An anonymous reader quotes a report from TechCrunch: Security researchers have uncovered two previously unknown zero-day vulnerabilities that are being actively exploited by RomCom, a Russian-linked hacking group, to target Firefox browser users and Windows device owners across Europe and North America. RomCom is a cybercrime group that is known to carry out cyberattacks and other digital intrusions for the Russian government. The group -- which was last month linked to a ransomware attack targeting Japanese tech giant Casio -- is also known for its aggressive stance against organizations allied with Ukraine, which Russia invaded in 2014. Researchers with security firm ESET say they found evidence that RomCom combined use of the two zero-day bugs -- described as such because the software makers had no time to roll out fixes before they were used to hack people -- to create a "zero click" exploit, which allows the hackers to remotely plant malware on a target's computer without any user interaction. "This level of sophistication demonstrates the threat actor's capability and intent to develop stealthy attack methods," ESET researchers Damien Schaeffer and Romain Dumont said in a blog post on Monday. [...] Schaeffer told TechCrunch that the number of potential victims from RomCom's "widespread" hacking campaign ranged from a single victim per country to as many as 250 victims, with the majority of targets based in Europe and North America. Mozilla and the Tor Project quickly patched a Firefox-based vulnerability after being alerted by ESET, with no evidence of Tor Browser exploitation. Meanwhile, Microsoft addressed a Windows vulnerability on November 12 following a report by Google's Threat Analysis Group, indicating potential use in government-backed hacking campaigns.

Read more of this story at Slashdot.

Qualcomm's interest in acquiring Intel is cooling due to the complexity of the deal, Intel's debt, and regulatory hurdles. However, according to Bloomberg, Qualcomm may still explore acquiring certain divisions of Intel to expand into markets like PCs and networking. Tom's Hardware reports: [T]he proposed acquisition faced significant obstacles, including Intel's $50 billion debt, dropping CPU market share, and its struggling semiconductor manufacturing unit, an area where Qualcomm lacks expertise. A deal of this magnitude would also likely trigger extensive regulatory scrutiny, particularly in China, a key market for both companies. Intel is undergoing significant restructuring under CEO Pat Gelsinger to reclaim its competitiveness in the semiconductor market in terms of products and process technologies. Still, for now, both Intel and Qualcomm are quite successful standalone companies. While the combination would make a formidable firm (probably facing unprecedented antitrust scrutiny), it does not make much sense for Qualcomm to make such a massive takeover. These factors have collectively made a complete takeover less appealing to Qualcomm. Meanwhile, selling off a part of the company to Qualcomm may not make sense for Intel. Qualcomm aims to generate $22 billion in annual revenue by 2029 by expanding into markets like personal computers, networking, and automotive chips. Although Cristiano Amon, Qualcomm's chief executive, has stated that his company did not need a major takeover to achieve this goal, the company initiated preliminary discussions with Intel regarding a potential acquisition in September. Yet, it does not look like the deal is going to happen.

Read more of this story at Slashdot.

The FCC said it has approved a license for T-Mobile and SpaceX's Starlink to provide supplemental coverage to cover internet dead zones. Reuters reports: The license marks the first time the FCC has authorized a satellite operator collaborating with a wireless carrier to provide supplemental telecommunications coverage from space on some flexible-use spectrum bands allocated to terrestrial service. The partnership aims to extend the reach of wireless networks to remote areas and eliminate "dead zones." T-Mobile and SpaceX announced a partnership in 2022 and in January the first set of satellites supporting the partnership was launched into low-Earth orbit with SpaceX's Falcon 9 rocket. "The FCC is actively promoting competition in the space economy by supporting more partnerships between terrestrial mobile carriers and satellite operators to deliver on a single network future that will put an end to mobile dead zones," said FCC Chair Jessica Rosenworcel.

Read more of this story at Slashdot.

An anonymous reader quotes a report from IEEE Spectrum: Virtual- and augmented-reality setups already modify the way users see and hear the world around them. Add in haptic feedback for a sense of touch and a VR version of Smell-O-Vision, and only one major sense remains: taste. To fill the gap, researchers at the City University of Hong Kong have developed a new interface to simulate taste in virtual and other extended reality (XR). The group previously worked on other systems for wearable interfaces, such as haptic and olfactory feedback. To create a more "immersive VR experience," they turned to adding taste sensations, says Yiming Liu, a coauthor of the group's research paper published today in the Proceedings of the National Academy of Sciences. The lollipop-shaped lickable device can produce nine different flavors: sugar, salt, citric acid, cherry, passion fruit, green tea, milk, durian, and grapefruit. Each flavor is produced by food-grade chemicals embedded in a pocket of agarose gel. When a voltage is applied to the gel, the chemicals are transported to the surface in a liquid that then mixes with saliva on the tongue like a real lollipop. Increase the voltage, and get a stronger flavor. Initially, the researchers tested several methods for simulating taste, including electrostimulating the tongue. The other methods each came with limitations, such as being too bulky or less safe, so the researchers opted for chemical delivery through a process called iontophoresis, which moves chemicals and ions through hydrogels and has a low electrical-power requirement. With a 2-volt maximum, the device is well within the human safety limit of 30 V, which is considered enough to deliver a substantial shock in some situations. Some of the possible applications mentioned by the authors include gustation tests, virtual grocery shopping, and immersive environments for exploring food flavors. However, the current system is limited to one hour of use due to gel depletion and it only supports a handful of flavor channels. Future development aims to extend operation time, increase flavor complexity, and improve usability, marking the beginning of a new frontier for XR interfaces.

Read more of this story at Slashdot.

The Macquarie Dictionary, the national dictionary of Australia, has picked "enshittification" as its word of the year. Gizmodo reports: The Australians define the word as "the gradual deterioration of a service or product brought about by a reduction in the quality of service provided, especially of an online platform, and as a consequence of profit-seeking." We've all felt this. Google search is filled with garbage. The internet is clogged with SEO-farming websites that clog up results. Facebook is an endless stream of AI-generated slop. Zoom wants you to test out its new AI features while you're trying to go into a meeting. Twitter has become X, and its owner thinks sharing links is a waste of time. Last night I reinstalled Windows 11 on a desktop machine and got pissed as it was finalized and Microsoft kept trying to get me to install OneDrive, Office 360, Call of Duty Black Ops 6, and a bunch of other shit I didn't want. Writer and activist Cory Doctorow coined the term enshittification in 2022, and recently offered potential solutions to the age-old phenomenon in an interview with The Register. "We need to have prohibition and regulation that prohibits the capital markets from funding predatory pricing," he explained. "It's very hard to enter the market when people are selling things below cost. We need to prohibit predatory acquisitions. Look at Facebook: buying Instagram, and Mark Zuckerberg sending an email saying we're buying Instagram because people don't like Facebook and they're moving to Instagram, and we just don't want them to have anywhere else to go."

Read more of this story at Slashdot.

Uber's gig-economy workforce now includes programmers. According to Bloomberg, "The company is expanding beyond its rideshare roots to enter a hot new market: helping other businesses outsource some of their artificial intellgience development to independent contractors." From the report: Its new AI training and data labeling division, called Scaled Solutions, builds on an internal team that tackles large-scale annotation tasks for Uber's rideshare, food delivery and freight units. According to its website, Scaled Solutions has begun serving other companies that also need high-quality datasets. Clients include Aurora Innovation Inc., an Uber-backed firm that makes self-driving software for commercial trucks, and Niantic Inc., the game developer behind Pokemon Go. Uber's efforts to sell data labeling services have not previously been reported. The move could allow it to gain a piece of a growing market, as global companies rely on humans to vet data to train AI models. Scale AI Inc, which offers similar services, is valued at $14 billion, making it one of the hottest artificial intelligence startups. The rideshare giant has plenty of experience recruiting contractors, as it has done for years with drivers and couriers. Now the company is betting that it can help other businesses by getting enough skilled workers who can label images, text and videos with context for machine learning models to recognize patterns and make accurate predictions and recommendations.

Read more of this story at Slashdot.

Despite significant enterprise AI hype, most job seekers remain unconvinced of its benefits, with 69% doubting its ability to enhance work performance and 62% skeptical it reduces workloads. The findings come from a study conducted by Resume Genius. The Register reports: Consistent with the majority opinion that AI in the workplace has failed to impress, only 34 percent of respondents said they were worried about being replaced by a bot, while just 30 percent think AI will increase competition for jobs or harm salaries. Broken down by generation (Boomers, Gen X, Millennials, and Gen Z job seekers all responded), the results are largely the same, with even Gen Z workers skeptical of the latest "next big thing" in enterprise tech. In short, Resume Genius's findings align with other recent studies suggesting enterprise AI's hype has not lived up to its marketing promises.

Read more of this story at Slashdot.

An anonymous reader quotes a report from The Verge: Huawei has announced its new Mate 70 series smartphone lineup, which will be the first offered with the company's new HarmonyOS Next operating system that doesn't rely on Google's Android services and won't run any Android apps, according to a report by Reuters. The four models of the Mate 70 also don't feature any US hardware following a half decade of US sanctions. The Mate 70, Mate 70 Pro, Mate 70 Pro Plus, and Mate 70 RS will also be offered with Huawei's HarmonyOS 4.3, which first launched in August 2019 as an alternative to Google's Android OS and is still compatible with Android's extensive app library. Users who decide to opt for Huawei's new Android-free HarmonyOS Next will have less choice when it comes to the apps they can install. Huawei says it has "secured more than 15,000 applications for its HarmonyOS ecosystem, with plans to expand to 100,000 apps in the coming months," according to Reuters. Starting next year, Huawei also says all the new phones and tablets it launches in 2025 will run HarmonyOS Next. [...] Huawei hasn't confirmed what processors are being used in the Mate 70 lineup, but the company has previously used chips made by China's SMIC for last year's Mate 60 series and other smartphones.

Read more of this story at Slashdot.

Ars Technica's Jon Brodkin reports: Lobby groups for Internet service providers claim that ISPs' customer service is so good already that the government shouldn't consider any new regulations to mandate improvements. They also claim ISPs face so much competition that market forces require providers to treat their customers well or lose them to competitors. Cable lobby group NCTA-The Internet & Television Association told the Federal Communications Commission in a filing (PDF) that "providing high-quality products and services and a positive customer experience is a competitive necessity in today's robust communications marketplace. To attract and retain customers, NCTA's cable operator members continuously strive to ensure that the customer support they provide is effective and user-friendly. Given these strong marketplace imperatives, new regulations that would micromanage providers' customer service operations are unnecessary." Lobby groups filed comments in response to an FCC review of customer service that was announced last month, before the presidential election. While the FCC's current Democratic leadership is interested in regulating customer service practices, the Republicans who will soon take over opposed the inquiry. USTelecom, which represents telcos such as AT&T and Verizon, said that "the competitive broadband marketplace leaves providers of broadband and other communications services no choice but to provide their customers with not only high-quality broadband, but also high-quality customer service." "If a provider fails to efficiently resolve an issue, they risk losing not only that customer -- and not just for the one service, but potentially for all of the bundled services offered to that customer -- but also any prospective customers that come across a negative review online. Because of this, broadband providers know that their success is dependent upon providing and maintaining excellent customer service," USTelecom wrote. While the FCC Notice of Inquiry said that providers should "offer live customer service representative support by phone within a reasonable timeframe," USTelecom's filing touted the customer service abilities of AI chatbots. "AI chat agents will only get better at addressing customers' needs more quickly over time -- and if providers fail to provide the customer service and engagement options that their customers expect and fail to resolve their customers' concerns, they may soon find that the consumer is no longer a customer, having switched to another competitive offering," the lobby group said.

Read more of this story at Slashdot.

The Biden administration is reducing Intel's CHIPS Act award by over $600 million, citing a $3 billion military contract the chipmaker was also awarded. Engadget reports: Initially set to receive $8.5 billion from the domestic silicon production bill, the company will get up to $7.85 billion instead. On Tuesday, The New York Times reported that Intel has extended some plant openings beyond 2030 government deadlines. Intel posted its biggest-ever quarterly loss last month after announcing 15,000 layoffs in August. The chip-maker's struggles have reportedly led some government officials to worry about its ability to deliver as a central component of the Biden White House's CHIPS Act. Intel will receive at least $1 billion in CHIPS Act funding before the end of the year. The company plans to invest $90 billion in the US by the decade's end, a reduction from its initial goal of $100 billion in the next five years. The Commerce Department said the chip maker is still on schedule to invest the full $100 billion on projects in four states: Arizona ($3.94 billion), Oregon ($1.86 billion), Ohio ($1.5 billion) and New Mexico ($500 million).

Read more of this story at Slashdot.

An anonymous reader quotes a report from the New York Times: The founder of an artificial intelligence start-up focused on education was arrested and charged with defrauding her investors, lying about the company's profits and falsely claiming that some of the largest school districts in the country, including New York City's, were her customers. The founder, Joanna Smith-Griffin, started the company, AllHere Education, in 2016, with the goal of using artificial intelligence to increase student and parent engagement and curb absenteeism. In the years that followed, Ms. Smith-Griffin, 33, misrepresented AllHere's revenue and customer base to fraudulently raise almost $10 million in funds, according to the indictment. Once the company's valuation had climbed, she sold some of her stake in it and spent hundreds of thousands of dollars on a down payment for a new home and on her wedding. Ms. Smith-Griffin was arrested Tuesday in North Carolina, where she lives, and charged with wire fraud, securities fraud and aggravated identity theft. She faces more than 40 years in prison. AllHere is now in bankruptcy proceedings, prosectors said, and all of its employees have been laid off. "Her alleged actions impacted the potential for improved learning environments across major school districts by selfishly prioritizing personal expenses," said James E. Dennehy, the F.B.I. assistant director in New York leading the investigation into Ms. Smith-Griffin. "The F.B.I. will ensure that any individual exploiting the promise of educational opportunities for our city's children will be taught a lesson." Smith-Griffin is the latest Forbes 30 Under 30 honoree to be indicted on fraud. "The Forbes-to-Fraud pipeline includes FTX founder Sam Bankman-Fried and Caroline Ellison, co-CEO of Alameda Research; fintech Frank founder Charlie Javice; and 'Pharma bro' Martin Shkreli," notes TechCrunch.

Read more of this story at Slashdot.

Blue Yonder, a Panasonic subsidiary specializing in AI-driven supply chain solutions, experienced a recent ransomware attack that impacted many of its customers. "Among its 3,000 customers are high-profile organizations like DHL, Renault, Bayer, Morrisons, Nestle, 3M, Tesco, Starbucks, Ace Hardware, Procter & Gamble, Sainsbury, and 7-Eleven," reports BleepingComputer. From the report: On Friday, the company warned that it was experiencing disruptions to its managed services hosting environment due to a ransomware incident that occurred the day before, on November 21. "On November 21, 2024, Blue Yonder experienced disruptions to its managed services hosted environment, which was determined to be the result of a ransomware incident," reads the announcement. "Since learning of the incident, the Blue Yonder team has been working diligently together with external cybersecurity firms to make progress in their recovery process. We have implemented several defensive and forensic protocols." Blue Yonder claims it has detected no suspicious activity in its public cloud environment and is still processing multiple recovery strategies. [...] As expected, this has impacted clients directly, as a spokesperson for UK grocery store chain Morrisons has confirmed to the media they have reverted to a slower backup process. Sainsbury told CNN that it had contingency plans in place to overcome the disruption. A Saturday update informed customers that the restoration of the impacted services continued, but no specific timelines for complete restoration could be shared yet. Another update published on Sunday reiterated the same, urging clients to monitor the customer update page on Blue Yonder's website over the coming days.

Read more of this story at Slashdot.

The U.S. is preparing to impose new sanctions targeting 200 Chinese chipmakers and potentially restricting the export of High Bandwidth Memory (HBM). The move is intended to further hinder China's semiconductor and AI advancements. Tom's Hardware reports: The update sheds light on the Biden administration's recent efforts to impose stricter regulations on chip manufacturers in China. The latest swarm of sanctions reportedly targets roughly 200 Chinese firms. US companies are prohibited from exporting select technologies or products to the targeted firms. The report suggests that the US Department of Commerce aims to push these new regulations before the Thanksgiving break - or November 28. Neither the Department of Commerce nor the Chamber of Commerce responded to Reuters' request for comments. Moreover, another wave of sanctions is set to follow in December - targeting the export of HBM (High Bandwidth Memory) - primarily to choke China's advance in the AI domain. The impacts of these restrictions are materializing given that Huawei's Kirin SoCs and Ascend AI accelerators will reportedly remain stuck at 7nm technology until 2026 as SMIC fails to procure cutting-edge Extreme Ultraviolet (EUV) machines from ASML.

Read more of this story at Slashdot.

An asteroid named 2024 PT5, recently exhibiting "mini moon" behavior around Earth, may have been a boulder that was blasted off the moon by an impacting, crater-forming asteroid," reports the Associated Press. The 33-foot space rock is expected to pass safely near Earth in January, when it will be closely observed. From the report: While not technically a moon -- NASA stresses it was never captured by Earth's gravity and fully in orbit -- it's "an interesting object" worthy of study. The astrophysicist brothers who identified the asteroid's "mini moon behavior," Raul and Carlos de la Fuente Marcos of Complutense University of Madrid, have collaborated with telescopes in the Canary Islands for hundreds of observations so far. Currently more than 2 million miles (3.5 million kilometers) away, the object is too small and faint to see without a powerful telescope. It will pass as close as 1.1 million miles (1.8 million kilometers) of Earth in January, maintaining a safe distance before it zooms farther into the solar system while orbiting the sun, not to return until 2055. That's almost five times farther than the moon. [...] NASA will track the asteroid for more than a week in January using the Goldstone solar system radar antenna in California's Mojave Desert, part of the Deep Space Network.

Read more of this story at Slashdot.

An anonymous reader quotes a report from TheGamer: With thousands of cards available in Pokemon's "Pokemon Trading Card Game," it can be hard to remember what is what. After all, since first debuting in the mid 1990s to coincide with the games of the same name, the popular collectible has been going strong ever since, with new releases constantly filling store shelves. That said, one avid Pokemon fan took it upon themselves to archive the card game's unique artwork. After hundreds of hours of work, over 23,000 cards have been archived, along with an additional 2,000 pieces of artwork. The end result is one of the best fan creations around. Meet Twitter user pkm_jp, who devoted hundreds of hours to learning how to program in order to make their dream of a one-stop shop of all available card art a reality. "I remember the joy of getting the first set page working, displaying a small collection of cards," they wrote on Twitter. "I knew it was just the beginning." The site, artofpkm.com, "is dedicated to bringing artists and fans together," the created said on X (formerly Twitter). They note that there is still "lots of artwork still to be added and labeled," among other features such as "custom lists, voting, and a proper blog."

Read more of this story at Slashdot.

Microsoft is retiring its "Get Licensing Ready" website, a resource for software licensing education. Going forward, content licensing will be located at microsoft.com/licensing. The Register also notes Microsoft's plans to enhance learning with AI tools, though specifics for licensing applications remain unclear. From the report: Software licensing is notoriously labyrinthine, so resources like the site Microsoft will close -- Get Licensing Ready -- can be very handy. Today, the site offers over 50 training modules plus documentation. But Microsoft has decided not to keep it around in its current form. Indeed, visitors to the site currently see a pop-up that explains "Microsoft will be ending support for licensing certifications through this platform and phasing out the Get Licensing Ready resource." The site's "retirement" date is January 1. Users have until December 1 to complete any active modules and download certificates. If you're a user of the site, get cracking: Redmond warns it is "unable to provide copies of certification after December 31st, 2024." An email alias dedicated to the site will also go away on New Year's Day. A Microsoft spokesperson told The Register the software megalith "remains committed to supporting licensing knowledge and solution-building for our partners and customers" -- in part with "new AI capabilities to further enhance learning and engagement."

Read more of this story at Slashdot.

A new bill introduced by Sen. Peter Welch (D-Vt) aims to make it easier for human creators to find out if their work was used without permission to train artificial intelligence. NBC News reports: The Transparency and Responsibility for Artificial Intelligence Networks (TRAIN) Act would enable copyright holders to subpoena training records of generative AI models, if the holder can declare a "good faith belief" that their work was used to train the model. The developers would only need to reveal the training material that is "sufficient to identify with certainty" whether the copyright holder's works were used. Failing to comply would create a legal assumption -- until proven otherwise -- that the AI developer did indeed use the copyrighted work. [...] In a news release, Welch said the TRAIN Act has been endorsed by several organizations -- including the Screen Actors Guild-American Federation of Television and Radio Artists (SAG-AFTRA), the American Federation of Musicians, and the Recording Academy -- as well as major music labels -- including Universal Music Group, Warner Music Group and Sony Music Group.

Read more of this story at Slashdot.

9to5Google's Ben Schoon reports: Google has introduced a new feature on iOS that injects links on third-party websites that take users back to Google Search. Recently, Google announced new "Page Annotations" within the Google app on iOS. This feature, as Google explains, "extracts interesting entities from the webpage and highlights them in line." Effectively, it creates links on a website that you've opened through Google's browser that the website's owner did not put there. The links, when clicked, then perform a search on Google for that subject and open the search in a pop-up window on top of the third-party website. The feature, Google says, will offer an opt-out for website owners through a form. It's pointed out by SERoundTable that opting out can take up to 30 days, while the feature is live now. Further reading: US Says Google Is an Ad Tech Monopolist, in Closing Arguments

Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: The Supreme Court signaled it may take up a case that could determine whether Internet service providers must terminate users who are accused of copyright infringement. In an order (PDF) issued today, the court invited the Department of Justice's solicitor general to file a brief "expressing the views of the United States." In Sony Music Entertainment v. Cox Communications, the major record labels argue that cable provider Cox should be held liable for failing to terminate users who were repeatedly flagged for infringement based on their IP addresses being connected to torrent downloads. There was a mixed ruling at the US Court of Appeals for the 4th Circuit as the appeals court affirmed a jury's finding that Cox was guilty of willful contributory infringement but reversed a verdict on vicarious infringement "because Cox did not profit from its subscribers' acts of infringement." That ruling vacated a $1 billion damages award and ordered a new damages trial. Cox and Sony are both seeking a Supreme Court review. Cox wants to overturn the finding of willful contributory infringement, while Sony wants to reinstate the $1 billion verdict. The Supreme Court asking for US input on Sony v. Cox could be a precursor to the high court taking up the case. For example, the court last year asked the solicitor general to weigh in on Texas and Florida laws that restricted how social media companies can moderate their platforms. The court subsequently took up the case and vacated lower-court rulings, making it clear that content moderation is protected by the First Amendment.

Read more of this story at Slashdot.

A new rule passed in Texas requiring cryptocurrency miners using the grid maintained by the Energy Reliability Council of Texas (ERCOT) to register and report key details about their facilities. CoinTelegraph reports: Under the Public Utilities Commission of Texas (PUCT) rule (PDF), passed on Nov. 21, Bitcoin miners must share the location, ownership information and demand for electricity of their facilities with the state agency. Miners have only one working day after the date their facility connects to the ERCOT grid to register and must renew every calendar year on or before March 1. ERCOT is an independent system operator representing 90% of the state's electric load. According to PUCT Chairman Thomas Gleeson, the new rule was designed to help manage the power grid as more mining facilities come online. "To ensure the ERCOT grid is reliable and meets the electricity needs of all Texans, the PUCT and ERCOT need to know the location and power needs of virtual currency miners," he said. Bitcoin miners who fail to register under the PUCT rule will face a Class A violation, which can result in up to $25,000 in daily fines.

Read more of this story at Slashdot.