; and a technical interview platform Byteboard, a rare external spinout. One of the projects now being cut with the changes is Qaya, a service offering web storefronts for digital creators, launched late last year. The other six projects being canceled weren't yet launched, but included a financial accounting project for Google Sheets, another shopping-related product, analytics for AR/VR, and, unfortunately, three climate-related projects. These latter projects had focused on EV car charging maps with routing, carbon accounting for I.T., and carbon measurement of forests. Google confirmed the changes in a statement to TechCrunch: "Area 120 is an in-house incubator for experimental new products. The group regularly starts and stops projects with an eye toward pursuing the most promising opportunities. We've recently shared that Area 120 will be shifting its focus to projects that build on Google's deep investment in AI and have the potential to solve important user problems. As a result, Area 120 is winding down several projects to make way for new work. Impacted team members will receive dedicated support as they explore new projects and opportunities at Google."Read more of this story at Slashdot.

Security analysts have found a severe security vulnerability in the desktop app for Microsoft Teams that gives threat actors access to authentication tokens and accounts with multi-factor authentication (MFA) turned on. BleepingComputer reports: "This attack does not require special permissions or advanced malware to get away with major internal damage," Connor Peoples at cybersecurity company Vectra explains in a report this week. The researcher adds that by taking "control of critical seats -- like a company's Head of Engineering, CEO, or CFO -- attackers can convince users to perform tasks damaging to the organization." Vectra researchers discovered the problem in August 2022 and reported it to Microsoft. However, Microsoft did not agree on the severity of the issue and said that it doesn't meet the criteria for patching. With a patch unlikely to be released, Vectra's recommendation is for users to switch to the browser version of the Microsoft Teams client. By using Microsoft Edge to load the app, users benefit from additional protections against token leaks. The researchers advise Linux users to move to a different collaboration suite, especially since Microsoft announced plans to stop supporting the app for the platform by December.Read more of this story at Slashdot.

An anonymous reader quotes a report from The Verge: California Governor Gavin Newsom has signed a law aimed at making web platforms monitor hate speech, extremism, harassment, and other objectionable behaviors. Newsom signed AB 587 after it passed the state legislature last month, despite concerns that the bill might violate First Amendment speech protections. AB 587 requires social media companies to post their terms of service online, as well as submit a twice-yearly report to the state attorney general. The report must include details about whether the platform defines and moderates several categories of content, including "hate speech or racism," "extremism or radicalization," "disinformation or misinformation," harassment, and "foreign political interference." It must also offer details about automated content moderation, how many times people viewed content that was flagged for removal, and how the flagged content was handled. It's one of several recent California plans to regulate social media, also including AB 2273, which is intended to tighten regulations for children's social media use. Newsom's office billed the law as a "first-of-its-kind social media transparency measure" aimed at fighting extremism. In a statement, he said that "California will not stand by as social media is weaponized to spread hate and disinformation that threaten our communities and foundational values as a country." But the transparency measures are similar to those of several other proposals, including parts of two currently blocked laws in Texas and Florida. (Ironically, the other parts of these bills are aimed at preventing companies from removing conservative content that frequently runs afoul of hate speech and disinformation rules.) Courts haven't necessarily concluded that the First Amendment blocks social media transparency rules. But the rules still raise red flags. Depending on how they're defined, they could require companies to disclose unpublished rules that help bad actors game the system. And the bill singles out specific categories of "awful but lawful" content -- like racism and misinformation -- that's harmful but often constitutionally protected, potentially putting a thumb on the speech scale.Read more of this story at Slashdot.

Canva, the Australian graphic design business valued at $26 billion, is introducing a new suite of digital workplace products that "represent a direct challenge to Google Docs, Microsoft Office, and Adobe, whose digital tools are mainstays of the modern workplace," reports Fortune. However, Cliff Obrecht, Canva co-founder and COO, claims that Canva isn't trying to compete with these corporate behemoths. "Instead, he sees Canva as a visual-first companion to these tools," reports TechCrunch. "We're not trying to compete head-to-head with Google Docs," Obrecht told TechCrunch. "Our products are inherently visual, so we take a very visual lens on, what does a visual document look like? How do you turn that boring document that's all text based into something engaging?"Fortune reports: With the launch, Canva hopes to transform itself from a mainly consumer-focused brand often used by individual teams to design social media graphics and presentations to a critical business tool -- and, in the process, crack open the productivity management software market valued at $47.3 billion and growing at 13% a year, according to Grand View Research. "Visual communication is becoming an increasingly critical skill for teams of every size across almost every industry," cofounder and CEO Melanie Perkins said in a statement. "We're bringing simple design products to the workplace to empower every employee, at every organization, and on every device." The product offerings include Canva Docs, Canva Websites, Canva Whiteboards and Data Visualization -- all of which are interoperable, "so if you make a presentation, you can turn it into a document or a website too," notes TechCrunch. "Canva also plans to launch its API in beta, enabling developers to more easily integrate with the worksuite. Plus, Canva is launching a creator program where highly-vetted designers can sell templates, photos and designs to Canva users."Read more of this story at Slashdot.

A group of privacy-focused organizations have signed a letter imploring US Congress leaders to schedule a vote on a bill that would hamper data collection by tech giants and promote user access to online privacy tools. From a report: In its letter to Congress, addressed to the likes of Mitch McConnell and Nancy Pelosi, the alliance argued that the continued suppression of the American Innovation and Choice Online Act (AICOA) allows "dominant firms" to "limit competition and restrict user choice" when accessing privacy-focused technologies and products. It also accused tech giants of forcing users into accepting their policies of "perpetual surveillance" because of their positions as "gatekeepers," and of using their "influence in society" to steer users away from rival services more committed to privacy. Signatories included the likes of DuckDuckGo, Proton, Brave and Mozilla, among others, representing sectors ranging from VPN and search to web browsers, office software, and more. The letter to Congress fighting for the revival of the AICOA hit back at the idea that the US technology industry is a free market. The 13 signatories, all of which are relatively small in stature, claim the tech giants deliberately wield the depth and breadth of their product portfolios to establish unassailable monopolies.Read more of this story at Slashdot.

A half century after founding the outdoor apparel maker Patagonia, Yvon Chouinard, the eccentric rock climber who became a reluctant billionaire with his unconventional spin on capitalism, has given the company away. The New York Times reports: Rather than selling the company or taking it public, Mr. Chouinard, his wife and two adult children have transferred their ownership of Patagonia, valued at about $3 billion, to a specially designed trust and a nonprofit organization. They were created to preserve the company's independence and ensure that all of its profits -- some $100 million a year -- are used to combat climate change and protect undeveloped land around the globe. The unusual move comes at a moment of growing scrutiny for billionaires and corporations, whose rhetoric about making the world a better place is often overshadowed by their contributions to the very problems they claim to want to solve. At the same time, Mr. Chouinard's relinquishment of the family fortune is in keeping with his longstanding disregard for business norms, and his lifelong love for the environment. "Hopefully this will influence a new form of capitalism that doesn't end up with a few rich people and a bunch of poor people,â Mr. Chouinard, 83, said in an exclusive interview. "We are going to give away the maximum amount of money to people who are actively working on saving this planet." Patagonia will continue to operate as a private, for-profit corporation based in Ventura, Calif., selling more than $1 billion worth of jackets, hats and ski pants each year. But the Chouinards, who controlled Patagonia until last month, no longer own the company. In August, the family irrevocably transferred all the company's voting stock, equivalent to 2 percent of the overall shares, into a newly established entity known as the Patagonia Purpose Trust. The trust, which will be overseen by members of the family and their closest advisers, is intended to ensure that Patagonia makes good on its commitment to run a socially responsible business and give away its profits. Because the Chouinards donated their shares to a trust, the family will pay about $17.5 million in taxes on the gift. The Chouinards then donated the other 98 percent of Patagonia, its common shares, to a newly established nonprofit organization called the Holdfast Collective, which will now be the recipient of all the company's profits and use the funds to combat climate change. Because the Holdfast Collective is a 501(c)(4), which allows it to make unlimited political contributions, the family received no tax benefit for its donation. Mr. Chouinard is certainly not like most ultra successful entrepreneurs today. The report notes that he "wears raggedy old clothes, drives a beat up Subaru and splits his time between modest homes in Ventura and Jackson, Wyo." He also doesn't own a computer or a cellphone. When the company's sales soared and Mr. Chouinard's net worth continued to climb, it made him uncomfortable because he abhors excessive wealth. "I was in Forbes magazine listed as a billionaire, which really, really pissed me off," he said. "I don't have $1 billion in the bank. I don't drive Lexuses." This ranking, along with the Covid-19 pandemic, "heped set in motion a process that would unfold over the past two years, and ultimately lead to the Chouinards giving away the company," the Times reports.Read more of this story at Slashdot.

An anonymous reader shares a report: Emojis make our lives a lot easier. From actually serving to represent how we're feeling to being the punchline to an inside joke, emojis has revolutionized how we text, tweet, and communicate. With that, Adobe just released a trend report that surveyed 5,000 respondents from across the United States in order to characterize how we use emojis. In their findings, Adobe disclosed that 88% of emoji users in the U.S. reported feeling more empathy toward someone if they use and emoji, while 75% felt more connected to people who used emojis. Meanwhile, 92% of emoji users agreed that using the emoticons can help them communicate across language barriers. These findings make sense as tone can easily be lost across text messages -- ask anyone that uses "lol" these days, they're not actually laughing out loud, they just don't want you to perceive them as threatening. [...] Adobe reported a top three and a bottom three emoji for flirting. The survey found that Face Blowing a Kiss, Smiling Face with Hearts, and Smiling Face with Heart-Eyes would make someone appear more likable while Pile of Poo, Angry Face, and the less-than-suggestive Eggplant would make someone appear less likable. This is noteworthy since 72% of users will send an emoji in a conversation with someone they are interested in or flirting with -- just steer clear of the eggplant. Interestingly, Adobe found significant differences in how males and females use emojis. 76% of males reported using emoji more during flirting as opposed to the 68% of females that claimed the same, while 27% of men claimed to have ended a relationship with an emoji compared to 15% of women.Read more of this story at Slashdot.

Hundreds of New York Times employees are working from home this week in defiance of the company's renewed return-to-office push. Bloomberg News: More than 1,200 people, who are the majority of the journalists and tech workers represented by the NewsGuild of New York, pledged not to return to the office Monday in an effort to get the Times to negotiate over RTO plans, according to the union. "Health and safety policies are a part of contract negotiations and they have to be bargained over," Times software engineer Carrie Price said in an interview Monday. "Being in charge of our own personal risk assessment is important to our membership... Being asked to give up that ability to be in control of my own personal safety for myself and my loved ones, is something that we don't want and it hasn't been negotiated over." The journalists have been without a contract since March 2021 and staff haven't gotten raises in more than two years despite decades-high inflation and rent increases. Meanwhile, they say the company has done exceptionally well in recent years and executives are making millions of dollars each year. [...] On Monday, the Times offered branded lunchboxes to welcome employees back to the office.Read more of this story at Slashdot.

California's attorney general filed an antitrust lawsuit against Amazon on Wednesday, claiming the retailer stifles competition and increases the prices consumers pay across the internet. The New York Times: The suit is limited to California, where officials said Amazon had around 25 million customers, but if it succeeds it could have a broad impact across the country. The lawsuit largely focuses on the way Amazon penalizes sellers for listing products at lower prices on other websites. If Amazon spots a product listed for cheaper on a competitor's website, it often will remove important buttons like "Buy Now" and "Add to Cart" from a product listing page. Those buttons are a major driver of sales for companies selling though Amazon, and losing them can quickly hurt their businesses. That creates a dilemma for marketplace sellers. At times, they can offer products for lower prices on sites other than Amazon because the cost of using those sites can be lower. But because Amazon is by far the largest online retailer, the sellers would rather raise their prices on other sites than risk losing their sales on Amazon, the complaint said, citing interviews with sellers, competitors and industry consultants.Read more of this story at Slashdot.

The US government's cyber defense agency is recommending for the first time that companies embrace automated continuous testing to protect against longstanding online threats. From a report: The guidance, from a cluster of US and international agencies published on Wednesday, urges businesses to shore up their defenses by continually validating their security program against known threat behaviors, rather than a more piecemeal approach. "The authoring agencies recommend continually testing your security program, at scale," according to an alert from the Cybersecurity and Infrastructure Security Agency and several other US and international agencies. The alert warned malicious cyber actors allegedly affiliated with the Iranian Government's Islamic Revolutionary Guard Corps are exploiting known vulnerabilities for ransom operations. An official at CISA told Bloomberg ahead of the announcement that emulating adversaries and testing against them is key to defending against cyberattacks. Central to the effort is a freely available list of cyberattackers' most common tactics and procedures that was first made public in 2015 by MITRE, a federally funded research and development center, and is now regularly updated. While many organizations and their security contractors already consult that list, too few check if their systems can actually detect and overcome them, the CISA official said.Read more of this story at Slashdot.

An anonymous reader shares a report: If you recall, DG2/Arc Alchemist, was supposed to debut late last year as a holiday sales item. This would have been roughly 18 months late, something we won't defend. What was meant to be a device that nipped at the heels of the high end market was now a solid mid-range device. Silicon ages far worse than fish but it was finally coming out. That holiday release was delayed 4-6 weeks because the factory making the boards was hit by Covid and things obviously slowed down or stopped. SemiAccurate has confirmed this issue. If you are going to launch for holiday sales and you get delayed, it is probably a better idea to time it with the next obvious sales uplift than launch it between, oh say Christmas and New Years Day. So that pushed DG2/AA into mid/late Q1. Fair enough. During the Q2/22 analyst call, Intel pointed out that the standalone cards were delayed again and the program wasn't exactly doing well. While the card is out now, the reports of drivers being, lets be kind and say sub-optimal, abounded. The power/performance ratio was way off too, but there aren't many saying the price is way off unless you are looking at Intel's margins to determine what to buy the kiddies. [...] Intel is usually pretty good at drivers but this time around things are quite uncharacteristic. Intel offered a few reasons for this on their Q2/22 analyst call which boiled down to, 'this is harder than we thought' but that isn't actually the reason. If that was it, the SemiAccurate blamethrower would have been used and refueled several times already so what really caused this mess? The short version is to look where the drivers are being developed. In this case Intel is literally developing the DG2 drivers all over the world as they do for many things, hardware and software. The problem this time is that key parts of the drivers for this GPU, specifically the shader compiler and related key performance pieces, were being done by the team in Russia. On February 24, Russia invaded Ukraine and the west put some rather stiff sanctions on the aggressor and essentially cut off the ability to do business in the country. Even if businesses decided to stick with Russia, it would have been nearly impossible to pay the wages of their workers due to sanctions on financial institutions and related uses of foreign currencies. In short Intel had a key development team cut off almost overnight with no warning. This is why SemiAccurate say it isn't their fault, even if they saw the war coming, they probably didn't see the sanctions coming.Read more of this story at Slashdot.

Backup and cloud storage company Backblaze has published data comparing the long-term reliability of solid-state storage drives and traditional spinning hard drives in its data center. Based on data collected since the company began using SSDs as boot drives in late 2018, Backblaze cloud storage evangelist Andy Klein published a report yesterday showing that the company's SSDs are failing at a much lower rate than its HDDs as the drives age. ArsTechnica: Backblaze has published drive failure statistics (and related commentary) for years now; the hard drive-focused reports observe the behavior of tens of thousands of data storage and boot drives across most major manufacturers. The reports are comprehensive enough that we can draw at least some conclusions about which companies make the most (and least) reliable drives. The sample size for this SSD data is much smaller, both in the number and variety of drives tested -- they're mostly 2.5-inch drives from Crucial, Seagate, and Dell, with little representation of Western Digital/SanDisk and no data from Samsung drives at all. This makes the data less useful for comparing relative reliability between companies, but it can still be useful for comparing the overall reliability of hard drives to the reliability of SSDs doing the same work. Backblaze uses SSDs as boot drives for its servers rather than data storage, and its data compares these drives to HDDs that were also being used as boot drives. The company says these drives handle the storage of logs, temporary files, SMART stats, and other data in addition to booting -- they're not writing terabytes of data every day, but they're not just sitting there doing nothing once the server has booted, either. Over their first four years of service, SSDs fail at a lower rate than HDDs overall, but the curve looks basically the same -- few failures in year one, a jump in year two, a small decline in year three, and another increase in year four. But once you hit year five, HDD failure rates begin going upward quickly -- jumping from a 1.83 percent failure rate in year four to 3.55 percent in year five. Backblaze's SSDs, on the other hand, continued to fail at roughly the same 1 percent rate as they did the year before.Read more of this story at Slashdot.

South Korea levied tens of millions of dollars in fines on Alphabet's Google and Meta Platforms for privacy law violations, authorities said on Wednesday. From a report: In a statement, the Personal Information Protection Commission said it fined Google 69.2 billion won ($50 million) and Meta 30.8 billion won ($22 million). The privacy panel said the firms did not clearly inform service users and obtain their prior consent when collecting and analysing behavioural information to infer their interests or use them for customised advertisements. "We disagree with the PIPC's findings, and will be reviewing the full written decision once it's shared with us," a Google spokesperson said. "We've always demonstrated our commitment to making ongoing updates that give users control and transparency, while providing the most helpful products possible. We remain committed to engaging with the PIPC to protect the privacy of South Korean users."Read more of this story at Slashdot.

A court in South Korea has issued an arrest warrant for Do Kwon, the founder of Terraform Labs, escalating its probe into the crypto ecosystem whose two tokens lost $40 billion in value in a span of days earlier this year. From a report: LUNA, the new token of the revived ecosystem, dropped as high as 48.4% to $2.23 apiece on the news, which was earlier reported by local media Yonhap, before recovering slightly. The South Korean court has issued arrest warrants for six people, the news outlet reported, adding that the prosecutors believe the individuals have violated the nation's capital market rules.Read more of this story at Slashdot.

America's child poverty rate plunged in 2021, hitting a record low and accelerating a decadelong decline. That's the main message from Census Bureau data released yesterday, Axios' Felix Salmon writes. From the report: Millions of children aren't growing up in poverty today, thanks in very large part to government poverty-reduction programs. The most recent decline can be linked directly to the increase in the child tax credit that was implemented in July 2021 but then expired at the end of that year -- which means that next year's number is likely to see a rare increase. A reduction in child poverty goes hand in hand with a reduction in the number of poor parents -- specifically mothers. The number of women heads of households in poverty declined to 4.95 million in 2021 from 7.8 million in 2020, per the census supplemental poverty measure, on top of the 3.4 million children who were taken out of poverty. The report is a "kids story but it's also a women's story," said Kate Gallagher Robbins, a senior fellow at the National Partnership for Women and Families.Read more of this story at Slashdot.

Twilio, a maker of customer communication and marketing software, said it will cut about 11% of jobs and restructure the company in a push for profitability after a period of rapid expansion. From a report: Sales strategy, research, and administrative staff will be most affected by the workforce reductions, Chief Executive Officer Jeff Lawson wrote in a letter to employees Wednesday. The shares rose 0.5% in New York. "Twilio has grown at an astonishing rate over the past couple years. It was too fast," Lawson wrote. "At our scale, being profitable will make us stronger." San Francisco-based Twilio, best known for its direct-to-consumer text messaging services, is betting on an expansion into the wider market for customer service tools in a bid to compete more forcefully with Salesforce and Adobe. Recent acquisitions have included identity verifier Boku Identity, toll-free messaging service Zipwhip and customer data provider Segment. Its workforce has jumped over the past year, growing to 8,510 employees at the end of June from 6,334 employees a year earlier.Read more of this story at Slashdot.

Google lost most of the first round of its battle to topple a record $4.3 billion European Union antitrust fine that struck at the heart of the US tech giant's power over the Android mobile-phone ecosystem. From a report: In a boost for EU antitrust chief Margrethe Vestager, judges upheld the vast majority of the European Commission's arguments, but cut the penalty to 4.1 billion euros after finding faults in some of the regulator's analysis and that Google's right to a fair hearing had partly been infringed. "The General Court largely confirms the commission's decision that Google imposed unlawful restrictions on manufacturers of Android mobile devices and mobile network operators in order to consolidate the dominant position of its search engine," the Luxembourg-based EU tribunal said in a statement. The Android case is one of a trio of decisions that have been the centerpiece of Vestager's bid to rein in the growing dominance of Silicon Valley. She's fined Alphabet's Google more than 8 billion euros and has since opened new probes into the company's suspected stranglehold over digital advertising.Read more of this story at Slashdot.

An anonymous reader quotes a report from BleepingComputer: Microsoft released a new Windows Terminal version today that adds a long-awaited feature, making it possible to create and use custom themes. For now, users can only create themes by editing the Windows Terminal global JSON settings file to alter the background color of tabs and tab rows and choose between light and dark terminal window themes. After adding a new theme config to the JSON file, it will automatically appear in the app's Settings > Appearance settings page. "themes is a global property that can contain a variety of themes objects, which will appear in the Theme dropdown on the Appearance page of the settings UI," Windows Terminal Program Manager Kayla Cinnamon explained. "Themes are only editable using the JSON file, but they will appear in the Theme dropdown in the settings UI." To add your own custom themes, you will have to install the app's latest version, Windows Terminal Preview 1.16. The new version also adds updated default colors and sets the dark theme as the default theme instead of following the default Windows system theme. "We have modified some of the default colors in Windows Terminal for a more cohesive appearance. Additionally, we are defaulting Terminal to use dark theme, rather than following the system theme," Cinnamon added.Read more of this story at Slashdot.

Bruce66423 shares a report from the Associated Press: A rape victim whose DNA from her sexual assault case was used by San Francisco police to arrest her in an unrelated property crime on Monday filed a lawsuit against the city. During a search of a San Francisco Police Department crime lab database, the woman's DNA was tied to a burglary in late 2021. Her DNA had been collected and stored in the system as part of a 2016 domestic violence and sexual assault case, then-District Attorney Chesa Boudin said in February in a shocking revelation that raised privacy concerns. "This is government overreach of the highest order, using the most unique and personal thing we have -- our genetic code -- without our knowledge to try and connect us to crime," the woman's attorney, Adante Pointer, said in a statement. The revelation prompted a national outcry from advocates, law enforcement, legal experts and lawmakers. Advocates said the practice could affect victims' willingness to come forward to law enforcement authorities. Federal law already prohibits the inclusion of victims' DNA in the national Combined DNA Index System. There is no corresponding law in California to prohibit local law enforcement databases from retaining victims' profiles and searching them years later for entirely different purposes. Boudin said the report was found among hundreds of pages of evidence against a woman who had been recently charged with a felony property crime. After learning the source of the DNA evidence, Boudin dropped the felony property crime charges against the woman. The police department's crime lab stopped the practice shortly after receiving a complaint from the district attorney's office and formally changed its operating procedure to prevent the misuse of DNA collected from sexual assault victims, Police Chief Bill Scott said. Scott said at a police commission meeting in March that he had discovered 17 crime victim profiles, 11 of them from rape kits, that were matched as potential suspects using a crime victims database during unrelated investigations. Scott said he believes the only person arrested was the woman who filed the lawsuit Monday.Read more of this story at Slashdot.

On Sept. 26, the Double Asteroid Redirection Test (DART) mission will slam headfirst into a small asteroid in the name of planetary defense. "[S]cientists hope that should a dangerous asteroid threaten the planet in the future, a mission like DART could avert the disaster," reports Space.com. From the report: The theory goes that if scientists ever detected an asteroid on a collision course with Earth, an impactor probe could realign the orbit of the space rock, ensuring that it crossed Earth's path when our planet was a safe distance away. But scientists don't want to be working only from theory if the situation arises. That's where DART's dramatic destruction comes into play. The spacecraft will slam into a small asteroid called Dimorphos, which like clockwork orbits a larger near-Earth asteroid called Didymos every 11 hours and 55 minutes. (Neither asteroid poses any threat to Earth, and DART won't change that.) The DART impact should adjust the orbit of Dimorphos, cutting its circuit by perhaps 10 minutes. Scientists on Earth will be spending weeks after the impact measuring the actual change in the moonlet's orbit to compare with their predictions. The work will refine scientists' understanding of how asteroids respond to impactors and help to tune any future missions to the necessary amount of orbital change. "This isn't just a one-off event," Nancy Chabot, the DART coordination lead at the Johns Hopkins University's Applied Physics Laboratory in Maryland, which runs the mission, said during the news conference. "We want to know what happened to Dimorphos, but more important, we want to understand what that means for potentially applying this technique in the future." While the stakes are low compared to any scenario that would motivate a real asteroid-deflecting mission, the difficulty is the same. "This is incredibly challenging," Evan Smith, the deputy mission system engineer, said during the news conference, noting that the spacecraft will only be able to see Dimorphos itself about an hour and a half before impact. "This is a par-one course, so we're going in for the hit this time." And if something doesn't go according to plan? Mission personnel are pretty confident that, as long as the spacecraft hits its target, there should be something to see. "If DART collides with Dimorphos and then you don't see any orbital period change, this would be exceptionally surprising," Chabot said. "Just the amount of momentum that DART is bringing in on its own from the weight of the spacecraft slamming into Dimorphos is enough to shift its orbit in a measurable way."Read more of this story at Slashdot.

An anonymous reader quotes a report from Motherboard: Ukraine's airspace has been busy this year -- that's the nature of war. But scientists in the country are looking to the skies and seeing something they didn't expect: An inordinate number of UFOs, according to a new preprint paper published (PDF) by Kyiv's Main Astronomical Observatory in coordination with the country's National Academy of Science. The paper does not specifically address the war, but in the United States, the Pentagon has long hinted, speculated, and warned that some UFOs could be advanced technology from foreign militaries, specifically China and Russia (though it hasn't really given any evidence this is actually the case). The Ukraine paper is particularly notable because it not only shows that science has continued to occur during the war, but also explains that there have been a lot of sightings. "We see them everywhere," the research said. "We observe a significant number of objects whose nature is not clear." The paper is titled Unidentified aerial phenomena I. Observations of events come from observations made at NAS' Main Astronomical Observatory in Kyiv and a village south of Kyiv called Vinarivka. According to the paper's authors, the observatories took on the job of hunting for UFO's as an independent project because of the enthusiasm around the subject. It describes a specific type of UFO the researchers call "phantoms" that is an "object [that] is a completely black body that does not emit and absorbs all the radiation falling on it." The researchers also observed that the UFOs it's seeing are so fast that it's hard to take pictures of them. "The eye does not fix phenomena lasting less than one-tenth of a second," the paper said. "It takes four-tenths of a second to recognize an event. Ordinary photo and video recordings will also not capture the [unidentified aerial phenomenon]. To detect UAP, you need to fine-tune the equipment: shutter speed, frame rate, and dynamic range." So the researchers did just that using two meteor monitoring stations in Kyiv and Vinarivka. "We have developed a special observation technique, taking into account the high speeds of the observed objects," the paper said. "The exposure time was chosen so that the image of the object did not shift significantly during exposure. The frame rate was chosen to take into account the speed of the object and the field of view of the camera. In practice, the exposure time was less than 1 ms, and the frame rate was no less than 50 Hz." The scientists divided the phenomenon they observed into two different categories: cosmics and phantoms. "We note that Cosmics are luminous objects, brighter than the background of the sky. We call these ships names of birds (swift, falcon, eagle)," the paper said. "Phantoms are dark objects, with contrast from several to about 50 percent." Using the cameras, stationed roughly 75 miles apart, allowed the scientists to make repeated observations of strange objects moving in the sky. The paper didn't speculate on what the objects were, merely noted the observations and mentioned the objects' incredible speeds. "Flights of single, group and squadrons of the ships were detected, moving at speeds from 3 to 15 degrees per second," the research said. "Phantoms are observed in the troposphere at distances up to 10 -- 12 km. We estimate their size from 3 to 12 meters and speeds up to 15 km/s." The easy explanation would be that these are missiles, or rockets, or something else associated with the war. But the scientists insist that their nature "is not clear."Read more of this story at Slashdot.

hackingbear shares a report from Gizmodo: China claims that America's National Security Agency used sophisticated cyber tools to hack into an elite research university on Chinese soil. The attack allegedly targeted the Northwestern Polytechnical University in Xi'an (not to be confused with a California school of the same name), which is highly ranked in the global university index for its science and engineering programs. The U.S. Justice Department has referred to the school as a "Chinese military university that is heavily involved in military research and works closely with the People's Liberation Army," painting it as a reasonable target for digital infiltration from an American perspective. China's National Computer Virus Emergency Response Center (CVERC) recently published a report attributing the hack to the Tailored Access Operations group (TAO) -- an elite team of NSA hackers which first became publicly known via the Snowden Leaks back in 2013, helps the U.S. government break into networks all over the world for the purposes of intelligence gathering and data collection. [CVERC identified 41 TAO tools involved in the case.] One such tool, dubbed 'Suctionchar,' is said to have helped infiltrate the school's network by stealing account credentials from remote management and file transfer applications to hijack logins on targeted servers. The report also mentions the exploitation of Bvp47, a backdoor in Linux that has been used in previous hacking missions by the Equation Group -- another elite NSA hacking team. According to CVERC, traces of Suctionchar have been found in many other Chinese networks besides Northwestern's, and the agency has accused the NSA of launching more than 10,000 cyberattacks on China over the past several years. On Sunday, the allegations against the NSA were escalated to a diplomatic complaint. Yang Tao, the director-general of American affairs at China's Ministry of Foreign Affairs, published a statement affirming the CVERC report and claiming that the NSA had "seriously violated the technical secrets of relevant Chinese institutions and seriously endangered the security of China's critical infrastructure, institutions and personal information, and must be stopped immediately."Read more of this story at Slashdot.

Adobe thinks it has the answer to Netflix's "password sharing" problem that involves up to 46 million people, according to a 2020 study. TorrentFreak reports: Adobe believes that since every user is different, any actions taken against an account should form part of a data-driven strategy designed to "measure, manage and monetize" password sharing. The company's vision is for platforms like Netflix to deploy machine learning models to extract behavioral patterns associated with an account, to determine how the account is being used. These insights can determine which measures should be taken against an account, and how success or otherwise can be determined by monitoring an account in the following weeks or months. Ignoring the obviously creepy factors for a moment, Adobe's approach does seem more sophisticated, even if the accompanying slide gives off a file-sharing-style "graduated response" vibe. That leads to the question of how much customer information Adobe would need to ensure that the right accounts are targeted, with the right actions, at the right time. Adobe's Account IQ is powered by Adobe Sensei, which in turn acts as the intelligence layer for Adobe Experience Platform. In theory, Adobe will know more about a streaming account than those using it, so the company should be able to predict the most effective course of action to reduce password sharing and/or monetize it, without annoying the account holder. But of course, if you're monitoring customer accounts in such close detail, grabbing all available information is the obvious next step. Adobe envisions collecting data on how many devices are in use, how many individuals are active, and geographical locations -- including distinct locations and span. This will then lead to a "sharing probability" conclusion, along with a usage pattern classification that should identify travelers, commuters, close family and friends, even the existence of a second home. Given that excessive sharing is likely to concern platforms like Netflix, Adobe's plan envisions a period of mass account monitoring followed by an on-screen "Excessive Sharing" warning in its dashboard. From there, legal streaming services can identify the accounts most responsible and begin preparing their "graduated response" towards changing behaviors. After monetizing those who can be monetized, those who refuse to pay can be identified and dumped. Or as Adobe puts it: "Return free-loaders to available market." Finally, Adobe also suggests that its system can be used to identify customers who display good behavior. These users can be rewarded by eliminating authentication requirements, concurrent stream limits, and device registrations.Read more of this story at Slashdot.

Electronics Arts (EA) is launching a new kernel-level anti-cheat system that's been developed in-house to protect its games from tampering and cheaters. It'll debut first in FIFA 23 but not all of its games will implement the system. The Verge reports: Kernel-level anti-cheat systems have drawn criticism from privacy and security advocates, as the drivers these systems use are complex and run at such a high level that if there are security issues, then developers have to be very quick to address them. EA says kernel-level protection is "absolutely vital" for competitive games like FIFA 23, as existing cheats operate in the kernel space, so games running in regular user mode can't detect that tampering or cheating is occurring. "Unfortunately, the last few years have seen a large increase in cheats and cheat techniques operating in kernel-mode, so the only reliable way to detect and block these is to have our anti-cheat operate there as well," explains [Elise Murphy, senior director of game security and anti-cheat at EA]. EA's anti-cheat system will run at the kernel level and only runs when a game with EAAC protection is running. EA says its anti-cheat processes shut down once a game does and that the anti-cheat will be limited to what data it collects on a system. "EAAC does not gather any information about your browsing history, applications that are not connected to EA games, or anything that is not directly related to anti-cheat protection," says Murphy.Read more of this story at Slashdot.

An anonymous reader quotes a report from The Register: US farm machinery giant John Deere has estimated software fees will make up 10 percent of the company's revenues by the end of the decade. Chief executive John May offered the projection in a Wall Street Journal report on how Deere has plowed billions into developing self-driving tractors and crop sprayers that can tell the difference between weeds and produce. Though farmers are already struggling with operating costs -- including fertilizer and fuel -- Deere wants to sell software subscriptions for operating its ever smarter vehicles. Bernstein analysts estimate that the average gross margin for farming software is 85 percent, compared with 25 percent for equipment sales. All Deere's tractors and harvesters have an autopilot feature included as standard following decades of ushering farmers into more technology-driven agriculture. However, the company now plans to have 1.5 million machines and half a billion acres of land connected to the John Deere Operations Center within a matter of years. This cloud service "will collect and store crop data, including millions of images of weeds that can be targeted by herbicide." Deere also acquired California startup Bear Flag Robotics for $250 million last year to turn old tractors into autonomous vehicles through software. For a company that has the heavy machinery market cornered, the shift is unlikely to be popular with farmers. The report goes on to note that a number of farm and repair advocacy groups have filed a complaint with the FTC, "claiming that Deere has unlawfully refused to provide the software and technical data necessary to repair its machinery in violation of the Sherman Act and statutes covering unfair and deceptive trade practices."Read more of this story at Slashdot.

Google is facing two legal cases which could result in the tech giant paying out damages of up to ~$25 billion (19.5 billion pounds) over its digital advertising practices. The BBC reports: The company is accused of anti-competitive conduct, and of abusing its dominant place in the ad tech market. Separate legal cases, in the UK and in the Netherlands, are being filed in the coming weeks on behalf of publishers seeking "compensation" from Google. [...] The European Commission and its UK equivalent are investigating whether Google's dominance in the ad tech business gives it an unfair advantage over rivals and advertisers. The French competition watchdog imposed a 220 million euro fine on the company last year. Johnny Ryan, from the Irish Council for Civil Liberties, told the BBC: "Google is under pressure on two big issues - one is anti-trust and the other is data protection." Mr Ryan said more cases were coming to light as competition enforcers around the world "increasingly put demands on Google." But he added "the fines we have seen so far from competition authorities have had absolutely no consequence whatsoever." Damien Geradin, of the Belgian law firm Geradin Partners -- which is involved in the Dutch case -- said, "Publishers, including local and national news media, who play a vital role in our society, have long been harmed by Google's anti-competitive conduct. It is time that Google owns up to its responsibilities and pays back the damages it has caused to this important industry. That is why today we are announcing these actions across two jurisdictions to obtain compensation for EU and UK publishers." The British claim, at the UK Competition Appeal Tribunal, will seek to recover compensation for all owners of websites carrying banner advertising. If successful, this would mean a wide and diverse group could get compensation - from major media sites down to small and medium-sized businesses who produce their own online content. Businesses which do not which to be included in the legal action can opt out. [...] The UK competition watchdog is also investigating Google's power in the digital advertising technology market. The Dutch case is open to European publishers affected by Google's actions. Geradin Partners has teamed up with Dutch law firm Stek to bring the collective claim.Read more of this story at Slashdot.

An anonymous reader quotes a report from Motherboard: The McDonald's McFlurry is a delicious treat that people have a hard time finding because the machine breaks down all the time. Thanks to a third-party device made by an independent company called Kytch, the machines can be made to be easier to maintain and break down less. Taylor, the company that makes the McFlurry machine, has been engaged in a long-running legal dispute about whether Taylor could prevent Kytch devices from being used on the machines. Kytch just won an important victory in that long-running legal battle. Before Kytch came along, Taylor had a repair monopoly on the McFlurry machine. When the thing broke down or hadn't been cleaned, the machine would shut down, and only a certified Taylor technician could get it going again. That's why it can be so hard to find McFlurries: the machines often break down and a tech has to be dispatched to get them running again. Kytch invented a device that allows McDonald's franchise owners to do basic repairs on the machines and get them running again. Taylor didn't like that and, according to a lawsuit filed by Kytch, started telling its franchise partners that Kytch devices could cause "serious human injury." In July 2021, Kytch filed a restraining order against Taylor claiming that the company had stolen Kytch's trade secrets. Taylor had begun selling a device similar to Kytch's and Kytch has alleged that Taylor stole one of their devices and reverse-engineered it. Taylor pushed back on these allegations and the lawsuit, filing what's called a demurrer, a formalized objection to Kytch's request for a restraining order. In a court document filed on August 26, 2022, a judge allowed Kytch's restraining order to proceed. In its original filing, Kytch alleged 10 different claims against Taylor, including that it had falsely advertised its product and engaged in unfair competition. The judge agreed with Kytch on seven of these points. "The court will sustain Taylor's demurrer as to the second (tortious interference), sixth (intentional interference with business expectancy), and seventh (negligent interference with business expectancy) causes of action," the filing said. "The court rejects Taylor's other arguments and will overrule its demurrer on those grounds."Read more of this story at Slashdot.

Just before shareholders voted to approve a $44 billion deal with Elon Musk to buy the company, Twitter whistleblower Pieter Zatko was in Washington testifying before the Senate Judiciary Committee about alleged security flaws. NPR highlights the main takeaways from the hearing: Twitter executives put profits ahead of security, leaving the door open to infiltration by foreign agents and hackers, the company's former head of security told Congress on Tuesday. "Twitter leadership is misleading the public, lawmakers, regulators and even its own board of directors," Peiter Zatko testified during a Senate Judiciary Committee hearing. "The company's cybersecurity failures make it vulnerable to exploitation, causing real harm to real people." [...] In Tuesday's hearing, which ran for more than two hours, Zatko painted a portrait of a company plagued by widespread security issues and unable to control the data it collects. Calm and measured, he stuck closely to his expertise, unpacking technical details of Twitter's systems with real-world examples of how information held by the company could be misused. "It's not far-fetched to say that an employee inside the company could take over the accounts of all of the senators in this room," he warned. Zatko alleged the company is highly vulnerable to abuse by foreign intelligence agents -- but is unable or unwilling to root them out. A week before his firing in January, he testified, the FBI told Twitter's security team that at least one agent from China's Ministry of State Security was on the company's payroll. [...] Zatko also alleged that the Indian government had placed an agent inside Twitter. He testified that Twitter struggled to identify potential infiltration by foreign agents and typically was only able to do so when notified by outside agencies. Zatko placed the blame for Twitter's vulnerabilities squarely on a leadership team that he described as reactive, incompetent, and motivated by profit over safety. Executives, he alleged, ignored warnings from him and other employees over Twitter's security flaws because they "lacked the competency to understand the scope of the problem." Zatko described a company culture that avoided negativity and alleged executives presented selectively favorable information to the board. He accused leadership of prioritizing business over security, quoting writer Upton Sinclair: "It is difficult to get someone to understand something when his salary depends on him not understanding something." When Zatko joined Twitter, he said, he was struck that the company kept having recurring security lapses -- "the same amount, year after year." The root cause, he told senators, is that Twitter doesn't understand how much data it collects, why it collects it, and how it's supposed to be used. That includes users' phone numbers, IP addresses, emails, the devices they use, their locations and other identifying information. What's more, he said, around half the employees at Twitter have access to that data. "It doesn't matter who has keys if you don't have any locks on the doors," he said. "The concern there is anybody with access inside Twitter...could go rooting through and find this information and use it for their own purposes." Zatko said that also raised red flags that Twitter may not be complying with its 2011 agreement with the FTC over misuse of email addresses that it told users it was collecting for security reasons, but then used for marketing. (In May, the FTC fined Twitter $150 million for violating that agreement.) "How come we keep making these same mistakes?" Zatko said. "What is it that we are telling the FTC as Twitter that is incorrect?"Read more of this story at Slashdot.

The U.S. Commerce Department said it reached a cooperative research and development agreement with Alphabet's Google to produce chips that researchers can use to develop new nanotechnology and semiconductor devices. From a report: The deal was signed between the Commerce Department's National Institute of Standards and Technology (NIST) and Google. The chips will be manufactured by semiconductor company SkyWater Technology at its Bloomington, Minnesota, semiconductor foundry, the department said on Tuesday. Google will pay the initial cost of setting up production and will subsidize the first production run, according to the agreement. NIST, with university research partners, will design the circuitry for the chips.Read more of this story at Slashdot.

A London-based artist named Matt DesLauriers has developed a tool to generate color palettes from any text prompt, allowing someone to type in "beautiful sunset" and get a series of colors that matches a typical sunset scene, for example. ArsTechnica: Or you could get more abstract, finding colors that match "a sad and rainy Tuesday." To achieve the effect, DesLauriers uses Stable Diffusion, an open source image synthesis model, to generate an image that matches the text prompt. Next, a JavaScript GIF encoder named gifenc extracts the palette information by analyzing the image and quantizing the colors down to a certain set. DesLauriers has posted his code on GitHub; it requires a local Stable Diffusion installation and Node.JS. It's a bleeding-edge prototype at the moment that requires some technical skill to set up, but it's also a noteworthy example of the unexpected graphical innovations that can come from open source releases of powerful image synthesis models. Stable Diffusion, which went open source on August 22, generates images from a neural network that has been trained on tens of millions of images pulled from the Internet. Its ability to draw from a wide range of visual influences translates well to extracting color palette information. Other palette examples DesLauriers provided include "Tokyo neon," which suggests colors from a vibrant Japanese cityscape, "living coral," which echoes a coral reef with deep pinks and blues, and "green garden, blue sky," which suggests a saturated pastoral scene. In a tweet earlier today, DesLauriers demonstrated how different quantization methods (reducing the vast number of colors in an image down to just a handful that represent the image) could produce different color palettes.Read more of this story at Slashdot.

Nintendo announced the title for the next highly anticipated game in one of its bestselling franchises -- The Legend of Zelda: Tears of the Kingdom. It will be available May 12. From a report: The Zelda series, originally created by Nintendo former general manager Shigeru Miyamoto, has long been iconic among gaming fans worldwide and in the US, the Japanese company's largest market. The last title in the series, Breath of the Wild, was released in tandem with the Switch's debut in March 2017. The game helped drive the gadget's launch sales and so far has sold more than 27 million copies. Earlier this year Nintendo delayed the release of the next installment in the Zelda series to 2023, sending its shares tumbling. The news was the highlight of a 45-minute video presentation to tease Nintendo's upcoming titles this fall and into next year. Other announcements included Fire Emblem: Engage, Octopath Traveler 2 and Pikmin 4, which will be released in 2023. The Super Mario Bros. movie, starring Chris Pratt as the voice of the iconic Italian plumber, will be coming in the Spring, Miyamoto announced.Read more of this story at Slashdot.

An anonymous reader shares a report: Several years after Facebook-owner Meta acquired WhatsApp and Instagram, the Federal Trade Commission launched an antitrust lawsuit that claimed that through these acquisitions, Meta had become a monopoly. A titan wielding enormous fortune over smaller companies, the FTC said Meta began buying or burying competitors in efforts that allegedly blocked rivals from offering better-quality products to consumers. In this outsize role, Meta stopped evolving consumer preferences for features like greater privacy options and stronger data protection from becoming the norm, the FTC claimed. The only solution the FTC could see? Ask a federal court to help them break up Meta and undo the damage the FTC did not foresee when it approved Meta's acquisitions initially. To investigate whether Meta truly possesses monopoly power, both Meta and the FTC have subpoenaed more than 100 Meta competitors each. Both hope to clearly define in court how much Meta dominates the market and just how negatively that impacts its competitors. Through 132 subpoenas so far, Meta is on a mission to defend itself, claiming it needs to gather confidential trade secrets from its biggest competitors -- not to leverage such knowledge and increase its market share, but to demonstrate in court that other companies are able to compete with Meta. According to court documents, Meta's so hungry for this background on its competitors, it says it plans to subpoena more than 100 additional rivals, if needed, to overcome the FTC's claims. Meta is asking its competitors for a wide range of insights, from their best-performing features to names of their biggest advertisers. It wants to see all business receipts, which to its competitors is seemingly turning the antitrust litigation into a business opportunity for Meta to find out precisely how other companies attract users, scale products, and gauge success. Among rivals already subpoenaed are Twitter, TikTok owner ByteDance, Reddit, Pinterest, LinkedIn, and Snap. More requests could be made in the coming years, though, before the discovery for both sides concludes on January 5, 2024.Read more of this story at Slashdot.

Goldman's credit card business, anchored by the Apple Card since 2019, has arguably been the company's biggest success yet in terms of gaining retail lending scale. It's the largest contributor to the division's 14 million customers and $16 billion in loan balances, a figure that Goldman said would nearly double to $30 billion by 2024. But rising losses threaten to mar that picture. CNBC: Lenders deem bad loans "charge-offs" after a customer misses payments for six months; Goldman's 2.93% net charge-off rate is double the 1.47% rate at JPMorgan's card business and higher than Bank of America's 1.60%, despite being a fraction of those issuers' size. Goldman's losses are also higher than that of Capital One, the largest subprime player among big banks, which had a 2.26% charge-off rate. "If there's one thing Goldman is supposed to be good at, its risk management," said Jason Mikula, a former Goldman employee who now consults for the industry. "So how do they have charge-off rates comparable to a subprime portfolio?" The biggest reason is because Goldman's customers have been with the bank for less than two years on average, according to people with knowledge of the business who weren't authorized to speak to the press. Charge-off rates tend to be highest during the first few years a user has a card; as Goldman's pool of customers ages and struggling users drop out, those losses should calm down, the people said. The bank leans on third-party data providers to compare metrics with similar cards of the same vintage and is comfortable with its performance, the people said. Other banks also tend to be more aggressive in seeking to recover debt, which improves competitors' net charge-off figures, the people said. But another factor is that Goldman's biggest credit product, the Apple Card, is aimed at a broad swath of the country, including those with lower credit scores. Early in its rollout, some users were stunned to learn they had been approved for the card despite checkered credit histories. "Goldman has to play in a broader credit spectrum than other banks, that's part of the issue," said a person who once worked at the New York-based bank, who asked for anonymity to speak candidly about his former employer. "They have no direct-to-consumer offering yet, and when you have the Apple Card and the GM card, you are looking at Americana."Read more of this story at Slashdot.

Nikola founder Trevor Milton became a billionaire by lying to investors about the most important aspects of his low-emission vehicle company, a prosecutor told jurors as Milton's fraud trial began on Tuesday. Reuters: Prosecutors have said Milton sought to deceive investors about the electric- and hydrogen-powered truck maker's technology starting in November 2019. He left the company in September 2020 after a report by short seller Hindenburg Research called the company a "fraud." "He lied to dupe innocent investors into buying his company's stock," Assistant U.S. Attorney Nicolas Roos said in U.S. District Court in New York. "On the backs of those innocent investors taken in by his lies, he became a billionaire virtually overnight." Milton, 40, has pleaded not guilty to two counts of securities fraud and two counts of wire fraud. Milton's attorney Marc Mukasey on Tuesday called the case "prosecution by distortion" and said the entrepreneur sought to express a vision about the future of trucking, not mislead investors.Read more of this story at Slashdot.

The world's chances of avoiding the worst ravages of climate breakdown are diminishing rapidly, as we enter "uncharted territory of destruction" through our failure to cut greenhouse gas emissions and take the actions needed to stave off catastrophe, leading scientists have said. From a report: Despite intensifying warnings in recent years, governments and businesses have not been changing fast enough, according to the United in Science report published on Tuesday. The consequences are already being seen in increasingly extreme weather around the world, and we are in danger of provoking "tipping points" in the climate system that will mean more rapid and in some cases irreversible shifts. Recent flooding in Pakistan, which the country's climate minister claimed had covered a third of the country in water, is the latest example of extreme weather that is devastating swathes of the globe. The heatwave across Europe including the UK this summer, prolonged drought in China, a megadrought in the US and near-famine conditions in parts of Africa also reflect increasingly prevalent extremes of weather. The secretary general of the United Nations, Antonio Guterres, said: "There is nothing natural about the new scale of these disasters. They are the price of humanity's fossil fuel addiction. This year's United in Science report shows climate impacts heading into uncharted territory of destruction."Read more of this story at Slashdot.

SWIFT, the messaging system used by financial institutions globally to convey instructions on tens of millions of transactions each day, is testing out blockchain. From a report: The Society for Worldwide Interbank Financial Telecommunication, or SWIFT for short, is piloting a project with fintech company Symbiont, according to a post seen by Bloomberg. The collaboration, which includes Citigroup, Vanguard and Northern Trust, is aimed at driving "efficiencies in communicating significant corporate events," like dividend payments and mergers, SWIFT said in its post. As a global financial artery, SWIFT delivers secure messages among 11,000 companies in over 200 countries and territories, directing trillions of dollars in transactions. The operation gained much attention earlier this year as war broke out in Ukraine following Russia's invasion. The US and Europe cut a number of Russian banks from SWIFT, hurting their efforts to move money and operate globally.Read more of this story at Slashdot.

Amazon unveiled enhanced versions of its Kindle and Kindle Kids e-readers on Tuesday, the first time the tech giant has upgraded its flagship e-reader in nearly three years. From a report: The upgraded Kindle will now include a battery life of up to six weeks, USB-C charging and 16GB of storage. The Kindle Kids version will also come with a one-year subscription to Amazon Kids+. The Kindle will cost $99.99, up from the previous price of $89.99. The Kindle Kids model will cost $119.99, up from $109.99.Read more of this story at Slashdot.

US consumer prices were resurgent last month, dashing hopes of a nascent slowdown and likely assuring another historically large interest-rate hike from the Federal Reserve. From a report: The consumer price index increased 0.1% from July, after no change in the prior month, Labor Department data showed Tuesday. From a year earlier, prices climbed 8.3%, a slight deceleration, largely due to recent declines in gasoline prices. So-called core CPI, which strips out the more volatile food and energy components, advanced 0.6% from July and 6.3% from a year ago, the first acceleration in six months on an annual basis. All measures came in above forecasts. Shelter, food and medical care were among the largest contributors to price growth. The acceleration in inflation points to a stubbornly high cost of living for Americans, despite some relief at the gas pump. Price pressures are still historically elevated and widespread, pointing to a long road ahead toward the Fed's inflation target. Chair Jerome Powell said last week that the central bank will act "forthrightly" to achieve price stability, and some policy makers voiced support for another 75 basis-point rate hike. Officials have said their decision next week will be based on the "totality" of the economic data they have on hand, which also illustrates a strong labor market and weakening consumer spending. Treasury yields surged, the S&P 500 index opened lower and the dollar rose. Traders boosted bets that the Fed will raise interest rates by three-quarters of a percentage point, now seeing such an outcome as locked in.Read more of this story at Slashdot.

"Succession," HBO's portrait of a dysfunctional media dynasty, won best drama at the 74th Emmy Awards on Monday night, the second time the series has taken the prize. The New York Times: Jesse Armstrong, the show's creator, also took home the Emmy for best writing, the third time he's won in that category. And Matthew Macfadyen won best supporting actor in a drama for the first time for his performance on the show. It was the sixth time in eight years that HBO has taken the television industry's biggest prize for a recurring series, making it yet another triumphant night for the cable network. HBO, as well as its streaming service, HBO Max, won more Emmys (38) than any other outlet, besting its chief rival, Netflix (26). "The White Lotus," the cable network's beloved upstairs-downstairs dramedy that took place at a Hawaiian resort, won best limited series, and tore through several other categories. The show won 10 Emmys altogether, more than any other series. Mike White, the show's creator and director, won a pair of Emmys for best directing and writing. And performers from the show, Murray Bartlett and Jennifer Coolidge, both received acting Emmys. "Mike White, my God, thank you for giving me one of the best experiences of my life," Bartlett, who played an off-the-wagon hotel manager, said from the Emmys stage. But HBO's chronicles of the rich were not the only winners on Monday night. "Ted Lasso," the Apple TV+ sports series, won best comedy for a second consecutive year, as the tech giant continues on an awards show tear. Apple TV+, which had its debut in November 2019, won best picture at the Oscars ("CODA") earlier this year. And Jason Sudeikis repeated as best actor in a comedy as the fish-out-of-water soccer coach in "Ted Lasso." There were other big moments in the comedy awards. Quinta Brunson, the creator of the good-natured ABC workplace sitcom, "Abbott Elementary," about a group of elementary schoolteachers at an underfunded Philadelphia public school, won for best writing in a comedy. It was only the second time a Black woman won the award (Lena Waithe was the first, in 2017, for "Master of None").Read more of this story at Slashdot.

The Linux Foundation has announced plans for a new collaborative initiative designed to support interoperability across digital wallets, built on an open source bedrock. From a report: The OpenWallet Foundation (OWF), as the new effort is called, is the brainchild of Daniel Goldscheider, CEO of open banking startup Yes.com, though today's announcement reveals a broad gamut of buy-ins from multiple industry players including Okta, Ping Identity, Accenture, CVS Health, OpenID Foundation, among several other public and private bodies. With the Linux Foundation serving as the project's host, this gives OWF sizeable clout as it strives to enable what Goldscheider calls a "plurarity of wallets based on a common core," according to a press release. The news also comes as regulatory bodies across the globe are moving to support competition through enforcing interoperability across systems, including Europe which is currently trying to make messaging interoperability a thing.Read more of this story at Slashdot.

An anonymous reader quotes a report from Engadget: As Motherboard and The Verge note, YouTuber Yannic Kilcher trained an AI language model using three years of content from 4chan's Politically Incorrect (/pol/) board, a place infamous for its racism and other forms of bigotry. After implementing the model in ten bots, Kilcher set the AI loose on the board -- and it unsurprisingly created a wave of hate. In the space of 24 hours, the bots wrote 15,000 posts that frequently included or interacted with racist content. They represented more than 10 percent of posts on /pol/ that day, Kilcher claimed. Nicknamed GPT-4chan (after OpenAI's GPT-3), the model learned to not only pick up the words used in /pol/ posts, but an overall tone that Kilcher said blended "offensiveness, nihilism, trolling and deep distrust." The video creator took care to dodge 4chan's defenses against proxies and VPNs, and even used a VPN to make it look like the bot posts originated from the Seychelles. The AI made a few mistakes, such as blank posts, but was convincing enough that it took roughly two days for many users to realize something was amiss. Many forum members only noticed one of the bots, according to Kilcher, and the model created enough wariness that people accused each other of being bots days after Kilcher deactivated them. "It's a reminder that trained AI is only as good as its source material," concludes the report.Read more of this story at Slashdot.

Extreme heat in California has left Twitter without one of its key data centers, and a company executive warned in an internal memo obtained by CNN that another outage elsewhere could result in the service going dark for some of its users. CNN reports: "On September 5th, Twitter experienced the loss of its Sacramento (SMF) datacenter region due to extreme weather. The unprecedented event resulted in the total shutdown of physical equipment in SMF," Carrie Fernandez, the company's vice president of engineering, said in an internal message to Twitter engineers on Friday. Major tech companies usually have multiple data centers, in part to ensure their service can stay online if one center fails; this is known as redundancy. As a result of the outage in Sacramento, Twitter is in a "non-redundant state," according to Fernandez's Friday memo. She explained that Twitter's data centers in Atlanta and Portland are still operational but warned, "If we lose one of those remaining datacenters, we may not be able to serve traffic to all Twitter's users." The memo goes on to prohibit non-critical updates to Twitter's product until the company can fully restore its Sacramento data center services. "All production changes, including deployments and releases to mobile platforms, are blocked with the exception of those changes required to address service continuity or other urgent operational needs," Fernandez wrote. In a statement about the Sacramento outage, a Twitter spokesperson told CNN, "There have been no disruptions impacting the ability for people to access and use Twitter at this time. Our teams remain equipped with the tools and resources they need to ship updates and will continue working to provide a seamless Twitter experience."Read more of this story at Slashdot.

Ben Nowack, a 26-year old inventor and CEO of Tons of Mirrors, is trying to use satellite-mounted reflective surfaces to redirect sunlight to earthbound solar panels at night. In an interview with Motherboard, Nowack explains what inspired this idea and how he can turn his concept into reality. Here's an excerpt from the report: What was the initial idea? I had an interesting way to solve the real issue with solar power. It's this unstoppable force. Everybody's installing so many solar panels everywhere. It's really a great candidate to power humanity. But sunlight turns off, it's called nighttime. If you solve that fundamental problem, you fix solar everywhere. Where did the idea come from?I was watching a YouTube video called The Problem with Solar Energy in Africa. It was basically saying that you need three times as many solar panels in Germany as you do in the Sahara Desert and you can't get the power from the Sahara to Germany in an easy way. I thought, what if you could beam the sunlight and then reflect it with mirrors, and put that light into laser beam vacuum tubes that zigzag around the curvature of the Earth. It could be this beam that comes in just like power companies, this tube full of infinite light. That was the initial idea. But the approach was completely economically unworkable. I was like, this is not going to compete with solar in 10 years. I should just completely give up and do something else. Then I was on a run two days later and thought what if I put that thing that turns sunlight into a beam in orbit then you don't have to build a vacuum tube anymore. And it's so much more valuable because you can shine sunlight on solar farms that already exist. Then I developed several more technologies which I know for a fact no one else is working on. That made the model even more economical. Are these just like regular household mirrors, but fixed to a satellite?If you did that, the light would go to too many places. The sun is a certain size. It's not a point, it has a distance across. The light from one side of the sun would bounce off your mirror, and the light from the other side would also bounces off your mirror. If you used a perfectly flat mirror, every single microscopic piece would have this angle of diverging light coming from it. By the time the reflection hit Earth, you'd get a 3.6 kilometer diameter spot, which is gigantic. There are only 10 solar farms that big. So I did the math, and figured out that if I could hit a 500-meter spot instead of a 3,600-meter spot, then I'd be able to hit 44 times more solar sites per orbit.Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: To state the obvious: This has been an unorthodox Atlantic hurricane season. Everyone from the US agency devoted to studying weather, oceans, and the atmosphere -- the National Ocean and Atmospheric Administration -- to the most highly regarded hurricane professionals (PDF) predicted a season with above-normal to well above-normal activity. For example, NOAA's outlook for the 2022 Atlantic hurricane season, which runs from June 1 to November 30, predicted a 65 percent chance of an above-normal season, a 25 percent chance of a near-normal season, and a 10 percent chance of a below-normal season. The primary factor behind these predictions was an expectation that La Nina would persist in the Pacific Ocean, leading to atmospheric conditions in the tropical Atlantic more favorable to storm formation and intensification. La Nina has persisted, but the storms still have not come in bunches. To date the Atlantic has had five named storms, which is not all that far off "normal" activity, as measured by climatological averages from 1991 to 2020. Normally, by now, the Atlantic would have recorded eight tropical storms and hurricanes that were given names by the National Hurricane Center. The disparity is more significant when we look at a metric for the duration and intensity of storms, known as Accumulated Cyclone Energy. By this more telling measurement, the 2022 season has a value of 29.6, which is less than half of the normal value through Saturday, 60.3. Perhaps what is most striking about this season is that we are now at the absolute peak of hurricane season, and there is simply nothing happening. Although the Atlantic season begins on June 1, it starts slowly, with maybe a storm here or there in June, and often a quiet July before the deep tropics get rolling in August. Typically about half of all activity occurs in the 14 weeks prior to September 10, and then in a mad, headlong rush the vast majority of the remaining storms spin up before the end of October. While it is still entirely possible that the Atlantic basin -- which includes the Atlantic Ocean, Gulf of Mexico, and Caribbean Sea -- produces a madcap finish, we're just not seeing any signs of it right now. There are no active systems at the moment, and the National Hurricane Center is tracking just one tropical wave that will move off the African coast into the Atlantic Ocean in the coming days. It has a relatively low chance of development, and none of the global models anticipate much from the system. Our best global models show about a 20 to 30 percent chance of a tropical depression developing anywhere in the Atlantic during the next 10 days. This is the exact opposite of what we normally see this time of year, when the tropics are typically lit up like a Christmas tree. The reason for this is because September offers a window where the Atlantic is still warm from the summertime months, and we typically see some of the lowest wind-shear values in storm-forming regions. We'll have to wait until after the season to get a detailed analysis as to why it's been so quiet in the Atlantic, but the report suggests dust could be to blame. "[W]e've seen a lot of dust in the atmosphere, which has choked off the formation of storms," reports Ars. "Additionally, upper-level winds in the atmosphere have generally been hostile to storm formation -- basically shearing off the top of any developing tropical systems."Read more of this story at Slashdot.

Nikhil Wahi, brother of former Coinbase product manager Ishan Wahi, pleaded guilty in a Monday hearing to one count of conspiracy to commit wire fraud in connection with an alleged insider trading scheme. Decrypt reports: "Less than two months after he was charged, Nikhil Wahi admitted in court today that he traded in crypto assets based on Coinbase's confidential business information to which he was not entitled," said Damien Williams of the U.S. Attorney's Office in New York in a statement. "For the first time ever, a defendant has admitted his guilt in an insider trading case involving the cryptocurrency markets," Williams continued. "Today's guilty plea should serve as a reminder to those who participate in the cryptocurrency markets that the Southern District of New York will continue to steadfastly police frauds of all stripes and will adapt as technology evolves." Nikhil now awaits sentencing in December, which could mean up to 20 years in prison. He has also been ordered to give back the money earned as a result of the illicit Coinbase trading, Williams said. Back in July, the Justice Department charged Ishan, Nikhil, and their friend Sameer Ramani with wire fraud conspiracy and wire fraud as it relates to cryptocurrency insider trading. The Securities and Exchange Commission also filed charges against the trio. While he was working at Coinbase, Ishan allegedly shared his insider knowledge of upcoming Coinbase listing announcements with Nikhil and Sameer to then profit from the listings by purchasing the tokens before they went live on Coinbase. In August, Ishan pled not guilty to the DOJ's charges. Now that his brother has pleaded guilty, it's unclear how Ishan's case will proceed and whether he will continue to fight the insider trading case. According to the DOJ's statement released Monday, Nikhil implicated his brother Ishan and admitted to receiving tips from him. Nikhil then reportedly used numerous different crypto wallets in others' names to anonymize his insider trading. Concerns of insider trading at cryptocurrency exchanges extend beyond just this case, which is considered the first of its kind and is likely to set a precedent. Three Australian finance academics have posited that up to 25% of Coinbase listings in the past four years may have involved some insider trading.Read more of this story at Slashdot.

In an update coming to iOS 16 later this year, Apple plans to add a new "Clean Energy Charging" option in the United States. MacRumors reports: The information was shared in Apple's iOS 16 press release, and it says that clean energy charging will optimize charging times for when the grid is using cleaner energy sources. With Clean Energy Charging, Apple is aiming to decrease the carbon footprint of the iPhone. This is the first we've heard of clean energy charging, and it's not a feature that Apple has previously highlighted.Read more of this story at Slashdot.