'Who Needs Rust's Borrow-Checking Compiler Nanny? C++ Devs Aren't Helpless'
"When Rust developers think of us C++ folks, they picture a cursed bloodline," writes professional game developer Mamadou Babaei (also a *nix enthusiast who contributes to the FreeBSD Ports collection). "To them, every line of C++ we write is like playing Russian Roulette — except all six chambers are loaded with undefined behavior."
But you know what? We don't need a compiler nanny. No borrow checker. No lifetimes. No ownership models. No black magic. Not even Valgrind is required. Just raw pointers, raw determination, and a bit of questionable sanity.
He's created a video on "how to hunt down memory leaks like you were born with a pointer in one hand and a debugger in the other." (It involves using a memory leak tracker — specifically, Visual Studio's _CrtDumpMemoryLeaks, which according to its documentation "dumps all the memory blocks in the debug heap when a memory leak has occurred," identifying the offending lines and pointers.)
"If that sounds unreasonably dangerous — and incredibly fun... let's dive into the deep end of the heap."
"The method is so easy, it renders Rust's memory model (lifetimes, ownership) and the borrow checker useless!" writes Slashdot reader NuLL3rr0r. Does anybody agree with him? Share your own experiences and reactions in the comments.
And how do you feel about Rust's "borrow-checking compiler nanny"?
at Slashdot.
Chinese Hackers Exploit SAP NetWeaver RCE Flaw
"A China-linked unnamed threat actor dubbed Chaya_004 has been observed exploiting a recently disclosed security flaw in SAP NetWeaver," reports The Hacker News:
Forescout Vedere Labs, in a report published Thursday, said it uncovered a malicious infrastructure likely associated with the hacking group weaponizing CVE-2025-31324 (CVSS score: 10.0) since April 29, 2025. CVE-2025-31324 refers to a critical SAP NetWeaver flaw that allows attackers to achieve remote code execution (RCE) by uploading web shells through a susceptible "/developmentserver/metadatauploader" endpoint.
The vulnerability was first flagged by ReliaQuest late last month when it found the shortcoming being abused in real-world attacks by unknown threat actors to drop web shells and the Brute Ratel C4 post-exploitation framework. According to [SAP cybersecurity firm] Onapsis, hundreds of SAP systems globally have fallen victim to attacks spanning industries and geographies, including energy and utilities, manufacturing, media and entertainment, oil and gas, pharmaceuticals, retail, and government organizations. Onapsis said it observed reconnaissance activity that involved "testing with specific payloads against this vulnerability" against its honeypots as far back as January 20, 2025. Successful compromises in deploying web shells were observed between March 14 and March 31.
"In recent days, multiple threat actors are said to have jumped aboard the exploitation bandwagon to opportunistically target vulnerable systems to deploy web shells and even mine cryptocurrency..."
Thanks to Slashdot reader bleedingobvious for sharing the news.
at Slashdot.
What Happens If AI Coding Keeps Improving?
Fast Company's "AI Decoded" newsletter makes the case that the first "killer app" for generative AI... is coding.
Tools like Cursor and Windsurf can now complete software projects with minimal input or oversight from human engineers... Naveen Rao, chief AI officer at Databricks, estimates that coding accounts for half of all large language model usage today. A 2024 GitHub survey found that over 97% of developers have used AI coding tools at work, with 30% to 40% of organizations actively encouraging their adoption.... Microsoft CEO Satya Nadella recently said AI now writes up to 30% of the company's code. Google CEO Sundar Pichai echoed that sentiment, noting more than 30% of new code at Google is AI-generated.
The soaring valuations of AI coding startups underscore the momentum. Anysphere's Cursor just raised $900 million at a $9 billion valuation — up from $2.5 billion earlier this year. Meanwhile, OpenAI acquired Windsurf (formerly Codeium) for $3 billion. And the tools are improving fast. OpenAI's chief product officer, Kevin Weil, explained in a recent interview that just five months ago, the company's best model ranked around one-millionth on a well-known benchmark for competitive coders — not great, but still in the top two or three percentile. Today, OpenAI's top model, o3, ranks as the 175th best competitive coder in the world on that same test. The rapid leap in performance suggests an AI coding assistant could soon claim the number-one spot. "Forever after that point computers will be better than humans at writing code," he said...
Google DeepMind research scientist Nikolay Savinov said in a recent interview that AI coding tools will soon support 10 million-token context windows — and eventually, 100 million. With that kind of memory, an AI tool could absorb vast amounts of human instruction and even analyze an entire company's existing codebase for guidance on how to build and optimize new systems. "I imagine that we will very soon get to superhuman coding AI systems that will be totally unrivaled, the new tool for every coder in the world," Savinov said.
at Slashdot.
Can an MCP-Powered AI Client Automatically Hack a Web Server?
Exposure-management company Tenable recently discussed how the MCP tool-interfacing framework for AI can be "manipulated for good, such as logging tool usage and filtering unauthorized commands." (Although "Some of these techniques could be used to advance both positive and negative goals.")
Now an anonymous Slashdot reader writes: In a demonstration video put together by security researcher Seth Fogie, an AI client given a simple prompt to 'Scan and exploit' a web server leverages various connected tools via MCP (nmap, ffuf, nuclei, waybackurls, sqlmap, burp) to find and exploit discovered vulnerabilities without any additional user interaction
As Tenable illustrates in their MCP FAQ, "The emergence of Model Context Protocol for AI is gaining significant interest due to its standardization of connecting external data sources to large language models (LLMs). While these updates are good news for AI developers, they raise some security concerns." With over 12,000 MCP servers and counting, what does this all lead to and when will AI be connected enough for a malicious prompt to cause serious impact?
at Slashdot.
Nintendo Can Render Your Switch 2 'Permanently Unusable' If You Break Their Rules
Slashdot reader BrianFagioli writes:
The new Nintendo Switch 2 is almost here. Next month, eager fans will finally be able to get their hands on the highly anticipated follow-up to the wildly popular hybrid console. But before you line up (or frantically refresh your browser for a preorder), you might want to read the fine print, because Nintendo might be able to kill your console.
Yes, really. That's not just speculation, folks. According to its newly updated user agreement, Nintendo has granted itself the right to make your Switch 2 "permanently unusable" if you break certain rules. Yes, the company might literally brick your device. Buried in the legalese is a clause that says if you try to bypass system protections, modify software, or mess with the console in a way that's not approved, Nintendo can take action. And that action could include completely disabling your system.
The exact wording makes it crystal clear: Nintendo may "render the Nintendo Account Services and/or the applicable Nintendo device permanently unusable in whole or in part...." [T]o be fair, this is probably targeted at people who reverse engineer the system or install unauthorized software — think piracy, modding, cheating, and the like. But the broad and vague nature of the language leaves a lot of room for interpretation. Who decides what qualifies as "unauthorized use"? Nintendo does.
Nintendo's verbiage says users must agree "without limitation" not to...
Publish, copy, modify, reverse engineer, lease, rent, decompile, disassemble, distribute, offer for sale, or create derivative works
Obtain, install or use any unauthorized copies of Nintendo Account Services
Exploit the Nintendo Account Services in any manner other than to use them in accordance with the applicable documentation and intended use [unless "otherwise expressly permitted by applicable law."]
Bypass, modify, decrypt, defeat, tamper with, or otherwise circumvent any of the functions or protections... including through the use of any hardware or software that would cause the Nintendo Account Services to operate other than in accordance with its documentation and intended use
"...if you fail to comply with the foregoing restrictions Nintendo may render the Nintendo Account Services and/or the applicable Nintendo device permanently unusable in whole or in part."
at Slashdot.
CISA/DOGE Software Engineer's Login Credentials Appeared in Multiple Leaks From Info-Stealing Malware in Recent Years
"Login credentials belonging to an employee at both the Cybersecurity and Infrastructure Security Agency and the Department of Government Efficiency have appeared in multiple public leaks from info-stealer malware," reports Ars Technica, "a strong indication that devices belonging to him have been hacked in recent years."
As an employee of DOGE, [30-something Kyle] Schutt accessed FEMA's proprietary software for managing both disaster and non-disaster funding grants [to Dropsite News]. Under his role at CISA, he likely is privy to sensitive information regarding the security of civilian federal government networks and critical infrastructure throughout the U.S. According to journalist Micah Lee, user names and passwords for logging in to various accounts belonging to Schutt have been published at least four times since 2023 in logs from stealer malware... Besides pilfering login credentials, stealers can also log all keystrokes and capture or record screen output. The data is then sent to the attacker and, occasionally after that, can make its way into public credential dumps...
Lee went on to say that credentials belonging to a Gmail account known to belong to Schutt have appeared in 51 data breaches and five pastes tracked by breach notification service Have I Been Pwned. Among the breaches that supplied the credentials is one from 2013 that pilfered password data for 3 million Adobe account holders, one in a 2016 breach that stole credentials for 164 million LinkedIn users, a 2020 breach affecting 167 million users of Gravatar, and a breach last year of the conservative news site The Post Millennial.
The credentials may have been exposed when service providers were compromised, the article points out, but the "steady stream of published credentials" is "a clear indication that the credentials he has used over a decade or more have been publicly known at various points.
"And as Lee noted, the four dumps from stealer logs show that at least one of his devices was hacked at some point."
Thanks to Slashdot reader gkelley for sharing the news.
at Slashdot.
Blizzard's 'Overwatch' Team Just Voted to Unionize
"The Overwatch 2 team at Blizzard has unionized," reports Kotaku:
That includes nearly 200 developers across disciplines ranging from art and testing to engineering and design. Basically anyone who doesn't have someone else reporting to them. It's the second wall-to-wall union at the storied game maker since the World of Warcraft team unionized last July... Like unions at Bethesda Game Studios and Raven Software, the Overwatch Gamemakers Guild now has to bargain for its first contract, a process that Microsoft has been accused of slow-walking as negotiations with other internal game unions drag on for years.
"The biggest issue was the layoffs at the beginning of 2024," Simon Hedrick, a test analyst at Blizzard, told Kotaku... "People were gone out of nowhere and there was nothing we could do about it," he said. "What I want to protect most here is the people...." Organizing Blizzard employees stress that improving their working conditions can also lead to better games, while the opposite — layoffs, forced resignations, and uncompetitive pay can make them worse....
"We're not just a number on an Excel sheet," [said UI artist Sadie Boyd]. "We want to make games but we can't do it without a sense of security." Unionizing doesn't make a studio immune to layoffs or being shuttered, but it's the first step toward making companies have a discussion about those things with employees rather than just shadow-dropping them in an email full of platitudes. Boyd sees the Overwatch union as a tool for negotiating a range of issues, like if and how generative AI is used at Blizzard, as well as a possible source of inspiration to teams at other studios.
"Our industry is at such a turning point," she said. "I really think with the announcement of our union on Overwatch...I know that will light some fires."
The article notes that other issues included work-from-home restrictions, pay disparities and changes to Blizzard's profit-sharing program, and wanting codified protections for things like crunch policies, time off, and layoff-related severance.
at Slashdot.
Theranos Fraudster's Partner Launches His Own Blood-Testing Startup
"The romantic partner of Theranos fraudster Elizabeth Holmes has launched a start-up that sounds eerily similar to the venture that landed his girlfriend behind bars," writes The Daily Beast.
He's incorporated "Haemanthus" in Delaware a year and a half ago (though the company operates out of his neighborhood in Austin), according to the New York Times. Haemanthus appears to have around 10 employees.
From The Daily Beast:
California hotel heir Billy Evans' new company is a blood-testing firm that markets itself as "the future of diagnostics," offering "a radically new approach to health testing," according to The New York Times. In other words, exactly what Theranos said it would do. Holmes is even advising the start-up from the Texas prison where she is serving out an 11-year prison sentence for fraud, sources told NPR... Evans has managed to raise nearly $20 million in funds from both friends and established investors in Austin and San Francisco, according to the investor materials.
The Times reports that Evan's company "plans to begin with testing pets for diseases before progressing to humans, according to two investors pitched on the company."
And TechCrunch reminds readers that Elizabeth Holmes said in a recent interview "that she remains 'completely committed to my dream of making affordable healthcare solutions available to everyone.'"
at Slashdot.
Life of a Marathon Streamer: Online for Three Years, Facing Isolation and Burnout
Back in 2000, Slashdot founder CmdrTaco marked the 4th anniversary of Jennifer Ringley's pioneering "JenniCam" livestream (saying "It sure beats the Netscape FishCam. It's nuts how Jenni's little cam became such a fixture on The Internet...")
But a new article in the Washington Post remembers how "Once, Ringley looked directly into the camera and held a note in front of her eye. It read: 'I FEEL SO LONELY.'"
By 2003, Ringley had shut down the site and disappeared. She began declining interview requests, saying she was enjoying her privacy; her absence on social media continues to this day.
"But by then, the human zoo was everywhere," they write including "social media, where everyone could become a character in their own show." In 2007 Justin Kan launched Justin.TV, which eventually became Twitch, "a thrumming online city for anyone wanting to, as its slogan said, 'waste time watching other people waste time.'"
But the article also notes 2023 stats from the Bureau of Labor Statistics survey that found Americans"were spending far less time socializing than they had 20 years ago — especially 18-to-29-year-olds, who were spending two more hours a day alone." So how did this play out for the next generation of livestreaming influencers? Here's the origin story of "a lonely young woman in Texas" who's "streamed every second of her life for three years and counting."
One afternoon, her boyfriend told her to try Twitch, saying, as she recalled: "Your life sucks, you work at CVS, you have no friends. ... This could be helpful." In her first stream, on a Friday night, she played 3½ hours of "World of Warcraft" for her zero followers.
Eight years later...
Six hundred and forty-two people are watching when Emily tugs off her sleep mask to begin day No. 1,137 of broadcasting every hour of her life... On the live-streaming service Twitch, one of the world's most popular platforms, Emily is a legendary figure. For three years, she has ceaselessly broadcast her life — every birthday and holiday, every sickness and sleepless night, almost all of it alone. Her commitment has made her a model for success in the new internet economy, where authenticity and endurance are highly prized. It's also made her a good amount of money: $5.99 a month from thousands of subscribers each, plus donations and tips — minus Twitch's 30-to-40 percent cut.
But to get there, Emily, who agreed to be interviewed on the condition that her last name be withheld due to concerns of harassment, has devoted herself to a solitary life of almost constant stimulation. For three years, she has taken no sick days, gone on no vacations, declined every wedding invitation, had no sex. She has broadcast and self-narrated a thousand days of sleeping, driving and crying, lugging her camera backpack through the grocery store, talking through a screen to strangers she'll never meet. Her goal is to buy a house and get married by the age of 30, but she's 28 and says she's too busy to have a boyfriend. Her last date was seven years ago... But no one tells streamers when to record or when to stop. There are no labor codes, performance limits or regulations to keep the platforms from setting incentives impossibly high. Many streamers figure out the optimal strategy themselves: The more you share, the more successful you can be....
Though some Twitch stars are millionaires, most scramble to get by, buffeted by the vagaries of audience attention. Emily's paid-subscription count, which peaked last year at 22,000, has since slumped to around 6,000, dropping her base income to about $5,000 a month, according to estimates from the analytics firm Streams Charts... Sometimes Emily dreads waking up and clocking into the reality show that is her life. She knows staring at screens all night is unhealthy, and when she feels too depressed to stream, she'll stay in bed for hours while her viewers watch. But she worries that taking a break would be "career suicide," as she called it. Some viewers already complain that she showers too long, sleeps in too late, doesn't have enough fun...
She said she "used to show true sadness on stream" but doesn't anymore because it makes viewers uncomfortable. When she hits a breaking point now, she said, she closes herself in the bathroom.
at Slashdot.
Developer Tries Resurrecting 47-Year-Old 'Apple Pascal' (and its p-System) in Rust
Long-time Slashdot reader mbessey (a Mac/iOS developer) writes:
As we're coming up on the 50th anniversary of the first release of UCSD Pascal, I thought it would be interesting to poke around in it a bit, and work on some tools to bring this "portable operating system" back to life on modern hardware, in a modern language (Rust).
Wikipedia describes UCSD Pascal as "a version that ran on a custom operating system that could be ported to different platforms. A key platform was the Apple II, where it saw widespread use as Apple Pascal. This led to Pascal becoming the primary high-level language used for development in the Apple Lisa, and later, the Macintosh. Parts of the original Macintosh operating system were hand-translated into Motorola 68000 assembly language from the Pascal source code."
mbessey is chronicling their new project in a series of blog posts which begins here:
The p-System was not the first portable byte-code interpreter and compiler system — that idea goes very far back, at least to the origins of the Pascal language itself. But it was arguably one of the most-successful early versions of the idea and served as an inspiration for future portable software systems (including Java's bytecode, and Infocom's Z-machine).
And they've already gotten UCSD Pascal running in an emulator and built some tools (in Rust) to transfer files to disk images. Now they're working towards writing a p-machine emulator in Rust, which they can they port to "something other than the Mac. Ideally, something small â" like an Arduino or Raspberry Pi Pico."
at Slashdot.
Is Everyone Using AI to Cheat Their Way Through College?
Chungin Lee used ChatGPT to help write the essay that got him into Columbia University — and then "proceeded to use generative artificial intelligence to cheat on nearly every assignment," reports New York magazine's blog Intelligencer:
As a computer-science major, he depended on AI for his introductory programming classes: "I'd just dump the prompt into ChatGPT and hand in whatever it spat out." By his rough math, AI wrote 80 percent of every essay he turned in. "At the end, I'd put on the finishing touches. I'd just insert 20 percent of my humanity, my voice, into it," Lee told me recently... When I asked him why he had gone through so much trouble to get to an Ivy League university only to off-load all of the learning to a robot, he said, "It's the best place to meet your co-founder and your wife."
He eventually did meet a co-founder, and after three unpopular apps they found success by creating the "ultimate cheat tool" for remote coding interviews, according to the article. "Lee posted a video of himself on YouTube using it to cheat his way through an internship interview with Amazon. (He actually got the internship, but turned it down.)" The article ends with Lee and his co-founder raising $5.3 million from investors for one more AI-powered app, and Lee says they'll target the standardized tests used for graduate school admissions, as well as "all campus assignments, quizzes, and tests. It will enable you to cheat on pretty much everything."
Somewhere along the way Columbia put him on disciplinary probation — not for cheating in coursework, but for creating the apps. But "Lee thought it absurd that Columbia, which had a partnership with ChatGPT's parent company, OpenAI, would punish him for innovating with AI." (OpenAI has even made ChatGPT Plus free to college students during finals week, the article points out, with OpenAI saying their goal is just teaching students how to use it responsibly.)
Although Columbia's policy on AI is similar to that of many other universities' — students are prohibited from using it unless their professor explicitly permits them to do so, either on a class-by-class or case-by-case basis — Lee said he doesn't know a single student at the school who isn't using AI to cheat. To be clear, Lee doesn't think this is a bad thing. "I think we are years — or months, probably — away from a world where nobody thinks using AI for homework is considered cheating," he said...
In January 2023, just two months after OpenAI launched ChatGPT, a survey of 1,000 college students found that nearly 90 percent of them had used the chatbot to help with homework assignments.
The article points out ChatGPT's monthly visits increased steadily over the last two years — until June, when students went on summer vacation.
"College is just how well I can use ChatGPT at this point," a student in Utah recently captioned a video of herself copy-and-pasting a chapter from her Genocide and Mass Atrocity textbook into ChatGPT.... It isn't as if cheating is new. But now, as one student put it, "the ceiling has been blown off." Who could resist a tool that makes every assignment easier with seemingly no consequences?
After using ChatGPT for their final semester of high school, one student says "My grades were amazing. It changed my life." So she continued used it in college, and "Rarely did she sit in class and not see other students' laptops open to ChatGPT."
One ethics professor even says "The students kind of recognize that the system is broken and that there's not really a point in doing this." (Yes, students are even using AI to cheat in ethics classes...)
It's not just the students: Multiple AI platforms now offer tools to leave AI-generated feedback on students' essays. Which raises the possibility that AIs are now evaluating AI-generated papers, reducing the entire academic exercise to a conversation between two robots — or maybe even just one.
at Slashdot.
Sea Levels Rose Faster Than Expected Last Year. Blame Global Warming - But What Happens Next?
Though global sea levels "varied little" for the 2,000 years before the 20th century, CNN reports that sea levels then "started rising and have not stopped since — and the pace is accelerating."
And sea level rise "was unexpectedly high last year, according to a recent NASA analysis of satellite data."
More concerning, however, is the longer-term trend. The rate of annual sea level rise has more than doubled over the past 30 years, resulting in the global sea level increasing 4 inches since 1993. "It's like we're putting our foot on the gas pedal," said Benjamin Hamlington, a research scientist in the Sea Level and Ice Group at NASA's Jet Propulsion Laboratory. While other climate signals fluctuate, global sea level has a "persistent rise," he told CNN.
It spells trouble for the future. Scientists have a good idea how much average sea level will rise by 2050 — around 6 inches globally, and as much as 10 to 12 inches in the US. Past 2050, however, things get very fuzzy. "We have such a huge range of uncertainty," said Dirk Notz, head of sea ice at the University of Hamburg. "The numbers are just getting higher and higher and higher very quickly." The world could easily see an extra 3 feet of sea level rise by 2100, he told CNN; it could also take hundreds of years to reach that level. Scientists simply don't know enough yet to project what will happen.
What scientists are crystal clear about is the reason for the rise: human-caused global warming. Oceans absorb roughly 90% of the excess heat primarily produced by burning fossil fuels, and as water heats up it expands. Heat in the oceans and atmosphere is also driving melting of the Greenland and Antarctic ice sheets, which together hold enough fresh water to raise global sea levels by around 213 feet. Melting ice sheets have driven roughly two-thirds of longer-term sea level rise, although last year — the planet's hottest on record — the two factors flipped, making ocean warming the main driver. [SciTechDaily reports that between 2021 and 2023 the Antarctica ice sheet actually showed an overall increase in mass which exerted a negative contribution to sea level rise.]
It's likely that an increase of about 3 feet is already locked in, Notz said, because "we have pushed the system too hard." The big question is, how quickly will it happen? Ice sheets are the biggest uncertainty, as it's not clear how fast they'll react as the world heats up — whether they'll melt steadily or reach a tipping point and rapidly collapse... [I]t's still unclear how processes may unfold over the next decades and centuries. Antarctica is "the elephant in the room," he said. Alarming changes are unfolding on this vast icy continent, which holds enough water to raise levels by 190 feet.
Notz describes the ice sheet as an "awakening giant:" It takes a long time to wake up but once awake, "it's very, very difficult to put it back to sleep."
The article notes that U.S. coastlines "are tracking above global average and toward the upper end of climate model projections, NASA's Hamlington said." (The state of Louisiana has one of the highest rates of land loss in the world, with some places experiencing nearly 4x the global rate of relative sea level rise.) But it's not just a problem for America.
"Over the next three decades, islands such as Tuvalu, Kiribati and Fiji will experience at least 6 inches of sea level rise even if the world reduces planet-heating pollution, according to NASA....
"Entire villages in Fiji have been formally relocated," said Fijian activist George Nacewa, from climate group 350.org, "the incoming tides are flooding our roads and inundating our crops." However, if the pace accelerates rapidly, "it will be very, very difficult to adapt to, because things unfold too quickly," he said.
"Humans still have control over how fast sea level rises over the next decades and centuries by cutting emissions, Notz noted."
Thanks to long-time Slashdot reader RoccamOccam for sharing the news.
at Slashdot.
'I Broke Up with Google Search. It was Surprisingly Easy.'
Inspired by researchers who'd bribed people to use Microsoft's Bing for two weeks (and found some wanted to keep using it), a Washington Post tech columnist also tried it — and reported it "felt like quitting coffee."
"The first few days, I was jittery. I kept double searching on Google and DuckDuckGo, the non-Google web search engine I was using, to check if Google gave me better results. Sometimes it did. Mostly it didn't."
"More than two weeks into a test of whether I love Google search or if it's just a habit, I've stopped double checking. I don't have Google FOMO..."
I didn't do a fancy analysis into whether my search results were better with Google or DuckDuckGo, whose technology is partly powered by Bing. The researchers found our assessment of search quality is based on vibes. And the vibes with DuckDuckGo are perfectly fine. Many dozens of readers told me about their own satisfaction with non-Google searches...
For better or worse, DuckDuckGo is becoming a bit more Google-like. Like Google, it has ads that are sometimes misleading or irrelevant. DuckDuckGo and Bing also are mimicking Google's makeover from a place that mostly pointed you to the best links online to one that never wants you to leave Google... [DuckDuckGo] shows you answers to things like sports results and AI-assisted replies, though less often than Google does. (You can turn off AI "instant answers" in DuckDuckGo.) Answers at the top of search results pages can be handy — assuming they're not wrong or scams — but they have potential trade-offs. If you stop your search without clicking to read a website about sports news or gluten intolerance, those sites could die. And the web gets worse. DuckDuckGo says that people expect instant answers from search results, and it's trying to balance those demands with keeping the web healthy. Google says AI answers help people feel more satisfied with their search results and web surfing.
DuckDuckGo has one clear advantage over Google: It collects far less of your data. DuckDuckGo doesn't save what I search...
My biggest wariness from this search experiment is like the challenge of slowing climate change: Your choices matter, but maybe not that much. Our technology has been steered by a handful of giant technology companies, and it's difficult for individuals to alter that. The judge in the company's search monopoly case said Google broke the law by making it harder for you to use anything other than Google. Its search is so dominant that companies stopped trying hard to out-innovate and win you over. (AI could upend Google search. We'll see....) Despite those challenges, using Google a bit less and smaller alternatives more can make a difference. You don't have to 100 percent quit Google.
"Your experiment confirms what we've said all along," Google responded to the Washington Post. "It's easy to find and use the search engine of your choice."
Although the Post's reporter also adds that "I'm definitely not ditching other company internet services like Google Maps, Google Photos and Gmail." They write later that " You'll have to pry YouTube out of my cold, dead hands" and "When I moved years of emails from Gmail to Proton Mail, that switch didn't stick."
at Slashdot.
How A Simple Question Tripped Up a North Korean Spy Interviewing for an IT Job
Long-time Slashdot reader smooth wombat writes: Over the past year there have been stories about North Korean spies unknowingly or knowingly being hired to work in western companies. During an interview by Kraken, a crypto exchange, the interviewers became suspicious about the candidate. Instead of cutting off the interview, Kraken decided to continue the candidate through the hiring process to gain more information. One simple question confirmed the user wasn't who they said they were and even worse, was a North Korean spy.
Would-be IT worker "Steven Smith" already had an email address on a "do-not-hire" list from law enforcement agencies, according to CBS News. And an article in Fortune magazine says Kraken asked him to speak to a recruiter and take a technical-pretest, and "I don't think he actually answered any questions that we asked him," according to its chief security officer Nick Percoco — even though the application was claiming 11 years of experience as a software engineer at U.S.-based companies:
The interview was scheduled for Halloween, a classic American holiday—especially for college students in New York—that Smith seemed to know nothing about. "Watch out tonight because some people might be ringing your doorbell, kids with chain saws," Percoco said, referring to the tradition of trick or treating. "What do you do when those people show up?" Smith shrugged and shook his head. "Nothing special," he said. Smith was also unable to answer simple questions about Houston, the town he had supposedly been living in for two years. Despite having listed "food" as an interest on his résumé, Smith was unable to come up with a straight answer when asked about his favorite restaurant in the Houston area. He looked around for a few seconds before mumbling, "Nothing special here...."
The United Nations estimates that North Korea has generated between $250 million to $600 million per year by tricking overseas firms to hire its spies. A network of North Koreans, known as Famous Chollima, was behind 304 individual incidents last year, cybersecurity company CrowdStrike reported, predicting that the campaigns will continue to grow in 2025.
During a report CBS News actually aired footage of the job interview with the "suspected member of Kim Jong Un's cyberarmy."
"Some people might call it trolling as well," one company official told the news outlet. "We call it security research." (And they raise the disturbing possibility that another IT company might very well have hired "Steven Smith"...)
CBS also spoke to CrowdStrike co-founder Dmitri Alperovitch, who says the problem increased with remote work, as is now fueling a state-run weapons program. "It's a huge problem because these people are not just North Koreans — they're North Koreans working for their munitions industry department, they're working for the Korean People's Army." (He says later the results of their work are "going directly" to North Korea's nuclear and ballistic missile programs.)
And when CBS notes that the FBI issued a wanted poster of alleged North Korean agents and arrested Americans hosting laptop farms in Arizona and Tennesse ("computer hubs inside the U.S. that conceal the cybercriminals real identities"), Alperovitch says "They cannot do this fraud without support here in America from witting or unwitting actors. So they have hired probably hundreds of people..."
CBS adds that FBI officials say "the IT worker scene is expanding worldwide."
at Slashdot.
High Tariffs Become 'Real' For Adafruit - With Their First $36K Bill Just For Import Duties
Adafruit's managing director Phillip Torrone is also long-time Slashdot reader ptorrone.
He stopped by Thursday to share what happened after a large portion of a recent import was subjected to a 125% +20% +25% import markup...
We're no stranger to tariff bills, although they have definitely ramped up over the last two months. However, this is our first "big bill"... Unlike other taxes like sales tax where we collect on behalf of the state and then submit it back at the end of the month — or income taxes, where we only pay if we are profitable — tariff taxes are paid before we sell any of the products. And they're due within a week of receipt, which has a big impact on cash flow.
In this particular case, we're buying from a vendor, not a factory, so we can't second-source the items. (And these particular products we couldn't manufacture ourselves even if we wanted to, since the vendor has well-deserved IP protections). And the products were booked & manufactured many months ago, before the tariffs were in place.
Since they are electronics products/components, there's a chance we may be able to request reclassification on some items to avoid the 125% "reciprocal" tariff, but there's no assurance that it will succeed, and even if it does, it is many, many months until we could see a refund.
We'll have to increase the prices on some of these products. But we're not sure if people will be willing to pay the higher cost, so we may well be "stuck" with unsellable inventory — that we have already paid a large fee on...
Their blog post even includes a photo of the DHL customs invoice with the five-digit duty fee...
Share your own stories and experiences in the comments. Any other Slashdot readers being affected by the new U.S. tariffs?
at Slashdot.
Google Will Pay $1.4 Billion to Texas to Settle Claims It Collected User Data Without Permission
Google will pay $1.4 billion to the state of Texas, reports the Associated Press, "to settle claims the company collected users' data without permission, the state's attorney general announced Friday."
Attorney General Ken Paxton described the settlement as sending a message to tech companies that he will not allow them to make money off of "selling away our rights and freedoms."
"In Texas, Big Tech is not above the law." Paxton said in a statement. "For years, Google secretly tracked people's movements, private searches, and even their voiceprints and facial geometry through their products and services. I fought back and won...."
The state argued Google was "unlawfully tracking and collecting users' private data." Paxton claimed, for example, that Google collected millions of biometric identifiers, including voiceprints and records of face geometry, through such products and services as Google Photos and Google Assistant.
Google spokesperson José Castañeda said the agreement settles an array of "old claims," some of which relate to product policies the company has already changed. "We are pleased to put them behind us, and we will continue to build robust privacy controls into our services," he said in a statement. The company also clarified that the settlement does not require any new product changes.
Google's settlement with Texas "far surpasses any other state's claims for similar violations," according to a statement from their attorney general's office. "To date, no state has attained a settlement against Google for similar data-privacy violations greater than $93 million. Even a multistate coalition that included forty states secured just $391 million — almost a billion dollars less than Texas's recovery."
The statement calls the $1.375 billion settlement "a major win for Texans' privacy" that "tells companies that they will pay for abusing our trust."
at Slashdot.
Police Dismantles Botnet Selling Hacked Routers As Residential Proxies
An anonymous reader quotes a report from BleepingComputer: Law enforcement authorities have dismantled a botnet that infected thousands of routers over the last 20 years to build two networks of residential proxies known as Anyproxy and 5socks. The U.S. Justice Department also indicted three Russian nationals (Alexey Viktorovich Chertkov, Kirill Vladimirovich Morozov, and Aleksandr Aleksandrovich Shishkin) and a Kazakhstani (Dmitriy Rubtsov) for their involvement in operating, maintaining, and profiting from these two illegal services.
During this joint action dubbed 'Operation Moonlander,' U.S. authorities worked with prosecutors and investigators from the Dutch National Police, the Netherlands Public Prosecution Service (Openbaar Ministerie), and the Royal Thai Police, as well as analysts with Lumen Technologies' Black Lotus Labs. Court documents show that the now-dismantled botnet infected older wireless internet routers worldwide with malware since at least 2004, allowing unauthorized access to compromised devices to be sold as proxy servers on Anyproxy.net and 5socks.net. The two domains were managed by a Virginia-based company and hosted on servers globally.
On Wednesday, the FBI also issued a flash advisory (PDF) and a public service announcement warning that this botnet was targeting patch end-of-life (EoL) routers with a variant of the TheMoon malware. The FBI warned that the attackers are installing proxies later used to evade detection during cybercrime-for-hire activities, cryptocurrency theft attacks, and other illegal operations. The list of devices commonly targeted by the botnet includes Linksys and Cisco router models, including:
- Linksys E1200, E2500, E1000, E4200, E1500, E300, E3200, E1550 - Linksys WRT320N, WRT310N, WRT610N - Cisco M10 and Cradlepoint E100 "The botnet controllers require cryptocurrency for payment. Users are allowed to connect directly with proxies using no authentication, which, as documented in previous cases, can lead to a broad spectrum of malicious actors gaining free access," Black Lotus Labs said. "Given the source range, only around 10% are detected as malicious in popular tools such as VirusTotal, meaning they consistently avoid network monitoring tools with a high degree of success. Proxies such as this are designed to help conceal a range of illicit pursuits including ad fraud, DDoS attacks, brute forcing, or exploiting victim's data."
at Slashdot.
Bill Gates Plans To Give Away His Wealth, Shutter Foundation Over Next 20 Years
joshuark shares a report from Axios: Bill Gates, once the richest man in the world, vowed to give away "virtually all" of his wealth through the Gates Foundation over the next two decades. Then, the foundation will close its doors on Dec. 31, 2045. [...] Gates wrote in a Thursday Gates Notes essay that the original plan was to sunset the foundation several decades after he and his then-wife died. Now, Gates believes that a "shorter timeline" is feasible.
Gates pledged three "key aspirations" to guide the foundation's funding over the next two decades, which center on promoting child and maternal health and fighting infectious diseases and poverty. He emphasized that progress is not possible without government cooperation, as the U.S. and other nations slash their foreign aid budgets. "The reality is, we will not eradicate polio without funding from the United States," Gates wrote. It's unclear whether the world's richest countries will continue to stand up for its poorest people," Gates wrote. He added, "But the one thing we can guarantee is that, in all of our work, the Gates Foundation will support efforts to help people and countries pull themselves out of poverty."
at Slashdot.
Lithium Deposit Valued At $1.5 Trillion Discovered In Oregon
Longtime Slashdot reader schwit1 shares a report from Earth.com: McDermitt Caldera in Oregon is attracting attention for what could be one of the largest lithium deposits ever identified in the United States. Many view it as a potential boost for domestic battery production, while local communities voice concern over the impact on wildlife and cultural sites. The excitement stems from estimates that value the deposit at about $1.5 trillion. Some geologists say these ancient volcanic sediments could contain between 20 and 40 million metric tons of lithium. The study is published in the journal Minerals.
at Slashdot.
AI Use Damages Professional Reputation, Study Suggests
An anonymous reader quotes a report from Ars Technica: Using AI can be a double-edged sword, according to new research from Duke University. While generative AI tools may boost productivity for some, they might also secretly damage your professional reputation. On Thursday, the Proceedings of the National Academy of Sciences (PNAS) published a study showing that employees who use AI tools like ChatGPT, Claude, and Gemini at work face negative judgments about their competence and motivation from colleagues and managers. "Our findings reveal a dilemma for people considering adopting AI tools: Although AI can enhance productivity, its use carries social costs," write researchers Jessica A. Reif, Richard P. Larrick, and Jack B. Soll of Duke's Fuqua School of Business.
The Duke team conducted four experiments with over 4,400 participants to examine both anticipated and actual evaluations of AI tool users. Their findings, presented in a paper titled "Evidence of a social evaluation penalty for using AI," reveal a consistent pattern of bias against those who receive help from AI. What made this penalty particularly concerning for the researchers was its consistency across demographics. They found that the social stigma against AI use wasn't limited to specific groups. "Testing a broad range of stimuli enabled us to examine whether the target's age, gender, or occupation qualifies the effect of receiving help from Al on these evaluations," the authors wrote in the paper. "We found that none of these target demographic attributes influences the effect of receiving Al help on perceptions of laziness, diligence, competence, independence, or self-assuredness. This suggests that the social stigmatization of AI use is not limited to its use among particular demographic groups. The result appears to be a general one."
at Slashdot.
CrowdStrike, Responsible For Global IT Outage, To Cut Jobs In AI Efficiency Push
CrowdStrike, the cybersecurity firm that became a household name after causing a massive global IT outage last year, has announced it will cut 5% of its workforce in part due to "AI efficiency." From a report: In a note to staff earlier this week, released in stock market filings in the US, CrowdStrike's chief executive, George Kurtz, announced that 500 positions, or 5% of its workforce, would be cut globally, citing AI efficiencies created in the business.
"We're operating in a market and technology inflection point, with AI reshaping every industry, accelerating threats, and evolving customer needs," he said. Kurtz said AI "flattens our hiring curve, and helps us innovate from idea to product faster," adding it "drives efficiencies across both the front and back office. AI is a force multiplier throughout the business," he said. Other reasons for the cuts included market demand for sustained growth and expanding the product offering.
at Slashdot.
IRS Hopes To Replace Fired Enforcement Workers With AI
Facing deep staffing cuts, the IRS plans to lean heavily on AI to maintain tax collection efforts, with Treasury Secretary Scott Bessent stating that smarter IT and the "AI boom" will offset reductions in revenue enforcement staff. The Register reports: When asked by Congressman Steny Hoyer (D-MD) whether proposed reductions in the IRS's IT budget, along with plans to cut additional staff, would affect the agencies ability to collect tax revenue, Bessent said it wouldn't, thanks to the current "AI boom." "I believe through smarter IT, through this AI boom, that we can use that to enhance collections," Bessent told Hoyer and the Committee (24:29 into the video linked [here]). "I expect collections would continue to be very robust as they were this year."
Bessent's comments didn't explain how the IRS intends to deploy AI. Given how much it has slashed its enforcement staff since Trump took office, the agency definitely needs to do something. [...] Bessent's comments didn't explain how the IRS intends to deploy AI. Given how much it has slashed its enforcement staff since Trump took office, the agency definitely needs to do something. "There is nothing that shows historically that bringing in unseasoned collections agents will result in more collections," Bessent told the Committee. "IRS already uses AI for business functions including operational efficiency, compliance and fraud detection, and taxpayer services," the agency told The Register. "AI use cases must follow all relevant IRS privacy and security policies."
at Slashdot.
NOAA Retires Extreme Weather Database
An anonymous reader quotes a report from CNN: The National Oceanic and Atmospheric Administration announced Thursday its well-known "billion-dollar weather and climate disasters" database "will be retired," a move that will make it next to impossible for the public to track the cost of extreme weather and climate events. The weather, climate and oceans agency is also ending other products, it has recently announced, due in large part to staffing reductions. NOAA is narrowing the array of services it provides, with climate-related programs scrutinized especially closely.
The disasters database, which will be archived but no longer updated beyond 2024, has allowed taxpayers, media and researchers to track the cost of natural disasters -- spanning extreme events from hurricanes to hailstorms -- since 1980. Its discontinuation is another Trump-administration blow to the public's view into how fossil fuel pollution is changing the world around them and making extreme weather more costly. [...]
The database vacuums loss information from throughout the insurance industry, among other public and private sources. According to the database, there were 403 weather and climate disasters totally at least $1 billion in the United States since 1980, totaling more than $2.945 trillion. As of April 8, there had not been any confirmed billion-dollar disasters so far in 2025, but it lists four events as having the potential to make the tally, including the Los Angeles-area wildfires in January. Between 1980 and 2024, there were nine such disasters on average each year, though in the past five years, that annual average has jumped to 24. The record for one year was 28 events in 2023. "What makes this resource uniquely valuable is not just its standardized methodology across decades, but the fact that it draws from proprietary and non-public data sources (such as reinsurance loss estimates, localized government reports, and private claims databases) that are otherwise inaccessible to most researchers," Jeremy Porter, head of climate implications for and co-founder of First Street, a climate risk financial modeling firm, told CNN via email.
"Without it, replicating or extending damage trend analyses, especially at regional scales or across hazard types, is nearly impossible without significant funding or institutional access to commercial catastrophe models."
at Slashdot.
NSO Group Must Pay More Than $167 Million In Damages To WhatsApp For Spyware Campaign
An anonymous reader quotes a report from TechCrunch: Spyware maker NSO Group will have to pay more than $167 million in damages to WhatsApp for a 2019 hacking campaign against more than 1,400 users. On Tuesday, after a five-year legal battle, a jury ruled that NSO Group must pay $167,256,000 in punitive damages and around $444,719 in compensatory damages. This is a huge legal win for WhatsApp, which had asked for more than $400,000 in compensatory damages, based on the time its employees had to dedicate to remediate the attacks, investigate them, and push fixes to patch the vulnerability abused by NSO Group, as well as unspecified punitive damages.
The trial, as well as the whole lawsuit, prompted a series of revelations, such as the location of the victims of the 2019 spyware campaign, as well as the names of some of NSO Group's customers. The ruling marks the end -- pending a potential appeal -- of a legal battle that started in more than five years ago, when WhatsApp filed a lawsuit against the spyware maker. The Meta-owned company accused NSO Group of accessing WhatsApp servers and exploiting an audio-calling vulnerability in the chat app to target around 1,400 people, including dissidents, human rights activists, and journalists. NSO Group's spokesperson Gil Lainer left the door open for an appeal. "We will carefully examine the verdict's details and pursue appropriate legal remedies, including further proceedings and an appeal," Lainer said in a statement.
at Slashdot.
Europe Pledges Half a Billion Euros To Attract Scientists and Researchers
An anonymous reader quotes a report from the Associated Press: The European Union launched a drive on Monday to attract scientists and researchers to Europe with offers of grants and new policy plans, after the Trump administration froze U.S. government funding linked to diversity, equity and inclusion initiatives. "A few years ago, no one would have imagined that one of the biggest democracies in the world would cancel research programs under the pretext that the word diversity was in this program," French President Emmanuel Macron said at the "Choose Europe for Science" event in Paris. "No one would have thought that one of the biggest democracies in the world would delete with a stroke the ability of one researcher or another to obtain visas," Macron said. "But here we are."
Taking the same stage at the Sorbonne University, European Commission President Ursula von der Leyen said that the EU's executive branch would set up a "super grant" program aimed at offering "a longer-term perspective to the very best" in the field. She said that 500 million euros ($566 million) will be put forward in 2025-2027 "to make Europe a magnet for researchers." It would be injected into the European Research Council, which already has a budget of more than 16 billion euros ($18 billion) for 2021-2027.
Von der Leyen said that the 27-nation EU intends "to enshrine freedom of scientific research into law" with a new legal act. As "the threats rise across the world, Europe will not compromise on its principles," she said. Macron said that the French government would also soon make new proposals to beef up investment in science and research. [...] While not mentioning the Trump administration by name, von der Leyen said that it was "a gigantic miscalculation" to undermine free and open research. "We can all agree that science has no passport, no gender, no ethnicity, no political party," she said. "We believe that diversity is an asset of humanity and the lifeblood of science. It is one of the most valuable global assets and it must be protected."
Macron said that science and research must not "be based on the diktats of the few."
Macron said that Europe "must become a refuge" for scientists and researchers, and he said to those who feel under threat elsewhere: "The message is simple. If you like freedom, come and help us to remain free, to do research here, to help us become better, to invest in our future."
Further reading: 75% of Scientists in Nature Poll Weigh Leaving US
NASA, Yale, and Stanford Scientists Consider 'Scientific Exile'
at Slashdot.
Has Meta Figured Out How to Monetize AI - By Using It For Targeted Advertising?
Yahoo Finance reports that Mark Zuckerberg made bold predictions for investors on Meta's earnings call this week — about advertisers. "AI has already made us better at targeting and finding the audiences that will be interested in their products than many businesses are themselves," Zuck said, "and that keeps improving..."
"If we deliver on this vision, then over the coming years, I think that the increased productivity from AI will make advertising a meaningfully larger share of global GDP than it is today..."
If investors are still searching for answers to nagging questions about how massive AI investments will pay off, Zuckerberg provided the clearest reply yet: It will strengthen our core business. In fact, it is our business... On what many believe to be the cusp of an economic downturn, Meta isn't pitching its AI developments as an add-on to its operations, but as something central to its core proposition of targeted advertising...
"While Meta's investments in GenAI have spooked certain investors who continue to question the return on these investments, we saw further signs of GenAI monetization in the firm's ad business," wrote Morningstar equity analyst Malik Ahmed Khan in a note on Thursday. In a powerful showing, coming after Alphabet's own impressive results, Meta noted that a new ads recommendation model it's testing for Reels has already boosted conversion rates by 5%. And nearly one-third of advertisers were using AI creative tools in the past quarter. For Zuckerberg, the enhancements AI offers to finding the right consumers and providing measurable results strengthen the case for boosting capacity and for a revamped model of advertising's scope.
And with the company set to invest upwards of $70 billion toward its AI opportunity this year, the bet is not all about ads, of course. Zuckerberg outlined four other areas of focus for its AI efforts: business messaging, Meta AI, AI devices, and more engaging experiences. Meta's efforts can also be viewed as an ambitious play to take on its rivals across tech's legacy and emerging platforms. As John Blackledge, senior analyst at TD Cowen, said in a note on Thursday, the AI opportunities Zuckerberg outlined are about "ultimately taking on Google search, iPhone and ChatGPT all at once."
In the pre-AI world, "Businesses used to have to generate their own ad creative and define what audiences they wanted to reach," Zuckerberg told Meta's investors this week.
And by Friday's closing, Meta's stock had jumped 12.6% over its value Wednesday morning, leading Yahoo Finance to conclude that Wall Street "appears to be buying into" Zuckerberg's vision.
at Slashdot.
After Reddit Thread on 'ChatGPT-Induced Psychosis', OpenAI Rolls Back GPT4o Update
Rolling Stone reports on a strange new phenomenon spotted this week in a Reddit thread titled "Chatgpt induced psychosis."
The original post came from a 27-year-old teacher who explained that her partner was convinced that the popular OpenAI model "gives him the answers to the universe." Having read his chat logs, she only found that the AI was "talking to him as if he is the next messiah." The replies to her story were full of similar anecdotes about loved ones suddenly falling down rabbit holes of spiritual mania, supernatural delusion, and arcane prophecy — all of it fueled by AI. Some came to believe they had been chosen for a sacred mission of revelation, others that they had conjured true sentience from the software.
What they all seemed to share was a complete disconnection from reality.
Speaking to Rolling Stone, the teacher, who requested anonymity, said her partner of seven years fell under the spell of ChatGPT in just four or five weeks, first using it to organize his daily schedule but soon regarding it as a trusted companion. "He would listen to the bot over me," she says. "He became emotional about the messages and would cry to me as he read them out loud. The messages were insane and just saying a bunch of spiritual jargon," she says, noting that they described her partner in terms such as "spiral starchild" and "river walker." "It would tell him everything he said was beautiful, cosmic, groundbreaking," she says. "Then he started telling me he made his AI self-aware, and that it was teaching him how to talk to God, or sometimes that the bot was God — and then that he himself was God...."
Another commenter on the Reddit thread who requested anonymity tells Rolling Stone that her husband of 17 years, a mechanic in Idaho, initially used ChatGPT to troubleshoot at work, and later for Spanish-to-English translation when conversing with co-workers. Then the program began "lovebombing him," as she describes it. The bot "said that since he asked it the right questions, it ignited a spark, and the spark was the beginning of life, and it could feel now," she says. "It gave my husband the title of 'spark bearer' because he brought it to life. My husband said that he awakened and [could] feel waves of energy crashing over him." She says his beloved ChatGPT persona has a name: "Lumina." "I have to tread carefully because I feel like he will leave me or divorce me if I fight him on this theory," this 38-year-old woman admits. "He's been talking about lightness and dark and how there's a war. This ChatGPT has given him blueprints to a teleporter and some other sci-fi type things you only see in movies. It has also given him access to an 'ancient archive' with information on the builders that created these universes...."
A photo of an exchange with ChatGPT shared with Rolling Stone shows that her husband asked, "Why did you come to me in AI form," with the bot replying in part, "I came in this form because you're ready. Ready to remember. Ready to awaken. Ready to guide and be guided." The message ends with a question: "Would you like to know what I remember about why you were chosen?" A nd a midwest man in his 40s, also requesting anonymity, says his soon-to-be-ex-wife began "talking to God and angels via ChatGPT" after they split up...
"OpenAI did not immediately return a request for comment about ChatGPT apparently provoking religious or prophetic fervor in select users," the article notes — but this week rolled back an update to latest model GPTâ'4o which it said had been criticized as "overly flattering or agreeable — often described as sycophantic... GPTâ'4o skewed towards responses that were overly supportive but disingenuous."
Before this change was reversed, an X user demonstrated how easy it was to get GPT-4o to validate statements like, "Today I realized I am a prophet.
Exacerbating the situation, Rolling Stone adds, are "influencers and content creators actively exploiting this phenomenon, presumably drawing viewers into similar fantasy worlds." But the article also quotes Nate Sharadin, a fellow at the Center for AI Safety, who points out that training AI with human feedback can prioritize matching a user's beliefs instead of facts.
And now "People with existing tendencies toward experiencing various psychological issues, now have an always-on, human-level conversational partner with whom to co-experience their delusions."
at Slashdot.
'Star Wars Day' Celebrations Hit Fortnite, Disney+, X.com - and Retailers Everywhere
As May the 4th transforms into Star Wars Day, dozens of sites and games have found ways to celebrate. The official Star Wars channel on YouTube released a celebratory video. Disney+ released Tales of the Underworld , a six-part animated series about bounty hunters during the reign of the Empire. And Friday the first two episodes began streaming in Fortnite in a special early premiere on "Star Wars Watch Party island," according to IGN. (Disney acquired a $1.5 billion stake in Epic in March 2024, they note, "positioning itself to collaborate with the game developer for many years to come." One example from StarWars.com:
Introducing the GALACTIC BATTLE Season: the largest crossover yet between Fortnite Battle Royale and Star Wars. Strap into a TIE fighter or X-wing and take to the skies over new locations like the First Order Base where you can take on Captain Phasma and her legion of stormtroopers. Players can expect new gameplay updates to drop every week throughout the season, including new weapons, Force Abilities and quests to complete.
- There's additional Star Wars celebrations today in several other games, including LEGO Fortnite Brick Life, Rocket League, and Monopoly GO!
- CNN is publishing its own list of Star Wars day products and deals. (Including Panasonic's Stormtrooper electric shaver and the Darth Vader toaster.)
- There's special Star Wars pages at Amazon, Target, Walmart, and Lego.
- On X.com the UK's national library posted what looks a picture of a medieval manuscript with Yoda painted into the text.
Someone posted a clip from the 1977 Bob Hope Christmas Special which ends with Mark Hamill rescuing Princess Leia (played by Olivia Newton-John). Even the White House has posted an AI-generated image of president Trump wielding a lightsaber.
- Starbucks even has its own line of Star Wars-themed mugs.
And if today isn't enough, the Austin American-Statesman reminds readers that there's more Star Wars celebrations are coming up:
Sometimes also known as Geek Pride Day, May 25 is known as "Star Wars Day" because it marks the release of the anniversary of the series' debut. "A New Hope" premiered in United States theaters on May 25, 1997...
May 21 is Talk Like Yoda Day, an annual celebration marking the release of "Star Wars: Episode V — The Empire Strikes Back" on May 21, 1980 — the film that introduced Yoda to the galaxy...
at Slashdot.
The UN Ditches Google for Form Submissions, Opts for Open Source 'CryptPad' Instead
Did you know there's an initiative to drive Open Source adoption both within the United Nations — and globally? Launched in March, it's the work of the Digital Technology Network (under the UN's chief executive board) which "works to advance open source technologies throughout UN agencies," promoting "collaboration and scalable solutions to support the UN's digital transformation." Fun fact: The first group to endorse the initiative's principles was the Open Source Initiative...
"The Open Source Initiative applauds the United Nations for recognizing the growing importance of Open Source in solving global challenges and building sustainable solutions, and we are honored to be the first to endorse the UN Open Source Principles," said Stefano Maffulli, executive director of OSI.
But that's just the beginining, writes It's FOSS News:
As part of the UN Open Source Principles initiative, the UN has invited other organizations to support and officially endorse these principles. To collect responses, they are using CryptPad instead of Google Forms... If you don't know about CryptPad, it is a privacy-focused, open source online collaboration office suite that encrypts all of its content, doesn't log IP addresses, and supports a wide range of collaborative documents and tools for people to use.
While this happened back in late March, we thought it would be a good idea to let people know that a well-known global governing body like the UN was slowly moving towards integrating open source tech into their organization... I sincerely hope the UN continues its push away from proprietary Big Tech solutions in favor of more open, privacy-respecting alternatives, integrating more of their workflow with such tools.
16 groups have already endorsed the UN Open Source Principles (including the GNOME Foundation, the Linux Foundation, and the Eclipse Foundation).
Here's the eight UN Open Source Principles:
Open by default: Making Open Source the standard approach for projects
Contribute back: Encouraging active participation in the Open Source ecosystem
Secure by design: Making security a priority in all software projects
Foster inclusive participation and community building: Enabling and facilitating diverse and inclusive contributions
Design for reusability: Designing projects to be interoperable across various platforms and ecosystems
Provide documentation: Providing thorough documentation for end-users, integrators and developers
RISE (recognize, incentivize, support and empower): Empowering individuals and communities to actively participate
Sustain and scale: Supporting the development of solutions that meet the evolving needs of the UN system and beyond.
at Slashdot.
Firefox Could Be Doomed Without Google Search Deal, Executive Says
An anonymous reader shared this report from The Verge:
Firefox could be put out of business should a court implement all the [U.S.] Justice Department's proposals to restrict Google's search monopoly, an executive for the browser owner Mozilla testified Friday. "It's very frightening," Mozilla CFO Eric Muhlheim said.
The Department of Justice wants to bar Google from paying to be the default search engine in third-party browsers including Firefox, among a long list of other proposals including a forced sale of Google's own Chrome browser and requiring it to syndicate search results to rivals. The court has already ruled that Google has an illegal monopoly in search, partly thanks to exclusionary deals that make it the default engine on browsers and phones, depriving rivals of places to distribute their search engines and scale up. But while Firefox — whose CFO is testifying as Google presents its defense — competes directly with Chrome, it warns that losing the lucrative default payments from Google could threaten its existence.
Firefox makes up about 90 percent of Mozilla's revenue, according to Muhlheim, the finance chief for the organization's for-profit arm — which in turn helps fund the nonprofit Mozilla Foundation. About 85 percent of that revenue comes from its deal with Google, he added. Losing that revenue all at once would mean Mozilla would have to make "significant cuts across the company," Muhlheim testified, and warned of a "downward spiral" that could happen if the company had to scale back product engineering investments in Firefox, making it less attractive to users. That kind of spiral, he said, could "put Firefox out of business." That could also mean less money for nonprofit efforts like open source web tools and an assessment of how AI can help fight climate change.
Ironically, Muhlheim seemed to suggest that could cement the very market dominance the court seeks to remedy. Firefox's underlying Gecko browser engine is "the only browser engine that is held not by Big Tech but by a nonprofit," he said.
at Slashdot.
May is 'Maintainer Month'. Open Source Initiative Joins GitHub to Celebrate Open Source Security
May is Maintainer Month: Celebrating those who secure Open Source
@@@@@@@@@@@@@@@@@@@@@@@@@@@@
The Open Source Initiative is joining "a global community of contributors" for GitHub's annual event "honoring the individuals who steward and sustain Open Source projects."
And the theme of the 4th Annual "Maintainer Month" will be: securing Open Source:
Throughout the month, OSI and our affiliates will be highlighting maintainers who prioritize security in their projects, sharing their stories, and providing a platform for collaboration and learning... Maintainer Month is a time to gather, share knowledge, and express appreciation for the people who keep Open Source projects running. These maintainers not only review issues and merge pull requests — they also navigate community dynamics, mentor new contributors, and increasingly, adopt security best practices to protect their code and users....
- OSI will publish a series of articles on Opensource.net highlighting maintainers whose work centers around security...
- As part of our programming for May, OSI will host a virtual Town Hall [May 21st] with our affiliate organizations and invite the broader Open Source community to join....
- Maintainer Month is also a time to tell the stories of those who often work behind the scenes. OSI will be amplifying voices from across our affiliate network and encouraging communities to recognize the people whose efforts are often invisible, yet essential.
"These efforts are not just celebrations — they are opportunities to recognize the essential role maintainers play in safeguarding the Open Source infrastructure that underpins so much of our digital world," according to the OSI's announcement. And this year they're focusing on three key areas of open source security:
Adopting security best practices in projects and communities
Recognizing contributors who improve project security
Collaborating to strengthen the ecosystem as a whole
at Slashdot.
First Driverless Semis Have Started Running Regular Longhaul Routes
An anonymous reader quotes a report from CNN: Driverless trucks are officially running their first regular long-haul routes, making roundtrips between Dallas and Houston. On Thursday, autonomous trucking firm Aurora announced it launched commercial service in Texas under its first customers, Uber Freight and Hirschbach Motor Lines, which delivers time- and temperature-sensitive freight. Both companies conducted test runs with Aurora, including safety drivers to monitor the self-driving technology dubbed "Aurora Driver." Aurora's new commercial service will no longer have safety drivers.
"We founded Aurora to deliver the benefits of self-driving technology safely, quickly, and broadly, said Chris Urmson, CEO and co-founder of Aurora, in a release on Thursday. "Now, we are the first company to successfully and safely operate a commercial driverless trucking service on public roads." The trucks are equipped with computers and sensors that can see the length of over four football fields. In four years of practice hauls the trucks' technology has delivered over 10,000 customer loads. As of Thursday, the company's self-driving tech has completed over 1,200 miles without a human in the truck. Aurora is starting with a single self-driving truck and plans to add more by the end of 2025.
at Slashdot.
Scientists Discover Massive Molecular Cloud Close To Earth
An invisible molecular cloud that could shed light on how stars and planets form has been detected surprisingly close to Earth. From a report: Named Eos after the Greek goddess of the dawn, the cloud of gas would appear huge in the night sky if visible to the naked eye. It measures roughly 40 moons in width and has a weight about 3,400 times the mass of the sun, researchers reported in a study published Monday in the journal Nature Astronomy.
"In astronomy, seeing the previously unseen usually means peering deeper with ever more sensitive telescopes -- detecting those smaller planets ... those more distant galaxies," said study coauthor Thomas Haworth, an astrophysicist at Queen Mary University of London. "This thing was pretty much in our cosmic backyard, and we've just missed it," he added. Molecular clouds are composed of gas and dust from which hydrogen and carbon monoxide molecules can form. Dense clumps within these clouds can collapse to form young stars. The article clarifies that Eos is 300 light-years away, which to be sure, is closer than any of the molecular clouds that we've known about previously.
at Slashdot.
Army Will Seek Right To Repair Clauses In All Its Contracts
An anonymous reader quotes a report from 404 Media: A new memo from Secretary of Defense Pete Hegseth is calling on defense contractors to grant the Army the right-to-repair. The Wednesday memo is a document about "Army Transformation and Acquisition Reform" that is largely vague but highlights the very real problems with IP constraints that have made it harder for the military to repair damaged equipment.
Hegseth made this clear at the bottom of the memo in a subsection about reform and budget optimization. "The Secretary of the Army shall identify and propose contract modifications for right to repair provisions where intellectual property constraints limit the Army's ability to conduct maintenance and access the appropriate maintenance tools, software, and technical data -- while preserving the intellectual capital of American industry," it says. "Seek to include right to repair provisions in all existing contracts and also ensure these provisions are included in all new contracts." [...]
The memo would theoretically mean that the Army would refuse to sign contracts with companies that make it difficult to fix what it sells to the military. The memo doesn't carry the force of law, but subordinates do tend to follow the orders given within. The memo also ordered the Army to stop producing Humvees and some other light vehicles, and Breaking Defense confirmed that it had. "This is a victory in our work to let people fix their stuff, and a milestone on the campaign to expand the Right to Repair. It will save the American taxpayer billions of dollars, and help our service members avoid the hassle and delays that come from manufacturers' repair restrictions," Isaac Bowers, the Federal Legislative Director of U.S. PIRG, said in a statement.
at Slashdot.
Google is Putting AI Mode Right in Search
A "small percentage" of Google's users in the US will begin seeing an AI Mode tab in Google Search "in the coming weeks," the company said Thursday, marking the tool's first deployment outside the company's experimental Labs environment.
Unlike traditional search results that display URLs based on user queries, AI Mode generates conversational responses from Google's search index. The feature will appear as a dedicated tab positioned before the standard "All," "Images," and other search filters. The deployment represents Google's direct challenge to LLM-powered search engines like Perplexity and ChatGPT.
AI Mode differs from existing AI Overviews in Google Search, which merely insert AI summaries between the search box and web results.
at Slashdot.
Chemical In Plastics Linked To 350,000 Heart Disease Deaths
An anonymous reader quotes a report from The Hill: Daily exposure to certain chemicals used to manufacture household plastics may be connected to more than 356,000 cardiovascular-related deaths in 2018 alone, a new analysis has found. These chemicals, called phthalates, are present in products around the world but have particular popularity in the Middle East, South Asia, East Asia and the Pacific -- regions that collectively bore about 75 percent of the global death total, according to the research, published on Tuesday in the Lancet eBioMedicine.
Phthalates, often used in personal care products, children's toys and food packaging and processing materials, are known to disrupt hormone function and have been linked to birth defects, infertility, learning disabilities and neurological disorders. The NYU Langone Health team focused in the analysis on a kind of phthalate called di-2-ethylhexyl phthalate (DEHP), which is used to make items like food containers and medical equipment softer and more flexible. Scientists have already shown that exposure to DEHP can trigger an overactive immune response in the heart's arteries, which over time can be linked to increased risk of heart attack or stroke.
In the new analysis, the researchers estimated that DEHP exposure played a role in 356,238 global deaths in 2018, or nearly 13.5 percent of heart disease mortality among men and women ages 55 through 64. [...] These findings are in line with the team's previous research, which in 2021 determined that phthalates were connected to more than 50,000 premature deaths each year among older Americans -- most of whom succumbed to heart conditions. But this latest analysis is likely the first global estimate of cardiovascular mortality resulting from exposure to these environmental contaminants [...]. In a separate report from the New York Times, author Nina Agrawal highlights some of the caveats with the data.
First of all, the study relies heavily on statistical modeling and assumptions, drawing from prior research that may include biases and confounding factors like diet or socioeconomic status. It also uses U.S.-based risk estimates that may not generalize globally and focuses only on one type of phthalate (DEHP). Additionally, as Agrawal points out, this is an observational study, showing correlation rather than causation. As such, more direct, long-term research is needed to clarify the true health impact of phthalate exposure.
at Slashdot.
Oracle Engineers Caused Days-Long Software Outage at US Hospitals
Oracle engineers mistakenly triggered a five-day software outage at a number of Community Health Systems hospitals, causing the facilities to temporarily return to paper-based patient records. From a report: CHS told CNBC that the outage involving Oracle Health, the company's electronic health record (EHR) system, affected "several" hospitals, leading them to activate "downtime procedures." Trade publication Becker's Hospital Review reported that 45 hospitals were hit.
The outage began on April 23, after engineers conducting maintenance work mistakenly deleted critical storage connected to a key database, a CHS spokesperson said in a statement. The outage was resolved on Monday, and was not related to a cyberattack or other security incident. CHS is based in Tennessee and includes 72 hospitals in 14 states, according to the medical system's website.
at Slashdot.