alternative_right shares a report from ScienceAlert: A new study from researchers in Australia reveals that the people who never forget faces look "smarter, not harder." In other words, they naturally focus on a person's most distinguishing facial features. "Their skill isn't something you can learn like a trick," explains lead author James Dunn, a psychology researcher at the University of New South Wales (UNSW) Sydney. "It's an automatic, dynamic way of picking up what makes each face unique." To see what super-recognizers see, Dunn and his colleagues used eye-tracking technology to reconstruct how people surveyed new faces. They did this with 37 super-recognizers and 68 people with ordinary facial recognition skills, noting where and for how long participants looked at pictures of faces displayed on a computer screen. The researchers then fed the data into machine learning algorithms trained to recognize faces. The algorithms, a type known as deep neural networks, were tasked with deciding if two faces belonged to the same person. "These findings suggest that the perceptual foundations of individual differences in face recognition ability may originate at the earliest stages of visual processing -- at the level of retinal encoding," Dunn and colleagues write in their paper. The findings have been published in the journal Proceedings of the Royal Society B: Biological Sciences.

Read more of this story at Slashdot.

Chinese automakers are rapidly expanding across South America, boosted by the new Chinese-built Port of Chancay, aggressive pricing, local partnerships, and growing regional demand. Reuters reports: China has been ramping up sales since the opening last year of the Port of Chancay, north of Lima. The Chinese-built megaport has halved trans-Pacific shipping times just as Chinese manufacturers face rising barriers to entry in the United States and greater trade restrictions in Europe. BYD, which makes EVs, plug-in hybrids and combustion engine cars, plans to open a fourth dealership in Lima by the end of this year, while Chery and Geely have more than a dozen in total in Peru. Chinese carmakers face a profit-destroying price war at home and a growing surplus of new cars rolling out of Chinese factory lines. Much of this excess is being shipped overseas to the Middle East, Central Asia and Latin America, according to global automotive analyst Felipe Munoz at JATO Dynamics. The Chinese have "carved out space," across both electric and petrol-powered cars, said Martin Bresciani, president of Chile's automotive business chamber, CAVEM. "The Chinese have already demonstrated that they match global standards in quality." Chinese brands reached 29.6% of all new passenger car sales in Chile in the first quarter of this year. [...] Part of China's success has been partnering with trusted local importers to offer more affordable models tailored to regional tastes, according to seven dealerships Reuters spoke to in Peru, Chile, Uruguay and Argentina.

Read more of this story at Slashdot.

Even after disabling remote control and officially ending support for early Nest Learning Thermostats, Google is still receiving detailed sensor and activity data from these devices, including temperature changes, motion, and ambient light. The Verge reports: After digging into the backend, security researcher Cody Kociemba found that the first- and second-generation Nest Learning Thermostats are still sending Google information about manual temperature changes, whether a person is present in the room, if sunlight is hitting the device, and more. Kociemba made the discovery while participating in a bounty program created by FULU, a right-to-repair advocacy organization cofounded by electronics repair technician and YouTuber Louis Rossmann. FULU challenged developers to come up with a solution to restore smart functionality to Nest devices no longer supported by Google, and that's exactly what Kociemba did with his open-source No Longer Evil project. But after cloning Google's API to create this custom software, he started receiving a trove of logs from customer devices, which he turned off. "On these devices, while they [Google] turned off access to remotely control them, they did leave in the ability for the devices to upload logs. And the logs are pretty extensive," Kociemba tells The Verge. [...] "I was under the impression that the Google connection would be severed along with the remote functionality, however that connection is not severed, and instead is a one-way street," Kociemba says.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Security Affairs: On October 24, 2025, Azure DDoS Protection detected and mitigated a massive multi-vector attack peaking at 15.72 Tbps and 3.64 billion pps, the largest cloud DDoS ever recorded, aimed at a single Australian endpoint. Azure's global protection network filtered the traffic, keeping services online. The attack came from the Aisuru botnet, a Turbo Mirai-class IoT botnet using compromised home routers and cameras. The attack used massive UDP floods from more than 500,000 IPs hitting a single public address, with little spoofing and random source ports that made traceback easier. It highlights how attackers are scaling with the internet: faster home fiber and increasingly powerful IoT devices keep pushing DDoS attack sizes higher. "On October 24, 2025, Azure DDOS Protection automatically detected and mitigated a multi-vector DDoS attack measuring 15.72 Tbps and nearly 3.64 billion packets per second (pps). This was the largest DDoS attack ever observed in the cloud and it targeted a single endpoint in Australia," reads a report published by Microsoft. "The attack originated from Aisuru botnet." "Attackers are scaling with the internet itself. As fiber-to-the-home speeds rise and IoT devices get more powerful, the baseline for attack size keeps climbing," concludes the post. "As we approach the upcoming holiday season, it is essential to confirm that all internet-facing applications and workloads are adequately protected against DDOS attacks."

Read more of this story at Slashdot.

fjo3 shares a report from TheWrap: There are already at least 175,000 AI-generated podcast episodes on platforms like Spotify and Apple. That's thanks to Inception Point AI, a startup with just eight employees cranking out 3,000 episodes a week covering everything from localized weather reports and pollen trackers to a detailed account of Charlie Kirk's assassination and its cultural impact, to a biography series on Anna Wintour. Its podcasting network Quiet Please has generated 12 million lifetime episode downloads and amassed 400,000 subscribers -- so, yes, people are really listening to AI podcasts. Inception Point CEO Jeanine Wright believes the tool is proof that automation can make podcasting scalable, profitable and accessible without human writers, editors or hosts. "The price is now so inexpensive that you can take a lot of risks,â Wright told TheWrap. âoeYou can make a lot of content and a lot of different genres that were never commercially viable before and serve huge audiences that have really never had content made for them." At a cost of $1 an episode, Wright takes a quantity-over-quality approach. "I think very quickly we get to a place where AI is a default way that content is made, not just across audio, but across television and film and commercials and imagery, and everything. And then we will disclose when things are not made with AI instead of that they were made with AI," Wright said. "But for now, we are perfectly happy leading the way."

Read more of this story at Slashdot.

NetChoice is suing Virginia to block a new law that limits kids under 16 to one hour of daily social media use unless parents approve more time, arguing the rule violates the First Amendment and introduces serious privacy risks through mandatory age-verification. The Verge reports: In addition to restricting access to legal speech, NetChoice alleges that Virginia's incoming law (SB 854) will require platforms to verify user ages in ways that would pose privacy and security risks. The law requires platforms to use "commercially reasonable methods," which it says include a screen that prompts the user to enter a birth date. However, NetChoice argues that Virginia could go beyond this requirement, citing a post from Governor Youngkin on X, stating "platforms must verify age," potentially referring to stricter methods, like having users submit a government ID or other personal information. NetChoice, which is backed by tech giants like Meta, Google, Amazon, Reddit, and Discord, alleges that the law puts a burden on minors' ability to engage or consume speech online. "The First Amendment prohibits the government from placing these types of restrictions on accessing lawful and valuable speech, just in the same way that the government can't tell you how long you could spend reading a book, watching a television program, or consuming a documentary," Paul Taske, the co-director of the Netchoice Litigation Center, tells The Verge. "Virginia must leave the parenting decisions where they belong: with parents," Taske says. "By asserting that authority for itself, Virginia not only violates its citizens' rights to free speech but also exposes them to increased risk of privacy and security breaches."

Read more of this story at Slashdot.

An anonymous reader quotes a report from Bloomberg: Amazon Web Services, Microsoft's Azure, and Alphabet's Google Cloud risk being dragged into the scope of the European Union's crackdown on Big Tech as antitrust watchdogs prepare to study the platforms' market power. The European Commission wants to decide if any of the trio should face a raft of new restrictions under the bloc's Digital Markets Act (source paywalled; alternative source), according to people familiar with the matter who spoke on condition of anonymity. The plan for a market probe follows several major outages in the cloud industry that wrought havoc across global services, highlighting the risks of relying on a mere handful of players. To date, the world's largest cloud providers have avoided the DMA because a large part of their business comes via enterprise contracts, making it difficult to count the number of individual users, one of the EU's main benchmarks for earmarking Silicon Valley services for extra oversight. Under the investigation's remit, regulators will asses whether the top cloud operators -- regardless of the challenge of counting user numbers -- should be forced to contend with a raft of fresh obligations including increased interoperability with rival software and better data portability for users, as well as restrictions on tying and bundling.

Read more of this story at Slashdot.

schwit1 shares a report from the Business Times: General Motors (GM) has directed several thousand of its suppliers to scrub their supply chains of parts from China, four people familiar with the matter said, reflecting automakers' growing frustration over geopolitical disruptions to their operations. GM executives have been telling suppliers they should find alternatives to China for their raw materials and parts, with the goal of eventually moving their supply chains out of the country entirely, the people said. The automaker has set a 2027 deadline for some suppliers to dissolve their China sourcing ties, some of the sources said. GM approached some suppliers with the directive in late 2024, but the effort took on fresh urgency this past spring, during the early days of an escalating US-China trade battle, the sources said.

Read more of this story at Slashdot.

alternative_right shares a report from ScienceAlert: A thorough investigation published in May 2023 found that the inner core of the Moon is, in fact, a solid ball with a density similar to that of iron. To figure it out once and for all, [astronomer Arthur Briaud of the French National Centre for Scientific Research in France] and his colleagues collected data from space missions and lunar laser-ranging experiments to compile a profile of various lunar characteristics. These include the degree of its deformation by its gravitational interaction with Earth, the variation in its distance from Earth, and its density. ... they found that the lunar core is very similar to that of Earth â" with an outer fluid layer and a solid inner core. According to their modeling, the outer core has a radius of about 362 kilometers (225 miles), and the inner core has a radius of about 258 kilometers (160 miles). That's about 15 percent of the entire radius of the Moon. The inner core, the team found, also has a density of about 7,822 kilograms per cubic meter. That's very close to the density of iron. [...] The research has been published in Nature.

Read more of this story at Slashdot.

An anonymous reader quotes a report from the Washington Post: Winning the lottery isn't what brought Carrie Edwards her 15 minutes of fame. It was giving it all away. Standing alone in her kitchen one day in September, the Virginia woman was thunderstruck to discover she had won $150,000 in a Powerball drawing. As she was absorbing her windfall, she said, "I just heard as loud as you can hear God or whoever you believe in the universe just say, this is -- it's not your money." Then came a decision: She would donate it all to her three most cherished charities (source paywalled; alternative source). [...] Her journey to the lucky prize started when she walked into a 7-Eleven with a friend who wanted to buy two Powerball tickets. The jackpot for the Sept. 6 drawing was topping $1.7 billion, the second-largest amount ever. Edwards, 68, hardly ever played the lottery, but her friend was an active player who gave her two pieces of advice: Always buy a paper ticket, rather than getting them online. And the Powerball multiplier is a scam, don't do it. She ignored him on both accounts. She created a Virginia Lottery account on her phone. Then, instead of the typical strategies of using family birthdays and lucky numbers, she went to ChatGPT -- which she had only recently started using for research -- and asked, "Do you have any winning numbers for me?" "Luck is luck," replied the chatbot. Then it gave numbers that she plugged in -- paying the extra dollar for the Power Play to multiply anything she might win. She initially thought luck wasn't on her side when she didn't win the massive jackpot. But what she didn't realize is that she'd picked the "draw two" option, meaning her numbers were reentered for the next drawing. When she got a notification on her phone that she had won, she said, she thought it was a scam, or maybe she'd won something small, like $10. Just to satisfy her curiosity, she logged into her account and saw that she had matched four of the five numbers plus the Powerball in that second drawing. It would have been a $50,000 payout, but the multiplier tripled her winnings.

Read more of this story at Slashdot.

YouTube TV and Disney have ended their two-week carriage standoff, restoring ESPN, ABC, and other Disney networks under a new multiyear deal. Variety reports: Under the new agreement, ESPN's full lineup of sports -- including content from ESPN Unlimited -- will be made available on YouTube TV to base-plan subscribers at no additional cost by the end of 2026. In addition, access to a selection of live and on-demand programming from ESPN Unlimited will be available inside YouTube TV. The deal also lets YouTube include the Disney+ and Hulu bundle as part of "select YouTube offerings." According to Disney, "select networks" will be included in various genre-specific packages that YouTube TV expects to launch in the future. [...] The deal supersedes their prior distribution agreement, inked in December 2021 after a two-day blackout.

Read more of this story at Slashdot.

Apple's limited-edition "iPhone Pocket" sold out almost instantly worldwide despite its $150-$230 price tag. Appleinsider reports: Longtime Apple users immediately saw the resemblance with the old iPod socks, and everyone saw the price. Apple and Japan's Issey Miyake fashion house partnered to create a limited edition iPhone Pocket, a stretched sock-like bag or shoulder strap. There was no denying that an iPhone in this Pocket looked snuggly. There was definitely no denying that the accessory was well designed. There's also no question that it was about as goofy as the iPod Sock from back the in the day. But there was every denying of the price. The iPhone Pocket came in a short version for $150, and a longer one for $230. For comparison, the Apple Watch SE starts at $250. As ever, though, if you liked it, if you had a use for it, and if you had the budget, there was no reason left not to buy. But if you have hesitated because of the cost, you are now out of luck. There are none left in the US.

Read more of this story at Slashdot.

"Within the past year, stories have been posted on Slashdot about people helping North Koreans get remote IT jobs at U.S. corporations, companies knowingly assisting them, how not to hire a North Korean for a remote IT job, and how a simple question tripped up a North Korean applying for a remote IT job," writes longtime Slashdot reader smooth wombat. "The FBI is even warning companies that North Koreans working remotely can steal source code and extort money from the company -- money that goes to fund the North Korean government. Now, five more people have plead guilty to knowingly helping North Koreans infiltrate U.S. companies as remote IT workers." TechCrunch reports: The five people are accused of working as "facilitators" who helped North Koreans get jobs by providing their own real identities, or false and stolen identities of more than a dozen U.S. nationals. The facilitators also hosted company-provided laptops in their homes across the U.S. to make it look like the North Korean workers lived locally, according to the DOJ press release. These actions affected 136 U.S. companies and netted Kim Jong Un's regime $2.2 million in revenue, said the DOJ. Three of the people -- U.S. nationals Audricus Phagnasay, Jason Salazar, and Alexander Paul Travis -- each pleaded guilty to one count of wire fraud conspiracy. Prosecutors accused the three of helping North Koreans posing as legitimate IT workers, whom they knew worked outside of the United States, to use their own identities to obtain employment, helped them remotely access their company-issued laptops set up in their homes, and also helped the North Koreans pass vetting procedures, such as drug tests. The fourth U.S. national who pleaded guilty is Erick Ntekereze Prince, who ran a company called Taggcar, which supplied to U.S. companies allegedly "certified" IT workers but whom he knew worked outside of the country and were using stolen or fake identities. Prince also hosted laptops with remote access software at several residences in Florida, and earned more than $89,000 for his work, the DOJ said. Another participant in the scheme who pleaded guilty to one count of wire fraud conspiracy and another count of aggravated identity theft is Ukrainian national Oleksandr Didenko, who prosecutors accuse of stealing U.S. citizens' identities and selling them to North Koreans so they could get jobs at more than 40 U.S. companies. According to the press release, Didenko earned hundreds of thousands of dollars for this service. Didenko agreed to forfeit $1.4 million as part of his guilty plea. The DOJ also announced that it had frozen and seized more than $15 million in cryptocurrency stolen in 2023 by North Korean hackers from several crypto platforms.

Read more of this story at Slashdot.

An anonymous reader quotes a report from The Record: Russian telecom operators have begun cutting mobile internet access for 24 hours for citizens returning to the country from abroad, in what officials say is an effort to prevent Ukrainian drones from using domestic SIM cards for navigation. "When a SIM card enters Russia from abroad, the user has to confirm that it's being used by a person -- not installed in a drone," the Digital Development Ministry said in a statement earlier this week. Users can restore access sooner by solving a captcha or calling their operator for identification. Authorities said the temporary blackout is meant to "ensure the safety of Russian citizens" and prevent SIM cards from being embedded in "enemy drones." The new rule has led to unexpected outages for residents in border regions, whose phones can automatically connect to foreign carriers. Officials advised users to switch to manual network selection to avoid being cut off.

Read more of this story at Slashdot.

BrianFagioli writes: Logitech has confirmed a cybersecurity breach after an intruder exploited a zero-day in a third-party software platform and copied internal data. The company says the incident did not affect its products, manufacturing or business operations, and it does not believe sensitive personal information like national ID numbers or credit card data were stored in the impacted system. The attacker still managed to pull limited information tied to employees, consumers, customers and suppliers, raising fair questions about how long the zero-day existed before being patched. Logitech brought in outside cybersecurity firms, notified regulators and says the incident will not materially affect its financial results. The company expects its cybersecurity insurance policy to cover investigation costs and any potential legal or regulatory issues. Still, with zero-day attacks increasing across the tech world, even established hardware brands are being forced to acknowledge uncomfortable weaknesses in their internal systems.

Read more of this story at Slashdot.

According to CNBC, JPMorgan Chase has secured deals ensuring it will get paid by the fintech firms responsible for nearly all the data requests made by third-party apps connected to customer bank accounts. From the report: The bank has signed updated contracts with the fintech middlemen that make up more than 95% of the data pulls on its systems, including Plaid, Yodlee, Morningstar and Akoya, according to JPMorgan spokesman Drew Pusateri. "We've come to agreements that will make the open banking ecosystem safer and more sustainable and allow customers to continue reliably and securely accessing their favorite financial products," Pusateri said in a statement. "The free market worked." The milestone is the latest twist in a long-running dispute between traditional banks and the fintech industry over access to customer accounts. For years, middlemen like Plaid paid nothing to tap bank systems when a customer wanted to use a fintech app like Robinhood to draw funds or check balances. [...] After weeks of negotiations between JPMorgan and the middlemen, the bank agreed to lower pricing than it originally proposed, and the fintech middlemen won concessions regarding the servicing of data requests, according to people with knowledge of the talks. Fintech firms preferred the certainty of locking in data-sharing rates because it is unclear whether the current CFPB, which is in the process of revising the open-banking rule, will favor banks or fintech companies, according to a venture capital investor who asked for anonymity to discuss his portfolio companies. The bank and the fintech firms declined to disclose details about their contracts, including how much the middlemen agreed to pay and how long the deals are in force.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: On Thursday evening, OpenAI CEO Sam Altman posted on X that ChatGPT has started following custom instructions to avoid using em dashes. "Small-but-happy win: If you tell ChatGPT not to use em-dashes in your custom instructions, it finally does what it's supposed to do!" he wrote. The post, which came two days after the release of OpenAI's new GPT-5.1 AI model, received mixed reactions from users who have struggled for years with getting the chatbot to follow specific formatting preferences. And this "small win" raises a very big question: If the world's most valuable AI company has struggled with controlling something as simple as punctuation use after years of trying, perhaps what people call artificial general intelligence (AGI) is farther off than some in the industry claim. "The fact that it's been 3 years since ChatGPT first launched, and you've only just now managed to make it obey this simple requirement, says a lot about how little control you have over it, and your understanding of its inner workings," wrote one X user in a reply. "Not a good sign for the future."

Read more of this story at Slashdot.

An anonymous reader quotes a report from Reuters: Singapore's central bank will hold trials to issue tokenized MAS bills next year and bring in laws to regulate stablecoins as it presses forward with plans to build a scalable and secure tokenised financial ecosystem, the bank's top official said on Thursday. "Tokenization has lifted off the ground. But have asset-backed tokens achieved escape velocity? Not yet," said Chia Der Jiun, Managing Director of the Monetary Authority of Singapore (MAS), a keynote address at the Singapore FinTech Festival. He said MAS has been working on the details of its stablecoin regulatory regime and will prepare draft legislation, with the emphasis on "sound reserve backing and redemption reliability." MAS is also supporting trials under the BLOOM initiative, which explores the use of tokenized bank liabilities and regulated stablecoins for settlement, he added. "In the CBDC space, I am pleased to announce that the three Singapore banks, DBS, OCBC, and UOB, have successfully conducted interbank overnight lending transactions using the first live trial issuance of Singapore dollar wholesale CBDC," he said. MAS will expand trials to include tokenized MAS bills settled with CBDC, he added.

Read more of this story at Slashdot.

According to Car and Driver, Hyundai has suffered a data breach that leaked the personal data of up to 2.7 million customers. The leak reportedly took place in February from Hyundai AutoEver, the company's IT affiliate. It includes customer names, driver's license numbers, and social security numbers. Longtime Slashdot reader sinij writes: Thanks to tracking modules plaguing most modern cars, that data likely includes the times and locations of customers' vehicles. These repeated breaches make it clear that, unlike smartphone manufacturers that are inherently tech companies, car manufacturers collecting your data are going to keep getting breached and leaking it.

Read more of this story at Slashdot.

Amazon announced that its satellite broadband project called Project Kuiper will now be known as Amazon Leo. GeekWire reports: Leo is a nod to "low Earth orbit," where Amazon has so far launched more than 150 satellites as part of a constellation that will eventually include more than 3,200. In a blog post, Amazon said the 7-year-old Project Kuiper began "with a handful of engineers and a few designs on paper" and like most early Amazon projects "the program needed a code name." The team was inspired by the Kuiper Belt, a ring of asteroids in the outer solar system. A new website for Amazon Leo proclaims "a new era of internet is coming," as Amazon says its satellites can help serve "billions of people on the planet who lack high-speed internet access, and millions of businesses, governments, and other organizations operating in places without reliable connectivity." Amazon said it will begin rolling out service once it's added more coverage and capacity to the network. Details about pricing and availability haven't been announced.

Read more of this story at Slashdot.