A proposal to make daylight saving time permanent has advanced in the U.S. House of Representative, reports California news station KCRA: A proposal to make daylight saving time permanent has advanced in the House, reigniting an age-old American debate around the twice-annual clock changes. And this time, the proposal has the president's backing. President Donald Trump said Thursday that he will work "very hard" to sign the so-called Sunshine Protection Act into law after the House Energy and Commerce Committee overwhelmingly approved the bill by a 48-1 vote. The bill still needs to pass the full U.S. House, and then the U.S. Senate would consider taking up the measure. The bill would allow U.S states to decide whether to "exempt themselves" from Daylight Saving Time, according to the article. The bill's sponsor described the annual clock-switching as "inconvenient, unnecessary, and out of step with the needs of today's families and economy," while finally creating a permanent Daylight Saving would bring "more usable daylight hours throughout the year."

Read more of this story at Slashdot.

Long-time Slashdot reader Sun writes: AMD has announced a change to the way they are licensing Vivado, their FPGA development tool... Hidden between the lines of the announcement [of a new model starting with the 2026.1 release] is the change to the free of charge tier. AMD is adding more devices to be supported in this tier, which is supposedly the carrot. The stick, however, is the removal of certain debug features. The thing that's likely to hit the hobbist community the worst, however, is that the free tier will now not be available on Linux. AMD are saying that old licenses are still in effect, so it appears that if you hurry to install Vivado now, you'd still be able to use it moving forward. It is not clear, however, whether it'll still be possible to install Vivado 2025.2 after Vivado 2026.1 becomes available. "Almost all our surveys show... close to 70% of the customers are still using Windows," explained AMD senior product application engineer Anatoli Curran on the tool's support forum. "Vivado ML Standard Edition v2025.2 is going to be officially supported (I mean if there are any bugs found, these can be fixed) until v2026.3 release... Any release older than the current 3 released versions of Vivado then becomes unsupported (meaning no bugs will be fixed with Vivado Standard Edition v2025.2 after Vivado v2026.3). "However, users can continue using V2025.2 forever, if they wish to do so... Also, Vivado ML Standard Edition v2025.2 is license-free... Users only need to obtain and use any IP Core related licenses, or Vivado Model Composer (for SysGen)."

Read more of this story at Slashdot.

"The numbers show that layoffs in the U.S. are roughly at or below levels from before the pandemic," reports the Washington Post, "although they are higher than in 2022 when businesses snapped up workers as the economy roared back to life... "A different measure that accounts for the growing U.S. workforce shows that layoffs affected about 1.2% of employed people in March, a number that has been steady for years outside of the pandemic..." In the technology industry, where Meta and other companies are regularly announcing job cuts, the layoff picture is complex. There has been a marked increase in layoffs in recent months in what the Labor Department calls the information industry, which includes employment of software developers and other tech workers. But Matthew Martin, senior U.S. economist at the research and consulting firm Oxford Economics, noted that hiring has also increased in that category, which includes media and entertainment. The combination of hiring minus layoffs in the information industry is effectively a wash, Martin said. Layoffs at Big Tech companies like Meta and other high-profile employers don't necessarily reflect what is happening in the country, Martin said, and draw far more attention than what may be slow and steady workforce growth. "There's a lot more headlines about job cuts than there are [about] expansion plans by businesses," he said. In his view, technology companies may be pushing out some workers and replacing them with people who have different skills as they respond to the demands of AI. It's true that businesses in some industries are devoting enormous sums of money and attention to AI. It's changing how some people work and a minority of American businesses are rolling out AI tools. But it's also become a trend for bosses to blame layoffs on the productive capabilities of AI and its ability to replace workers, even when job cuts may have little to do with the technology. Sam Altman, CEO of ChatGPT-maker OpenAI, has taken note of the pattern that he and others call "AI washing," essentially a high-tech form of whitewashing... "You know something is happening all the time when they have a word for it," said Gautam Mukunda, who teaches leadership at the Yale School of Management... AI-related employment changes are tiny so far, said Nathan Goldschlag, director of research at the Economic Innovation Group, a Washington think tank. He pointed to a recently published analysis of Census Bureau surveys, which found more than 95 percent of businesses that use AI said it hasn't changed their staff sizes — and AI-related employment increases were more common than decreases.

Read more of this story at Slashdot.

Long-time Slashdot reader UnknowingFool shares this report from the BBC: Air France and Airbus have been found guilty of manslaughter over a 2009 plane crash which killed 228 people. The Paris Appeals Court found the airline and aircraft manufacturer "solely and entirely responsible" for the incident, in which flight AF447 from Rio de Janeiro to Paris crashed into the Atlantic Ocean. The passenger jet stalled during a storm and plunged into the water, killing all on board. A court had previously cleared the companies in April 2023, but they were found guilty on Thursday after an eight-week trial. Both have repeatedly denied the charges and say they will appeal... The companies have been asked to pay the maximum fine — €225,000 ($261,720; £194,500) each — but some victims' families have criticised the amount as a token penalty... In 2012, French investigators found a combination of technical failure involving ice in the plane's sensors and the pilots' inability to react to the aircraft stalling led to it plunging into the sea. The captain was on a break when the co-pilots became confused by faulty air-speed readings. They then mistakenly pointed the nose of the plane upwards when it stalled, instead of down. Investigators concluded the co-pilots did not have the training to deal with the situation. Pilot training has since been improved and the speed sensors replaced.

Read more of this story at Slashdot.

The Free Software Foundation announced this week that "its global call for free software supporters to organize LibreLocals this May resulted in free software supporters organizing forty-six LibreLocal events on six continents thus far." (And new dates and locations are being added daily.) The FSF invited free software supporters to organize in-person community meetups in their area during May 2026, or LibreLocal month, to bring people together to swap ideas, learn from each other, and celebrate free software. People were encouraged to organize events grounded in freedom to help spread the free software philosophy.... "The success of these LibreLocals speaks to how many people globally are interested in free software and ready to build community, and it demonstrates the strength of our movement" [said FSF executive director Zoë Kooyman]. "People getting together like this also proves how computer freedom and digital rights are on people's minds. When we reject freedom-restricting software and promote software that respects user rights, it helps further so many other basic rights...." The FSF has financially supported some of the events, but notes organizers are going above and beyond to create noteworthy events by any measure, and is impressed with the global network taking shape. "The energy we feel from all organizers is extremely motivating and we look forward to seeing LibreLocal events spread even wider over the next years! We want to support these initiatives even more, so we'll be looking to build a network of sponsors for future iterations as we work towards May 2027," says Heshan de Silva-Weeramuni, FSF program manager... William Goodspeed, the organizer behind the Beijing LibreLocal, reported that their meetup was double the size of last year's, and a number of very rich collaborative projects have emerged among the attendees. Discussing the value of connecting people, de Silva-Weeramuni notes: "Free software supporters know that connecting with each other leads them to learn, experiment, and create great things that protect our individual and shared rights. The extraordinary contributions that free software has made to the world were born through such collaborations between like-minded people towards a freer society. This same global spirit of collectively building a better future is one of the inspiring things that we have once again seen unfold through this year's many LibreLocals."

Read more of this story at Slashdot.

On Friday TechCrunch reported they could no longer Google the word "disregard". Google's AI Overview responded "Understood. Let me know whenever you have a new prompt or question!" below an icon for hearing the word "disregard" pronounced — then displayed several inches of blank whitespace. "The Merriam-Webster link is still in there, but you have to scroll..." Earlier this week, Google rolled out a completely new Search experience, foregrounding AI summaries and kicking the traditional "10 blue links" far down the page. But the sheer scale of Google Search means there are lots of edge cases that the company doesn't seem to have considered... Google has been catching some flack on social media for this, and it's easy to see why... For most users, that single reply is the only thing you'll see. And crucially, the AI response serves no conceivable value to a user searching the word "disregard." It's just a broken tool. Google appears to have fixed the issue — sort of. Now Googling the word "disregard" brings up a list of news stories about how Google's AI Overviews misinterpreted the word disregard in search queries.

Read more of this story at Slashdot.

Citing new research, the Associated Press reports that "modest gains in the fight to curb climate change have dialed back the most catastrophic of future heating." That's the good news. But the same research "also confirmed that there's no chance to limit warming to the international goal set in 2015." Researchers' new list of seven plausible carbon pollution scenarios for the future are pushing aside two staples of climate policy: the extremes on either end. The extremes have become less probable in the past several years because of how we power our world. Carbon dioxide, released from the burning of gas, oil and coal, is chiefly responsible for warming. Increasing use of green energies, like solar, wind and geothermal, which don't emit carbon dioxide, have lowered top end carbon pollution projections. However, because those changes haven't been fast enough, the bottom end projections have risen. The Paris climate agreement in 2015 set a goal of limiting warming to 1.5 degrees Celsius (2.7 degrees Fahrenheit) since pre-industrial times, or the mid-1800s, giving rise to the mantra "1.5 to stay alive," but now scientists say that even their best case scenario still shoots past that signature temperature mark. On the other end, those same new scenarios no longer include the coal-heavy future that would lead to 4.5 degrees Celsius (8.1 degrees Fahrenheit) of warming by 2100, a scary scenario that many scientific studies used in their future projections. The new proposed worst case scenario has an end-of-the-century warming of about 3.5 degrees Celsius (6.3 degrees Fahrenheit), a full degree (1.8 degrees Fahrenheit) less than the old scenario, while the updated best case future is a couple tenths of a degree Celsius (0.36 degrees Fahrenheit) warmer than previously theorized, squeezing past the Paris goal, said climate scientist Detlef Van Vuuren of Utrecht University, lead author of a recent study laying out future scenarios. "There is kind of a narrowing of the futures. It cannot be as bad as we thought, but it cannot be as good as we hoped," said Johan Rockström, director of the Potsdam Institute for Climate Impact Research in Germany. The scenarios include a "middle" one where by the end of the century the world warms 3 degrees Celsius (5.4 degrees Fahrenheit) above pre-industrial times, which is roughly the path society is currently on, scientists said... Because carbon pollution keeps rising globally and stays in the atmosphere for about century, the best case scenario is for warming to shoot past the 1.5 degree mark, peak at 1.7 degrees Celsius (3.1 degrees Fahrenheit) for maybe as long as 70 years, and eventually somehow come back down below 1.5 degrees if a technology can be designed to remove massive amounts of carbon from the air, said nine of the 10 scientists interviewed for this article. The world is warming at a pace of a tenth of a degree Celsius (nearly 0.2 degrees Fahrenheit) every five years, they said.

Read more of this story at Slashdot.

Qualys's Threat Research Unit (TRU) has discovered and published a logic flaw in Linux kernel "that permits an unprivileged local user to disclose sensitive files and execute arbitrary commands as root on default installations of several major distributions." Friday their blog pointed out "The bug has resided in mainline Linux since November 2016 (v4.10-rc1)." "Upstream patches and distribution updates are already available." Working exploits are circulating publicly, and administrators should apply vendor kernel updates without delay. During ongoing research into Linux kernel privilege boundaries, TRU identified a narrow window in which a privileged process that is dropping its credentials remains reachable through ptrace-family operations even though its dumpable flag should have closed that path. By pairing this window with the pidfd_getfd() syscall (added in v5.6-rc1, January 2020), an attacker can capture open file descriptors and authenticated inter-process channels from a dying privileged process and re-use them under their own uid. The primitive is reliable and turns any local shell into a path to root or to sensitive credential material [including host private keys under /etc/ssh ] CVE-2026-46333 is local-only, but the impact is severe... Any unprivileged shell on a vulnerable host is enough to read /etc/shadow, exfiltrate SSH host private keys, or execute arbitrary commands as root through hijacked dbus connections to systemd. In practice, the distinction between an unprivileged foothold and full host compromise collapses: a phished developer account, a constrained CI runner, a low-privilege service account, or a shared multi-tenant host all become direct paths to root. With the vulnerable code shipping in mainline kernels since v4.10-rc1 (November 2016), the historical exposure spans nine years of enterprise fleets, cloud images, and container hosts. Qualys followed responsible disclosure throughout. Qualys reported the vulnerability privately to the upstream Linux kernel security contact on 2026-05-11. Over the following three days the kernel security team developed and reviewed the fix, CVE-2026-46333 was assigned, and the patch was committed publicly on 2026-05-14. We then engaged the linux-distros mailing list, the standard pre-disclosure channel for downstream coordination. A short time later, an independent exploit derived from the public kernel commit appeared.... Qualys is releasing the complete advisory today because the underlying technique is novel, the public picture is now incomplete and uneven, and independent researchers have already achieved local root and published exploit material. Doing so gives defenders, detection engineers, and downstream maintainers a single authoritative reference for the flaw, the race against do_exit(), the role of pidfd_getfd(), and the four exploitation case studies.

Read more of this story at Slashdot.

The Washington Post looks at arguments that "AI's coming upheaval may demand massive infusions of cash to everyday Americans". But they also look at some of the alternatives: Anthropic CEO Dario Amodei has called for similar public-relief measures, including, potentially, universal basic income, or UBI. Eventually "our current economic setup will no longer make sense," he wrote in a blog post, adding that "there will be a need for a broader societal conversation about how the economy should be organized." Though OpenAI CEO Sam Altman once championed universal basic income, he has since embraced a new structure where the public has "collective ownership" of aspects of AI, according to Business Insider. "I think any version of the future that I can get really excited about means that everybody's got to participate in the upside," he said in a recent podcast interview. In April, OpenAI laid out a set of policy proposals aiming to address the coming upheaval, referencing the transition to the industrial age and the New Deal as points of comparison for what's on the horizon... But some experts question whether tech billionaires, who spent decades resisting regulation, unions and higher taxes, would support the kind of massive redistribution such programs would require. "The only way to pay for UBI is to massively tax those enormously rich people who own the UBI machines," said Jesse Rothstein, a professor of public policy and economics at the University of California at Berkeley who served as chief economist at the U.S. Department of Labor. "It's a nice surprise to hear Elon Musk advocating for that...." Rothstein co-authored a study in 2019 that estimated granting a small income to the entire country would cost a massive amount — nearly double the total spending of Social Security, Medicare and Medicaid. To issue payments of $12,000 a year to U.S. adults, for example, "would require nearly doubling federal tax revenues," according to the paper... Economists appear to broadly support other solutions beyond redistribution, such as job retraining. A working paper published this spring by the Federal Reserve Bank of Chicago showed economists support more narrowly tailored solutions to the economic disruption. In late April, Meta appeared to embrace that path, announcing "a multi-year initiative that provides free, rapid training to turn thousands of Americans with no prior experience into high-paid fiber technicians" for projects including data centers. Key quotes from the article: Elon Musk said in an X post that "Universal HIGH INCOME via checks issued by the Federal government is the best way to deal with unemployment caused by AI." "I think it's a marketing tactic" responded Scott Santens, a universal basic income advocate and is CEO of the nonprofit Income to Support All Foundation. He argued to the Washington Post that Musk's comment is "trying to thread this needle of, 'I want to solve this stuff that will potentially put a lot of people out of work.' And how do you avoid people getting really [angry] at that? Okay, well, you're still going to get money, everything will be great it's just you won't have to work anymore...." The article also cites a recent commentary from Jay W. Richards, a senior research fellow and VP of social and domestic policy at the Heritage Foundation. "The new AI prophets of doom suffer from a failure of imagination. They simply cannot envision what work the future will bring, so they conclude it will bring none,"

Read more of this story at Slashdot.

John Lennon's last interview — just hours before he was shot on December 8, 1980 — has become a documentary directed by Steven Soderbergh, debuting Saturday at the Cannes Film Festival. In a new interview with the Associated Press, Soderbergh defends the film's limited use of AI to visualize concepts from that two-hour interview with John Lennon and Yoko Ono: Soderbergh was resolved to let the audio play. He could finds ways to visualize much of the film, but that still left a large gap where the conversation grows more philosophical. "I worked on everything that could be solved except that for as long as I could," Soderbergh says. "Then there was the inevitable moment of: OK, but really what are we going to do? We just started playing and ran out of time and money. That's where the Meta piece came in." Soderbergh accepted an offer to use Meta's artificial intelligence software to conjure surreal imagery for those sections, which make up about 10% of the film. When Soderbergh let the news out earlier this year, it prompted an uproar. One of America's leading filmmakers was using AI? In a film about a Beatle, no less? The AI parts (overwhelmingly slammed by critics in Cannes) are fairly banal and don't differ greatly from special effects — there are no deepfakes of Lennon. But they put Soderberg at the forefront of an industrywide debate about the uses of AI in moviemaking. It's a conversation the director, who has made movies on iPhones, is eager to have. While the film follows John and Yoko's conversation, "I needed a way to follow them in flight visually," Soderbergh says, "or I'm not doing my job." Though when asked about the strong negative reaction, Soderbergh acknowleges that "I knew what was coming. I take it very seriously, and I understand why people have an emotional response to this subject. As I've said before, I feel like I owe people the best version of whatever art I'm trying to make and total transparency about how I'm doing it." AP: Some fear generative AI will tear apart the film industry. You don't see it as a bogeyman, though. SODERBERGH: I think most jobs that matter when you're making a movie cannot be performed by this tech and never will be performed by this tech. As it becomes possible for anybody to create something that meets a certain standard of technical perfection, then imperfection becomes more valuable and more interesting. We haven't seen yet someone with a certain amount of creative credibility go full-metal AI on something, and see how people react. I think it's necessary. How do you know where the line is until somebody crosses it? "I don't think what I'm doing crosses it. Some people may disagree. I don't know where my line is yet. I'm waiting to see...

Read more of this story at Slashdot.

Iran's government "wants to charge the world's largest tech companies for using the subsea internet cables laid under the Strait of Hormuz," reports CNN. Their article also notes that Iran's state-linked media outlets "have vaguely threatened that traffic could be disrupted if firms don't pay." Lawmakers in Tehran discussed a plan last week which could target submarine cables linking Arab countries to Europe and Asia. "We will impose fees on internet cables," Iranian military spokesperson Ebrahim Zolfaghari declared on X last week. Iran's Revolutionary Guards-linked media said Tehran's plan to extract revenue from the strait would require companies like Google, Microsoft, Meta, and Amazon to comply with Iranian law while submarine cable companies would be required to pay licensing fees for cable passage, with repair and maintenance rights given exclusively to Iranian firms. Some of these companies have invested in the cables running through the Strait of Hormuz and the Persian Gulf, but it's unclear if those cables traverse Iranian waters. It's also unclear how the regime could force tech giants to comply, as they are barred from making payments to Iran due to strict US sanctions; as a result, the companies themselves may view Iran's statements as posturing rather than serious policy. Still, state-affiliated media outlets have issued veiled threats warning of damage to cables that could impact some of the trillions of dollars in global data transmission and affect worldwide internet connectivity... Iran's threats are part of a strategy to demonstrate its leverage over the Strait of Hormuz and ensure the survival of the regime, a core objective for the Islamic Republic in this war, said Dina Esfandiary, Middle East lead at Bloomberg Economics. "It aims to impose such a hefty cost on the global economy that no-one will dare attack Iran again," she said. The article notes that subsea cables "carry vast internet and financial traffic between Europe, Asia and the Persian Gulf," and that targetting them "would affect far more than internet speeds, threatening everything from banking systems, military communications and AI cloud infrastructure to remote work, online gaming and streaming services." CNN spoke to Mostafa Ahmed, "a senior researcher at the United Arab Emirates-based Habtoor Research Center, who published a paper on the effects of a large-scale attack on submarine communications infrastructure in the Gulf." Armed with combat divers, small submarines, and underwater drones, the Islamic Revolutionary Guard Corps (IRGC) poses a risk to underwater cables, Ahmed said, adding that any attack could trigger a cascading "digital catastrophe" across several continents. Iran's neighbors across the Persian Gulf could face severe disruptions to internet connection, potentially impacting critical oil and gas exports as well as banking. Beyond the region, India could see a large proportion of its internet traffic affected, threatening its huge outsourcing industry with losses amounting to billions, according to Ahmed... Any disruption could also slow financial trading and cross-border transactions between Europe and Asia, while parts of East Africa could face internet blackouts. And if Iran's proxies decide to employ similar tactics in the Red Sea, the damage could be far worse.

Read more of this story at Slashdot.

Today Linus Torvalds announced another Linux release candidate on the kernel mailing list. But he also highlighted "documentation updates" to address a new problem. "The continued flood of AI reports has basically made the security list almost entirely unmanageable, with enormous duplication due to different people finding the same things with the same tools." (The new documentation says the security team has found "bugs discovered this way systematically surface simultaneously across multiple researchers, often on the same day.") TORVALDS: People spend all their time just forwarding things to the right people or saying "that was already fixed a week/month ago" and pointing to the public discussion. Which is all entirely pointless churn, and we're making it clear that AI-detected bugs are pretty much by definition not secret, and treating them on some private list is a waste of time for everybody involved — and only makes that duplication worse because the reporters can't even see each other's reports. AI tools are great, but only if they actually help, rather than cause unnecessary pain and pointless make-believe work. Feel free to use them, but use them in a way that is productive and makes for a better experience. The documentation may be a bit less blunt than I am, but that's the core gist of it. The new documentation offers this overview. "It turns out that the majority of the bugs reported via the security team are just regular bugs that have been improperly qualified as security bugs due to a lack of awareness of the Linux kernel's threat model." "So just to make it really clear," Torvalds said at the end of his post. "If you found a bug using AI tools, the chances are somebody else found it too. "If you actually want to add value, read the documentation, create a patch too, and add some real value on *top* of what the AI did. Don't be the drive-by 'send a random report with no real understanding' kind of person. Ok?"

Read more of this story at Slashdot.

America's Library of Congress "is preserving a little piece of Hell," jokes Engadget, "by inducting the soundtrack to the original Doom into the National Recording Registry." The album of demon-slaying tracks is joined by several other notable 2026 additions to the registry, like Weezer's self-titled debut album (colloquially known as "The Blue Album"), Taylor Swift's "1989," Beyonce's "Single Ladies (Put a Ring On It) and the original "Mambo No. 5." "Doom" was created by Bobby Prince, a freelance composer who worked on lots of id Software games, and also scored Doom's '90s rival Duke Nukem 3D. The soundtrack draws clear inspiration from metal bands, but also touches on techno and ambient music throughout its track list, making for an eclectic soundscape for tearing through enemies. That it all fits together is also impressive in its own right: All of the music for Doom was written before the game had completed levels to play through, according to Prince. The official announcement from the Library of Congress says Doom "brought a heavy metal energy to MS-DOS systems across the globe," while also pioneering first-person shooter videogames. "Key to Doom's popularity was the adrenaline-fueled soundtrack created by freelance video game music composer Bobby Prince. Prince, a lifelong musician and practicing lawyer, was fascinated by the MIDI technology that rose in prominence in the mid-1980s as a means for instrument control and composition... For "Doom," Prince took inspiration from a pile of CDs loaned by the game's chief designer, John Romero, including seminal works by Alice in Chains, Pantera and Metallica. Despite the limitations of the 1993-era sound card drivers, Prince composed the perfect riff-shredding accompaniment for the game's demon-slaying journey to hell and back. Taking advantage of his knowledge of MIDI, Prince even worked to ensure that the sound effects he created could cut through the music by assigning them to different MIDI frequencies.

Read more of this story at Slashdot.

Today former Google CEO Eric Schmidt "was booed multiple times," reports NBC News, "while discussing AI during a commencement speech at the University of Arizona." Schmidt had started by remembering how computer platforms "gave everyone a voice" but also "degraded the public square... They rewarded outrage. They amplified our worst instincts. They coarsen the way we speak to each other, and that way, and in the way that we treat each other, is in the essence of a society." But then Schmidt "drew a parallel between artificial intelligence and the transformative impact of the computer — and was immediately met with boos." "I know what many of you are feeling about that. I can hear you," Schmidt said, addressing the crowd as many continued to boo him. "There is a fear ... there is a fear in your generation that the future has already been written, that the machines are coming, that the jobs are evaporating, that the climate is breaking, that politics is fractured, and that you are inheriting a mess that you did not create, and I understand that fear." He went on to argue that the future remains unwritten and that the graduating class of 2026 has real power to shape how AI develops — a claim that drew further disapproval from parts of the audience... He closed by congratulating the class and offering them closing words. "The future is not yet finished. It is now your turn to shape it." 404 Media shared a video on YouTube of the crowd's booing — and what Schmidt said that provoked them: SCHMIDT: "If you don't care about science that's okay because AI is going to touch everything else as well. [Very loud booing] Whatever path you choose, AI will become part of how work is done..." "You can now assemble a team of AI agents to help you with the parts that you could never accomplish on your own. [Loud booing] When someone offers you a seat on the rocket ship, you do not ask which seat. You just get on... The rocket ship is here."

Read more of this story at Slashdot.

160 miles north of New York City, a man was convicted of manslaughter "with the help of license plate reader technology," reports a local news station. In the small town of Troy (population: 51,000), the mayor described the cameras as "a critical tool" in that investigation. But locals and city officials "have raised concerns about who can access the data collected locally, along with data security, privacy invasions and use by federal authorities, including U.S. Immigration and Customs Enforcement, reports WNYT: When Troy's contract came up for renewal, Mayor Carmella Mantello wanted to keep paying Flock and the council paused payments. The mayor then issued a public safety emergency declaration to keep the license plate readers active. The council has filed a lawsuit to overturn that..."If this illegal emergency order is left unchallenged, we give this mayor and any future mayor regardless of their political party or ideology, unchecked authority to issue an emergency declaration whenever they disagree with the council on any issue," [said Troy council president Sue Steele]. "The technology that's in place today is not the technology of six years ago," council president Steele told another local news station. "We have AI, we have rapidly changing and advancing technology. So that begs the need for regulations to protect certain data." The American Civil Liberties Union warns that Flock will use AI to let law enforcement search its trove of videos. But "Listen, if it was infringing on people's rights, people's liberties, we'd be the first to get rid of it. We have safeguards in place," [mayor] Mantello responded. Mantello noted that data captured by Troy's Flock cameras is only being shared with other local municipalities. Steele said the data had been shared nationally until she and other elected officials raised concerns. "As far as sharing with local law enforcement, that's necessary in the normal course of investigations. The concern is what Flock does with this data: sharing it with ICE, for instance, and other nefarious outlets," Steele said. As the debate continues over the small city's 26 Flock cameras, a columnist in Albany wrote that "it's a good thing. We should be asking questions about the growing surveillance state. We should be debating whether this is the future we want." As the American Civil Liberties Union noted, [Flock] has quietly built a broad mass-surveillance infrastructure, with cameras installed in 5,000 communities around the country, and is continually expanding how that network is used. Did we ask for that? Did we vote for it? Not really. The cameras have been installed in municipality after municipality, mostly with little discussion or controversy, which makes us like the proverbial frogs who didn't notice the water getting warmer until it was boiling. Suddenly, surveillance cameras are everywhere; we're always being watched... [T]he City Council's Democratic majority is considering legislation that, among other steps, would require that data collected by the cameras be generally deleted after 48 hours and that the city be more transparent about how the cameras are used. The controversy and pushback continues to draw local coverage. The mayor complains the proposed rules restricts the cameras "almost exclusively to cases involving individuals with outstanding felony arrest warrants or situations where officers can determine in advance that an incident will result in a felony charge... This is beyond reckless." But the Albany columnist still argues many of America's Flock cameras are unnecessary and are "being installed just because... It's worth considering where this might lead and whether the future we're installing is the future we want."

Read more of this story at Slashdot.

Forbes describes it as "definitely already out there, and under active exploitation according to the U.S. Cybersecurity and Infrastructure Security Agency, urging all organizations to prioritize timely remediation as the attack vector poses a significant risk." "We have issued CVE-2026-42897 to address a spoofing vulnerability affecting Exchange Outlook Web Access (OWA)," Microsoft told SecurityWeek. "We recommend customers enable EEMS to be better protected, and to follow our guidance available here." Microsoft this week patched 137 vulnerabilities with its Patch Tuesday updates and the cybersecurity industry was surprised to see that the latest updates did not address any zero-days. However, a zero-day was disclosed just 48 hours later, on May 14... described as a spoofing and XSS issue affecting Exchange Server Subscription Edition, 2016, and 2019. "Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network," Microsoft said in its advisory. The company noted that the vulnerability affects Exchange Outlook Web Access (OWA) and an attacker can exploit it by sending a specially crafted email to the targeted user. "If the user opens the email in Outlook Web Access and certain interaction conditions are met, arbitrary JavaScript can be executed in the browser context," Microsoft explained. CSO Online shares more details. "Admins should note there are known issues once the mitigation is applied either manually or automatically through the EM Service." - OWA Print Calendar functionality might not work. As a workaround, copy the data or screenshot the calendar you want to print, or use Outlook Desktop client. - Inline images might not display correctly in the recipient's OWA reading pane. As a workaround, send images as email attachments or use Outlook Desktop client... - Admins may get a message saying "Mitigation invalid for this Exchange version." in mitigation details. This issue is cosmetic and the mitigation does apply successfully if the status is shown as "Applied". Microsoft is investigating how to address this glitch. Forbes notes "It's been something of a rough few days for Microsoft Exchange on the security vulnerability front," since this week also saw a zero-day demonstrated at the Pwn2Own Berlin hacking event, "which has been responsibly disclosed and not released into the wild." The Berlin event got off to a flying start on May 14 as Windows 11 was hit by no less than three zero-day exploits. On day two, hacking teams were no less successful, chaining together three new vulnerabilities in Microsoft Exchange in order to achieve the holy grail of SYSTEM-level remote code execution. Such was the level of this achievement that Orange Tsai from the DEVCORE Research Team was rewarded with a $200,000 bounty payment in return for immediately handing over all the technical details to the event organizers. "This is, in fact, good news," Forbes writes, since "full details of the vulnerabilities underlying the exploits, along with the technical nature of the exploit code itself, will be handed over to Microsoft, which will then have 90 days to provide a fix before any details are made public."

Read more of this story at Slashdot.

"We may have accidentally detected dark matter back in 2019," writes ScienceAlert. "What if instead of trying to see dark matter, scientists attempted to hear it instead?" asks Space.com: New research suggests dark matter could leave a tiny but discernible imprint in the cacophony of ripples in spacetime called "gravitational waves" that ring through the cosmos when two black holes slam together and merge... Fortunately, when it comes to detecting gravitational waves from colliding black holes, humanity's instruments, such as LIGO (Laser Interferometer Gravitational-Wave Observatory), are getting more and more sensitive all the time... Vicente and colleagues searched through data gathered by LIGO and its fellow gravitational wave detectors, KAGRA (Kamioka Gravitational Wave Detector) and Virgo, focusing on 28 of the clearest signals from merging black holes. Of these, 27 appeared to have come from mergers that occurred in the relative vacuum of space. One signal, however, GW190728, first heard on July 19, 2019, and the result of merging binary black holes with a combined mass of 20 times that of the sun and located an estimated 8 billion light-years away, seemed to carry the telltale trace of this merger occurring in a region of dense, "buttery" dark matter. The team behind this research is quick to point out that this can't be considered a positive detection of dark matter, but does say it gives us a hint at what to look for and thus where to direct follow-up investigations... "We know that dark matter is around us. It just has to be dense enough for us to see its effects," said team leader Josu Aurrekoetxea, of the Massachusetts Institute of Technology (MIT) Department of Physics. "Black holes provide a mechanism to enhance this density, which we can now search for by analyzing the gravitational waves emitted when they merge." They published their results this week in the journal Physical Review Letters.

Read more of this story at Slashdot.

Test scores "are lower than they were a decade ago in school districts across the U.S.," reports Times magazine, citing new data released Wednesday by Stanford researchers. "Reading scores were down roughly 0.6 grades in 2025 compared to 2015, and math scores were down about 0.4 grades. This means that students were 60% of one school year behind where their peers were in reading a decade earlier and 40% of one school year behind in math." But Stanford's announcement notes that America's schools "were in a 'learning recession' for seven years before the COVID-19 pandemic, with student test scores in math and reading on a steady decline since 2013." This reversal ended two decades of progress, according to Sean Reardon, the Professor of Poverty and Inequality at Stanford Graduate School of Education, whose data forms the backbone of the new research... The study reframes the narrative of pandemic-era learning loss, arguing that the crisis of the last few years was an acceleration of a problem that was already underway. "The pandemic was the mudslide that followed seven years of erosion in student achievement," said Professor Tom Kane, faculty director of the Center for Education Policy Research at Harvard University, and a lead author of the report... The study found that the slowdown in learning coincided with two major shifts in American childhood and education policy: the widespread dismantling of test-based accountability systems that defined the No Child Left Behind era and the rise of social media use among young people. Reading scores, in particular, suffered consistently, with the average annual loss in the years just before the pandemic being just as large as the loss during it... Today, 8th-grade reading scores on national assessments are at their lowest point since 1990. Compounding the problem, chronic student absenteeism remains a major obstacle to improving learning. Though down from its pandemic peak, 23 percent of students were chronically absent in the 2024-25 school year, far above the pre-pandemic rate of 15 percent. More context from Time magazine: Reading scores were down roughly 0.6 grades in 2025 compared to 2015, and math scores were down about 0.4 grades. This means that students were 60% of one school year behind where their peers were in reading a decade earlier and 40% of one school year behind in math... "The decline started around the time that social media's use among teens was exploding, and this was also occurring in a number of other countries," says Thomas Kane, one of the authors of the Educational Scorecard report and a professor at Harvard University... [H]e maintains that it is at the core of the decline in reading achievement. He points out that social media use was shown to be heaviest among the lowest achieving students. "Some states and school districts are making progress," notes the Associated Press, "largely by shifting toward phonics-based instruction and providing extra support for struggling readers." And "The picture is also brighter in math. Almost every state in the analysis saw improvements in math test scores from 2022 to 2025."

Read more of this story at Slashdot.

An anonymous reader shared this report from Electrek: When Fisker Inc. filed for Chapter 11 bankruptcy in June 2024, it left roughly 11,000 Ocean SUV owners holding the keys to vehicles that cost them anywhere from $40,000 to $70,000 — and that were rapidly losing the software brains that made them work. No more over-the-air updates. No more connected services. No more warranty. The manufacturer was dead. What happened next is one of the most remarkable stories in the history of the electric vehicle industry. Instead of accepting that their cars would become rolling paperweights, Fisker Ocean owners organized, reverse-engineered their vehicles' proprietary software, hacked into CAN bus networks, built open-source tools on GitHub, and effectively stood up a volunteer-run open-sourced car company from the ashes of Fisker... Within months of the bankruptcy filing, thousands of Ocean owners formed the Fisker Owners Association (FOA) — a nonprofit that quickly grew to 4,000 members and began operating as something between a car club, a tech startup, and an independent automaker. The FOA hired independent tech experts who began reverse-engineering Fisker's proprietary software patches. Members taught each other how to flash firmware. They organized bulk purchases of replacement parts — negotiating the price of key fobs down from roughly $1,000 each to a fraction of that through coordinated group buys. They hosted free global key fob pairing events, saving each owner $100 to $250... What started as desperate troubleshooting has evolved into a genuine open-source ecosystem around the Fisker Ocean. On GitHub, a developer named MichaelOE reverse-engineered the API behind Fisker's official "My Fisker" mobile app and built a Home Assistant integration that exposes every cloud API value as a sensor — with all the app's buttons available as Home Assistant controls... [Community members have also been systematically mapping CAN bus files.] The article noes this "is not an isolated incident. Nikola also filed for bankruptcy, leaving its owners in a similar bind. Canoo and Arrival are headed for liquidation auctions..." Consumer advocates are now pushing for structural changes: mandatory software escrow funds that would keep vehicle software running even if the manufacturer disappears, open-source mandates in bankruptcy proceedings, and shared repair data requirements... European automakers, meanwhile, are moving in a different direction entirely — Volkswagen, BMW, Mercedes-Benz, and eight suppliers signed a memorandum in 2025 to develop a shared open-source automotive software platform.... The Fisker Owners Association has proven that a dedicated community can keep orphaned EVs on the road. But they shouldn't have had to... [O]wners shouldn't need to become hackers and parts brokers and quasi-manufacturers just to keep driving the cars they already paid for.

Read more of this story at Slashdot.

Long-time Slashdot reader internet-redstar shares an interestging response to "the recent wave of Linux kernel privilege escalation vulnerabilities like 'Copy Fail' and 'Dirty Frag'": Belgian Linux sysadmin and Tesla Hacker "Jasper Nuyens" got tired of the idea of manually blacklisting dozens or even hundreds of obscure kernel modules across large fleets of Linux systems in the near future. So he wrote ModuleJail, a GPLv3 shell script that scans a running Linux system and automatically blacklists currently unused kernel modules, reducing kernel attack surface without requiring a reboot. The idea is simple: many modern Linux privilege escalation bugs target obscure or rarely used kernel functionality that is still enabled by default on servers that do not actually need it. ModuleJail works across major distributions including Debian, Ubuntu, RHEL, Fedora, AlmaLinux and Arch Linux, generating 1 modprobe blacklist rules file while preserving commonly-used modules. Nuyens argues that the increasing speed of AI-assisted vulnerability discovery will likely turn kernel hardening and attack surface reduction into a much bigger operational priority for sysadmins over the next few weeks and months.

Read more of this story at Slashdot.