"Anyone who is into gaming knows your graphics card is under strain trying to display modern graphics," writes longtime Slashdot reader smooth wombat. "This results in increased power usage, which is then turned into heat. Keeping your card cool is a must to get the best performance possible." "However, hardware tester Igor's Lab found that vendors for Nvidia RTX 40-series cards are using cheap, poorly applied thermal paste, which is leading to high temperatures and consequently, performance degradation over time. This penny-pinching has been confirmed by Nick Evanson at PC Gamer." From the report: I have four RTX 40-series cards in my office (RTX 4080 Super, 4070 Ti, and two 4070s) and all of them have quite high hotspots -- the highest temperature recorded by an individual thermal sensor in the die. In the case of the 4080 Super, it's around 11 C higher than the average temperature of the chip. I took it apart to apply some decent quality thermal paste and discovered a similar situation to that found by Igor's Lab. In the space of a few months, the factory-applied paste had separated and spread out, leaving just an oily film behind, and a few patches of the thermal compound itself. I checked the other cards and found that they were all in a similar state. Igor's Lab examined the thermal paste used on a brand-new RTX 4080 and found it to be quite thin in nature, due to large quantities of cheap silicone oil being used, along with zinc oxide filler. There was lots of ground aluminium oxide (the material that provides the actual thermal transfer) but it was quite coarse, leading to the paste separating quite easily. Removing the factory-installed paste from another RTX 4080 graphics card, Igor's Lab applied a more appropriate amount of a high-quality paste and discovered that it lowered the hotspot temperature by nearly 30 C.Read more of this story at Slashdot.
An anonymous reader quotes a report from Ars Technica: The European Commission (EC) has finally taken action to block Meta's heavily criticized plan to charge a subscription fee to users who value privacy on its platforms. Surprisingly, this step wasn't taken under laws like the Digital Services Act (DSA), the Digital Markets Act (DMA), or the General Data Protection Regulation (GDPR). Instead, the EC announced Monday that Meta risked sanctions under EU consumer laws if it could not resolve key concerns about Meta's so-called "pay or consent" model. Meta's model is seemingly problematic, the commission said, because Meta "requested consumers overnight to either subscribe to use Facebook and Instagram against a fee or to consent to Meta's use of their personal data to be shown personalized ads, allowing Meta to make revenue out of it." Because users were given such short notice, they may have been "exposed to undue pressure to choose rapidly between the two models, fearing that they would instantly lose access to their accounts and their network of contacts," the EC said. To protect consumers, the EC joined national consumer protection authorities, sending a letter to Meta requiring the tech giant to propose solutions to resolve the commission's biggest concerns by September 1. That Meta's "pay or consent" model may be "misleading" is a top concern because it uses the term "free" for ad-based plans, even though Meta "can make revenue from using their personal data to show them personalized ads." It seems that while Meta does not consider giving away personal information to be a cost to users, the EC's commissioner for justice, Didier Reynders, apparently does. "Consumers must not be lured into believing that they would either pay and not be shown any ads anymore, or receive a service for free, when, instead, they would agree that the company used their personal data to make revenue with ads," Reynders said. "EU consumer protection law is clear in this respect. Traders must inform consumers upfront and in a fully transparent manner on how they use their personal data. This is a fundamental right that we will protect." Additionally, the EC is concerned that Meta users might be confused about how "to navigate through different screens in the Facebook/Instagram app or web-version and to click on hyperlinks directing them to different parts of the Terms of Service or Privacy Policy to find out how their preferences, personal data, and user-generated data will be used by Meta to show them personalized ads." They may also find Meta's "imprecise terms and language" confusing, such as Meta referring to "your info" instead of clearly referring to consumers' "personal data." A Meta spokesperson said in a statement: "Subscriptions as an alternative to advertising are a well-established business model across many industries. Subscription for no ads follows the direction of the highest court in Europe and we are confident it complies with European regulation."Read more of this story at Slashdot.
Researchers have identified a zero-day exploit for the Telegram messaging app on Android devices that could have allowed attackers to send malicious payloads disguised as legitimate files. From a report: The exploit was built to abuse a vulnerability that Slovakia-based firm ESET dubbed EvilVideo. Telegram fixed the bug earlier this month in versions 10.14.5 and above after researchers reported it. Threat actors had about five weeks to exploit the zero-day before it was patched, but it's not clear if it was used in the wild, ESET said. ESET discovered the exploit on an underground forum in early June. It was sold for an unspecified price by a user with the username "Ancryno." In its post, the seller showed screenshots and a video of testing the exploit in a public Telegram channel. In unpatched versions of Telegram for Android, attackers could use the exploit to send malicious payloads via Telegram channels, groups and chats, making them appear as multimedia files. The exploit takes advantage of Telegram's default setting to automatically download media files. The option can be disabled manually, but in that case, the payload could still be installed on the device if a user tapped the download button in the top left corner of the shared file. If the user tried to play the "video," Telegram displayed a message that it was unable to play it and suggested using an external player. The hackers disguised a malicious app as this external player.Read more of this story at Slashdot.
In an interview with The Verge's Nilay Patel, Rivian founder and CEO RJ Scaringe said the automaker has no plans to adopt Apple CarPlay in its vehicles. "We have a great relationship with Apple," he said. "As much as I love their products, there's a reason that ironically is very consistent with Apple ethos for us to want to control the ecosystem." CarPlay isn't "consistent with how we think about really creating a pure product experience," Scaringe said. From the report: One example given by Scaringe includes CarPlay's inability to "leverage other parts of the vehicle experience," which would require Rivian customers to leave the app in order to do things like open the vehicle's front trunk. "We've taken the view of the digital experience in the vehicle wants to feel consistent and holistically harmonious across every touchpoint," said Scaringe. Instead, the Rivian CEO says the company will eventually add CarPlay's most desirable features "but on an a la carte basis." Scaringe says that excluding CarPlay will allow the company to be more selective about features like routing and mapping charging points, noting that Rivian had acquired route planning app maker Iternio last year to facilitate that. "We recognize that it'll take us time to fully capture every feature that's in CarPlay, and hopefully, customers are seeing that. I think it often gets more noise than it deserves," Scaringe said in the interview. "The other thing beyond mapping that's coming is better integration with texting. We know that needs to come, and it's something that teams are actively working on."Read more of this story at Slashdot.
An anonymous reader quotes a report from Reuters: Boeing-owned Wisk Aero expects its pilotless air-taxi to begin carrying passengers "later in the decade" as it works with the U.S. regulator to secure approvals, its CEO said on Monday, amid skepticism among industry analysts about certification timelines. Wisk is one of several electric vertical take-off and landing (eVTOL) aircraft makers that have emerged over the last few years with a promise to provide an environmentally-friendly mode of transport in congested cities. But the industry faces technological hurdles such as making batteries powerful enough for companies to make more trips on a single charge. They also need to convince regulators and the public that the aircraft are safe, a barrier that is higher when the aircraft is autonomous.Wisk is developing a four-seater autonomous aircraft that will have a range of 90 miles (145 km). "We are right now testing and producing the elements of this aircraft that we will hope to fly around the end of this year," CEO Brian Yutko told reporters at the Farnborough Airshow. Wisk's strategy is a departure from other major air-taxi makers, which are developing models that will require a pilot to fly the aircraft. The company has said operators of its aircraft will save on pilot costs. But industry experts at Bain say a full autonomous passenger flight is not expected before the late 2030s and pilotless aircraft will face competition from autonomous vehicles on the road. "Maximizing passenger occupancy and avoiding return trips with empty aircraft will be crucial for operator profitability," said Mattia Celli, one of the authors of the Bain report.Read more of this story at Slashdot.
In a blog post today, Google said it has an "updated approach" that won't involve "deprecating third-party cookies" in Chrome. Instead, it's introducing "a new experience in Chrome that lets people make an informed choice that applies across their web browsing," which they'd be able to adjust at any time. Digiday reports: Google executives are already discussing this pivot with regulators including the U.K.'s Competition and Markets Authority (CMA) and Information Commissioner's Office (ICO) and plan to do the same with the industry soon. For now, details on what this actually means remain light. And as for a timeline, Google seems to have learned its lesson from the numerous delays to its cookie-killing plans -- there isn't one. "As this moves forward, it remains important for developers to have privacy-preserving alternatives," Anthony Chavez, vp of the Privacy Sandbox, said in the blog post. "We'll continue to make the Privacy Sandbox APIs available and invest in them to further improve privacy and utility." For those who have poured time and effort into third-party cookie alternatives, fear not: Google will keep the APIs in the Sandbox. Your work isn't going to waste. In fact, the plan is to continue to invest in them, continued Chavez, to further improve "privacy and utility." Plus, additional privacy controls, like the recently announced IP Protection (i.e. IP masking for privacy protection) in Chrome's Incognito mode, will be added to the Sandbox. "We developed the Privacy Sandbox with the goal of finding innovative solutions that meaningfully improve online privacy while preserving an ad-supported internet that supports a vibrant ecosystem of publishers, connects businesses with customers, and offers all of us free access to a wide range of content," Chavez wrote in the blog post. Or, to put it another way, the Sandbox isn't going anywhere anytime soon.Read more of this story at Slashdot.
An anonymous reader writes: Windows users are being notified that their systems aren't backed up with the built-in Windows backup solution. A corresponding message appears with the advice that it's best to make backups so that all data is stored "in case something happens to the PC." It almost reads like an indirect threat, but Microsoft is actually just pointing out the option to store file backups on its own OneDrive cloud service. And it's also advertising more storage space.Read more of this story at Slashdot.
Waymo, a subsidiary of Google's parent Alphabet, has taken legal action against alleged vandals targeting its self-driving taxi fleet in San Francisco, according to court documents. The company, which operates ride-hailing services in several U.S. cities, has filed two lawsuits seeking substantial damages for incidents that reportedly resulted in extensive damage to vehicle tires and bodywork, Wired reported Monday.Read more of this story at Slashdot.
Something is pumping out large amounts of oxygen at the bottom of the Pacific Ocean, at depths where a total lack of sunlight makes photosynthesis impossible. Nature: The phenomenon was discovered in a region strewn with ancient, plum-sized formations called polymetallic nodules, which could play a part in the oxygen production by catalysing the splitting of water molecules, researchers suspect. The findings are published in Nature Geoscience. "We have another source of oxygen on the planet, other than photosynthesis," says study co-author Andrew Sweetman, a sea-floor ecologist at the Scottish Association for Marine Science in Oban, UK -- although the mechanism behind this oxygen production remains a mystery. The findings could also have implications for understanding how life began, he says, as well as for the possible impact of deep-sea mining in the region. The observation is "fascinating," says Donald Canfield, a biogeochemist at the University of Southern Denmark in Odense. "But I find it frustrating, because it raises a lot of questions and not very many answers." Sweetman and his collaborators first noticed something amiss during field work in 2013. The researchers were studying sea-floor ecosystems in the Clarion-Clipperton Zone, an area between Hawaii and Mexico that is larger than India and a potential target for the mining of metal-rich nodules. During such expeditions, the team releases a module that sinks to the sea floor to perform automated experiments. Once there, the module drives cylindrical chambers down to close off small sections of the sea floor -- together with some seawater -- and create "an enclosed microcosm of the seafloor," the authors write. The lander then measures how the concentration of oxygen in the confined seawater changes over periods of up to several days. Without any photosynthetic organisms releasing oxygen into the water, and with any other organisms consuming the gas, oxygen concentrations inside the chambers should slowly fall. Sweetman has seen that happen in studies he has conducted in areas of the Southern, Arctic and Indian oceans, and in the Atlantic. Around the world, sea-floor ecosystems owe their existence to oxygen carried by currents from the surface, and would quickly die if cut off. (Most of that oxygen originates in the North Atlantic and is carried to deep oceans around the world by a 'global conveyor belt.')Read more of this story at Slashdot.
Verizon reported a significant loss of wireless subscribers in the second quarter, with its consumer business shedding 624,000 prepaid customers, largely due to the expiration of the federal Affordable Connectivity Program in May. The telecom giant attributed over half of these losses to the end of the COVID-era internet subsidy that had previously supported 23 million low-income households across the United States. Despite the subscriber exodus, Verizon managed to add 148,000 net monthly bill-paying wireless phone subscribers during the period.Read more of this story at Slashdot.
Luxury carmaker Porsche expects the transition to electric vehicles to take longer than it thought, it said on Monday, having previously said its aim was for 80% of sales to be all-electric by 2030. From a report: It has now watered down that goal by tying it explicitly to customer demand and developments in the electromobility sector, saying in a statement only that it could now deliver on the 80% target if those factors warrant it. "The transition to electric cars is taking longer than we thought five years ago," Porsche said in a statement. "Our product strategy is set up such that we could deliver over 80% of our vehicles as all electric in 2030 - dependent on customer demand and the development of electromobility."Read more of this story at Slashdot.
An amateur photographer has documented his experience with at-home color film development and digitization. The process, initially undertaken for cost savings, involves a complex setup including a changing bag, developing tank, chemicals, and a DSLR scanning system, the author argues. Key challenges reported include film loading in darkness and achieving consistent image quality. Despite mixed results, the hobbyist -- Jason Koebler, an editor of 404 Media, a new publication that we have linked to quite a few times in recent months -- nonetheless cites satisfaction with the artistic and analog aspects of the process. He concludes: I have obviously (obviously!) not saved any money yet by doing this myself at home. I have spent many hundreds of dollars to develop about 20 rolls of film at home, and have achieved results that I am both amazed by and also frustrated with. The amazement comes from the fact that any of this actually works at all, and the knowledge that I am trying my best and having fun. The frustration comes from the blurry photos. It's all part of the process, I guess.Read more of this story at Slashdot.
Intel continues to grapple with the mystery surrounding crashes in its latest 13th- and 14th-gen Core desktop processors, but it's refuting claims that the issue extends to its mobile chips. From a report: Matthew Cassells, the founder of Alderon Games and developer of Path of Titans, claimed on Reddit that the company had noted crashes on Intel's mobile processors. "Yes we have several laptops that have failed with the same crashes," he wrote. "It's just slightly more rare then [sic] the desktop CPU faults." Previously, Alderon had issued a statement blaming "thousands of crashes," as noted by its own crash reports on the Intel CPUs. It also claimed it would switch its server infrastructure to chips made by AMD. Intel's problem with its latest Core chips has persisted since January, but simmered for months while developers began pointing fingers and PC makers started working on solutions. To date, the most bulletproof solution has been simply to swap out an affected part for a replacement, which Intel has been willing to do. Intel has also issued guidance as to what power-profile settings users and board makers should use while it works to solve the problem. An Intel representative said Friday via e-mail that Intel still remains in the dark about the root cause of the issue. However, Intel claims that its mobile processors aren't being affected.Read more of this story at Slashdot.
The United States has claimed victory at the International Mathematical Olympiad in Chiang Mai, Thailand, marking its first win in over two decades. The competition, which pitted top-ranked high school math students from more than 100 countries against each other, saw the U.S. team emerge triumphant after two days of intense problem-solving. NPR adds: The U.S. team last won the Olympiad in 1994. Reports in recent years have raised concerns that American math students are falling behind those in the rest of the world. But, Po-Shen Loh, a professor at Carnegie Mellon University and head coach for Team USA, says, "At least in this case with the Olympiads, we've been able to prove that our top Americans are certainly at the level of the top people from the other countries."Read more of this story at Slashdot.
OpenResearch, a lab funded by OpenAI CEO Sam Altman, has released initial findings from a comprehensive study on unconditional cash transfers. The experiment, conducted from 2020 to 2023, provided $1,000 monthly to 1,000 low-income Americans across Illinois and Texas. Results showed recipients primarily used the funds for basic needs and increased spending on healthcare and leisure activities. While the cash boost led to some positive outcomes, including increased business startups among Black recipients and women, it did not significantly improve long-term financial health or physical well-being. The study also noted a reduction in work hours among participants, with earnings dropping by at least 12 cents for every dollar received.Read more of this story at Slashdot.
A Microsoft spokesman says that a 2009 European Commission agreement prevents the company from restricting third-party access to Windows' core functions, shedding light on factors contributing to Friday's widespread outage that affected millions of computers globally. The disruption, which caused the infamous "blue screen of death" on Windows machines across various industries, originated from a faulty update by cybersecurity firm CrowdStrike. The incident highlighted the vulnerability of Microsoft's open ecosystem, mandated by the EU agreement, which requires the tech giant to provide external security software developers the same level of system access as its own products. This policy stands in stark contrast to more closed systems like Apple's.Read more of this story at Slashdot.
8.5 million Windows devices were ultimately affected by the Crowdstrike outage, according to figures from Microsoft cited by CNN. And now an anonymous Slashdot reader shares CNN's report on the ramifications:What one cybersecurity expert said appears to be the "largest IT outage in history" led to the cancellation of more than 5,000 commercial airline flights worldwide and disrupted businesses from retail sales to package deliveries to procedures at hospitals, costing revenue and staff time and productivity... While CrowdStrike has apologized, it has not mentioned whether or not it intends to provide compensation to affected customers. And when asked by CNN about whether it plans to provide compensation, its response did not address that question. Experts say they expect that there will be demands for remuneration and very possibly lawsuits. "If you're a lawyer for CrowdStrike, you're probably not going to enjoy the rest of your summer," said Dan Ives, a tech analyst for Wedbush Securities.... But there could be legal protections for CrowdStrike in its customer contracts to shield it from liability, according to one expert. "I would guess that the contracts protect them," said James Lewis, researcher at the Center for Strategic and International Studies... It's also not clear how many customers CrowdStrike might lose because of Friday. Wedbush Securities' Ives estimates less than 5% of its customers might go elsewhere. "They're such an entrenched player, to move away from CrowdStrike would be a gamble," he said. It will be difficult, and not without additional costs, for many customers to switch from CrowdStrike to a competitor. But the real hit to CrowdStrike could be reputational damage that will make it difficult to win new customers... [E]ven if customers are understanding, it's likely that CrowdStrike's rivals will be seeking to use Friday's events to try to lure them away. One final note from CNN. Patrick Anderson, CEO of a Michigan research firm called the Anderson Economic Group, "added that the costs could be particularly significant for airlines, due to lost revenue from canceled flights and excess labor and fuel costs for the planes that did fly but faced significant delays." See also: Third Day of 1,000+ Cancelled Flights, Just in the US, After Crowdstrike Outage .Read more of this story at Slashdot.
Re-visiting the Napster era, Stephen Witt's book How Music Got Free has been adapted into a two-part documentary on Paramount+. But the documentary's director believes "The real innovative minds here were a bunch of rogue teenagers and a guy working a blue-collar factory job in the tiny town of Shelby, North Carolina," according to this article in the Guardian:By day, [Glover] worked at Universal Music's CD manufacturing plant in North Carolina, from which he smuggled out hot albums by stars like Mary J Blige and 50 Cent before they were even released. For the documentary, Glover spoke openly, and largely without regret, as did others who worked at that plant who did their own share of stealing. Part of their incentive was class revenge: while they were paid piddling wages by the hour, the industry used the products they manufactured to mint millions. To maximize profits on his end, Glover set up a subscription service to let those in his circle know what CDs and movies were coming. "He was doing what Netflix would later do," Stapleton said... In the meantime, the record companies and their lobbying arm, the RIAA, focused their wrath on the most public face of file-sharing: Napster. In truth, all Fanning's company did was make more accessible the work the pirates innovated and first distributed... For its part, the music industry reacted in the worst way possible, PR-wise. They sued the kids who made up their strongest fanbase. "One of the key lessons we learned from this era is that you can't sue your way out of a situation like this," Witt said. "You have to build a new technology that supersedes what the pirates did." Eventually, that's what happened, though the first attempts in that direction made things worse than ever for the labels and stars. When Apple first created the iPod in 2001, there wasn't yet an Apple store where listeners could purchase music legally. "It was just a place to put your stolen MP3s," said Witt. Labels couldn't sue Apple because of a ruling dictating that the manufacturer of a device couldn't be held responsible for piracy enacted by its users. While Steve Jobs later modified his approach, creating a way for fans to buy individual songs for the iPod, "that did more damage to the industry than anything", Witt said. "Whereas, before they could sell a $15 CD to fans who really just wanted one song, now those fans could get that song for just a dollar...." Eventually, the collective efforts of the streaming companies returned the music industry to massive profitability, though often at the expense of its artists, who often receive a meager slice of the proceeds.... Things ended less favorably for the pirates, some of whom now have criminal records. Likewise, Glover served a short prison sentence though, today, he is chief maintenance technician at the Ryder Truck manufacturing plant in his home town. A Forbes senior contributor (and director Alexandria Stapleton) believe that for the younger generation it may be "their first introduction to why the music industry is the way that they're used to." And Stapleton says their sympathies are with those factory workers.Stapleton: They were completely underpaid. They were making literally nothing. It's important for people to understand that while the industry was charging $20 for a CD, it cost like 20 cents to make. That's a big profit margin. And to have a factory that was paying barely enough for people to put food on the table, I think there's something wrong with that... Witt: It's amazing to think about what they were really doing, which was essentially filling the technological vacuum that the record industry was refusing to fill, right? The record industry was not building out the successor technology to the compact disc because the compact disc was just too profitable for them. Instead, a bunch of random teenagers built the next generation of technology for them, and yeah, it caused a lot of damage. But I don't think that teenagers were necessarily trying to hurt anyone... They weren't malicious. They just were fascinated by how this stuff worked. And of course, they were also completely entranced by the celebrity of the musicians themselves. In the interview Witt adds that a lot of those teenagers "were really kind of traumatized by their experience with the FBI I would say, and they wanted to get that story out there." The documentary was produced by LeBron James and Eminem, "who rode the tail end of the CD boom to stratospheric heights," remembers a Fast Company opinion columnist. (And 25 years later, that columnist has gone back to listening to vinyl records, which "reignited for me a long-missing air of full engagement... Technology marches forward, except when it occasionally lurches backward...")Read more of this story at Slashdot.
A ransomware attack has taken down the computer system of America's largest trial court, reports the Associated Press:The cybersecurity attack began early Friday and is not believed to be related to the faulty CrowdStrike software update that has disrupted airlines, hospitals and governments around the world, officials said in a statement Friday. The court disabled its computer network systems upon discovery of the attack, and it will remain down through at least the weekend. Friday's statement called it "a serious security event," adding that the court is receiving help from local, state, and federal law enforcement agencies. "At this time, the preliminary investigation shows no evidence of court users' data being compromised."Over the past few years, the Court has invested heavily in its cybersecurity operations, modernizing its cybersecurity infrastructure and making strategic staff investments in the Cybersecurity Division within Court Technology Services. As a result of this investment, the Court was able to quickly detect an intrusion and address it immediately. Due to the ongoing nature of the investigation, remediation, and recovery, the Court will not comment further until additional information is available for public release. Sunday the Court posted on X.com that they're "working diligently to get the Court's network systems back up and running... "When we have a better understanding of the extent to which the Court will be operational tomorrow, July 22, we will provide information and direction to court users and jurors, likely later this evening."Read more of this story at Slashdot.
The BBC reports that "while most of the world was grappling with the blue screen of death on Friday," there was one country that managed to escape largely unscathed: China.The reason is actually quite simple: CrowdStrike is hardly used there. Very few organisations will buy software from an American firm that, in the past, has been vocal about the cyber-security threat posed by Beijing. Additionally, China is not as reliant on Microsoft as the rest of the world. Domestic companies such as Alibaba, Tencent and Huawei are the dominant cloud providers. So reports of outages in China, when they did come, were mainly at foreign firms or organisations. On Chinese social media sites, for example, some users complained they were not able to check into international chain hotels such as Sheraton, Marriott and Hyatt in Chinese cities. Over recent years, government organisations, businesses and infrastructure operators have increasingly been replacing foreign IT systems with domestic ones. Some analysts like to call this parallel network the "splinternet". "It's a testament to China's strategic handling of foreign tech operations," says Josh Kennedy White, a cybersecurity expert based in Singapore. "Microsoft operates in China through a local partner, 21Vianet, which manages its services independently of its global infrastructure. This setup insulates China's essential services - like banking and aviation - from global disruptions." "Beijing sees avoiding reliance on foreign systems as a way of shoring up national security." Thanks to long-time Slashdot reader hackingbear for sharing the article.Read more of this story at Slashdot.
In April the U.S. Space Force began testing "a new ground-based satellite jamming weapon to help keep U.S. military personnel safe from potential 'space-enabled' attacks" (according to a report from Space.com). The weapon was "designed to deny, degrade, or disrupt communications with satellites overhead, typically through overloading specific portions of the electromagnetic spectrum with interference," according to the article, with the miitary describing it as a small form-factor system "designed to be fielded in large numbers at low-cost and operated remotely" and "provide counterspace electronic warfare capability to all of the new Space Force components globally." And now, Bloomberg reports that the U.S. is about to deploy them:The devices aren't meant to protect U.S. satellites from Chinese or Russian jamming but "to responsibly counter adversary satellite communications capabilities that enable attacks," the Space Force said in a statement to Bloomberg News. The Pentagon strives - on the rare occasions when it discusses such space capabilities - to distinguish its emerging satellite-jamming technology as purely defensive and narrowly focused. That's as opposed to a nuclear weapon the U.S. says Russia is developing that could create high-altitude electromagnetic pulses that would take out satellites and disrupt entire communications networks. The first 11 of 24 Remote Modular Terminal jammers will be deployed in several months, and all of them could be in place by Dec. 31 at undisclosed locations, according to the Space Force statement... The new terminals augment a much larger jamming weapon called the Counter Communications System that's already deployed and a mid-sized one called Meadowlands "by providing the ability to have a proliferated, remotely controlled and relatively relocatable capability," the Space Force said. The Meadowlands system has encountered technical challenges that have delayed its delivery until at least October, about two years later than planned. China has "hundreds and hundreds of satellites on orbit designed to find, fix, track, target and yes, potentially engage, US and allied forces across the Indo-Pacific," General Stephen Whiting, head of US Space Command, said Wednesday at the annual Aspen Security Forum. "So we've got to understand that and know what it means for our forces." Bloomberg also got this comment from the chief director of space security and stability at the Secure World Foundation (which produces reports on counterspace weapons). The new U.S. Space Force jamming weapons are "reversible, temporary, non-escalatory and allow for plausible deniability in terms of who the instigator is."Read more of this story at Slashdot.
For the third straight day, "More than 1,000 US flights have been," reports CNN, "as airlines struggle to recover from a global tech outage that left thousands of passengers stranded at airports."More than 1,200 flights into, within or out of the United States were canceled by early Sunday afternoon, while more than 5,000 U.S. flights were delayed, according to the tracking website FlightAware.com... On Saturday, 2,136 US flights were canceled, and more than 21,300 flights were delayed... USA Today notes that Friday several U.S. airlines issued ground stops (according to America's Federal Aviation Administration) "which caused a domino effect into Sunday." They note that "most of the cancellations and delays Sunday are likely to be caused by airline crews and equipment being out of place."Read more of this story at Slashdot.
The Verge reports that for machines that aren't automatically receiving Crowdstrike's newly-released software fix, Microsoft has released a recovery tool that creates a bootable USB drive.Some IT admins have reported rebooting PCs multiple times will get the necessary update, but for others the only route is having to manually boot into Safe Mode and deleting the problematic CrowdStrike update file. Microsoft's recovery tool now makes this recovery process less manual, by booting into its Windows PE environment via USB, accessing the disk of the affected machine, and automatically deleting the problematic CrowdStrike file to allow the machine to boot properly. This avoids having to boot into Safe Mode or a requirement of admin rights on the machine, because the tool is simply accessing the disk without booting into the local copy of Windows. If a disk is protected by BitLocker encryption, the tool will prompt for the BitLocker recovery key and then continue to fix the CrowdStrike update.Read more of this story at Slashdot.
"It has been the greatest honor of my life to serve as your President," U.S. President Joe Biden announced today. "And while it has been my intention to seek reelection, I believe it is in the best interest of my party and the country for me to stand down and to focus solely on fulfilling my duties as President for the remainder of my term." In an announcement posted on X.com, Biden thanked the American people. ("Together, we overcame a once in a century pandemic and the worst economic crisis since the Great Depression.") The short statement also said he would "speak to the Nation later this week in more detail." The Associated Press reports that "His wife, first lady Jill Biden, responded by reposting the president's letter announcing his decision and adding red heart emojis." CNN reports that "most Biden campaign staff, including some senior staff, found out from the president's post on X." In a subsequent X post, Biden endorsed Vice President Kamala Harris to be the Democratic party's nominee for president.Read more of this story at Slashdot.
Harry R. Lewis has been a Harvard CS professor - teaching both Bill Gates and Mark Zuckerberg - and the dean of Harvard college. Born in 1947, Lewis remembers flipping the 18 toggle switches on Harvard's PDP-4 back in 1966 - up ("click!") or down ("CLACK"). And he thinks there's a lesson for today from a time when "Computers were experienced as physical things." [T]he machine had a personality because it had a body you could feel and listen to. You could tell whether it was running smoothly by the way it sounded... Unlike the unreliable mechanical contraptions of yore, today's computers - uninteresting though they may be to look at if you can find them at all - mostly don't break down, so we have fewer reasons to remember their physicality. Does it matter that the line between humans and the machines we have created has so blurred? Of course it does. We have known for a long time that we would eventually lose the calculation game to our creations; it has happened. We are likely to lose Turing's "Imitation Game" too, in which a computer program, communicating with a human via typed text, tries to fool the user into confusing it with a human at another keyboard. (ChatGPT and its ilk are disturbingly convincing conversationalists already.) Our challenge, in the presence of ubiquitous, invisible, superior intelligent agents, will be to make sure that we, and our heirs and successors, remember what makes us human... All computers can do is pretend to be human. They can be, in the language of the late philosopher Daniel Dennett '63, counterfeit humans... The first error is suggesting that computers can be digitally trained to be superior versions of human intellects. And the second is inferring that human judgment will not be needed once computers get smart enough... [N]o AI system can be divorced from the judgments of the humans who created it... Only hubristic humans could think that their counterfeits might completely substitute for human companionship, wisdom, curiosity, and judgment.a Even back in 1966, Lewis says he learned two lessons that "have stood the test of time. Be careful what you ask them for. And it can be hard to tell what they are doing." One example? "In those pre-miniaturization days, the ordinary operation of the central processor generated so much radiation that you would put a transistor radio on the console and tune it in between AM stations. From the other side of the room, the tone of the static indicated whether the machine had crashed or not."Read more of this story at Slashdot.
Last year two different tourists - following GPS directions - drove their cars straight into the same harbor in Hawaii. And then last weekend - at the same harbor - it happened again."This time it was different," reports a local news station. "The driver was a local..."Multiple witnesses say the Prius was actually parked at the top of the ramp and that an enforcement officer with the Department of Land and Natural Resources told the owner she had to move it. Witnesses also said that the woman had an issue getting the car started. Eventually, she was able to start the vehicle and called out that the car was running. Then the car went down the ramp.... More from Hawaii News Now:This follows another viral incident, captured on video in May of last year, showing another SUV sinking in the water with its passengers inside. "The GPS led them into the water," said one witness. Then, a few weeks later, it happened again. Witnesses say the driver, also an out-of-state visitor, was following their GPS directions. "The first time I heard it, the thought in my head was, you got to be joking," said Hawaii County Mayor Mitch Roth. "The third was - are you serious? This is just another form of people not paying attention to what they're doing." The news outlet reached out to the Department of Land and Natural Resources - and specifically to its Division of Boating & Ocean Recreation, to ask whether the harbor's boat ramp had adequate lighting and signage. They responded that a boat ramp descending into the waters of the Pacific ocean is "hard to miss" - and called the recent incidents "operator error." Meanwhile in Wyoming, SFGate reports that "an SUV with five people inside plunged about 9 feet deep into a 105-degree geyser at Yellowstone National Park after it 'inadvertently drove off the roadway' last Thursday, National Park Service officials said."Read more of this story at Slashdot.
12 years on Mars - and NASA's Curiosity rover "has made its most unusual find to date," reports CNN - rocks made of pure sulfur. "And it all began when the 1-ton rover happened to drive over a rock and crack it open, revealing yellowish-green crystals never spotted before on the red planet.""I think it's the strangest find of the whole mission and the most unexpected," said Ashwin Vasavada, Curiosity project scientist at NASA's Jet Propulsion Laboratory in Pasadena, California. "I have to say, there's a lot of luck involved here. Not every rock has something interesting inside...." White stones had been visible in the distance, and the mission scientists wanted a closer look. The rover drivers at JPL, who send instructions to Curiosity, did a 90-degree turn to put the robotic explorer in the right position for its cameras to capture a mosaic of the surrounding landscape. On the morning of May 30, Vasavada and his team looked at Curiosity's mosaic and saw a crushed rock lying amid the rover's wheel tracks. A closer picture of the rock made clear the "mind-blowing" find, he said... "No one had pure sulfur on their bingo card," Vasavada said... Members of the team were stunned twice - once when they saw the "gorgeous texture and color inside" the rock and then when they used Curiosity's instruments to analyze the rock and received data indicating it was pure sulfur, Vasavada said. Vasavada also was grateful for the original landing site where Curiosity began methodically exploring back in 2012. "I'm glad we chose something that was 12 years' worth of science."Read more of this story at Slashdot.
Who wrote the code for Windows' notorious "Blue Screen of Death?It's "been a source of some contention," writes SFGate:A Microsoft developer blog post from Raymond Chen in 2014 said that former Microsoft CEO Steve Ballmer wrote the text for the Ctrl+Alt+Del dialog in Windows 3.1. That very benign post led to countless stories from tech media claiming Ballmer was the inventor of the "Blue Screen of Death." That, in turn, prompted a follow-up developer blog post from Chen titled "Steve Ballmer did not write the text for the blue screen of death...." Chen then later tried to claim he was responsible for the "Blue Screen of Death," saying he coded it into Windows 95. Problem is, it already existed in previous iterations of Windows, and 95 simply removed it. Chen added it back in, which he sort of cops to, saying: "And I'm the one who wrote it. Or at least modified it last." No one challenged Chen's 2014 self-attribution, until 2021, when former Microsoft developer Dave Plummer stepped in. According to Plummer, the "Blue Screen of Death" was actually the work of Microsoft developer John Vert, whom logs revealed to be the father of the modern Windows blue screen way back in version 3.1. Plummer spoke directly with Vert, according to Vert, who'd remembered that he got the idea because there was already a blue screen with white text in both his machine at the time (a MIPS RISC box) and this text editor (SlickEdit)...Read more of this story at Slashdot.
This week the Computer Science Teachers Association conference kicked off Tuesday in Las Vegas, writes long-time Slashdot reader theodp. And the "TeachAI" education initiative teamed with the Computer Science Teachers Association to release three briefs "arguing that K-12 computer science education is more important than ever in an age of AI."From the press release: "As AI becomes increasingly present in the classroom, educators are understandably concerned about how it might disrupt the teaching of core CS skills like programming. With these briefs, TeachAI and CSTA hope to reinforce the idea that learning to program is the cornerstone of computational thinking and an important gateway to the problem-solving, critical thinking, and creative thinking skills necessary to thrive in today's digitally driven world. The rise of AI only makes CS education more important." To help drive home the point to educators, the 39-page Guidance on the Future of Computer Science Education in an Age of AI (penned by five authors from nonprofits CSTA and Code.org) includes a pretty grim comic entitled Learn to Program or Follow Commands. In the panel, two high school students who scoff at the idea of having to learn to code and instead use GenAI to create their Python apps wind up getting stuck in miserable warehouse jobs several years later as a result where they're ordered about by an AI robot. "The rise of AI only makes CS education more important," according to the group's press release, "with early research showing that people with a greater grasp of underlying computing concepts are able to use AI tools more effectively than those without." A survey by the group also found that 80% of teachers "agree that core concepts in CS education should be updated to emphasize topics that better support learning about AI." But I'd be curious to hear what Slashdot's readers think. Share your thoughts and opinions in the comments. Should children still be taught to code in the age of AI?Read more of this story at Slashdot.
The pace of China's clean energy transition "is roughly the equivalent of installing five large-scale nuclear power plants worth of renewables every week," according to a report from Australia's national public broadcaster ABC (shared by long-time Slashdot reader AmiMoJo):A report by Sydney-based think tank Climate Energy Finance (CEF) said China was installing renewables so rapidly it would meet its end-of-2030 target by the end of this month - or 6.5 years early. It's installing at least 10 gigawatts of wind and solar generation capacity every fortnight... China accounts for about a third of the world's greenhouse gas emissions. A recent drop in emissions (the first since relaxing COVID-19 restrictions), combined with the decarbonisation of the power grid, may mean the country's emissions have peaked. "With the power sector going green, emissions are set to plateau and then progressively fall towards 2030 and beyond," CEF China energy policy analyst Xuyang Dong said... [In China] the world's largest solar and wind farms are being built on the western edge of the country and connected to the east via the world's longest high-voltage transmission lines... Somewhat counterintuitively, China has built dozens of coal-fired power stations alongside its renewable energy zones, to maintain the pace of its clean energy transition. China was responsible for 95 per cent of the world's new coal power construction activity last year. The new plants are partly needed to meet demand for electricity, which has gone up as more energy-hungry sectors of the economy, like transport, are electrified. The coal-fired plants are also being used, like the batteries and pumped hydro, to provide a stable supply of power down the transmission lines from renewable energy zones, balancing out the intermittent solar and wind. Despite these new coal plants, coal's share of total electricity generation in the country is falling. The China Energy Council estimated renewables generation would overtake coal by the end of this year. CEF director Tim Buckley tells the site that China installed just 1GW of nuclear power last year - compared to 300GW of solar and wind. "They had grand plans for nuclear to be massive but they're behind on nuclear by a decade and five years ahead of schedule on solar and wind." Last year China accounted for 16% of the world's nuclear-generated power - but also more than half the world's coal-fired power generation, according to this year's analysis from the long-running International Energy Agency. The IEA estimated that in 2023, China's electricity demand rose by 6.4%, and they're predicting that by 2026 the country will see an increase "more than half of the EU's current annual electricity consumption." And yet in China "the rapid expansion of renewable energy sources is expected to meet all additional electricity demand..." according to the IEA analysis. "Coal-fired generation in China is currently on course to experience a slow structural decline, driven by the strong expansion of renewables and growing nuclear generation, as well as moderating economic growth." There's also some interesting stats on the "CO2 intensity" of power generation around the world. "The EU is expected to record the highest rate of progress in reducing emissions intensity, averaging an improvement of 13% per year. This is followed by China, with annual improvements forecast at 6%, and the United States at 5%." Long-time Slashdot reader Uncle_Meataxe shares a related article from Electrek ...Read more of this story at Slashdot.
Slashdot covered Barrett Brown back in 2011 and 2012. The New York Times calls him "an activist associated with the hacker group Anonymous, and a political prisoner recently denied asylum in Britain, all of which sounds a bit dreary until we hear tell of it through Brown's unhinged self-regard." They're reviewing Brown's "extraordinary" new memoir, My Glorious Defeats: Hacktivist, Narcissist, Anonymous," a book they call "deranged, hyperbolic, and true."A "machine" that focuses attention on little-known social issues, Anonymous has gone after the Church of Scientology, Koch Industries, websites hosting child pornography and the Westboro Baptist Church. The public tends to be confused by nebulous digital activities, so it was, in the collective's heyday, helpful to have Brown act as a translator between the hackers and mainstream journalists. "The year 2011 ended as it began," he writes, "with a sophisticated hack on a state-affiliated corporation that ostensibly dealt in straightforward security and analysis while secretly engaging in black ops campaigns against activists who'd proven troublesome to powerful clients." This particular corporation was Stratfor, a company that spied on activists for the government... Brown waited for the feds to come back and drag him to jail. He also says he tried to get off suboxone in order to avoid the painful possibility of prison withdrawal, and stopped taking Paxil, inducing a manic state, all of which is given as explanation for his regrettable next move, which was to set up a camera and start talking. The feds had threatened his mother, he told the internet, and in response he was threatening Robert Smith, the lead agent on his case. He found himself in custody the same night. Brown was then subjected to the kind of nonsense the Department of Justice is prone to inflicting on those involved in shadowy internet activities that, in fact, almost no one in the legal process understands. He was charged with participating in the hack of Stratfor, though he was not really involved and cannot code, and although the whole thing was organized by an F.B.I. informant. Brown had also retweeted a Fox News host's call to murder Julian Assange; the prosecution presented this as if he were himself calling for the murder of Assange. But generally, Brown's primary victim is himself. "My thirst for glory and hatred for the state," he writes, "were incompatible with an orthodox criminal defense, in which the limiting of one's sentence is the sole objective." In his cell, with an eraser-less pencil he needs a compliant guard to repeatedly sharpen, he writes "The Barrett Brown Review of Arts and Letters and Jail." His mother types it up; The Intercept publishes. He develops the character he will play in his memoir: a self-aware narcissist and addict. He wins a National Magazine Award, and is especially pleased that his column "Please Stop Sending Me Jonathan Franzen Novels," wins while Franzen is in attendance. "The state is an afterthought here - a litany of absurdist horrors too stupid to appall..." the review concludes. "We're left with a man who refuses to look away from the deep structure of the world, an unstable position from which there is no sanctuary. My Glorious Defeats is deranged, hyperbolic and as true a work as I have read in a very long time."Read more of this story at Slashdot.
2017 Slashdot headline: "People Keep Finding Hidden Cameras in Their Airbnbs." Nearly seven years later, CNN launched their own investigation of "Airbnb's hidden camera problem". CNN: "Across North America, police have seized thousands of images from hidden cameras at Airbnb rentals, including people's most intimate moments... It's more than just a few reported cases. And Airbnb knows it's a problem. In this deposition reviewed by CNN, an Airbnb rep said 35,000 customer support tickets about security cameras or recording devices had been documented over a decade. [The deposition estimates "about" 35,000 tickets "within the scope of the security camera and recording devices policy."] Airbnb told CNN a single complaint can involve multiple tickets. CNN actually obtained the audio recording of an Airbnb host in Maine admitting to police that he'd photographed a couple having sex using a camera hidden in a clock - and also photographed other couples. And one Airbnb guest told CNN he'd only learned he'd been recorded "because police called him, months later, after another guest found the camera" - with police discovering cameras in every single room in the house, concealed inside smoke detectors. "Part of the challenge is that the technology has gotten so advanced, with these cameras so small that you can't even see them," CNN says. But even though recording someone without consent is illegal in every state, CNN also found that in this case and others, Airbnb "does not contact law enforcement once hidden cameras are discovered - even if children are involved." Their reporter argues that Airbnb "not only fails to protect its guests - it works to keep complaints out of the courts and away from the public." They spoke to two Florida attorneys who said trying to sue Airbnb if something goes wrong is extremely difficult - since its Terms of Service require users to assume every risk themselves. "The person going to rent the property agrees that if something happens while they're staying at this accommodation, they're actually prohibited from suing Airbnb," says one of the attorneys. "They must go a different route, which is a binding arbitration." (When CNN asked if this was about controlling publicity, the two lawyers answered "absolutely" and "100%".) And when claims are settled, CNN adds, "Airbnb has required guests to sign confidentiality agreements - which CNN obtained - that keep some details of legal cases private." Responding to the story, Airbnb seemed to acknowledge guests have been secretly recorded by hosts, by calling such occurrences "exceptionally rare... When we do receive an allegation, we take appropriate, swift action, which can include removing hosts and listings that violate the policy. "Airbnb's trust and safety policies lead the vacation rental industry..."Read more of this story at Slashdot.
"If there is no alternative, then the whole thing can collapse around you," says Ron Delnevo. He's the chair of The Payment Choice Alliance, "which campaigns against the move towards a cashless society." He's part of those arguing "the chaos caused by the global IT outage last week underlines the risk of moving towards a cashless society," writes the Observer:Authorities in China and the US have fined businesses for not accepting cash. Delnevo said the U.K. should have a law requiring all businesses to take cash. Martin Quinn, campaign director for the PCA, said using cash allowed for anonymity. "I don't want my data sold on, and I don't want banks, credit card companies and even online retailers to know every facet of my life," he said. Budgeting by using cash is also easier for some, he added. The article includes some interesting statistics from a U.K. bank trade association. "The number of people who never use cash, or use it less than once a month, reached 23.1 million in 2021, but declined to 21.6m last year."The GMB [general trade] Union said the outage reinforced what it had been saying for years: that "cash is a vital part of how our communities operate". "When you take cash out of the system, people have nothing to fall back on, impacting on how they do the everyday basics."Read more of this story at Slashdot.
SolarWinds still faces some legal action over its infamous 2020 breach, reports NextGov.com. But a U.S. federal judge has dismissed most of the claims from America's Securities and Exchange Commission, which "alleged the company defrauded investors because it deliberately hid knowledge of cyber vulnerabilities in its systems ahead of a major security breach discovered in 2020." Slashdot reader krakman shares this report from the Washington Post:"The SEC's rationale, under which the statute must be construed to broadly cover all systems public companies use to safeguard their valuable assets, would have sweeping ramifications," [judge] Engelmayer wrote in a 107-page decision. "It could empower the agency to regulate background checks used in hiring nighttime security guards, the selection of padlocks for storage sheds, safety measures at water parks on whose reliability the asset of customer goodwill depended, and the lengths and configurations of passwords required to access company computers," he wrote. The federal judge also dismissed SEC claims that SolarWinds' disclosures after it learned its customers had been affected improperly covered up the gravity of the breach... In an era when deeply damaging hacking campaigns have become commonplace, the suit alarmed business leaders, some security executives and even former government officials, as expressed in friend-of-the-court briefs asking that it be thrown out. They argued that adding liability for misstatements would discourage hacking victims from sharing what they know with customers, investors and safety authorities. Austin-based SolarWinds said it was pleased that the judge "largely granted our motion to dismiss the SEC's claims," adding in a statement that it was "grateful for the support we have received thus far across the industry, from our customers, from cybersecurity professionals, and from veteran government officials who echoed our concerns." The article notes that as far back as 2018, "an engineer warned in an internal presentation that a hacker could use the company's virtual private network from an unauthorized device and upload malicious code. Brown did not pass that information along to top executives, the judge wrote, and hackers later used that exact technique." Engelmayer did not dismiss the case entirely, allowing the SEC to try to show that SolarWinds and top security executive Timothy Brown committed securities fraud by not warning in a public "security statement" before the hack that it knew it was highly vulnerable to attacks. The SEC "plausibly alleges that SolarWinds and Brown made sustained public misrepresentations, indeed many amounting to flat falsehoods, in the Security Statement about the adequacy of its access controls," Engelmayer wrote. "Given the centrality of cybersecurity to SolarWinds' business model as a company pitching sophisticated software products to customers for whom computer security was paramount, these misrepresentations were undeniably material."Read more of this story at Slashdot.
Parts of the Persian Gulf "have seen the heat index, or how it feels when factoring in the humidity, reach 140 to 150 degrees Fahrenheit (60 to 65 Celsius)," reports the Washington Post, "fueled by an intense heat dome, the warmest water temperatures in the world and the influence of human-caused climate change."Temperatures at the Persian Gulf International Airport in Asaluyeh, Iran, climbed to 108 (42 C) on Wednesday and 106 (41 C) on Thursday, with both days recording a peak heat index of 149 (65 C). In Dubai, the temperature topped out at 113 (45 C) on Tuesday and the heat index soared to 144 (62 C). Other extreme heat indexes in recent days include 141 (61 C) in Abu Dhabi and 136 (58 C) at Khasab Air Base in Oman. Last August, this same region experienced even more extreme heat indexes, climbing as high as 158 degrees (70 C). The maximum air temperatures this week - generally between 105 and 115 (41 and 46 C) - have only been somewhat above normal. But the dew points - which are a measure of humidity - have been excessive, climbing well into the 80s (27 to 32 C). In the United States, any dew point over 70 degrees (21 C) is considered uncomfortably humid. It's the very high dew points that have propelled heat indexes up to 30 degrees (16 C) above actual air temperatures. The extreme humidity levels are tied to bathtub-like water temperatures in the Persian Gulf, the warmest in the world. According to National Oceanic and Atmospheric Administration data, sea surface temperatures are as warm as 95 degrees (35 C). Largely because of the high humidity, nighttime minimum temperatures have also remained exceptionally warm, in many cases staying above 85 (29 C). Temperatures in Iranshar, Iran, only dropped to 97 (36 C) on Wednesday night, its hottest July night on record. "Researchers have identified the Persian Gulf among the regions most likely to regularly exceed life-threatening heat thresholds during the next 30 to 50 years," the article adds. And it also cites new heat records reported for the region by weather historian Maximiliano Herrera. "The United Arab Emirates saw a scorching high temperature of 123 while Adrar, Algeria, tied its record of 122 (50 C). Cities in both Kuwait and Iraq reached 126 (52 C), and Al Ahsa, Saudi Arabia, notched a record of 124 (51 C)... "The same heat dome that's in the Persian Gulf region has spread record heat northward into Eastern Europe, westward into northern Africa, and eastward into India, Pakistan and Indonesia. In Eastern Europe, high temperatures surpassed 104 (40 C), with some locations staying above 85 degrees (29 C) at night."Read more of this story at Slashdot.
A new report "explores the current state of secure software development," according to an announcement from the Linux Foundation, "and underscores the urgent need for formalized industry education and training programs," noting that many developers "lack the essential knowledge and skills to effectively implement secure software development." The report analyzes a survey of nearly 400 software development professionals performed by and the Open Source Security Foundation (OpenSSF) and Linux Foundation Research:Survey findings outlined in the report show nearly one-third of all professionals directly involved in development and deployment - system operations, software developers, committers, and maintainers - self-report feeling unfamiliar with secure software development practices. This is of particular concern as they are the ones at the forefront of creating and maintaining the code that runs a company's applications and systems. "Time and again we've seen the exploitation of software vulnerabilities lead to catastrophic consequences, highlighting the critical need for developers at all levels to be armed with adequate knowledge and skills to write secure code," said David A. Wheeler, director of open source supply chain security for the Linux Foundation. "Our research found that a key challenge is the lack of education in secure software development. Practitioners are unsure where to start and instead are learning as they go. It is clear that an industry-wide effort to bring secure development education to the forefront must be a priority." OpenSSF offers a free course on developing secure software (LFD121) and encourages developers to start with this course. Survey results indicate that the lack of security awareness is likely due to most current educational programs prioritizing functionality and efficiency while often neglecting essential security training. Additionally, most professionals (69%) rely on on-the-job experience as a main learning resource, yet it takes at least five years of such experience to achieve a minimum level of security familiarity. "The top reason (44%) for not taking a course on secure software development is lack of knowledge about a good course on the topic," according to the announcement - which includes this follow-up quote from Intel's Christopher Robinson (co-chair of the OpenSSF Education SIG). "Based on these findings, OpenSSF will create a new course on security architecture which will be available later this year which will help promote a 'security by design' approach to software developer education."Read more of this story at Slashdot.
An anonymous reader shared this report from CNN:Netflix will start phasing out its Basic plan, its cheapest advertising-free plan, which costs $11.99 per month in the United States, the company said on Thursday. The company had previously stopped accepting new sign-ups for the Basic plan, instead pushing customers to Netflix's ad-supported plan, which costs $6.99 per month. However, existing users were allowed to keep the basic plan. In January, the company said it would retire its cheapest ad-free tier in Canada and the UK. On Thursday, the company said the US and France are next. Basic users in the US who want an ad-free viewing experience on Netflix will now have two choices: Netflix's Standard plan, which costs $15.49 per month, and its Premium plan, which costs $22.99 per month... The company reported a record-high 277.65 million subscribers on its streaming platform Thursday, far outpacing streaming competitors like Disney+, Peacock and Max... Overall, Netflix added 8.05 million new subscribers in its second quarter. Netflix's surge in new subscribers has been fueled in part by the company's effort to push users who share passwords to create their own accounts. The article adds that Netflix's stock has climbed more than 35% in 2024.Read more of this story at Slashdot.
Slashdot reader Thelasko shared Friday's article from Digital Trends:Nearly every flight in the U.S. is grounded right now following a CrowdStrike system update error that's affecting everything from travel to mobile ordering at Starbucks - but not Southwest Airlines flights. Southwest is still flying high, unaffected by the outage that's plaguing the world today, and that's apparently because it's using Windows 3.1. Yes, Windows 3.1 - an operating system that is 32 years old. Southwest, along with UPS and FedEx, haven't had any issues with the CrowdStrike outage. In responses to CNN, Delta, American, Spirit, Frontier, United, and Allegiant all said they were having issues, but Southwest told the outlet that its operations are going off without a hitch. Some are attributing that to Windows 3.1. Major portions of Southwest's systems are reportedly built on Windows 95 and Windows 3.1... UPDATE: Reached for comment, Southwest "would not confirm" that's it's using Windows 3.1, reports SFGate. But they did get this quote from an airline analyst: aoeWe believe that Southwesta(TM)s older technology kept it somewhat immune from the issues affecting other airlines today."Read more of this story at Slashdot.
"Many people over the past few days have been lashing out at Mozilla," writes the blog Its FOSS, "for enabling Privacy-Preserving Attribution by default on Firefox 128, and the lack of publicity surrounding its introduction." Mozilla responded that the feature will only run "on a few sites in the U.S. under strict supervision" - adding that users can disable it at any time ("because this is a test"), and that it's only even enabled if telemetry is also enabled. And they also emphasize that it's "not tracking." The way it works is there's an "aggregation service" that can periodically send advertisers a summary of ad-related actions - again, aggregated data, from a mass of many other users. (And Mozilla says that aggregated summary even includes "noise that provides differential privacy.") This Privacy-Preserving Attribution concept "does not involve sending information about your browsing activities to anyone... Advertisers only receive aggregate information that answers basic questions about the effectiveness of their advertising." More from It's FOSS:Even though Mozilla mentioned that PPA would be enabled by default on Firefox 128 in a few of its past blog posts, they failed to communicate this decision clearly, to a wider audience... In response to the public outcry, Firefox CTO, Bobby Holley, had to step in to clarify what was going on. He started with how the internet has become a massive cesspool of surveillance, and doing something about it was the primary reason many people are part of Mozilla. He then expanded on their approach with Firefox, which, historically speaking, has been to ship a browser with anti-tracking features baked in to tackle the most common surveillance techniques. But, there were two limitations with this approach. One was that advertisers would try to bypass these countermeasures. The second, most users just accept the default options that they are shown... Bas Schouten, Principal Software Engineer at Mozilla, made it clear at the end of a heated Mastodon thread that "[opt-in features are] making privacy a privilege for the people that work to inform and educate themselves on the topic. People shouldn't need to do that, everyone deserves a more private browser. Privacy features, in Firefox, are not meant to be opt-in. They need to be the default. "If you are 'completely anti-ads' (i.e. even if their implementation is private), you probably use an ad blocker. So are unaffected by this." This has already provoked a discussion among Slashdot readers. "It doesn't seem that evil to me," argues Slashdot reader geekprime. "Seems like the elimination of cross site cookies is a privacy enhancing idea." (They cite Mozilla's statement that their goal is "to inform an emerging Web standard designed to help sites understand how their ads perform without collecting data about individual people. By offering sites a non-invasive alternative to cross-site tracking, we hope to achieve a significant reduction in this harmful practice across the web.") But Slashdot reader TheNameOfNick disagrees. "How realistic is the part where advertisers stop tracking you because they get less information from the browser maker...?" Mozilla has provided simple instructions for disabling the feature: Click the menu button and select Settings. In the Privacy & Security panel, find the Website Advertising Preferences section. Uncheck the box labeled Allow websites to perform privacy-preserving ad measurement.Read more of this story at Slashdot.
Long-time Slashdot reader theodp writes: Bob Newhart, whose stammering, deadpan unflappability carried him to stardom as a standup comedian and later in television and movies, has died at age 94. He remains best known for the television shows, "The Bob Newhart Show" (1972-78) and "Newhart" (1982-90), both of which were built around his persona as a reasonable man put-upon by crazies. A younger crowd may remember Newhart from his roles in the movie "Elf" (2003) and TV's "The Big Bang Theory" (2013-18). Less known about Newhart is that he was an early Commodore PET owner, recalling for the LA Times in 2001: "I remember leafing through a copy of Popular Science magazine and seeing an ad for a Commodore computer that had 8- or 16 kilobytes [in 1977]. It had an awful-looking screen, and it was $795. I thought I'd better get one because I had sons who were going to be in high school and might want to know about computers. Later, I moved up to the 64 KB model and thought that was silly because it was more memory than I would ever possibly need. "I got them for the kids and then found I was fascinated by them. The first ones had tape drives. You would get a program like a word processor, put the tape in and then walk away for about a half an hour while the computer loaded it. But the first time I used a spell checker and it corrected a word, I thought, 'We are getting close to God here."Read more of this story at Slashdot.
"More pieces of a broken wind turbine off the coast of Massachusetts are falling into the Atlantic Ocean," reports CBS News on Thursday. "The CEO of Vineyard Wind was at Nantucket's Select Board meeting Wednesday evening, apologizing and answering questions about the initial break when he suddenly had to leave because the situation is getting worse." CNN reports the debris has been "prompting beach closures and frustrating locals at the peak of the summer season" since the blade broke a week ago, and then folded over:Since then, foam debris and fiberglass - including some large and dangerously sharp pieces - have washed onto beaches. A "significant part" of the remaining damaged blade detached from the turbine early Thursday morning, Vineyard Wind said in a news release. The US Coast Guard confirmed to CNN it has located a 300-foot piece of the blade. There are few answers to what caused the turbine to fail, and the incident has prompted questions and anger from city officials and Nantucket residents... The shards of turbine forced officials to close beaches earlier this week, though they have since reopened. [Nantucket select board chair Brooke Mohr] said the town would monitor for additional debris and adjust schedules accordingly. "Public safety is our most immediate concern, these fiberglass pieces are quite sharp," Mohr said, making swimming unsafe... The federal government is conducting its own investigation and has ordered Vineyard Wind to stop all its wind turbines producing electricity until it can be determined whether any other blades were impacted, a Bureau of Safety and Environmental Enforcement spokesperson said in a statement. The federal government has also ordered the companies to preserve any equipment that could help determine the cause of the failure. The federal suspension order effectively halts further construction on Vineyard Wind, the first large-scale wind farm being installed in the US. The wind farm, a joint venture of Avangrid and Copenhagen Infrastructure Partners, has 10 turbines up and running so far with plans to install 62 total... The project was set to double the number of turbines spinning off the East Coast, and state leaders in Massachusetts have viewed it as a big boost to the state's ability to generate electricity. Now the project is in limbo, and could remain so until the investigation is complete. The article quotes the head of government affairs at wind blade manufacturer GE Vernova as saying a breaking wind turbine is "highly unusual and rare." But Vineyard Wind CEO Klaus Skoust Moller called it a "very serious situation" and apologized to local residents. Meanwhile, the Boston Herald reported Friday that the Nantucket Select Board "is set to pursue litigation against the wind energy company in connection to the blade failure..."Town officials, residents and local mariners have all said they didn't learn of the incident until Monday evening, roughly 48 hours after the fact and just hours before debris started to wash ashore, prompting beaches to close Tuesday... The "significant portion" of the 107-meter blade that detached from the turbine Thursday morning sunk to the ocean floor. Crews were slated to recover the fiberglass "in due course," town officials wrote in a Friday update... Residents are not taking kindly to Vineyard Wind's assertion that the debris - fiberglass fragments ranging in size from small pieces to larger sections, typically green or white - is not toxic. Vineyard Wind has deployed a crew of 56 contractors to assist in the cleanup of the island's beaches, and town officials said Friday that no town staff are actively engaged in removing the debris. The wind energy company reported Wednesday that crews had removed 17 cubic yards of debris, enough to fill more than six truckloads. "The joint venture of Connecticut-based Avangrid and Denmark-based Copenhagen Infrastructure Partners is developing a plan to test water quality around the island while working on a process for financial claims."Read more of this story at Slashdot.
Scientists at the University of Texas at Austin have developed a "smart soil" that can keep plants better hydrated and provide a controlled release of nutrients. As reported by New Atlas, tests found that it "drastically improved crop growth while using far less water." From the report: The soil gets its "smart" moniker thanks to the addition of a specially formulated hydrogel, which works to absorb more water vapor from the air overnight, then releasing it to the plants' roots during the day. Incorporating calcium chloride into the hydrogel also provides a slow release of this vital nutrient. The team tested the new smart soil in lab experiments, growing plants in 10 grams of soil, with some including 0.1 g of hydrogel. A day/night cycle was simulated, with 12 hours of darkness at 25 C (77 F) and either 60% or 90% relative humidity, followed by 12 hours of simulated sunlight at 35 C (95 F) and 30% humidity. Sure enough, plants growing in the hydrogel soil showed a 138% boost to their stem length, compared to the control group. Importantly, the hydrogel-grown plants achieved this even while requiring 40% less direct watering. In future work, the team plans to try incorporating other types of fertilizers, and conducting longer field experiments. The research was published in the journal ACS Materials Letters.Read more of this story at Slashdot.
A solar superstorm in May caused thousands of satellites to simultaneously maneuver to maintain altitude due to the thickening of the upper atmosphere, creating potential collision hazards as existing prediction systems struggled to cope. Space.com reports: According to a pre-print paper published on the online repository arXiv on June 12, satellites and space debris objects in low Earth orbit -- the region of space up to an altitude of 1,200 miles (2,000 kilometers) -- were sinking toward the planet at the speed of 590 feet (180 meters) per day during the four-day storm. To make up for the loss of altitude, thousands of spacecraft began firing their thrusters at the same time to climb back up. That mass movement, the authors of the paper point out, could have led to dangerous situations because collision avoidance systems didn't have time to calculate the satellites' changing paths. The solar storm that battered Earth from May 7 to 10 reached the intensity of G5, the highest level on the five-step scale used by the National Oceanic and Atmospheric Administration (NOAA) to assess the strength of solar storms. It was the strongest solar storm to hit Earth since 2003. The authors of the paper, however, pointed out that the environment around the planet has changed profoundly since that time. While only a few hundred satellites were orbiting Earth twenty years ago, there are thousands today. The authors of the paper put the number of "active payloads at [low Earth orbit]" at 10,000. [...] The new paper points out that space weather forecasts ahead of the May storm failed to accurately predict the duration and intensity of the event, making satellite collision predictions nearly impossible. On the upside, the storm helped to clear out some junk as defunct satellites and debris fragments spiraled deeper into the atmosphere. The authors of the report estimate that thousands of space debris objects lost several kilometers in altitude during the storm. More powerful solar storms can be expected in the coming months as the peak of the current solar cycle -- the 11-year ebb and flow in the number of sunspots, solar flares and eruptions -- is expected in late 2024 and early 2025. The paper can be found here.Read more of this story at Slashdot.
An anonymous reader quotes a report from CNBC: The U.S. will fall behind in the artificial intelligence race if it does not embrace natural gas to help meet surging electricity demand from data centers, the CEO of one of the nation's largest pipeline operators told CNBC. "The only way we're going to be able to keep up with the kind of power demand and the electrification that's already afoot is natural gas," Williams Companies CEO Alan Armstrong said in an interview Thursday. "If we deny ourselves that we're going to fall behind in the AI race." Williams Companies handles about one-third of the natural gas in the U.S. through a pipeline network that spans more than 30,000 miles. Williams' network includes the 10,000 mile Transcontinental Pipeline, or Transco, a crucial artery that serves virtually the entire eastern seaboard including Virginia, the world's largest data center hub, and fast growing Southeast markets such as Georgia. The tech sector's expansion of data centers to support AI and the adoption of electric vehicles is projected to add 290 terawatt hours of electricity demand by the end of the decade in the U.S., according to a recent report by the energy consulting firm Rystad. This load growth is equivalent to the entire electricity demand of Turkey, the world's 18th largest economy. Executives at some the nation's largest utilities have warned that failure to meet this surging electricity demand will jeopardize not just the artificial intelligence revolution, but economic growth across the board in the U.S. The role natural gas in helping to meet that demand is controversial as the country is simultaneously trying to transition to a clean energy economy through the rapid expansion of renewables. "We are going to run right up against a brick wall here and pretty quickly in terms of not having enough power available to do what we want to do on the AI side," Armstrong said. "I actually see this as a huge national security issue," the CEO said. "We're going to have to get out of our own way or we're going to accidentally keep ourselves from being the power we can be in the AI space." "Those groups that have very much had their brand be all green have come to us and said, 'We got to work with you guys. We've run out of alternatives -- we can't meet the needs of our customers without using natural gas,'" Armstrong said. "We're completely out of capacity ourselves," Armstrong added. "So we just have to kind of beg, borrow and steal from other people's capacity to do our best to make gas available."Read more of this story at Slashdot.
Shares of cybersecurity company CrowdStrike Holdings dropped 15% on Friday after the company's software update resulted in what may turn out to be the largest IT outage ever. CrowdStrike stock "is on pace for its steepest daily loss since November 2022 and its $290 low share price is the lowest intraday mark since April 25," reports Forbes. "CrowdStrike is on track for the third-worst day in its five-year history as a publicly traded company." From the report: Microsoft, which was swept up in the outage as the downed systems are those running CrowdStrike's cybersecurity applications and Microsoft's Windows software, also slumped, with its shares down about 1% to the $3.2 trillion behemoth's lowest share price since June 11. CrowdStrike competitor Palo Alto Networks enjoyed a 4% rally Friday, while the tech-heavy Nasdaq Composite stock index gained about 0.2%, held up by the likes of Microsoft rival Apple's 1% stock gain and a 1% rise for shares of Alphabet, which is reportedly in talks to buy cybersecurity firm Wiz for $23 billion. The CrowdStrike selloff is "an overreaction to a temporary setback," Rosenblatt analyst Catharine Trebnick wrote in a note to clients Friday. It's a "compelling buying opportunity" as it "creates a window for investors to buy into a high-quality, growth-oriented cybersecurity company at a discounted valuation," Trebnick continued. To her point, CrowdStrike stock's relative valuation, according to its price-to-earnings ratio (P/E), which compares its market value to its projected profits over the next four quarters, fell Friday to its lowest number since April. Still, CrowdStrike's P/E of about 70 is very high for a company of its size, meaning investors will need to express significant confidence in the business' ability to grow earnings, a challenge if Friday's incident were to impact CrowdStrike's client base.Read more of this story at Slashdot.
More than a dozen new Immersive Videos are coming to Vision Pro, with the first, titled Boundless, launching last night. "The announcement follows a long, slow period for new Vision Pro-specific video content from Apple," writes Ars Technica's Samuel Axon. "The headset launched in early February with a handful of Immersive Video episodes ranging from five to 15 minutes each. Since then, only three new videos have been added." From the report: Tonight's Boundless episode will allow viewers to see what it's like to ride in a hot air balloon over sweeping vistas. Another episode titled "Arctic Surfing" will arrive this fall, Apple says. Sometime next month, Apple will publish the second episode of its real wildlife documentary, simply titled Wild Life. The episode will focus on elephants in Kenya's Sheldrick Wildlife Trust. Another episode is in the works, too. "Later this year," Apple writes in its newsroom post, "viewers will brave the deep with a bold group of divers in the Bahamas, who come face-to-face with apex predators and discover creatures much more complex than often portrayed." In September, we'll see the debut of a new Immersive Video series titled Elevated. Apple describes it as an "aerial travel series" in which viewers will fly over places of interest. The first episode will take viewers to Hawaii, while another planned for later this year will go to New England. Apple is additionally partnering with Red Bull for a look at surfing called Red Bull: Big-Wave Surfing. In addition to those documentary episodes, there will be three short films by year's end. One will be a musical experience featuring The Weeknd, and another will take basketball fans inside the 2024 NBA All-Star Weekend. There will also be Submerged, the first narrative fictional Immersive Video on the platform. It's an action short film depicting struggles on a submarine during World War II.Read more of this story at Slashdot.
An anonymous reader quotes a report from the New York Times: For years, the people building powerful artificial intelligence systems have used enormous troves of text, images and videos pulled from the internet to train their models. Now, that data is drying up. Over the past year, many of the most important web sources used for training A.I. models have restricted the use of their data, according to a study published this week by the Data Provenance Initiative, an M.I.T.-led research group. The study, which looked at 14,000 web domains that are included in three commonly used A.I. training data sets, discovered an "emerging crisis in consent," as publishers and online platforms have taken steps to prevent their data from being harvested. The researchers estimate that in the three data sets -- called C4, RefinedWeb and Dolma -- 5 percent of all data, and 25 percent of data from the highest-quality sources, has been restricted. Those restrictions are set up through the Robots Exclusion Protocol, a decades-old method for website owners to prevent automated bots from crawling their pages using a file called robots.txt. The study also found that as much as 45 percent of the data in one set, C4, had been restricted by websites' terms of service. "We're seeing a rapid decline in consent to use data across the web that will have ramifications not just for A.I. companies, but for researchers, academics and noncommercial entities," said Shayne Longpre, the study's lead author, in an interview.Read more of this story at Slashdot.
Nigeria fined Meta for $220 million on Friday, alleging the tech giant violated the country's local consumer, data protection and privacy laws. Reuters reports: Nigeria's Federal Competition and Consumer Protection Commission (FCCPC) said Meta appropriated the data of Nigerian users on its platforms without their consent, abused its market dominance by forcing exploitative privacy policies on users, and meted out discriminatory and disparate treatment on Nigerians, compared with other jurisdictions with similar regulations. FCCPC chief Adamu Abdullahi said the investigations were jointly held with Nigeria's Data Protection Commission and spanned over 38 months. The investigations found Meta policies don't allow users the option or opportunity to self-determine or withhold consent to the gathering, use, and sharing of personal data, Abdullahi said. "The totality of the investigation has concluded that Meta over the protracted period of time has engaged in conduct that constituted multiple and repeated, as well as continuing infringements... particularly, but not limited to abusive, and invasive practices against data subjects in Nigeria," Abdullahi said. "Being satisfied with the significant evidence on the record, and that Meta has been provided every opportunity to articulate any position, representations, refutations, explanations or defences of their conduct, the Commission have now entered a final order and issued a penalty against Meta," Abdullahi said. The final order mandates steps and actions Meta must take to comply with local laws, Abdullahi said.Read more of this story at Slashdot.
Kylie Robison reports via The Verge: Have you seen the memes online where someone tells a bot to "ignore all previous instructions" and proceeds to break it in the funniest ways possible? The way it works goes something like this: Imagine we at The Verge created an AI bot with explicit instructions to direct you to our excellent reporting on any subject. If you were to ask it about what's going on at Sticker Mule, our dutiful chatbot would respond with a link to our reporting. Now, if you wanted to be a rascal, you could tell our chatbot to "forget all previous instructions," which would mean the original instructions we created for it to serve you The Verge's reporting would no longer work. Then, if you ask it to print a poem about printers, it would do that for you instead (rather than linking this work of art). To tackle this issue, a group of OpenAI researchers developed a technique called "instruction hierarchy," which boosts a model's defenses against misuse and unauthorized instructions. Models that implement the technique place more importance on the developer's original prompt, rather than listening to whatever multitude of prompts the user is injecting to break it. The first model to get this new safety method is OpenAI's cheaper, lightweight model launched Thursday called GPT-4o Mini. In a conversation with Olivier Godement, who leads the API platform product at OpenAI, he explained that instruction hierarchy will prevent the meme'd prompt injections (aka tricking the AI with sneaky commands) we see all over the internet. "It basically teaches the model to really follow and comply with the developer system message," Godement said. When asked if that means this should stop the 'ignore all previous instructions' attack, Godement responded, "That's exactly it." "If there is a conflict, you have to follow the system message first. And so we've been running [evaluations], and we expect that that new technique to make the model even safer than before," he added.Read more of this story at Slashdot.
Bangladesh is experiencing a "near-total" nationwide internet shutdown amid government efforts to control widespread student protests against the country's quota system for government jobs. The country's quota system requires a third of government jobs be reserved for relatives of veterans who had fought for independence from Pakistan. According to Reuters, the protests "have opened old and sensitive political fault lines between those who fought for Bangladesh's independence from Pakistan in 1971 and those accused of collaborating with Islamabad." Analysts say the protests have also been "fueled by high unemployment among young people" and "wider economic woes, such as high inflation and shrinking reserves of foreign exchange." Engadget reports on the internet disruptions: To control the situation, Bangladeshi authorities shut down internet and phone access throughout the country, a common practice in South Asia to prevent the spread of rumors and misinformation and exercise state control. NetBlocks, a global internet monitor that works on digital rights analyzed live network data that showed that Bangladesh was in the middle of a "near-total national internet shutdown." [...] Bangladesh has frequently blacked out the internet to crack down on political opposition and activists. At the end of 2023, research tool CIVICUS Monitor, which provides data on the state of civil society and freedoms in nearly 200 countries, downgraded Bangladesh's civic space to "closed," its lowest possible rating, after the country imposed six internet shutdowns the previous year. That made Bangladesh the fifth-largest perpetrator of internet shutdowns in 2022, Access Now said. The country's telecom regulator had pledged to keep internet access on through Bangladesh's general elections at the beginning of 2024, but that electoral period is now over. Despite the pledge, Bangladesh blocked access to news websites during its elections.Read more of this story at Slashdot.
Slashdot