Slashdot

An anonymous reader quotes a report from TorrentFreak: In January, a month before Ant-Man and the Wasp: Quantumania was released in theaters, a link to a leaked script was posted on the Marvel Studios Spoilers subreddit. Last Friday, a Marvel Studios affiliate filed DMCA subpoena applications to compel Reddit and Google to expose the leakers. One named user account is shared among the subreddit's moderator team. Court documents indicate the plan is to force Reddit to expose them all. [...] When information about the script/subtitle file was posted on Reddit mid-January, leak-loving Marvel fans were both excited and impressed. "Yeah this is some next level leak" and "This legit might be the biggest leak in this subs history" set the tone, but the fun didn't last. A moderator of the subreddit commented that since the information was receiving copyright notices, any "future sharing of the material will result in a ban." The thread is still live today and there's no doubt that Marvel is aware of it. The DMCA subpoena application specifically mentions the thread alongside an email from Reddit's legal team, which had previously agreed to take the infringing content down. In common with the takedown notice sent to Google, the allegedly infringing content may have been deleted before Reddit could remove it. There's no mention of a copyright complaint, instead the post notes, "Sorry, this post was deleted by the person who originally posted it." At this point concern shifts to the rest of the thread, which talks about the document hosted by Google and how the mod team "took the google doc down" to ensure that existing links to the file would no longer lead to it. As a result, Marvel now wants Reddit to hand over "All Identifying Information for the user 'u/MSSmods'," which throws another unpredictable element into the mix. The DMCA subpoena applications can be found here (G1/G2, R1/R2)Read more of this story at Slashdot.

Discord updated their privacy policy to quietly drop their promise to alert users "in advance" if the company ever started storing contents of video calls, voice calls, or channels. Naturally, this alarmed some users who wondered if the company plans to start retaining call recordings. According to a Discord spokesperson, the answer is no. Ars Technica reports: "There has not been a change in Discord's position on how we store or record the contents of video or voice channels," a Discord spokesperson told Ars. "We recognize that when we recently issued adjusted language in our privacy policy, we inadvertently caused confusion among our users. To be clear, nothing has changed and we have reinserted the language back into our privacy policy, along with some additional clarifying information." Before users began complaining, the policy was going to be updated to say that Discord would be collecting information on "any content that you upload to the service. For example, you may write messages or posts (including drafts), send voice messages, create custom emojis, create short recordings of GoLive activity, or upload and share files through the services. This also includes your profile information and the information you provide when you create servers." As users raised concerns on Reddit, Discord staffers seemed to rush to assuage fears, saying, "We understand that the wording of the new privacy policy is broad and can be misunderstood" and promising, "We are going to fix this." Since then, Discord added back in the missing language, word for word: "We generally do not store the contents of video or voice calls or channels. If we were to change that in the future (for example, to facilitate content moderation), we would disclose that to you in advance." A Reddit user identifying as a Discord staffer told Redditors that Discord won't "regularly" collect this type of content. That doesn't mean it will never happen though. "In response to user outrage, the policy's new updated language now also specifies that Discord may collect some of this type of content in the future," adds Ars. "We may build features that help users engage with voice and video content, like create or send short recordings," Discord's new policy states.Read more of this story at Slashdot.

Vivaldi is a browser founded by Opera co-founder Jon Stephenson von Tetzchner and launched in 2016 with a heavy focus on privacy and customizations. As someone who has worked on the internet since 1992, Tetzchner has a lot of thoughts on the state of the internet in 2023, especially when it comes to advertising. XDA spoke with Tetzchner at this year's Mobile World Congress, and it's clear to him that advertisers "stole the internet from us." From the report: For the unfamiliar, Android's Privacy Sandbox can track users by creating an offline profile on them and show relevant advertisements based on that. It's a multi-year initiative to introduce more private advertising solutions to end-users and is made possible thanks to the Topics API and FLEDGE. Its goal is to prioritize user privacy by default but still maintain the mobile ecosystem dependent on advertising to support free and ad-supported apps. This is an exclusive-to-Android solution that uses a standalone SDK, separate from the rest of the application code, with the aim of eventually replacing Ad ID. However, Tetzchner doesn't see a difference between standard tracking and companies using the Topics API. "For us, how you technically do the tracking, you can say it's a little bit better to do it client-side than server-side, but for me, the idea that your browser is building a profile on you... No, no, no, that's wrong. That's just wrong," he tells me. It's not quite where the data goes that seems to bother him the most, but what that data can be used to achieve. He mentions how this data can be used to influence how people vote, a la Cambridge Analytica. Whether that data is on your device or not is irrelevant; political advertisements will still appear regardless. "They stole the internet from us", he says of advertisers. "The internet is supposed to be open and free, and you shouldn't be afraid of being monitored. The idea that you are collecting data to provide ads... I can understand having access to a lot of data to provide a service, but that's not the same as profiling your users." [...] Tetzchner is deeply disheartened with the state of it. In fact, he believes the current state of advertising is less profitable for sites now than it was before widespread tracking was in place. He mentions "normal ads," which you may see in a magazine or on TV, were the standard for about a decade, even on the internet. "A lot of sites were more profitable, and people were less worried about having to block ads. The ads were normal, it was kind of like what you were seeing if you were going and reading a magazine. There were ads, but they weren't following you." He points out that paywalls have become commonplace across the internet when that wasn't the case 15 years ago. "How is it then that we needed the change that actually created that situation?" he asks. He argues that advertisements are less profitable as a whole thanks to widespread tracking. Advertisers previously paid more because they knew exactly where their advertisements were going. Now with algorithms and Google Ads, not everything is high quality, even if those algorithms try to scan pages for quality content.Read more of this story at Slashdot.

An anonymous reader quotes a report from NBC News: The Biden administration on Monday gave the green light to a sprawling oil drilling project in Alaska, opening the nation's largest expanse of untouched land to energy production. The multibillion-dollar project will be located inside the National Petroleum Reserve, about 200 miles north of the Arctic Circle, and could produce nearly 600 million barrels of crude oil over the next 30 years, according to the Interior Department. The department noted in announcing the approval that it reduced the scope of the plan, called the Willow Project, by denying two of the five drill sites proposed by ConocoPhillips, Alaska's largest crude oil producer. The department estimated that the project could produce nearly a quarter of a billion metric tons of carbon dioxide emissions. The project had received forceful pushback from environmentalists, who pointed to its potential climate and environmental effects. The Native American community closest to the site has also opposed (PDF) the project, though others have supported it. The oil industry and Alaskan lawmakers had urged the president to approve the project for its energy production potential and its ability to create jobs. [...] But Ben Jealous, executive director of the Sierra Club, said the harm the project will cause "may not ever be able to be undone. This is the equivalent of putting dozens and dozens of coal-fired power plants back online. It makes it almost impossible to understand how the administration will ever meet its promises to reduce emissions from public lands." A source familiar with the decision said that the Biden administration had little choice, faced with the prospect of legal action and costly fines. Administration lawyers determined that the courts would not have allowed Biden to reject the project outright, as ConocoPhillips has long held leases on land in the petroleum reserve and could have levied fines on the government, the source added. The Interior Department announced Monday that ConocoPhillips would relinquish rights to about 68,000 acres of its existing leases in the petroleum reserve, most of which are close to the Teshekpuk Lake Special Area, a major habitat for caribou and other wildlife that Native communities rely on. On Sunday, the Biden administration declared about 2.8 million acres of the Beaufort Sea in the Arctic Ocean as indefinitely off-limits for future oil and gas leasing. The Interior Department said it is also considering additional protections for more than 13 million acres within the reserve that have significant natural or historical value.Read more of this story at Slashdot.

Dish Network must pay $469 million for infringing two patents held by parental-control technology maker ClearPlay related to filtering material from streaming video, a jury in U.S. federal court in Utah has decided. From a report: The jury in Salt Lake City reached its decision on Friday in ClearPlay's lawsuit against Dish, finding that Dish's AutoHop feature for skipping commercials on its Hopper set-top boxes is covered by ClearPlay's patents. While jurors found that Dish's technology violated ClearPlay's patent rights, they rejected ClearPlay's contention that Dish copied its technology intentionally. A Dish spokesperson said on Monday that the company was disappointed in the jury's decision and will contest the verdict, potentially through an appeal. Representatives for ClearPlay did not immediately respond to requests for comment on Monday.Read more of this story at Slashdot.

Facebook-parent Meta Platforms said on Saturday that it would end availability of news content for Canadians on its platforms if the country's Online News Act passes in its current form. From a report: The "Online News Act," or House of Commons bill C-18, introduced in April last year laid out rules to force platforms like Meta and Alphabet's Google to negotiate commercial deals and pay news publishers for their content. "A legislative framework that compels us to pay for links or content that we do not post, and which are not the reason the vast majority of people use our platforms, is neither sustainable nor workable," a Meta spokesperson said as reason to suspend news access in the country. Meta's move comes after Google last month started testing limited news censorship as a potential response to the bill. Canada's news media industry has asked the government for more regulation of tech companies to allow the industry to recoup financial losses it has suffered in the years as tech giants like Google and Meta steadily gain greater market share of advertising. We've watched this movie before.Read more of this story at Slashdot.

All toilet paper from across the globe checked for toxic PFAS "forever chemicals" contained the compounds, and the waste flushed down toilets and sent to sewage treatment plants probably creates a significant source of water pollution, new research has found. From a report: Once in the wastewater plant, the chemicals can be packed in sewage sludge that is eventually spread on cropland as fertilizer, or spilt into waterways. "Toilet paper should be considered as a potentially major source of PFAS entering wastewater treatment systems," the study's authors wrote. PFAS are a class of about 14,000 chemicals typically used to make thousands of consumer products resist water, stains and heat. They are called "forever chemicals" because they do not naturally break down, and they are linked to cancer, fetal complications, liver disease, kidney disease, autoimmune disorders and other serious health issues. The study checked 21 major toilet paper brands in North America, western Europe, Africa, Central America and South America, but it did not name the brands. The peer-reviewed University of Florida report did not consider the health implications of people wiping with contaminated toilet paper. PFAS can be dermally absorbed, but no research on how it may enter the body during the wiping process exists. However, that exposure is "definitely worth investigating," said David Andrews, senior scientist with the Environmental Working group, a public health non-profit that tracks PFAS pollution.Read more of this story at Slashdot.

A recent set of sweeping US laws have already kicked off a boom in proposals for new mining operations, minerals processing facilities, and battery plants, laying the foundation for domestic supply chains that could support rapid growth in electric vehicles and other clean technologies. From a report: That's by design. A stipulation in the Inflation Reduction Act (IRA), enacted last year, restricts EV tax credits to vehicles with batteries that contain a significant portion of minerals extracted or refined within the US, or from countries that have free-trade agreements with it. Manufacturing the batteries that power these vehicles requires significant amounts of finished materials such as cobalt, graphite, lithium, manganese, and nickel. Today these often come from other nations, particularly China. Billions of dollars of investments in battery materials have been announced in North America since the IRA passed, according to BloombergNEF. The "domestic content requirements" helped spark or accelerate those plans, observers say. But it's still not clear which nations will qualify for providing the processed materials, and some allies have accused the US of providing unfair advantages to its own industries. Some experts also worry that the requirements, which become stricter over time, are so stringent they could have the unintended effect of actually slowing the shift to cleaner technologies. After all, it takes years to get new mines and plants running under the best of circumstances, and the permitting process for major projects in the US is notoriously slow. Adding to the potential delays, some communities are already pushing back on certain proposals, citing environmental impacts, indigenous land concerns, and other issues.Read more of this story at Slashdot.

Fulfilment of initial promise made for the technology remains elusive. From a report: The Vienna University of Economics and Business (WU) has offered a tantalising prospect to people who want to learn but don't like to leave the house: join us 'virtually, for a postgraduate course in the metaverse.' Students signing up to WU's professional master of sustainability, entrepreneurship and technology programme can complete the entire part-time course -- attending lectures, meeting their classmates for a coffee and so on -- by just logging in via a laptop. The course -- developed in partnership with Tomorrow University of Applied Sciences, an edtech start-up based in Berlin -- is one of many examples where business schools have embraced the metaverse, 3D technology, virtual reality headsets and avatars to extend the reach of management and leadership training. Setting up the course "provides us with greater reach, making the course more global," explains Barbara Stottinger, dean of WU's executive academy. However, she is quick to add: "Vienna is a great location so coming to campus is still pretty attractive to most of our students." And this is the problem at the heart of why many business schools have been reluctant to enter the metaverse for course tuition: studying in the real world has its advantages. Teaching the interpersonal skills of leadership and networking that are so integral to postgraduate management courses, like the MBA, is better done in person. It also avoids having to fund purchases of the hardware and software necessary for metaverse projects. Meanwhile, the metaverse has been caught in an extreme example of a 'hype cycle.' This is where wild enthusiasm about a new technology turns to widespread rejection, as its reality fails to live up to what is claimed for it.Read more of this story at Slashdot.

DoNotPay, which describes itself as "the world's first robot lawyer," has been accused of practicing law without a license. From a report: It's facing a proposed class action lawsuit filed by Chicago-based law firm Edelson on March 3 and published Thursday on the website of the Superior Court of the State of California for the County of San Francisco. The complaint argues: "Unfortunately for its customers, DoNotPay is not actually a robot, a lawyer, nor a law firm. DoNotPay does not have a law degree, is not barred in any jurisdiction, and is not supervised by any lawyer." The lawsuit was filed on behalf of Jonathan Faridian, who said he'd used DoNotPay to draft various legal documents including demand letters, a small claims court filing, and a job discrimination complaint. Per the complaint, Faridian believed he'd purchased legal documents "from a lawyer that was competent to provide them," but got "substandard" results. DoNotPay claims to use artificial intelligence to help customers handle an array of legal services without needing to hire a lawyer. It was founded in 2015 as an app to help customers fight parking tickets, but has since expanded its services. DoNotPay's website claims that it can help customers fight corporations, beat bureaucracy, find hidden money, and "sue anyone." DoNotPay told Insider: "DoNotPay respectfully denies the false allegations." It added: "We will defend ourselves vigorously."Read more of this story at Slashdot.

Last month, a declassified FBI report revealed that the bureau had used Section 702 of the Foreign Intelligence Surveillance Act (FISA) to conduct multiple unlawful searches of a sitting Congress member's personal communications. From a report by Ars Technica: Wired was the first to report the abuse, but for weeks, no one knew exactly which lawmaker was targeted by the FBI. That changed this week when Rep. Darin LaHood (R-Ill.) revealed during an annual House Intelligence Committee hearing on world threats that the FBI's abuse of 702 was "in fact" aimed at him. "This careless abuse by the FBI is unfortunate," LaHood said at the hearing, suggesting that the searches of his name not only "degrades trust in FISA" but was a "threat to separation of powers" in the United States. Calling the FBI's past abuses of Section 702 "egregious," the congressman -- who is leading the House Intelligence Committee's working group pushing to reauthorize Section 702 amid a steeply divided Congress -- said that "ironically," being targeted by the FBI gives him a "unique perspective" on "what's wrong with the FBI." LaHood has said that having his own Fourth Amendment rights violated in ways others consider "frightening" positions him well to oversee the working group charged with implementing bipartisan reforms and safeguards that would prevent any such abuses in the future. House Permanent Select Committee on Intelligence Chairman Mike Turner (R-Ohio) said that LaHood "personifies the fears and mistrust many in America have about the FBI's leadership," noting that "too many Americans are worried it could be them" next. FBI director Christopher Wray said that he "completely" understood LaHood's concerns, while emphasizing that the FBI has already implemented reforms and safeguards to prevent similar abuses in the future. An FBI spokesperson told Ars that "extensive changes" to address 702 compliance issues include "a whole new Office of Internal Audit currently focused on FISA compliance" and new policies requiring "enhanced pre-approval requirements before certain 'sensitive' US person queries can be run." The spokesperson provided an example, saying that for any sensitive queries involving elected officials, the FBI's deputy director must sign off. Wray said at the hearing that queries of the Section 702 database on US persons have dropped by 93 percent since last year. He also confirmed that the FBI launched "all sorts of mandatory enhanced training" initiatives on 702 compliance. UPDATE: "At the same time, [LaHood] made clear that he still believes that Congress must reauthorize Section 702," reports the New York Times, "which he praised as a vital tool for combating a broad range of foreign threats."Read more of this story at Slashdot.

When Tim Cook unveils Apple's new "mixed-reality" headset later this year, he won't just be showing off the tech giant's latest shiny gadget. From a report: The Apple chief will also be guaranteeing his legacy includes the launch of a next-generation hardware product that some inside the company believe might one day rival the iPhone. After seven years in development -- twice as long as the iPhone -- the tech giant is widely expected to unveil a headset featuring both virtual and augmented reality as soon as June. The stakes are high for Cook. The headset will be Apple's first new computing platform to have been developed entirely under his leadership. The iPhone, iPad and even Watch were all originally conceived under Apple's co-founder Steve Jobs, who died in 2011. Apple's growth during Cook's tenure has been spectacular, growing its market capitalisation from around $350bn in 2011 to around $2.4tn today. But despite the twin hit launches of Apple Watch in 2015 and AirPods a year later, which have helped turn its accessories division into a $41bn business, the company has been accused of iterating on past ideas rather than breaking new ground. "They have huge pressure to ship" the headset, said a former Apple engineer who worked on the product's development. "They have been postponing the launch each year for the past [few] years." The timing of the launch has been a source of tension since the project began in early 2016, according to multiple people familiar with Apple's internal discussions. Apple's operations team wanted to ship a "version one" product, a ski goggle-like headset that will allow users to watch immersive 3D video, perform interactive workouts or chat with realistic avatars through a revamped FaceTime. But Apple's famed industrial design team had cautioned patience, wanting to delay until a more lightweight version of AR glasses became technically feasible. Most in the tech industry expect that to take several more years. In deciding to press ahead with a debut this year, Cook has sided with operations chief Jeff Williams, according to two people familiar with Apple's decision-making, and overruled the early objections from Apple's designers to wait for the tech to catch up with their vision.Read more of this story at Slashdot.

Decentralized lending protocol Euler Finance was hit by an attack that drained $197 million in cryptocurrencies from its platform on Monday, making it the largest hack in its corner of the digital-assets market this year. From a report: The bulk of the hacker's loot -- worth roughly $135 million -- was denominated in staked Ether tokens (stETH), while the remainder was held in wrapped Bitcoin and stablecoins DAI and USDC, according to security firm BlockSec. Some of the proceeds from the attack are already being laundered through Tornado Cash, a US-sanctioned platform which enables users to obfuscate their transaction history, security companies PeckShield Inc and Elliptic said. The incident on Monday morning in London has almost wiped out Euler's on-chain value, leaving only around $9.7 million locked on the platform, data from DeFiLlama show. Euler Finance allows users to lend and borrow large amounts of cryptoassets through an automated service that does not require human intervention. The protocol's EUL token fell more than 50% to a low of $2.88 after the attack was disclosed, according to pricing data from CoinGecko. Details of the hack weren't immediately provided by the platform's developer Euler Labs.Read more of this story at Slashdot.

President Joe Biden sought to assure customers of Silicon Valley Bank and Signature Bank on Monday that their money was safe -- insured by the Deposit Insurance Fund -- but said investors in the failed banks' securities aren't going to get the same guarantee. From a report: "Investors in the banks will not be protected," Biden said in a White House speech. "They knowingly took a risk and when the risk didn't pay off, the investors lose their money. That's how capitalism works." The nation's top bank regulators on Sunday announced the Federal Deposit Insurance Corp and Federal Reserve would fully cover deposits at both failed banks and rely on Wall Street and large financial institutions -- not taxpayers -- to foot the bill. Signature Bank in New York, which was shuttered Sunday over similar systemic contagion fears as SVB, had been a popular funding source for cryptocurrency companies. "The FDIC on Friday took control of SVB's assets and over the weekend Signature's," Biden said. "All customers who had deposits in these banks can rest assured they will be protected and they'll have access to the money as of today." The Treasury Department designated both SVB and Signature as systemic risks, giving it authority to unwind both institutions. The FDIC's Deposit Insurance Fund, not taxpayer money, will be used to cover depositors, many of whom had significantly more than the $250,000 deposited at the banks that is normally covered by the FDIC. "No losses will be borne by the taxpayers," Biden stressed Monday. "I'm going to repeat that -- no losses will be borne by the taxpayers. Instead the money will come from the fees that banks pay into the Deposit Insurance Fund."/i?Read more of this story at Slashdot.

When Microsoft invested $1 billion in OpenAI in 2019, it agreed to build a massive, cutting-edge supercomputer for the artificial intelligence research startup. The only problem: Microsoft didn't have anything like what OpenAI needed and wasn't totally sure it could build something that big in its Azure cloud service without it breaking. From a report: OpenAI was trying to train an increasingly large set of artificial intelligence programs called models, which were ingesting greater volumes of data and learning more and more parameters, the variables the AI system has sussed out through training and retraining. That meant OpenAI needed access to powerful cloud computing services for long periods of time. To meet that challenge, Microsoft had to find ways to string together tens of thousands of Nvidia's A100 graphics chips -- the workhorse for training AI models -- and change how it positions servers on racks to prevent power outages. Scott Guthrie, the Microsoft executive vice president who oversees cloud and AI, wouldn't give a specific cost for the project, but said "it's probably larger" than several hundred million dollars. [...] Now Microsoft uses that same set of resources it built for OpenAI to train and run its own large artificial intelligence models, including the new Bing search bot introduced last month. It also sells the system to other customers. The software giant is already at work on the next generation of the AI supercomputer, part of an expanded deal with OpenAI in which Microsoft added $10 billion to its investment.Read more of this story at Slashdot.

HSBC, in a stock exchange filing: HSBC Holdings plc announces that its UK ring-fenced subsidiary, HSBC UK Bank plc, is acquiring Silicon Valley Bank UK Limited (SVB UK) for 1 pound ($1.2). As at 10 March 2023, SVB UK had loans of around $6.6 bn and deposits of around $8.1bn. Noel Quinn, HSBC Group CEO, said, "This acquisition makes excellent strategic sense for our business in the UK. It strengthens our commercial banking franchise and enhances our ability to serve innovative and fast-growing firms, including in the technology and life-science sectors, in the UK and internationally. We welcome SVB UK's customers to HSBC and look forward to helping them grow in the UK and around the world. SVB UK customers can continue to bank as usual, safe in the knowledge that their deposits are backed by the strength, safety and security of HSBC. We warmly welcome SVB UK colleagues to HSBC, we are excited to start working with them."Read more of this story at Slashdot.

By the end of 2023, GitHub will require all code contributors to enable two-factor authentication — part of "a platform-wide effort to secure software development by improving account security." But on Monday they'll start rolling it out, according to a new blog post, reaching out to "smaller" groups of developers and administrators "to notify them of their 2FA enrollment requirement."If your account is selected for enrollment, you will be notified via email and see a banner on GitHub.com, asking you to enroll. You'll have 45 days to configure 2FA on your account — before that date nothing will change about using GitHub except for the reminders. We'll let you know when your enablement deadline is getting close, and once it has passed you will be required to enable 2FA the first time you access GitHub.com. You'll have the ability to snooze this notification for up to a week, but after that your ability to access your account will be limited. Don't worry: this snooze period only starts once you've signed in after the deadline, so if you're on vacation or out of office, you'll still get that one week period to set up 2FA when you're back at your desk.... Twenty-eight (28) days after you enable 2FA, you'll be asked to perform a 2FA check-up while using GitHub.com, which validates that your 2FA setup is working correctly. Previously signed-in users will be able to reconfigure 2FA if they have misconfigured or misplaced second factors during onboarding. GitHub's blog post says their gradual rollout plan "will let us make sure developers are able to successfully onboard, and make adjustments as needed before we scale to larger groups as the year progresses." InfoWorld summarizes the options:Users can choose between 2FA methods such as TOTP (Time-based One-Time Password), SMS (Short Message Service), security keys, or GitHub Mobile as a preferred 2FA method. GitHub advises using security keys and TOTPs wherever possible; SMS does not provide the same level of protection and is no longer recommended under NIST 800-63B, the company said. Internally GitHub is also testing passkeys, according to their blog post. "Protecting developers and consumers of the open source ecosystem from these types of attacks is the first and most critical step toward securing the supply chain."Read more of this story at Slashdot.

"Meta, the parent firm of Facebook and Instagram, is working on a standalone, text-based social network app," reports the BBC.BR>"It could rival both Twitter and its decentralised competitor, Mastodon."A spokesperson told the BBC: "We're exploring a standalone decentralized social network for sharing text updates...." According to MoneyControl, the new app is codenamed P92, and will allow users to log in through their existing Instagram credentials. Meta's app will be based on a similar framework to the one that powers Mastodon, a Twitter-like service which was launched in 2016. The new app would be decentralised — it cannot be run at the whim of a single entity, bought or sold.... It was not immediately clear when Meta would roll out the new app.Read more of this story at Slashdot.

Stack Overflow explored the "hype cycle" by asking thousands of real developers whether nascent tech trends have really proven themselves, and how they feel about them. "With AI-assisted technologies in the news, this survey's aim was to get a baseline for perceived utility and impact" of various technologies, writes Stack Overflow's senior analyst for market research and insights. The results? "Open source is clearly positioned as the north star to all other technologies, lighting the way to the chosen land of future technology prosperity."Technologies such as blockchain or AI may dominate tech media headlines, but are they truly trusted in the eyes of developers and technologists? On a scale of zero (Experimental) to 10 (Proven), the top proven technologies by mean score are open source with 6.9, cloud computing with 6.5, and machine learning with 5.9. The lowest scoring were quantum computing with 3.7, nanotechnology with 4.5, and low code/no code with 4.6.... [When asked for the next technology that everyone will use], AI comes in at the top of the list by a large margin, but our three top proven selections (open source, machine learning, cloud computing) follow after.... It's one thing to believe a technology has a prosperous future, it's another to believe a technology deserves a prosperous future. Alongside the emergent sentiment, respondents also scored the same technologies on a zero (Negative Impact) to 10 (Positive Impact) scale for impact on the world. The top positive mean scoring technologies were open source with 7.2, sustainable technologies with 6.6 and machine learning with 6.5; the top negative mean scoring technologies were low code/no code, InnerSource, and blockchain all with 5.3. Seeing low code/no code and blockchain score so low here makes sense because both could be associated with questionable job security in certain developer careers; however it's surprising that AI is not there with them on the negative end of the spectrum. AI-assisted technology had an above average mean score for positive impact (6.2) and the percent positive score is not that far off from those machine learning and cloud computing (28% vs. 33% or 32%). Possibly what we are seeing here as far as why developers would not rate AI more negatively than technologies like low code/no code or blockchain but do give it a higher emergent score is that they understand the technology better than a typical journalist or think tank analyst. AI-assisted tech is the second highest chosen technology on the list for wanting more hands-on training among respondents, just below machine learning. Developers understand the distinction between media buzz around AI replacing humans in well-paying jobs and the possibility of humans in better quality jobs when AI and machine learning technologies mature. Low code/no code for the same reason probably doesn't deserve to be rated so low, but it's clear that developers are not interested in learning more about it. Open source software is the overall choice for most positive and most proven scores in sentiment compared to the set of technologies we polled our users about. One quadrant of their graph shows three proven technologies which developers still had negative feelings about: biometrics, serverless computing, and rapid prototyping tools. (With "Internet of Things" straddling the line between positive and negative feelings.) And there were two technologies which 10% of respondents thought would never be widely used in the future: low code/no code and blockchain. "Post-FTX scandal, it's clear that most developers do not feel blockchain is positive or proven," the analyst writes. "However there is still desire to learn as more respondents want training with blockchain than cloud computing. There's a reason to believe in the direct positive impact of a given technology when it pays the bills."Read more of this story at Slashdot.

An anonymous reader shares this report from 9to5Linux:After Canonical's announcement that future Ubuntu releases won't include Flatpak support by default, someone already made an unofficial Ubuntu flavor that ships with support for Flatpak apps preinstalled and working out of the box, called Ubuntu Flatpak Remix. Meet Ubuntu Flatpak Remix, an unofficial Ubuntu derivative that doesn't feature support for Snap apps and comes with support for Flatpak apps working out of the box. Several key apps are preinstalled in the Flatpak format rather than as a Snap app, including the Mozilla Firefox web browser, Mozilla Thunderbird email client, and LibreOffice office suite.... Support for the Flathub portal is installed as well, so you'll be able to install more apps with just a few clicks.Read more of this story at Slashdot.

Reuters reports: General Motors is exploring uses for ChatGPT as part of its broader collaboration with Microsoft, a company executive told Reuters. "ChatGPT is going to be in everything," GM Vice President Scott Miller said in an interview last week. The chatbot could be used to access information on how to use vehicle features normally found in an owners manual, program functions such as a garage door code or integrate schedules from a calendar, Miller said. "This shift is not just about one single capability like the evolution of voice commands, but instead means that customers can expect their future vehicles to be far more capable and fresh overall when it comes to emerging technologies," a GM spokesperson said on Friday. More details from Engadget:According to Semafor, the digital assistant will operate differently from other chatbots like Bing Chat. GM is reportedly working on adding a "car-specific layer" on top of the large language models that power ChatGPT.Read more of this story at Slashdot.

Breaking news from CNN:Treasury Secretary Janet Yellen on Sunday instructed the Federal Deposit Insurance Corporation to guarantee Silicon Valley Bank customers will have access to all of their money starting Monday. By guaranteeing all deposits — even the uninsured money customers kept with the failed SVB bank — the government can ensure public confidence in America's banking system, said Yellen, Federal Reserve Chair Jerome Powell and FDIC Chairman Martin J. Gruenberg in a joint statement.... The FDIC opened an auction Sunday for bids to acquire the bank, the Treasury Department said in a briefing with lawmakers in the California delegation, two sources familiar with the briefing told CNN.... Under Secretary for Domestic Finance Nellie Liang and Assistant Secretary for Legislative Affairs Jonathan Davidson led the briefing, during which they told members that the FDIC is prepared "to operate the institution" to ensure depositors can maintain payroll for their employees and that more operations will emerge in coming days, one of the sources said. The treasury secretary's statement clarified that "No losses associated with the resolution of Silicon Valley Bank will be borne by the taxpayer."We are also announcing a similar systemic risk exception for Signature Bank, New York, New York, which was closed today by its state chartering authority. All depositors of this institution will be made whole. As with the resolution of Silicon Valley Bank, no losses will be borne by the taxpayer. Shareholders and certain unsecured debtholders will not be protected. Senior management has also been removed. Any losses to the Deposit Insurance Fund to support uninsured depositors will be recovered by a special assessment on banks, as required by law. Finally, the Federal Reserve Board on Sunday announced it will make available additional funding to eligible depository institutions to help assure banks have the ability to meet the needs of all their depositors. Meanwhile, congresswoman Nancy Pelosi said there are multiple potential buyers for SVB, and "What we would hope to see by tomorrow morning is for some other bank to buy the bank." The UK arm of the bank has already received a bid from the Bank of London. From the treasury secretary's statement:The U.S. banking system remains resilient and on a solid foundation, in large part due to reforms that were made after the financial crisis that ensured better safeguards for the banking industry. Those reforms combined with today's actions demonstrate our commitment to take the necessary steps to ensure that depositors' savings remain safe.Read more of this story at Slashdot.

Samsung's Galaxy smartphones now offer "Space Zoom," writes Apple Insider, a feature augmenting 3x and 10x telephoto cameras with digital zoom "aided by Samsung's AI Super Resolution technology." But the resulting 100X zoom levels "appear to be more a feat of AI trickery than anything else," they conclude, citing an investigation by a Reddit user:That so-called Space Zoom could potentially allow users to photograph the moon, and many do. However, it may be the case that the level of detail in the moon shots may only be higher due to software shenanigans.... The user tested the effect by downloading a high-resolution image of the moon, then downsized it to a 170 by 170-resolution image, and then applied a gaussian blur to obliterate any final details of its surface. They then showed the low-res blurry moon at full screen on their monitor, walked to the other end of their room, zoomed in on the fake celestial body, and took a photograph. After some processing, an image of the moon was produced by the smartphone, but the surface had considerably more detail for the surface than the doctored source. The user reckons Samsung "is leveraging an AI model to put craters and other details on places which were just a blurry mess." They go further to stress that while super resolution processing uses multiple images to recover otherwise-lost detail, this seems to be something different. It is proposed that this is a case "where you have a specific AI model trained on a set of moon images, in order to recognize the moon and slap on the moon texture on it." The Reddit user has now posted an update:I photoshopped one moon next to another (to see if one moon would get the AI treatment, while another would not), and managed to coax the AI to do exactly that....[O]ne moon got the "AI enhancement", while the other one shows what was actually visible to the sensor — a blurry mess.... It's literally adding in detail that weren't there. It's not deconvolution, it's not sharpening, it's not super resolution, it's not "multiple frames or exposures". It's generating data.Read more of this story at Slashdot.

Long-time Slashdot reader theodp shares a fresh perspective on how the "pause" announced for building Amazon's HQ2 headquarters could impact the local community:The Falls Church News-Press notes that Amazon's pause announcement came just days after a 12-page glossy mass mailing entitled Capital Region Community Impact Report went out to thousands in the region. Beginning with a statement from Amazon CEO Andy Jassy, the report spelled out "Amazon's philanthropic commitments in the Capital Region," including $32M donated to 150+ local organizations in 2021, $990M+ committed to create and preserve 6,245 affordable housing units. 13,700 people supported by Amazon-funded affordable housing investments and 23,000 students who received food, clothing, school supplies, hygiene items and other urgent support through Amazon's Right Now Needs Fund. According to the report, the commitments also included benefits to 75,000+ students across 343 schools who received computer science education through the Amazon Future Engineer program, to 166,000+ students who participated in the CodeVA K-12 CS education program during the 2021-22 academic year, the 5.3 million free meals delivered to underserved families in partnership with Northern Virginia food banks, 10,000 meals purchased from local restaurants and donated to support Covid-19 first responders, $350,000 contributed to local community theaters and arts-focused non-profits, to 6,000 students who explored cloud computing solutions at the Wakefield H.S. Think Big in the 2021-22 academic year, the 200,000 children and families from underserved communities who received free access to the National Children's Museum through a $250,000 gift from Amazon, and the 16,700+ students served by Amazon's support for local youth sports leagues. Not to look an Amazon philanthropy gift horse in the mouth, but should politicians be reliant on Amazon philanthropy to meet their communities' basic needs? Amazon's 2022 income taxes, by the way, were -$3.217B.Read more of this story at Slashdot.

"Recently, on a YouTube channel, I said something terrible," confesses a staff writer for the Atlantic. "But I don't know what it was."Whatever it was, it was enough to get the interview demonetized, meaning no ads could be placed against it, and my host received no revenue from it. "It does start to drive you mad," says Andrew Gold, whose channel, On the Edge, was the place where I committed my unknowable offense. Like many full-time YouTubers, he relies on the Google-owned site's AdSense program, which gives him a cut of revenues from the advertisements inserted before and during his interviews. When launching a new episode, Gold explained to me, "you get a green dollar sign when it's monetizable, and it goes yellow if it's not." Creators can contest these rulings, but that takes time — and most videos receive the majority of their views in the first hours after launch. So it's better to avoid the yellow dollar sign in the first place. If you want to make money off of YouTube, you need to watch what you say.... YouTube operates a three-strike policy for infractions: The first strike is a warning; the second prevents creators from making new posts for a week; and the third (if received within 90 days of the second) gets the channel banned.... Although many types of content may never run afoul of the guidelines...political discussions are subject to the whims of algorithms. Absent enough human moderators to deal with the estimated 500 hours of videos uploaded every minute, YouTube uses artificial intelligence to enforce its guidelines. Bots scan auto-generated transcripts and flag individual words and phrases as problematic, hence the problem with saying heroin. Even though "educational" references to drug use are allowed, the word might snag the AI trip wire, forcing a creator to request a time-consuming review.... [T]alk with everyday creators, and they are more than willing to work inside the rules, which they acknowledge are designed to make YouTube safer and more accurate. They just want to know what those rules are, and to see them applied consistently. As it stands, Gold compared his experience of being impersonally notified of unspecified infractions to working for HAL9000, the computer overlord from 2001: A Space Odyssey. ["They don't tell me if it's Nazis, heroin, or anything," Gold says later. "You're just left wondering what it was."] The article notes that YouTube's algorithm seems to flag people who are debunking misinformation as misinformation. (One study found that purveyors of controversial content simply stop worrying about YouTube demonetizing their videos, using them to direct viewers instead to their "affiliate" links offering commissions, or to their content on other still-monetized platforms.) In just the last three months of 2022, YouTube made almost $8 billion in advertising revenue, the article concludes. "There's a very good reason journalism is not as profitable as that: Imagine if YouTube edited its content as diligently as a legacy newspaper or television channel — even quite a sloppy one. Its great river of videos would slow to a trickle."Read more of this story at Slashdot.

Today U.S. Treasury Secretary Janet Yellen said Silicon Valley Bank would not be bailed out by the federal government. But the government is working on helping depositors, Yellen said on the CBS News show Face the Nation. The Associated Press reports that deposits insured by the federal government are supposed to be available by Monday morning...The Federal Deposit Insurance Corporation insures deposits up to $250,000, but many of the companies and wealthy people who used the bank — known for its relationships with technology startups and venture capital — had more than that amount in their account. There are fears that some workers across the country won't receive their paychecks.... [Yellen] emphasized that the situation was much different from the financial crisis almost 15 years ago, which led to bank bailouts to protect the industry. "We're not going to do that again," she said. "But we are concerned about depositors, and we're focused on trying to meet their needs...." Silicon Valley Bank is the nation's 16th-largest bank. It was the second biggest bank failure in U.S. history after the collapse of Washington Mutual in 2008. The bank served mostly technology workers and venture capital-backed companies, including some of the industry's best-known brands.... Yellen said she expected regulators to consider "a wide range of available options," including the acquisition of Silicon Valley Bank by another institution. So far, however, no buyer has stepped forward. CNBC reports that just hours before regulators seized the failing bank — employees were paid their annual bonuses, "according to people with knowledge of the payments." And the Intercept reports that earlier the bank had successfully lobbied for the rollback of protective rules established in the wake of the 2008 financial crisis. "The lobbying effort managed to exempt banks the size of Silicon Valley Bank from more stringent regulations, including stress tests aimed at uncovering the type of weaknesses that led to the bank's implosion Friday." But the Washington Post reported that as dramatic as the seizure is, "one thing it doesn't seem likely to do — at least for now — is trigger a wider financial meltdown, banking experts said."Unlike the giant banks that ignited a global crisis in 2008, SVB was heavily dependent upon a single risky sector of the economy for both its depositors and its customers. That concentrated bet proved to be very bad news for the ambitious start-ups that dominate the high-technology world. But it means that the tech-friendly bank lacked the sophisticated financial entanglements with other institutions that can turn one bank's losses into a threat to the entire industry.Read more of this story at Slashdot.

"Crypto firms should do their work within the bounds of the law, or they shouldn't do it at all," says the head of America's Securities and Exchange Commission, which regulates US. investment markets. In an editorial published in The Hill, SEC chair Gary Gensler warns that instead cryptocurrency has many "trusted" intermediaries that are in fact non-compliant with U.S. securities law.Today, crypto is dominated by a handful of trading, lending, staking, and other financial intermediaries. The investing public is trusting these entities to be responsible with investors' assets. According to some data, the three largest crypto trading platforms purportedly account for almost three quarters of all trading volume. Crypto entrepreneurs might claim, in their own marketing materials, that they're transparent and regulated. But make no mistake: Very few, if any, are actually registered with the SEC and fully compliant with the federal securities laws. The lack of compliance puts investors' hard-earned assets at risk. Investors lack fundamental disclosures about the crypto assets themselves and the firms who execute their trades and custody their assets: What are firms doing with customer assets? How are they funding their promised returns? Are they putting their hands in investors' pockets? When you buy or sell a token, are you trading against the house? What are the rules to protect against manipulation and fraud? Without disclosure and other investor protections, we simply don't know. In essence, these firms are saying, "trust us." What's more, when firms go bankrupt (as many have of late), they turn to bankruptcy courts to sort out their mess. "[B]ased upon how crypto platforms generally operate, investment advisers cannot rely on them today as qualified custodians," the editorial concludes. Rather than comply with the relevant laws, "it has felt like some have sought a stamp of approval for noncompliant activity, rather than changing a fundamentally non-compliant business model rife with conflicts."Of course, another tool in our toolbox is rooting out noncompliance through investigations and enforcement actions. The SEC has successfully brought or settled more than 100 cases against crypto intermediaries and token issuers, including some who operated Ponzi or pyramid schemes, engaged in unlawful touting, or committed other forms of fraud.... Some have said that we should let the innovation flourish or risk it going overseas. But forsaking investor protection puts real people's life savings at risk. "It's a basic bargain in finance: If you want to raise money from the public, disclose certain facts and figures," Gensler told Politico this week. Their article notes "crypto giants are threatening to move their businesses across the Atlantic" from America to Europe, but with Gensler responding "We lose more if investors get harmed here."Crypto lobbyists have framed Gensler's push to force their industry to comply with 90-year-old securities laws as a war against financial innovation. Whatever changes brought by crypto markets will pale compared to what could come as brokerages and financial data aggregators move to incorporate artificial intelligence into their offerings, Gensler said. "The much more transformative technology right now of our times is predictive data analytics and everything underlying artificial intelligence," he said, adding that he looked forward to working with lawmakers on how those tools could be regulated.Read more of this story at Slashdot.

Though Kia and Hyundai represent a tenth of U.S. auto sales, the New York Times reports that "Of the nearly 11,000 cars stolen in Memphis last year — about twice as many as in 2021 — roughly a third were late-model Kias and Hyundais, according to the police." "It doesn't take much to rip them off: just a screwdriver, a USB cord and hot-wiring know-how found in videos proliferating on social media."Many of the culprits are teenagers or young adults stealing cars for kicks or to use them for other crimes, such as robberies, the police say. More than half of the 175 people arrested and accused of car theft this year in Memphis were teenagers, who often abandon the vehicles after a joyride.... [A]uto thefts have continued to rise, even as other forms of lawbreaking have leveled out or fallen.... [T]he surge has continued, fueled in part by social media videos that show, step by step, how to steal Kias and Hyundais that are not equipped with an engine immobilizer — an electronic security device that keeps a car from being started without a key.... [Kia and Hyundai] recently issued statements saying they had fixed the problem that makes their vehicles relatively easy to steal in their latest models, and were introducing free software upgrades for vulnerable cars — about 4.5 million Kias and 3.8 million Hyundais, the federal government estimated. At the same time, the companies have shipped steering wheel locks to police departments across the country, to be provided free of charge to car owners who drive at-risk models. And executives say they are constantly monitoring TikTok and YouTube for new videos that show how to steal their vehicles, and then alerting the social media companies so those videos can be removed.... Officials say the social media-driven rise in Kia and Hyundai thefts began about two years ago in Milwaukee, and then spread nationwide. City attorneys for Seattle and Columbus recently sued the automakers for not installing anti-theft technology, and other cities, including Cleveland, Milwaukee and St. Louis, have threatened litigation.Read more of this story at Slashdot.

"Google's Go language has re-entered the top 10 of the Tiobe index of programming language popularity, after a nearly six-year absence," reports InfoWorld:Go ranks 10th in the March edition of the index, after placing 11th the previous month. The language last appeared in the top 10 in July 2017. The re-emergence of Go in the March 2023 index is being attributed to its popularity with software engineers and its strength in combining the right features, namely built-in concurrency, garbage collection, static typing, and good performance. Google's backing also helps, improving long-term trust in the language, Tiobe said. The languages Go beat out include "assembly language" at #11, followed by MATLAB, Delphi/Object Pascal, Scratch, and Classic Visual Basic. Here's the complete top-ten most popular programming languages, according to TIOBE:PythonCJavaC++C#Visual BasicJavaScriptSQLPHPGoRead more of this story at Slashdot.

As millions set their clocks forward one hour, there's pockets of resistance, according to this local news report: - "According to a March 2022 CBS News poll, 46% of Americans prefer permanent daylight saving time, while 33% prefer permanent standard time. The remaining 21% simply favor the status quo." - "Exceptions to this adopted norm include residents of Hawaii and most of Arizona, where standard time is permanent throughout the year." But The Hill notes that America appears to be stuck halfway toward repealing daylight saving time:Earlier this month, Senator Marco Rubio (R-Fla.) introduced the Sunshine Protection Act of 2023, which would make daylight saving time permanent. So far, the bill has received bipartisan support in the Senate and has been referred to the Committee on Commerce, Science, and Transportation. If passed, the March 12 changing of the clocks would be the final such event — we wouldn't "fall back" in November. A similar bill introduced by Rubio last year passed with unanimous support in the Senate, but it wasn't as well-received in the House. So before America can end daylight saving time, that bill would need approval from the U.S. House of Representatives — and then the president's signature. Meanwhile at least U.S. at least 19 states have already enacted legislation or resolutions to make daylight saving time permanent, the article points out. "But these states can't make the change without congressional approval, or their neighboring states enacting similar legislation."Read more of this story at Slashdot.

"Twelve years after the triple reactor meltdowns at the Fukushima Daiichi nuclear power plant, Japan is preparing to release a massive amount of treated radioactive wastewater into the sea," writes the Associated Press. "Japanese officials say the release is unavoidable and should start soon. "Dealing with the wastewater is less of a challenge than the daunting task of decommissioning the plant. That process has barely progressed, and the removal of melted nuclear fuel hasn't even started."Massive amounts of fatally radioactive melted nuclear fuel remain inside the reactors. Robotic probes have provided some information but the status of the melted debris is largely unknown. kira Ono, who heads the cleanup as president of TEPCO's decommissioning unit, says the work is "unconceivably difficult." Earlier this year, a remote-controlled underwater vehicle successfully collected a tiny sample from inside Unit 1âs reactor — only a spoonful of about 880 tons of melted fuel debris in the three reactors. That's 10 times the amount of damaged fuel removed at the Three Mile Island cleanup following its 1979 partial core melt. Trial removal of melted debris will begin in Unit 2 later this year after a nearly two-year delay. Spent fuel removal from Unit 1 reactor's cooling pool is to start in 2027 after a 10-year delay. Once all the spent fuel is removed the focus will turn in 2031 to taking melted debris out of the reactors.... The government has stuck to its initial 30-40 year target for completing the decommissioning, without defining what that means.... Some experts say it would be impossible to remove all the melted fuel debris by 2051. Meanwhile, groundwater is creating 130 tons of contaminated water each day, according to the article. The tanks holding that water "are 96% full and expected to reach their capacity of 1.37 million tons in the fall."Read more of this story at Slashdot.

Fortune reports:The thousands of layoffs in Big Tech are thanks to an over-hiring spree to satisfy the "vanity" of bosses at the likes of Meta and Alphabet, according to a member of the so-called PayPal Mafia. Speaking remotely at an event hosted by banking firm Evercore, Silicon Valley VC Keith Rabois said Meta and Google had hired thousands of people to do "fake work" to hit hiring metrics out of "vanity". Rabois, who was an executive at PayPal in the early 2000s alongside Tesla CEO Elon Musk, said the axing of droves of jobs is overdue. "All these people were extraneous, this has been true for a long time, the vanity metric of hiring employees was this false god in some ways," Rabois said, according to Insider. "There's nothing for these people to do — it's all fake work. Now that's being exposed, what do these people actually do, they go to meetings." The DoorDash investor added Google had intentionally hired engineers and tech talent to stop them from being snapped up by competitors.Read more of this story at Slashdot.

The New York Times magazine tells the story of an innocuous-seeming message on LinkedIn in 2017 from Qu Hui, the deputy director of the China-based Provincial Association for International Science and Technology Development. Federal agents eventually obtained search warrants for two Gmail addresses the official was using, and "In what would prove to be a lucky break, the investigators found that each email address was the Apple ID used for an iPhone, linked to an iCloud account where data from the phones was periodically backed up. The agents were later able to obtain search warrants for the two iCloud accounts [that] opened a treasure trove."This included confirmation of what they had suspected all along: that Qu worked for Chinese intelligence. His real name was Xu Yanjun. He had worked at the Ministry of State Security since 2003, earning six promotions to become a deputy division director of the Sixth Bureau in the Jiangsu Province M.S.S. Like so many of us, he had taken pictures of important documents using his iPhone — his national ID card, pay stubs, his health insurance card, an application for vacation — which is how they ended up in his iCloud account. There, investigators also found an audio recording of a 2016 conversation with a professor at N.U.A.A. in which Xu had talked about his job in intelligence and the risks associated with traveling. "The leadership asks you to get the materials of the U.S. F-22 fighter aircraft," he told the professor. "You can't get it by sitting at home." The discovery of evidence of Xu's identity in an iCloud account makes for a kind of delicious reversal. The ubiquitous use of iPhones around the world — a result of America's technological prowess — was helping to fight back against a rival nation's efforts to steal technology. Qu scheduled a meeting in Brussels with one American target — where he was arrested and extradited to America, becoming the first-ever Chinese intelligence official convicted on U.S. soil on charges of economic espionage.The prosecution contended that Xu had been systematically going after intellectual property at aerospace companies in the United States and Europe through cyberespionage and the use of human sources. It's not often that prosecutors find a one-stop shop for much of their evidence, but that's what Xu's iCloud account was — a repository of the spy's personal and professional life. That's because often Xu used his iPhone calendar as a diary, documenting not just the day's events but also his thoughts and feelings.... The messages in Xu's iCloud account enabled investigators to make another damning discovery. Xu had helped coordinate a cyberespionage campaign that targeted several aviation technology companies.... At the end of the trial, Xu was convicted of conspiring and attempting to commit economic espionage and theft of trade secrets.... According to Timothy Mangan, who led the prosecution, the evidence laid out during Xu's trial goes far beyond merely proving his guilt — it uncovers the systematic nature of China's vast economic espionage. The revelation of Xu's activities lifts the veil on how pervasive China's economic espionage is, according to the F.B.I. agent. If just one provincial officer can do what he did, the agent suggests, you can imagine how big the country's overall operations must be. The article notes that the Chinese government "also offers financial incentives to help Chinese expats start their own businesses in China using trade secrets stolen from their American employers." It also cites a 2019 report from a congressional committee's security review that found "myriad ways in which Chinese companies, often backed by their government, help transfer strategic know-how from the United States to China."The maneuvers range from seemingly benign (acquiring American firms with access to key intellectual property) to notoriously coercive (compelling American companies to form joint ventures with Chinese firms and share trade secrets with them in return for access to the Chinese market) to outright theft. Cyberattacks have become an increasingly common tactic because they can't always be linked directly to the Chinese government. Over the past few years, however, federal agents and cybersecurity experts in the U.S. have identified the digital footprints left along the trails of these attacks — malware and I.P. addresses among them — and traced this evidence back to specific groups of hackers with proven ties to the Chinese government. One 2020 indictment blamed five "computer hackers" in China for breaching more than 100 organizations. Thanks to Slashdot reader schwit1 for sharing the article.Read more of this story at Slashdot.

Systems-oriented developers already have programming languages like C, C++, Rust, and Go, notes InfoWorld. But now, "we also have Zig, a newer language that seeks to absorb what's best about these languages and offer comparable performance with a better, more reliable developer experience."Zig is a very active project. It was started by Andrew Kelley in 2015 and now seems to be reaching critical mass. Zig's ambition is rather momentous in software history: to become the heir to C's longstanding reign as both the go-to portable low-level language and as a standard to which other languages are compared.... Currently, Zig is being used to implement the Bun.js JavaScript runtime as an alternative to Node.js. Bun's creator Jarred Sumner told me "Zig is sort of similar to writing C, but with better memory safety features in debug mode and modern features like defer (sort of similar to Go's) and arbitrary code can be executed at compile-time via comptime. It has very few keywords so it's a lot easier to learn than C++ or Rust." Zig differs from most other languages in its small feature footprint, which is the outcome of an explicit design goal: Only one obvious way to do things. Zig's developers take this goal so much to heart that for a time, Zig had no for loop, which was deemed an unnecessary syntactic elaboration upon the already adequate while loop. Kevin Lynagh, coming from a Rust background, wrote, "The language is so small and consistent that after a few hours of study I was able to load enough of it into my head to just do my work." Nathan Craddock, a C developer, echoed the sentiment. Programmers seem to really like the focused quality of Zig's syntax. While Zig is "approaching" production-ready status, the article notes its high degree of interoperability with C and C++, its unique error-handling system, and its elimination of a malloc keyword (leaving memory allocation to the standard library). "For now, the Zig team appears to be taking its time with the 1.0 release, which may drop in 2025 or later — but none of that stops us from building all sorts of things with the language today."Read more of this story at Slashdot.

Slashdot readers madsh, Ellis Haney, and sciencehabit all submitted this report from Science:A recent study, scheduled to be presented at an upcoming computer vision conference, demonstrates that AI can read brain scans and re-create largely realistic versions of images a person has seen.... Many labs have used AI to read brain scans and re-create images a subject has recently seen, such as human faces and photos of landscapes. The new study marks the first time an AI algorithm called Stable Diffusion, developed by a German group and publicly released in 2022, has been used to do this.... For the new study, a group in Japan added additional training to the standard Stable Diffusion system, linking additional text descriptions about thousands of photos to brain patterns elicited when those photos were observed by participants in brain scan studies. Unlike previous efforts using AI algorithms to decipher brain scans, which had to be trained on large data sets, Stable Diffusion was able to get more out of less training for each participant by incorporating photo captions into the algorithm.... The AI algorithm makes use of information gathered from different regions of the brain involved in image perception, such as the occipital and temporal lobes, according to Yu Takagi, a systems neuroscientist at Osaka University who worked on the experiment. The system interpreted information from functional magnetic resonance imaging (fMRI) brain scans, which detect changes in blood flow to active regions of the brain. When people look at a photo, the temporal lobes predominantly register information about the contents of the image (people, objects, or scenery), whereas the occipital lobe predominantly registers information about layout and perspective, such as the scale and position of the contents. All of this information is recorded by the fMRI as it captures peaks in brain activity, and these patterns can then be reconverted into an imitation image using AI. In the new study, the researchers added additional training to the Stable Diffusion algorithm using an online data set provided by the University of Minnesota, which consisted of brain scans from four participants as they each viewed a set of 10,000 photos. If a study participant showed the same brain pattern, the algorithm sent words from that photo's caption to Stable Diffusion's text-to-image generator. Iris Groen, a neuroscientist at the University of Amsterdam who was not involved with the work, told Science that "The accuracy of this new method is impressive."Read more of this story at Slashdot.

Politico reports:Governments and businesses have spent two decades rushing to the cloud — trusting some of their most sensitive data to tech giants that promised near-limitless storage, powerful software and the knowhow to keep it safe. Now the White House worries that the cloud is becoming a huge security vulnerability. So it's embarking on the nation's first comprehensive plan to regulate the security practices of cloud providers like Amazon, Microsoft, Google and Oracle, whose servers provide data storage and computing power for customers ranging from mom-and-pop businesses to the Pentagon and CIA.... Among other steps, the Biden administration recently said it will require cloud providers to verify the identity of their users to prevent foreign hackers from renting space on U.S. cloud servers (implementing an idea first introduced in a Trump administration executive order). And last week the administration warned in its national cybersecurity strategy that more cloud regulations are coming — saying it plans to identify and close regulatory gaps over the industry.... So far, cloud providers have haven't done enough to prevent criminal and nation-state hackers from abusing their services to stage attacks within the U.S., officials argued, pointing in particular to the 2020 SolarWinds espionage campaign, in which Russian spooks avoided detection in part by renting servers from Amazon and GoDaddy. For months, they used those to slip unnoticed into at least nine federal agencies and 100 companies. That risk is only growing, said Rob Knake, the deputy national cyber director for strategy and budget. Foreign hackers have become more adept at "spinning up and rapidly spinning down" new servers, he said — in effect, moving so quickly from one rented service to the next that new leads dry up for U.S. law enforcement faster than it can trace them down. On top of that, U.S. officials express significant frustration that cloud providers often up-charge customers to add security protections — both taking advantage of the need for such measures and leaving a security hole when companies decide not to spend the extra money. That practice complicated the federal investigations into the SolarWinds attack, because the agencies that fell victim to the Russian hacking campaign had not paid extra for Microsoft's enhanced data-logging features.... Part of what makes that difficult is that neither the government nor companies using cloud providers fully know what security protections cloud providers have in place. In a study last month on the U.S. financial sector's use of cloud services, the Treasury Department found that cloud companies provided "insufficient transparency to support due diligence and monitoring" and U.S. banks could not "fully understand the risks associated with cloud services."Read more of this story at Slashdot.

$4,800 buys you a two-day "immersive" experience on the Star Wars-themed "Galactic Starcruiser" at Disney World — a pseudo cruise ship in space. But one year after it opened, Disney is "cutting back" some of its bookings, reports SFGate:Earlier this year, it began offering its first sizable discounts to the general public. Now, the Starcruiser booking calendar shows only two voyages per week will be available for most of October, November and December. Only Thanksgiving week and Christmas week are offering three voyages.... "Star Wars: Galactic Starcruiser is one of the most ambitious, innovative projects we've ever brought to life and is unlike anything we've done before — it continues to be among our highest-rated guest experiences due to its immersive environment and incredible service provided by our stellar crew," a Disney spokesperson told SFGATE. "We learned a lot from our guests during the first year of operation and have made some adjustments along the way to continue delivering an unforgettable experience for everyone who visits."Read more of this story at Slashdot.

An anonymous reader shares this report from Dark Reading:In recent weeks, hackers have been deploying the "IceFire" ransomware against Linux enterprise networks, a noted shift for what was once a Windows-only malware. A report from SentinelOne suggests that this may represent a budding trend. Ransomware actors have been targeting Linux systems more than ever in cyberattacks in recent weeks and months, notable not least because "in comparison to Windows, Linux is more difficult to deploy ransomware against, particularly at scale," Alex Delamotte, security researcher at SentinelOne, tells Dark Reading.... "[M]any Linux systems are servers," Delamotte points out, "so typical infection vectors like phishing or drive-by download are less effective." So instead, recent IceFire attacks have exploited CVE-2022-47986 — a critical remote code execution (RCE) vulnerability in the IBM Aspera data transfer service, with a CVSS rating of 9.8. Delamotte posits a few reasons for why more ransomware actors are choosing Linux as of late. For one thing, she says, "Linux-based systems are frequently utilized in enterprise settings to perform crucial tasks such as hosting databases, Web servers, and other mission-critical applications. Consequently, these systems are often more valuable targets for ransomware actors due to the possibility of a larger payout resulting from a successful attack, compared to a typical Windows user." A second factor, she guesses, "is that some ransomware actors may perceive Linux as an unexploited market that could yield a higher return on investment." While previous reports had IceFire targetting tech companies, SentinelLabs says they've seen recent attacks against organizations "in the media and entertainment sector," impacting victims "in Turkey, Iran, Pakistan, and the United Arab Emirates, which are typically not a focus for organized ransomware actors."Read more of this story at Slashdot.

"Based on initial data review, vehicle is healthy," Relativity Space tweeted today. "More info to follow on cause of aborts today. Thanks for playing." Remaining back on the launchpad is the largest 3D printed object ever to exist. And they're still hoping to launch it into space. They'd planned a launch this morning from Cape Canaveral, Florida of a 110-foot rocket (33.5 meters) on a mission they're calling GLHF — "Good Luck, Have Fun". The rocket's makers — California-based Relativity Space — call it "the world's first 3D printed rocket." A full 85% of the rocket's weight comes from 3D printed parts, explains Wired, and "only the computing system, electronics, and readily available parts like fasteners were not." Named Terran 1, the 7.5-foot-wide rocket (2.2 meters) inaugurates the company's ambitious plans for 3D printing in space:Relativity Space wants to use Terran 1 to (comparatively) cheaply lift satellites for other companies and NASA into Earth orbit. It also plans to construct Terran R, a larger, more powerful, fully reusable rocket that the company hopes will compete with SpaceX's Falcon 9, which has a smaller payload capacity and only reuses the rocket's first stage. In late 2024, Relativity plans to test using Terran R to launch payloads to Mars; another startup, Impulse Space, will provide the lander. From the company's web site:Like its structure, all Relativity engines are 3D printed and use liquid oxygen and liquid natural gas, which are not only the best for rocket propulsion, but also for reusability, and the easiest to eventually transition to methane on Mars. The tagline for the company's Twitter feed says they're "Building humanity's multiplanetary future." And excitement is running high, reports Spaceflight Now""There are a number of firsts here potentially on this rocket," said Josh Brost, vice president of revenue operations at Relativity Space.... "Hard to believe the day is nearly here to launch Terran 1, our first rocket!" Tim Ellis, co-founder and CEO of Relativity Space tweeted Tuesday.... The company now boasts some 1,000 employees, a million-square-foot headquarters and factory in Long Beach, California, and $1.3 billion in venture capital and equity fundraising, including an early $500,000 investment from billionaire Mark Cuban. In 2021, the company reached a valuation of $4.2 billion before launching any rockets.... "No new company has ever had their liquid rocket make it to space on their first attempt," Brost, also a former engineer and manager at SpaceX, told Spaceflight Now in a pre-launch interview. "So if everything goes incredibly well, and we achieve orbit on our first launch ... that would be a remarkable milestone for us, which we would be, of course, over the moon excited about. But that doesn't define success for us." Wired adds that they're not the only company working on space-related 3D printing:Australia's Fleet Space has already been producing lightweight, 3D-printed radio frequency antennas for satellites. Next year, using printers half the size of a bus, they plan to create a satellite constellation called Alpha that will be entirely 3D-printed.... Flavia Tata Nardini, the company's CEO, believes space-based 3D printing is coming next. "In my ideal future, in 10 to 15 years, I won't have to launch satellites from here; I can build them up there."Read more of this story at Slashdot.

It's the largest 3D printed object ever to exist. And they're trying to launch it into space. Livestreaming now on YouTube: the launch from Cape Canaveral, Florida of a 110-foot rocket (33.5 meters) on a mission they're calling GLHF — "Good Luck, Have Fun". Its makers — a California-based company called Relativity Space — are calling it "the world's first 3D printed rocket." A full 85% of the rocket's weight comes from 3D printed parts, explains Wired, and "only the computing system, electronics, and readily available parts like fasteners were not." Named Terran 1, the 7.5-foot-wide rocket (2.2 meters) inaugurates the company's ambitious plans for 3D printing in space:Relativity Space wants to use Terran 1 to (comparatively) cheaply lift satellites for other companies and NASA into Earth orbit. It also plans to construct Terran R, a larger, more powerful, fully reusable rocket that the company hopes will compete with SpaceX's Falcon 9, which has a smaller payload capacity and only reuses the rocket's first stage. In late 2024, Relativity plans to test using Terran R to launch payloads to Mars; another startup, Impulse Space, will provide the lander. From the company's web site:Like its structure, all Relativity engines are 3D printed and use liquid oxygen and liquid natural gas, which are not only the best for rocket propulsion, but also for reusability, and the easiest to eventually transition to methane on Mars. The tagline for the company's Twitter feed says they're "Building humanityâ(TM)s multiplanetary future." And excitement is running high, reports Spaceflight Now""There are a number of firsts here potentially on this rocket," said Josh Brost, vice president of revenue operations at Relativity Space.... "Hard to believe the day is nearly here to launch Terran 1, our first rocket!" Tim Ellis, co-founder and CEO of Relativity Space tweeted Tuesday.... The company now boasts some 1,000 employees, a million-square-foot headquarters and factory in Long Beach, California, and $1.3 billion in venture capital and equity fundraising, including an early $500,000 investment from billionaire Mark Cuban. In 2021, the company reached a valuation of $4.2 billion before launching any rockets.... "No new company has ever had their liquid rocket make it to space on their first attempt," Brost, also a former engineer and manager at SpaceX, told Spaceflight Now in a pre-launch interview. "So if everything goes incredibly well, and we achieve orbit on our first launch ... that would be a remarkable milestone for us, which we would be, of course, over the moon excited about. But that doesn't define success for us." Wired adds that they're not the only company working on space-related 3D printing:Australia's Fleet Space has already been producing lightweight, 3D-printed radio frequency antennas for satellites. Next year, using printers half the size of a bus, they plan to create a satellite constellation called Alpha that will be entirely 3D-printed.... Flavia Tata Nardini, the company's CEO, believes space-based 3D printing is coming next. "In my ideal future, in 10 to 15 years, I won't have to launch satellites from here; I can build them up there."Read more of this story at Slashdot.

Slashdot reader beforewisdom shared this report from CNN:Scientists have set out a way to suck planet-heating carbon pollution from the air, turn it into sodium bicarbonate and store it in oceans, according to a new paper. The technique could be up to three times more efficient than current carbon capture technology, say the authors of the study, published Wednesday in the journal Science Advances.... The team have used copper to modify the absorbent material used in direct air capture. The result is an absorbent "which can remove CO2 from the atmosphere at ultra-dilute concentration at a capacity which is two to three times greater than existing absorbents," Arup SenGupta, a professor at Lehigh University and a study author, told CNN. This material can be produced easily and cheaply and would help drive down the costs of direct air capture, he added. Once the carbon dioxide is captured, it can then be turned into sodium bicarbonate — baking soda — using seawater and released into the ocean at a small concentration. The oceans "are infinite sinks," SenGupta said. "If you put all the CO2 from the atmosphere, emitted every day — or every year — into the ocean, the increase in concentration would be very, very minor," he said. SenGupta's idea is that direct air capture plants can be located offshore, giving them access to abundant amounts of seawater for the process. Stuart Haszeldine, professor of carbon capture and storage at the University of Edinburgh, who was not involved in the study, told CNN that the chemistry was "novel and elegant." The process is a modification of one we already know, he said, "which is easier to understand, scale-up and develop than something totally new."Read more of this story at Slashdot.

In America, the number of high school graduates going to college "was generally on the upswing," reports the Associated Press, "until the pandemic reversed decades of progress. Rates fell even as the nation's population of high school graduates grew." Nationwide, undergraduate college enrollment dropped 8% from 2019 to 2022, with declines even after returning to in-person classes, according to data from the National Student Clearinghouse. The slide in the college-going rate since 2018 is the steepest on record, according to the U.S. Bureau of Labor Statistics. Economists say the impact could be dire. At worst, it could signal a new generation with little faith in the value of a college degree. At minimum, it appears those who passed on college during the pandemic are opting out for good. Predictions that they would enroll after a year or two haven't borne out. Fewer college graduates could worsen labor shortages in fields from health care to information technology. For those who forgo college, it usually means lower lifetime earnings — 75% less compared with those who get bachelor's degrees, according to Georgetown University's Center on Education and the Workforce. And when the economy sours, those without degrees are more likely to lose jobs. "It's quite a dangerous proposition for the strength of our national economy," said Zack Mabel, a Georgetown researcher. In dozens of interviews with The Associated Press, educators, researchers and students described a generation jaded by education institutions. Largely left on their own amid remote learning, many took part-time jobs. Some felt they weren't learning anything, and the idea of four more years of school, or even two, held little appeal. At the same time, the nation's student debt has soared.... If there's a bright spot, experts say, it's that more young people are pursuing education programs other than a four-year degree. Some states are seeing growing demand for apprenticeships in the trades, which usually provide certificates and other credentials. After a dip in 2020, the number of new apprentices in the U.S. has rebounded to near pre-pandemic levels, according to the Department of Labor. Community college is even free in Tennessee, the article notes. "Searching for answers, education officials crossed the state last year and heard that easy access to jobs, coupled with student debt worries, made college less attractive." They also found that restaurant and retail jobs pay better than they have before, with other high school graduates being recruited by manufacturing companies that have aggressively raised wages in response to labor shortages. One 19-year-old making $24-an-hour at a new Ford plant gushed that "The type of money we're making out here, you're not going to be making that while you're trying to go to college."Read more of this story at Slashdot.

An anonymous reader quotes a report from Gizmodo: A former TikTok employee turned whistleblower has reportedly met with multiple U.S. senators expressing concerns TikTok's plan to secure U.S. user data won't go far enough to stop possible Chinese espionage. The whistleblower told The Washington Post in an interview that the company's policy plan, dubbed Project Texas, doesn't go far enough and that properly ensuring U.S. data is secured from Chinese employees requires nothing short of a "complete re-engineering" of the way the app works. Those allegations come just days after another whistleblower raised concerns regarding TikTok's U.S. user controls. Combined, the comments could fan the flames for what looks like growing bipartisan support for a full-on nationwide TikTok ban. The former TikTok employee turned whistleblower told the Post he worked at the company for around six months ending in early 2022 as a risk manager and head of a unit in TikTok's Safety Operations team. Part of that job, he claims, put him in charge of knowing which employees had access to certain tools and user data. He claims he was fired after speaking up about his data privacy concerns. Though he left TikTok prior to its finalization of the so-called Project Texas policy, he maintains he saw enough evidence to suggest the guardrails put in place to placate U.S. regulators fearful of Chinese employees viewing U.S. user data were insufficient. The whistleblower has reportedly already met with staffers from Iowa Sen. Chuck Grassley and Virginia Sen. Mark Warner's offices. Specifically, the whistleblower shared a snippet of code with the Post which they say shows TikTok's code connecting with Toutiao, a Chinese news app also run by TikTok's parent company, ByteDance. The whistleblower alleges that connection could let Chinese employees intercept and potentially view U.S. user data. Gizmodo could not independently confirm those claims. The whistleblower, meanwhile reportedly did not advocate for an outright nationwide ban. Instead, he said the problems could be solved but would require further steps than what is included in the Project Texas proposal. Another alleged whistleblower came forward just days before the Post interview, alleging TikTok's access controls on U.S. data were "superficial" at best. "TikTok and ByteDance employees, he alleged, possess the ability to 'switch between Chinese and U.S. data with nothing more than the click of a button,'" reports Gizmodo. The whistleblower alleged in a letter sent to ByteDance by Republican Missouri Rep. Josh Hawley: "I have seen first-hand China-based engineers flipping over to non-China datasets and creating scheduled tasks to backup, aggregate, and analyze data. TikTok and ByteDance are functionally the same company."Read more of this story at Slashdot.

Chronic pain patients were implanted with "dummy" pieces of plastic and told it would ease their pain, according to an indictment charging the former CEO of the firm that made the fake devices with fraud. Motherboard reports: Laura Perryman, the former CEO of Stimwave LLC, was arrested in Florida on Thursday. According to an FBI press release, Perryman was indicted "in connection with a scheme to create and sell a non-functioning dummy medical device for implantation into patients suffering from chronic pain, resulting in millions of dollars in losses to federal healthcare programs." According to the indictment, patients underwent unnecessary implanting procedures as a result of the fraud. Perryman was charged with one count of conspiracy to commit wire fraud and health care fraud, and one count of healthcare fraud. Stimwave received FDA approval in 2014, according to Engadget, and was positioned as an alternative to opioids for pain relief. The Stimwave "Pink Stylet" system consisted of an implantable electrode array for stimulating the target nerve, a battery worn externally that powered it, and a separate, 9-inch long implantable receiver. When doctors told Stimwave that the long receiver was difficult to place in some patients, Perryman allegedly created the "White Stylet," a receiver that doctors could cut to be smaller and easier to implant -- but was actually just a piece of plastic that did nothing. "To perpetuate the lie that the White Stylet was functional, Perryman oversaw training that suggested to doctors that the White Stylet was a 'receiver,' when, in fact, it was made entirely of plastic, contained no copper, and therefore had no conductivity," the FBI stated. "In addition, Perryman directed other Stimwave employees to vouch for the efficacy of the White Stylet, when she knew that the White Stylet was actually non-functional." Stimwave charged doctors and medical providers approximately $16,000 for the device, which medical insurance providers, including Medicare, would reimburse the doctors' offices for.Read more of this story at Slashdot.

Roku has $487 million of cash and cash equivalents in uninsured deposits at failed Silicon Valley Bank, the streaming media company said in an filing on Friday with the Securities and Exchange Commission. CNBC reports: About 26% of Roku's $1.9 billion in cash was deposited with SVB, which was placed into receivership by the Federal Deposit Insurance Corp. midday Friday. Roku shares fell over 4% in extended trading on the news. "At this time, the Company does not know to what extent the Company will be able to recover its cash on deposit at SVB," Roku said in a press release. Nonetheless, Roku said it believed it would be able to meet its capital obligations for the "next twelve months and beyond" with its unaffected $1.4 billion in cash reserves at other "large financial institutions." "As stated in our 8-K, we expect that Roku's ability to operate and meet its contractual obligations will not be impacted," a Roku spokesperson said in a statement to CNBC. Important note: FDIC insurance only covers the first $250,000 in deposit accounts.Read more of this story at Slashdot.

An anonymous reader quotes a report from Popular Mechanics: [S]cientists from the University of Cambridge and Johns Hopkins University announced that they'd finally mapped every single neuron and all the connections between them housed inside the brain of a fruit fly larva. The team's research was published this week in the journal Science. "If we want to understand who we are and how we think, part of that is understanding the mechanism of thought," says Johns Hopkins biomedical engineer Joshua T. Vogelstein in a press release. "And the key to that is knowing how neurons connect with each other." And there are a lot of neurons and connections to sort through. To complete this neurological map, scientists had to identify 3,016 neurons. But that pales in comparison to the number of connections between these neurons, which comes to a grand total of 548,000. They also identified 93 distinct neurons that differed in shape, function, and neurological connection. If this all sounds difficult, that's because it is. For 12 years, scientists had to painstakingly slice a brain into thousands of tissue samples, image them with an high-resolution electron microscope, and then piece them back together -- neuron by neuron. Understanding the inner workings of a fruit fly's brain may seem unrelated to the human mind, but scientists didn't choose this particular species based on its size or perceived simplicity -- rather, fruit flies actually share fundamental biology and a comparable genetic foundation with humans. This makes the map a perfect cornerstone upon which to explore some of the many mysteries of the human mind. "All brains are similar -- they are all networks of interconnected neurons," Marta Zaltic, a co-author on the study, told the BBC. "All brains of all species have to perform many complex behaviors: they all need to process sensory information, learn, select actions, navigate their environments, choose food, etc."Read more of this story at Slashdot.

The United States Federal Bureau of Investigation has acknowledged for the first time that it purchased US location data rather than obtaining a warrant. Wired reports: While the practice of buying people's location data has grown increasingly common since the US Supreme Court reined in the government's ability to warrantlessly track Americans' phones nearly five years ago, the FBI had not previously revealed ever making such purchases. The disclosure came [Wednesday] during a US Senate hearing on global threats attended by five of the nation's intelligence chiefs. Senator Ron Wyden, an Oregon Democrat, put the question of the bureau's use of commercial data to its director, Christopher Wray: "Does the FBI purchase US phone-geolocation information?" Wray said his agency was not currently doing so, but he acknowledged that it had in the past. He also limited his response to data companies gathered specifically for advertising purposes. To my knowledge, we do not currently purchase commercial database information that includes location data derived from internet advertising," Wray said. "I understand that we previously -- as in the past -- purchased some such information for a specific national security pilot project. But that's not been active for some time." He added that the bureau now relies on a "court-authorized process" to obtain location data from companies." It's not immediately clear whether Wray was referring to a warrant -- that is, an order signed by a judge who is reasonably convinced that a crime has occurred -- or another legal device. Nor did Wray indicate what motivated the FBI to end the practice. In its landmark Carpenter v. United States decision, the Supreme Court held that government agencies accessing historical location data without a warrant were violating the Fourth Amendment's guarantee against unreasonable searches. But the ruling was narrowly construed. Privacy advocates say the decision left open a glaring loophole that allows the government to simply purchase whatever it cannot otherwise legally obtain. [...] Asked during the Senate hearing whether the FBI would pick up the practice of purchasing location data again, Wray replied: "We have no plans to change that, at the current time."Read more of this story at Slashdot.

Krisztian Sandor writes via CoinDesk: U.S.-based stablecoin issuer Circle held a part of its USDC stablecoin's cash reserves at Silicon Valley Bank as of Jan. 17, according to the firm's latest attestation (PDF). USDC is the second-largest stablecoin on the market, with a $43 billion circulating supply that is fully backed by government bonds and cash-like assets. According to Circle's January reserve report, the firm held some $9.88 billion of cash deposited at regulated banks to back USDC's value. USDC's banking partners included Silicon Valley Bank (SVB), the California-based bank that was taken over by regulators and shut down on Friday. The full list of banks that held cash for Circle's USDC are Bank of New York Mellon, Citizens Trust Bank, Customers Bank, New York Community Bank (a division of Flagstar Bank, N.A.), Signature Bank, Silicon Valley Bank and Silvergate Bank. Circle also keeps some part of USDC reserves in a dedicated BlackRock fund. Circle said last week it had cut ties with Silvergate Bank, the crypto-friendly bank that halted operations and said it would "voluntarily liquidate" its assets earlier this week. Signature Bank's holding company's (SI) shares have dropped 12% on the news about SVB's shutdown. Signature said in December that it would reduce deposits tied to crypto firms by as much as $10 billion. Simon Dixon, CEO of online investment platform BnkToTheFuture, tweeted that Circle's chief executive Jeremy Allaire said the firm held "most of their cash is in BNY Melon," while sharing a screenshot from March 2. BnkToTheFuture is an investor and shareholder in Circle.Read more of this story at Slashdot.

Yesterday, Starbucks sold all of its 2,000 NFT "Journey Stamps" in under 20 minutes. They were the company's first paid collection of NFTs and were priced at $100 each. The Verge reports: The coffee company first launched its NFT and Web3 push in December, when it opened up a new membership program called Starbucks Odyssey. An extension of the existing Starbucks rewards program that gives customers perks like free drink upgrades, Odyssey promises to deliver new benefits and "immersive coffee experiences that [customers] cannot get anywhere else" as members complete games, quizzes, and make purchases. Rewards might include virtual classes, access to merchandise, or a trip to a Starbucks coffee farm at higher membership tiers. Free coffee, notably, isn't listed as a possible reward. Purchasing an NFT gives members additional "points" that they can use to level up their tier.Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: When you first start messing with the command line, it can feel like there's an impermeable wall between the local space you're messing around in and the greater Internet. On your side, you've got your commands and files, and beyond the wall, there are servers, images, APIs, webpages, and more bits of useful, ever-changing data. One of the most popular ways through that wall has been cURL, or "client URL," which turns 25 this month. The cURL tool started as a way for programmer Daniel Stenberg to let Internet Chat Relay users quickly fetch currency exchange rates while still inside their chat window. As detailed in an archived history of the project, it was originally built off an existing command-line tool, httpget, built by Rafael Sagula. A 1.0 version was released in 1997, then changed names to urlget by 2.0, as it had added in GOPHER, FTP, and other protocols. By 1998, the tool could upload as well as download, and so version 4.0 was named cURL. Over the next few years, cURL grew to encompass nearly every Internet protocol, work with certificates and encryption, offer bindings for more than 50 languages, and be included in most Linux distributions and other systems. The cURL project now encompasses both the command-line command itself and the libcurl library. In 2020, the project's history estimated the command and library had been installed in more than 10 billion instances worldwide. How do you celebrate a piece of indispensable Internet architecture turning 25? Stenberg plans to host a "Zoom birthday party" at 17:00 UTC time on March 20. Double-check that time in your area: "It is within this weird period between [when] the US has switched to daylight saving time while Europe has not yet switched," Stenberg writes on his blog. Stenberg plans to sip on a 25-year Bowmore Islay single-malt Scotch, while presenting the project's history and future plans while taking questions. (A link to the Zoom call will be added to Stenberg's blog post closer to March 20.)Read more of this story at Slashdot.