Scientists "demonstrated a promising step toward using a person's own immune cells to fight gastrointestinal cancers" at America's National Institutes of Health (or NIH), reports the Washington Post. But the results were published in Nature Medicine on Tuesday — "the same day the agency was hit with devastating layoffs..." The treatment approach is still early in its development; the personalized immunotherapy regimen shrank tumors in only about a quarter of the patients with colon, rectal and other GI cancers enrolled in a clinical trial. But a researcher who was not involved in the study called the results "remarkable" because they highlight a path to a frustratingly elusive goal in medicine — harnessing a person's own immune defenses to target common solid tumor cancers. Until now, cell-based immunotherapy has worked mainly on blood cancers, such as leukemia, but not the solid cancers that seed tumors in the breast, brain, lungs, pancreas and GI tract... But the progress arrives at a sad time for science — and for patients, said the leader of the work, NIH immunotherapy pioneer Steven Rosenberg. Two patients' treatments using the experimental therapy had to be delayed because NIH's capacity to make personalized cell therapies has been slowed by the firing of highly skilled staff and by purchasing slowdowns. Those occurred even before major layoffs took place Tuesday... The Department of Health and Human Services (HHS) responded to an email asking about clinical trial delays with a statement: "NIH and HHS are complying with President Trump's executive order." It's "a very exciting study," said Patrick Hwu, president of the Moffitt Cancer Center in Tampa. Finding ways to tailor this cell-based immunotherapy approach to common solid tumors that cause the vast majority of cancer deaths has remained a major scientific challenge... Rosenberg and colleagues first tried to create tumor infiltrating lymphocytes [or "TILs"] using the method that worked in melanoma for 18 patients with GI cancers that had spread. It failed completely. In a second iteration, his team sequenced the mutations present in each patient's tumor and used that information to sift out and expand the TILs that could home in on that patient's specific tumor cells. The results were far from a triumph, but provided a clue — this time, three of 39 patients' tumors shrank. In the last stage of the trial, the scientists added a drug called pembrolizumab that takes the brakes off immune cells. This time, eight of the 34 patients responded. "Right now, only a few labs in the country can do what they just did," Hwu said. While Rosenberg is already working "to refine and improve upon the results," he told the Post that two scientists involved in the specialized process of preparing the cells to treat patients were fired in the probationary purge. "We've had to slow down our work and delay the treatment of some patients...." And there's also dramatically fewer people now who can purchase research materials, which the Post says it "making it slower and more difficult to obtain supplies."

Read more of this story at Slashdot.

Brain rot — the inability to think deeply after too much scrolling on a phone — afflicts "plenty of people," writes the New York Times' lead consumer technology writer. [Alternate URL here.] He's suffering from it too — "These days, it's tough to even finish a book." But is the answer just avoiding distractions with a stripped-down $600 phone "that barely does anything"? For a week he tested the Light Phone III... The newest version, which began shipping in March and is set for a broader release in July, can place calls, send texts, take photos, show map directions, play music and podcasts and not do much else. There is no web browser. There is also no app store, meaning there's no Uber to hail a ride, no Slack and no social media. There isn't even email... There were moments I enjoyed it. While waiting for a train, resting at the gym or eating alone, I was not tempted to stare at the phone screen, and I felt more mindful of my surroundings. Phone calls sounded nice and clear. The maps app did a fine job navigating me around town. It reminded me of simpler times when we used phones primarily to converse before putting them away to focus on other tasks. But over the week, the downsides of a dumber phone chipped away at my enjoyment, and overall I felt more stressed and less capable. I suddenly found myself unable to get into a train station, look up the name of a new restaurant or control my garage door. Some of that has less to do with the Light Phone itself, which is a so-so product, and more to do with how society as a whole has become dependent on advanced smartphone features. For example, his old smartphone supported virtual phone-based passes for mass transit and speedy access to his gym. (And his friends made phone of the Light Phone's photos.) But at least never felt tempted to check his email when out to dinner. "While I admire the goal of the Light Phone, my experience demonstrates there's nothing we can realistically do or buy to bring us back to simpler times. So many aspects of our lives, including getting around town, working, paying for things and controlling home appliances, revolve around our highly capable smartphones. "This Light Phone experiment reminded me of glamping: paying a lot to have an artificially crummier experience."

Read more of this story at Slashdot.

"Gen Z is rediscovering Tumblr — a chaotic, cozy corner of the internet untouched by algorithmic gloss and influencer overload..." writes Fast Company, "embracing the platform as a refuge from an internet saturated with influencers and algorithm fatigue." Thanks to Gen Z, the site has found new life. As of 2025, Gen Z makes up 50% of Tumblr's active monthly users and accounts for 60% of new sign-ups, according to data shared with Business Insider's Amanda Hoover, who recently reported on the platform's resurgence. User numbers spiked in January during the near-ban of TikTok and jumped again last year when Brazil temporarily banned X. In response, Tumblr users launched dedicated communities to archive and share their favorite TikToks... To keep up with the momentum, Tumblr introduced Reddit-style Communities in December, letting users connect over shared interests like photography and video games. In January, it debuted Tumblr TV — a TikTok-like feature that serves as both a GIF search engine and a short-form video platform. But perhaps Tumblr's greatest strength is that it isn't TikTok or Facebook. Currently the 10th most popular social platform in the U.S., according to analytics firm Similarweb, Tumblr is dwarfed by giants like Instagram and X. For its users, though, that's part of the appeal. First launched in 2007, Tumblr peaked at over 100 million users in 2014, according to the article. Trends like Occupy Wall Street had been born on Tumblr, notes Business Insider, calling the blogging platform "Gen Z's safe space... as the rest of the social internet has become increasingly commodified, polarized, and dominated by lifestyle influencers." Tumblr was also "one of the most hyped startups in the world before fading into obsolescence — bought by Yahoo for $1.1 billion in 2013... then acquired by Verizon, and later offloaded for fractions of pennies on the dollar in a distressed sale. "That same Tumblr, a relic of many millennials' formative years, has been having a moment among Gen Z..." "Gen Z has this romanticism of the early-2000s internet," says Amanda Brennan, an internet librarian who worked at Tumblr for seven years, leaving her role as head of content in 2021... Part of the reason young people are hanging out on old social platforms is that there's nowhere new to go. The tech industry is evolving at a slower pace than it was in the 2000s, and there's less room for disruption. Big Tech has a stranglehold on how we socialize. That leaves Gen Z to pick up the scraps left by the early online millennials and attempt to craft them into something relevant. They love Pinterest (founded in 2010) and Snapchat (2011), and they're trying out digital point-and-shoot cameras and flip phones for an early-2000s aesthetic — and learning the valuable lesson that sometimes we look better when blurrier. More Gen Zers and millennials are signing up for Yahoo. Napster, surprising many people with its continued existence, just sold for $207 million. The trend is fueled by nostalgia for Y2K aesthetics and a longing for a time when people could make mistakes on the internet and move past them. The pandemic also brought more Gen Z users to Tumblr... And Tumblr still works much like an older internet, where people have more control over what they see and rely less on algorithms. "You curate your own stuff; it takes a little bit of work to put everything in place, but when it's working, you see the content you want to see," Fjodor Everaerts, a 26-year-old in Belgium who has made some 250,000 posts since he joined Tumblr when he was 14... Under Automattic, Tumblr is finally in the home that serves it, [says Ari Levine, the head of brand partnerships at Tumblr]. "We've had ups and downs along the way, but we're in the most interesting position and place that we've been in 18 years," he says... And following media companies (including Business Insider) and social platforms like Reddit, Automattic in 2024 was making a deal with OpenAI and Midjourney to allow the systems to train on Tumblr posts. "The social internet is fractured," the article argues. ("Millennials are running Reddit. Gen Xers and Baby Boomers have a home on Facebook. Bluesky, one of the new X alternatives, has a tangible elder-millennial/Gen X vibe. Gen Zers have created social apps like BeReal and the Myspace-inspired Noplace, but they've so far generated more hype than influence....") But in a world where megaplatforms "flatten our online experiences and reward content that fits a mold," the article suggests, "smaller communities can enrich them."

Read more of this story at Slashdot.

"U.S. stock market futures plunged on Sunday evening," reports Yahoo Finance, "after the new U.S. tariff policy began collecting duties over the weekend..." The EU will vote on $28 billion in retaliatory tariffs Wednesday, Reuters reports. (And those tariffs will be approved unless "a qualified majority of 15 EU members representing 65% of the EU's population oppose it. They would enter force in two stages, a smaller part on April 15 and the rest a month later.") But France's Economy and Finance Minister has an idea: more strictly regulating how data is used by America's Big Tech companies. Politico EU reports/A>: "We may strengthen certain administrative requirements or regulate the use of data," Lombard said in an interview with Le Journal Du Dimanche. He added that another option could be to "tax certain activities," without being more specific. A French government spokesperson already said last week that the EU's retaliation against U.S. tariffs could include "digital services that are currently not taxed." That suggestion was fiercely rejected by Ireland, which hosts the European headquarters of several U.S. Big Tech firms... Technology is seen as a possible area for Europe to retaliate. The European Union has a €157 billion trade surplus in goods, which means it exports more than it imports, but it runs a deficit of €109 billion in services, including digital services. Big Tech giants like Apple, Microsoft, Amazon, Google and Meta dominate many parts of the market in Europe. Amid the market turmoil, what about cryptocurrencies, often seen as a "proxy" for the level of risk felt by investors? In the 10 weeks after October 6, the price of Bitcoin skyrocketed 67% to $106,490 by December 10th. But by January 30th it had started dropping again, and now sits at $77,831 — still up 22% for the last six months, but down nearly 27% over the last 10 weeks. Yet even after all that volatility, Bitcoin suddenly fell again more than 6% on Sunday, reports Reuters, "as markets plunged amid tariff tensions. Ether, the second largest cryptocurrency, fell more than 10% on Sunday."

Read more of this story at Slashdot.

"Three Microsoft CEOs walk into a room..." Satya Nadella posted on X.com, "and are interviewed by Copilot!" As part of Microsoft's 50th anniversary celebration, Microsoft CEO Nadella joined former Microsoft CEOs Bill Gates and Steve Ballmer in a funny two-minute video (also available on YouTube) in which Nadella asks Copilot for an AI-powered roast of each of them. "All right Satya," Copilot answers. "Let's spice it up..." Copilot: Steve, we'll start with you. Your enthusiasm is legendary. But do you ever worry that your energy might short-circuit the AI? I mean, even robots need a coffee break after your pep talks. Steve Ballmer: Come on dude! If you can't handle me, you can't handle a huge percentage of the world's population! We're counting on you! Copilot: Ha ha, fair point Steve. Now Bill, you've got that signature thoughtful gaze. But do you ever think the AI might feel intimidated by your intense thinking face? I mean, it's like it's waiting for a blue screen moment. Bill Gates: I hope so. I mean, it's all I've got left as the AIs get so damn intelligent. It's just that gaze and my willingness to criticize that differentiates me. Copilot: And it's a formidable gaze indeed, Bill. Steve Ballmer: Copilot, would you ever be willing to criticize him? Copilot: Absolutely. Criticism is where growth happens. Now Satya, AI seems to be your best buddy — but ever worry that your deep passion for AI could one day have it running the show, leaving you to just enjoy the ride? Satya Nadella: Well, the day AI can play like the best cricket player that I enjoy, that's the day it can run the show, as far as I'm concerned. Copilot: Touche, Satya. Let's see if it can hit a century in cricket and then we'll talk. This has been a blast, gentlemen. Here's to another 50 years of innovation and adventure. Cheers. Ballmer, Nadella, and Gates: Cheers. Bill Gates: Whatever that means to an AI. Does it drink?

Read more of this story at Slashdot.

Nuclear fusion — which releases four times the energy of fission — could theoretically happen sooner in space than on earth, reports CNN. "And it could help spacecraft achieve speeds of up to 500,000 miles (805,000 kilometers) per hour — more than the fastest object ever built..." With funding from the UK Space Agency, British startup Pulsar Fusion has unveiled Sunbird, a space rocket concept designed to meet spacecraft in orbit, attach to them, and carry them to their destination at breakneck speed using nuclear fusion... For now, Sunbird is in the very early stages of construction and it has exceptional engineering challenges to overcome, but Pulsar says it hopes to achieve fusion in orbit for the first time in 2027. [Pulsar's founder/CEO says the first functional Sunbird would be ready four to five years later.] If the rocket ever becomes operational, it could one day cut the journey time of a potential mission to Mars in half. CNN says the proposed Sunbird process would use helium-3 — which may be abundant on the Moon — to generate protons which "can be used as a 'nuclear exhaust' to provide propulsion". (And without generating any dangerous radioactive material.) "It's very unnatural to do fusion on Earth," says Richard Dinan, founder and CEO of Pulsar. "Fusion doesn't want to work in an atmosphere. Space is a far more logical, sensible place to do fusion, because that's where it wants to happen anyway...." Sunbirds would operate similarly to city bikes at docking stations, according to Dinan: "We launch them into space, and we would have a charging station where they could sit and then meet your ship," he says. "You turn off your inefficient combustion engines, and use nuclear fusion for the greater part of your journey. Ideally, you'd have a station somewhere near Mars, and you'd have a station on low Earth orbit, and the (Sunbirds) would just go back and forth...." Initially, the Sunbirds will be offered for shuttling satellites in orbit, but their true potential would come into play with interplanetary missions. The company illustrates a few examples of the missions that Sunbird could unlock, such as delivering up to 2,000 kilograms (4,400 pounds) of cargo to Mars in under six months, deploying probes to Jupiter or Saturn in two to four years (NASA's Europa Clipper, launched in 2024 towards one of Jupiter's moons, will arrive after 5.5 years), and an asteroid mining mission that would complete a round trip to a near-Earth asteroid in one to two years instead of three. Other companies are working on nuclear fusion engines for space propulsion, including Pasadena-based Helicity Space, which received investment from aerospace giant Lockheed Martin in 2024. San Diego-based General Atomics and NASA are working on another type of nuclear reactor — based on fission rather than fusion — which they plan to test in space in 2027.

Read more of this story at Slashdot.

It was already the best-selling videogame of all time, notes the Hollywood Reporter. And A Minecraft Movie just had the biggest opening ever for a video game movie adaptation. WIth a production budget of $150 million, it earned in $157 million in just its first weekend in the U.S., with a worldwide total of $301 million. A Warner Bros. executive called the movie "lightning in a bottle," while the head of co-producer Legendary Pictures acknowledged the game is a global phenomon, according to the article. (About the movie's performance, the executive "said the opening is a both a reflection of the mandate to celebrate the world of Minecraft in a joyful way, and the singular experience that only theatrical can offer." But an unfinished version leaked online before the movie was even released, reports Variety Screenshots and footage from the fantasy adventure were being shared widely on social media platforms this week, and were also available on file sharing sites. The images and scenes have uncompleted visual effects. Most of the footage was quickly taken down by the rights holders. Although pirated footage is a common problem for major film releases, it's rare to have a working print leak online in this way, raising questions about how such an early version of the movie was accessed, stolen and then shared.

Read more of this story at Slashdot.

theodp writes: America's National Football League announced that beginning with the 2025 season, Sony's Hawk-Eye virtual measurement technology will assess and identify first downs after a ball spot. Sony's Hawk-Eye virtual measurement technology, which consists of six 8K cameras for optical tracking of the position of the ball, is operated from the NFL's "Art McNally GameDay Central Officiating Center" in New York and is integrated with the League's existing replay system. It will serve as an efficient alternative to the process of having a three-person chain crew walk chains onto the field and manually measure whether 10 yards have been met after the official has spotted the ball. However, the chain crew will remain on the field in a secondary capacity. The NFL's executive VP of football operations says their move brings "world-class on field officiating with state-of-the-art technology to advance football excellence." (The NFL's announcement notes the whole process takes about 30 seconds, "saving up to 40 seconds from a measurement with the chains.") The move comes a full seven years after Apple introduced its iPhone Measure app...

Read more of this story at Slashdot.

It's "a milestone for Meta AI and for open source," Mark Zuckerberg said this weekend. "For the first time, the best small, mid-size, and potentially soon frontier [large-language] models will be open source." Zuckerberg anounced four new Llama LLMs in a video posted on Instagram and Facebook — two dropping this weekend, with another two on the way. "Our goal is to build the world's leading AI, open source it, and make it universally accessible so that everyone in the world benefits." Zuckerberg's announcement: I've said for a while that I think open source AI is going to become the leading models. And with Llama 4 this is starting to happen. - The first model is Llama 4 Scout. It is extremely fast, natively multi-modal. It has an industry-leading "nearly infinite" 10M-token context length, and is designed to run on a single GPU. [Meta's blog post says it fits on an NVIDIA H100]. It is 17 billion parameters by 16 experts, and it is by far the highest performing small model in its class. - The second model is Llama 4 Maverick — the workhorse. It beats GPT-4o and Gemini Flash 2 on all benchmarks. It is smaller and more efficient than DeepSeek v3, but it is still comparable on text, plus it is natively multi-modal. This one is 17B parameters x 128 experts, and it is designed to run on a single host for easy inference. This thing is a beast. Zuck promised more news next month on "Llama 4 Reasoning" — but the fourth model will be called Llama 4 Behemoth. "This thing is massive. More than 2 trillion parameters." (A blog post from Meta AI says it also has a 288 billion active parameter model, outperforms GPT-4.5, Claude Sonnet 3.7, and Gemini 2.0 Pro on STEM benchmarks, and will "serve as a teacher for our new models.") "I'm not aware of anyone training a larger model out there," Zuckberg says in his video, calling Behemoth "already the highest performing base model in the world, and it is not even done training yet." "If you want to try Llama 4, you can use Meta AI in WhatsApp, Messenger, or Instagram Direct," Zuckberg said in his video, "or you can go to our web site at meta.ai." The Scout and Maverick models can be downloaded from llama.com and Hugging Face. "We continue to believe that openness drives innovation," Meta AI says in their blog post, "and is good for developers, good for Meta, and good for the world." Their blog post declares it's "The beginning of a new era of natively multimodal AI innovation," calling Scout and Maverick "the best choices for adding next-generation intelligence." This is just the beginning for the Llama 4 collection. We believe that the most intelligent systems need to be capable of taking generalized actions, conversing naturally with humans, and working through challenging problems they haven't seen before. Giving Llama superpowers in these areas will lead to better products for people on our platforms and more opportunities for developers to innovate on the next big consumer and business use cases. We're continuing to research and prototype both models and products, and we'll share more about our vision at LlamaCon on April 29... We also can't wait to see the incredible new experiences the community builds with our new Llama 4 models. "The impressive part about Llama 4 Maverick is that with just 17B active parameters, it has scored an ELO score of 1,417 on the LMArena leaderboard," notes the tech news site Beebom. "This puts the Maverick model in the second spot, just below Gemini 2.5 Pro, and above Grok 3, GPT-4o, GPT-4.5, and more. "It also achieves comparable results when compared to the latest DeepSeek V3 model on reasoning and coding tasks, and surprisingly, with just half the active parameters."

Read more of this story at Slashdot.

It was long-time Slashdot reader uninet who argued "Apple Needs a Snow Sequoia." (That is, Apple needs an upgrade to MacOS Sequoia that's like it's earlier "Snow Leopard" upgrade to "Leopard" OS — an upgrade that's "all about how little it added and how much it took away".) "My recent column on Apple's declining software quality hit a nerve..." he writes in a follow-up. "So why do any of us put up with software that grows increasingly buggy?" "One word: hardware. And that's where I'd love to see someone help Linux take the next step." Apple knows how to turn out very good quality pieces of hardware and, for many purposes, stands alone. That's been largely true for the last couple of decades. The half-decade of Apple Silicon has cemented this position. At any price point Apple contends, Macs, iPads and iPhones are either without peers or at the top of the market in build quality and processing power... [I]f only there were hardware that was as good and worked together as well as Apple's, jumping ship to Linux would be awfully attractive at this juncture... For Apple aficionados troubled by the state of MacOS, the modern GNOME desktop on Linux beckons as a more faithful implementation of the ideals of MacOS than current MacOS does. GNOME is painstakingly consistent across its different apps and exudes the minimalist philosophy with which Apple's hardware shines... Now is a perfect moment for a modern Linux push to take that wind back. What it needs, though, is to solve its remaining weakness on the hardware side. One of the giants of electronics manufacturing, tired of being stuck between the Microsoft and Apple ecosystems, would only need to decide to commit the resources necessary to solve the hardware puzzle... ChromeOS has grown to the extent it does because there is hardware designed for it. Take that and carry it further by making it good hardware utilizing the best Linux software and you'd have something disruptive... Initially, the hardware could be "good enough" for the software, much as Apple's software today is merely "good enough" for the hardware. Iterating from there could lead to a genuine third way of computing. They titled their piece, "I Want a Better Mac, so I'm Cheering for a Better Linux." (Wondering if Dell or Sony could be the one to supply that good hardware...) "I say this not as someone who thinks Linux will ever dominate the personal computing world, but as someone who wants to see a spark of creativity and push beyond mediocrity in it again. "Apple needs a real competitor, one alternatives such as GNOME on Linux could actually be, if only the hardware rose to the occasion."

Read more of this story at Slashdot.

Tinder "is experimenting with a chatbot that claims to help users improve their flirting skills," notes Washington Post internet-culture reporter Tatum Hunter. The chatbot is available only to users in the United States on iPhones for a limited time, and powered by OpenAI's GPT-4o each character "kicks off an improvised conversation, and the user responds out loud with something flirty..." "Three of them dumped me." You can win points for banter the app deems "charming" or "playful." You lose points if your back-and-forth seems "cheeky" or "quirky"... It asked me to talk out loud into my phone and win the romantic interest of various AI characters. The first scenario involved a financial analyst named Charles, whom I've supposedly run into at the Tokyo airport after accidentally swapping our luggage. I tried my best to be polite to the finance guy who stole my suitcase, asking questions about his travel and agreeing to go to coffee. But the game had some critical feedback: I should try to connect more emotionally using humor or stories from my life. My next go had me at a Dallas wedding trying to flirt with Andrew, a data analyst who had supposedly stumbled into the venue, underdressed, because he'd been looking for a quiet spot to ... analyze data. This time I kept things playful, poking fun at Andrew for crashing a wedding. Andrew didn't like that. I'd "opted to disengage" by teasing this person instead of helping him blend in at the wedding, the app said. A failure on my part, apparently — and also a reminder why generative AI doesn't belong everywhere... Going in, I was worried Tinder's AI characters would outperform the people I've met on dating apps and I'd fall down a rabbit hole of robot love. Instead, they behaved in a way typical for chatbots: Drifting toward biased norms and failing to capture the complexity of human emotions and interactions. The "Game Game" seemed to replicate the worst parts of flirting — the confusion, the unclear expectations, the uncomfortable power dynamics — without the good parts, like the spark of curiosity about another person. Tinder released the feature on April Fools' Day, likely as a bid for impressions and traffic. But its limitations overshadowed its novelty... Hillary Paine, Tinder's vice president of product, growth and revenue, said in an email that AI will play a "big role in the future of dating and Tinder's evolution." She said the game is meant to be silly and that the company "leaned into the campiness." Gen Z is a socially anxious generation, Paine said, and this age group is willing to endure a little cringe if it leads to a "real connection." The article suggests it's another example of companies "eager to incorporate this newish technology, often without considering whether it adds any value for users." But "As apps like Tinder and Bumble lose users amid 'dating app burnout,' the companies are turning to AI to win new growth." (The dating app Rizz "uses AI to autosuggest good lines to use," while Teaser "spins up a chatbot that's based on your personality, meant to talk and behave like you would during a flirty chat," and people "are forming relationships with AI companion bots by the millions.") And the companion-bot company Replika "boasts more than 30 million users..."

Read more of this story at Slashdot.

This October will see the release of a film that's nearly 43 years in the making, reports Ars Technica: It's difficult to underestimate the massive influence that Disney's 1982 cult science fiction film, TRON, had on both the film industry — thanks to combining live action with what were then groundbreaking visual effects rife with computer-generated imagery — and on nerd culture at large. Over the ensuing decades there has been one sequel, an animated TV series, a comic book miniseries, video games, and theme park attractions, all modeled on director Steve Lisberg's original fictional world. Now we're getting a third installment in the film franchise: TRON: Ares, directed by Joachim Rønning (Pirates of the Caribbean: Dead Men Tell No Tales, Maleficent: Mistress of Evil), that serves as a standalone sequel to 2010's TRON: Legacy. Disney just released the first trailer and poster art, and while the footage is short on plot, it's got the show-stopping visuals we've come to expect from all things TRON. The film's director says it "builds upon the legacy of cutting-edge design, technology and storytelling, according to an official statement from Disney. And here's how they describe the plot. "TRON: Ares follows a highly sophisticated Program, Ares, who is sent from the digital world into the real world on a dangerous mission, marking humankind's first encounter with A.I. beings." Share your thoughts in the comments. (Anyone remember playing the Tron videogame?) The first episode of 2012's animated Tron: Uprising is available on the Disney XD YouTube channel...

Read more of this story at Slashdot.

U.K. postmasters were mistakenly sent to prison due to a bug in their "Horizon" accounting software — as first reported by Computer Weekly back in 2009. Nearly 16 years later, the same site reports that now the Scottish Criminal Cases Review Commission "is attempting to contact any former subpostmasters that could have been prosecuted for unexplained losses on the Post Office's pre-Horizon Capture software. "There are former subpostmasters that, like Horizon users, could have been convicted of crimes based on data from these systems..." Since the Post Office Horizon scandal hit the mainstream in January 2024 — revealing to a wide audience the suffering experienced by subpostmasters who were blamed for errors in the Horizon accounting system — users of Post Office software that predated Horizon have come forward... to tell their stories, which echoed those of victims of the Horizon scandal. The Criminal Cases Review Commission for England and Wales is now reviewing 21 cases of potential wrongful conviction... where the Capture IT system could be a factor... The SCCRC is now calling on people that might have been convicted based on Capture accounts to come forward. "The commission encourages anyone who believes that their criminal conviction, or that of a relative, might have been affected by the Capture system to make contact with it," it said. The statutory body is also investigating a third Post Office system, known as Ecco+, which was also error-prone... A total of 64 former subpostmasters in Scotland have now had their convictions overturned through the legislation brought through Scottish Parliament. So far, 97 convicted subpostmasters have come forward, and 86 have been assessed, out of which the 64 have been overturned. However, 22 have been rejected and another 11 are still to be assessed. An independent group, fronted by a former Scottish subpostmaster, is also calling on users of any of the Post Office systems to come forward to tell their stories, and for support in seeking justice and redress.

Read more of this story at Slashdot.

The Starliner spacecraft lost four thrusters while approaching the International Space Station last summer. NASA astronaut, Butch Wilmore took manual control, remembers Ars Technica, "But as Starliner's thrusters failed, Wilmore lost the ability to move the spacecraft in the direction he wanted to go..." Starliner had flown to within a stone's throw of the space station, a safe harbor, if only they could reach it. But already, the failure of so many thrusters violated the mission's flight rules. In such an instance, they were supposed to turn around and come back to Earth. Approaching the station was deemed too risky for Wilmore and Williams, aboard Starliner, as well as for the astronauts on the $100 billion space station. But what if it was not safe to come home, either? "I don't know that we can come back to Earth at that point," Wilmore said in an interview. "I don't know if we can. And matter of fact, I'm thinking we probably can't." After a half-hour exclusive interview, Ars Technica's senior space editor Eric Berger says he'd heard "a hell of a story." After Starliner lost four of its 28 reaction control system thrusters, Van Cise and this team in Houston decided the best chance for success was resetting the failed thrusters. This is, effectively, a fancy way of turning off your computer and rebooting it to try to fix the problem. But it meant Wilmore had to go hands-off from Starliner's controls. Imagine that. You're drifting away from the space station, trying to maintain your position. The station is your only real lifeline because if you lose the ability to dock, the chance of coming back in one piece is quite low. And now you're being told to take your hands off the controls... Two of the four thrusters came back online. Wilmore: "...But then we lose a fifth jet. What if we'd have lost that fifth jet while those other four were still down? I have no idea what would've happened. I attribute to the providence of the Lord getting those two jets back before that fifth one failed... Berger: Mission Control decided that it wanted to try to recover the failed thrusters again. After Wilmore took his hands off the controls, this process recovered all but one of them. At that point, the vehicle could be flown autonomously, as it was intended to be. "Wilmore added that he felt pretty confident, in the aftermath of docking to the space station, that Starliner probably would not be their ride home," according to the article. And Williams says it was the right decision. Publicly, NASA and Boeing expressed confidence in Starliner's safe return with crew. But Williams and Wilmore, who had just made that harrowing ride, felt differently.

Read more of this story at Slashdot.

Microsoft has created a real-time AI-generated rendition of Quake II gameplay (playable on the web). Friday Xbox's general manager of gaming AI posted the startling link to "an AI-generated gaming experience" at Copilot.Microsoft.com "Move, shoot, explore — and every frame is created on the fly by an AI world model, responding to player inputs in real-time. Try it here." They started with their "Muse" videogame world models, adding "a real-time playable extension" that players can interact with through keyboard/controller actions, "essentially allowing you to play inside the model," according to a Microsoft blog post. A concerted effort by the team resulted in both planning out what data to collect (what game, how should the testers play said game, what kind of behaviours might we need to train a world model, etc), and the actual collection, preparation, and cleaning of the data required for model training. Much to our initial delight we were able to play inside the world that the model was simulating. We could wander around, move the camera, jump, crouch, shoot, and even blow-up barrels similar to the original game. Additionally, since it features in our data, we can also discover some of the secrets hidden in this level of Quake II. We can also insert images into the models' context and have those modifications persist in the scene... We do not intend for this to fully replicate the actual experience of playing the original Quake II game. This is intended to be a research exploration of what we are able to build using current ML approaches. Think of this as playing the model as opposed to playing the game... The interactions with enemy characters is a big area for improvement in our current WHAMM model. Often, they will appear fuzzy in the images and combat with them (damage being dealt to both the enemy/player) can be incorrect. They warn that the model "can and will forget about objects that go out of view" for longer than 0.9 seconds. "This can also be a source of fun, whereby you can defeat or spawn enemies by looking at the floor for a second and then looking back up. Or it can let you teleport around the map by looking up at the sky and then back down. These are some examples of playing the model." This generative AI model was trained on Quake II "with just over a week of data," reports Tom's Hardware — a dramatic reduction from the seven years required for the original model launched in February. Some context from The Verge: "You could imagine a world where from gameplay data and video that a model could learn old games and really make them portable to any platform where these models could run," said Microsoft Gaming CEO Phil Spencer in February. "We've talked about game preservation as an activity for us, and these models and their ability to learn completely how a game plays without the necessity of the original engine running on the original hardware opens up a ton of opportunity." "Is porting a game like Gameday 98 more feasible through AI or a small team?" asks the blog Windows Central. "What costs less or even takes less time? These are questions we'll be asking and answering over the coming decade as AI continues to grow. We're in year two of the AI boom; I'm terrified of what we'll see in year 10." "It's clear that Microsoft is now training Muse on more games than just Bleeding Edge," notes The Verge, "and it's likely we'll see more short interactive AI game experiences in Copilot Labs soon." Microsoft is also working on turning Copilot into a coach for games, allowing the AI assistant to see what you're playing and help with tips and guides. Part of that experience will be available to Windows Insiders through Copilot Vision soon.

Read more of this story at Slashdot.

Berkeley, California is "the latest city to try to block landlords from using algorithms when deciding rents," reports the Associated Press (noting that officials in many cities claim the practice is driving up the price of housing). But then real estate software company RealPage filed a federal lawsuit against Berkeley on Wednesday: Texas-based RealPage said Berkeley's ordinance, which goes into effect this month, violates the company's free speech rights and is the result of an "intentional campaign of misinformation and often-repeated false claims" about its products. The U.S. Department of Justice sued Realpage in August under former President Joe Biden, saying its algorithm combines confidential information from each real estate management company in ways that enable landlords to align prices and avoid competition that would otherwise push down rents. That amounts to cartel-like illegal price collusion, prosecutors said. RealPage's clients include huge landlords who collectively oversee millions of units across the U.S. In the lawsuit, the Department of Justice pointed to RealPage executives' own words about how their product maximizes prices for landlords. One executive said, "There is greater good in everybody succeeding versus essentially trying to compete against one another in a way that actually keeps the entire industry down." San Francisco, Philadelphia and Minneapolis have since passed ordinances restricting landlords from using rental algorithms. The Department of Justice case remains ongoing, as do lawsuits against RealPage brought by tenants and the attorneys general of Arizona and Washington, D.C... [On a conference call, RealPage attorney Stephen Weissman told reporters] RealPage officials were never given an opportunity to present their arguments to the Berkeley City Council before the ordinance was passed and said the company is considering legal action against other cities that have passed similar policies, including San Francisco. RealPage blames high rents not on the software they make, but on a lack of housing supply...

Read more of this story at Slashdot.

Over on Reddit's "selfhosted" subreddit for alternatives to popular services, long-time Slashdot reader Zoup described a pain point: - Landlock is a Linux Security Module (LSM) that lets unprivileged processes restrict themselves. - It's been in the kernel since 5.13, but the API is awkward to use directly. - It always annoyed the hell out of me to run random binaries from the internet without any real control over what they can access. So they've rolled their own solution, according to Thursday's submission to Slashdot: I just released Landrun, a Go-based CLI tool that wraps Linux Landlock (5.13+) to sandbox any process without root, containers, or seccomp. Think firejail, but minimal and kernel-native. Supports fine-grained file access (ro/rw/exec) and TCP port restrictions (6.7+). No daemons, no YAML, just flags. Example (where --rox allows read-only access with execution to specified path): # landrun --rox /usr touch /tmp/filetouch: cannot touch '/tmp/file': Permission denied# landrun --rox /usr --rw /tmp touch /tmp/file# It's MIT-licensed, easy to audit, and now supports systemd services.

Read more of this story at Slashdot.

"The third James Bond novel was published on this day in 1955," writes long-time Slashdot reader sandbagger. Film buff Christian Petrozza shares some history: In 1979, the market was hot amid the studios to make the next big space opera. Star Wars blew up the box office in 1977 with Alien soon following and while audiences eagerly awaited the next installment of George Lucas' The Empire Strikes Back, Hollywood was buzzing with spacesuits, lasers, and ships that cruised the stars. Politically, the Cold War between the United States and Russia was still a hot topic, with the James Bond franchise fanning the flames in the media entertainment sector. Moon missions had just finished their run in the early 70s and the space race was still generationally fresh. With all this in mind, as well as the successful run of Roger Moore's fun and campy Bond, the time seemed ripe to boldly take the globe-trotting Bond where no spy has gone before. Thus, 1979's Moonraker blasted off to theatres, full of chrome space-suits, laser guns, and jetpacks, the franchise went full-boar science fiction to keep up with the Joneses of current Hollywood's hottest genre. The film was a commercial smash hit, grossing 210 million worldwide. Despite some mixed reviews from critics, audiences seemed jazzed about seeing James Bond in space. When it comes to adaptations of the novella that Ian Flemming wrote of the same name, Moonraker couldn't be farther from its source material, and may as well be renamed completely to avoid any association... Ian Flemming's original Moonraker was more of a post-war commentary on the domestic fears of modern weapons being turned on Europe by enemies who were hired for science by newer foes. With Nazi scientists being hired by both the U.S. and Russia to build weapons of mass destruction after World War II, this was less of a Sci-Fi and much more of a cautionary tale. They argue that filming a new version of Moonraker "to find a happy medium between the glamor and the grit of the James Bond franchise..."

Read more of this story at Slashdot.

This week NASA "issued a solicitation for the next two private astronaut missions to the International Space Station," reports Space News. Scheduled after May of 2026 and then mid-2027, "These will be the fifth and sixth such missions to the ISS, part of a broader low Earth orbit commercialization effort by NASA with the ultimate goal of replacing the International Space Station with one or more commercial stations." NASA's Space Station program manager calls the missions "a key part" of helping industry partners "gain the experience needed to train and manage crews, conduct research, and develop future destinations." In short, they see the missions "providing companies with hands-on opportunities to refine their capabilities and build partnerships that will shape the future of low Earth orbit." [NASA's call for proposals] offers an opportunity to have future missions commanded by someone other than a former NASA astronaut. While companies must propose a commander who meets current requirements, it can also propose an alternate commander who is a former astronaut from the Canadian Space Agency, European Space Agency or Japan Aerospace Exploration Agency with similar ISS experience requirements... ["Broadening of this requirement is not guaranteed," NASA warns.] That could allow some former astronauts already working with commercial spaceflight companies an opportunity to command private astronaut missions. Axiom Space, for example, announced in July 2024 that former ESA astronaut Tim Peake had joined its astronaut team. That came after Axiom and the U.K. Space Agency signed a memorandum of understanding in October 2023 to study the feasibility of a private astronaut mission crewed exclusively by U.K. astronauts. So far Axiom Space has been awarded all four private astronaut missions, according to the article, "flying one mission each in 2022, 2023 and 2024. Its next mission, Ax-4, is scheduled for no earlier than May." But "While Axiom has little or no competition for previous PAM awards, it will likely face stiffer competition this time. Vast, a company also planning to develop commercial space stations, has previously stated its intent to submit proposals..."

Read more of this story at Slashdot.

Slashdot reader zlives shared this report from BleepingComputer: Microsoft used its AI-powered Security Copilot to discover 20 previously unknown vulnerabilities in the GRUB2, U-Boot, and Barebox open-source bootloaders. GRUB2 (GRand Unified Bootloader) is the default boot loader for most Linux distributions, including Ubuntu, while U-Boot and Barebox are commonly used in embedded and IoT devices. Microsoft discovered eleven vulnerabilities in GRUB2, including integer and buffer overflows in filesystem parsers, command flaws, and a side-channel in cryptographic comparison. Additionally, 9 buffer overflows in parsing SquashFS, EXT4, CramFS, JFFS2, and symlinks were discovered in U-Boot and Barebox, which require physical access to exploit. The newly discovered flaws impact devices relying on UEFI Secure Boot, and if the right conditions are met, attackers can bypass security protections to execute arbitrary code on the device. While exploiting these flaws would likely need local access to devices, previous bootkit attacks like BlackLotus achieved this through malware infections. Miccrosoft titled its blog post "Analyzing open-source bootloaders: Finding vulnerabilities faster with AI." (And they do note that Micxrosoft disclosed the discovered vulnerabilities to the GRUB2, U-boot, and Barebox maintainers and "worked with the GRUB2 maintainers to contribute fixes... GRUB2 maintainers released security updates on February 18, 2025, and both the U-boot and Barebox maintainers released updates on February 19, 2025.") They add that performing their initial research, using Security Copilot "saved our team approximately a week's worth of time," Microsoft writes, "that would have otherwise been spent manually reviewing the content." Through a series of prompts, we identified and refined security issues, ultimately uncovering an exploitable integer overflow vulnerability. Copilot also assisted in finding similar patterns in other files, ensuring comprehensive coverage and validation of our findings... As AI continues to emerge as a key tool in the cybersecurity community, Microsoft emphasizes the importance of vendors and researchers maintaining their focus on information sharing. This approach ensures that AI's advantages in rapid vulnerability discovery, remediation, and accelerated security operations can effectively counter malicious actors' attempts to use AI to scale common attack tactics, techniques, and procedures (TTPs). This week Google also announced Sec-Gemini v1, "a new experimental AI model focused on advancing cybersecurity AI frontiers."

Read more of this story at Slashdot.

The advent of LLMs and machine learning-based applications "opened the door to a new wave of security threats," argues Google's security blog. (Including model and data poisoning, prompt injection, prompt leaking and prompt evasion.) So as part of the Linux Foundation's nonprofit Open Source Security Foundation, and in partnership with NVIDIA and HiddenLayer, Google's Open Source Security Team on Friday announced the first stable model-signing library (hosted at PyPI.org), with digital signatures letting users verify that the model used by their application "is exactly the model that was created by the developers," according to a post on Google's security blog. [S]ince models are an uninspectable collection of weights (sometimes also with arbitrary code), an attacker can tamper with them and achieve significant impact to those using the models. Users, developers, and practitioners need to examine an important question during their risk assessment process: "can I trust this model?" Since its launch, Google's Secure AI Framework (SAIF) has created guidance and technical solutions for creating AI applications that users can trust. A first step in achieving trust in the model is to permit users to verify its integrity and provenance, to prevent tampering across all processes from training to usage, via cryptographic signing... [T]he signature would have to be verified when the model gets uploaded to a model hub, when the model gets selected to be deployed into an application (embedded or via remote APIs) and when the model is used as an intermediary during another training run. Assuming the training infrastructure is trustworthy and not compromised, this approach guarantees that each model user can trust the model... The average developer, however, would not want to manage keys and rotate them on compromise. These challenges are addressed by using Sigstore, a collection of tools and services that make code signing secure and easy. By binding an OpenID Connect token to a workload or developer identity, Sigstore alleviates the need to manage or rotate long-lived secrets. Furthermore, signing is made transparent so signatures over malicious artifacts could be audited in a public transparency log, by anyone. This ensures that split-view attacks are not possible, so any user would get the exact same model. These features are why we recommend Sigstore's signing mechanism as the default approach for signing ML models. Today the OSS community is releasing the v1.0 stable version of our model signing library as a Python package supporting Sigstore and traditional signing methods. This model signing library is specialized to handle the sheer scale of ML models (which are usually much larger than traditional software components), and handles signing models represented as a directory tree. The package provides CLI utilities so that users can sign and verify model signatures for individual models. The package can also be used as a library which we plan to incorporate directly into model hub upload flows as well as into ML frameworks. "We can view model signing as establishing the foundation of trust in the ML ecosystem..." the post concludes (adding "We envision extending this approach to also include datasets and other ML-related artifacts.") Then, we plan to build on top of signatures, towards fully tamper-proof metadata records, that can be read by both humans and machines. This has the potential to automate a significant fraction of the work needed to perform incident response in case of a compromise in the ML world... To shape the future of building tamper-proof ML, join the Coalition for Secure AI, where we are planning to work on building the entire trust ecosystem together with the open source community. In collaboration with multiple industry partners, we are starting up a special interest group under CoSAI for defining the future of ML signing and including tamper-proof ML metadata, such as model cards and evaluation results.

Read more of this story at Slashdot.

Back in 2023 Python's infrastructure director called it "the first step in our plan to build financial support and long-term sustainability of PyPI" while giving users "one of our most requested features: organization accounts." (That is, "self-managed teams with their own exclusive branded web addresses" to make their massive Python Package Index repository "easier to use for large community projects, organizations, or companies who manage multiple sub-teams and multiple packages.") Nearly two years later, they've announced that they're "making progress" on its rollout... Over the last month, we have taken some more baby steps to onboard new Organizations, welcoming 61 new Community Organizations and our first 18 Company Organizations. We're still working to improve the review and approval process and hope to improve our processing speed over time. To date, we have 3,562 Community and 6,424 Company Organization requests to process in our backlog. They've also onboarded a PyPI Support Specialist to provide "critical bandwidth to review the backlog of requests" and "free up staff engineering time to develop features to assist in that review." (And "we were finally able to finalize our Terms of Service document for PyPI," build the tooling necessary to notify users, and initiate the Terms of Service rollout. [Since launching 20 years ago PyPi's terms of service have only been updated twice.] In other news the security developer-in-residence at the Python Software Foundation has been continuing work on a Software Bill-of-Materials (SBOM) as described in Python Enhancement Proposal #770. The feature "would designate a specific directory inside of Python package metadata (".dist-info/sboms") as a directory where build backends and other tools can store SBOM documents that describe components within the package beyond the top-level component." The goal of this project is to make bundled dependencies measurable by software analysis tools like vulnerability scanning, license compliance, and static analysis tools. Bundled dependencies are common for scientific computing and AI packages, but also generally in packages that use multiple programming languages like C, C++, Rust, and JavaScript. The PEP has been moved to Provisional Status, meaning the PEP sponsor is doing a final review before tools can begin implementing the PEP ahead of its final acceptance into changing Python packaging standards. Seth has begun implementing code that tools can use when adopting the PEP, such as a project which abstracts different Linux system package managers functionality to reverse a file path into the providing package metadata. Security developer-in-residence Seth Larson will be speaking about this project at PyCon US 2025 in Pittsburgh, PA in a talk titled "Phantom Dependencies: is your requirements.txt haunted?" Meanwhile InfoWorld reports that newly approved Python Enhancement Proposal 751 will also give Python a standard lock file format.

Read more of this story at Slashdot.

Wikipedia remembers Dave Täht as "an American network engineer, musician, lecturer, asteroid exploration advocate, and Internet activist. He was the chief executive officer of TekLibre." But on X.com Eric S. Raymond called him "one of the unsung heroes of the Internet, and a close friend of mine who I will miss very badly." Dave, known on X as @mtaht because his birth name was Michael, was a true hacker of the old school who touched the lives of everybody using X. His work on mitigating bufferbloat improved practical TCP/IP performance tremendously, especially around video streaming and other applications requiring low latency. Without him, Netflix and similar services might still be plagued by glitches and stutters. Also on X, legendary game developer John Carmack remembered that Täht "did a great service for online gamers with his long campaign against bufferbloat in routers and access points. There is a very good chance your packets flow through some code he wrote." (Carmack also says he and Täht "corresponded for years".) Long-time Slashdot reader TheBracket remembers him as "the driving force behind ">the Bufferbloat project and a contributor to FQ-CoDel, and CAKE in the Linux kernel." Dave spent years doing battle with Internet latency and bufferbloat, contributing to countless projects. In recent years, he's been working with Robert, Frank and myself at LibreQoS to provide CAKE at the ISP level, helping Starlink with their latency and bufferbloat, and assisting the OpenWrt project. Eric Raymond remembered first meeting Täht in 2001 "near the peak of my Mr. Famous Guy years. Once, sometimes twice a year he'd come visit, carrying his guitar, and crash out in my basement for a week or so hacking on stuff. A lot of the central work on bufferbloat got done while I was figuratively looking over his shoulder..." Raymond said Täht "lived for the work he did" and "bore deteriorating health stoically. While I know him he went blind in one eye and was diagnosed with multiple sclerosis." He barely let it slow him down. Despite constantly griping in later years about being burned out on programming, he kept not only doing excellent work but bringing good work out of others, assembling teams of amazing collaborators to tackle problems lesser men would have considered intractable... Dave should have been famous, and he should have been rich. If he had a cent for every dollar of value he generated in the world he probably could have bought the entire country of Nicaragua and had enough left over to finance a space program. He joked about wanting to do the latter, and I don't think he was actually joking... In the invisible college of people who made the Internet run, he was among the best of us. He said I inspired him, but I often thought he was a better and more selfless man than me. Ave atque vale, Dave. Weeks before his death Täht was still active on X.com, retweeting LWN's article about "The AI scraperbot scourge", an announcement from Texas Instruments, and even a Slashdot headline. Täht was also Slashdot reader #603,670, submitting stories about network latency, leaving comments about AI, and making announcements about the Bufferbloat project.

Read more of this story at Slashdot.

Is OpenAI's ChatGPT violating copyrights? The New York Times sued OpenAI in December 2023. But Ars Technica summarizes OpenAI's response. The New York Times (or NYT) "should have known that ChatGPT was being trained on its articles... partly because of the newspaper's own reporting..." OpenAI pointed to a single November 2020 article, where the NYT reported that OpenAI was analyzing a trillion words on the Internet. But on Friday, U.S. district judge Sidney Stein disagreed, denying OpenAI's motion to dismiss the NYT's copyright claims partly based on one NYT journalist's reporting. In his opinion, Stein confirmed that it's OpenAI's burden to prove that the NYT knew that ChatGPT would potentially violate its copyrights two years prior to its release in November 2022... And OpenAI's other argument — that it was "common knowledge" that ChatGPT was trained on NYT articles in 2020 based on other reporting — also failed for similar reasons... OpenAI may still be able to prove through discovery that the NYT knew that ChatGPT would have infringing outputs in 2020, Stein said. But at this early stage, dismissal is not appropriate, the judge concluded. The same logic follows in a related case from The Daily News, Stein ruled. Davida Brook, co-lead counsel for the NYT, suggested in a statement to Ars that the NYT counts Friday's ruling as a win. "We appreciate Judge Stein's careful consideration of these issues," Brook said. "As the opinion indicates, all of our copyright claims will continue against Microsoft and OpenAI for their widespread theft of millions of The Times's works, and we look forward to continuing to pursue them." The New York Times is also arguing that OpenAI contributes to ChatGPT users' infringement of its articles, and OpenAI lost its bid to dismiss that claim, too. The NYT argued that by training AI models on NYT works and training ChatGPT to deliver certain outputs, without the NYT's consent, OpenAI should be liable for users who manipulate ChatGPT to regurgitate content in order to skirt the NYT's paywalls... At this stage, Stein said that the NYT has "plausibly" alleged contributory infringement, showing through more than 100 pages of examples of ChatGPT outputs and media reports showing that ChatGPT could regurgitate portions of paywalled news articles that OpenAI "possessed constructive, if not actual, knowledge of end-user infringement." Perhaps more troubling to OpenAI, the judge noted that "The Times even informed defendants 'that their tools infringed its copyrighted works,' supporting the inference that defendants possessed actual knowledge of infringement by end users."

Read more of this story at Slashdot.

California has 11.3% of America's population — but bought 30% of America's new zero-emission vehicles. That's according to figures from the California Air Resources Board, which also reports 1 in 4 Californians have chosen a zero-emission car over a gas-powered one... for the last two years in a row. But what about chargers? It turns out that California now has 48% more public and "shared" private EV chargers than the number of gasoline nozzles. (California has 178,000 public and "shared" private EV chargers, versus about 120,000 gas nozzles.) And beyond that public network, there's more than 700,000 Level 2 chargers installed in single-family California homes, according to the California Energy Commission. Of the 178,000 public/"shared" private chargers, "Over 162,000 are Level 2 chargers," according to an announcement from the governor's office, while nearly 17,000 are fast chargers. (A chart shows a 41% jump in 2024 — though the EV news site Electrek notes that of the 73,537 chargers added in 2024, nearly 38,000 are newly installed, while the other 35,554 were already plugged in before 2024 but just recently identified.) California approved a $1.4 billion investment plan in December to expand zero-emission transportation infrastructure. The plan funds projects like the Fast Charge California Project, which has earmarked $55 million of funding to install DC fast chargers at businesses and publicly accessible locations.

Read more of this story at Slashdot.

The Certification Authority/Browser Forum "is a cross-industry group that works together to develop minimum requirements for TLS certificates," writes Google's Security blog. And earlier this month two proposals from Google's forward-looking roadmap "became required practices in the CA/Browser Forum Baseline Requirements," improving the security and agility of TLS connections... Multi-Perspective Issuance Corroboration Before issuing a certificate to a website, a Certification Authority (CA) must verify the requestor legitimately controls the domain whose name will be represented in the certificate. This process is referred to as "domain control validation" and there are several well-defined methods that can be used. For example, a CA can specify a random value to be placed on a website, and then perform a check to verify the value's presence has been published by the certificate requestor. Despite the existing domain control validation requirements defined by the CA/Browser Forum, peer-reviewed research authored by the Center for Information Technology Policy of Princeton University and others highlighted the risk of Border Gateway Protocol (BGP) attacks and prefix-hijacking resulting in fraudulently issued certificates. This risk was not merely theoretical, as it was demonstrated that attackers successfully exploited this vulnerability on numerous occasions, with just one of these attacks resulting in approximately $2 million dollars of direct losses. The Chrome Root Program led a work team of ecosystem participants, which culminated in a CA/Browser Forum Ballot to require adoption of MPIC via Ballot SC-067. The ballot received unanimous support from organizations who participated in voting. Beginning March 15, 2025, CAs issuing publicly-trusted certificates must now rely on MPIC as part of their certificate issuance process. Some of these CAs are relying on the Open MPIC Project to ensure their implementations are robust and consistent with ecosystem expectations... Linting Linting refers to the automated process of analyzing X.509 certificates to detect and prevent errors, inconsistencies, and non-compliance with requirements and industry standards. Linting ensures certificates are well-formatted and include the necessary data for their intended use, such as website authentication. Linting can expose the use of weak or obsolete cryptographic algorithms and other known insecure practices, improving overall security... The ballot received unanimous support from organizations who participated in voting. Beginning March 15, 2025, CAs issuing publicly-trusted certificates must now rely on linting as part of their certificate issuance process. Linting also improves interoperability, according to the blog post, and helps reduce the risk of non-compliance with standards that can result in certificates being "mis-issued". And coming up, weak domain control validation methods (currently permitted by the CA/Browser Forum TLS Baseline Requirements) will be prohibited beginning July 15, 2025. "Looking forward, we're excited to explore a reimagined Web PKI and Chrome Root Program with even stronger security assurances for the web as we navigate the transition to post-quantum cryptography."

Read more of this story at Slashdot.

"The big set of open-source graphics driver updates for Linux 6.15 have been merged," writes Phoronix, "but Linux creator Linus Torvalds isn't particularly happy with the pull request." The new "hdrtest" code is for the Intel Xe kernel driver and is around trying to help ensure the Direct Rendering Manager header files are self-contained and pass kernel-doc tests — basic maintenance checks on the included DRM header files to ensure they are all in good shape. But Torvalds accused the code of not only slowing down the full-kernel builds, but also leaving behind "random" files for dependencies "that then make the source tree nasty," reports Tom's Hardware: While Torvalds was disturbed by the code that was impacting the latest Linux kernel, beginning his post with a "Grr," he remained precise in his objections to it. "I did the pull, resolved the (trivial) conflicts, but I notice that this ended up containing the disgusting 'hdrtest' crap that (a) slows down the build because it's done for a regular allmodconfig build rather than be some simple thing that you guys can run as needed (b) also leaves random 'hdrtest' turds around in the include directories," he wrote. Torvalds went on to state that he had previously complained about this issue, and inquired why the hdr testing is being done as a regular part of the build. Moreover, he highlighted that the resulting 'turds' were breaking filename completion. Torvalds underlined this point — and his disgust — by stating, "this thing needs to *die*." In a shot of advice to fellow Linux developers, Torvalds said, "If you want to do that hdrtest thing, do it as part of your *own* checks. Don't make everybody else see that disgusting thing...." He then noted that he had decided to mark hdrtest as broken for now, to prevent its inclusion in regular builds. As of Saturday, all of the DRM-Next code had made it into Linux 6.15 Git, notes Phoronix. "But Linus Torvalds is expecting all this 'hdrtest' mess to be cleaned up."

Read more of this story at Slashdot.

"Microsoft built things. It broke things." That's how the Seattle Times kicks off a series of articles celebrating Microsoft's 50th anniversary — adding that Microsoft also gave some people "a lucrative retirement early in their lives, and their own stories to tell." What did they remember from Microsoft's earliest days? Scott Oki joined Microsoft as employee no. 121. The company was small; Gates was hands-on, and hard to please. "One of his favorite phrases was 'that's the stupidest thing I've ever heard,'" Oki says. "He didn't use that on me, so I feel pretty good about that." Another, kinder phrase that pops to Oki's mind when discussing the international division he founded at Microsoft is "bringing home the bacon." An obsession with rapid revenue growth permeated Microsoft in those early days. Oki was about three weeks into the job as marketing manager when he presented a global expansion plan to Gates. "Had I done business internationally before? No," Oki said. "Do I speak a language other than English? No." But Gates gave Oki a $1 million budget to found the international division and sell Microsoft products overseas. He established subsidiaries in the most important markets at the time: Japan, United Kingdom, Germany and France. And, because he had a few bucks left over, Australia. "Of the initial subsidiaries we started, every single one of them was profitable in its first year," he says... Oki left Microsoft on March 1, 1992, 10 years to the day after he was hired. Other memories shared by early Microsoft employees: One recent graudate remembered her parents in Spokane saying "I think that's Mary and Bill Gates' son's company. If that kid is anything like those two, that is going to be a great company,'" She got her first job at Microsoft in 1992 — and 33 years later, she's a senior director at Microsoft Philanthropies. The Times also interviewed one of Microsoft's first lawyers, who remembers that "The day the U.S. government sued Microsoft ... that was a tough day for me. It kind of turned my world upside down for about the next eight years." Microsoft senior VP Brad Chase remembers negotiating with the Rolling Stones for the rights to their song "Start Me Up" for the Windows 95 ad campaign. ("Chase is quick to dispel any rumor that Mick Jagger called up Bill Gates and got $12 million. But he won't say how much the company paid.") But Chase does tell the Times that Bill Gates "used to say all of the time, 'We're going to bet the company on Windows.' That was a huge bet because Windows, frankly, was a lousy product in its early days."

Read more of this story at Slashdot.

What happens when you ask Copilot to "write a program that can be run on an iPhone 16 to select 15 random photos from the phone, tint them to random colors, and display the photos on the phone"? That's what TouchDevelop did for the long-discontinued Windows Phone in a 2013 Microsoft Research 'SmartSynth' natural language code generation demo. ("Write scripts by tapping on the screen.") Long-time Slashdot reader theodp reports on what happens when, 14 years later, you pose the same question to Copilot: "You'll get lots of code and caveats from Copilot, but nothing that you can execute as is. (Compare that to the functioning 10 lines of code TouchDevelop program). It's a good reminder that just because GenAI can generate code, it doesn't necessarily mean it will generate the least amount of code, the most understandable or appropriate code for the requestor, or code that runs unchanged and produces the desired results. theodp also reminds us that TouchDevelop "was (like BASIC) abandoned by Microsoft..." Interestingly, a Microsoft Research video from CS Education Week 2011 shows enthusiastic Washington high school students participating in an hour-long TouchDevelop coding lesson and demonstrating the apps they created that tapped into music, photos, the Internet, and yes, even their phone's functionality. This shows how lacking iPhone and Android still are today as far as easy programmability-for-the-masses goes. (When asked, Copilot replied that Apple's Shortcuts app wasn't up to the task).

Read more of this story at Slashdot.

The U.S. and China "are racing to build a truly useful humanoid worker," the Wall Street Journal wrote Saturday, adding that "Whoever wins could gain a huge edge in countless industries." "The time has come for robots," Nvidia's chief executive said at a conference in March, adding "This could very well be the largest industry of all." China's government has said it wants the country to be a world leader in humanoid robots by 2027. "Embodied" AI is listed as a priority of a new $138 billion state venture investment fund, encouraging private-sector investors and companies to pile into the business. It looks like the beginning of a familiar tale. Chinese companies make most of the world's EVs, ships and solar panels — in each case, propelled by government subsidies and friendly regulations. "They have more companies developing humanoids and more government support than anyone else. So, right now, they may have an edge," said Jeff Burnstein [president of the Association for Advancing Automation, a trade group in Ann Arbor, Michigan].... Humanoid robots need three-dimensional data to understand physics, and much of it has to be created from scratch. That is where China has a distinct edge: The country is home to an immense number of factories where humanoid robots can absorb data about the world while performing tasks. "The reason why China is making rapid progress today is because we are combining it with actual applications and iterating and improving rapidly in real scenarios," said Cheng Yuhang, a sales director with Deep Robotics, one of China's robot startups. "This is something the U.S. can't match." UBTech, the startup that is training humanoid robots to sort and carry auto parts, has partnerships with top Chinese automakers including Geely... "A problem can be solved in a month in the lab, but it may only take days in a real environment," said a manager at UBTech... With China's manufacturing prowess, a locally built robot could eventually cost less than half as much as one built elsewhere, said Ming Hsun Lee, a Bank of America analyst. He said he based his estimates on China's electric-vehicle industry, which has grown rapidly to account for roughly 70% of global EV production. "I think humanoid robots will be another EV industry for China," he said. The UBTech robot system, called Walker S, currently costs hundreds of thousands of dollars including software, according to people close to the company. UBTech plans to deliver 500 to 1,000 of its Walker S robots to clients this year, including the Apple supplier Foxconn. It hopes to increase deliveries to more than 10,000 in 2027. Few companies outside China have started selling AI-powered humanoid robots. Industry insiders expect the competition to play out over decades, as the robots tackle more-complicated environments, such as private homes. The article notes "several" U.S. humanoid robot producers, including the startup Figure. And robots from Amazon's Agility Robotics have been tested in Amazon warehouses since 2023. "The U.S. still has advantages in semiconductors, software and some precision components," the article points out. But "Some lawmakers have urged the White House to ban Chinese humanoids from the U.S. and further restrict Chinese robot makers' access to American technology, citing national-security concerns..."

Read more of this story at Slashdot.

Slashdot reader jrnvk writes: The Verge is reporting that Microsoft will soon make it harder to run the well-publicized bypassnro command in Windows 11 setup. This command allows skipping the Microsoft account and online connection requirements on install. While the command will be removed, it can still be enabled by a regedit change — for now. "However, there's no guarantee Microsoft will allow this additional workaround for long," writes the Verge. (Though they add "There are other workarounds as well" involving the unattended.xml automation.) In its latest Windows 11 Insider Preview, the company says it will take out a well-known bypass script... Microsoft cites security as one reason it's making this change. ["This change ensures that all users exit setup with internet connectivity and a Microsoft Account."] Since the bypassnro command is disabled in the latest beta build, it will likely be pushed to production versions within weeks.

Read more of this story at Slashdot.

The giant financial news site Bloomberg "has been experimenting with using AI to help produce its journalism," reports the New York Times. But "It hasn't always gone smoothly." While Bloomberg announced on January 15 that it would add three AI-generated bullet points at the top of articles as a summary, "The news outlet has had to correct at least three dozen A.I.-generated summaries of articles published this year." (This Wednesday they published a "hallucinated" date for the start of U.S. auto tariffs, and earlier in March claimed president Trump had imposed tariffs on Canada in 2024, while other errors have included incorrect figures and incorrect attribution.) Bloomberg is not alone in trying A.I. — many news outlets are figuring out how best to embrace the new technology and use it in their reporting and editing. The newspaper chain Gannett uses similar A.I.-generated summaries on its articles, and The Washington Post has a tool called "Ask the Post" that generates answers to questions from published Post articles. And problems have popped up elsewhere. Earlier this month, The Los Angeles Times removed its A.I. tool from an opinion article after the technology described the Ku Klux Klan as something other than a racist organization. Bloomberg News said in a statement that it publishes thousands of articles each day, and "currently 99 percent of A.I. summaries meet our editorial standards...." The A.I. summaries are "meant to complement our journalism, not replace it," the statement added.... John Micklethwait, Bloomberg's editor in chief, laid out the thinking about the A.I. summaries in a January 10 essay, which was an excerpt from a lecture he had given at City St. George's, University of London. "Customers like it — they can quickly see what any story is about. Journalists are more suspicious," he wrote. "Reporters worry that people will just read the summary rather than their story." But, he acknowledged, "an A.I. summary is only as good as the story it is based on. And getting the stories is where the humans still matter." A Bloomberg spokeswoman told the Times that the feedback they'd received to the summaries had generally been positive — "and we continue to refine the experience."

Read more of this story at Slashdot.

As Rust approaches its 10th anniversary, "there is an important piece of documentation missing that many other languages provide," notes the Rust Foundation. While there's documentation and tutorials — there's no official language specification: In December 2022, an RFC was submitted to encourage the Rust Project to begin working on a specification. After much discussion, the RFC was approved in July 2023, and work began. Initially, the Rust Project specification team (t-spec) were interested in creating the document from scratch using the Rust Reference as a guiding marker. However, the team knew there was already an external Rust specification that was being used successfully for compiler qualification purposes — the FLS. Thank Berlin-based Ferrous Systems, a Rust-based consultancy who assembled that description "some years ago," according to a post on the Rust blog: They've since been faithfully maintaining and updating this document for new versions of Rust, and they've successfully used it to qualify toolchains based on Rust for use in safety-critical industries. [The Rust Foundation notes it part of the consultancy's "Ferrocene" Rust compiler/toolchain.] Seeing this success, others have also begun to rely on the FLS for their own qualification efforts when building with Rust. The Rust Foundation explains: The FLS provides a structured and detailed reference for Rust's syntax, semantics, and behavior, serving as a foundation for verification, compliance, and standardization efforts. Since Rust did not have an official language specification back then, nor a plan to write one, the FLS represented a major step toward describing Rust in a way that aligns with industry requirements, particularly in high-assurance domains. And the Rust Project is "passionate about shipping high quality tools that enable people to build reliable software at scale," adds the Rust blog. So... It's in that light that we're pleased to announce that we'll be adopting the FLS into the Rust Project as part of our ongoing specification efforts. This adoption is being made possible by the gracious donation of the FLS by Ferrous Systems. We're grateful to them for the work they've done in assembling the FLS, in making it fit for qualification purposes, in promoting its use and the use of Rust generally in safety-critical industries, and now, for working with us to take the next step and to bring the FLS into the Project. With this adoption, we look forward to better integrating the FLS with the processes of the Project and to providing ongoing and increased assurances to all those who use Rust in safety-critical industries and, in particular, to those who use the FLS as part of their qualification efforts. More from the Rust Foundation: The t-spec team wanted to avoid potential confusion from having two highly visible Rust specifications in the industry and so decided it would be worthwhile to try to integrate the FLS with the Rust Reference to create the official Rust Project specification. They approached Ferrous Systems, which agreed to contribute its FLS to the Rust Project and allow the Rust Project to take over its development and management... This generous donation will provide a clearer path to delivering an official Rust specification. It will also empower the Rust Project to oversee its ongoing evolution, providing confidence to companies and individuals already relying on the FLS, and marking a major milestone for the Rust ecosystem. "I really appreciate Ferrous taking this step to provide their specification to the Rust Project," said Joel Marcey, Director of Technology at the Rust Foundation and member of the t-spec team. "They have already done a massive amount of legwork...." This effort will provide others who require a Rust specification with an official, authoritative reference for their work with the Rust programming language... This is an exciting outcome. A heartfelt thank you to the Ferrous Systems team for their invaluable contribution! Marcey said the move allows the team "to supercharge our progress in the delivery of an official Rust specification." And the co-founder of Ferrous Systems, Felix Gilcher, also sounded excited. "We originally created the Ferrocene Language Specification to provide a structured and reliable description of Rust for the certification of the Ferrocene compiler. As an open source-first company, contributing the FLS to the Rust Project is a logical step toward fostering the development of a unified, community-driven specification that benefits all Rust users."

Read more of this story at Slashdot.

A former Facebook director of global policy recently published "the book Meta doesn't want you to read," a scathing takedown of top Meta executives titled Careless People: A Cautionary Tale of Power, Greed, and Lost Idealism. But Wednesday RestofWorld.org published additional thoughts from Meta's former head of public policy for Bangladesh (who is now an executive director at the nonprofit policy lab Tech Global Institute). Though their time at Facebook didn't overlap, they first applaud how the book "puts a face to the horrific events and dangerous decisions." But having said that, "What struck me is that what isn't included in Careless People is more telling than what is." By 2012 — one year after joining Facebook — Wynn-Williams had ample evidence of the platform's role in enabling violence and harm upon its users, and state-sanctioned digital repression, yet her memoir neither mentions these events nor the repeated warnings to her team from civil society groups in Asia before the situation escalated... In recounting events, the author glosses over her own indifference to repeated warnings from policymakers, civil society, and internal teams outside the U.S. that ultimately led to serious harm to communities. She briefly mentions how Facebook's local staff was held at gunpoint to give access to data or remove content in various countries — something that had been happening since as early as 2012. Yet, she failed to grasp the gravity of these risks until the possibility of her facing jail time arises in South Korea — or even more starkly in March 2016, when Facebook's vice president for Latin America, Diego Dzodan, was arrested in Brazil. Her delayed reckoning underscores how Facebook's leadership remains largely detached from real-world consequences of their decisions until they become impossible to ignore. Perhaps because everyone wants to be a hero of their own story, Wynn-Williams frames her opposition to leadership decisions as isolated; in reality, powerful resistance had long existed within what Wynn-Williams describes as Facebook's "lower-level employees." Yet "Despite telling an incomplete story, Careless People is a book that took enormous courage to write," the article concludes, calling it an important story to tell. "It goes to show that we need many stories — especially from those who still can't be heard — if we are to meaningfully piece together the complex puzzle of one of the world's most powerful technology companies."

Read more of this story at Slashdot.

The New York Times notes that white-collar workers have faced higher unemployment than other groups in the U.S. over the past few years — along with slower wager growth. Some economists wonder if this trend might be irreversible... and partly attributable to AI: After sitting below 4% for more than two years, the overall unemployment rate has topped that threshold since May... "We're seeing a meaningful transition in the way work is done in the white-collar world," said Carl Tannenbaum, the chief economist of Northern Trust. "I tell people a wave is coming...." Thousands of video game workers lost jobs last year and the year before... Unemployment in finance and related industries, while still low, increased by about a quarter from 2022 to 2024, as rising interest rates slowed demand for mortgages and companies sought to become leaner.... Overall, the latest data from the Federal Reserve Bank of New York show that the unemployment rate for college grads has risen 30% since bottoming out in September 2022 (to 2.6% from 2%), versus about 18% for all workers (to 4% from 3.4%). An analysis by Julia Pollak, chief economist of ZipRecruiter, shows that unemployment has been most elevated among those with bachelor's degrees or some college but no degree, while unemployment has been steady or falling at the very top and bottom of the education ladder — for those with advanced degrees or without a high school diploma. Hiring rates have slowed more for jobs requiring a college degree than for other jobs, according to ADP Research, which studies the labor market.... And artificial intelligence could reduce that need further by increasing the automation of white-collar jobs. A recent academic paper found that software developers who used an AI coding assistant improved a key measure of productivity by more than 25% and that the productivity gains appeared to be largest among the least experienced developers. The result suggested that adopting AI could reduce the wage premium enjoyed by more experienced coders, since it would erode their productivity advantages over novices... [A]t least in the near term, many tech executives and their investors appear to see AI as a way to trim their staffing. A software engineer at a large tech company who declined to be named for fear of harming his job prospects said that his team was about half the size it was last year and that he and his co-workers were expected to do roughly the same amount of work by relying on an AI assistant. Overall, the unemployment rate in tech and related industries jumped by more than half from 2022 to 2024, to 4.4% from 2.9%. "Some economists say these trends may be short term in nature and little cause for concern on their own," the article points out (with one economist noting the unemployment rate is still low compared to historical averages). Harvard labor economist Lawrence Katz even suggested the slower wage growth could reflect the discount that these workers accepted in return for being able to work from home. Thanks to Slashdot reader databasecowgirl for sharing the article.

Read more of this story at Slashdot.

"After a long run, Google is sunsetting two of its signature Nest products," reports PC World: Google has just announced that it's discontinuing the 10-year-old Nest Protect and the 7-year-old Nest x Yale lock. Both of those products will continue to work, and — for now — they remain on sale at the Google Store, complete with discounts until supplies run out. But while Google itself is exiting the smoke alarm and smart lock business, it isn't leaving Google Home users in the lurch. Instead, it's teeing up third-party replacements for the Nest Protect and Nest X Yale lock, with both new products coming from familiar brands... Capable of being unlocked via app, entry code, or a traditional key, the Yale Smart Lock with Matter is set to arrive this summer, according to Yale. While both the existing Nest Protect and Nest x Yale lock will continue to operate and receive security patches, those who purchased the second-generation Nest Protect near its 2015 launch date should probably replace the product anyway. That's because the CO sensors in carbon monoxide detectors like the Nest Protect have a roughly 10-year life expectancy. Nest Protect and the Nest X Yale lock were two of the oldest products in Google's smart home lineup, and both were showing their age.

Read more of this story at Slashdot.

Cloud providers like the security of running things in virtual machines "at scale" — even though VMs "are not known for having fast cold starts or a small footprint..." noted Microsoft's Open Source blog last November. So Microsoft's Azure Core Upstream team built an open source Rust library called Hyperlight "to execute functions as fast as possible while isolating those functions within a VM." But that was just the beginning... Then, we showed how to run Rust functions really, really fast, followed by using C to [securely] run Javascript. In February 2025, the Cloud Native Computing Foundation (CNCF) voted to onboard Hyperlight into their Sandbox program [for early-stage projects]. [This week] we're announcing the release of Hyperlight Wasm: a Hyperlight virtual machine "micro-guest" that can run wasm component workloads written in many programming languages... Traditional virtual machines do a lot of work to be able to run programs. Not only do they have to load an entire operating system, they also boot up the virtual devices that the operating system depends on. Hyperlight is fast because it doesn't do that work; all it exposes to its VM guests is a linear slice of memory and a CPU. No virtual devices. No operating system. But this speed comes at the cost of compatibility. Chances are that your current production application expects a Linux operating system running on the x86-64 architecture (hardware), not a bare linear slice of memory... [B]uilding Hyperlight with a WebAssembly runtime — wasmtime — enables any programming language to execute in a protected Hyperlight micro-VM without any prior knowledge of Hyperlight at all. As far as program authors are concerned, they're just compiling for the wasm32-wasip2 target... Executing workloads in the Hyperlight Wasm guest isn't just possible for compiled languages like C, Go, and Rust, but also for interpreted languages like Python, JavaScript, and C#. The trick here, much like with containers, is to also include a language runtime as part of the image... Programming languages, runtimes, application platforms, and cloud providers are all starting to offer rich experiences for WebAssembly out of the box. If we do things right, you will never need to think about whether your application is running inside of a Hyperlight Micro-VM in Azure. You may never know your workload is executing in a Hyperlight Micro VM. And that's a good thing. While a traditional virtual-device-based VM takes about 125 milliseconds to load, "When the Hyperlight VMM creates a new VM, all it needs do to is create a new slice of memory and load the VM guest, which in turn loads the wasm workload. This takes about 1-2 milliseconds today, and work is happening to bring that number to be less than 1 millisecond in the future." And there's also double security due to Wasmtime's software-defined runtime sandbox within Hyperlight's larger VM...

Read more of this story at Slashdot.

"Researchers have discovered nearly 1.5 million pictures from specialist dating apps — many of which are explicit — being stored online without password protection," reports the BBC, "leaving them vulnerable to hackers and extortionists." And the images weren't limited to those from profiles, the BBC learned from the ethical hacker who discovered the issue. "They included pictures which had been sent privately in messages, and even some which had been removed by moderators..." Anyone with the link was able to view the private photos from five platforms developed by M.A.D Mobile [including two kink/BDSM sites and two LGBT apps]... These services are used by an estimated 800,000 to 900,000 people. M.A.D Mobile was first warned about the security flaw on 20th January but didn't take action until the BBC emailed on Friday. They have since fixed it but not said how it happened or why they failed to protect the sensitive images. Ethical hacker Aras Nazarovas from Cybernews first alerted the firm about the security hole after finding the location of the online storage used by the apps by analysing the code that powers the services... None of the text content of private messages was found to be stored in this way and the images are not labelled with user names or real names, which would make crafting targeted attacks at users more complex. In an email M.A.D Mobile said it was grateful to the researcher for uncovering the vulnerability in the apps to prevent a data breach from occurring. But there's no guarantee that Mr Nazarovas was the only hacker to have found the image stash. "Mr Nazarovas and his team decided to raise the alarm on Thursday while the issue was still live as they were concerned the company was not doing anything to fix it..."

Read more of this story at Slashdot.

Samsung teased its "AI Vision Inside" refrigerators at January's CES tradeshow. (Its internal sensors can now detect 37 different fresh ingredients and 50 processed foods, generating lists for your cellphone or a screen on your refrigerator's door.) But the refrigerators are part of a larger "AI Home" lineup of screen-enabled appliances with advanced AI features, and Engadget got to see them all together this weekend at Samsung's Bespoke AI conference in Seoul, Korea: The centerpiece of the Bespoke line remains Samsung's 4-door French-Door refrigerator, which is now available with two different-sized screens. There's a model with a smaller 9-inch screen that starts at $3,999 or one with a massive 32-inch panel called the Family Hub+ for $4,699. The former is ostensibly designed for people who want something a bit more discreet but still want access to Samsung's smart features, which includes widgets for your calendar, music, weather, various cooking apps and more. Meanwhile, the larger model is for families who aren't afraid of having a small TV in their face every time they open their fridge. You can even play videos from TikTok on it, if that's what you're into.... For cooking, Samsung's matte glass induction cooktops are mostly the same, but its Bespoke 30-inch single ($3,759) and double ($4,649) wall ovens have...you guessed it, more AI. In addition to a 7-inch display, there are also cameras and sensors inside the oven that can recognize up to 80 different recipes to provide optimal cooking times. But if you prefer to go off-script and create something original, Samsung says the oven will give you the option to save the recipe and temperature settings after cooking the same dish five times. And for a more fun application of its tech, the oven's cameras can record videos and create time-lapses of your baked goods for sharing on social media. When it's time to clean up, Samsung's $1,399 Bespoke Auto Open Door Dishwasher has a few tricks of its own. In this case, the washer uses AI (yet again) and sensors to more accurately detect food residue and optimize cleaning cycles... There's also an "AI Jet Ultra Cordless Stick" vacuum cleaner, which "uses AI to better detect what surface its on to more effectively hoover up dirt and debris." Interestingly, in January Samsung's refrigerators also got a mention in iFixit's "Worst of CES" video.

Read more of this story at Slashdot.

"I've been dreaming of this moment for 20 years," says Aptera co-CEO Steve Fambro. Aptera's solar-powered electric car just drove 300 miles on a single charge. "We're one step closer to a future where every journey is powered by the sun," Aptera says in their announcement. "This go around, Aptera took to the highway for the first time ever..." writes the EV blog Electrek. "At one point, Aptera's video noted that its solar EV was pulling over 545 watts of solar input, even though it was overcast." "Less time searching for chargers," Aptera says in their announcement, adding that their "production-intent" car proved "that a solar EV isn't just a concept for the future, but a real-world solution ready for the present" — while turning Route 66 into "a test bed for a vehicle built to thrive independently..." "The panoramic windshield gives you this incredible view of the landscape," Steve said [in a video accompanying the announcement], describing the drive. "It's like a big picture window into the future." The final stretch took the team back into California, where they reflected on the journey, the data, and the excited reactions from drivers who caught a glimpse of the vehicle on the road. "Almost everyone we passed had their phones out filming us," Steve laughed. "It's clear that Aptera's design stops traffic — without needing to stop for a charge." "I was struck by how normal this trip seemed, except for all the gawking from fellow travelers," writes long-time Slashdot reader AirHog. "Best of luck to Aptera to reach their funding and production goals this year for this remarkable vehicle." They drove on highways to Lake Havasu, and then to California's Imperial Valley — starting in Flagstaff, Arizona on symbolic Route 66. It was 100 years ago that Route 66 was proposed to link Chicago and Los Angeles, which Fambro credits to a visionary who believed in "something bigger than the road itself — believing in what it could unlock for the world." "And they did it. Route 66 became one of the most iconic highways in America, proving that what once seemed improbable could become inevitable. "I think about that alot with Aptera. We're building something people say can't be done. History shows us the boldest ideas, the ones that challenge that status quo are the ones that truly change the world. They take their futuristic, tear-dropped shaped "Jetsons" car to a drive-through wildlife refuge named Bearizona. They stop at a general store for some beef jerky. "We're just having a fun time seeing all the sights." "I've been dreaming of this moment for 20 years," says Aptera co-CEO Steve Fambro. "Driving in the most efficient vehicle on the road. Watching the sights go by. I got emotional just taking it all in." "This company. This idea. It's real. It's visceral. And I'm just so proud of each and every person who helped make this dream a reality. "We have the chance to make a real change in how the world moves. The road hasn't been easy. It's been painful, difficult. And it's brought me to my breaking point sometimes. But being in this moment right now? I can say it's all been worth it... "I feel we're at the forefront of something truly revolutionary. We're not fighting an uphill battle any more. We're standing at the edge of something incredible. Ready to break through. "To all of you who supported us, my commitment is this. We're not stopping. We're moving forward with more energy and more passion than ever. The road ahead is an open highway. And the future is ours to shape." To celebrate Aptera is holding a giveaway for a camping kit, a $100 gift card to their online store, and a free Aptera pre-order to a winner chosen at random from those who subscribe/watch/comment on their new video...

Read more of this story at Slashdot.