Microsoft has confirmed that the April 2024 Windows security updates break VPN connections across client and server platforms. From a report: The company explains on the Windows health dashboard that "Windows devices might face VPN connection failures after installing the April 2024 security update or the April 2024 non-security preview update." "We are investigating user reports, and we will provide more information in the coming days," Redmond added. The list of affected Windows versions includes Windows 11, Windows 10, and Windows Server 2008 and later.

Read more of this story at Slashdot.

An anonymous reader shares a report: Two months after hackers broke into Change Healthcare systems stealing and then encrypting company data, it's still unclear how many Americans were impacted by the cyberattack. Last month, Andrew Witty, the CEO of Change Healthcare's parent company UnitedHealth Group, said that the stolen files include the personal health information of "a substantial proportion of people in America." On Wednesday, during a House hearing, when Witty was pushed to give a more definitive answer, testifying that the breach impacted "I think, maybe a third [of Americans] or somewhere of that level."

Read more of this story at Slashdot.

"Tens of millions" of people are using technical workarounds to secretly access WhatsApp in countries where it is banned, the messaging platform's boss has said. From a report: "You'd be surprised how many people have figured it out," Will Cathcart told BBC News. Like many Western apps, WhatsApp is banned in Iran and North Korea and, intermittently, in Syria. And last month, China joined the list of those banning users from accessing the secure platform. Other countries, including Qatar, Egypt, Jordan and the United Arab Emirates, restrict features such as voice calls. But WhatsApp can see where its users truly are, thanks to their registered phone numbers. "We have a lot of anecdotal reports of people using WhatsApp and what we can do is look at some of the countries where we're seeing blocking and still see tens of millions of people connecting to WhatsApp," Mr Cathcart told BBC News. China ordered Apple to block Chinese iPhone users from downloading WhatsApp from the AppStore in April, a move Mr Cathcart calls "unfortunate" -- although the country was never a major market for the app. "That's a choice Apple has made," he said. "There aren't alternatives. I mean, that is really a situation where they've put themselves in the position to be able to truly stop something."

Read more of this story at Slashdot.

ArsTechnica: Sixty years ago, on May 1, 1964, at 4 am in the morning, a quiet revolution in computing began at Dartmouth College. That's when mathematicians John G. Kemeny and Thomas E. Kurtz successfully ran the first program written in their newly developed BASIC (Beginner's All-Purpose Symbolic Instruction Code) programming language on the college's General Electric GE-225 mainframe. Little did they know that their creation would go on to democratize computing and inspire generations of programmers over the next six decades.

Read more of this story at Slashdot.

The US could lose out on valuable AI and tech talent if some of its immigration policies are not modernized, Google says in a letter sent to the Department of Labor. From a report: Google says policies like Schedule A, a list of occupations the government "pre-certified" as not having enough American workers, have to be more flexible and move faster to meet demand in technologies like AI and cybersecurity. The company says the government must update Schedule A to include AI and cybersecurity and do so more regularly. "There's wide recognition that there is a global shortage of talent in AI, but the fact remains that the US is one of the harder places to bring talent from abroad, and we risk losing out on some of the most highly sought-after people in the world," Karan Bhatia, head of government affairs and public policy at Google, tells The Verge. He noted that the occupations in Schedule A have not been updated in 20 years. Companies can apply for permanent residencies, colloquially known as green cards, for employees. The Department of Labor requires companies to get a permanent labor certification (PERM) proving there is a shortage of workers in that role. That process may take time, so the government "pre-certified" some jobs through Schedule A. The US Citizenship and Immigration Services lists Schedule A occupations as physical therapists, professional nurses, or "immigrants of exceptional ability in the sciences or arts." While the wait time for a green card isn't reduced, Google says Schedule A cuts down the processing time by about a year.

Read more of this story at Slashdot.

Windows 11's market share dropped in April 2024, falling below 26% after reaching an all-time high of 28.16% in February. According to Statcounter, Windows 11 lost 0.97 points, while Windows 10 gained 0.96 points, crossing the 70% mark for the first time since September 2023. Neowin adds: Some argue that Windows 11 still offers little to no benefits for upgrading, especially in light of Microsoft killing some of the system's unique features, such as Windows Subsystem for Android. Add to that the ever-increasing number of ads, some of which are quite shameless, and you get an operating system that has a hard time winning hearts and minds, and retaining its customers.

Read more of this story at Slashdot.

LastPass, the password manager company, has officially separated from its parent company, GoTo, following a series of high-profile hacks in recent years. The company will now operate under a shareholder holding company called LMI Parent. LastPass -- owned by private equity firms Francisco Partners and Elliott Management -- has faced criticism for its handling of the breaches, which resulted in the theft of customer data and encryption keys. The company has since enforced a 12-character minimum for master passwords to improve security.

Read more of this story at Slashdot.

Microsoft's motivation for investing heavily and partnering with OpenAI came from a sense of falling badly behind Google, according to an internal email released Tuesday as part of the Justice Department's antitrust case against the search giant. Bloomberg: The Windows software maker's chief technology officer, Kevin Scott, was "very, very worried" when he looked at the AI model-training capability gap between Alphabet's efforts and Microsoft's, he wrote in a 2019 message to Chief Executive Officer Satya Nadella and co-founder Bill Gates. The exchange shows how the company's top executives privately acknowledged they lacked the infrastructure and development speed to catch up to the likes of OpenAI and Google's DeepMind. [...] Scott, who also serves as executive vice president of artificial intelligence at Microsoft, observed that Google's search product had improved on competitive metrics because of the Alphabet company's advancements in AI. The Microsoft executive wrote that he made a mistake by dismissing some of the earlier AI efforts of its competitors. "We are multiple years behind the competition in terms of machine learning scale," Scott said in the email. Significant portions of the message, titled 'Thoughts on OpenAI,' remain redacted. Nadella endorsed Scott's email, forwarding it to Chief Financial Officer Amy Hood and saying it explains "why I want us to do this."

Read more of this story at Slashdot.

The massive volumes of debt piling up around the globe forced the president of the World Economic Forum to reach back more than 200 years for a comparable period. Fortune: In an interview Sunday with CNBC at a WEF conference in Saudi Arabia, Borge Brende warned overall debt is approaching the world's total economic output. "We haven't seen this kind of debt since the Napoleonic Wars," he said. "We're getting close to 100% of global GDP in debt." According to the International Monetary Fund last year, global public debt hit $91 trillion, or 92% of GDP, by the end of 2022. That was actually a dip from pandemic-era debt levels but remained in line with a decades-long trend higher. Data on global debt during the Napoleonic Wars, which took place in the early 1800s, is harder to come by. But for comparison, some estimates put British government debt at more than 200% of GDP by 1815. Brende also told CNBC that governments need to take fiscal measures to reduce their debts without triggering a recession. For now, global growth is about 3.2% annually, which isn't bad, but it's also below the 4% trend growth the world had seen for decades, he said earlier in the interview. That risks a repeat of the 1970s, when growth was low for a decade, Brende added. But the world can avoid such an outcome if it continues to trade and doesn't engage in more trade wars. "Trade was the engine of growth for decades," he said.

Read more of this story at Slashdot.

LinkedIn, the professional network known for job listings and unsolicited career advice, is jumping into gaming. From a report: The platform is officially introducing a set of Wordle-style puzzle games, weeks after they were first spotted in the app. The company is starting with three games: Pinpoint, a word game where players must guess the theme that ties a series of words together; Queens, a puzzle game that's a bit like a cross between Sudoku and Minesweeper; and Crossclimb, a trivia game that involves guessing a series of four-letter words and placing them in the correct order. LinkedIn describes them as "thinking-oriented games," though the format will likely look familiar to fans of The New York Times Games app. Each game can only be played once a day, and players can share their score with friends in cute emoji-filled messages reminiscent of the "Wordle grid." The service will also keep track of "streaks," to encourage players to come back every day. Given the similarities, it shouldn't be surprising that games were developed by LinkedIn's news team, which recently hired a dedicated games editor.

Read more of this story at Slashdot.

An anonymous reader shares a report: Harvard geneticist David Sinclair, who has said his "biological age" is roughly a decade younger than his actual one, has put forward his largely unlined face as a spokesman for the longevity movement. The 54-year-old has built his brand on the idea that aging is a treatable disease. The notion has proven so seductive that legions of acolytes follow his online postings about his research and the cocktails of supplements he consumes to stave off the inevitable. His social-media accounts are a platform for assertions that his work is pushing nearer to a fountain of youth. He claimed last year that a gene therapy invented in his Harvard lab and being developed by a company he co-founded, Life Biosciences, had reversed aging and restored vision in monkeys. "Next up: age reversal in humans," he wrote on X and Instagram. On Feb. 29, in the eyes of many other scientists working to unlock the mysteries of aging, he went too far. Another company he co-founded, Animal Biosciences, quoted him in a press release saying that a supplement it had developed had reversed aging in dogs. Scientists who study aging can't even agree on what it means to "reverse" aging, much less how to measure it. The response was swift and harsh. The Academy for Health and Lifespan Research, a group of about 60 scientists that Sinclair co-founded and led, was hit with a cascade of resignations by members outraged by his claims. One scientist who quit referred to Sinclair on X as a "snake oil salesman." Days later, in a tense video meeting, the academy's five other board members pressed Sinclair to resign as president. He contended that the press release contained an inaccurate quote, according to people who were in the meeting, but he later stepped down. Sinclair's work is published regularly in top-tier scientific journals and has brought attention to an emerging field vying for credibility and funding. He has parlayed his research into hundreds of millions of dollars of investment in various companies, more than 50 patents and prominence as a longevity influencer. Along the way, his claims -- especially in his social-media posts, interviews and his book -- have drawn criticism from scientists who have accused him of hyping his research and extolling unproven products, including some from companies in which he had a financial interest. "My lab's ideas and findings are typically ahead of the curve, which is why some peers might feel the research is overstated at the time," Sinclair said to The Wall Street Journal in an email. "I stand behind my track record as a trusted scientist in one of the most competitive professions of all." He said he doesn't engage with social-media critics, including those calling him a snake oil salesman, and that many such comments are "nothing more than mischaracterizations."

Read more of this story at Slashdot.

Large swathes of Asia are sweltering through a heatwave that has topped temperature records from Myanmar to the Philippines and forced millions of children to stay home from school. From a report: In India, record temperatures have triggered a deadly heatwave and concerns about voter turnout in the nation's marathon election. Extreme heat has also forced Bangladesh to close all schools across the country. Extreme temperatures have also been recorded in Myanmar and Thailand, while huge areas of the Philippines are suffering from a drought. Experts say climate change has made heatwaves more frequent, longer and more intense, while the El Nino weather phenomenon is also driving this year's exceptionally warm weather. Approximate voter turnout data after polls closed on April 26 in India -- when stage two of the nation's seven-stage general election took place -- put voter turnout at 61 per cent. This was lower than the 65 per cent in the first phase, and 68 per cent in the second phase five years ago. Among the states that headed to the polls last week was Kerala in the south, where media reports on April 29 said that at least two people -- a 90-year-old woman and a 53-year-old man -- were suspected to have died of heatstroke. Temperatures in Kerala soared to 41.9 deg C, nearly 5.5 deg C above normal temperatures. At least two people have also died in India's eastern state of Odisha, where temperatures hit 44.9 deg C on April 28 -- the highest recorded in April. In neighbouring Bangladesh, students will continue to stay home this week, after schools across the country were ordered shut on April 29. A two-judge bench of the country's High Court passed an order directing all primary and secondary schools and madrasahs (Islamic schools) nationwide to remain closed till May 5, affecting an estimated 32 million students.

Read more of this story at Slashdot.

The Supreme Court on Tuesday refused to block on free speech grounds a provision of Texas law aimed at preventing minors from accessing pornographic content online. From a report: The justices turned away a request made by the Free Speech Coalition, a pornography industry trade group, as well as several companies. The challengers said the 2023 law violates the Constitution's First Amendment by requiring anyone using the platforms in question, including adults, to submit personal information. One provision of the law, known as H.B. 1181, mandates that platforms verify users' ages by requiring them to submit information about their identities. Although the law is aimed at limiting children's access to sexually explicit content, the lawsuit focuses on how those measures also affect adults. "Specifically, the act requires adults to comply with intrusive age verification measures that mandate the submission of personally identifying information over the internet in order to access websites containing sensitive and intimate content," the challengers wrote in court papers.

Read more of this story at Slashdot.

Maciej Pocwierz, a senior software engineer Semantive, writing on Medium: A few weeks ago, I began working on the PoC of a document indexing system for my client. I created a single S3 bucket in the eu-west-1 region and uploaded some files there for testing. Two days later, I checked my AWS billing page, primarily to make sure that what I was doing was well within the free-tier limits. Apparently, it wasn't. My bill was over $1,300, with the billing console showing nearly 100,000,000 S3 PUT requests executed within just one day! By default, AWS doesn't log requests executed against your S3 buckets. However, such logs can be enabled using AWS CloudTrail or S3 Server Access Logging. After enabling CloudTrail logs, I immediately observed thousands of write requests originating from multiple accounts or entirely outside of AWS. Was it some kind of DDoS-like attack against my account? Against AWS? As it turns out, one of the popular open-source tools had a default configuration to store their backups in S3. And, as a placeholder for a bucket name, they used... the same name that I used for my bucket. This meant that every deployment of this tool with default configuration values attempted to store its backups in my S3 bucket! So, a horde of misconfigured systems is attempting to store their data in my private S3 bucket. But why should I be the one paying for this mistake? Here's why: S3 charges you for unauthorized incoming requests. This was confirmed in my exchange with AWS support. As they wrote: "Yes, S3 charges for unauthorized requests (4xx) as well[1]. That's expected behavior." So, if I were to open my terminal now and type: aws s3 cp ./file.txt s3://your-bucket-name/random_key. I would receive an AccessDenied error, but you would be the one to pay for that request. And I don't even need an AWS account to do so. Another question was bugging me: why was over half of my bill coming from the us-east-1 region? I didn't have a single bucket there! The answer to that is that the S3 requests without a specified region default to us-east-1 and are redirected as needed. And the bucket's owner pays extra for that redirected request. The security aspect: We now understand why my S3 bucket was bombarded with millions of requests and why I ended up with a huge S3 bill. At that point, I had one more idea I wanted to explore. If all those misconfigured systems were attempting to back up their data into my S3 bucket, why not just let them do so? I opened my bucket for public writes and collected over 10GB of data within less than 30 seconds. Of course, I can't disclose whose data it was. But it left me amazed at how an innocent configuration oversight could lead to a dangerous data leak! Lesson 1: Anyone who knows the name of any of your S3 buckets can ramp up your AWS bill as they like. Other than deleting the bucket, there's nothing you can do to prevent it. You can't protect your bucket with services like CloudFront or WAF when it's being accessed directly through the S3 API. Standard S3 PUT requests are priced at just $0.005 per 1,000 requests, but a single machine can easily execute thousands of such requests per second.

Read more of this story at Slashdot.

The Biden administration on Tuesday released rules designed to speed up permits for clean energy while requiring federal agencies to more heavily weigh damaging effects on the climate and on low-income communities before approving projects like highways and oil wells. From a report: As part of a deal to raise the country's debt limit last year, Congress required changes to the National Environmental Policy Act, a 54-year-old bedrock law that requires the government to consider environmental effects and to seek public input before approving any project that necessitates federal permits. That bipartisan debt ceiling legislation included reforms to the environmental law designed to streamline the approval process for major construction projects, such as oil pipelines, highways and power lines for wind- and solar-generated electricity. The rules released Tuesday, by the White House Council on Environmental Quality, are intended to guide federal agencies in putting the reforms in place. But they also lay out additional requirements created to prioritize projects with strong environmental benefits, while adding layers of review for projects that could harm the climate or their surrounding communities. "These reforms will deliver smarter decisions, quicker permitting, and projects that are built better and faster," said Brenda Mallory, chair of the council. "As we accelerate our clean energy future, we are also protecting communities from pollution and environmental harms that can result from poor planning and decision making while making sure we build projects in the right places."

Read more of this story at Slashdot.

Walmart isn't making enough money off its new health centers, so it decided to close up shop. From a report: The retail giant announced today that it'll shutter all 51 health centers it opened up across five states since 2019. Walmart is also getting rid of its virtual care program after acquiring telehealth provider MeMD in 2021. "We determined there is not a sustainable business model for us to continue," Walmart said in an announcement today. "This is a difficult decision, and like others, the challenging reimbursement environment and escalating operating costs create a lack of profitability that make the care business unsustainable for us at this time," Walmart said today. It's an about-face from last year when Walmart said it planned to double its number of health clinics and expand into two new states in 2024.

Read more of this story at Slashdot.

One of Europe's most wanted cyber criminals has been jailed for attempting to blackmail 33,000 people whose confidential therapy notes he stole. From a report: Julius Kivimaki obtained them after breaking into the databases of Finland's largest psychotherapy company, Vastaamo. After his attempt to extort the company failed, he emailed patients directly, threatening to reveal what they had told their therapists. At least one suicide has been linked to the case, which has shocked the country. Kivimaki has been sentenced to six years and three months in prison. In terms of the number of victims, his trial was the biggest criminal case in Finnish history. One of them gave their reaction to the BBC. "The main thing is that this absolutely empathy-lacking, ruthless criminal gets a prison sentence," said Tiina Parrika. "After this there rise thoughts about how short the conviction is, when reflected against the number of victims," she added. "But, that's the Finnish law and I must accept that."

Read more of this story at Slashdot.

theodp writes: Reports of the death of Bill Gates' influence at Microsoft have been greatly exaggerated: "Publicly, [Bill] Gates has been almost entirely out of the picture at Microsoft since 2021, following allegations that he had behaved inappropriately toward female employees. In fact, Business Insider has learned, Gates has been quietly orchestrating much of Microsoft's AI revolution from behind the scenes. Current and former executives say Gates remains intimately involved in the company's operations -- advising on strategy, reviewing products, recruiting high-level executives, and nurturing Microsoft's crucial relationship with Sam Altman, the cofounder and CEO of OpenAI. In early 2023, when Microsoft debuted a version of its search engine Bing turbocharged by the same technology as ChatGPT, throwing down the gauntlet against competitors like Google, Gates, executives said, was pivotal in setting the plan in motion. While Nadella might be the public face of the company's AI success [...] Gates has been the man behind the curtain."[...] "Today, Gates remains close with Altman, who visits his home a few times a year, and OpenAI seeks his counsel on developments. There's a 'tight coupling' between Gates and OpenAI, a person familiar with the relationship said. 'Sam and Bill are good friends. OpenAI takes his opinion and consult overall seriously.' OpenAI spokesperson Kayla Wood confirmed OpenAI continues to meet with Gates."

Read more of this story at Slashdot.

Eight prominent U.S. newspapers owned by investment giant Alden Global Capital are suing OpenAI and Microsoft for copyright infringement, in a complaint filed Tuesday in the Southern District of New York. From a report: Until now, the Times was the only major newspaper to take legal action against AI firms for copyright infringement. Many other news publishers, including the Financial Times, the Associated Press and Axel Springer, have instead opted to strike paid deals with AI companies for millions of dollars annually, undermining the Times' argument that it should be compensated billions of dollars in damages. The lawsuit is being filed on behalf of some of the most prominent regional daily newspapers in the Alden portfolio, including the New York Daily News, Chicago Tribune, Orlando Sentinel, South Florida Sun Sentinel, San Jose Mercury News, Denver Post, Orange County Register and St. Paul Pioneer Press.

Read more of this story at Slashdot.