In 2022 California's Air Resources Board issued regulations to ban new diesel truck sales by 2036, remembers the Los Angeles Times, and force the owners of diesel trucks to take them off the road by 2042. "The idea was to replace those trucks with electric and hydrogen-powered versions, which dramatically reduce emissions but are currently two to three times more expensive." But it would've required a federal waiver to enforce those rules — which isn't going to happen: The Biden administration hadn't granted the waivers as of this week, and rather than face almost certain denial by the incoming Trump administration, the state withdrew its waiver request... Trucking representatives had filed a lawsuit to block the rules, arguing they would cause irreparable harm to the industry and the wider economy. The nonprofit news site CalMatters notes the withdrawal "comes after the Biden administration recently approved the California Air Resources Board's mandate phasing out new gas-powered cars by 2035, but had not yet approved other waivers for four diesel vehicle standards that the state has adopted... California may have to suspend any future rule-making for vehicles over the next four years of the Trump administration and rely instead on voluntary agreements with engine manufacturers, trucking companies, railroads and other industries." The Los Angeles Times adds that California "could, however, pursue waivers at some point in the future." Under America's federal Clean Air Act, "California is allowed to set its own air standards, and other states are allowed to follow California's lead. But federal government waivers are required..."

Read more of this story at Slashdot.

"Nothing horrible or unexpected happened last week," Linux Torvalds posted tonight on the Linux kernel mailing list, "so I've tagged and pushed out the final 6.13 release." Phoronix says the release has "plenty of fine features": Linux 6.13 comes with the introduction of the AMD 3D V-Cache Optimizer driver for benefiting multi-CCD Ryzen X3D processors. The new AMD EPYC 9005 "Turin" server processors will now default to AMD P-State rather than ACPI CPUFreq for better power efficiency.... Linux 6.13 also brings more Rust programming language infrastructure and more. Phoronix notes that Linux 6.13 also brings "the start of Intel Xe3 graphics bring-up, support for many older (pre-M1) Apple devices like numerous iPads and iPhones, NVMe 2.1 specification support, and AutoFDO and Propeller optimization support when compiling the Linux kernel with the LLVM Clang compiler." And some lucky Linux kernel developers will also be getting a guitar pedal soldered by Linus Torvalds himself, thanks to a generous offer he announced a week ago: For _me_ a traditional holiday activity tends to be a LEGO build or two, since that's often part of the presents... But in addition to the LEGO builds, this year I also ended up doing a number of guitar pedal kit builds ("LEGO for grown-ups with a soldering iron"). Not because I play guitar, but because I enjoy the tinkering, and the guitar pedals actually do something and are the right kind of "not very complex, but not some 5-minute 555 LED blinking thing"... [S]ince I don't actually have any _use_ for the resulting pedals (I've already foisted off a few only unsuspecting victims^Hfriends), I decided that I'm going to see if some hapless kernel developer would want one.... as an admittedly pretty weak excuse to keep buying and building kits... "It may be worth noting that while I've had good success so far, I'm a software person with a soldering iron. You have been warned... [Y]ou should set your expectations along the lines of 'quality kit built by a SW person who doesn't know one end of a guitar from the other.'"

Read more of this story at Slashdot.

Amazon has angered its workers again "after forcing them to return to the office five days a week," reports the New York Post. The problem? "Not enough desks for everyone." (As well as "packed parking lots" that are turning some workers away.) The Post cites interviews conducted with seven Amazon employees by Business Insider (which notes that in mid-December Amazon had already delayed full return-to-office at dozens of locations, sometimes until as late as May, because of office-capacity issues). Here in mid-January, the Post writes, many returning-to-office workers still aren't happy: Some meeting rooms have not had enough chairs — and there also have not been enough meeting rooms for everyone, one worker told the publication... [S]imply reaching the office is a challenge in itself, according to the report. Some complained they were turned away from company parking lots that were full, while others griped about having to join meetings from the road due to excess traffic on their way to the office, according to the Slack messages. Once staffers conquer the challenges of reaching the office and finding a desk, some lamented the lack of in-person discussions since many of the meetings remain virtual, according to BI. Amazon acknowledged they had offices that were "not quite ready" to "welcome everyone back a full five days a week," according to Post, though Amazon believed the number of not-quite-ready offices were "relatively small". But the parking lot situation may continue. Business Insider says one employee from Amazon's Nashville office "said the wait time for a company parking pass was backed up for months." (Although another Nashville staffer said Amazon was handing out passes for them to take mass-transit for free, which they'd described as "incredibly generous.") There's also Amazon shuttle busses, according to the article. Although other staffers "said they were denied a spot on Amazon shuttle buses because the vehicles were full..." Others said they just drove back home, while some staffers found street parking nearby, according to multiple Slack messages seen by Business Insider... This month, some employees were still questioning the logic behind the policy. They said being in the office has had little effect on their work routine and has not generated much of a productivity gain. A considerable portion of their in-office work is still being done through video calls with customers who are elsewhere, these employees told BI. Many Amazon colleagues are at other office locations, so face-to-face meetings still don't happen very often, they added. The Post adds another drawback of returning to the office. "Employees at Amazon's Toronto office said their personal belongings have repeatedly been stolen from their desks."

Read more of this story at Slashdot.

"Engineers have showcased a prototype electric vehicle that can drive for up to 40 miles (64 kilometers) per day using just solar power," reports LiveScience. The production-ready "Aptera Launch Edition" made its first appearance this month at CES 2025, and "also offers up to 400 miles (640 km) of range from a single charge via an electrical output, company representatives said in a statement." LiveScience describes the vehicle as "lighter and more energy-efficient than conventional EVs, while offering a 50% reduction in aerodynamic resistance," with an energy efficiency rating of 100 Watt-hours per mile (Wh/mile). By contrast, a Tesla Model S (released in 2022) consumes 194 Wh/mile in the city in mild weather and 288 Wh/mile on the highway in mild weather, according to the EV Database. At a maximum range of 440 miles — including 40 miles using solar power and 400 miles using electricity — the Aptera EV may also overtake the current longest-range vehicles in production. The Mercedes-Benz EQS 450+ has a maximum range of 425 miles (684 km), according to the EV Database, followed by the Lucid Air Grand Touring at 410 miles (660 km). Aptera says it's raised $135 million "through equity crowdfunding" to fund its pre-production progress. "Since its launch, the Company has accepted $1.7 billion in pre-orders with nearly 50,000 vehicles reserved by future Aptera owners in the U.S. and internationally." MotorTrend writes that "nearly two decades in the making, the otherworldly three-wheel Aptera is headed to production this year as a $40,000, 400-mile EV that can capture up to 40 miles worth of free solar energy every day. Maybe." The California startup made similar promises in 2008, 2009, 2012, and 2022 and yet it has never delivered a single vehicle. Is anything different this time...? At CES, co-CEO (and one of Aptera's original founders) Chris Anthony told MotorTrend it will take another $60 million to finish the development work, buy the tooling, and build out the Carlsbad, California, assembly plant. "We're still in fundraising mode and we hope that we inspire some people in this beautiful building (Las Vegas Convention Center) to invest in Aptera," Anthony said. "We're trying to raise $20 million in the first quarter of this year. That will basically kick off all the long-lead items to get into production, but it's a $60 million plan to get into volume production." Anthony said the company has already made one of its largest purchases, the molds for the carbon-fiber sheet-molding composite body structure and the fiberglass sheet-molding composite body panels that will be made in Italy. The next $20 million will cover the tooling for the diecast metal suspension arms and the injection-molded interior components... It would be relatively easy for Aptera to hand build cars in a garage and announce the start of production, but the plan calls for building up to 80 cars per day per the guidance of engineering consultant and YouTuber Sandy Munro, who is an Aptera investor and adviser. "He really helped shepherd the design from what was an early prototype prove-out design into how to make the most manufacturable vehicle ever," Anthony said. The structure is built from just six parts and the entire car has been designed to be put together in a factory with just 12 stations. But that radical simplicity complicates the job at hand right now. In addition to developing the car, the small engineering team also has to create the machine that makes it. Anthony's plan has the factory ramping up to build 20,000 vehicles a year within nine months of starting production at the end of 2025. Before that can happen, Aptera needs to clear the same hurdle that tripped it up in 2011 and sent the company stumbling into liquidation — the money. "We would love one investor to be so inspired by what we're doing that they just hand us a $60 million check," Anthony told MotorTrend. "But it could be something that's kind of piecemeal over the next nine months to get that $60 million into the company." Are you convinced?

Read more of this story at Slashdot.

The Los Angeles Times calls it "a guns-blazingly funny documentary about two out-of-work British actors who spent a chunk of their COVID-19 lockdown staging Shakespeare's masterpiece on the mean streets of Grand Theft Auto V." Grand Theft Hamlet won SXSW's Jury Award for best documentary, and has now opened in U.S. theatres this weekend (and begun streaming on Mubi), after opening in the U.K. and Ireland. But nearly the entire film is set in Grand Theft Auto's crime-infested version of Los Angeles, the Times reports, "where even the good guys have weapons and a nihilistic streak — the vengeful Prince of Denmark fits right in." Yet when Sam Crane, a.k.a. @Hamlet_thedane, launches into one of the Bard's monologues, he's often murdered by a fellow player within minutes. Everyone's a critic. Crane co-directed the movie with his wife, Pinny Grylls, a first-time gamer who functions as the film's camera of sorts. What her character sees, where she chooses to stand and look, makes up much of the film, although the editing team does phenomenal work splicing in other characters' points of view. (We're never outside of the game until the last 30 seconds; only then do we see anyone's real face....) The Bard's story is only half the point. Really, this is a classic let's-put-on-a-pixilated-show tale about the need to create beauty in the world — even this violent world — especially when stage productions in England have shuttered, forcing Crane, a husband and father, and Mark Oosterveen, single and lonely, to kill time speeding around the digital desert... To our surprise (and theirs), the play's tussles with depression and anguish and inertia become increasingly resonant as the production and the pandemic limps toward their conclusions. When Crane and Oosterveen's "Grand Theft Auto" avatars hop into a van with an anonymous gamer and ask this online stranger for his thoughts on Hamlet's suicidal soliloquy, the man, a real-life delivery driver stuck at home with a broken leg, admits, "I don't think I'm in the right place to be replying to this right now...." In 2014 Hamlet was also staged in Guild Wars 2, the article points out. "This is, however, the first attempt I'm aware of that attempts to do the whole thing live in one go, no matter if one of the virtual actors falls to their doom from a blimp. "As Grylls says, 'You can't stop production just because somebody dies.'"

Read more of this story at Slashdot.

America's outgoing national security adviser has "wide access to the world's secrets," writes Axios, adding that the security adviser delivered a "chilling" warning that "The next few years will determine whether AI leads to catastrophe — and whether China or America prevails in the AI arms race." But in addition, Sullivan "said in our phone interview that unlike previous dramatic technology advancements (atomic weapons, space, the internet), AI development sits outside of government and security clearances, and in the hands of private companies with the power of nation-states... 'There's going to have to be a new model of relationship because of just the sheer capability in the hands of a private actor,' Sullivan says..." Somehow, government will have to join forces with these companies to nurture and protect America's early AI edge, and shape the global rules for using potentially God-like powers, he says. U.S. failure to get this right, Sullivan warns, could be "dramatic, and dramatically negative — to include the democratization of extremely powerful and lethal weapons; massive disruption and dislocation of jobs; an avalanche of misinformation..." To distill Sullivan: America must quickly perfect a technology that many believe will be smarter and more capable than humans. We need to do this without decimating U.S. jobs, and inadvertently unleashing something with capabilities we didn't anticipate or prepare for. We need to both beat China on the technology and in shaping and setting global usage and monitoring of it, so bad actors don't use it catastrophically. Oh, and it can only be done with unprecedented government-private sector collaboration — and probably difficult, but vital, cooperation with China... There's no person we know in a position of power in AI or governance who doesn't share Sullivan's broad belief in the stakes ahead... That said, AI is like the climate: America could do everything right — but if China refuses to do the same, the problem persists and metastasizes fast. Sullivan said Trump, like Biden, should try to work with Chinese leader Xi Jinping on a global AI framework, much like the world did with nuclear weapons. "I personally am not an AI doomer," Sullivan says in the interview. "I am a person who believes that we can seize the opportunities of AI. But to do so, we've got to manage the downside risks, and we have to be clear-eyed and real about those risks." Thanks to long-time Slashdot reader Mr_Blank for sharing the article.

Read more of this story at Slashdot.

The Washington Post reports: Ruptures of undersea cables that have rattled European security officials in recent months were likely the result of maritime accidents rather than Russian sabotage, according to several U.S. and European intelligence officials. The determination reflects an emerging consensus among U.S. and European security services, according to senior officials from three countries involved in ongoing investigations of a string of incidents in which critical seabed energy and communications lines have been severed... [S]o far, officials said, investigations involving the United States and a half-dozen European security services have turned up no indication that commercial ships suspected of dragging anchors across seabed systems did so intentionally or at the direction of Moscow. Instead, U.S. and European officials said that the evidence gathered to date — including intercepted communications and other classified intelligence — points to accidents caused by inexperienced crews serving aboard poorly maintained vessels. U.S. officials cited "clear explanations" that have come to light in each case indicating a likelihood that the damage was accidental, and a lack of evidence suggesting Russian culpability. Officials with two European intelligence services said that they concurred with U.S. assessments. Despite initial suspicions that Russia was involved, one European official said there is "counter evidence" suggesting otherwise. The U.S. and European officials declined to elaborate and spoke on the condition of anonymity, citing the sensitivity of ongoing investigations... A Nordic official briefed on the investigation said conditions on the tanker were abysmal. "We've always gone out with the assumption that shadow fleet vessels are in bad shape," the official said. "But this was even worse than we thought...." European security officials said that Finland's main intelligence service is in agreement with Western counterparts that the Dec. 25 incident appears to have been an accident, though they cautioned that it may be impossible to rule out a Russian role. The article points out another reason Russia might not want to draw attention to the waterways around NATO countries. Doing so "could endanger oil smuggling operations Russia has relied on to finance the war in Ukraine, and possibly provoke more aggressive efforts by Western governments to choke off Russia's route to the North Atlantic."

Read more of this story at Slashdot.

"As large-scale solar farms crop up across the U.S.," reports ABC News, "the booming solar industry has found an unlikely mascot..." Sheep. In Milam County, outside Austin [Texas], SB Energy operates the fifth-largest solar project in the country, capable of generating 900 megawatts of power across 4,000 acres (1,618 hectares). How do they manage all that grass? With the help of about 3,000 sheep, which are better suited than lawnmowers to fit between small crevices and chew away rain or shine. The proliferation of sheep on solar farms is part of a broader trend — solar grazing — that has exploded alongside the solar industry. Agrivoltaics, a method using land for both solar energy production and agriculture, is on the rise with more than 60 solar grazing projects in the U.S., according to the National Renewable Energy Laboratory. The American Solar Grazing Association says 27 states engage in the practice. "The industry tends to rely on gas-powered mowers, which kind of contradicts the purpose of renewables," SB Energy asset manager James Hawkins said... Because solar fields use sunny, flat land that is often ideal for livestock grazing, the power plants have been used in coordination with farmers rather than against them.... Some agriculture experts say [solar sheepherders'] success reflects how solar farms have become a boon for some ranchers. Reid Redden, a sheep farmer and solar vegetation manager in San Angelo, Texas, said a successful sheep business requires agricultural land that has become increasingly scarce. "Solar grazing is probably the biggest opportunity that the sheep industry had in the United States in several generations," Redden said. The response to solar grazing has been overwhelmingly positive in rural communities near South Texas solar farms where Redden raises sheep for sites to use, he said. "I think it softens the blow of the big shock and awe of a big solar farm coming in," Redden said.

Read more of this story at Slashdot.

ABC News reported that the official newspaper of China's communist party is claiming TikTok refugees on RedNote found a "new home," and "openness, communication, and mutual learning are... the heartfelt desires of people from all countries." But in fact, Wired reports, "China's Cyberspace Administration, the country's top internet watchdog, has reportedly already grown concerned about content being shared by foreigners on Xiaohongshu," and "warned the platform earlier this week to 'ensure China-based users can't see posts from U.S. users,' according to The Information." And that's just the beginning. Wired reports that RedNote is now also "scrambling to hire English-speaking moderators." Social media platforms in China are legally required to remove a wide range of content, including nudity and graphic violence, but especially information that the government deems politically sensitive... "RedNote — like all platforms owned by Chinese companies — is subject to the Chinese Communist Party's repressive laws," wrote Allie Funk, research director for technology and democracy at the nonprofit human rights organization Freedom House, in an email to WIRED. "Independent researchers have documented how keywords deemed sensitive to those in power, such as discussion of labor strikes or criticism of Xi Jinping, can be scrubbed from the platform." But the influx of American TikTok users — as many as 700,000 in merely two days, according to Reuters — could be stretching Xiaohongshu's content moderation abilities thin, says Eric Liu, an editor at China Digital Times, a California-based publication documenting censorship in China, who also used to work as a content moderator himself for the Chinese social media platform Weibo... Liu reposted a screenshot on Bluesky showing that some people who recently joined Xiaohongshu have received notifications that their posts can only be shown to other users after 48 hours, seemingly giving the company time to determine whether they may be violating any of the platform's rules. This is a sign that Xiaohongshu's moderation teams are unable to react swiftly, Liu says... While the majority of the new TikTok refugees still appear to be enjoying their time on Xiaohongshu, some have already had their posts censored. Christine Lu, a Taiwanese-American tech entrepreneur who created a Xiaohongshu account on Wednesday, says she was suspended after uploading three provocative posts about Tiananmen, Tibet, and Taiwan. "I support more [Chinese and American] people engaging directly. But also, knowing China, I knew it wouldn't last for long," Lu tells WIRED. Despite the 700,000 signups in two days, "It's also worth nothing that the migration to RedNote is still very small, and only a fraction of the 170 million people in the US who use TikTok," notes The Conversation. (And they add that "The US government also has the authority to pressure Apple to remove RedNote from the US App Store if it thinks the migration poses a national security threat.") One nurse told the Los Angeles Times Americans signed up for the app because they "just don't want to give in" to "bullying" by the U.S. government. (The Times notes she later recorded a video acknowledging that on the Chinese-language app, "I don't know what I'm doing, I don't know what I'm reading, I'm just pressing buttons.") On Tuesday, the Wall Street Journal reported that Chinese officials had discussed the possibility of selling TikTok to a trusted non-Chinese party such as Elon Musk, who already owns social media platform X. However, analysts said that Bytedance is unlikely to agree to a sale of the underlying algorithm that powers the app, meaning the platform under a new owner could still look drastically different.

Read more of this story at Slashdot.

CNN reports: TikTok appears to be coming back online just hours after President-elect Donald Trump pledged Sunday that he would sign an executive order Monday that aims to restore the banned app. Around 12 hours after first shutting itself down, U.S. users began to have access to TikTok on a web browser and in the app, although the page still showed a warning about the shutdown. The brief outage was "the first time in history the U.S. government has outlawed a widely popular social media network," reports NPR. Apple and Google removed TikTok from their app stores. (And Apple also removed Lemon8). The incoming president announced his pending executive order "in a post on his Truth Social account," reports the Associated Press, "as millions of TikTok users in the U.S. awoke to discover they could no longer access the TikTok app or platform." But two Republican Senators said Sunday that the incoming president doesn't have the power to pause the TikTok ban. Tom Cotton of Arkansas and Peter Ricketts of Nebraska posted on X.com that "Now that the law has taken effect, there's no legal basis for any kind of 'extension' of its effective date. For TikTok to come back online in the future, ByteDance must agree to a sale... severing all ties between TikTok and Communist China. Only then will Americans be protected from the grave threat posted to their privacy and security by a communist-controlled TikTok." The Associated Press reports that the incoming president offered this rationale for the reprieve in his Truth Social post. "Americans deserve to see our exciting Inauguration on Monday, as well as other events and conversations." The law gives the sitting president authority to grant a 90-day extension if a viable sale is underway. Although investors made a few offers, ByteDance previously said it would not sell. In his post on Sunday, Trump said he "would like the United States to have a 50% ownership position in a joint venture," but it was not immediately clear if he was referring to the government or an American company... "A law banning TikTok has been enacted in the U.S.," a pop-up message informed users who opened the TikTok app and tried to scroll through videos on Saturday night. "Unfortunately that means you can't use TikTok for now." The service interruption TikTok instituted hours earlier caught most users by surprise. Experts had said the law as written did not require TikTok to take down its platform, only for app stores to remove it. Current users had been expected to continue to have access to videos until the app stopped working due to a lack of updates... "We are fortunate that President Trump has indicated that he will work with us on a solution to reinstate TikTok once he takes office. Please stay tuned," read the pop-up message... Apple said the apps would remain on the devices of people who already had them installed, but in-app purchases and new subscriptions no longer were possible and that operating updates to iPhones and iPads might affect the apps' performance. In the nine months since Congress passed the sale-or-ban law, no clear buyers emerged, and ByteDance publicly insisted it would not sell TikTok. But Trump said he hoped his administration could facilitate a deal to "save" the app. TikTok CEO Shou Chew is expected to attend Trump's inauguration with a prime seating location. Chew posted a video late Saturday thanking Trump for his commitment to work with the company to keep the app available in the U.S. and taking a "strong stand for the First Amendment and against arbitrary censorship...." On Saturday, artificial intelligence startup Perplexity AI submitted a proposal to ByteDance to create a new entity that merges Perplexity with TikTok's U.S. business, according to a person familiar with the matter... The article adds that TikTok "does not operate in China, where ByteDance instead offers Douyin, the Chinese sibling of TikTok that follows Beijing's strict censorship rules." Sunday morning Republican House speaker Mike Johnson offered his understanding of Trump's planned executive order, according to Politico. Speaking on Meet the Press, Johnson said "the way we read that is that he's going to try to force along a true divestiture, changing of hands, the ownership. "It's not the platform that members of Congress are concerned about. It's the Chinese Communist Party and their manipulation of the algorithms." Thanks to long-time Slashdot reader ArchieBunker for sharing the news.

Read more of this story at Slashdot.

The JavaScript runtime Node.js can execute TypeScript (Microsoft's JavaScript-derived language with static typing). But now it can do it even better, explains Marco Ippolito of the Node.js steering committee: In August 2024 Node.js introduced a new experimental feature, Type Stripping, aimed at addressing a longstanding challenge in the Node.js ecosystem: running TypeScript with no configuration. Enabled by default in Node.js v23.6.0, this feature is on its way to becoming stable. TypeScript has reached incredible levels of popularity and has been the most requested feature in all the latest Node.js surveys. Unlike other alternatives such as CoffeeScript or Flow, which never gained similar traction, TypeScript has become a cornerstone of modern development. While it has been supported in Node.js for some time through loaders, they relied heavily on configuration and user libraries. This reliance led to inconsistencies between different loaders, making them difficult to use interchangeably. The developer experience suffered due to these inconsistencies and the extra setup required... The goal is to make development faster and simpler, eliminating the overhead of configuration while maintaining the flexibility that developers expect... TypeScript is not just a language, it also relies on a toolchain to implement its features. The primary tool for this purpose is tsc, the TypeScript compiler CLI... Type checking is tightly coupled to the implementation of tsc, as there is no formal specification for how the language's type system should behave. This lack of a specification means that the behavior of tsc is effectively the definition of TypeScript's type system. tsc does not follow semantic versioning, so even minor updates can introduce changes to type checking that may break existing code. Transpilation, on the other hand, is a more stable process. It involves converting TypeScript code into JavaScript by removing types, transforming certain syntax constructs, and optionally "downleveling" the JavaScript to allow modern syntax to execute on older JavaScript engines. Unlike type checking, transpilation is less likely to change in breaking ways across versions of tsc. The likelihood of breaking changes is further reduced when we only consider the minimum transpilation needed to make the TypeScript code executable — and exclude downleveling of new JavaScript features not yet available in the JavaScript engine but available in TypeScript... Node.js, before enabling it by default, introduced --experimental-strip-types. This mode allows running TypeScript files by simply stripping inline types without performing type checking or any other code transformation. This minimal technique is known as Type Stripping. By excluding type checking and traditional transpilation, the more unstable aspects of TypeScript, Node.js reduces the risk of instability and mostly sidesteps the need to track minor TypeScript updates. Moreover, this solution does not require any configuration in order to execute code... Node.js eliminates the need for source maps by replacing the removed syntax with blank spaces, ensuring that the original locations of the code and structure remain intact. It is transparent — the code that runs is the code the author wrote, minus the types... "As this experimental feature evolves, the Node.js team will continue collaborating with the TypeScript team and the community to refine its behavior and reduce friction. You can check the roadmap for practical next steps..."

Read more of this story at Slashdot.

In 2022 Google released a tool to easily scan for vulnerabilities in dependencies named OSV-Scanner. "Together with the open source community, we've continued to build this tool, adding remediation features," according to Google's security blog, "as well as expanding ecosystem support to 11 programming languages and 20 package manager formats... Users looking for an out-of-the-box vulnerability scanning CLI tool should check out OSV-Scanner, which already provides comprehensive language package scanning capabilities..." Thursday they also announced an extensible library for "software composition analysis" scanning (as well as file-system scanning) named OSV-SCALIBR (Open Source Vulnerability — Software Composition Analysis LIBRary). The new library "combines Google's internal vulnerability management expertise into one scanning library with significant new capabilities such as: Software composition analysis for installed packages, standalone binaries, as well as source code OSes package scanning on Linux (COS, Debian, Ubuntu, RHEL, and much more), Windows, and Mac Artifact and lockfile scanning in major language ecosystems (Go, Java, Javascript, Python, Ruby, and much more) Vulnerability scanning tools such as weak credential detectors for Linux, Windows, and Mac Software Bill of Materials (SBOM) generation in SPDX and CycloneDX, the two most popular document formats Optimization for on-host scanning of resource constrained environments where performance and low resource consumption is critical "OSV-SCALIBR is now the primary software composition analysis engine used within Google for live hosts, code repos, and containers. It's been used and tested extensively across many different products and internal tools to help generate SBOMs, find vulnerabilities, and help protect our users' data at Google scale. We offer OSV-SCALIBR primarily as an open source Go library today, and we're working on adding its new capabilities into OSV-Scanner as the primary CLI interface."

Read more of this story at Slashdot.

CNN has the latest on "a startling discovery made public in July that metallic rocks were apparently producing oxygen on the Pacific Ocean's seabed, where no light can penetrate. "Initial research suggested potato-size nodules rich in metals, predominantly found 4,000 meters (13,100 feet) below the surface in the Clarion-Clipperton Zone, released an electrical charge, splitting seawater into oxygen and hydrogen through electrolysis." The unprecedented natural phenomenon challenges the idea that oxygen can only be made from sunlight via photosynthesis. Andrew Sweetman, a professor at the UK's Scottish Association for Marine Science who was behind the find, is embarking on a three-year project to investigate the production of "dark" oxygen further... Uncovering dark oxygen revealed just how little is known about the deep ocean, and the Clarion-Clipperton Zone, or CCZ, in particular. The region is being explored for the deep-sea mining of rare metals contained in the rock nodules. The latter are formed over millions of years, and the metals play a key role in new and green technologies... Understanding the phenomenon better could also help space scientists find life beyond Earth, [Sweetman] added... Officials at NASA are interested in the research on dark oxygen production because it could inform scientific understanding of how life might be sustained on other planets without direct sunlight, Sweetman said. The space agency wants to run experiments to understand the amount of energy required to potentially produce oxygen at higher pressures that occur on Enceladus and Europa, the icy moons of Saturn and Jupiter, respectively, he added. Those moons are among the targets for investigating the possibility of life. Deep-sea mining companies are aiming to mine the cobalt, nickel, copper, lithium and manganese contained in the nodules for use in solar panels, electric car batteries and other green technology. Some companies have taken issue with Sweetman's research. Critics say deep-sea mining could irrevocably damage the pristine underwater environment and that it could disrupt the way carbon is stored in the ocean, contributing to the climate crisis. CNN's article also notes Massachusetts microbiologist Emil Ruff, who found unexpected oxygen far below the Canadian prairie in water isolated from the atmosphere for more than 40,000 years. "Nature keeps surprising us," he said. "There are so many things that people have said, 'Oh, this is impossible,' and then later it turns out it's not."

Read more of this story at Slashdot.

"The universe is expanding faster than predicted by theoretical models," writes Phys.org, "and faster than can be explained by our current understanding of physics." There's now been new confirmation of this (published in The Astrophysical Journal Letters) by a team led by Dan Scolnic, an associate professor of physics at Duke University. And this means the so-called Hubble tension "now turns into a crisis," said Dan Scolnic, who led the research team... This is saying, to some respect, that our model of cosmology might be broken." Measuring the universe requires a cosmic ladder, which is a succession of methods used to measure the distances to celestial objects, with each method, or "rung," relying on the previous for calibration. The ladder used by Scolnic was created by a separate team using data from the Dark Energy Spectroscopic Instrument (DESI), which is observing more than 100,000 galaxies every night from its vantage point at the Kitt Peak National Observatory. Scolnic recognized that this ladder could be anchored closer to Earth with a more precise distance to the Coma Cluster, one of the galaxy clusters nearest to us. "The DESI collaboration did the really hard part, their ladder was missing the first rung," said Scolnic. "I knew how to get it, and I knew that that would give us one of the most precise measurements of the Hubble constant we could get, so when their paper came out, I dropped absolutely everything and worked on this non-stop." To get a precise distance to the Coma cluster, Scolnic and his collaborators used the light curves from 12 Type Ia supernovae within the cluster. Just like candles lighting a dark path, Type Ia supernovae have a predictable luminosity that correlates to their distance, making them reliable objects for distance calculations. The team arrived at a distance of about 320 million light-years, nearly in the center of the range of distances reported across 40 years of previous studies — a reassuring sign of its accuracy. "This measurement isn't biased by how we think the Hubble tension story will end," said Scolnic. "This cluster is in our backyard, it has been measured long before anyone knew how important it was going to be." The results? "It matches the universe's expansion rate as other teams have recently measured it," writes Phys.org, "but not as our current understanding of physics predicts it. The longstanding question is: is the flaw in the measurements or in the models? Scolnic's team's new results add tremendous support to the emerging picture that the root of the Hubble tension lies in the models..." And the article closes with this quote from Scolnic: "Ultimately, even though we're swapping out so many of the pieces, we all still get a very similar number. So, for me, this is as good of a confirmation as it's ever gotten. We're at a point where we're pressing really hard against the models we've been using for two and a half decades, and we're seeing that things aren't matching up," said Scolnic. "This may be reshaping how we think about the universe, and it's exciting! There are still surprises left in cosmology, and who knows what discoveries will come next?"

Read more of this story at Slashdot.

Jersey is an island in the English channel, "a self-governing British Crown Dependency near the coast of northwest France," according to Wikipedia — population: 103,267. But now some residents of Jersey "have been recommended bloodletting to reduce high concentrations of 'forever chemicals' in their blood," reports the Guardian, "after tests showed some islanders have levels that can lead to health problems." Private drinking water supplies in Jersey were polluted by the use of firefighting foams containing PFAS (per- and polyfluoroalkyl substances) at the island's airport, which were manufactured by the U.S. multinational 3M. .. Bloodletting draws blood from a vein in measured amounts. It is safe and the body replenishes the blood naturally, but it must be repeated until clean... In response to the blood results, the government established an independent PFAS scientific advisory panel to advise public policy. The panel's first report recommended that the government should look at offering bloodletting to affected residents. "Studies show that bloodletting is an effective way to lower levels of PFAS in blood," said Ian Cousins, one of the panel members, though he added that there were no guarantees the process would prevent or cure diseases associated with the chemicals. The therapy costs about £100,000 upfront and then as much as £200,000 a year to treat 50 people. The panel is also considering the benefit of the drug cholestyramine, which a study has shown reduces PFAS in blood more quickly and cheaply, albeit with possible side effects. The government says it plans to launch a clinical service by early 2025. Contamination persisted on the island for decades. "We know they started to use 3M's firefighting foam in the 1960s and then ramped up in the 1990s in weekly fire training exercises, after which foam started to appear in nearby streams," said Jeremy Snowdon, a former Jersey airport engineer who drank contaminated water for years. He has measured elevated levels of PFAS in his own blood and has high cholesterol. The article includes this quote from one of the 88 residents of the polluted area found to have high levels of PFAS after blood testing. "I just want this out of my body. I don't want to end up with bladder cancer."

Read more of this story at Slashdot.

Chinese social-networking site RedNote became the #1 most-downloaded app in America, reports the Associated Press, with some new users considering it a way to protest America's possible TikTok ban. So what happened next? They were met with surprise, curiosity and in-jokes on Xiaohongshu — literally, "Little Red Book" — whose users saw English-language posts take over feeds almost overnight. Americans introduced themselves with hashtag TikTok refugees, ask me anything attitude and posting photos of their pets to pay their hosts' "cat tax." Parents swapped stories about raising kids and Swifties from both countries, of course, quickly found each other. It's a rare moment of direct contact between two online worlds that are usually kept apart by language, corporate boundaries, and China's strict system of online censorship that blocks access to nearly all international media and social media services... Xiaohongshu's 300 million monthly active users are overwhelmingly Chinese — so much so that parts of its interface have no English-language version... [Press reports suggest about a million of TikTok's 170 million users tried switching to RedNote this week...] On the platform, two versions of the TikTok refugee hashtag have over 24 million posts, with related posts appearing at the top of many users' feeds. A large number of American users say they've received a warm welcome from the community, with #TikTokrefugee. "Welcome the global villagers" remains the top one trending topic on Xiaohongshu, with 8.9 million views on Thursday. Users from both countries are comparing notes on grocery prices, rent, health insurance, medical bills and the relationship between mother-in-law and daughter-in-law. Parents talk about what the kids learn in school in two countries. Some have already joined book clubs and are building up a community. American users asked how Chinese see the LGBTQ community and got warned that it was among sensitive topics, Chinese users taught Americans what are sensitive topics and key words to avoid censorship on the app. Chinese students pulled out their English homework, looking for help. Chinese state media, which have long dismissed U.S. allegations against TikTok, have welcomed the protest against the ban. People's Daily [the official newspaper of the Central Committee of the Chinese Communist Party], said in an op-ed about TikTok refugees on Thursday that says the TikTok refugees found a "new home," and "openness, communication, and mutual learning are the unchanging themes of mankind and the heartfelt desires of people from all countries." Making the most of the moment is Jianlu Bi, who is apparently a senior content producer for Beijing's state-run China Global Television Network, which Wikipedia describes as "under the control of the Central Propaganda Department of the Chinese Communist Party". Friday Jianlu Bi crafted an article claiming "surprising" and "stark contrasts" were revealed: While the United States is often portrayed as a land of limitless opportunity, many American netizens have shared their struggles with high living costs, particularly in urban areas. One common theme is the exorbitant cost of healthcare. "I just got a simple bill for a routine checkup and it was over $500," shared one American user. "I can't imagine what a serious illness would cost! I feel like I'm constantly on the brink of financial ruin due to medical expenses." In contrast, Chinese netizens often express surprise at the affordability of many goods and services in their home country. For instance, the cost of housing, particularly in smaller cities, is often significantly lower in China compared to the United States.... This disparity is often attributed to factors such as government policies, economic development, and cultural differences... Traditional media narratives often present simplified and often biased portrayals of China and the United States. For example, the U.S. is often portrayed as a land of opportunity with limitless possibilities, while China is sometimes depicted as a country with limited freedoms. Xiaohongshu, on the other hand, provides a platform for ordinary people to share their authentic experiences and perspectives... A Chinese student studying in the U.S. shared, "I was surprised to learn that many of my classmates are working part-time jobs to cover their tuition and living expenses. This is very different from the image of affluent American students I had in my mind. It really opened my eyes to the realities of life for many young people in the U.S." "As social media continues to evolve, these platforms will undoubtedly play an increasingly important role in shaping global perceptions..." the article concludes. Article suggested by long-time Slashdot reader hackingbear.

Read more of this story at Slashdot.

The ratio of vacant U.S. jobs to jobless workers "has fallen from a record of 2 in 2022 to 1.1 in November," reports the Wall Street Journal — which adds that "the balance of power between employers and employees has shifted as the labor market has gone from white-hot to merely solid." JP Morgan's five-days-a-week return-to-office mandate was only the beginning, with big companies like Amazon and Dell "tightening remote-work policies, shrinking travel budgets and cutting back on benefits... Companies are slashing perks such as college-tuition assistance and time off for a sick pet... " 76% of [U.S.] job growth in the past year has been in healthcare and education, leisure and hospitality, and government. In fields such as finance, information, and professional and business services, job growth has been far weaker. While a shift in leverage to employers might have shown up in layoffs or wage cuts in the past, now it is more subtle, often in changes to working conditions. For example, knowing that some workers will quit rather than return to the office, some companies are ending remote work as a way of trimming payroll. "Quiet quitting" — workers who slacked off rather than quit — has been replaced by "quiet cutting" — employers who cut jobs without actually announcing job cuts... Michael Gibbs, a professor of economics at the University of Chicago's Booth School of Business, said the new mandates might simply be a message to workers that times have changed. "Firms are trying to reset expectations," he said... [After refusing her employers return-to-office four-days-a-week mandate, Mayrian] Sanz, who now works as an independent business and leadership coach, said she applied for 25 to 30 jobs listed as remote but initially got no responses. When some hiring managers finally replied, they had a surprise: Jobs listed as remote would now be in-office. "They just say everything is shifting to going back to the office," she said. Among tech workers, the share receiving perks such as paid volunteer hours, college-tuition reimbursement, free financial advice and mental-health programs all declined by about 4 percentage points in 2024 from 2023, according to Dice, a technology job board. Average bonuses fell by more than $800, from $15,011 to $14,194. Meanwhile, Netflix has quietly backed off from its unlimited parental leave in a child's first year, The Wall Street Journal reported last month. A company spokesman said at that time that employees have the freedom and flexibility to determine what is best for them. The article notes that "The actual impact of return-to-office directives remains to be seen," with economists "skeptical" the directives make companies more productive and faster-growing: Many workers now being called in were already spending some time in their cubicles. Nicholas Bloom, a professor of economics at Stanford University, said most of the benefits of collaboration can be achieved with just a few days in the office, while some tasks that require concentration are better done at home. Elsewhere the Wall Street Journal that looking for a job "is set to get less miserable this year," since roughly two-thirds of U.S. employers plan to add permanent roles within the next six months, "according to a new survey by staffing and consulting firm Robert Half." And Computerworld notes that the IT unemployment rate is now just 2% in the U.S. (according to official figures from the US Bureau of Labor statistics).

Read more of this story at Slashdot.

The BBC brings news from the Baltic Sea. After critical undersea cables were damaged or severed last year, "NATO has launched a new mission to increase the surveillance of ships..." Undersea infrastructure is essential not only for electricity supply but also because more than 95% of internet traffic is secured via undersea cables, [said NATO head Mark Rutte], adding that "1.3 million kilometres (800,000 miles) of cables guarantee an estimated 10 trillion-dollar worth of financial transactions every day". In a post on X, he said Nato would do "what it takes to ensure the safety and security of our critical infrastructure and all that we hold dear".... Estonia's Foreign Minister Margus Tsahkna said in December that damage to submarine infrastructure had become "so frequent" that it cast doubt on the idea the damage could be considered "accidental" or "merely poor seamanship". The article also has new details about a late-December cable-cutting by the Eagle S (which was then boarded by Finland's coast guard and steered into Finnish waters). "On Monday, Risto Lohi of Finland's National Bureau of Investigation told Reuters that the Eagle S was threatening to cut a second power cable and a gas pipe between Finland and Estonia at the time it was seized." And there's reports that the ship was loaded with spying equipment. UPDATE (1/19/2024): The Washington Post reports that the undersea cable ruptures "were likely the result of maritime accidents rather than Russian sabotage, according to several U.S. and European intelligence officials." But whatever they're watching for, NATO's new surveillance of the Baltic Sea will include "uncrewed surface vessels," according to defense-news web site TWZ.com: The uncrewed surface vessels [or USVs], also known as drone boats, will help establish an enhanced common operating picture to give participating nations a better sense of potential threats and speed up any response. It is the first time NATO will use USVs in this manner, said a top alliance commander... There will be at least 20 USVs assigned [a NATO spokesman told The War Zone Friday]... In the first phase of the experiment, the USVs will "have the capabilities under human control" while "later phases will include greater autonomy." The USVs will augment the dozen or so vessels as well as an unspecified number of crewed maritime patrol aircraft committed One highly-placed NATO official tells the site that within weeks "we will begin to use these ships to give a persistent, 24-7 surveillance of critical areas." Last week the U.K. government also announced "an advanced UK-led reaction system to track potential threats to undersea infrastructure and monitor the Russian shadow fleet." The system "harnesses AI to assess data from a range of sources, including the Automatic Identification System (AIS) ships use to broadcast their position, to calculate the risk posed by each vessel entering areas of interest." Harnessing the power of AI, this UK-led system is a major innovation which allows us the unprecedented ability to monitor large areas of the sea with a comparatively small number of resources, helping us stay secure at home and strong abroad.

Read more of this story at Slashdot.

A new law is being considered by New York's state legislature, reports a local news outlet. "if passed, will require anyone buying a 3D printer to pass a background check. If you can't legally own a firearm, you won't be able to buy one of these printers..." It is illegal to print most gun parts in New York. Attorney Greg Rinckey believes the proposal is an overreach. "I think this is also gonna face some constitutional problems. I mean, it really comes down to a legal parsing of what are you printing and at what point is it technically a firearm?" [Ascent Fabrication owner Joe] Fairley thinks lawmakers should shift their focus on those partial gun kits that produce the metal firing components. Another possibility is to require printer manufacturers to install software that prevents gun parts from being printed. "They would need to agree on some algorithm to look at the part and say nope, that is a gun component, you're not allowed to print that part somehow," said Fairley. "But I feel like it would be extremely difficult to get to that point."

Read more of this story at Slashdot.

A county transit police detective fed a poor-quality image to an AI-powered facial recognition program, remembers the Washington Post, leading to the arrest of "Christopher Gatlin, a 29-year-old father of four who had no apparent ties to the crime scene nor a history of violent offenses." He was unable to post the $75,000 cash bond required, and "jailed for a crime he says he didn't commit, it would take Gatlin more than two years to clear his name." A Washington Post investigation into police use of facial recognition software found that law enforcement agencies across the nation are using the artificial intelligence tools in a way they were never intended to be used: as a shortcut to finding and arresting suspects without other evidence... The Post reviewed documents from 23 police departments where detailed records about facial recognition use are available and found that 15 departments spanning 12 states arrested suspects identified through AI matches without any independent evidence connecting them to the crime — in most cases contradicting their own internal policies requiring officers to corroborate all leads found through AI. Some law enforcement officers using the technology appeared to abandon traditional policing standards and treat software suggestions as facts, The Post found. One police report referred to an uncorroborated AI result as a "100% match." Another said police used the software to "immediately and unquestionably" identify a suspected thief. Gatlin is one of at least eight people wrongfully arrested in the United States after being identified through facial recognition... All of the cases were eventually dismissed. Police probably could have eliminated most of the people as suspects before their arrest through basic police work, such as checking alibis, comparing tattoos, or, in one case, following DNA and fingerprint evidence left at the scene. Some statistics from the article about the eight wrongfully-arrested people: In six cases police failed to check alibis In two cases police ignored evidence that contradicted their theory In five cases police failed to collect key pieces of evidence In three cases police ignored suspects' physical characteristics In six cases police relied on problematic witness statements The article provides two examples of police departments forced to pay $300,000 settlements after wrongful arrests caused by AI mismatches. But "In interviews with The Post, all eight people known to have been wrongly arrested said the experience had left permanent scars: lost jobs, damaged relationships, missed payments on car and home loans. Some said they had to send their children to counseling to work through the trauma of watching their mother or father get arrested on the front lawn. "Most said they also developed a fear of police."

Read more of this story at Slashdot.