A CNN reporter spent more than two hours waiting for EV chargers — thanks to "ill-mannered charger hogs who don't respect EV etiquette." [T]o protect batteries from damage, charging speeds slow way down once batteries get beyond 80% full. In fact, it can take as long, or even longer, to go from 80% charged to completely full than to reach 80%. Meanwhile, lines of electric vehicles wait behind almost-full cars. I was waiting behind people with batteries that were 92%, 94% and even 97% full, as I could see on the charger screens. Still, they stayed there. I made my own situation worse by giving up on one location and going to another with more chargers, but there were even more EVs waiting there. Given that a lack of public charging is turning many consumers off to EVs, according to multiple surveys, this is a major issue. Both Electrify America and EVgo said they are rapidly expanding their networks to, as EVgo's Rafalson put it, "skate ahead of the puck," trying to make sure there are enough chargers to meet future demand... "I think what you're seeing is demand for public fast charging is really skyrocketing," said Sara Rafalson, executive vice president for policy at EV charging company EVgo, "and I would say we've been really at an inflection point in the last year, year and a half, with demand...." Electrify America, one of America's biggest charging companies, is experimenting with a solution to the problem of charger hogs who can make it slow and unpleasant to travel in an EV. At 10 of the busiest EV fast charging stations in California, Electrify America has enacted a strict limit. Once a car's batteries are 85% charged, charging will automatically stop and the driver will be told to unplug and leave or face additional 40-cent-per-minute "idle time" fees for taking the space. It's similar to something Tesla vehicles do automatically. When a Tesla car, truck or SUV plugs into a particularly heavily-used Supercharger station, the vehicle itself may automatically limit charging to just 80% "to reduce congestion," according to Tesla's on-line Supercharger Support web page. In that case, though, the user can still override the limit using the vehicle's touchscreen. There will be no getting around Electrify America's limit. Electrify America's president points out an EV driver could need a full charge (if they're travelling somewhere with fewer charges) — or if they're driving an EV with a relatively short range. So the article notse that some EV charging companies "have experimented with plans that charge different amounts of money at different times to give drivers incentives to fill their batteries at less busy hours... "For the time being, let's just hope that EV drivers who don't really need to fill all the way up will learn to be more considerate."

Read more of this story at Slashdot.

This week America's Securities and Exchange Commission filed fraud charges against the former CEO of the startup social media site "IRL" The BBC reports: IRL — which was once considered a potential rival to Facebook — took its name from its intention to get its online users to meet up in real life. However, the initial optimism evaporated after it emerged most of IRL's users were bots, with the platform shutting in 2023... The SEC says it believes [CEO Abraham] Shafi raised about $170m by portraying IRL as the new success story in the social media world. It alleges he told investors that IRL had attracted the vast majority its supposed 12 million users through organic growth. In reality, it argues, IRL was spending millions of dollars on advertisements which offered incentives to prospective users to download the IRL app. That expenditure, it is alleged, was subsequently hidden in the company's books. IRL received multiple rounds of venture capital financing, eventually reaching "unicorn status" with a $1.17 billion valuation, according to TechCrunch. But it shut down in 2023 "after an internal investigation by the company's board found that 95% of the app's users were 'automated or from bots'." TechCrunch notes it's the second time in the same week — and at least the fourth time in the past several months — that the SEC has charged a venture-backed founder on allegations of fraud... Earlier this week, the SEC charged BitClout founder Nader Al-Naji with fraud and unregistered offering of securities, claiming he used his pseudonymous online identity "DiamondHands" to avoid regulatory scrutiny while he raised over $257 million in cryptocurrency. BitClout, a buzzy crypto startup, was backed by high-profile VCs such as a16z, Sequoia, Chamath Palihapitiya's Social Capital, Coinbase Ventures and Winklevoss Capital. In June, the SEC charged Ilit Raz, CEO and founder of the now-shuttered AI recruitment startup Joonko, with defrauding investors of at least $21 million. The agency alleged Raz made false and misleading statements about the quantity and quality of Joonko's customers, the number of candidates on its platform and the startup's revenue. The agency has also gone after venture firms in recent months. In May, the SEC charged Robert Scott Murray and his firm Trillium Capital LLC with a fraudulent scheme to manipulate the stock price of Getty Images Holdings Inc. by announcing a phony offer by Trillium to purchase Getty Images.

Read more of this story at Slashdot.

America's Defense Department has launched a project "that aims to develop machine-learning tools that can automate the conversion of legacy C code into Rust," reports the Register — with an online event already scheduled later this month for those planning to submit proposals: The reason to do so is memory safety. Memory safety bugs, such buffer overflows, account for the majority of major vulnerabilities in large codebases. And DARPA's hope [that's the Defense Department's R&D agency] is that AI models can help with the programming language translation, in order to make software more secure. "You can go to any of the LLM websites, start chatting with one of the AI chatbots, and all you need to say is 'here's some C code, please translate it to safe idiomatic Rust code,' cut, paste, and something comes out, and it's often very good, but not always," said Dan Wallach, DARPA program manager for TRACTOR, in a statement. "The research challenge is to dramatically improve the automated translation from C to Rust, particularly for program constructs with the most relevance...." DARPA's characterization of the situation suggests the verdict on C and C++ has already been rendered. "After more than two decades of grappling with memory safety issues in C and C++, the software engineering community has reached a consensus," the research agency said, pointing to the Office of the National Cyber Director's call to do more to make software more secure. "Relying on bug-finding tools is not enough...." Peter Morales, CEO of Code Metal, a company that just raised $16.5 million to focus on transpiling code for edge hardware, told The Register the DARPA project is promising and well-timed. "I think [TRACTOR] is very sound in terms of the viability of getting there and I think it will have a pretty big impact in the cybersecurity space where memory safety is already a pretty big conversation," he said. DARPA's statement had an ambitious headline: "Eliminating Memory Safety Vulnerabilities Once and For All." "Rust forces the programmer to get things right," said DARPA project manager Wallach. "It can feel constraining to deal with all the rules it forces, but when you acclimate to them, the rules give you freedom. They're like guardrails; once you realize they're there to protect you, you'll become free to focus on more important things." Code Metal's Morales called the project "a DARPA-hard problem," noting the daunting number of edge cases that might come up. And even DARPA's program manager conceded to the Register that "some things like the Linux kernel are explicitly out of scope, because they've got technical issues where Rust wouldn't fit." Thanks to long-time Slashdot reader RoccamOccam for sharing the news.

Read more of this story at Slashdot.

In 2006 MySpace reportedly became America's most-visited web site — passing both Google and Yahoo Mail. So what happened? TribLive reports: The co-founders, Tom Anderson and Chris DeWolfe, sold MySpace to Rupert Murdoch's News Corporation for $580 million in 2005, and that company sold it to the online advertising company Specific Media and Justin Timberlake in 2011, which later became the ad tech firm Viant, according to SlashGear. Viant was bought by Time in 2016, which was acquired by Meredith Corporation at the end of 2017, according to The Guardian. Meredith then sold Myspace to Viant Technology LLC, which currently operates the platform, SlashGear said. During its time under Timberlake, Myspace morphed from a social media platfrom and turned over a new leaf as a music discovery site, SlashGear reported. The once booming online atmosphere has turned into a ghost town, according to The Guardian. Despite the number of people on Myspace dwindling, a handful of devoted users remains. The glory days of MySpace drew this bittersweet remembrance from TechRadar: Not everyone on the TechRadar team looks back on those early MySpace years fondly, with our US editor in chief Lance Ulanoff recalling that it "it was like peoples' brains had been turned inside out and whatever didn't stick, dropped onto the page and was represented as a GIF". Many of us do, though, remember picking our Top 8s (the site's weird ranking system for your friends) and decorating our MySpace pages with as many flashing lights as possible.

Read more of this story at Slashdot.

Late Friday Elon Musk appeared on Lex Fridman's podcast for a special eight-hour episode about Neuralink. It's already been viewed 1,702,036 times on YouTube — and resulted in this report from Reuters: Neuralink has successfully implanted in a second patient its device designed to give paralyzed patients the ability to use digital devices by thinking alone, according to the startup's owner Elon Musk... [Musk] gave few details about the second participant beyond saying the person had a spinal cord injury similar to the first patient, who was paralyzed in a diving accident. Musk said 400 of the implant's electrodes on the second patient's brain are working. Neuralink on its website states that its implant uses 1,024 electrodes... Musk said he expects Neuralink to provide the implants to eight more patients this year as part of its clinical trials. Neuralink's device "has allowed the first patient to play video games, browse the internet, post on social media and move a cursor on his laptop," according to the article: The first patient, Noland Arbaugh, was also interviewed on the podcast, along with three Neuralink executives, who gave details about how the implant and the robot-led surgery work. Before Arbaugh received his implant in January, he used a computer by employing a stick in his mouth to tap the screen of a tablet device. Arbaugh said with the implant he now can merely think about what he wants to happen on the computer screen, and the device makes it happen... Arbaugh has improved on his previous world record for the speed at which he can control a cursor with thoughts alone "with only roughly 10, 15% of the electrodes working," Musk said on the podcast. Fridman said his interview with Musk was "the longest podcast I've ever done," calling their conversation "fascinating, super technical, and wide-ranging... I loved every minute of it."

Read more of this story at Slashdot.

An anonymous Slashdot reader shared this report from Phoronix: The Redox OS project that is a from scratch open-source operating system written in the Rust programming language now has a working web server, among other improvements achieved during the month of July... Notable new software work includes getting the Simple HTTP Server running as the first web (HTTP) server for the platform. Simple HTTP Server itself is written in Rust as well. There is also an ongoing effort to bring the Apache HTTP server to Redox OS too. Another app milestone is the wget program now working on Redox OS. There's also been more work on getting the COSMIC desktop apps working on Redox OS, build system improvements, and other changes.

Read more of this story at Slashdot.

America's Senate "overwhelmingly passed major online safety reforms to protect children on social media," reports the Guardian. "But with ongoing pushback from the tech industry and freedom of speech organizations, the legislation faces an uncertain future in the House." "It's a terrible idea to let politicians and bureaucrats decide what people should read and view online," freedom of speech group the Electronic Frontier Foundation said of the Senate's passage of Kosa... Advocates of Kosa reject these critiques, noting the bill has been revised to address many of those concerns — including shifting enforcement from attorneys general to the federal trade commission and focusing the "duty of care" provisions on product design features of the site or app rather than content specifically. A number of major LGBTQ+ groups dropped their opposition to the legislation following these changes, including the Human Rights Campaign, GLAAD and the Trevor Project. After passing the Senate this week, the bill has now moved onto the House, which is on a six-week summer recess until September. Proponents are now directing their efforts towards House legislators to turn the bill into law. Joe Biden has indicated he would sign it if it passes. In a statement Tuesday encouraging the House to pass the legislation, the US president said: "We need action by Congress to protect our kids online and hold big tech accountable for the national experiment they are running on our children for profit...." House speaker Mike Johnson of Louisiana has expressed support for moving forward on Kosa and passing legislation this Congress, but it's unclear if he will bring the bill up in the House immediately. Some experts say the bill is unlikely to be passed in the House in the form passed by the Senate. "Given the concerns about potential censorship and the possibility of minors' lacking access to vital information, pausing KOSA makes eminent sense," said Gautam Hans, associate clinical professor of law and associate director of the First Amendment Clinic at Cornell Law School. He added that the House may put forward its own similar legislation instead, or modify KOSA to further address some of these concerns. The political news site Punchbowl News also noted this potentially significant quote: A House GOP leadership aide told us this about KOSA: "We've heard concerns across our Conference and the Senate bill cannot be brought up in its current form." TechDirt argues that "Senator Rand Paul's really excellent letter laying out the reasons he couldn't support the bill may have had an impact." Thanks to long-time Slashdot reader SonicSpike for sharing the news.

Read more of this story at Slashdot.

Seattle is the smartest city in America, with Miami and then Austin close behind. That's according to a promotional study from smart-building tools company ProptechOS. Newsweek reports: The evaluation of tech infrastructure and connectivity was based on several factors, including the number of free Wi-Fi hot spots, the quantity and density of AI and IoT companies, average broadband download speeds, median 5G coverage per network provider, and the number of airports. Meanwhile, green infrastructure was assessed based on air quality, measured by exposure to PM2.5, tiny particles in the air that can harm health. Other factors include 10-year changes in tree coverage, both loss and gain; the number of electric vehicle charging points and their density per 100,000 people; and the number of LEED-certified green buildings. The tech job market was evaluated on the number of tech jobs advertised per 100,000 people. Seattle came in first after assessing 16 key indicators across connectivity/infrastructure, sustainability, and tech jobs — "boasting 34 artificial intelligence companies and 13 Internet of Things companies per 100,000 residents." In terms of sustainability, Seattle has enhanced its tree coverage by 13,700 hectares from 2010 to 2020 and has established the equivalent of 10 electric vehicle charging points per 100,000 residents. Seattle has edged out last year's top city, Austin, to claim the title of the smartest city in the U.S., with an overall score of 75.7 out of 100. Miami wasn't far behind, achieving a score of 75.4. However, Austin still came out on top for smart city infrastructure, scoring 86.2 out of 100. This is attributed to its high broadband download speed of 275.60 Mbps — well above the U.S. average of 217.14 Mbps — and its concentration of 337 AI companies, or 35 per 100,000 people. You can see the full listings here. The article notes that the same study also ranked Paris as the smartest city in Europe — slipping ahead of London — thanks to Paris's 99.5% 5G coverage, plus "the second-highest number of AI companies in Europe and the third-highest number of free Wi-Fi hot spots. Paris is also recognized for its traffic management systems, which monitor noise levels and air quality." Newsweek also shares this statement from ProptechOS's founder/chief ecosystem officer. "Advancements in smart cities and future technologies such as next-generation wireless communication and AI are expected to reduce environmental impacts and enhance living standards." In April CNBC reported on an alternate list of the smartest cities in the world, created from research by the World Competitiveness Center. It defined smart cities as "an urban setting that applies technology to enhance the benefits and diminish the shortcomings of urbanization for its citizens." And CNBC reported that based on the list, "Smart cities in Europe and Asia are gaining ground globally while North American cities have fallen down the ranks... Of the top 10 smart cities on the list, seven were in Europe." Here are the top 10 smart cities, according to the 2024 Smart City Index. - Zurich, Switzerland - Oslo, Norway - Canberra, Australia - Geneva, Switzerland - Singapore - Copenhagen, Denmark - Lausanne, Switzerland - London, England - Helsinki, Finland - Abu Dhabi, United Arab Emirates Notably, for the first time since the index's inception in 2019, there is an absence of North American cities in the top 20... The highest ranking U.S. city this year is New York City which ranked 34th, followed by Boston at 36th and Washington DC, coming in at 50th place.

Read more of this story at Slashdot.

A new type of antibiotic "targets bacteria in two ways," writes SciTechDaily, which "could make it 100 million times harder for bacteria to develop resistance, according to recent research from the University of Illinois Chicago." Their experiments demonstrate that [a class of synthetic drugs called] macrolones can work two different ways — either by interfering with protein production or corrupting DNA structure. Because bacteria would need to implement defenses to both attacks simultaneously, the researchers calculated that drug resistance is nearly impossible. "The beauty of this antibiotic is that it kills through two different targets in bacteria," said Alexander Mankin, distinguished professor of pharmaceutical sciences at UIC. "If the antibiotic hits both targets at the same concentration, then the bacteria lose their ability to become resistant via the acquisition of random mutations in any of the two targets." Macrolones are synthetic antibiotics that combine the structures of two widely used antibiotics with different mechanisms. Macrolides, such as erythromycin, block the ribosome, the protein manufacturing factories of the cell. Fluoroquinolones, such as ciprofloxacin, target a bacteria-specific enzyme called DNA gyrase.... "The main outcome from all of this work is the understanding of how we need to go forward," Mankin said. "And the understanding that we're giving to chemists is that you need to optimize these macrolones to hit both targets." Thanks to long-time Slashdot reader schwit1 for sharing the news.

Read more of this story at Slashdot.

America's National Institute of Standards and Technology (NIST) has released a new open-source software tool called Dioptra for testing the resilience of machine learning models to various types of attacks. "Key features that are new from the alpha release include a new web-based front end, user authentication, and provenance tracking of all the elements of an experiment, which enables reproducibility and verification of results," a NIST spokesperson told SC Media: Previous NIST research identified three main categories of attacks against machine learning algorithms: evasion, poisoning and oracle. Evasion attacks aim to trigger an inaccurate model response by manipulating the data input (for example, by adding noise), poisoning attacks aim to impede the model's accuracy by altering its training data, leading to incorrect associations, and oracle attacks aim to "reverse engineer" the model to gain information about its training dataset or parameters, according to NIST. The free platform enables users to determine to what degree attacks in the three categories mentioned will affect model performance and can also be used to gauge the use of various defenses such as data sanitization or more robust training methods. The open-source testbed has a modular design to support experimentation with different combinations of factors such as different models, training datasets, attack tactics and defenses. The newly released 1.0.0 version of Dioptra comes with a number of features to maximize its accessibility to first-party model developers, second-party model users or purchasers, third-party model testers or auditors, and researchers in the ML field alike. Along with its modular architecture design and user-friendly web interface, Dioptra 1.0.0 is also extensible and interoperable with Python plugins that add functionality... Dioptra tracks experiment histories, including inputs and resource snapshots that support traceable and reproducible testing, which can unveil insights that lead to more effective model development and defenses. NIST also published final versions of three "guidance" documents, according to the article. "The first tackles 12 unique risks of generative AI along with more than 200 recommended actions to help manage these risks. The second outlines Secure Software Development Practices for Generative AI and Dual-Use Foundation Models, and the third provides a plan for global cooperation in the development of AI standards." Thanks to Slashdot reader spatwei for sharing the news.

Read more of this story at Slashdot.

An anonymous reader shared this report from Ars Technica: [I]t might be worth spending more to get a panel that converts more of the incoming sunlight to electricity, since it allows you to get more out of the price paid to get each panel installed. But silicon panels are already pushing up against physical limits on efficiency. Which means our best chance for a major boost in panel efficiency may be to combine silicon with an additional photovoltaic material. Right now, most of the focus is on pairing silicon with a class of materials called perovskites. Perovskite crystals can be layered on top of silicon, creating a panel with two materials that absorb different areas of the spectrum — plus, perovskites can be made from relatively cheap raw materials. Unfortunately, it has been difficult to make perovskites that are both high-efficiency and last for the decades that the silicon portion will. Lots of labs are attempting to change that, though. And two of them reported some progress this week, including a perovskite/silicon system that achieved 34 percent efficiency. One team of researchers "sent a sample to a European test lab, which came out with an efficiency of 33.7 percent," Ars Technica notes. "The researchers have a few ideas that should boost this to 35 percent, but didn't attempt them for this paper. "For comparison, the maximum efficiency for silicon alone is in the area of 27 percent, so that represents a very significant boost and is one of the highest perovskite/silicon combinations ever reported."

Read more of this story at Slashdot.

"Five years ago, Brian Frye set an elaborate trap," writes Decrypt.co. "Now the law professor is teaming up with a singer-songwriter to finally spring it" on America's Security and Exchange Commission "in a novel lawsuit — and in the process, prevent the regulator from ever coming after NFT art projects again." Over and again, the SEC has sued cherry-picked NFT projects it says qualify as unregistered securities — but never once has the regulator defined what types of NFT projects are legal and which are not, casting a chill over the nascent industry... [In 2019] Frye, an expert in securities law and a fan of novel technologies, minted an NFT of a letter he sent to the SEC in which he declared his art project to constitute an illegal, unregistered security. If the conceptual art project wasn't a security, Frye challenged the agency, then it needed to say so. The SEC never responded to Frye — not then, and not after several more self-incriminating correspondences from the professor. But in due time, the agency began vigorously pursuing, and suing, NFT projects. So 10 months ago, Jonathan Mann — who writes a new song every day and shares it online — crafted a song titled "This Song is A Security." As a seller of NFTs himself, Mann wrote the song "to fight back against the SEC, and defend his right — plus the rights of other artists like him — to earn revenue," according to the article: Frye, who'd practically been salivating for such an opportunity for half a decade, was a natural fit.... In the lawsuit filed against the SEC in Louisiana earlier this week, they challenged the SEC's standing to regulate their NFT-backed artworks as securities, and demanded the agency declare that their respective art projects do not constitute illegal, unregistered securities offerings. More from the International Business Times: The complaint asked the court to clarify whether the SEC should regulate art and whether artists were supposed to "register" their artworks before selling the pieces to the general public. The complaint also asked whether artists should be "forced to make public disclosures about the 'risks' of buying their art," and whether artists should be "required to comply" with federal securities laws... The Blockchain Association, a collective crypto group that includes some of the biggest digital asset firms, asserted that the SEC has no authority over NFT art. "We support the plaintiffs in their quest for legal clarity," the group said. In an interview with Slashdot, Mann says he started his "Song a Day" project almost 17 years ago (when he was 26 years old) — and his interest in NFTs is sincere: "Over the years, I've always sought a way to make Song A Day sustainable financially, through video contests, conference gigs, ad revenue, royalties, Patreon and more. "When I came across NFTs in 2017, they didn't have a name. We just called them 'digital collectibles'. For the last 2+ years, NFTs have become that self-sustaining model for my work. "I know most people believe NFTs are a joke at best and actively harmful at worst. Even most people in the crypto community have given up on them. Despite all that, I still believe they're worth pursuing. "Collecting an NFT from an artist you love is the most direct way to support them. There's no multinational corporation, no payment processor, and no venture capitalists between you and the artist you want to support." Slashdot also tracked down the SEC's Office of Public Affairs, and got an official response from SEC public affairs specialist Ryan White. Slashdot: The suit argues that the SEC's approach "threatens the livelihoods of artists and creators that are simply experimenting with a novel, fast-growing technology," and seeks guidance in the face of a "credible threat of enforcement". Is the SEC going to respond to this lawsuit? And if you don't have an answer at this time, can you give me a general comment on the issues and concerns being raised? SEC Public Affairs Specialist Ryan White: We would decline comment. Decrypt.co points out that the lawsuit "has no guarantee of offering some conclusive end to the NFT regulation question... That may only come with concrete legislation or a judgment by the Supreme Court." But Mann's song still makes a very public show out of their concerns — with Mann even releasing a follow-up song titled "I'm Suing the SEC." (Its music video mixes together wacky clips of Mila Kunis's Stoner Cats and Fonzie jumping a shark with footage of NFT critics like Elizabeth Warren and SEC chairman Gary Gensler.) And an earlier song also used auto-tune to transform Gensler's remarks about cryptocurrencies into the chorus of a song titled "Hucksters, Fraudsters, Scam Artists, Ponzi Schemes". Mann later auctioned an NFT of the song — for over $3,000 in Ethereum.

Read more of this story at Slashdot.

An anonymous Slashdot reader shared this report from the blog 9to5Mac: In 2022, Apple agreed to pay a $50 million dollar settlement for certain eligible 2015-2019 MacBook owners who experienced problems with their butterfly keyboards. The claims process opened in late 2022, and the settlement got final approval last May. Starting today, eligible MacBook owners are finally receiving their payouts... Apple finally moved away from the butterfly keyboard on the 16-inch MacBook Pro in late 2019. By mid 2020, the 13-inch MacBook Pro and MacBook Air also moved to the new Magic Keyboard. However, that wouldn't be the end of the story for Apple... In mid 2022, Apple was required to pay a $50 million settlement. The claims process started later that year, although there were some caveats. For one, you could only claim this settlement if you lived in California, Florida, Illinois, Michigan, New Jersey, New York, or Washington. This excludes 43 US states, so a good number of people with butterfly keyboards weren't even covered. Additionally, the estimated payout amount varied depending on the severity of your keyboard problems: - Up to $395 for 2 or more top case replacements - Up to $125 for 1 top case replacement - Up to $50 for keycap replacements Obviously, this wasn't the most ideal outcome for customers, but if you were eligible and filed a claim (or multiple), you're in luck! The original goal "was to make the keyboards thinner and the laptops slimmer," remembers ZDNet. This backfired spectacularly as MacBook owners started complaining that the keys would easily stick or get jammed by dust, crumbs, or other tiny objects. Noted tech blogger John Gruber even called the new keyboards "the worst products in Apple's history." Gruber's headline? "Appl Still Hasn't Fixd Its MacBook Kyboad Problm"

Read more of this story at Slashdot.

Stack Overflow says over 65,000 developers took their annual survey — and "For the first time this year, we asked if developers felt AI was a threat to their job..." Some analysis from The New Stack: Unsurprisingly, only 12% of surveyed developers believe AI is a threat to their current job. In fact, 70% are favorably inclined to use AI tools as part of their development workflow... Among those who use AI tools in their development workflow, 81% said productivity is one of its top benefits, followed by an ability to learn new skills quickly (62%). Much fewer (30%) said improved accuracy is a benefit. Professional developers' adoption of AI tools in the development process has risen rapidly, going from 44% in 2023 to 62% in 2024... Seventy-one percent of developers with less than five years of experience reported using AI tools in their development process, as compared to just 49% of developers with 20 years of experience coding... At 82%, [ChatGPT] is twice as likely to have been used than GitHub Copilot. Among ChatGPT users, 74% want to continue using it. But "only 43% said they trust the accuracy of AI tools," according to Stack Overflow's blog post, "and 45% believe AI tools struggle to handle complex tasks." More analysis from The New Stack: The latest edition of the global annual survey found full-time employment is holding steady, with over 80% reporting that they have full-time jobs. The percentage of unemployed developers has more than doubled since 2019 but is still at a modest 4.4% worldwide... The median annual salary of survey respondents declined significantly. For example, the average full-stack developer's median 2024 salary fell 11% compared to the previous year, to $63,333... Wage pressure may be the result of more competition from an increase in freelancing. Eighteen percent of professional developers in the 2024 survey said they are independent contractors or self-employed, which is up from 9.5% in 2020. Part-time employment has also risen, presenting even more pressure on full-time salaries... Job losses at tech companies have contributed to a large influx of talent into the freelance market, noted Stack Overflow CEO Prashanth Chandrasekar in an interview with The New Stack. Since COVID-19, he added, the emphasis on remote work means more people value job flexibility. In the 2024 survey, only 20% have returned to full-time in-person work, 38% are full-time remote, while the remainder are in a hybrid situation. Anticipation of future productivity growth due to AI may also be creating uncertainty about how much to pay developers. Two stats jumped out for Visual Studio magazine: In this year's big Stack Overflow developer survey things are much the same for Microsoft-centric data points: VS Code and Visual Studio still rule the IDE roost, while .NET maintains its No. 1 position among non-web frameworks. It's been this way for years, though in 2021 it was .NET Framework at No. 1 among IDEs, while the new .NET Core/.NET 5 entry was No. 3. Among IDEs, there has been less change. "Visual Studio Code is used by more than twice as many developers than its nearest (and related) alternative, Visual Studio," said the 2024 Stack Overflow Developer survey, the 14th in the series of massive reports. Stack Overflow shared some other interesting statistics: "Javascript (62%), HTML/CSS (53%), and Python (51%) top the list of most used languages for the second year in a row... [JavaScript] has been the most popular language every year since the inception of the Developer Survey in 2011." "Python is the most desired language this year (users that did not indicate using this year but did indicate wanting to use next year), overtaking JavaScript." "The language that most developers used and want to use again is Rust for the second year in a row with an 83% admiration rate. " "Python is most popular for those learning to code..." "Technical debt is a problem for 62% of developers, twice as much as the second- and third-most frustrating problems for developers: complex tech stacks for building and deployment."

Read more of this story at Slashdot.

A professor in the University of Chicago's department of geophysical sciences "believes that by intentionally releasing sulfur dioxide into the stratosphere, it would be possible to lower temperatures worldwide," reports the New York Times. He's not the only one promoting the idea. "Harvard University has a solar geoengineering program that has received grants from Microsoft co-founder Bill Gates, the Alfred P. Sloan Foundation and the William and Flora Hewlett Foundation. It's being studied by the Environmental Defense Fund along with the World Climate Research Program.... But many scientists and environmentalists fear that it could result in unpredictable calamities." Because it would be used in the stratosphere and not limited to a particular area, solar geoengineering could affect the whole world, possibly scrambling natural systems, like creating rain in one arid region while drying out the monsoon season elsewhere. Opponents worry it would distract from the urgent work of transitioning away from fossil fuels. They object to intentionally releasing sulfur dioxide, a pollutant that would eventually move from the stratosphere to ground level, where it can irritate the skin, eyes, nose and throat and can cause respiratory problems. And they fear that once begun, a solar geoengineering program would be difficult to stop... Keith, a professor in the University of Chicago's department of geophysical sciences, countered that the risks posed by solar geoengineering are well understood, not as severe as portrayed by critics and dwarfed by the potential benefits. If the technique slowed the warming of the planet by even just 1 degree Celsius, or 1.8 degrees Fahrenheit, over the next century, Keith said, it could help prevent millions of heat-related deaths each decade... Opponents of solar geoengineering cite several main risks. They say it could create a "moral hazard," mistakenly giving people the impression that it is not necessary to rapidly reduce fossil fuel emissions. The second main concern has to do with unintended consequences. "This is a really dangerous path to go down," said Beatrice Rindevall, the chair of the Swedish Society for Nature Conservation, which opposed the experiment. "It could shock the climate system, could alter hydrological cycles and could exacerbate extreme weather and climate instability." And once solar geoengineering began to cool the planet, stopping the effort abruptly could result in a sudden rise in temperatures, a phenomenon known as "termination shock." The planet could experience "potentially massive temperature rise in an unprepared world over a matter of five to 10 years, hitting the Earth's climate with something that it probably hasn't seen since the dinosaur-killing impactor," Pierrehumbert said. On top of all this, there are fears about rogue actors using solar geoengineering and concerns that the technology could be weaponized. Not to mention the fact that sulfur dioxide can harm human health. Keith is adamant that those fears are overblown. And while there would be some additional air pollution, he claims the risk is negligible compared to the benefits. The opposition is making it hard to even conduct tests, according to the article — like when Keith "wanted to release a few pounds of mineral dust at an altitude of roughly 20 kilometers and track how the dust behaved as it floated across the sky." The experiment was called off after opposition from numerous groups — including Greta Thunberg and an organization representing Indigenous people who felt the experiment was disrespecting nature.

Read more of this story at Slashdot.

Somewhere in America's Defense Department, the DARPA R&D agency is running a two-year contest to write an AI-powered program "that can scan millions of lines of open-source code, identify security flaws and fix them, all without human intervention," reports the Washington Post. [Alternate URL here.] But as they see it, "The contest is one of the clearest signs to date that the government sees flaws in open-source software as one of the country's biggest security risks, and considers artificial intelligence vital to addressing it." Free open-source programs, such as the Linux operating system, help run everything from websites to power stations. The code isn't inherently worse than what's in proprietary programs from companies like Microsoft and Oracle, but there aren't enough skilled engineers tasked with testing it. As a result, poorly maintained free code has been at the root of some of the most expensive cybersecurity breaches of all time, including the 2017 Equifax disaster that exposed the personal information of half of all Americans. The incident, which led to the largest-ever data breach settlement, cost the company more than $1 billion in improvements and penalties. If people can't keep up with all the code being woven into every industrial sector, DARPA hopes machines can. "The goal is having an end-to-end 'cyber reasoning system' that leverages large language models to find vulnerabilities, prove that they are vulnerabilities, and patch them," explained one of the advising professors, Arizona State's Yan Shoshitaishvili.... Some large open-source projects are run by near-Wikipedia-size armies of volunteers and are generally in good shape. Some have maintainers who are given grants by big corporate users that turn it into a job. And then there is everything else, including programs written as homework assignments by authors who barely remember them. "Open source has always been 'Use at your own risk,'" said Brian Behlendorf, who started the Open Source Security Foundation after decades of maintaining a pioneering free server software, Apache, and other projects at the Apache Software Foundation. "It's not free as in speech, or even free as in beer," he said. "It's free as in puppy, and it needs care and feeding." 40 teams entered the contest, according to the article — and seven received $1 million in funding to continue on to the next round, with the finalists to be announced at this year's Def Con, according to the article. "Under the terms of the DARPA contest, all finalists must release their programs as open source," the article points out, "so that software vendors and consumers will be able to run them."

Read more of this story at Slashdot.

Slashdot reader Applehu Akbar shared this report from MacRumors: Epic Games CEO Tim Sweeney commented on Apple's 'Find My' service, referring to it as "super creepy surveillance tech" that "shouldn't exist." Sweeney went on to explain that several years ago, "a kid" stole a Mac laptop out of his car. Years later, Sweeney was checking Find My, and as the Mac was still connected to his Apple ID account, it showed him the location where the thief lived. When someone asked Sweeney if he'd at least gotten his laptop back, Sweeney answered "No. I was creeped the hell out by having unexpectedly received the kid's address, and turned off Find My iPhone on all of my devices." Slashdot reader crmarvin42 quipped "Tell me you are stupidly rich, without telling me you are stupidly rich... Next someone will be saying that it is 'Creepy' to have security footage of someone taking your Amazon packages off of your porch." And they also questioned Sweeney's sincerity, suggesting that he's "just saying that to try and make Apple look bad because of all the lawsuits going on." MacRumors followed the ensuing discussion: Sweeney said that the location of a device in someone's possession can't be tracked without tracking the person, and "people have a right to privacy." ["This right applies to second hand device buyers and even to thieves."] He claims that detection and recovery of a lost or stolen device should be "mediated by due process of law" and not exposed to the device owner "in vigilante fashion." Some responded to Sweeney's comments by sharing the headline of a Vox news story about Epic's own privacy polices. ("Fortnite maker Epic Games has to pay $520 million for tricking kids and violating their privacy.") MacRumors cited a 2014 report that thefts of iPhones dropped after the introduction of Apple's "Activation Lock" feature (which prevents the disabling of 'Find My' without a password). But when the blog AppleInsider accused Sweeney of "an incredibly bad leap of logic" — Sweeney responded. "You're idealizing this issue as good guys tracking criminals to their lairs, but when Find My or Google's similar tech points a device owner to a device possessor's home, one must anticipate the presence of families and kids and innocent used device buyers, and ask whether it's really appropriate for a platform to use GPS and shadowy mesh network tech to set up physical confrontations among individuals." Sweeney also posted a quote from Steve Jobs about how at Apple, "we worry that some 14-year-old is going to get stalked and something terrible is going to happen because of our phone."

Read more of this story at Slashdot.

America's National Football League "is the latest organization to turn to facial authentication to bolster event security," reports the Record, citing a new announcement this week: All 32 NFL stadiums will start using the technology this season, after the league signed a contract with a company that uses facial scans to verify the identity of people entering event venues and other secure spaces. The facial authentication platform, which counts the Cleveland Browns' owners as investors, will be used to "streamline and secure" entry for thousands of credentialed media, officials, staff and guests so they can easily access restricted areas such as press boxes and locker rooms, Jeff Boehm, the chief operating officer of Wicket, said in a LinkedIn post Monday. "Credential holders simply take a selfie before they come, and then Wicket verifies their identity and checks their credentials with Accredit (a credentialing platform) as they walk through security checkpoints," Boehm added. Wicket technology was deployed in a handful of NFL stadiums last year as part of a pilot program. Other stadiums will start rolling it out beginning on Aug. 8, when the pre-season kicks off. Some teams also have extended their use of the technology to scan the faces of ticket holders. The Cleveland Browns, Atlanta Falcons and New York Mets all have used the company's facial authentication software to authenticate fans with tickets, according to Stadium Tech Report. "Fans come look at the tablet and, instantly, the tablet recognizes the fan," Brandon Covert, the vice president of information technology for the Cleveland Browns, said in a testimonial appearing on Wicket's website. "It's almost a half-second stop. It's not even a stop — more of a pause." "The Browns also use Wicket to verify the ages of fans purchasing alcohol at concession stands, according to Wicket's LinkedIn page," the article points out. And a July report from Privacy International found that 25 of the top 100 soccer stadiums in the world are already using facial recognition technology. Thanks to long-time Slashdot reader schwit1 for sharing the news.

Read more of this story at Slashdot.

An anonymous reader shared this report from BleepingComputer: A Chinese hacking group tracked as StormBamboo has compromised an undisclosed internet service provider (ISP) to poison automatic software updates with malware. Also tracked as Evasive Panda, Daggerfly, and StormCloud, this cyber-espionage group has been active since at least 2012, targeting organizations across mainland China, Hong Kong, Macao, Nigeria, and various Southeast and East Asian countries. On Friday, Volexity threat researchers revealed that the Chinese cyber-espionage gang had exploited insecure HTTP software update mechanisms that didn't validate digital signatures to deploy malware payloads on victims' Windows and macOS devices... To do that, the attackers intercepted and modified victims' DNS requests and poisoned them with malicious IP addresses. This delivered the malware to the targets' systems from StormBamboo's command-and-control servers without requiring user interaction. Volexity's blog post says they observed StormBamboo "targeting multiple software vendors, who use insecure update workflows..." and then "notified and worked with the ISP, who investigated various key devices providing traffic-routing services on their network. As the ISP rebooted and took various components of the network offline, the DNS poisoning immediately stopped." BleepingComputer notes that "âAfter compromising the target's systems, the threat actors installed a malicious Google Chrome extension (ReloadText), which allowed them to harvest and steal browser cookies and mail data."

Read more of this story at Slashdot.