Vue lecture

Il y a de nouveaux articles disponibles, cliquez pour rafraîchir la page.

Python 'Language Summit' 2024: Security Workflows, Calendar Versioning, Transforms and Lightning Talks

Friday the Python Software Foundation published several blog posts about this year's "Python Language Summit" May 15th (before PyCon US), which featured talks and discussions by core developers, triagers, and Python implementation maintainers. There were several lightning talks. One talk came from the maintainer of the PyO3 project, offering Rust bindings for the Python C API (which requires mapping Rust concepts to Python — leaving a question as to how to map Rust's error-handling panic! macro). There was a talk on formalizing the PEP prototype process, and a talk on whether the Python team should have a more official presence in the Apple App Store (and maybe the Google Play Store). One talk suggested changing the formatting of error messages for assert statements, and one covered a "highly experimental" project to support structured data sharing between Python subinterpreters. One talk covered Python's "unsupported build" warning and how it should behave on platforms beyond Python's officially supported list. Python Foundation blog posts also covered some of the longer talks, including one on the idea of using type annotations as a mechanism for transformers. One talk covered the new interactive REPL interpreter coming to Python 3.13. And one talk focused on Python's security model after the xz-utils backdoor: Pablo Galindo Salgado, Steering Council member and the release manager for Python 3.10 and 3.11, brought this topic to the Language Summit to discuss what could be done to improve Python's security model... Pablo noted the similarities shared between CPython and xz-utils, referencing the previous Language Summit's talk on core developer burnout, the number of modules in the standard library that have one or zero maintainers, the high ratio of maintainers to source code, and the use of autotools for configuration. Autotools was used by [xz's] Jia Tan as part of the backdoor, specifically to obscure the changes to tainted release artifacts. Pablo confirmed along with many nods of agreement that indeed, CPython could be vulnerable to a contributor or core developer getting secretly malicious changes merged into the project. For multiple reasons like being able to fix bugs and single-maintainer modules, CPython doesn't require reviewers on the pull requests of core developers. This can lead to "unilateral action", meaning that a change is introduced into CPython without the review of someone besides the author. Other situations like release managers backporting fixes to other branches without review are common. Much discussion ensued about the possibility of altering workflows (including pull request reviews), identity verification, and the importance of post-incident action plans. Guido van Rossum suggested a "higher bar" for granting write access, but in the end "Overall it was clear there is more discussion and work to be done in this rapidly changing area." In another talk, Hugo van Kemenade, the newly announced Release Manager for Python 3.14 and 3.15, "started the Language Summit with a proposal to change Python's versioning scheme. The perception of Python using semantic versioning is a source of confusion for users who don't expect backwards incompatible changes when upgrading to new versions of Python. In reality almost all new feature releases of Python include backwards incompatible changes such as the removal of "dead batteries" where PEP 594 marked 19 modules for removal in Python 3.13. Calendar Versioning (CalVer) encompasses a wide array of different versioning schemes that have one property in common: using the release date as part of a release's version... Hugo offered multiple proposed versioning schemes, including: - Using the release year as minor version (3.YY.micro, "3.26.0") - Using the release year as major version (YY.0.micro, "26.0.0") - Using the release year and month as major and minor version (YY.MM.micro, "26.10.0") [...] Overall the proposal to use the current year as the minor version was well-received, Hugo mentioned that he'd be drafting up a PEP for this change.

Read more of this story at Slashdot.

Voyager 1 Returns To Normal Science Operations

wgoodman shares a report from The Register: NASA's Voyager 1 spacecraft is back in action and conducting normal science operations for the first time since the veteran probe began spouting gibberish at the end of 2023. All four of the spacecraft's remaining operational instruments are now returning usable data to Earth, according to NASA. Some additional work is needed to tidy up the effects of the issue. Engineers need to resynchronize the timekeeping software of Voyager 1's three onboard computers to ensure that commands are executed at the correct times. Maintenance will also be performed on the digital tape recorder, which records some data from the plasma instrument for a six-monthly downlink to Earth. Voyager 1's woes began in November 2023, when the spacecraft stopped transmitting usable data back to Earth. Rather than engineering and science data, NASA found itself faced with a repeating pattern of ones and zeroes, as though the spacecraft was somehow stalled. Engineers reckoned the issue lay with the Flight Data System (FDS) and in March sent a command -- dubbed a "poke" -- to get the FDS to try some other software sequences and thus circumvent whatever was causing the problem. The result was a complete memory dump from the computer, which allowed engineers to pinpoint where the corruption had occurred. It appeared that a single chip was malfunctioning, and engineers were faced with the challenge of devising a software update that would work around the defective hardware. Usable engineering data began to be returned later in April, and in May the mission team sent commands to instruct the probe to keep science data flowing. The result was that the plasma wave subsystem and magnetometer instrument began sending data immediately. According to NASA, the cosmic ray subsystem and low energy charged particle instrument required a little more tweaking but are now operational. The rescue was made all the more impressive by the fact that it takes 22.5 hours for a command to reach Voyager 1 and another 22.5 hours for a response to be received on Earth.

Read more of this story at Slashdot.

Blue Origin Joins SpaceX, ULA In Winning Bids For $5.6 Billion Pentagon Rocket Program

The Pentagon announced the first winners of its $5.6 billion National Security Space Launch program, with Jeff Bezos' Blue Origin securing a spot for the first time alongside Elon Musk's SpaceX and United Launch Alliance (ULA). These companies will compete for contracts through mid-2029 under the program's Phase 3, which is expected to include 90 rocket launch orders. CNBC reports: Under the program, known as NSSL Phase 3 Lane 1, the trio of companies will be eligible to compete for contracts through mid-2029. ULA and SpaceX have already been competing for contracts under the previous Phase 2 edition of NSSL: In total, over five years of Phase 2 launch orders, the military assigned ULA with 26 missions worth $3.1 billion, while SpaceX got 22 missions worth $2.5 billion. Blue Origin, as well as Northrop Grumman, missed out on Phase 2 when the Pentagon selected ULA and SpaceX for the program in August 2020. But with Phase 3, the U.S. military is raising the stakes -- and widening the field -- on a high-profile competition for Space Force mission contracts. Phase 3 is expected to see 90 rocket launch orders in total, with a split approach of categories Lane 1 and Lane 2 to allow even more companies to bid.

Read more of this story at Slashdot.

Google Loses Bid To End US Antitrust Case Over Digital Advertising

An anonymous reader quotes a report from Reuters: Alphabet's Google must face trial on U.S. antitrust enforcers' claim that the internet search juggernaut illegally dominates the online advertising technology market, a federal judge ruled on Friday. U.S. District Judge Leonie Brinkema in Alexandria, Virginia, denied Google's motion during a hearing, according to court records. Google had argued for a win without a trial, saying that antitrust laws do not block companies from refusing to deal with rivals and that regulators had not accurately defined the ad tech market. Court papers did not specify what reasons the judge provided at the hearing. Motions like the one Google filed are only granted where a judge determines there is no factual dispute to send to trial. Last year, the U.S. Justice department and eight states sued Google, calling for the break up of the search giant's ad-technology business over alleged illegal monopolization of the digital advertising market.

Read more of this story at Slashdot.

GPT-4 Has Passed the Turing Test, Researchers Claim

Drew Turney reports via Live Science: The "Turing test," first proposed as "the imitation game" by computer scientist Alan Turing in 1950, judges whether a machine's ability to show intelligence is indistinguishable from a human. For a machine to pass the Turing test, it must be able to talk to somebody and fool them into thinking it is human. Scientists decided to replicate this test by asking 500 people to speak with four respondents, including a human and the 1960s-era AI program ELIZA as well as both GPT-3.5 and GPT-4, the AI that powers ChatGPT. The conversations lasted five minutes -- after which participants had to say whether they believed they were talking to a human or an AI. In the study, published May 9 to the pre-print arXiv server, the scientists found that participants judged GPT-4 to be human 54% of the time. ELIZA, a system pre-programmed with responses but with no large language model (LLM) or neural network architecture, was judged to be human just 22% of the time. GPT-3.5 scored 50% while the human participant scored 67%. "Machines can confabulate, mashing together plausible ex-post-facto justifications for things, as humans do," Nell Watson, an AI researcher at the Institute of Electrical and Electronics Engineers (IEEE), told Live Science. "They can be subject to cognitive biases, bamboozled and manipulated, and are becoming increasingly deceptive. All these elements mean human-like foibles and quirks are being expressed in AI systems, which makes them more human-like than previous approaches that had little more than a list of canned responses." Further reading: 1960s Chatbot ELIZA Beat OpenAI's GPT-3.5 In a Recent Turing Test Study

Read more of this story at Slashdot.

Electricity Bills Forecasted To Climb With Summer Heat

The Energy Information Administration (EIA) expects Americans' monthly electricity bills to average $173 between June through August, compared to $168 last summer. "The slight bump in costs comes from consumers cranking up their air conditioning more to cope with a warmer season than last year," writes The Verge's Justine Calma. "Bills would have jumped higher, if not for lower residential electricity prices helping to balance out some of the increased energy use from air conditioning." From the report: Some regions are likely to be harder hit by the weather than others. Because of heat and humidity along the Gulf Coast, residents in Southern states typically use the most electricity in the summer to cool their homes. The Pacific Coast, meanwhile, faces the biggest potential percentage increase in retail electricity prices in the nation -- a 7 percent jump since last year. Wholesale electricity costs there have risen since 2022, in part because of a heat and drought-induced shortfall in hydroelectricity generation. Households along the Pacific could see their electricity bills go up an average of $11 per month this summer, according to the EIA. To be sure, the EIA says that weather is "the main source of uncertainty" in its forecasts for folks' utility bills. If this summer winds up being hotter than expected, households could wind up paying even more. Residential electricity use typically peaks in the summer for most of the US because of air conditioning. Extreme heat can even trigger power outages if demand suddenly rises too sharply. California, the Southwest, the Midwest, Texas, and New England are at "elevated risk" of electricity supply shortages during any extreme weather this summer, according to an assessment (PDF) by the North American Electric Reliability Corporation.

Read more of this story at Slashdot.

Ransomware Attackers Quickly Weaponize PHP Vulnerability With 9.8 Severity Rating

A critical vulnerability in the PHP programming language (CVE-2024-4577) has been exploited by ransomware criminals, leading to the infection of up to 1,800 servers primarily in China with the TellYouThePass ransomware. This vulnerability, which affects PHP when run in CGI mode, allows attackers to execute malicious code on web servers. Ars Technica's Dan Goodin reports: As of Thursday, Internet scans performed by security firm Censys had detected 1,000 servers infected by a ransomware strain known as TellYouThePass, down from 1,800 detected on Monday. The servers, primarily located in China, no longer display their usual content; instead, many list the site's file directory, which shows all files have been given a .locked extension, indicating they have been encrypted. An accompanying ransom note demands roughly $6,500 in exchange for the decryption key. The vulnerability, tracked as CVE-2024-4577 and carrying a severity rating of 9.8 out of 10, stems from errors in the way PHP converts Unicode characters into ASCII. A feature built into Windows known as Best Fit allows attackers to use a technique known as argument injection to convert user-supplied input into characters that pass malicious commands to the main PHP application. Exploits allow attackers to bypass CVE-2012-1823, a critical code execution vulnerability patched in PHP in 2012. CVE-2024-4577 affects PHP only when it runs in a mode known as CGI, in which a web server parses HTTP requests and passes them to a PHP script for processing. Even when PHP isn't set to CGI mode, however, the vulnerability may still be exploitable when PHP executables such as php.exe and php-cgi.exe are in directories that are accessible by the web server. This configuration is extremely rare, with the exception of the XAMPP platform, which uses it by default. An additional requirement appears to be that the Windows locale -- used to personalize the OS to the local language of the user -- must be set to either Chinese or Japanese. The critical vulnerability was published on June 6, along with a security patch. Within 24 hours, threat actors were exploiting it to install TellYouThePass, researchers from security firm Imperva reported Monday. The exploits executed code that used the mshta.exe Windows binary to run an HTML application file hosted on an attacker-controlled server. Use of the binary indicated an approach known as living off the land, in which attackers use native OS functionalities and tools in an attempt to blend in with normal, non-malicious activity. In a post published Friday, Censys researchers said that the exploitation by the TellYouThePass gang started on June 7 and mirrored past incidents that opportunistically mass scan the Internet for vulnerable systems following a high-profile vulnerability and indiscriminately targeting any accessible server. The vast majority of the infected servers have IP addresses geolocated to China, Taiwan, Hong Kong, or Japan, likely stemming from the fact that Chinese and Japanese locales are the only ones confirmed to be vulnerable, Censys researchers said in an email. Since then, the number of infected sites -- detected by observing the public-facing HTTP response serving an open directory listing showing the server's filesystem, along with the distinctive file-naming convention of the ransom note -- has fluctuated from a low of 670 on June 8 to a high of 1,800 on Monday. Censys researchers said in an email that they're not entirely sure what's causing the changing numbers.

Read more of this story at Slashdot.

The Verge's David Pierce Reports On the Excel World Championship From Vegas

In a featured article for The Verge, David Pierce explores the world of competitive Excel, highlighting its rise from a hobbyist activity to a potential esport, showcased during the Excel World Championship in Las Vegas. Top spreadsheet enthusiasts competed at the MGM Grand to solve complex Excel challenges, emphasizing the transformative power and ubiquity of spreadsheets in both business and entertainment. An anonymous reader quotes an excerpt from the report: Competitive Excel has been around for years, but only in a hobbyist way. Most of the people in this room full of actuaries, analysts, accountants, and investors play Excel the way I play Scrabble or do the crossword -- exercising your brain using tools you understand. But last year's competition became a viral hit on ESPN and YouTube, and this year, the organizers are trying to capitalize. After all, someone points out to me, poker is basically just math, and it's all over TV. Why not spreadsheets? Excel is a tool. It's a game. Now it hopes to become a sport. I've come to realize in my two days in this ballroom that understanding a spreadsheet is like a superpower. The folks in this room make their living on their ability to take some complex thing -- a company's sales, a person's lifestyle, a region's political leanings, a race car -- and pull it apart into its many component pieces. If you can reduce the world down to a bunch of rows and columns, you can control it. Manipulate it. Build it and rebuild it in a thousand new ways, with a couple of hotkeys and an undo button at the ready. A good spreadsheet shows you the universe and gives you the ability to create new ones. And the people in this room, in their dad jeans and short-sleeved button-downs, are the gods on Olympus, bending everything to their will. There is one inescapably weird thing about competitive Excel: spreadsheets are not fun. Spreadsheets are very powerful, very interesting, very important, but they are for work. Most of what happens at the FMWC is, in almost every practical way, indistinguishable from the normal work that millions of people do in spreadsheets every day. You can gussy up the format, shorten the timelines, and raise the stakes all you want -- the reality is you're still asking a bunch of people who make spreadsheets for a living to just make more spreadsheets, even if they're doing it in Vegas. You really can't overstate how important and ubiquitous spreadsheets really are, though. "Electronic spreadsheets" actually date back earlier than computers and are maybe the single most important reason computers first became mainstream. In the late 1970s, a Harvard MBA student named Dan Bricklin started to dream up a software program that could automatically do the math he was constantly doing and re-doing in class. "I imagined a magic blackboard that if you erased one number and wrote a new thing in, all of the other numbers would automatically change, like word processing with numbers," he said in a 2016 TED Talk. This sounds quaint and obvious now, but it was revolutionary then. [...] Competitive Excel has been around for years, but only in a hobbyist way. Most of the people in this room full of actuaries, analysts, accountants, and investors play Excel the way I play Scrabble or do the crossword -- exercising your brain using tools you understand. But last year's competition became a viral hit on ESPN and YouTube, and this year, the organizers are trying to capitalize. After all, someone points out to me, poker is basically just math, and it's all over TV. Why not spreadsheets? Excel is a tool. It's a game. Now it hopes to become a sport. I've come to realize in my two days in this ballroom that understanding a spreadsheet is like a superpower. The folks in this room make their living on their ability to take some complex thing -- a company's sales, a person's lifestyle, a region's political leanings, a race car -- and pull it apart into its many component pieces. If you can reduce the world down to a bunch of rows and columns, you can control it. Manipulate it. Build it and rebuild it in a thousand new ways, with a couple of hotkeys and an undo button at the ready. A good spreadsheet shows you the universe and gives you the ability to create new ones. And the people in this room, in their dad jeans and short-sleeved button-downs, are the gods on Olympus, bending everything to their will.

Read more of this story at Slashdot.

OpenAI Adds Former NSA Chief To Its Board

Paul M. Nakasone, a retired U.S. Army general and former NSA director, is now OpenAI's newest board member. Nakasone will join the Safety and Security Committee and contribute to OpenAI's cybersecurity efforts. CNBC reports: The committee is spending 90 days evaluating the company's processes and safeguards before making recommendations to the board and, eventually, updating the public, OpenAI said. Nakasone joins current board members Adam D'Angelo, Larry Summers, Bret Taylor and Sam Altman, as well as some new board members the company announced in March: Dr. Sue Desmond-Hellmann, former CEO of the Bill and Melinda Gates Foundation; Nicole Seligman, former executive vice president and global general counsel of Sony; and Fidji Simo, CEO and chair of Instacart. OpenAI on Monday announced the hiring of two top executives as well as a partnership with Apple that includes a ChatGPT-Siri integration. The company said Sarah Friar, previously CEO of Nextdoor and finance chief at Square, is joining as chief financial officer. Friar will "lead a finance team that supports our mission by providing continued investment in our core research capabilities, and ensuring that we can scale to meet the needs of our growing customer base and the complex and global environment in which we are operating," OpenAI wrote in a blog post. OpenAI also hired Kevin Weil, an ex-president at Planet Labs, as its new chief product officer. Weil was previously a senior vice president at Twitter and a vice president at Facebook and Instagram. Weil's product team will focus on "applying our research to products and services that benefit consumers, developers, and businesses," the company wrote. Edward Snowden, a former NSA contractor who leaked classified documents in 2013 that exposed the massive scope of government surveillance programs, is wary of the appointment. In a post on X, Snowden wrote: "They've gone full mask-off: Do not ever trust OpenAI or its products (ChatGPT etc). There is only one reason for appointing an NSA director to your board. This is a willful, calculated betrayal of the rights of every person on Earth. You have been warned."

Read more of this story at Slashdot.

Version 256 of systemd Boasts '42% Less Unix Philosophy'

Liam Proven reports via The Register: The latest version of the systemd init system is out, with the openly confrontational tag line: "Available soon in your nearest distro, now with 42 percent less Unix philosophy." As Lennart Poettering's announcement points out, this is the first version of systemd whose version number is a nine-bit value. Version 256, as usual, brings in a broad assortment of new features, but also turns off some older features that are now considered deprecated. For instance, it won't run under cgroups version 1 unless forced. Around since 2008, cgroups is a Linux kernel containerization mechanism originally donated by Google, as The Reg noted a decade ago. Cgroups v2 was merged in 2016 so this isn't a radical change. System V service scripts are now deprecated too, as is the SystemdOptions EFI variable. Additionally, there are some new commands and options. Some are relatively minor, such as the new systemd-vpick binary, which can automatically select the latest member of versioned directories. Before any OpenVMS admirers get excited, no, Linux does not now support versions on files or directories. Instead, this is a fresh option that uses a formalized versioning system involving: "... paths whose trailing components have the .v/ suffix, pointing to a directory. These components will then automatically look for suitable files inside the directory, do a version comparison and open the newest file found (by version)." The latest function, which The Reg FOSS desk suspects will ruffle some feathers, is a whole new command, run0, which effectively replaces the sudo command as used in Apple's macOS and in Ubuntu ever since the first release. Agent P introduced the new command in a Mastodon thread. He says that the key benefit is that run0 doesn't need setuid, a basic POSIX function, which, to quote its Linux manual page, "sets the effective user ID of the calling process." [...] Another new command is importctl, which handles importing and exporting both block-level and file-system-level disk images. And there's a new type of system service called a capsule, and "a small new service manager" called systemd-ssh-generator, which lets VMs and containers accept SSH connections so long as systemd can find the sshd binary -- even if no networking is available. The release notes are available here.

Read more of this story at Slashdot.

New York Recovers $50 Million For Defrauded Gemini Earn Crypto Investors

An anonymous reader quotes a report from Reuters: New York Attorney General Letitia James has recovered $50 million from the cryptocurrency platform Gemini Trust to repay investors defrauded in its Gemini Earn program, she said on Friday. Gemini, run by billionaire twin brothers Cameron and Tyler Winklevoss, will provide full recoveries to more than 230,000 Earn investors, including 29,000 in New York, and agreed to a ban on operating crypto lending programs in the state. The payout is in addition to James' related $2 billion settlement, opens new tab with crypto lender Genesis Global Capital, which she announced on May 20. "Gemini marketed its Earn program as a way for investors to grow their money, but actually lied and locked investors out of their accounts," James said. "Today's settlement will make defrauded investors whole." The funds will be accessible within seven days, Gemini told investors on Friday. "With this final distribution, Earn users will have received 100% of the assets owed to them," it said. [...] Investors are expected to recover more than they invested because they are being paid in digital assets such as bitcoin , whose value has more than tripled since redemptions were suspended.

Read more of this story at Slashdot.

AI Candidate Running For Parliament in the UK Says AI Can Humanize Politics

An artificial intelligence candidate is on the ballot for the United Kingdom's general election next month. From a report: "AI Steve," represented by Sussex businessman Steve Endacott, will appear on the ballot alongside non-AI candidates running to represent constituents in the Brighton Pavilion area of Brighton and Hove, a city on England's southern coast. "AI Steve is the AI co-pilot," Endacott said in an interview. "I'm the real politician going into Parliament, but I'm controlled by my co-pilot." Endacott is the chairman of Neural Voice, a company that creates personalized voice assistants for businesses in the form of an AI avatar. Neural Voice's technology is behind AI Steve, one of the seven characters the company created to showcase its technology. He said the idea is to use AI to create a politician who is always around to talk with constituents and who can take their views into consideration. People can ask AI Steve questions or share their opinions on Endacott's policies on its website, during which a large language model will give answers in voice and text based on a database of information about his party's policies. If he doesn't have a policy for a particular issue raised, the AI will conduct some internet research before engaging the voter and pushing them to suggest a policy.

Read more of this story at Slashdot.

Biotech Companies Are Trying To Make Milk Without Cows

Avian influenza outbreaks on US dairy farms have raised concerns about milk safety, leading some to consider alternatives like engineered milk proteins. Startups like Remilk and Alpine Bio are using yeast and soybeans to produce key milk proteins, aiming to replace dairy cows and reduce environmental impact. However, competing with subsidized dairy industries and their efficient use of cow byproducts remains a challenge for these biotech ventures, MIT Technology Review reports. The story adds: Everyone agrees that cow's milk will be difficult to displace. It holds a special place in the human psyche, and we owe civilization itself, in part, to domesticated animals. In fact, they've left their mark in our genes, with many of us carrying DNA mutations that make cow's milk easier to digest. But that's why it might be time for the next technological step, says Alpine's CEO Magi Richani. "We raise 60 billion animals for food every year, and that is insane. We took it too far, and we need options," she says. "We need options that are better for the environment, that overcome the use of antibiotics, and that overcome the disease risk." It's not clear yet whether the bird flu outbreak on dairy farms is a big danger to humans. But making milk without cows would definitely cut the risk that an animal virus will cause a new pandemic. As Richani says: "Soybeans don't transmit diseases to humans."

Read more of this story at Slashdot.

Mozilla Defies Kremlin, Restores Banned Firefox Add-ons in Russia

Mozilla has reinstated certain add-ons for Firefox that earlier this week had been banned in Russia by the Kremlin. From a report: The browser extensions, which are hosted on the Mozilla store, were made unavailable in the Land of Putin on or around June 8 after a request by the Russian government and its internet censorship agency, Roskomnadzor. Among those extensions were three pieces of code that were explicitly designed to circumvent state censorship -- including a VPN and Censor Tracker, a multi-purpose add-on that allowed users to see what websites shared user data, and a tool to access Tor websites. The day the ban went into effect, Roskomsvoboda -- the developer of Censor Tracker -- took to the official Mozilla forums and asked why his extension was suddenly banned in Russia with no warning.

Read more of this story at Slashdot.

How the Recycling Symbol Lost Its Meaning

The iconic recycling symbol, invented 20 years before Earth Day 1990, has become omnipresent on products, often misleading consumers about what can be recycled, according to experts cited in a story explored by Grist. The chasing arrows logo, which promises rebirth for discarded materials, is frequently plastered on items that are not recyclable, particularly plastic products. Confusion over recycling rules has led to contamination at recycling facilities, driving up costs for cities. Only around 5 percent of plastic waste in the United States gets recycled, with much of the rest ending up in landfills or incinerators. Environmental groups have called plastic recycling a "false solution." The trouble began in the 1970s when corporations, facing pressure to address litter, embraced recycling as a way to shift responsibility for waste onto individuals and local governments. The plastics industry introduced a resin code system in 1988, surrounding numbers with the chasing arrows logo, giving the impression that all plastics could be recycled. Despite industry efforts to promote recycling, experts say fulfilling the "urgent need to recycle" has proven difficult and unprofitable. The result is a lack of markets for most recycled plastics, with only 9 percent of all plastics ever produced having been recycled.

Read more of this story at Slashdot.

Meta Pauses Plans To Train AI Using European Users' Data, Bowing To Regulatory Pressure

Meta has confirmed that it will pause plans to start training its AI systems using data from its users in the European Union and U.K. From a report: The move follows pushback from the Irish Data Protection Commission (DPC), Meta's lead regulator in the EU, which is acting on behalf of several data protection authorities across the bloc. The U.K.'s Information Commissioner's Office (ICO) also requested that Meta pause its plans until it could satisfy concerns it had raised. "The DPC welcomes the decision by Meta to pause its plans to train its large language model using public content shared by adults on Facebook and Instagram across the EU/EEA," the DPC said in a statement Friday. "This decision followed intensive engagement between the DPC and Meta. The DPC, in cooperation with its fellow EU data protection authorities, will continue to engage with Meta on this issue." While Meta is already tapping user-generated content to train its AI in markets such as the U.S., Europe's stringent GDPR regulations has created obstacles for Meta -- and other companies -- looking to improve their AI systems, including large language models with user-generated training material. However, Meta last month began notifying users of an upcoming change to its privacy policy, one that it said will give it the right to use public content on Facebook and Instagram to train its AI, including content from comments, interactions with companies, status updates, photos and their associated captions. The company argued that it needed to do this to reflect "the diverse languages, geography and cultural references of the people in Europe."

Read more of this story at Slashdot.

Apple Set To Be First Big Tech Group To Face Charges Under EU Digital Law

An anonymous reader shares a report: Brussels is set to charge Apple over allegedly stifling competition on its mobile app store, the first time EU regulators have used new digital rules to target a Big Tech group. The European Commission has determined that the iPhone maker is not complying with obligations to allow app developers to "steer" users to offers outside its App Store without imposing fees on them, according to three people with close knowledge of its investigation. The charges would be the first brought against a tech company under the Digital Markets Act, landmark legislation designed to force powerful "online gatekeepers" to open up their businesses to competition in the EU. The commission, the EU's executive arm, said in March it was investigating Apple, as well as Alphabet and Meta, under powers granted by the DMA. An announcement over the charges against Apple was expected in the coming weeks, said two people with knowledge of the case.

Read more of this story at Slashdot.

Sonos Draws More Customer Anger - This Time For Its Privacy Policy

An anonymous reader shares a report: Itâ(TM)s been a rocky couple of months for Sonos -- so much so that CEO Patrick Spence now has a canned autoreply for customers emailing him to vent about the redesigned app. But as the company works to right the ship, restore trust, and get the new Sonos Ace headphones off to a strong start, it finds itself in the middle of yet another controversy. As highlighted by repair technician and consumer privacy advocate Louis Rossmann, Sonos has made a significant change to its privacy policy, at least in the United States, with the removal of one key line. The updated policy no longer contains a sentence that previously said, "Sonos does not and will not sell personal information about our customers." That pledge is still present in other countries, but it's nowhere to be found in the updated US policy, which went into effect earlier this month.

Read more of this story at Slashdot.

Visa, Mastercard $30 Billion Fee Settlement in Peril

Visa's and Mastercard's proposed $30 billion antitrust settlement to limit credit and debit card fees for merchants is in peril, after a New York judge signaled she was preparing to reject the accord. From a report: U.S. District Judge Margo Brodie in Brooklyn told lawyers for the card networks and objectors at a hearing on Thursday that she will "likely not approve the settlement," according to court records. She plans to write an opinion explaining her decision and reasoning. Both card networks said they were disappointed. Mastercard called the settlement a "fair resolution" that gave businesses more flexibility in managing card transactions, and Visa called it an "appropriate resolution" to the nearly 19-year-old case.

Read more of this story at Slashdot.

❌