An anonymous reader quotes a report from TechCrunch: A lengthy investigation into the European Union's use of Microsoft 365 has found the Commission breached the bloc's data protection rules through its use of the cloud-based productivity software. Announcing its decision in a press release today, the European Data Protection Supervisor (EDPS) said the Commission infringed "several key data protection rules when using Microsoft 365." "The Commission did not sufficiently specify what types of personal data are to be collected and for which explicit and specified purposes when using Microsoft 365," the data supervisor, Wojciech Wiewiorowski, wrote, adding: "The Commission's infringements as data controller also relate to data processing, including transfers of personal data, carried out on its behalf." The EDPS has imposed corrective measures requiring the Commission to address the compliance problems it has identified by December 9 2024, assuming it continues to use Microsoft's cloud suite. The regulator, which oversees' EU institutions' compliance with data protection rules, opened a probe of the Commission's use of Microsoft 365 and other U.S. cloud services back in May 2021. [...] The Commission confirmed receipt of the EDPB's decision and said it will need to analyze the reasoning "in detail" before taking any decision on how to proceed. In a series of statements during a press briefing, it expressed confidence that it complies with "the applicable data protection rules, both in fact and in law." It also said "various improvements" have been made to contracts, with the EDPS, during its investigation. "We have been cooperating fully with the EDPS since the start of the investigation, by providing all relevant documents and information to the EDPS and by following up on the issues that have been raised in the course of the investigation," it said. "The Commission has always been ready to implement, and grateful for receiving, any substantiated recommendation from the EDPS. Data protection is a top priority for the Commission." "The Commission has always been fully committed to ensuring that its use of Microsoft M365 is compliant with the applicable data protection rules and will continue to do so. The same applies to all other software acquired by the Commission," it went on, further noting: "New data protection rules for the EU institutions and bodies came into force on 11 December 2018. The Commission is actively pursuing ambitious and safe adequacy frameworks with international partners. The Commission applies those rules in all its processes and contracts, including with individual companies such as Microsoft." While the Commission's public statements reiterated that it's committed to compliance with its legal obligations, it also claimed that "compliance with the EDPS decision unfortunately seems likely to undermine the current high level of mobile and integrated IT services." "This applies not only to Microsoft but potentially also to other commercial IT services. But we need to first analyze the decision's conclusions and the underlying reasons in detail. We cannot provide further comments until we have concluded the analysis," it added.

Read more of this story at Slashdot.

According to Bloomberg's Mark Gurman, AirPods Pro will gain a new "hearing aid mode" with the release of iOS 18 later this year. MacRumors reports: Writing in the subscriber edition of his regular Power On newsletter, Gurman claims that the "big news" for AirPods Pro in the near term will be support for a hearing aid-style function when iOS 18 drops in the fall. To be clear, this isn't the first time we have heard a potential hearing aid feature for AirPods Pro. The first rumor appeared in a 2021 Wall Street Journal report, but it was previously framed as a feature that would be exclusive to a next-generation model of AirPods Pro. However, Apple in September 2022 released the second-generation AirPods Pro, while the company more recently released a refreshed model with a USB-C port. AirPods Pro already offer a Conversation Boost feature, which boosts the volume and clarity of people directly in front of the wearer, but Apple has not advertised the earbuds as a hearing aid device, because this would require FDA regulatory approval. As per the FDA, a hearing aid is defined as "any wearable device designed for, offered for the purpose of, or represented as aiding persons with or compensating for, impaired hearing." This definition encompasses both air-conduction and bone-conduction devices in a variety of styles (for example, behind-the-ear, in-the-canal, or body worn). [...] It is not yet clear whether Apple will need FDA clearance in order to make explicit or implicit claims about the rumored "hearing aid mode," which may not even adopt this exact name. If, for example, Apple subsequently suggests that AirPods Pro are for users with certain types or severity of hearing loss/impaired hearing, or for use as an alternative to a hearing aid, then they will require FDA regulatory approval to be marketed as such.

Read more of this story at Slashdot.

Jess Weatherbed reports via The Verge: Midjourney says it has banned Stability AI staffers from using its service, accusing employees at the rival generative AI company of causing a systems outage earlier this month during an attempt to scrape Midjourney's data. Midjourney posted an update to its Discord server on March 2nd that acknowledged an extended server outage was preventing generated images from appearing in user galleries. In a summary of a business update call on March 6th, Midjourney claimed that "botnet-like activity from paid accounts" -- which the company specifically links to Stability AI employees -- was behind the outage. According to Midjourney user Nick St. Pierre on X, who listened to the call, Midjourney said that the service was brought down because "someone at Stability AI was trying to grab all the prompt and image pairs in the middle of a night on Saturday." St. Pierre said that Midjourney had linked multiple paid accounts to an individual on the Stability AI data team. In its summary of the business update call on March 6th (which Midjourney refers to as "office hours"), the company says it's banning all Stability AI employees from using its service "indefinitely" in response to the outage. Midjourney is also introducing a new policy that will similarly ban employees of any company that exercises "aggressive automation" or causes outages to the service. St. Pierre flagged the accusations to Stability AI CEO Emad Mostaque, who replied on X, saying he was investigating the situation and that Stability hadn't ordered the actions in question. "Very confusing how 2 accounts would do this team also hasn't been scraping as we have been using synthetic & other data given SD3 outperforms all other models," said Mostaque, referring to the Stable Diffusion 3 AI model currently in preview. He claimed that if the outage was caused by a Stability employee, then it was unintentional and "obviously not a DDoS attack." Midjourney founder David Holz responded to Mostaque in the same thread, claiming to have sent him "some information" to help with his internal investigation.

Read more of this story at Slashdot.

An anonymous reader quotes a report from BleepingComputer: YouTube is no longer showing recommended videos to users logged out of a Google account or using Incognito mode, making people concerned they are being bullied into always being signed into the service. This change, which is now rolling out, shows a simple YouTube homepage without any videos or tips on what to watch. Before, even in incognito mode or when not logged in, Google would still show you video suggestions. Now, users see a message saying "Get Started" and "Start watching videos to help us build a feed of videos you'll love" when they open YouTube in incognito mode, with videos no longer being recommended.

Read more of this story at Slashdot.

Surgeons in the United Kingdom have performed the first operation in the country using Apple's Vision Pro headset. TechSpot reports: During a recent operation to repair a patient's spine at the private Cromwell Hospital in London, a scrub nurse working alongside the surgeon used the Vision Pro to help prepare, keep track of the procedure, and choose the right tools, reports the Daily Mail. This marked the first operation in the UK where the Vision Pro was used. The software running on Apple's headset during the operation comes from US company eXeX, which has made similar programs for Microsoft's HoloLens. It offers nurses and technicians both holographic and touch-free access to the surgical setup and the procedural guides from within the sterile field of the operating room, according to the press release. The software also tracks each stage of an operation and can measure how well the op went compared to previous procedures performed by other surgeons. "It eliminates human error and eliminates the guesswork," said Suvi Verho, lead scrub nurse at London Independent Hospital. "It gives you confidence in surgery." While this marked the first time that the Vision Pro was used during a UK surgery, the first-ever time the device was used in an operating room was last month, just three days after its release, when Orlando resident and world-renowned Neurosurgeon Dr. Robert Masson wore it during several spine reconstruction surgeries. "We are in a new era of surgery, and for the first time, our surgical teams have the brilliance of visual holographic guidance and maps, improving visuospatial and temporal orientation for each surgical team and for each surgery in all specialties," said Masson.

Read more of this story at Slashdot.

Over 15,000 Roku customers were hacked and used to make fraudulent purchases of hardware and streaming subscriptions. According to BleepingComputer, the threat actors were "selling the stolen accounts for as little as $0.50 per account, allowing purchasers to use stored credit cards to make illegal purchases." From the report: On Friday, Roku first disclosed the data breach, warning that 15,363 customer accounts were hacked in a credential stuffing attack. A credential stuffing attack is when threat actors collect credentials exposed in data breaches and then attempt to use them to log in to other sites, in this case, Roku.com. The company says that once an account was breached, it allowed threat actors to change the information on the account, including passwords, email addresses, and shipping addresses. This effectively locked a user out of the account, allowing the threat actors to make purchases using stored credit card information without the legitimate account holder receiving order confirmation emails. "It appears likely that the same username/password combinations had been used as login information for such third-party services as well as certain individual Roku accounts," reads the data breach notice. "As a result, unauthorized actors were able to obtain login information from third-party sources and then use it to access certain individual Roku accounts. "After gaining access, they then changed the Roku login information for the affected individual Roku accounts, and, in a limited number of cases, attempted to purchase streaming subscriptions." Roku says that it secured the impacted accounts and forced a password reset upon detecting the incident. Additionally, the platform's security team investigated for any charges due to unauthorized purchases performed by the hackers and took steps to cancel the relevant subscriptions and refund the account holders. A researcher told BleepingComputer last week that the threat actors have been using a Roku config to perform credential stuffing attacks for months, bypassing brute force attack protections and captchas by using specific URLs and rotating through lists of proxy servers. Successfully hacked accounts are then sold on stolen account marketplaces for as little as 50 cents, as seen below where 439 accounts are being sold. The seller of these accounts provides information on how to change information on the account to make fraudulent purchases. Those who purchase the stolen accounts hijack them with their own information and use stored credit cards to purchase cameras, remotes, soundbars, light strips, and streaming boxes. After making their purchases, it is common for them to share screenshots of redacted order confirmation emails on Telegram channels associated with the stolen account marketplaces.

Read more of this story at Slashdot.

According to the Wall Street Journal (paywalled), former Activision CEO Bobby Kotick is reportedly considering buying TikTok. PCMag reports: Kotick floated the idea at a dinner at an Allen & Co. conference earlier this week with a group of potential partners, including OpenAI CEO Sam Altman, the Journal says. Kotick left Activision in late December after more than 30 years following the approval of the Microsoft merger and a tumultuous period that included a damaging discrimination lawsuit. And while he got a hefty golden parachute, it's probably not enough to buy TikTok, so he'll need partners with deep pockets. The report comes amid a vote in the House that would require TikTok to be sold or banned in the United States.

Read more of this story at Slashdot.

An anonymous reader quotes a report from the New York Times: Kenn Dahl says he has always been a careful driver. The owner of a software company near Seattle, he drives a leased Chevrolet Bolt. He's never been responsible for an accident. So Mr. Dahl, 65, was surprised in 2022 when the cost of his car insurance jumped by 21 percent. Quotes from other insurance companies were also high. One insurance agent told him his LexisNexis report was a factor. LexisNexis is a New York-based global data broker with a "Risk Solutions" division that caters to the auto insurance industry and has traditionally kept tabs on car accidents and tickets. Upon Mr. Dahl's request, LexisNexis sent him a 258-page "consumer disclosure report," which it must provide per the Fair Credit Reporting Act. What it contained stunned him: more than 130 pages detailing each time he or his wife had driven the Bolt over the previous six months. It included the dates of 640 trips, their start and end times, the distance driven and an accounting of any speeding, hard braking or sharp accelerations. The only thing it didn't have is where they had driven the car. On a Thursday morning in June for example, the car had been driven 7.33 miles in 18 minutes; there had been two rapid accelerations and two incidents of hard braking. According to the report, the trip details had been provided by General Motors -- the manufacturer of the Chevy Bolt. LexisNexis analyzed that driving data to create a risk score "for insurers to use as one factor of many to create more personalized insurance coverage," according to a LexisNexis spokesman, Dean Carney. Eight insurance companies had requested information about Mr. Dahl from LexisNexis over the previous month. "It felt like a betrayal," Mr. Dahl said. "They're taking information that I didn't realize was going to be shared and screwing with our insurance." In recent years, insurance companies have offered incentives to people who install dongles in their cars or download smartphone apps that monitor their driving, including how much they drive, how fast they take corners, how hard they hit the brakes and whether they speed. But "drivers are historically reluctant to participate in these programs," as Ford Motor put it in apatent application (PDF) that describes what is happening instead: Car companies are collecting information directly from internet-connected vehicles for use by the insurance industry. Sometimes this is happening with a driver's awareness and consent. Car companies have established relationships with insurance companies, so that if drivers want to sign up for what's called usage-based insurance -- where rates are set based on monitoring of their driving habits -- it's easy to collect that data wirelessly from their cars. But in other instances, something much sneakier has happened. Modern cars are internet-enabled, allowing access to services like navigation, roadside assistance and car apps that drivers can connect to their vehicles to locate them or unlock them remotely. In recent years, automakers, including G.M., Honda, Kia and Hyundai, have started offering optional features in their connected-car apps that rate people's driving. Some drivers may not realize that, if they turn on these features, the car companies then give information about how they drive to data brokers like LexisNexis. Automakers and data brokers that have partnered to collect detailed driving data from millions of Americans say they have drivers' permission to do so. But the existence of these partnerships is nearly invisible to drivers, whose consent is obtained in fine print and murky privacy policies that few read. Especially troubling is that some drivers with vehicles made by G.M. say they were tracked even when they did not turn on the feature -- called OnStar Smart Driver -- and that their insurance rates went up as a result.

Read more of this story at Slashdot.

The openVertebrate (oVert) project is now complete, offering free online access to incredibly detailed 3D images of over 13,000 vertebrates. New Atlas reports: More than a research project, oVert was a collaboration between like-minded specialists across 25 institutions whose sole objective was to add value to museum collections by making them more widely available. Importantly, these images provide an insight that would only otherwise be obtained by destructive dissection and tissue sampling. Over the course of six years, project members took CT scans of more than half the classes, or genera, of all amphibians, reptiles, fishes, birds, and mammals, rendering models that provide an intimate look at the creatures, inside and out. [...] For a working example of the incredible detail and information contained in oVert's images, head to Sketchfab to view a sample of interactive 3D models like the olive sea snake. Or go to MorphoSource to access the full oVert repository. [...] If you have 30 minutes to spare, check out the full video produced by the Florida Museum, which showcases a collection of diverse oVert specimens. A study presenting a summary of the oVert project was published in the journal BioScience.

Read more of this story at Slashdot.

Jennifer Ouellette reports via Ars Technica: Astronomers have made new measurements of the Hubble Constant, a measure of how quickly the Universe is expanding, by combining data from the Hubble Space Telescope and the James Webb Space Telescope. Their results confirmed the accuracy of Hubble's earlier measurement of the constant's value, according to their recent paper published in The Astrophysical Journal Letters, with implications for a long-standing discrepancy in values obtained by different observational methods known as the "Hubble tension." There was a time when scientists believed the Universe was static, but that changed with Albert Einstein's general theory of relativity. Alexander Friedmann published a set of equations showing that the Universe might actually be expanding in 1922, with Georges Lemaitre later making an independent derivation to arrive at that same conclusion. Edwin Hubble confirmed this expansion with observational data in 1929. Prior to this, Einstein had been trying to modify general relativity by adding a cosmological constant in order to get a static universe from his theory; after Hubble's discovery, legend has it, he referred to that effort as his biggest blunder. The article notes how scientists have employed different methods to calculate the Hubble Constant, including observing nearby celestial objects, analyzing gravitational waves from cosmic events, and examining the Cosmic Microwave Background (CMB). However, these approaches yield differing values, highlighting the challenge in pinning down the constant precisely. A recent effort involved making additional observations of Cepheid variable stars, correlating them with the Hubble data. The results further confirmed the accuracy of the Hubble data. "We've now spanned the whole range of what Hubble observed, and we can rule out a measurement error as the cause of the Hubble Tension with very high confidence," said co-author and team leader Adam Riess, a physicist at Johns Hopkins University. "Combining Webb and Hubble gives us the best of both worlds. We find that the Hubble measurements remain reliable as we climb farther along the cosmic distance ladder. With measurement errors negated, what remains is the real and exciting possibility that we have misunderstood the Universe."

Read more of this story at Slashdot.

An anonymous reader quotes a report from GeekWire: Chalk up another milestone for Stratolaunch, the air-launch venture created by the late Microsoft co-founder Paul Allen: The company's mammoth airplane deployed a winged test vehicle for its first rocket-powered flight. Stratolaunch's single-use TA-1 test vehicle blazed a trail for future reusable hypersonic test vehicles that are expected to help the U.S. military catch up on one of the frontiers of aerial combat. TA-1 went supersonic, according to Zachary Krevor, Stratolaunch's president and CEO -- but based on his comments, it may not have quite hit the hypersonic standard of five times the speed of sound. "While I can't share the specific altitude and speed TA-1 reached due to proprietary agreements with our customers, we are pleased to share that in addition to meeting all primary and customer objectives of the flight, we reached high supersonic speeds approaching Mach 5 and collected a great amount of data at an incredible value to our customers," Krevor said in a news release. Today's test flight took place in the skies above California's Mojave Air and Space Port, where Stratolaunch keeps its twin-fuselage Roc airplane. Roc is the world's biggest operational aircraft, with a wingspan of 385 feet. It's designed to serve as a flying launch pad for rocket-powered vehicles like the TA-1 and its successors. The air-launch concept makes it possible for launch missions to be flown from any airport with a runway that's big enough to accommodate Roc. It's similar to the concept that was used back in 2004 to win the $10 million Ansari X Prize for private spaceflight with financial backing from Paul Allen. [...] This flight was the 14th test mission for Roc, coming after an unpowered separation test of its TA-0 vehicle and two captive-carry test flights for TA-1. Today's test also marked the first in-flight use of Ursa Major's Hadley rocket engine. The primary test objectives included a safe release of TA-1, engine ignition, acceleration, sustained climb in altitude and a controlled splashdown into the Pacific.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Reuters: The New York Times has denied claims by OpenAI that it "hacked" the company's artificial intelligence systems to create misleading evidence of copyright infringement, calling the accusation as "irrelevant as it is false." The Times in a court filing on Monday said OpenAI was "grandstanding" in its request to dismiss parts of the newspaper's lawsuit alleging its articles were misused for artificial intelligence training. The Times sued OpenAI and its largest financial backer Microsoft in December, accusing them of using millions of its articles without permission to train chatbots to provide information to users. The newspaper is among several prominent copyright owners including authors, visual artists and music publishers that have sued tech companies over the alleged misuse of their work in AI training. The Times' complaint cited several instances in which programs like OpenAI's popular chatbot ChatGPT gave users near-verbatim excerpts of its articles when prompted. OpenAI responded last month that the Times had paid an unnamed "hired gun" to manipulate its products into reproducing the newspaper's content. It asked the court to dismiss parts of the case, including claims that its AI-generated content infringes the Times' copyrights. "In the ordinary course, one cannot use ChatGPT to serve up Times articles at will," OpenAI said. The company also said it would eventually prove that its AI training made fair use of copyrighted content. The Times replied on Monday that it had simply used the "first few words or sentences" of its articles to prompt ChatGPT to recreate them. "OpenAI's true grievance is not about how The Times conducted its investigation, but instead what that investigation exposed: that Defendants built their products by copying The Times's content on an unprecedented scale -- a fact that OpenAI does not, and cannot, dispute," the Times said.

Read more of this story at Slashdot.

Tom Warren reports via The Verge: Discord will soon allow developers to build new games and apps that can be used directly in its chat app. A selection of minigames and apps have been available to Discord users for months now, but starting March 18th, all Discord developers will get access to a new Embedded App SDK that lets them build these special embedded apps. Discord has used its Activities feature to enable apps like YouTube, promote minigames like poker, and even encourage users to play with a shared whiteboard experience. These apps all appear as an embedded iframe inside Discord, but they've been limited to select developers so far. The SDK will open up this Activities section of Discord to many more developers, so we're bound to see a lot more minigames that can be played directly inside Discord chats. [...] Discord is also experimenting with a way to allow users to add apps to their accounts so they roam across servers. Developers will be able to enable their apps for accounts, and the experiment will launch alongside the app SDK on March 18th. Discord is also bringing back its app pitches, where developers can pitch prototype app ideas and secure up to $30,000 in funding.

Read more of this story at Slashdot.

After 10 years and billions of dollars spent in development, Apple abruptly canceled its ambitious car project known as "Titan," shifting its focus and resources on the company's artificial intelligence division. In a recent Q&A on Monday, Bloomberg's Mark Gurman (paywalled) shared some new insights about the project and how involved the Apple Silicon team was before it was shut down. According to Gurman, Apple was planning to power the "AI brain" of the car with a custom Apple Silicon chip that would have the equivalent power of four M2 Ultra chips (the most powerful Apple has to date) combined. 9to5Mac reports: A single M2 Ultra chip consists of 134 billion transistors and features a 24-core CPU, a GPU with up to 76 cores, and a dedicated 32-core Neural Engine. M2 Ultra powers the current generation of Mac Studio and Mac Pro. Interestingly, Gurman says that the development of this new chip for the car was "nearly finished" before the project was discontinued. As some of the engineers working on the car project were reassigned to other teams at Apple, the company could reuse the engineering of this new chip for future projects.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Wired: Arkady Volozh, the billionaire cofounder of Russia's biggest internet company, was removed from the EU sanctions list today, clearing the way for his return to the world of international tech. On Tuesday a spokesperson for the European Council confirmed to WIRED that the Yandex cofounder was among three people whose sanctions were lifted this week. Volozh, 60, was initially included on the EU sanctions list in June 2023, following Russia's full-scale invasion of Ukraine in February 2022. "Volozh is a leading businessperson involved in economic sectors providing a substantial source of revenue to the Government of the Russian Federation," the blocsaidlast year to justify its decision. "As founder and CEO of Yandex, he is supporting, materially or financially, the Government of the Russian Federation." In response, Volozh stepped down from his position as Yandex CEO, calling the sanctions "misguided." [...] The removal of sanctions affecting one of Russian tech's most prominent figures will be especially significant if Volozh goes on to build Yandex 2.0 inside Europe. The billionaire maintains strong ties to exiled Russian tech talent, with thousands of Yandex staff leaving the country after the start of the war. "These people are now out, and in a position to start something new, continuing to drive technological innovation," Volozh said in the same 2023 statement. "They will be a tremendous asset to the countries in which they land." Yandex is widely known as "Russia's Google" because it monopolizes the Russian search market and offers many other services, including Yandex Music for streaming, Yandex Navigator for maps, and Yandex Go for hailing a ride. "Over the past 18 months, [Dutch-based Yandex NV] has been involved in complex negotiations with the Kremlin, in an attempt to sell its Russian operations while carving out four Europe-based units, which include businesses focused on self-driving cars, cloud computing, data labeling, and education tech," reports Wired. Last month, Yandex NV reached a "binding agreement" to sell its operations in the country for $5.2 billion -- a price that reflects a 50% discount that Moscow imposes on companies from "unfriendly" countries like the Netherlands as a condition of exiting business in Russia.

Read more of this story at Slashdot.

According to Bloomberg (paywalled), the Pentagon has reportedly scrapped its plan to allocate $2.5 billion in grants to Intel, causing the firm's stock to slip in extended-hours trading. From a report: The decision now leaves the U.S. Commerce Department, which is responsible for doling out the funds from the U.S. CHIPs and Science Act, to make up the shortfall, the news outlet said. The Commerce Dept. was initially only supposed to cover $1B of the $3.5B that Intel is slated to receive for advanced defense and intelligence-related semiconductors. The deal is slated to position Intel as the dedicated supplier for processors used for military and intelligence applications and could result in a Secure Enclave inside Intel's chip factory, the news outlet said. With the Pentagon reportedly pulling out, it could alter how much Intel and other companies receive from the CHIPs Act, the news outlet said.

Read more of this story at Slashdot.

Two top executives from the crypto exchange Binance have been arrested in Nigeria for allegedly destabilizing the national currency. Quartz reports: According to a Wall Street Journal report, Tigran Gambaryan, head of financial-crime compliance at Binance who previously worked at the U.S. Internal Revenue Service (IRS), and Nadeem Anjarwalla, a British-Kenyan national and Binance's regional manager for Africa, have been held against their will for the past two weeks in the country. As per reports, Nigerian government officials invited Binance executives to discuss an ongoing dispute about the world's largest crypto exchange allegedly driving down the value of their national currency. Gambaryan and Anjarwalla arrived in Nigeria on February 25th; after their meeting with government officials, both were taken to their hotels. Later, they were instructed to pack their belongings and move to a guesthouse run by Nigeria's National Security Agency, as stated by their families, per reports. The Nigerian government has accused Binance of exacerbating the country's foreign exchange challenges through rate manipulation for profit. The authorities have also accused the crypto exchange of illegal operations and have restricted access to the company's website. There are also reports that Nigeria sought a $10 billion penalty from Binance for processing around $26 billion in untraceable funds in the country. [...] The reason why and how Nigeria's economic crisis is linked with Binance is yet to be found out. Binance is hoping to resolve the matter soon, according to CoinDesk. The report notes that Nigeria is experiencing its worst economic crisis in recent years due to inflation and the devaluation of their currency, the naira.

Read more of this story at Slashdot.

Bill Toulas reports via BleepingComputer: Google awarded $10 million to 632 researchers from 68 countries in 2023 for finding and responsibly reporting security flaws in the company's products and services. Though this is lower than the $12 million Google's Vulnerability Reward Program paid to researchers in 2022, the amount is still significant, showcasing a high level of community participation in Google's security efforts. The highest reward for a vulnerability report in 2023 was $113,337, while the total tally since the program's launch in 2010 has reached $59 million. For Android, the world's most popular and widely used mobile operating system, the program awarded over $3.4 million. Google also increased the maximum reward amount for critical vulnerabilities concerning Android to $15,000, driving increased community reports. During security conferences like ESCAL8 and hardwea.io, Google awarded $70,000 for 20 critical discoveries in Wear OS and Android Automotive OS and another $116,000 for 50 reports concerning issues in Nest, Fitbit, and Wearables. Google's other big software project, the Chrome browser, was the subject of 359 security bug reports that paid out a total of $2.1 million.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Inside Climate News: Months in jail and thousands of dollars in fines and legal fees -- those are the consequences Alabamians and Arizonans could soon face for selling cell-cultured meat products that could cut into the profits of ranchers, farmers and meatpackers in each state. State legislators from Florida to Arizona are seeking to ban meat grown from animal cells in labs, citing a "war on our ranching" and a need to protect the agriculture industry from efforts to reduce the consumption of animal protein, thereby reducing the high volume of climate-warming methane emissions the sector emits. Agriculture accounts for about 11 percent of the country's greenhouse gas emissions, according to federal data, with livestock such as cattle making up a quarter of those emissions, predominantly from their burps, which release methane -- a potent greenhouse gas that's roughly 80 times more effective at warming the atmosphere than carbon dioxide over 20 years. Globally, agriculture accounts for about 37 percent of methane emissions. For years, climate activists have been calling for more scrutiny and regulation of emissions from the agricultural sector and for nations to reduce their consumption of meat and dairy products due to their climate impacts. Last year, over 150 countries pledged to voluntarily cut emissions from food and agriculture at the United Nations' annual climate summit. But the industry has avoided increased regulation and pushed back against efforts to decrease the consumption of meat, with help from local and state governments across the U.S. Bills in Alabama, Arizona, Florida and Tennessee are just the latest legislation passed in statehouses across the U.S. that have targeted cell-cultured meat, which is produced by taking a sample of an animal's muscle cells and growing them into edible products in a lab. Sixteen states -- Alabama, Arkansas, Georgia, Kansas, Kentucky, Louisiana, Maine, Mississippi, Missouri, Montana, North Dakota, Oklahoma, South Carolina, South Dakota, Texas and Wyoming -- have passed laws addressing the use of the word "meat" in such products' packaging, according to the National Agricultural Law Center at the University of Arkansas, with some prohibiting cell-cultured, plant-based or insect-based food products from being labeled as meat.

Read more of this story at Slashdot.