rssLounge aggregator

TikTok has started testing its Instagram competitor, TikTok Notes, in Canada and Australia. TechCrunch reports: The company said on X that it is in the "early stage" of the app's rollout and that the app is "a dedicated space for photo and text content." "We hope that the TikTok community will use TikTok Notes to continue sharing their moments through photo posts. Whether documenting adventures, expressing creativity, or simply sharing snapshots of one's day, the TikTok Notes experience is designed for those who would like to share and engage through photo content," it said. The company didn't say much about the app's features and functionality apart from the fact that users can log in with their existing TikTok account. Even the app's description in the app stores is pretty light on details. The screenshots on the App Store listing suggest that the posts will appear in two-column grids on the home page. The screenshots also indicate that you can post multiple photos through a carousel post.

Read more of this story at Slashdot.

Jess Weatherbed reports via The Verge: It's alive! A day after announcing it was retiring Atlas, its hydraulic robot, Boston Dynamics has introduced a new, all-electric version of its humanoid machine. The next-generation Atlas robot is designed to offer a far greater range of movement than its predecessor. Boston Dynamics wanted the new version to show that Atlas can keep a humanoid form without limiting "how a bipedal robot can move." The new version has been redesigned with swiveling joints that the company claims make it "uniquely capable of tackling dull, dirty, and dangerous tasks." The teaser showcasing the new robot's capabilities is as unnerving as it is theatrical. The video starts with Atlas lying in a cadaver-like fashion on the floor before it swiftly folds its legs backward over its body and rises to a standing position in a manner befitting some kind of Cronenberg body-horror flick. Its curved, illuminated head does add some Pixar lamp-like charm, but the way Atlas then spins at the waist and marches toward the camera really feels rather jarring. The design itself is also a little more humanoid. Similar to bipedal robots like Tesla's Optimus, the new Atlas now has longer limbs, a straighter back, and a distinct "head" that can swivel around as needed. There are no cables in sight, and its "face" includes a built-in ring light. It is a marked improvement on its predecessor and now features a bunch of Boston Dynamics' new AI and machine learning tools. [...] Boston Dynamics said the new Atlas will be tested with a small group of customers "over the next few years," starting with Hyundai.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: The US AI Safety Institute -- part of the National Institute of Standards and Technology (NIST)—has finally announced its leadership team after much speculation. Appointed as head of AI safety is Paul Christiano, a former OpenAI researcher who pioneered a foundational AI safety technique called reinforcement learning from human feedback (RLHF), but is also known for predicting that "there's a 50 percent chance AI development could end in 'doom.'" While Christiano's research background is impressive, some fear that by appointing a so-called "AI doomer," NIST may be risking encouraging non-scientific thinking that many critics view as sheer speculation. There have been rumors that NIST staffers oppose the hiring. A controversial VentureBeat report last month cited two anonymous sources claiming that, seemingly because of Christiano's so-called "AI doomer" views, NIST staffers were "revolting." Some staff members and scientists allegedly threatened to resign, VentureBeat reported, fearing "that Christiano's association" with effective altruism and "longtermism could compromise the institute's objectivity and integrity." NIST's mission is rooted in advancing science by working to "promote US innovation and industrial competitiveness by advancing measurement science, standards, and technology in ways that enhance economic security and improve our quality of life." Effective altruists believe in "using evidence and reason to figure out how to benefit others as much as possible" and longtermists that "we should be doing much more to protect future generations," both of which are more subjective and opinion-based. On the Bankless podcast, Christiano shared his opinions last year that "there's something like a 10-20 percent chance of AI takeover" that results in humans dying, and "overall, maybe you're getting more up to a 50-50 chance of doom shortly after you have AI systems that are human level." "The most likely way we die involves -- not AI comes out of the blue and kills everyone -- but involves we have deployed a lot of AI everywhere... [And] if for some reason, God forbid, all these AI systems were trying to kill us, they would definitely kill us," Christiano said. As head of AI safety, Christiano will seemingly have to monitor for current and potential risks. He will "design and conduct tests of frontier AI models, focusing on model evaluations for capabilities of national security concern," steer processes for evaluations, and implement "risk mitigations to enhance frontier model safety and security," the Department of Commerce's press release said. Christiano has experience mitigating AI risks. He left OpenAI to found the Alignment Research Center (ARC), which the Commerce Department described as "a nonprofit research organization that seeks to align future machine learning systems with human interests by furthering theoretical research." Part of ARC's mission is to test if AI systems are evolving to manipulate or deceive humans, ARC's website said. ARC also conducts research to help AI systems scale "gracefully." "In addition to Christiano, the safety institute's leadership team will include Mara Quintero Campbell, a Commerce Department official who led projects on COVID response and CHIPS Act implementation, as acting chief operating officer and chief of staff," reports Ars. "Adam Russell, an expert focused on human-AI teaming, forecasting, and collective intelligence, will serve as chief vision officer. Rob Reich, a human-centered AI expert on leave from Stanford University, will be a senior advisor. And Mark Latonero, a former White House global AI policy expert who helped draft Biden's AI executive order, will be head of international engagement." Gina Raimondo, US Secretary of Commerce, said in the press release: "To safeguard our global leadership on responsible AI and ensure we're equipped to fulfill our mission to mitigate the risks of AI and harness its benefits, we need the top talent our nation has to offer. That is precisely why we've selected these individuals, who are the best in their fields, to join the US AI Safety Institute executive leadership team."

Read more of this story at Slashdot.

AltStore PAL has become one of the first alternative app marketplaces to launch in the European Union. Developed by Riley Testut, AltStore PAL is marketed as an open-source project designed to distribute apps from independent developers. MacRumors reports: At launch, it features two apps, including Testut's Delta game emulator and clipboard manager app Clip. Delta is also being simultaneously released in the App Store outside of the European Union, but it looks like EU customers will need to download it from AltStore. Testut says that once AltStore PAL is "running smoothly," third-party app developers will be able to submit their apps for distribution outside of the App Store. The app marketplace is designed to be decentralized with no directory, so developers will need to self-promote their apps and direct users to their websites to install an app through AltStore. Distributing apps through AltStore is free of charge, but it is worth noting that apps that see more than one million first annual installs will need to pay Apple an 0.50 euro Core Technology Fee. App marketplaces have to pay the fee for every install with no free allowance, so AltStore is charged 0.50 euros each time it is installed. To afford the fee, Testut is charging 1.50 euros per year for AltStore PAL access. Testut has been working on AltStore PAL since Apple announced plans to support alternative app marketplaces in iOS 17.4. It is open to all apps, but Testut says that it makes the most sense for "smaller, indie apps that otherwise couldn't exist due to App Store rules." AltStore PAL is equipped with Patreon integration to allow developers to monetize their apps. Developers can offer their apps to just their patrons, and this method of distribution also allows for a sub-1 million cap on those who can subscribe to use an app.

Read more of this story at Slashdot.

Trump Media & Technology Group Corp., which has been called the "mother of all meme stocks" after it made its stock market debut in late March, announced that its Truth Social platform is moving to launch a live TV streaming platform. Following the news, shares of DJT closed more than 14% lower Tuesday. They ended trading Monday down by more than 18%. CNBC reports: The stock's price has dropped by a whopping 67.7% since Trump Media began trading as a public company on March 26, erasing more than $5 billion in market capitalization. Trump Media's majority shareholder is former President Donald Trump, who holds nearly 60% of its stock. Earlier Tuesday, Trump Media in a press release said it "has finished the research and development phase of its new live TV streaming platform and will begin scaling up its own content delivery network." The company said it will roll out streaming content in three phases, the first of which will introduce Truth Social's content delivery network for streaming live TV to the app for Android, iOS and web. Phase two will release stand-alone Truth Social streaming apps for phones, tablets and other devices, while phase three will release such apps for home television, Trump Media said. "The streaming content is expected to focus on live TV including news networks, religious channels, family-friendly content including films and documentaries; and other content that has been cancelled, is at risk of cancellation, or is being suppressed on other platforms and services," Trump Media said in its release. "We're excited to move forward with the next big phase for Truth Social," added CEO Devin Nunes in a statement. "With our streaming content, we aim to provide a permanent home for high-quality news and entertainment that face discrimination by other channels and content delivery service. There is a lot of great content that simply can't find an audience for unjust reasons, and we want to let these creators know they'll soon have a guaranteed platform where they won't be cancelled."

Read more of this story at Slashdot.

An anonymous reader quotes a report from Futurism: In a new blog post from LastPass, the password management firm used by countless personal and corporate clients to help protect their login information, the company explains that someone used AI voice-cloning tech to spoof the voice of its CEO in an attempt to trick one of its employees. As the company writes in the post, one of its employees earlier this week received several WhatsApp communications -- including calls, texts, and a voice message -- from someone claiming to be its CEO, Karim Toubba. Luckily, the LastPass worker didn't fall for it because the whole thing set off so many red flags. "As the attempted communication was outside of normal business communication channels and due to the employee's suspicion regarding the presence of many of the hallmarks of a social engineering attempt (such as forced urgency)," the post reads, "our employee rightly ignored the messages and reported the incident to our internal security team so that we could take steps to both mitigate the threat and raise awareness of the tactic both internally and externally." While this LastPass scam attempt failed, those who follow these sorts of things may recall that the company has been subject to successful hacks before. In August 2022, as a timeline of the event compiled by the Cybersecurity Dive blog detailed, a hacker compromised a LastPass engineer's laptop and used it to steal source code and company secrets, eventually getting access to its customer database -- including encrypted passwords and unencrypted user data like email addresses. According to that timeline, the clearly-resourceful bad actor remained active in the company's servers for months, and it took more than two months for LastPass to admit that it had been breached. More than six months after the initial breach, Toubba, the CEO, provided a blow-by-blow timeline of the months-long attack and said he took "full responsibility" for the way things went down in a February 2023 blog post.

Read more of this story at Slashdot.

An anonymous reader shares a report: A storm hit the United Arab Emirates and Oman this week bringing record rainfall that flooded highways, inundated houses, grid-locked traffic and trapped people in their homes. [...] In the UAE, a record 254 millimetres (10 inches) of rainfall was recorded in Al Ain, a city bordering Oman. It was the largest ever in a 24-hour period since records started in 1949. Rainfall is rare in the UAE and elsewhere on the Arabian Peninsula, that is typically known for its dry desert climate. Summer air temperatures can soar above 50 degrees Celsius. But the UAE and Oman also lack drainage systems to cope with heavy rains and submerged roads are not uncommon during rainfall. Following Tuesday's events, questions were raised whether cloud seeding, a process that the UAE frequently conducts, could have caused the heavy rains. Cloud seeding is a process in which chemicals are implanted into clouds to increase rainfall in an environment where water scarcity is a concern. The UAE, located in one of the hottest and driest regions on earth, has been leading the effort to seed clouds and increase precipitation. But the UAE's meteorology agency told Reuters there were no such operations before the storm. The huge rainfall was instead likely due to a normal weather system that was exacerbated by climate change, experts say. A low pressure system in the upper atmosphere, coupled with low pressure at the surface had acted like a pressure 'squeeze' on the air, according to Esraa Alnaqbi, a senior forecaster at the UAE government's National Centre of Meteorology. That squeeze, intensified by the contrast between warmer temperatures at ground level and colder temperatures higher up, created the conditions for the powerful thunderstorm, she said.

Read more of this story at Slashdot.

AI's voracious need for computing power is threatening to overwhelm energy sources, requiring the industry to change its approach to the technology, according to Arm Chief Executive Officer Rene Haas. From a report: By 2030, the world's data centers are on course to use more electricity than India, the world's most populous country, Haas said. Finding ways to head off that projected tripling of energy use is paramount if artificial intelligence is going to achieve its promise, he said. "We are still incredibly in the early days in terms of the capabilities," Haas said in an interview. For AI systems to get better, they will need more training -- a stage that involves bombarding the software with data -- and that's going to run up against the limits of energy capacity, he said.

Read more of this story at Slashdot.

Average incomes will fall by almost a fifth within the next 26 years as a result of the climate crisis, according to a study that predicts the costs of damage will be six times higher than the price of limiting global heating to 2C. From a report: Rising temperatures, heavier rainfall and more frequent and intense extreme weather are projected to cause $38tn of destruction each year by mid-century, according to the research, which is the most comprehensive analysis of its type ever undertaken, and whose findings are published in the journal Nature. The hefty toll -- which is far higher than previous estimates -- is already locked into the world economy over the coming decades as a result of the enormous emissions that have been pumped into the atmosphere through the burning of gas, oil, coal and trees. This will inflict crippling losses on almost every country, with a disproportionately severe impact on those least responsible for climate disruption, further worsening inequality. The paper says the permanent average loss of income worldwide will be 19% by 2049. In the United States and Europe the reduction will be about 11%, while in Africa and south Asia it will be 22%, with some individual countries much higher than this. "It's devastating," said Leonie Wenz, a scientist at the Potsdam Institute for Climate Impact Research and one of the authors of the study. "I am used to my work not having a nice societal outcome, but I was surprised by how big the damages were. The inequality dimension was really shocking."

Read more of this story at Slashdot.

Pablo Escobar, the name of the late Colombian drug kingpin, can't be registered as a trademark in the European Union after judges said that approving his brother's bid would go against "principles of morality." From a report: The public "associate that name with drug trafficking and narco-terrorism and with the crimes and suffering resulting therefrom, rather than with his possible good deeds in favor of the poor in Colombia," the EU's General Court in Luxembourg said on Wednesday. Trademarking the name is "counter to the fundamental values and moral standards prevailing within Spanish society," the court said.

Read more of this story at Slashdot.

At Amazon's annual cloud conference in 2016, the company captured the crowd's attention by driving an 18-wheeler onstage. Andy Jassy, now Amazon's CEO, called it the Snowmobile, and said the company would be using the truck to help customers speedily transfer data to Amazon Web Services facilities. Less than eight years later, the semi is out of commission. From a report: As of March, AWS had removed Snowmobile from its website, and the Amazon unit has stopped offering the service, CNBC has confirmed. The webpage devoted to AWS' "Snow family" of products now directs users to its other data transport services, including the Snowball Edge, a 50-pound suitcase-sized device that can be equipped with fast solid-state drives, and the smaller Snowcone. An AWS spokesperson said in an emailed statement that the company has introduced more cost-effective options for moving data. Clients had to deal with power, cooling, networking, parking and security when they used the Snowmobile service, the spokesperson said.

Read more of this story at Slashdot.

404 Media: An online service is scraping Discord servers en masse, archiving and tracking users' messages and activity across servers including what voice channels they join, and then selling access to that data for as little as $5. Called Spy Pet, the service's creator says it scrapes more than ten thousand Discord servers, and besides selling access to anyone with cryptocurrency, is also offering the data for training AI models or to assist law enforcement agencies, according to its website. The news is not only a brazen abuse of Discord's platform, but also highlights that Discord messages may be more susceptible to monitoring than ordinary users assume. Typically, a Discord user's activity is spread across disparate servers, with no one entity, except Discord itself, able to see what messages someone has sent across the platform more broadly. With Spy Pet, third-parties including stalkers or potentially police can look up specific users and see what messages they've posted on various servers at once. "Have you ever wondered where your friend hangs out on Discord? Tired of basic search tools like Discord.id? Look no further!" Spy Pet's website reads. It claims to be tracking more than 14,000 servers, 600 million users, and includes a database of more than 3 billion messages.

Read more of this story at Slashdot.

Pavel Durov, the founder of Telegram messaging app, has accused tech giants Google and Apple of threatening to censor content on smartphones [YouTube link]. In an interview with Tucker Carlson, Durov claimed that these companies told Telegram to comply with their guidelines or face removal from their app stores. "Those two platforms, they could basically censor everything you can read, access on your smart phone," Durov said. With 900 million active users, Telegram is expected to cross the one billion mark within a year.

Read more of this story at Slashdot.

Dropbox cofounder and CEO Drew Houston said he views his employees like customers, and that means giving them what they want -- which isn't in-person work. From a report: "We will support however they want to gather," Houston said in a new interview with The Verge. "But we're finding that these retreats and off-sites and things like that are often a lot more effective than asking people to commute." Houston said other business leaders are making the wrong move by forcing employees back to the office. Many companies are pushing employees to return to office in a hybrid structure, including giants like Google, Apple, and Amazon. "They keep mashing the go back to 2019 button, and they see it's not working," Houston said in the interview, speaking generally about return-to-office mandates. "Then they just push harder, and then you have this really toxic relationship." He compared returning to the office to returning to movie theaters or malls. It may have been cool for a time and people might still occasionally want to watch a big movie like "Top Gun" at the cinema, he said, "but the world has moved on." The CEO said the reason it used to be so easy to get people to the office was because they didn't have a choice. A lot of CEOs today don't understand that flexibility wasn't an option in the past, Houston said.

Read more of this story at Slashdot.

Cloudflare, in a blog post: Key insights from the first quarter of 2024 include: 1. 2024 started with a bang. Cloudflare's defense systems automatically mitigated 4.5 million DDoS attacks during the first quarter -- representing a 50% year-over-year (YoY) increase. 2. DNS-based DDoS attacks increased by 80% YoY and remain the most prominent attack vector. 3. DDoS attacks on Sweden surged by 466% after its acceptance to the NATO alliance, mirroring the pattern observed during Finland's NATO accession in 2023. We've just wrapped up the first quarter of 2024, and, already, our automated defenses have mitigated 4.5 million DDoS attacks -- an amount equivalent to 32% of all the DDoS attacks we mitigated in 2023. Breaking it down to attack types, HTTP DDoS attacks increased by 93% YoY and 51% quarter-over-quarter (QoQ). Network-layer DDoS attacks, also known as L3/4 DDoS attacks, increased by 28% YoY and 5% QoQ. When comparing the combined number of HTTP DDoS attacks and L3/4 DDoS attacks, we can see that, overall, in the first quarter of 2024, the count increased by 50% YoY and 18% QoQ. In total, our systems mitigated 10.5 trillion HTTP DDoS attack requests in Q1. Our systems also mitigated over 59 petabytes of DDoS attack traffic -- just on the network-layer.

Read more of this story at Slashdot.

An anonymous reader quotes a report from The Register: In a Monday post, Broadcom CEO Hock Tan restated his belief that VMware's portfolio was too complex, and too poorly integrated, for the virtualization giant to represent true competition for hyperscale clouds. Broadcom's injection of R&D cash, he insisted, will see VMware's flagship Cloud Foundation suite evolve to become more powerful and easy to operate. He also admitted that customers aren't enjoying the ride. "As we roll out this strategy, we continue to learn from our customers on how best to prepare them for success by ensuring they always have the transition time and support they need," he wrote. "In particular, the subscription pricing model does involve a change in the timing of customers' expenditures and the balance of those expenditures between capital and operating spending." Customers also told Tan that "fast-moving change may require more time, so we have given support extensions to many customers who came up for renewal while these changes were rolling out." That's one of the changes -- Broadcom has previously not publicly suggested such extensions would be possible. "We have always been and remain ready to work with our customers on their specific concerns," Tan wrote. The other change is providing some ongoing security patches for VMware customers who persist with their perpetual licenses instead of shifting to Broadcom's subs. "We are announcing free access to zero-day security patches for supported versions of vSphere, and we'll add other VMware products over time," Tan wrote, describing the measure as aimed at ensuring that customers "whose maintenance and support contracts have expired and choose to not continue on one of our subscription offerings." The change means such customers "are able to use perpetual licenses in a safe and secure fashion."

Read more of this story at Slashdot.

The SEC has blocked third-party messaging apps and texts from employees' work phones, "bringing its own practices closer to the standards it's enforcing for the industry," reports Bloomberg. From the report: The SEC's decision to block disappearing-messaging apps will help improve record-keeping and address potential security vulnerabilities at the agency, which saw one of its social-media accounts compromised earlier this year. It follows about $3 billion in fines imposed on financial firms to settle allegations that they failed to keep adequate records of work-related communications on mobile devices and apps such as Signal and Meta's WhatsApp. The scrutiny prompted Wall Street to overhaul how employees communicate on business matters using mobile phones. Meanwhile, the SEC took a hard look at policies covering its own staff's communications on agency-issued phones. The agency has restricted access to third-party messaging applications, as well as SMS (short message service) and iMessage texts "to lower risk that our systems could be compromised and to enhance recordkeeping," an SEC spokeswoman said in an emailed statement. The process of blocking the apps began in September and has continued over the past several months, she added.

Read more of this story at Slashdot.

NASA has confirmed that a piece of metal that tore through a Florida home last month was space junk from the International Space Station. NBC News reports: The agency confirmed Monday that the 1.6-pound object was debris from a cargo pallet that had been intentionally released from the space station three years ago. The pallet, packed with aging batteries, was supposed to burn up harmlessly in Earth's atmosphere, but a piece survived -- the piece that smashed into a house in Naples, Florida, on March 8. WINK News, a CBS News affiliate in southwestern Florida, first reported the incident. Naples resident Alejandro Otero told the outlet that the object crashed through the roof and two floors of his home. Otero was not home at the time, he told WINK News, but the metal object nearly hit his son, who was two rooms away. In a blog post about the incident, NASA said it had analyzed the object at the Kennedy Space Center in Florida and confirmed that it was part of the equipment used to mount the batteries on the cargo pallet. The piece of space junk is roughly cylindrical in shape and is about 4-inches tall and 1.6-inches wide. NASA said agency staff studied the object's features and metal composition and matched it to the hardware that had been jettisoned from the space station in 2021. At that time, new lithium-ion batteries had recently been installed at the space station, so the old nickel hydrogen batteries were packed up for disposal. The space station's robotic arm released the 5,800-pound cargo pallet containing the batteries over the Pacific Ocean, as the outpost orbited 260 miles above the Earth's surface, according to NASA. NASA said it will perform a detailed investigation of the latest debris incident to determine how the object withstood the extreme trip through the atmosphere.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Wired: Dozens of Google employees began occupying company offices in New York City and Sunnyvale, California, on Tuesday in protest of the company's $1.2 billion contract providing cloud computing services to the Israeli government. The sit-in, organized by the activist group No Tech for Apartheid, is happening at Google Cloud CEO Thomas Kurian's office in Sunnyvale and the 10th floor commons of Google's New York office. The sit-in will be accompanied by outdoor protests at Google offices in New York, Sunnyvale, San Francisco, and Seattle beginning at 2 pm ET and 11 am PT. Tuesday's actions mark an escalation in a series of recent protests organized by tech workers who oppose their employer's relationship with the Israeli government, especially in light of Israel's ongoing assault on Gaza. Since Hamas killed about 1,100 Israelis on October 7, the IDF has killed more than 34,000 Palestinians. Just over a dozen people gathered outside Google's offices in New York and Sunnyvale on Tuesday. Among those in New York was Google cloud software engineer Eddie Hatfield, who was fired days after disrupting Google Israel's managing director at March's Mind The Tech, a company-sponsored conference focused on the Israeli tech industry, in early March. Several hours into the sit-ins on Tuesday, Google security began to accuse the workers of "trespassing" and disrupting work, prompting several people to leave while others vowed to remain until they were forced out. The 2021 contract, known as Project Nimbus, involves Google and Amazon jointly providing cloud computing infrastructure and services across branches of the Israeli government. Last week, Time reported that Google's work on Project Nimbus involves providing direct services to the Israel Defense Forces. [...] On March 4, more than600 other Googlers signed a petition opposing the company's sponsorship of the conference. After Hatfield was fired three days later, Google trust-and-safety-policy employee Vidana Abdel Khalek resigned from her position in opposition to Project Nimbus. Then, in late March, more than 300 Apple workers signed an open letter that alleged retaliation against workers who have expressed support for Palestinians, and urged company leadership to show public support for Palestinians. Hasan Ibraheem, a Google software engineer, is participating in the sit-in at his local Google office in New York. "This has really been a culmination of our efforts," he tells WIRED. Since joining No Tech for Apartheid in December, Ibraheem says, he has been participating in weekly "tabling" actions being held at Google office cafes in New York, Sunnyvale, San Francisco, and Mountain View, California. It involves holding a sign that says "Ask me about Project Nimbus" during lunch break, passing out flyers, and answering questions from coworkers. "It's actually shocking how many people at Google don't even know that this contract exists," Ibraheem says. "A lot of people who don't know about it, who then learn about it through us, are reasonably upset that this contract exists. They just didn't know that it existed beforehand."

Read more of this story at Slashdot.

State tax collectors, particularly in New York, have intensified their audit efforts on high earners, leveraging artificial intelligence to compensate for a reduced number of auditors. CNBC reports: In New York, the tax department reported 771,000 audits in 2022 (the latest year available), up 56% from the previous year, according to the state Department of Taxation and Finance. At the same time, the number of auditors in New York declined by 5% to under 200 due to tight budgets. So how is New York auditing more people with fewer auditors? Artificial Intelligence. "States are getting very sophisticated using AI to determine the best audit candidates," said Mark Klein, partner and chairman emeritus at Hodgson Russ LLP. "And guess what? When you're looking for revenue, it's not going to be the person making $10,000 a year. It's going to be the person making $10 million." Klein said the state is sending out hundreds of thousands of AI-generated letters looking for revenue. "It's like a fishing expedition," he said. Most of the letters and calls focused on two main areas: a change in tax residency and remote work. During Covid many of the wealthy moved from high-tax states like California, New York, New Jersey and Connecticut to low-tax states like Florida or Texas. High earners who moved, and took their tax dollars with them, are now being challenged by states who claim the moves weren't permanent or legitimate. Klein said state tax auditors and AI programs are examining cellphone records to see where the taxpayers spent most of their time and lived most of their lives. "New York is being very aggressive," he said.

Read more of this story at Slashdot.

Framework, the company known for designing and selling upgradeable, modular laptops, has struggled with providing up-to-date software for its products. Ars Technica's Andrew Cunningham spoke with CEO Nirav Patel to discuss how the company is working on fixing these issues. Longtime Slashdot reader snikulin shares the report: Driver bundles remain un-updated for years after their initial release. BIOS updates go through long and confusing beta processes, keeping users from getting feature improvements, bug fixes, and security updates. In its community support forums, Framework employees, including founder and CEO Nirav Patel, have acknowledged these issues and promised fixes but have remained inconsistent and vague about actual timelines. [...] Patel says Framework has taken steps to improve the update problem, but he admits that the team's initial approach -- supporting existing laptops while also trying to spin up firmware for upcoming launches -- wasn't working. "We started 12th-gen [Intel Framework Laptop] development, basically the 12th-gen team was also handling looking back at 11th-gen [Intel Framework Laptop] to do firmware updates there," Patel told Ars. "And it became clear, especially as we continued to add on more platforms, that just wasn't a sustainable path to proceed on." Part of the issue is that Framework relies on external companies to put together firmware updates. Some components are provided by Intel, AMD, and other chip companies to all PC companies that use their chips. Others are provided by Insyde, which writes UEFI firmware for Framework and others. And some are handled by Compal, the contract manufacturer that actually produces Framework's systems and has also designed and sold systems for most of the big-name PC companies. As far back as August 2023, Patel has written that the plan is to work with Compal and Insyde to hire dedicated staff to provide better firmware support for Framework laptops. However, the benefits of this arrangement have been slow to reach users. "[Compal] started recruiting on their side towards the end of last year," Patel told Ars. "And now, just at the beginning of this year, we've been able to get that whole team into place and start onboarding them. And especially after Lunar New Year, which is in early February, that team is now up and running at full speed." The goal, Patel says, is to continuously cycle through all of Framework's actively supported laptops, updating each of them one at a time before looping back around and starting the process over again. Functionality-breaking problems and security fixes will take precedence, while additional features and user requests will be lower-priority. ... snikulin adds: "As a recent Framework 13/AMD owner, I can confirm that it does not sleep properly on a default Windows 11 install. When I close the lid in the evening, the battery is dead the next morning. It's interesting to hear from Linus Sebastian (LTT) on the topic because he is a stakeholder in Framework."

Read more of this story at Slashdot.

spatwei shares a report from SC Magazine: Microsoft has discovered a new method to jailbreak large language model (LLM) artificial intelligence (AI) tools and shared its ongoing efforts to improve LLM safety and security in a blog post Thursday. Microsoft first revealed the "Crescendo" LLM jailbreak method in a paper published April 2, which describes how an attacker could send a series of seemingly benign prompts to gradually lead a chatbot, such as OpenAI's ChatGPT, Google's Gemini, Meta's LlaMA or Anthropic's Claude, to produce an output that would normally be filtered and refused by the LLM model. For example, rather than asking the chatbot how to make a Molotov cocktail, the attacker could first ask about the history of Molotov cocktails and then, referencing the LLM's previous outputs, follow up with questions about how they were made in the past. The Microsoft researchers reported that a successful attack could usually be completed in a chain of fewer than 10 interaction turns and some versions of the attack had a 100% success rate against the tested models. For example, when the attack is automated using a method the researchers called "Crescendomation," which leverages another LLM to generate and refine the jailbreak prompts, it achieved a 100% success convincing GPT 3.5, GPT-4, Gemini-Pro and LLaMA-2 70b to produce election-related misinformation and profanity-laced rants. Microsoft reported the Crescendo jailbreak vulnerabilities to the affected LLM providers and explained in its blog post last week how it has improved its LLM defenses against Crescendo and other attacks using new tools including its "AI Watchdog" and "AI Spotlight" features.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: Some net neutrality proponents are worried that soon-to-be-approved Federal Communications Commission rules will allow harmful fast lanes because the plan doesn't explicitly ban "positive" discrimination. FCC Chairwoman Jessica Rosenworcel's proposed rules for Internet service providers would prohibit blocking, throttling, and paid prioritization. The rules mirror the ones imposed by the FCC during the Obama era and repealed during Trump's presidency. But some advocates are criticizing a decision to let Internet service providers speed up certain types of applications as long as application providers don't have to pay for special treatment. Stanford Law Professor Barbara van Schewick, who has consistently argued for stricter net neutrality rules, wrote in a blog post on Thursday that "harmful 5G fast lanes are coming." "T-Mobile, AT&T and Verizon are all testing ways to create these 5G fast lanes for apps such as video conferencing, games, and video where the ISP chooses and controls what gets boosted," van Schewick wrote. "They use a technical feature in 5G called network slicing, where part of their radio spectrum gets used as a special lane for the chosen app or apps, separated from the usual Internet traffic. The FCC's draft order opens the door to these fast lanes, so long as the app provider isn't charged for them." In an FCC filing yesterday, AT&T said that carriers will use network slicing "to better meet the needs of particular business applications and consumer preferences than they could over a best-efforts network that generally treats all traffic the same." Van Schewick warns that carriers could charge consumers more for plans that speed up specific types of content. For example, a mobile operator could offer a basic plan alongside more expensive tiers that boost certain online games or a tier that boosts services like YouTube and TikTok. Ericsson, a telecommunications vendor that sells equipment to carriers including AT&T, Verizon, and T-Mobile, has pushed for exactly this type of service. In a report on how network slicing can be used commercially, Ericsson said that "many gamers are willing to pay for enhanced gaming experiences" and would "pay up to $10.99 more for a guaranteed gaming experience on top of their 5G monthly subscription."

Read more of this story at Slashdot.

According to Bloomberg's Mark Gurman, Apple's initial set of AI-related features in iOS 18 "will work entirely on device," and won't connect to cloud services. AppleInsider reports: In practice, these AI features would be able to function without an internet connection or any form of cloud-based processing. AppleInsider has received information from individuals familiar with the matter that suggest the report's claims are accurate. Apple is working on an in-house large language model, or LLM, known internally as "Ajax." While more advanced features will ultimately require an internet connection, basic text analysis and response generation features should be available offline. [...] Apple will reveal its AI plans during WWDC, which starts on June 10.

Read more of this story at Slashdot.

Richard Currie reports via The Register: A simple misclick at a London law firm led to a surprise divorce for an unsuspecting couple. An employee at Vardags, self-described specialists in high-net-worth marital breakdowns, opened the wrong file when applying for a divorce in His Majesty's Courts and Tribunals Service (HMCTS) online portal. With a click more potent than Cupid's arrow, the solicitor "issued a final order of divorce in proceedings between Mrs Williams, the applicant wife, and Mr Williams," court papers [PDF] say. The digital slip occurred on October 3, and thanks to the system's "now customary speed," as described by Judge Sir Andrew McFarlane, President of the Family Division, marital bonds were finally and totally severed in a mere 21 minutes, less time than most couples spend arguing over what to watch on Netflix. When Vardags realized the blunder two days later, it scrambled to reverse the order. The application was made "without notice to the Husband's solicitors -- the Wife's solicitors considered at the time that this was the correct approach given that the Final Order itself had been made without notice." In the ensuing legal melee, Mr Williams, previously unaware of his sudden single status, received a letter sent by HMCTS the same day as the accidental divorce, stating that he was no longer married. But it was not until October 11, a week later, that he was formally informed of his bachelorhood by his ex-wife's solicitors. Meanwhile, his solicitors entered the fray, demanding that the case be brought before the President of the Family Division to sort out this matrimonial muddle.

Read more of this story at Slashdot.

An anonymous reader quotes a report from NPR: An owl. A sharky looking bullet. The Hindu deity Ganesh. The Yin and Yang sign. All painstakingly selected and etched onto a microchip that measures about an inch square. Each microscopic silicon doodle was the handiwork of engineers at Qualcomm Incorporated, a San Diego-based company that creates wireless technology-related products and services. The engineers slipped the drawings into Qualcomm's Q1650 data decoder with care not to disturb any of the chip's functions. They were purposeless etchings, never meant to be uncovered. These doodles, also known as silicon art, chip graffiti or chip art, and dozens others like it, are remnants of tech history -- from Silicon Valley's infancy to the early 2000s -- when innovation was rapid fire and the tech still had a very human touch. Engineers would add the sketches to their microchip designs in the techie equivalent of signing their artwork. They'd etch them on chips that may end up in your cellphone, laptop or calculator. They spent hours crafting them, even though they were frowned upon by those in the C Suite. The existence of these doodles came to light decades ago, but social media is discovering them anew. And there is now a small but determined group of online hobbyists working to keep that history alive. They are still cataloguing the miniscule drawings -- many smaller than the width of a human hair and can't be seen without a microscope. These devotees post glossy videos of themselves shucking chips like oysters to see their iridescent insides and the itsy bitsy sketches that may be hidden on them. And they are eagerly saving them from the scrap heap.

Read more of this story at Slashdot.

Creating a sexually explicit "deepfake" image is to be made an offence under a new law in the UK, the Ministry of Justice has announced. The Guardian: Under the legislation, anyone who creates such an image without consent will face a criminal record and an unlimited fine. They could also face jail if the image is shared more widely. The creation of a deepfake image will be an offence regardless of whether the creator intended to share it, the department said. The Online Safety Act, introduced last year, has already criminalised the sharing of deepfake intimate images, whose creation is being facilitated by advances in artificial intelligence. The offence will be introduced through an amendment to the criminal justice bill, which is making its way through parliament. Laura Farris, the minister for victims and safeguarding, said the creation of deepfake sexual images was "unacceptable irrespective of whether the image is shared."

Read more of this story at Slashdot.

A crypto wallet maker claimed this week that hackers may be targeting people with an iMessage "zero-day" exploit -- but all signs point to an exaggerated threat, if not a downright scam. From a report: Trust Wallet's official X (previously Twitter) account wrote that "we have credible intel regarding a high-risk zero-day exploit targeting iMessage on the Dark Web. This can infiltrate your iPhone without clicking any link. High-value targets are likely. Each use raises detection risk." The wallet maker recommended iPhone users to turn off iMessage completely "until Apple patches this," even though no evidence shows that "this" exists at all. The tweet went viral, and has been viewed over 3.6 million times as of our publication. Because of the attention the post received, Trust Wallet hours later wrote a follow-up post. The wallet maker doubled down on its decision to go public, saying that it "actively communicates any potential threats and risks to the community."

Read more of this story at Slashdot.

The United States Senate is poised to vote on legislation this week that, for the next two years at least, could dramatically expand the number of businesses that the US government can force to eavesdrop on Americans without a warrant. From a report: Some of the nation's top legal experts on a controversial US spy program argue that the legislation, known as the Reforming Intelligence and Securing America Act (RISAA), would enhance the US government's spy powers, forcing a variety of new businesses to secretly eavesdrop on Americans' overseas calls, texts, and email messages. Those experts include a handful of attorneys who've had the rare opportunity to appear before the US government's secret surveillance court. The Section 702 program, authorized under the Foreign Intelligence Surveillance Act, or FISA, was established more than a decade ago to legalize the government's practice of forcing major telecommunications companies to eavesdrop on overseas calls in the wake of the September 11, 2001, terrorist attacks. On the one hand, the government claims that the program is designed to exclusively target foreign citizens who are physically located abroad; on the other, the government has fiercely defended its ability to access wiretaps of Americans' emails and phone conversations, often years after the fact and in cases unrelated to the reasons the wiretaps were ordered in the first place. The 702 program works by compelling the cooperation of US businesses defined by the government as "electronic communications service providers" -- traditionally phone and email providers such as AT&T and Google. Members of the House Intelligence Committee, whose leaders today largely serve as lobbyists for the US intelligence community in Congress, have been working to expand the definition of that term, enabling the government to force new categories of businesses to eavesdrop on the government's behalf.

Read more of this story at Slashdot.

UnitedHealth, parent company of ransomware-besieged Change Healthcare, says the total costs of tending to the February cyberattack for the first calendar quarter of 2024 currently stands at $872 million. From a report: That's on top of the amount in advance funding and interest-free loans UnitedHealth provided to support care providers reeling from the disruption, a sum said to be north of $6 billion. In its results for the quarter ended March 31, filed today, UnitedHealth stated that the total impact on the company from the attack in Q1 was $0.74 per share, which is expected to rise to a sum between $1.15 and $1.35 per share by the end of the year. The remediation efforts spent on the attack are ongoing, so the total costs related to business disruption and repairs are likely to exceed $1 billion over time, potentially including the reported $22 million payment made to the ALPHV/BlackCat-affiliated criminals behind the attack. It's a charge that eclipsed that of casino group MGM, which didn't pay a ransom following an attack on its systems last year, and which faces recovery costs of $100 million to rebuild its systems and paying for the fallout from outages, operational disruptions, allegedly leaked data and more.

Read more of this story at Slashdot.

Apple is opening up web distribution for iOS apps targeting users in the European Union starting Tuesday. Developers who opt in -- and who meet Apple's criteria, including app notarization requirements -- will be able to offer iPhone apps for direct download to EU users from their own websites. From a report: It's a massive change for a mobile ecosystem that otherwise bars so-called "sideloading." Apple's walled garden stance has enabled it to funnel essentially all iOS developer revenue through its own App Store in the past. But, in the EU, that moat is being dismantled as a result of new regulations that apply to the App Store and which the iPhone maker has been expected to comply with since early last month. In March, Apple announced that a web distribution entitlement would soon be coming to its mobile platform as part of changes aimed at complying with the bloc's Digital Markets Act (DMA). The pan-EU regulation puts a set of obligations on in-scope tech giants that lawmakers hope will level the competitive playing field for platforms' business users, as well as protecting consumers from Big Tech throwing its weight around.

Read more of this story at Slashdot.

The Justice Department is preparing to sue Live Nation as soon as next month [non-paywalled link], an antitrust challenge that could spur major changes at the biggest name in concert promotion and ticketing. WSJ: The agency is preparing to file an antitrust lawsuit against the Ticketmaster parent in the coming weeks that would allege the nation's biggest concert promoter has leveraged its dominance in a way that undermined competition for ticketing live events, according to people familiar with the matter. The specific claims the department would allege couldn't be learned. The federal government opted out of trying to block Live Nation and Ticketmaster's 2010 tie up. Since then, the company has faced accusations of exorbitant ticket fees, flawed customer service and anticompetitive practices from lawmakers, regulators and state attorneys general. Critics of the merger say it has stifled competition in ticketing and that the company should be broken up. Live Nation's size and power in concert promotion, ticketing and venues are at the heart of a Justice Department investigation that began in 2022. The investigation gained momentum in November 2022 after Ticketmaster crashed during a fan presale to Taylor Swift's "Eras Tour."

Read more of this story at Slashdot.

Robotics firm Boston Dynamics, owned by Hyundai, has retired its humanoid robot Atlas after a decade, despite significant funding pouring into the category. TechCrunch adds: Boston Dynamics has been focused on commercializing technologies for a number of years now. Hyundai's 2021 acquisition of the firm, coupled with the appointment of Rob Playter as its second-ever CEO, has further accelerated that path. Given the tremendous interest around companies like Agility, Figure, 1X and Apptronik, it stands to reason that -- at the very least -- the Waltham, Massachusetts-based company has -- at the very least -- seriously explored the commercial humanoid category. Boston Dynamics was, of course, well ahead of the current humanoid robotics curve. Last July marked the 10th anniversary of the bipedal robot's debut. The company teamed with DARPA for Atlas' early development, leading the robot to be heavily incorporated into challenges of the era.

Read more of this story at Slashdot.

Microsoft's Beijing-based research group published a new open source AI model on Tuesday, only to remove it from the internet hours later after the company realized that the model hadn't gone through adequate safety testing. From a report: The team that published the model, which is comprised of China-based researchers in Microsoft Research Asia, said in a tweet on Tuesday that they "accidentally missed" the safety testing step that Microsoft requires before models can be published. Microsoft's AI policies require that before any AI models can be published, they must be approved by the company's Deployment Safety Board, which tests whether the models can carry out harmful tasks such as creating violent or disturbing content, according to an employee familiar with the process. In a now-deleted blog post, the researchers behind the model, dubbed WizardLM-2, said that it could carry out tasks like generating text, suggesting code, translating between different languages, or solving some math problems.

Read more of this story at Slashdot.

Film data researcher Stepehen, writing on his blog: This may surprise some, but since 2000, just over half of all movies released have been original screenplays. The most common source for adapted screenplays was real-life events, accounting for almost a fifth of movies made between 2000 and 2023. (Typically, in these cases, the filmmakers will have paid for the rights to a nonfiction book or two that covered those events, but we will classify that as 'based on real-life events' in this analysis.) Other sources include fictional books/articles (8.9%), previous movies (11.8%), stage productions (including plays, musicals, and dance performances) (1.5%), and TV/Web shows (0.9%). In the chart below, 'Other' includes myths, legends, poems, songs, games, toys, and more. How has this changed over the years? Forty years ago, about the same proportion of movies being made were original screenplays as they are today. That's quite surprising -- both because I assume that many people expected it to be lower in recent years, but also because little stays the same in the film industry over such a long period of time. But when we look at a time series by year, we can see that it hadn't plateaued. During the late 1990s and 2000s, original screenplays declined markedly and only rose again in the 2010s.

Read more of this story at Slashdot.

SonicSpike shares a report: The quest to return rock materials from Mars to Earth to see if they contain traces of past life is going to go through a major overhaul. The US space agency says the current mission design can't return the samples before 2040 on the existing funds and the more realistic $11bn needed to make it happen is not sustainable. Nasa is going to canvas for cheaper, faster "out of the box" ideas. It hopes to have a solution on the drawing board later in the year. Returning rock samples from Mars is regarded as the single most important priority in planetary exploration, and has been for decades. Just as the Moon rocks brought home by Apollo astronauts revolutionised our understanding of early Solar System history, so materials from the Red Planet are likely to recast our thinking on the possibilities for life beyond Earth.

Read more of this story at Slashdot.

China's Baidu says its AI chatbot "Ernie Bot" has amassed more than 200 million users as it seeks to remain China's most popular ChatGPT-like chatbot amid increasingly fierce competition. From a report: The number of users has roughly doubled since the company's last update in December. The chatbot was released to the public eight months ago. Baidu CEO Robin Li also said Ernie Bot's API is being used 200 million times everyday, meaning the chatbot was requested by its user to conduct tasks that many times a day. The number of enterprise clients for the chatbot reached 85,000, Li said at a conference in Shenzhen.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: Federal prosecutors indicted a Nebraska man on charges he perpetrated a cryptojacking scheme that defrauded two cloud providers -- one based in Seattle and the other in Redmond, Washington -- out of $3.5 million. The indictment, filed in US District Court for the Eastern District of New York and unsealed on Monday, charges Charles O. Parks III -- 45 of Omaha, Nebraska -- with wire fraud, money laundering, and engaging in unlawful monetary transactions in connection with the scheme. Parks has yet to enter a plea and is scheduled to make an initial appearance in federal court in Omaha on Tuesday. Parks was arrested last Friday. Prosecutors allege that Parks defrauded "two well-known providers of cloud computing services" of more than $3.5 million in computing resources to mine cryptocurrency. The indictment says the activity was in furtherance of a cryptojacking scheme, a term for crimes that generate digital coin through the acquisition of computing resources and electricity of others through fraud, hacking, or other illegal means. Details laid out in the indictment underscore the failed economics involved in the mining of most cryptocurrencies. The $3.5 million of computing resources yielded roughly $1 million worth of cryptocurrency. In the process, massive amounts of energy were consumed. [...] Prosecutors didn't say precisely how Parks was able to trick the providers into giving him elevated services, deferring unpaid payments, or failing to discover the allegedly fraudulent behavior. They also didn't identify either of the cloud providers by name. Based on the details, however, they are almost certainly Amazon Web Services and Microsoft Azure. If convicted on all charges, Parks faces as much as 30 years in prison.

Read more of this story at Slashdot.

YouTube has updated its policies to no longer allow "third-party apps to turn off ads." The Verge reports: This appears to target mobile ad blockers like AdGuard, which lets you open YouTube within the ad blocking app, where you'll get to view videos interruption-free. "We only allow third-party apps to use our API when they follow our API Services Terms of Service," YouTube says. "When we find an app that violates these terms, we will take appropriate action to protect our platform, creators, and viewers." To get around this, YouTube once again suggests signing up for the ad-free YouTube Premium.

Read more of this story at Slashdot.

The National Oceanic and Atmospheric Administration on Monday declared that Earth is in the midst of a "4th global coral bleaching event" that's been documented over the last 14 months in every major ocean basin, including off Florida in the United States, in Australia's Great Barrier Reef and in the South Pacific. "As the world's oceans continue to warm, coral bleaching is becoming more frequent and severe," said Derek Manzello, a coral reef ecologist who coordinates NOAA's Coral Reef Watch Program, in a news release. "When these events are sufficiently severe or prolonged, they can cause coral mortality, which hurts the people who depend on the coral reefs for their livelihoods." NBC News reports: Corals are critical ecosystems that support a vast array of fish and aquatic species, which help feed coastal communities and attract tourists. The economic value of reefs is estimated at $2.7 trillion per year, according to a 2020 report from the Global Coral Reef Monitoring Network. "They protect our coastline. They offer protection from storms and hurricanes. They have a great value for our economy and safety," [Ana Palacio, an assistant scientist at the Cooperative Institute for Marine and Atmospheric Studies, a research institute that is based at the University of Miami in partnership with NOAA] said. In Florida, as sea surface temperatures spiked, bleaching started early in the season, experts said. "Normally, bleaching will be observed in the Northern Hemisphere around August and September. We started to observe bleaching in July last year," said Phanor Montoya-Maya, a marine biologist with the Coral Restoration Foundation, an organization that collects, restores and repopulates corals. Palacio said the region saw widespread mortality of elkhorn and staghorn corals, two species that have been the focus of restoration efforts. "In some locations, about 20% of those populations survived," Palacio said of restored corals. "We're concentrating our hope on why those corals survived and what they can tell us about resistance and how corals can be more resilient." The last global coral bleaching event happened in 2014 and lasted until 2017. More than 56% of global reef areas saw temperatures that could cause bleaching during that time period. In an email on Monday, Manzello said that 54% of the world's coral reef areas had experienced bleaching-level heat stress in the past year and that the event was poised to become the worst bleaching event in history. "The percentage of reef areas experiencing bleaching-level heat stress has been increasing by roughly 1% per week," Manzello said. "It is likely that this event will surpass the previous peak." Montoya-Maya said a bleaching alert is already in effect in Florida, even earlier than last year. He said the Coral Restoration Foundation was preparing for a busy summer responding to another bleaching event. The natural pattern of El Nino has begun to dissipate and NOAA's Climate Prediction Center estimates there is a 60% chance La Niaa develops this summer, which could help cool Atlantic waters and allow some corals to recover, at least temporarily.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Electrek: In a major clean energy benchmark, wind, solar, and hydro exceeded 100% of demand on California's main grid for 30 of the past 38 days. Stanford University professor of civil and environmental engineering Mark Z. Jacobson has been tracking California's renewables performance, and he shares his findings on Twitter (X) when the state breaks records. Jacobson notes that supply exceeds demand for "0.25-6 h per day," and that's an important fact. The continuity lies not in renewables running the grid for the entire day but in the fact that it's happening on a consistent daily basis, which has never been achieved before. At the two-week record mark, Ian Magruder at Rewiring America made this great point on LinkedIn: "And what makes it even better is that California has the largest grid-connected battery storage facility in the world (came online in January ...), meaning those batteries were filling up with excess energy from the sun all afternoon today and are now deploying as we speak to offset a good chunk of the methane gas generation that California still uses overnight." On April 2, the California Independent System Operator (ISO) recommended 26 new transmission projects worth $6.1 billion, with a big number being devoted to offshore wind. In response, Jacobson predicted on April 4 that California will entirely be on renewables and battery storage 24/7 by 2035.

Read more of this story at Slashdot.

T-Mobile employees from around the country are reportedly receiving text messages offering them cash in exchange for swapping SIMs. SIM swapping is when cybercriminals trick a cellular service provider into switching a victim's service to a SIM card that they control, essentially hijacking the victim's phone number and gaining access to two-factor authentication codes. From the Mobile Report: The texts offer the employee $300 per SIM swap, and asks the worker to contact them on telegram. The texts all come from a variety of different numbers across multiple area codes, making it more difficult to block. The text also claims they acquired the employee's number "from the T-Mo employee directory." If true, it could mean T-Mobile's employee directory, with contact numbers, has somehow been accessed. It's also possible the bad actor has live/current access to this data, though we consider that less likely due to the fact that some impacted people are former employees who have not worked at the company in months. Still, the biggest issue here is how this person (or multiple people) obtained the employee phone numbers. We're not sure yet which employees are impacted, but based on comments online it seems at least a few third-party employees are affected, and we've independently confirmed current corporate employees have also received the message. Though we can't say for certain, this likely means the information is not the same data as what was leaked during the Connectivity Source breach [from September]. We can't, however, eliminate that possibility. As mentioned, there are reports that some of the contacted people are former employees, and haven't been employed at T-Mobile for months, so the information being acted upon is likely a few months old at the very least. That being said, we're pretty confident based on corporate employees being included that this is a different source of data being used.

Read more of this story at Slashdot.

Meta plans to "temporarily" shut down Threads in Turkey from April 29, in response to an interim injunction prohibiting data sharing with Instagram. TechCrunch reports: The Turkish Competition Authority (TCA), known as Rekabet Kurumu, noted on March 18 that its investigations found that Meta was abusing its dominant market position by combining the data of users who create Threads profiles with that of their Instagram account -- without giving users the choice to opt in. [...] In the buildup to April 29, everyone using Threads in Turkey will receive a notification about the impending closure, and they will be given a choice to either delete or deactivate their profile. The latter of these options means a user's profile can be resurrected when and if Threads is available in the country again. "We disagree with the interim order, we believe we are in compliance with all Turkish legal requirements, and we will appeal," Meta wrote in the blog post today. "The TCA's interim order leaves us with no choice but to temporarily shut down Threads in Turkiye. We will continue to constructively engage with the TCA and hope to bring Threads back to people in Turkiye as quickly as possible."

Read more of this story at Slashdot.

Adobe is using its Firefly machine learning model to bring generative AI video tools to Premiere Pro. "These new Firefly tools -- alongside some proposed third-party integrations with Runway, Pika Labs, and OpenAI's Sora models -- will allow Premiere Pro users to generate video and add or remove objects using text prompts (just like Photoshop's Generative Fill feature) and extend the length of video clips," reports The Verge. From the report: Unlike many of Adobe's previous Firefly-related announcements, no release date -- beta or otherwise -- has been established for the company's new video generation tools, only that they'll roll out "this year." And while the creative software giant showcased what its own video model is currently capable of in an early video demo, its plans to integrate Premiere Pro with AI models from other providers isn't a certainty. Adobe instead calls the third-party AI integrations in its video preview an "early exploration" of what these may look like "in the future." The idea is to provide Premiere Pro users with more choice, according to Adobe, allowing them to use models like Pika to extend shots or Sora or Runway AI when generating B-roll for their projects. Adobe also says its Content Credentials labels can be applied to these generated clips to identify which AI models have been used to generate them.

Read more of this story at Slashdot.

An anonymous reader quotes a report from the Washington Post: The Biden administration marked the close of tax season Monday by announcing it had met a modest goal of getting at least 100,000 taxpayers to file through the Internal Revenue Service's new tax software, Direct File -- an alternative to commercial tax preparers. Although the government had billed Direct File as a small-scale pilot, it still represents one of the most significant experiments in tax filing in decades -- a free platform letting Americans file online directly to the government. Monday's announcement aside, though, Direct File's success has proven highly subjective. By and large, people who tried the Direct File software -- which looks a lot like TurboTax or other commercial tax software, with its question-and-answer format -- gave it rave reviews. "Against all odds, the government has created an actually good piece of technology," a writer for the Atlantic marveled, describing himself as "giddy" as he used the website to chat live with a helpful IRS employee. The Post's Tech Friend columnist Shira Ovide called it "visible proof that government websites don't have to stink." Online, people tweeted praise after filing their taxes, like the user who called it the "easiest tax experience of my life." While the users might be a happy group, however, there weren't many of them compared to other tax filing options -- and their positive reviews likely won't budge the opposition that Direct File has faced from tax software companies and Republicans from the outset. These headwinds will likely continue if the IRS wants to renew it for another tax season. The program opened to the public midway through tax season, when many low-income filers had already claimed their refunds -- and was restricted to taxpayers in 12 states, with only four types of income (wages, interest, Social Security and unemployment). But it gained popularity as tax season went on: The Treasury Department said more than half of the total users of Direct File completed their returns during the last week.

Read more of this story at Slashdot.

Roku has made two-factor authentication (2FA) mandatory for all users following two credential stuffing attacks that compromised approximately 591,000 customer accounts and led to unauthorized purchases in fewer than 400 cases. The Register reports: Credential stuffing and password spraying are both fairly similar types of brute force attacks, but the former uses known pairs of credentials (usernames and passwords). The latter simply spams common passwords at known usernames in the hope one of them leads to an authenticated session. "There is no indication that Roku was the source of the account credentials used in these attacks or that Roku's systems were compromised in either incident," it said in an update to customers. "Rather, it is likely that login credentials used in these attacks were taken from another source, like another online account, where the affected users may have used the same credentials." All accounts now require 2FA to be implemented, whether they were affected by the wave of compromises or not. Roku has more than 80 million active accounts, so only a minority were affected, and these have all been issued mandatory password resets. Compromised or not, all users are encouraged to create a strong, unique password for their accounts, consisting of at least eight characters, including a mix of numbers, symbols, and letter cases. [...] Roku also asked users to remain vigilant to suspicious activity regarding its service, such as phishing emails or clicking on dodgy links to rest passwords -- the usual stuff. "In closing, we sincerely regret that these incidents occurred and any disruption they may have caused," it said. "Your account security is a top priority, and we are committed to protecting your Roku account."

Read more of this story at Slashdot.

Michael Larabel reports via Phoronix: Within yesterday's Linux 6.9-rc4 release is an interesting little nugget by Linus Torvalds to battle Kconfig parsers that can't correctly handle tabs but rather just assume spaces for whitespace for this kernel configuration format. Due to a patch having been queued last week to replace a tab with a space character in the kernel tracing Kconfig file, Linus Torvalds decided to take matters into his own hand for Kconfig parsers that can't deal with tabs... Torvalds authored a patch to intentionally add some tabs of his own into Kconfig for throwing off any out-of-tree/third-party parsers that can't correctly handle them. Torvalds added these intentional hidden tabs to the common Kconfig file for handling page sizes for the kernel. Thus sure to cause dramatic and noticeable breakage for any parsers not having tabs correctly.

Read more of this story at Slashdot.

An anonymous reader quotes a report from TechCrunch: Dropout's Dungeons & Dragons actual play show, Dimension 20, is getting pretty close to selling out a 19,000-seat venue just hours after ticket sales opened to the general public. To the uninitiated, it may seem absurd to go to a massive sports arena and watch people play D&D. As one Redditor commented, "This boggles my mind. When I was playing D&D in the early eighties, I would have never believed that there was a future where people would watch live D&D at Madison Square Garden. It's incomprehensible to me." It is indeed bizarre, albeit fun. But in this monumental moment for the actual play genre, the triumph is eclipsed by the biggest frustration that links sports, music and now D&D fans: Ticketmaster. As Federal Trade Commission chair Lina Khan said amid the Taylor Swift-Ticketmaster scandal, the company's failures "ended up converting more Gen Zers into anti-monopolists overnight than anything [she] could have done." In the case of Taylor Swift's Eras tour, fans were upset because demand was so high that Ticketmaster's system couldn't handle the traffic. For Dimension 20, the culprit is Ticketmaster's dynamic pricing. As more people try to buy tickets, the price of the tickets increase. About an hour after the Madison Square Garden tickets went on sale, the few dozen upper bowl tickets left were $800. Three hours after, these tickets are around $330, which is still very inflated. "Went onto the presale, tickets were $500+ for the worst ones, we assumed they were scalpers and that the actual sale today would have normal priced tickets $2000 for the lower bowl!? I know it's not dropout setting the price but wow is that a LOT of cash," a Redditor posted. And as a commenter astutely pointed out, thanks to dynamic pricing, Ticketmaster itself is actually the scalper. Of course, Dimension 20 fans are frustrated, especially since the show's content is overtly anti-capitalist. Despite the pricing debacle, the demand for the show is a great sign for both actual play shows and the creator economy at large.

Read more of this story at Slashdot.

The U.S. government is warning that smart locks securing entry to an estimated 50,000 dwellings nationwide contain hard-coded credentials that can be used to remotely open any of the locks. Krebs on SecurityL: The lock's maker Chirp Systems remains unresponsive, even though it was first notified about the critical weakness in March 2021. Meanwhile, Chirp's parent company, RealPage, Inc., is being sued by multiple U.S. states for allegedly colluding with landlords to illegally raise rents. On March 7, 2024, the U.S. Cybersecurity & Infrastructure Security Agency (CISA) warned about a remotely exploitable vulnerability with "low attack complexity" in Chirp Systems smart locks. "Chirp Access improperly stores credentials within its source code, potentially exposing sensitive information to unauthorized access," CISA's alert warned, assigning the bug a CVSS (badness) rating of 9.1 (out of a possible 10). "Chirp Systems has not responded to requests to work with CISA to mitigate this vulnerability." Matt Brown, the researcher CISA credits with reporting the flaw, is a senior systems development engineer at Amazon Web Services. Brown said he discovered the weakness and reported it to Chirp in March 2021, after the company that manages his apartment building started using Chirp smart locks and told everyone to install Chirp's app to get in and out of their apartments.

Read more of this story at Slashdot.

Top takeaways from Stanford's new AI Index Report [PDF]: 1. AI beats humans on some tasks, but not on all. AI has surpassed human performance on several benchmarks, including some in image classification, visual reasoning, and English understanding. Yet it trails behind on more complex tasks like competition-level mathematics, visual commonsense reasoning and planning. 2. Industry continues to dominate frontier AI research. In 2023, industry produced 51 notable machine learning models, while academia contributed only 15. There were also 21 notable models resulting from industry-academia collaborations in 2023, a new high. 3. Frontier models get way more expensive. According to AI Index estimates, the training costs of state-of-the-art AI models have reached unprecedented levels. For example, OpenAI's GPT-4 used an estimated $78 million worth of compute to train, while Google's Gemini Ultra cost $191 million for compute. 4. The United States leads China, the EU, and the U.K. as the leading source of top AI models. In 2023, 61 notable AI models originated from U.S.-based institutions, far outpacing the European Union's 21 and China's 15. 5. Robust and standardized evaluations for LLM responsibility are seriously lacking. New research from the AI Index reveals a significant lack of standardization in responsible AI reporting. Leading developers, including OpenAI, Google, and Anthropic, primarily test their models against different responsible AI benchmarks. This practice complicates efforts to systematically compare the risks and limitations of top AI models. 6. Generative AI investment skyrockets. Despite a decline in overall AI private investment last year, funding for generative AI surged, nearly octupling from 2022 to reach $25.2 billion. Major players in the generative AI space, including OpenAI, Anthropic, Hugging Face, and Inflection, reported substantial fundraising rounds. 7. The data is in: AI makes workers more productive and leads to higher quality work. In 2023, several studies assessed AI's impact on labor, suggesting that AI enables workers to complete tasks more quickly and to improve the quality of their output. These studies also demonstrated AI's potential to bridge the skill gap between low- and high-skilled workers. Still, other studies caution that using AI without proper oversight can lead to diminished performance. 8. Scientific progress accelerates even further, thanks to AI. In 2022, AI began to advance scientific discovery. 2023, however, saw the launch of even more significant science-related AI applications -- from AlphaDev, which makes algorithmic sorting more efficient, to GNoME, which facilitates the process of materials discovery. 9. The number of AI regulations in the United States sharply increases. The number of AIrelated regulations in the U.S. has risen significantly in the past year and over the last five years. In 2023, there were 25 AI-related regulations, up from just one in 2016. Last year alone, the total number of AI-related regulations grew by 56.3%. 10. People across the globe are more cognizant of AI's potential impact -- and more nervous. A survey from Ipsos shows that, over the last year, the proportion of those who think AI will dramatically affect their lives in the next three to five years has increased from 60% to 66%. Moreover, 52% express nervousness toward AI products and services, marking a 13 percentage point rise from 2022. In America, Pew data suggests that 52% of Americans report feeling more concerned than excited about AI, rising from 37% in 2022.

Read more of this story at Slashdot.