An anonymous reader quotes a report from Digital Trends: HP researchers have published a paper detailing a new modular monitor design they call "composable microLED monitors." Using advancing microLED tech to make smaller screens with no bezels, they imagine a Lego-like system that allows customers to buy different monitor modules and slot them together at home. In the paper, diagrams show "core units" with a direct connection to the host computer being expanded both horizontally and vertically with multiple extensions. The idea is that by choosing from flat or curved extension pieces and connecting them to the core unit, you can make a monitor in whatever size or shape you want. To keep assembly simple and effective, the design uses jigsaw-like connections alongside magnets to ensure each module automatically aligns correctly. And to prevent the number of possible configurations from getting out of hand, the design only allows extensions to attach to the sides or bottom of the square-shaped core unit. Once your strangely shaped monitor is complete, you would be able to choose how your operating system treats each part -- either as an extension of the core unit or as a separate screen. These settings would be controlled with physical switches on the modules that you could change whenever you wanted. As for the sizes of the modules, HP proposes a range of different possibilities, some more complicated than others. In an ideal situation, customers would be able to choose from either flat or curved core units and add flat or curved extensions of varying sizes. If that proved too difficult, curved monitor elements could be taken out of the picture completely, and customers would just add flat extensions to a flat core unit. As cool as this all sounds, there is a glaring problem -- how would the seams between each module look? Thanks to the bezel-less design, there at least wouldn't be a thick black divider between each part. However, a thin line or visible distortion would be inevitable. One approach HP proposes is minimizing the gap between each panel as much as possible and just accepting the thin line it creates. Alternatives include complicated techniques to disguise the joints using hardware or software solutions that modify the display of edge pixels to minimize visual joints. HP would have to find a balance between technical viability, cost, and customer feedback to determine the best overall solution.

Read more of this story at Slashdot.

Benj Edwards and Ashley Belanger reports via Ars Technica: On Wednesday, Axios broke the news that OpenAI had signed deals with The Atlantic and Vox Media that will allow the ChatGPT maker to license their editorial content to further train its language models. But some of the publications' writers -- and the unions that represent them -- were surprised by the announcements and aren't happy about it. Already, two unions have released statements expressing "alarm" and "concern." "The unionized members of The Atlantic Editorial and Business and Technology units are deeply troubled by the opaque agreement The Atlantic has made with OpenAI," reads a statement from the Atlantic union. "And especially by management's complete lack of transparency about what the agreement entails and how it will affect our work." The Vox Union -- which represents The Verge, SB Nation, and Vulture, among other publications -- reacted in similar fashion, writing in a statement, "Today, members of the Vox Media Union ... were informed without warning that Vox Media entered into a 'strategic content and product partnership' with OpenAI. As both journalists and workers, we have serious concerns about this partnership, which we believe could adversely impact members of our union, not to mention the well-documented ethical and environmental concerns surrounding the use of generative AI." [...] News of the deals took both journalists and unions by surprise. On X, Vox reporter Kelsey Piper, who recently penned an expose about OpenAI's restrictive non-disclosure agreements that prompted a change in policy from the company, wrote, "I'm very frustrated they announced this without consulting their writers, but I have very strong assurances in writing from our editor in chief that they want more coverage like the last two weeks and will never interfere in it. If that's false I'll quit.." Journalists also reacted to news of the deals through the publications themselves. On Wednesday, The Atlantic Senior Editor Damon Beres wrote a piece titled "A Devil's Bargain With OpenAI," in which he expressed skepticism about the partnership, likening it to making a deal with the devil that may backfire. He highlighted concerns about AI's use of copyrighted material without permission and its potential to spread disinformation at a time when publications have seen a recent string of layoffs. He drew parallels to the pursuit of audiences on social media leading to clickbait and SEO tactics that degraded media quality. While acknowledging the financial benefits and potential reach, Beres cautioned against relying on inaccurate, opaque AI models and questioned the implications of journalism companies being complicit in potentially destroying the internet as we know it, even as they try to be part of the solution by partnering with OpenAI. Similarly, over at Vox, Editorial Director Bryan Walsh penned a piece titled, "This article is OpenAI training data," in which he expresses apprehension about the licensing deal, drawing parallels between the relentless pursuit of data by AI companies and the classic AI thought experiment of Bostrom's "paperclip maximizer," cautioning that the single-minded focus on market share and profits could ultimately destroy the ecosystem AI companies rely on for training data. He worries that the growth of AI chatbots and generative AI search products might lead to a significant decline in search engine traffic to publishers, potentially threatening the livelihoods of content creators and the richness of the Internet itself.

Read more of this story at Slashdot.

On June 3, a "planet parade" of six planets -- Jupiter, Mercury, Uranus, Mars, Neptune and Saturn -- will form a straight line through the pre-dawn sky. Astronomy.com reports: Some 20 minutes before sunrise, all six planets should be visible, though note that Uranus (magnitude 5.9) and Neptune (magnitude 7.8) will be too faint for naked-eye observing and, although they're present in the lineup, will need binoculars or a telescope to spot. But Jupiter (magnitude -2), Mercury (magnitude -1), Mars (magnitude 1), and Saturn (magnitude 1) will all stand out clearly to the naked eye in a line spanning some 73 degrees on the sky. What's more, a delicate waning crescent Moon is crashing the party as well, standing just to the lower left of Mars. Note, however, that our Moon is not perfectly in line -- that's because Luna's orbit is tilted some 5 degrees with respect to the ecliptic. The next morning, June 4, the crescent Moon does a little better, falling more closely in line a bit farther from Mars. But now Mercury has stepped out of place and stands to Jupiter's lower right (south) as the two planets reach a close conjunction just 7 degrees apart -- not to be missed, especially in binoculars or telescopes! By June 5, Mercury lies to Jupiter's lower left, replacing the gas giant as the easternmost point in the planetary lineup. And the nearly New Moon (just 2 percent lit) stands above the pair. As June progresses, Mercury quickly ducks out of view, passing close to the Sun before reappearing in the evening sky and leaving us with only five planets in the pre-dawn sky. But those planets continue to form a nice, clean line, stretching nearly 80 degrees from Jupiter to Saturn (with Uranus, Mars, and Neptune in between) by June 30. On this morning, the Moon as rejoined the line, once again a delicate waning crescent about 33 percent lit, hanging perfectly in place to Mars' upper right.

Read more of this story at Slashdot.

An anonymous reader quotes a report from the New York Times: Last year, Jaume Pellicer led a team of fellow scientists into a forest on Grande Terre, an island east of Australia. They were in search of a fern called Tmesipteris oblanceolata. Standing just a few inches tall, it was not easy to find on the forest floor. "It doesn't catch the eye," said Dr. Pellicer, who works at the Botanical Institute of Barcelona in Spain. "You would probably step on it and not even realize it." The scientists eventually managed to spot the nondescript fern. When Dr. Pellicer and his colleagues studied it in the lab, they discovered it held an extraordinary secret. Tmesipteris oblanceolata has the largest known genome on Earth. As the researchers described in a study published on Friday, the fern's cells contain more than 50 times as much DNA as ours do. [The analysis revealed the species T. oblanceolata to have a record-breaking genome size of 160.45 Gbp, which is about 7% larger than that of P. japonica (148.89 Gbp). For comparison, the human genome contains about 3.1 Gbp distributed across 23 chromosomes and when stretched out like a ball of yarn, the length of DNA in each cell only measures about 2m.] "Surprisingly, having a larger genome is usually not an advantage," notes Phys.org in a report. "In the case of plants, species possessing large amounts of DNA are restricted to being slow growing perennials, are less efficient at photosynthesis (the process by which plants convert the sun's energy into sugars) and require more nutrients (especially nitrogen and phosphates) to grow and compete successfully with their smaller-genomed neighbors. In turn, such effects may influence the ability of a plant to adapt to climate change and their risk of extinction." "In animals, some of the largest genomes include the marbled lungfish (Protopterus aethiopicus) at 129.90 Gbp and the Neuse River waterdog (Necturus lewisi) at 117.47 Gbp," reports Phys.org. "In stark contrast, six of the largest-known eukaryotic genomes are held by plants, including the European mistletoe (Viscum album) at 100.84 Gbp."

Read more of this story at Slashdot.

London's famed Evening Standard newspaper has announced plans to end its daily outlet, "bringing an end to almost 200 years of publication in the capital," reports The Guardian. Going forward, the company plans to launch "a brand new weekly newspaper later this year and consider options for retaining ES Magazine with reduced frequency," while also working to increase traffic to its website. "In its 197-year history the Evening Standard has altered its format, price, content and distribution models," notes The Guardian. "But giving up on producing a daily print newspaper is the biggest change yet." From the report: The newspaper said it has been hit hard by the introduction of wifi on the London Underground, a shortage of commuters owing to the growth of working from home and changing consumer habits. The Standard lost 84.5 million pounds in the past six years, according to its accounts, and is reliant on funding from its part-owner Evgeny Lebedev. Its other shareholders include a bank with close links to the Saudi government. Industry sources suggested Lebedev had been willing to consider selling the outlet in recent years but no buyer was found. Paul Kanareck, the newspaper's chair, told staff on Wednesday morning: "The substantial losses accruing from the current operations are not sustainable. Therefore, we plan to consult with our staff and external stakeholders to reshape the business, return to profitability and secure the long-term future of the number one news brand in London." Kanareck said there would be an "impact on staffing," with journalists bracing themselves for further job losses on top of years of redundancies, while design staff on the print edition are expected to be hit hard. Distributors who hand out the newspaper across London are also likely to be out of work, and billboards outside railway stations advertising the day's headline will stand empty on most days. He suggested there would be a change in focus for the weekly outlet: "A proposed new weekly newspaper would replace the daily publication, allowing for more in-depth analysis of the issues that matter to Londoners, and serve them in a new and relevant way by celebrating the best London has to offer, from entertainment guides to lifestyle, sports, culture and news and the drumbeat of life in the world's greatest city." Closing the Evening Standard will mean that for the first time in centuries, Londoners will have no general-interest daily print newspaper. The finance-focused City AM, which was recently saved by the billionaire Matthew Moulding, will continue to publish four days a week and has recently increased its distribution. Further reading: So it's goodbye to London's Standard, my old paper -- and to the heart of democracy, local news (Opinion; The Guardian)

Read more of this story at Slashdot.

Last than two weeks after it was announced, "Windows enthusiasts have managed to crack Microsoft's flagship AI-powered Recall feature to run on unsupported hardware," reports The Verge. From the report: Recall leverages local AI models on new Copilot Plus PCs to run in the background and take snapshots of anything you've done or seen on your PC. You then get a timeline you can scrub through and the ability to search for photos, documents, conversations, or anything else on your PC. Microsoft positioned Recall as needing the very latest neural processing units (NPU) on new PCs, but you can actually get it running on older Arm-powered hardware. Windows watcher Albacore has created a tool called Amperage, which enables Recall on devices that have an older Qualcomm Snapdragon chip, Microsoft's SQ processors, or an Ampere chipset. You need to have the latest Windows 11 24H2 update installed on one of these Windows on Arm devices, and then the tool will unlock and enable Recall. [...] You can technically unlock Recall on x86 devices, but the app won't do much until Microsoft publishes the x64 AI components required to get it up and running. Rumors suggest both AMD and Intel are close to announcing Copilot Plus PCs, so Microsoft's AI components for those machines may well appear soon. I managed to get Recall running on an x64 Windows 11 virtual machine earlier today just to test out the initial first-run experience.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Bloomberg: California expects to avoid rolling blackouts this summer as new solar plants and large batteries plug into the state's grid at a rapid clip. The state's electricity system has been strained by years of drought, wildfires that knock out transmission lines and record-setting heat waves. But officials forecast Wednesday new resources added to the grid in the last four years would give California ample supplies for typical summer weather. Since 2020, California has added 18.5 gigawatts of new resources. Of that, 6.6 gigawatts were batteries, 6.3 gigawatts were solar and 1.4 gigawatts were a combination of solar and storage. One gigawatt can power about 750,000 homes. In addition, the state's hydropower plants will be a reliable source of electricity after two wet winters in a row ended California's most recent drought. Those supplies would hold even if California experiences another heat wave as severe as the one that triggered rolling blackouts across the state in August 2020, officials said in a briefing Wednesday. In the most dire circumstances, the state now has backup resources that can supply an extra 5 gigawatts of electricity, including gas-fired power plants that only run during emergencies.

Read more of this story at Slashdot.

The New York Times, owner of the once-viral, word game Wordle, is suing a geography-based spinoff called Worldle, accusing its similar name of "creating confusion" and attempting to capitalize on "the enormous goodwill" associated with its own brand. Worldle's creator, Kory McDonald, vows to fight back. The BBC reports: "There's a whole industry of [dot]LE games," he told the BBC. "Wordle is about words, Worldle is about the world, Flaggle is about flags," he pointed out. The New York Times disagrees. Worldle is "nearly identical in appearance, sound, meaning, and imparts the same commercial impression to... Wordle," it says in its legal document. The paper told the BBC it had no further comment to make beyond the contents of its legal submission. British inventor Josh Wardle developed Wordle in 2021 as a side project to keep his girlfriend entertained. But since then it has become a behemoth, reaching millions of people worldwide. By contrast, around 100,000 people play Worldle every month, according to Mr McDonald, who is based in Seattle. It is not available as an app and can only be played via a web browser. It contains ads, with an option to play ad-free for 10 pounds per year but Mr McDonald says that most of the money he makes from the game goes to Google because he uses Google Street View images, which players have to try to identify. Other popular [dot]LE games include: - Quordle, a set of four words to guess at the same time - Nerdle, a maths-based challenge - Heardle, which is based on identifying music "There's even another game called Worldle, which involves identifying countries by their outlines," notes the BBC. "The New York Times declined to say whether it intended to pursue them as well."

Read more of this story at Slashdot.

The Affordable Connectivity Program (ACP), which provided monthly internet bill credits for low-income Americans, will officially end on June 1 due to a lack of additional funding from Congress. This termination threatens nearly 60 million Americans with increased financial hardship, as the program's lapse leaves them without the subsidies that made internet access affordable. CNN reports: The 2.5-year-old ACP provided eligible low-income Americans with a monthly credit off their internet bills, worth up to $30 per month and as much as $75 per month for households on tribal lands. The pandemic-era program was a hit with members of both political parties and served tens of millions of seniors, veterans and rural and urban Americans alike. Program participants received only partial benefits in May ahead of the ACP's expected collapse. [...] On Friday, Biden reiterated his calls for Congress to pass legislation extending the ACP. He also announced a series of voluntary commitments by a handful of internet providers to offer -- or continue offering -- their own proprietary low-income internet plans. The list includes AT&T, Comcast, Cox, Charter's Spectrum and Verizon, among others. Those providers will continue to offer qualifying ACP households a broadband plan for $30 or less, the White House said, and together the companies are expected to cover roughly 10 million of the 23 million households relying on the ACP. "The Affordable Connectivity Program filled an important gap that provider low-income programs, state and local affordability programs, and the Lifeline program cannot fully address," said FCC Chairwoman Jessica Rosenworcel in a statement, referring to the name of another, similar FCC program that subsidizes wireless and home internet service. "The Commission is available to provide any assistance Congress may need to support funding the ACP in the future and stands ready to resume the program if additional funding is provided."

Read more of this story at Slashdot.

An anonymous reader quotes a report from the BBC: Hackers are attempting to sell what they say is confidential information belonging to millions of Santander staff and customers. They belong to the same gang which this week claimed to have hacked Ticketmaster. The bank -- which employs 200,000 people worldwide, including around 20,000 in the UK -- has confirmed data has been stolen. Santander has apologized for what it says is "the concern this will understandably cause" adding it is "proactively contacting affected customers and employees directly." "Following an investigation, we have now confirmed that certain information relating to customers of Santander Chile, Spain and Uruguay, as well as all current and some former Santander employees of the group had been accessed," it said in a statement posted earlier this month. "No transactional data, nor any credentials that would allow transactions to take place on accounts are contained in the database, including online banking details and passwords." It said its banking systems were unaffected so customers could continue to "transact securely." In a post on a hacking forum -- first spotted by researchers at Dark Web Informer- the group calling themselves ShinyHunters posted an advert saying they had data including: 30 million people's bank account details, 6 million account numbers and balances, 28 million credit card numbers, and HR information for staff. Santander has not commented on the accuracy of those claims.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Reuters: Best Buy is set to post its tenth consecutive quarter of sales decline on Thursday when the U.S. electronics retailer reports quarterly results, as spending on big-ticket electronics remains pressured despite easing inflation. Although results from big-box retailers Walmart and Target indicate that consumers have resumed spending on less-expensive discretionary items such as apparel and accessories, they are still hesitant to go for TVs and washing machines. UPDATE 5/30/24: Best Buy's quarterly profit exceeded Wall Street estimates due to improved demand in its computing category, cost-saving efforts, and a successful membership program, leading to a 10% rise in shares. "Demand for artificial intelligence-enabled laptops as well as higher-end televisions is helping Best Buy regain lost ground on sales in the country as consumers look to upgrade or replace their gadgets after more than two years of restraint on spending on electronics," reports Reuters. "The company is also banking on the launch of Microsoft's AI-powered Copilot+ PCs, which are expected to go on sale on June 18." "Best Buy CEO Corie Barry said on a post-earnings call that the company expects to have more than 40% of the product assortment at launch exclusive to the company. The company has also benefited from people signing up for its two-tiered membership program, which it refreshed last year, helping the top electronics retailer in the United States retain shoppers and drive better margins."

Read more of this story at Slashdot.

David Snow reports via Cult of Mac: A new report from Consumer Intelligence Research Partners (CIRP) shows Apple News+ growing its subscription rate about four times as fast as major news sites are. CIRP showed Apple increased its News+ subscriptions in the United States from 15% to 24% between 2020 to 2024, a 9% increase. In that same period, The New York Times and The Washington Post managed a 2% bump apiece and The Wall Street Journal managed a 3% increase. The results come from data measuring how many Apple product buyers say they subscribe to the News+ service. CIRP also cited a report indicating that the Apple News+ partnership program is increasingly becoming a lifeline for news websites losing revenue, according to major publishers. And as far as the growth of Apple News+ subscription growth is concerned, it may keep growing as long as the user install base for devices keeps growing. "One-quarter of the U.S. base of Apple customers represents tens of millions of users, an enormous audience relative to what individual media outlets can expect on their own," CIRP noted.

Read more of this story at Slashdot.

With the help of NASA's James Webb Space Telescope (JWST), an international team of astronomers discovered a galaxy at a redshift of 14.32, indicating it existed just 290 million years post-Big Bang. In a NASA release today, Stefano Carniani from Scuola Normale Superiore in Pisa, Italy, and Kevin Hainline from the University of Arizona in Tucson, Arizona, described how this source was found and what its unique properties tell us about galaxy formation: "The instruments on Webb were designed to find and understand the earliest galaxies, and in the first year of observations as part of the JWST Advanced Deep Extragalactic Survey (JADES), we found many hundreds of candidate galaxies from the first 650 million years after the big bang. In early 2023, we discovered a galaxy in our data that had strong evidence of being above a redshift of 14, which was very exciting, but there were some properties of the source that made us wary. The source was surprisingly bright, which we wouldn't expect for such a distant galaxy, and it was very close to another galaxy such that the two appeared to be part of one larger object. When we observed the source again in October 2023 as part of the JADES Origins Field, new imaging data obtained with Webb's narrower NIRCam (Near-Infrared Camera) filters pointed even more toward the high-redshift hypothesis. We knew we needed a spectrum, as whatever we would learn would be of immense scientific importance, either as a new milestone in Webb's investigation of the early universe or as a confounding oddball of a middle-aged galaxy. In January 2024, NIRSpec observed this galaxy, JADES-GS-z14-0, for almost ten hours, and when the spectrum was first processed, there was unambiguous evidence that the galaxy was indeed at a redshift of 14.32, shattering the previous most-distant galaxy record (z = 13.2 of JADES-GS-z13-0). Seeing this spectrum was incredibly exciting for the whole team, given the mystery surrounding the source. This discovery was not just a new distance record for our team; the most important aspect of JADES-GS-z14-0 was that at this distance, we know that this galaxy must be intrinsically very luminous. From the images, the source is found to be over 1,600-light years across, proving that the light we see is coming mostly from young stars and not from emission near a growing supermassive black hole. This much starlight implies that the galaxy is several hundreds of millions of times the mass of the Sun! This raises the question: How can nature make such a bright, massive, and large galaxy in less than 300 million years? The data reveal other important aspects of this astonishing galaxy. We see that the color of the galaxy is not as blue as it could be, indicating that some of the light is reddened by dust, even at these very early times. JADES researcher Jake Helton of Steward Observatory and the University of Arizona also identified that JADES-GS-z14-0 was detected at longer wavelengths with Webb's MIRI (Mid-Infrared Instrument), a remarkable achievement considering its distance. The MIRI observation covers wavelengths of light that were emitted in the visible-light range, which are redshifted out of reach for Webb's near-infrared instruments. Jake's analysis indicates that the brightness of the source implied by the MIRI observation is above what would be extrapolated from the measurements by the other Webb instruments, indicating the presence of strong ionized gas emission in the galaxy in the form of bright emission lines from hydrogen and oxygen. The presence of oxygen so early in the life of this galaxy is a surprise and suggests that multiple generations of very massive stars had already lived their lives before we observed the galaxy. All of these observations, together, tell us that JADES-GS-z14-0 is not like the types of galaxies that have been predicted by theoretical models and computer simulations to exist in the very early universe. Given the observed brightness of the source, we can forecast how it might grow over cosmic time, and so far we have not found any suitable analogs from the hundreds of other galaxies we've observed at high redshift in our survey. Given the relatively small region of the sky that we searched to find JADES-GS-z14-0, its discovery has profound implications for the predicted number of bright galaxies we see in the early universe, as discussed in another concurrent JADES study (Robertson et al., recently accepted). It is likely that astronomers will find many such luminous galaxies, possibly at even earlier times, over the next decade with Webb. We're thrilled to see the extraordinary diversity of galaxies that existed at Cosmic Dawn!

Read more of this story at Slashdot.

An anonymous reader quotes a report from The Guardian: The slashing of pollution from shipping in 2020 led to a big "termination shock" that is estimated have pushed the rate of global heating to double the long-term average, according to research. Until 2020, global shipping used dirty, high-sulphur fuels that produced air pollution. The pollution particles blocked sunlight and helped form more clouds, thereby curbing global heating. But new regulations at the start of 2020 slashed the sulphur content of fuels by more than 80%. The new analysis calculates that the subsequent drop in pollution particles has significantly increased the amount of heat being trapped at the Earth's surface that drives the climate crisis. The researchers said the sharp ending of decades of shipping pollution was an inadvertent geoengineering experiment, revealing new information about its effectiveness and risks. Dr Tianle Yuan, at the University of Maryland, US, who led the study, said the estimated 0.2 watts per sq meter of additional heat trapped over the oceans after the pollution cut was "a big number, and it happened in one year, so it's a big shock to the system." "We will experience about double the warming rate compared to the long-term average" since 1880 as a result, he said. The heating effect of the pollution cut is expected to last about seven years. The research, published in the journal Communications Earth & Environment, combined satellite observations of sulphur pollution and computer modeling to calculate the impact of the cut. It found the short-term shock was equivalent to 80% of the total extra heating the planet has seen since 2020 from longer-term factors such as rising fossil-fuel emissions. The scientists used relatively simple climate models to estimate how much this would drive up average global temperatures at the surface of the Earth, finding a rise of about 0.16C over seven years. This is a large rise and the same margin by which 2023 beat the temperature record compared with the previous hottest year. However, other scientists think the temperature impact of the pollution cut will be significantly lower due to feedbacks in the climate system, which are included in the most sophisticated climate models. The results of this type of analysis are expected later in 2024. [...] The new analysis indicates that this type of geoengineering would reduce temperatures, but would also bring serious risks. These include the sharp temperature rise when the pumping of aerosols stopped -- the termination shock -- and also potential changes to global precipitation patterns, which could disrupt the monsoon rains that billions of people depend on. "We should definitely do research on this, because it's a tool for situations where we really want to cool down the Earth temporarily," like an emergency brake, said Dr Gavin Schmidt, Director of the NASA Goddard Institute for Space Studies. "But this is not going to be a long-term solution, because it doesn't address the root cause of global warming," which is emissions from fossil fuel burning.

Read more of this story at Slashdot.

Now included in Amazon Prime is free delivery via Grubhub. According to The Verge, "Amazon is now embedding Grubhub into Amazon.com and the Amazon Shopping app, and Amazon Prime customers paying $139 per year for Amazon Prime will now pay $0 for food delivery fees on orders of $12 or more, among other benefits." From the report: Amazon had previously offered Prime customers a free one-year subscription to GrubHub Plus, but that one auto-renewed at $129 per year. Now, it's a permanent part of the Amazon Prime subscription. Amazon says the ordering experience is "identical" to ordering from Grubhub's website or app and is accessible to all customers, even without Prime. Amazon and Grubhub say they'll continue collaborating on other promotions, including food pairings and promotions like the limited Nuka burger for the Fallout series premiere. Prime members can also get $5 off their Grubhub meal of $25 or more made through Amazon with code PRIME5 (valid through June 2nd). What will likely not be included in Amazon's Prime subscription is Alexa's upcoming AI overhaul. "Amazon is upgrading its decade-old Alexa voice assistant with generative AI and plans to charge a monthly subscription fee to offset the cost of the technology," CNBC reported earlier this month. Unfortunately, sources said it will not be included in the $139-per-year Prime offering.

Read more of this story at Slashdot.

Computer hardware manufacturer Cooler Master has confirmed that it suffered a data breach on May 19 after a threat actor breached the company's website, stealing the Fanzone member information of 500,000 customers. BleepingComputer reports: [A] threat actor known as 'Ghostr' told us they hacked the company's Fanzone website on May 18 and downloaded its linked databases. Cooler Master's Fanzone site is used to register a product's warranty, request an RMA, or open support tickets, requiring customers to fill in personal data, such as names, email addresses, addresses, phone numbers, birth dates, and physical addresses. Ghostr said they were able to download 103 GB of data during the Fanzone breach, including the customer information of over 500,000 customers. The threat actor also shared data samples, allowing BleepingComputer to confirm with numerous customers listed in the breach that their data was accurate and that they recently requested support or an RMA from Cooler Master. Other data in the samples included product information, employee information, and information regarding emails with vendors. The threat actor claimed to have partial credit card information, but BleepingComputer could not find this data in the data samples. The threat actor now says they will sell the leaked data on hacking forums but has not disclosed the price. Cooler Master said in a statement to BleepingComputer: "We can confirm on May 19, Cooler Master experienced a data breach involving unauthorized access to customer data. We immediately alerted the authorities, who are actively investigating the breach. Additionally, we have engaged top security experts to address the breach and implement new measures to prevent future incidents. These experts have successfully secured our systems and enhanced our overall security protocols. We are in the process of notifying affected customers directly and advising them on next steps. We are committed to providing timely updates and support to our customers throughout this process."

Read more of this story at Slashdot.

According to CNBC, Twitch is expected to terminate all members of its Safety Advisory Council on Friday. "The council is a resource of nine industry experts, streamers and moderators who consulted on trust and safety issues related to children on Twitch, nudity, banned users and more," notes the report. From the report: The Amazon-owned game-streaming company formed its Safety Advisory Council in May 2020 to "enhance Twitch's approach to issues of trust and safety" on the platform and guide decisions, according to a company webpage. The council advised Twitch on "drafting new policies and policy updates," "developing products and features to improve safety and moderation" and "protecting the interests of marginalized groups," per the webpage. For four years, the group advised the company on "hate raids" on marginalized groups and nudity policies, among other things. But in the afternoon of May 6, council members were called into a meeting after receiving an email that all existing contracts would conclude on May 31, 2024, and that they would not receive payment for the second half of 2024. The council was not made up of Twitch employees, but rather advisors, including Dr. Sameer Hinduja, co-director of the Cyberbullying Research Center; Emma LlansÃ, director of the Center for Democracy and Technology's Free Expression Project; and Dr. T.L. Taylor, co-founder and director of AnyKey, which advocates for diversity and inclusion in gaming. "Looking ahead, the Safety Advisory Council will primarily be made up of individuals who serve as Twitch Ambassadors," the email, viewed by CNBC, stated. In a formal notice in the same email, the company wrote, "Pursuant to section 5(a) of the SAC advisor Agreement, we are writing to provide you with notice of termination... This means that the second 2024 payment won't be issued." Twitch Ambassadors are users of the streaming platform "chosen specifically because of the positive impact they've contributed to the Twitch community," according to the company's website. Payment depended on the length of the contract, but council members were paid between $10,000 and $20,000 per 12-month period, according to a source familiar with the contracts.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Reuters: TikTok is working on a clone of its recommendation algorithm for its 170 million U.S. users that may result in a version that operates independently of its Chinese parent and be more palatable to American lawmakers who want to ban it, according to sources with direct knowledge of the efforts. The work on splitting the source code ordered by TikTok's Chinese parent ByteDance late last year predated a bill to force a sale of TikTok's U.S. operations that began gaining steam in Congress this year. The bill was signed into law in April. The sources, who were granted anonymity because they are not authorized to speak publicly about the short-form video sharing app, said that once the code is split, it could lay the groundwork for a divestiture of the U.S. assets, although there are no current plans to do so. The company has previously said it had no plans to sell the U.S. assets and such a move would be impossible. [...] In the past few months, hundreds of ByteDance and TikTok engineers in both the U.S. and China were ordered to begin separating millions of lines of code, sifting through the company's algorithm that pairs users with videos to their liking. The engineers' mission is to create a separate code base that is independent of systems used by ByteDance's Chinese version of TikTok, Douyin, while eliminating any information linking to Chinese users, two sources with direct knowledge of the project told Reuters. [...] The complexity of the task that the sources described to Reuters as tedious "dirty work" underscores the difficulty of splitting the underlying code that binds TikTok's U.S. operations to its Chinese parent. The work is expected to take over a year to complete, these sources said. [...] At one point, TikTok executives considered open sourcing some of TikTok's algorithm, or making it available to others to access and modify, to demonstrate technological transparency, the sources said. Executives have communicated plans and provided updates on the code-splitting project during a team all-hands, in internal planning documents and on its internal communications system, called Lark, according to one of the sources who attended the meeting and another source who has viewed the messages. Compliance and legal issues involved with determining what parts of the code can be carried over to TikTok are complicating the work, according to one source. Each line of code has to be reviewed to determine if it can go into the separate code base, the sources added. The goal is to create a new source code repository for a recommendation algorithm serving only TikTok U.S. Once completed, TikTok U.S. will run and maintain its recommendation algorithm independent of TikTok apps in other regions and its Chinese version Douyin. That move would cut it off from the massive engineering development power of its parent company in Beijing, the sources said. If TikTok completes the work to split the recommendation engine from its Chinese counterpart, TikTok management is aware of the risk that TikTok U.S. may not be able to deliver the same level of performance as the existing TikTok because it is heavily reliant on ByteDance's engineers in China to update and maintain the code base to maximize user engagement, sources added.

Read more of this story at Slashdot.

The free online tax filing program known as IRS Direct File will be made permanent for the 2025 tax season, with all 50 states and Washington D.C. invited to participate. Axios reports: Treasury announced earlier this month that more than 140,000 people participated in the Direct File pilot program in a dozen states claiming more than $90 million in refunds. The pilot exceeded its 100,000-person target during this past tax season. "President Biden is committed to saving Americans time and money and ensuring families receive the tax benefits they're owed," Treasury Secretary Janet Yellen said in a statement. "Providing a free tool to all Americans who want the option to file directly with the IRS is key to achieving those goals." The pilot program targeted people with simple tax returns based on W-2 forms. In her remarks today Yellen said that over the next few years they will expand Direct File to support more situations. The announcement from the Treasury Department comes a week after the IRS' Free File program was extended through 2029. "Free file is where some of your tax dollars go to create the bridges between 3rd parties and the IRS filing system," notes Slashdot reader slack_justyb. "Direct file is the taxpayer to IRS direct system that we got a taste of this year. We want to keep on the direct file path, but the free file path helps breakup the larger entities out there that lobby hard to keep the return-free system from ever getting started."

Read more of this story at Slashdot.

If you contact Spotify's customer service with a valid receipt, the company will refund your Car Thing purchase. That's the latest development reported by Engadget. When Spotify first announced that it would brick every Car Thing device on December 9, 2024, it said that it wouldn't offer owners any subscription credit or automatic refund. From the report: Spotify has taken some heat for its announcement last week that it will brick every Car Thing device on December 9, 2024. The company described its decision as "part of our ongoing efforts to streamline our product offerings" (read: cut costs) and that it lets Spotify "focus on developing new features and enhancements that will ultimately provide a better experience to all Spotify users." TechCrunch reports that Gen Z users on TikTok have expressed their frustration in videos, while others have complained directed toward Spotify in DMs on X (Twitter) and directly through customer support. Some users claimed Spotify's customer service agents only offered several months of free Premium access, while others were told nobody was receiving refunds. It isn't clear if any of them contacted them after last Friday when it shifted gears on refunds. Others went much further. Billboard first reported on a class-action lawsuit filed in the US District Court for the Southern District of New York on May 28. The suit accuses Spotify of misleading Car Thing customers by selling a $90 product that would soon be obsolete without offering refunds, which sounds like a fair enough point. It's worth noting that, according to Spotify, it began offering the refunds last week, while the lawsuit was only filed on Tuesday. If the company's statement about refunds starting on May 24 is accurate, the refunds aren't a direct response to the legal action. (Although it's possible the company began offering them in anticipation of lawsuits.) Editor's note: As a disgruntled Car Thing owner myself, I can confirm that Spotify is approving refund requests. You'll just have to play the waiting game to get through to a Spotify Advisor and their "team" that approves these requests. You may have better luck emailing customer service directly at support@spotify.com.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Reuters: Sam Altman-led OpenAI said on Thursday it had disrupted five covert influence operations that sought to use its artificial intelligence models for "deceptive activity" across the internet. The artificial intelligence firm said the threat actors used its AI models to generate short comments, longer articles in a range of languages, made up names and bios for social media accounts over the last three months. These campaigns, which included threat actors from Russia, China, Iran and Israel, also focused on issues including Russia's invasion of Ukraine, the conflict in Gaza, the Indian elections, politics in Europe and the United States, among others. The deceptive operations were an "attempt to manipulate public opinion or influence political outcomes," OpenAI said in a statement. [...] The deceptive campaigns have not benefited from increased audience engagement or reach due to the AI firm's services, OpenAI said in the statement. OpenAI said these operations did not solely use AI-generated material but included manually written texts or memes copied from across the internet. In a separate announcement on Wednesday, Meta said it had found "likely AI-generated" content used deceptively across its platforms, "including comments praising Israel's handling of the war in Gaza published below posts from global news organizations and U.S. lawmakers," reports Reuters.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: Yesterday, Amazon failed to convince a US district court to dismiss the Federal Trade Commission's lawsuit targeting the tech giant's alleged history of tricking people into signing up for Prime. The FTC has alleged that Amazon "tricked, coerced, and manipulated consumers into subscribing to Amazon Prime," a court order said, failing to get informed consent by designing a murky sign-up process. And to keep subscriptions high, Amazon also "did not provide simple mechanisms for these subscribers to cancel their Prime memberships," the FTC alleged. Instead, Amazon forced "consumers intending to cancel to navigate a four-page, six-click, fifteen-option cancellation process." In their motion to dismiss, Amazon outright disputed these characterizations of its business, insisting its enrollment process was clear, its cancellation process was simple, and none of its executives could be held responsible for failing to fix these processes when "accidental" sign-ups became widespread. Amazon defended its current practices, arguing that some of its Prime disclosures "align with practices that the FTC encourages in its guidance documents." But the judge apparently did not find Amazon's denials completely persuasive. Viewing the FTC's complaint "in the light most favorable to the FTC," Judge John Chun concluded that "the allegations sufficiently indicate that Amazon had actual or constructive knowledge that its Prime sign-up and cancellation flows were misleading consumers." In his order (PDF), Chun also denied individual motions to dismiss from Amazon executives Russell Grandinetti, Neil Lindsay, and Jamil Ghani, who oversaw Prime operations. Executives had urged the court to dismiss the FTC's claims against them. They argued that the FTC "singled them out 'for an 'unprecedented sanction'" when the agency had "only recently started prosecuting companies for using 'dark patterns'" under Restore Online Shoppers' Confidence Act (ROSCA) and the FTC Act. They claimed that the FTC never alerted them to any wrongdoing before filing the lawsuit, so how could they have known they were violating the law? According to Chun, however, the FTC sufficiently alleged that each of these executives knew they were violating consumer protection laws when prioritizing profits over eliminating dark patterns triggering "accidental" or "nonconsensual" Prime sign-ups. Chun explained that executives may be "personally liable for corporate violations of the FTC Act if the individual 'participated directly in, or had the authority to control, the unlawful acts or practices at issue.'" For example, when Lindsay -- who in 2016 had the "most responsibility for the Prime subscription program" -- was "asked about Amazon's use of dark patterns during the Prime enrollment process," Lindsay justified the dark patterns. "Lindsay explained that once consumers become Prime members -- even unknowingly -- they will see what a great program it is and remain members, so Amazon is 'okay' with the situation," Chun's order said. And when Grandinetti, who "oversaw the Prime subscription program" in 2018, was told that the sign-up process and auto-renew feature frustrated customers, he "vetoed any changes that would reduce enrollment." Because executives seemingly prioritized profits over reducing customer friction, the FTC alleged that reasonable customers got sucked into Prime without their consent. Sometimes customers understandably got confused by the "discrepancy in size, location, and color" of Amazon's disclosures, Chun suggested. Other times, confusion struck when Amazon tried to upsell customers on Prime at checkout -- pairing their enrollment with their other shopping experience.

Read more of this story at Slashdot.

A survey of 12,000 people in six countries -- Argentina, Denmark, France, Japan, the UK, and the USA -- found that very few people are regularly using AI products like ChatGPT. Unsurprisingly, the group bucking the trend are young people ages 18 to 24. The BBC reports: Dr Richard Fletcher, the report's lead author, told the BBC there was a "mismatch" between the "hype" around AI and the "public interest" in it. The study examined views on generative AI tools -- the new generation of products that can respond to simple text prompts with human-sounding answers as well as images, audio and video. "Large parts of the public are not particularly interested in generative AI, and 30% of people in the UK say they have not heard of any of the most prominent products, including ChatGPT," Dr Fletcher said. This research attempted to gauge what the public thinks, finding: - The majority expect generative AI to have a large impact on society in the next five years, particularly for news, media and science - Most said they think generative AI will make their own lives better - When asked whether generative AI will make society as a whole better or worse, people were generally more pessimistic In more detail, the study found: - While there is widespread awareness of generative AI overall, a sizable minority of the public -- between 20% and 30% of the online population in the six countries surveyed -- have not heard of any of the most popular AI tools. - In terms of use, ChatGPT is by far the most widely used generative AI tool in the six countries surveyed, two or three times more widespread than the next most widely used products, Google Gemini and Microsoft Copilot. - Younger people are much more likely to use generative AI products on a regular basis. Averaging across all six countries, 56% of 18-24s say they have used ChatGPT at least once, compared to 16% of those aged 55 and over. - Roughly equal proportions across six countries say that they have used generative AI for getting information (24%) as creating various kinds of media, including text but also audio, code, images, and video (28%). - Just 5% across the six countries covered say that they have used generative AI to get the latest news.

Read more of this story at Slashdot.

Last August, PayPal became the first major financial company to roll out a stablecoin. Labeled PayPal USD, or PYUSD, the coin was issued on the Ethereum blockchain and "fully backed by U.S. dollar deposits, short-term Treasuries and similar cash equivalents." Now, the financial company is adding Solana as an option, "making PayPal's stablecoin faster and cheaper to use." "The Solana blockchain is known for processing massive amounts of transactions at high speeds with extremely low costs, providing significant benefits for commerce use cases," says the company in a press release. "As the most used blockchain for stablecoin transfers, according to data from blockchain analytics platform Artemis, Solana has emerged as the leading blockchain to run tokenized transactions and is ideal for PYUSD as it continues to be used for payment use cases."

Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: When used to generate power or move vehicles, fossil fuels kill people. Particulates and ozone resulting from fossil fuel burning cause direct health impacts, while climate change will act indirectly. Regardless of the immediacy, premature deaths and illness prior to death are felt through lost productivity and the cost of treatments. Typically, you see the financial impacts quantified when the EPA issues new regulations, as the health benefits of limiting pollution typically dwarf the costs of meeting new standards. But some researchers from Lawrence Berkeley National Lab have now done similar calculations -- but focusing on the impact of renewable energy. Wind and solar, by displacing fossil fuel use, are acting as a form of pollution control and so should produce similar economic benefits. Do they ever. The researchers find that, in the U.S., wind and solar have health and climate benefits of over $100 for every Megawatt-hour produced, for a total of a quarter-trillion dollars in just the last four years. This dwarfs the cost of the electricity they generate and the total of the subsidies they received. [...] As a result, the environmental and health benefits of wind in 2022 are estimated as being $143 for each Mw-hr, with solar providing $100/Mw-hr in benefits. Given the amount of power generated by wind and solar that year, that works out to a total of $62 billion and $12 billion, respectively. For the entire 2019-2022 period, they total up to $250 billion. Due to the uncertainties in various estimates, the researchers estimate that the real value for wind is somewhere between $91 and $183 per Mw-hr, with solar having a proportionate uncertainty. For comparison, they note that the unsubsidized costs of the electricity produced by wind and solar range from $20 to $60 per Mw-hr, depending on where the facility is sited. So, in some ways, the companies that own these plants are only receiving a very small fraction of the benefits of their operation. Wind and solar do receive subsidies, but even the most generous ones provided by the Inflation Reduction Act max out below $35/Mw-hr -- again, far less than the health and environmental benefits. The researchers note that most of these benefits (about 75 percent) come from the reduction in carbon dioxide emissions. Still, the nitrogen and sulfur emissions reductions were also substantial: They displaced the equivalent of roughly 20 percent of the power sector's total emissions of these chemicals. That translates into avoiding about 1,400 premature deaths in 2022 alone. The researchers acknowledge a number of limitations to their work. "One big one is that they don't include distributed solar at all, meaning their totals for that form of production are a significant underestimate," reports Ars, noting that the Energy Information Agency estimates that, in the U.S., distributed solar accounts for over 30 percent of total solar production. "It also, as mentioned, doesn't account for the use of storage such as batteries, which are increasingly used to offset the tail-off in solar production in the evenings." "In addition, their work doesn't account for the intermittency of renewable power sources, which can sometimes result in the use of less efficient fossil fuel plants and so offset some of these benefits. The drop of wind and solar prices are also influencing decisions on what types of fossil fuel plants are getting built, disfavoring coal and increasing investments in natural gas plants that can respond quickly to changes in renewable output. Over the long term, this will result in additional benefits that can't be captured by this sort of short-term analysis." The study has been published in the journal Cell Reports Sustainability.

Read more of this story at Slashdot.

schwit1 shares a report from NPR: When you first approach this bridge over Interstate 66 in northern Virginia, it may feel like you're driving on the wrong side of the road. Because, in a way, you are. "There were a lot of people who looked at me like I was a little nuts," says traffic engineer Gilbert Chlewicki, the inventor of this unconventional interchange. "Like, why are you putting me on the other side of the road?" Chlewicki agreed to meet at this intersection 35 miles west of Washington, D.C. to explain the workings of the diverging diamond interchange, as it's known. He was easy to spot, wearing a neon yellow vest for safety. As you enter the interchange, the right and left sides of the road cross over each other at a stop light. You are, in fact, driving on the left side of the road at this point. From there, left turns become a lot easier, because there's no oncoming traffic in the way. Instead of waiting for a signal, you get a free left turn. "When we do the cross-over to the left side of the road, that's when the left turns happen, so the left is very easy," says Chlewicki. That means diverging diamond interchanges can be both more efficient and safer than conventional intersections with left turn lanes. There are now more than 200 of them across the U.S., in more than 30 states. But at first, it wasn't easy to convince other traffic engineers. "Anything different is a hard sell," Chlewicki said. "Safety was the big question." In 2009, Missouri became the first state to install a diverging diamond interchange (DDI) at a congested intersection in Springfield. This new design quickly reduced traffic congestion and significantly improved safety, with crashes decreasing by 40-50%. However, drivers have mixed feelings about the design. Some, like school bus driver Logan Wilcox, feel it can be confusing and potentially dangerous for unfamiliar drivers. Others, like local driver Greg Peterson, praise it for improving traffic flow and reducing accidents.

Read more of this story at Slashdot.

Satellite-to-phones service provider AST SpaceMobile announced a deal with Verizon to provide remote coverage across the United States. "Verizon's deal effectively includes a $100 million raise for AST, as well, in the form of $65 million in commercial service prepayments and $35 million in debt via convertible notes," reports CNBC. "The companies said that $45 million of the prepayments 'are subject to certain conditions' such as needed regulatory approvals and signing of a definitive commercial agreement." Shares of AST jumped 69% in trading to close at $9.02 a share -- the largest single day rise for the company's stock since it went public in 2021. From the report: AST SpaceMobile is building satellites to provide broadband service to unmodified smartphones, in the nascent "direct-to-device" communications market. [...] The Verizon partnership follows a similar pattern to AT&T's work with AST. Back in January, AT&T was a co-debt investor in the company alongside Google and Vodafone. The companies then established the commercial agreement earlier this month, which "lays out in much more detail how we will ultimately offer service together," AST's Chief Strategy Officer Scott Wisniewski said in a statement to CNBC. [...] AST expects to launch its first five commercial satellites later this year.

Read more of this story at Slashdot.

Michael Larabel reports via Phoronix: A massive uptick in traffic to Fedora's package mirrors is causing problems for the Linux distribution. Some five million additional systems have started putting additional strain on Fedora's mirror resources since March and appear to be coming from Amazon's cloud. Stephen Smoogen of Red Hat wrote a blog post today around 5+ million more EPEL-7 systems beginning in March. Fedora hosts the packaging mirrors for Extra Packages For Enterprise Linux (EPEL) to augment the package selection available on RHEL, CentOS, Amazon Linux, etc. The past three months now there has been a 5+ million surge in Fedora/EPEL traffic and it's placed a strain on the systems. It's about doubling the number of unique IPs connecting to the mirror system. The massive uptick in Fedora/EPEL activity puts additional pressure on Fedora web proxies for mirror data and then the mirrors themselves that tend to be volunteer run. Much of this new traffic is coming from the Amazon/AWS cloud.

Read more of this story at Slashdot.

An anonymous reader quotes an op-ed from The Globe and Mail, written by Kate Robertson and Ron Deibert. Robertson is a senior research associate and Deibert is director at the University of Toronto's Citizen Lab. From the piece: A federal cybersecurity bill, slated to advance through Parliament soon, contains secretive, encryption-breaking powers that the government has been loath to talk about. And they threaten the online security of everyone in Canada. Bill C-26 empowers government officials to secretly order telecommunications companies to install backdoors inside encrypted elements in Canada's networks. This could include requiring telcos to alter the 5G encryption standards that protect mobile communications to facilitate government surveillance. The government's decision to push the proposed law forward without amending it to remove this encryption-breaking capability has set off alarm bells that these new powers are a feature, not a bug. There are already many insecurities in today's networks, reaching down to the infrastructure layers of communication technology. The Signalling System No. 7, developed in 1975 to route phone calls, has become a major source of insecurity for cellphones. In 2017, the CBC demonstrated how hackers only needed a Canadian MP's cell number to intercept his movements, text messages and phone calls. Little has changed since: A 2023 Citizen Lab report details pervasive vulnerabilities at the heart of the world's mobile networks. So it makes no sense that the Canadian government would itself seek the ability to create more holes, rather than patching them. Yet it is pushing for potential new powers that would infect next-generation cybersecurity tools with old diseases. It's not as if the government wasn't warned. Citizen Lab researchers presented the 2023 report's findings in parliamentary hearings on Bill C-26, and leaders and experts in civil society and in Canada's telecommunications industry warned that the bill must be narrowed to prevent its broad powers to compel technical changes from being used to compromise the "confidentiality, integrity, or availability" of telecommunication services. And yet, while government MPs maintained that their intent is not to expand surveillance capabilities, MPs pushed the bill out of committee without this critical amendment last month. In doing so, the government has set itself up to be the sole arbiter of when, and on what conditions, Canadians deserve security for their most confidential communications -- personal, business, religious, or otherwise. The new powers would only make people in Canada more vulnerable to malicious threats to the privacy and security of all network users, including Canada's most senior officials. [...] "Now, more than ever, there is no such thing as a safe backdoor," the authors write in closing. "A shortcut that provides a narrow advantage for the few at the expense of us all is no way to secure our complex digital ecosystem." "Against this threat landscape, a pivot is crucial. Canada needs cybersecurity laws that explicitly recognize that uncompromised encryption is the backbone of cybersecurity, and it must be mandated and protected by all means possible."

Read more of this story at Slashdot.

The notorious hacker group ShinyHunters has claimed to have breached the security of Ticketmaster-Live Nation, compromising the personal data more than half a billion users. "This massive 1.3 terabytes of data, is now being offered for sale on Breach Forums for a one-time sale for $500,000," reports Hackread. From the report: ShinyHunters has allegedly accessed a treasure trove of sensitive user information, including full names, addresses, email addresses, phone numbers, ticket sales and event details, order information, and partial payment card data. Specifically, the compromised payment data includes customer names, the last four digits of card numbers, expiration dates, and even customer fraud details. The data breach, if confirmed, could have severe implications for the affected users, leading to potential identity theft, financial fraud, and further cyber attacks. The hacker group's bold move to put this data on sale goes on to show the growing menace of cybercrime and the increasing sophistication of these cyber adversaries.

Read more of this story at Slashdot.

Salesforce shares dropped as much as 17% in extended trading due to weaker-than-expected revenue and guidance that fell short of Wall Street expectations. "Revenue in the fiscal first quarter, which ended April 30, increased 11% from $8.25 billion a year earlier," reports CNBC. "It's the first time since 2006 that Salesforce fell short on revenue, according to LSEG data." From the report: Salesforce called for adjusted earnings per share in the current quarter of $2.34 to $2.36 on $9.2 billion to $9.25 billion in revenue. Analysts surveyed by LSEG had expected $2.40 in adjusted earnings per share on $9.37 billion in revenue. [...] Salesforce saw budget scrutiny and longer deal cycles than usual during the quarter, president and operating chief Brian Millham told analysts on a conference call. Management implemented go-to-market changes that cut into bookings, Millham said. All five of Salesforce's product areas contributed to the growth. But revenue from the Professional Services and Other category, at $548 million, was down 9% and under the StreetAccount consensus of $572.9 million. Net income jumped to $1.53 billion, or $1.56 per share, from $199 million, or 20 cents per share a year ago.

Read more of this story at Slashdot.

An anonymous reader quotes a report from KrebsOnSecurity: The U.S. Department of the Treasury today unveiled sanctions against three Chinese nationals for allegedly operating 911 S5, an online anonymity service that for many years was the easiest and cheapest way to route one's Web traffic through malware-infected computers around the globe. KrebsOnSecurity identified one of the three men in a July 2022 investigation into 911 S5, which was massively hacked and then closed ten days later. From 2015 to July 2022, 911 S5 sold access to hundreds of thousands of Microsoft Windows computers daily, as "proxies" that allowed customers to route their Internet traffic through PCs in virtually any country or city around the globe -- but predominantly in the United States. 911 built its proxy network mainly by offering "free" virtual private networking (VPN) services. 911's VPN performed largely as advertised for the user -- allowing them to surf the web anonymously -- but it also quietly turned the user's computer into a traffic relay for paying 911 S5 customers. 911 S5's reliability and extremely low prices quickly made it one of the most popular services among denizens of the cybercrime underground, and the service became almost shorthand for connecting to that "last mile" of cybercrime. Namely, the ability to route one's malicious traffic through a computer that is geographically close to the consumer whose stolen credit card is about to be used, or whose bank account is about to be emptied. In July 2022, KrebsOnSecurity published a deep dive into 911 S5, which found the people operating this business had a history of encouraging the installation of their proxy malware by any means available. That included paying affiliates to distribute their proxy software by secretly bundling it with other software. That story named Yunhe Wang from Beijing as the apparent owner or manager of the 911 S5 proxy service. In today's Treasury action, Mr. Wang was named as the primary administrator of the botnet that powered 911 S5. Update, May 29, 12:26 p.m. ET: The U.S. Department of Justice (DOJ) just announced they have arrested Wang in connection with the 911 S5 botnet. The DOJ says 911 S5 customers have stolen billions of dollars from financial institutions, credit card issuers, and federal lending programs. [...] The third man sanctioned is Yanni Zheng, a Chinese national the U.S. Treasury says acted as an attorney for Wang and his firm -- Spicy Code Company Limited -- and helped to launder proceeds from the business into real estate holdings. Spicy Code Company was also sanctioned, as well as Wang-controlled properties Tulip Biz Pattaya Group Company Limited, and Lily Suites Company Limited. "911 S5 customers allegedly targeted certain pandemic relief programs," a DOJ statement on the arrest reads. "For example, the United States estimates that 560,000 fraudulent unemployment insurance claims originated from compromised IP addresses, resulting in a confirmed fraudulent loss exceeding $5.9 billion. Additionally, in evaluating suspected fraud loss to the Economic Injury Disaster Loan (EIDL) program, the United States estimates that more than 47,000 EIDL applications originated from IP addresses compromised by 911 S5. Millions of dollars more were similarly identified by financial institutions in the United States as loss originating from IP addresses compromised by 911 S5." "Jingping Liu assisted Yunhe Wang by laundering criminally derived proceeds through bank accounts held in her name that were then utilized to purchase luxury real estate properties for Yunhe Wang," the document continues. "These individuals leveraged their malicious botnet technology to compromise personal devices, enabling cybercriminals to fraudulently secure economic assistance intended for those in need and to terrorize our citizens with bomb threats."

Read more of this story at Slashdot.

Former FTX executive Ryan Salame has been sentenced to more than seven years in prison, "the first of the lieutenants of failed cryptocurrency mogul Sam Bankman-Fried to receive jail time for their roles in the 2022 collapse of the cryptocurrency exchange," reports the Associated Press. From the report: Salame, 30, was a high-ranking executive at FTX for most of the exchange's existence and, up until its collapse, was the co-CEO of FTX Digital Markets. He pleaded guilty last year to illegally making unlawful U.S. campaign contributions and to operating an unlicensed money-transmitting business. The sentence of 7 1/2 years in prison, plus three years of supervised release, was more than the five to seven years prosecutors had asked Judge Lewis A. Kaplan to impose on Salame in their pre-sentencing memo. While Salame was a high-level executive at FTX, he was not a major part of the government's case against Bankman-Fried at his trial earlier this year and did not testify against him. In a bid for leniency, Salame said during the sentencing hearing that he cooperated and even provided documents that aided prosecutors in their cross examination of Bankman-Fried, as well as in his own prosecution. Along with helping Bankman-Fried hide the holes in FTX's balance sheet that ultimately led to the exchange's failure, Salame was used as a conduit for Bankman-Fried to make illegal campaign contributions to help shape U.S. policy on cryptocurrencies. On the surface, Bankman-Fried mostly gave political contributions to Democrats and liberal-leaning causes, while Salame gave contributions to Republicans and right-leaning causes. But ultimately the funds that Salame used for those contributions came from Bankman-Fried. The judge also chastised Salame for pulling $5 million in cryptocurrencies out of FTX as the exchange was failing. "You tried to withdraw tens of millions more," Kaplan said. "It was me first. I'm getting in the lifeboat first. To heck with all those customers."

Read more of this story at Slashdot.

A new tool called Lifeseeker could help search and rescue teams find missing people in minutes using their cellphones. The technology acts as a miniature cellphone tower, allowing rescuers to pinpoint cellphone locations within a 3-mile radius, significantly improving the efficiency and success rate of search missions in challenging terrains. The Colorado Sun reports: "As we detect the phone, basically a blotch shows up on the map and as we fly around that area, that blotch gets smaller and smaller and smaller until we can see exactly where they are," said Dr. Tim Durkin, a search and rescue program coordinator for Colorado Highland Helicopters. "That process of detecting, focusing on one specific location takes about a minute -- not really very long at all." Depending on the situation, search and rescue teams can then send in ground crews with the person's location or land the helicopter if there's a clearing nearby and conditions allow for a safe landing, Durkin said. During a test mission in La Plata Canyon northwest of Durango, search crews found the two people they were looking for within two minutes and 14 seconds, Durkin said. The technology, called Lifeseeker, was developed by Spain-based company CENTUM research & technology and is in the process of being approved by the Federal Communications Commission before it can be sold to the state or counties hoping to use it for their SAR efforts, he said. [...] The radio-based technology needs a clear view of the terrain without interference to pick up the signal of the cellphone. If the conditions and terrain are favorable, it can detect a cellphone up to nearly 20 miles away. It takes about three minutes to attach the Lifeseeker unit inside a helicopter when needed for a search and rescue mission, Durkin said. SAR can also use the tool to send text messages to the missing person, for example, advising them to stay in one area if they are hurt or move to a clearing for a helicopter to pick them up. The tool also has a broadcast function that allows SAR to send out a message to a group of people within a certain range, similar to an Amber Alert for a missing child, to warn them of a wildfire or flood, Durkin said.

Read more of this story at Slashdot.

An anonymous reader quotes a report from the BBC: A sophisticated joint European-Japanese satellite has launched to measure how clouds influence the climate. Some low-level clouds are known to cool the planet, others at high altitude will act as a blanket. The Earthcare mission will use a laser and a radar to probe the atmosphere to see precisely where the balance lies. It's one of the great uncertainties in the computer models used to forecast how the climate will respond to increasing levels of greenhouse gases. "Many of our models suggest cloud cover will go down in the future and that means that clouds will reflect less sunlight back to space, more will be absorbed at the surface and that will act as an amplifier to the warming we would get from carbon dioxide," Dr Robin Hogan, from the European Centre for Medium-Range Weather Forecasts, told BBC News. The 2.3-tonne satellite was sent up from California on a SpaceX rocket. The project is led by the European Space Agency (ESA), which has described it as the organization's most complex Earth observation venture to date. Certainly, the technical challenge in getting the instruments to work as intended has been immense. It's taken fully 20 years to go from mission approval to launch. Earthcare will circle the Earth at a height of about 400km (250 miles). It's actually got four instruments in total that will work in unison to get at the information sought by climate scientists. The simplest is an imager -- a camera that will take pictures of the scene passing below the spacecraft to give context to the measurements made by the other three instruments. Earthcare's European ultraviolet laser will see the thin, high clouds and the tops of clouds lower down. It will also detect the small particles and droplets (aerosols) in the atmosphere that influence the formation and behavior of clouds. The Japanese radar will look into the clouds, to determine how much water they are carrying and how that's precipitating as rain, hail and snow. And a radiometer will sense how much of the energy falling on to Earth from the Sun is being reflected or radiated back into space.

Read more of this story at Slashdot.

An anonymous reader quotes a report from the New York Times: The defense lawyer minced no words as he addressed a room full of plastic-industry executives. Prepare for a wave of lawsuits with potentially "astronomical" costs. Speaking at a conference earlier this year, the lawyer, Brian Gross, said the coming litigation could "dwarf anything related to asbestos," one of the most sprawling corporate-liability battles in United States history. Mr. Gross was referring to PFAS, the "forever chemicals" that have emerged as one of the major pollution issues of our time. Used for decades in countless everyday objects -- cosmetics, takeout containers, frying pans -- PFAS have been linked to serious health risks including cancer. Last month the federal government said several types of PFAS must be removed from the drinking water of hundreds of millions of Americans. "Do what you can, while you can, before you get sued," Mr. Gross said at the February session, according to a recording of the event made by a participant and examined by The New York Times. "Review any marketing materials or other communications that you've had with your customers, with your suppliers, see whether there's anything in those documents that's problematic to your defense," he said. "Weed out people and find the right witness to represent your company." A wide swath of the chemicals, plastics and related industries are gearing up to fight a surge in litigation related to PFAS, or per- and polyfluoroalkyl substances, a class of nearly 15,000 versatile synthetic chemicals linked to serious health problems. [...] PFAS-related lawsuits have already targeted manufacturers in the United States, including DuPont, its spinoff Chemours, and 3M. Last year, 3M agreed to pay at least $10 billion to water utilities across the United States that had sought compensation for cleanup costs. Thirty state attorneys general have also sued PFAS manufacturers, accusing the manufacturers of widespread contamination. But experts say the legal battle is just beginning. Under increasing scrutiny are a wider universe of companies that use PFAS in their products. This month, plaintiffs filed a class-action lawsuit against Bic, accusing the razor company for failing to disclose that some of its razors contained PFAS. Bic said it doesn't comment on pending litigation, and said it had a longstanding commitment to safety. The Biden administration has moved to regulate the chemicals, for the first time requiring municipal water systems to remove six types of PFAS. Last month, the Environmental Protection Agency also designated two of those PFAS chemicals as hazardous substances under the Superfund law, shifting responsibility for their cleanup at contaminated sites from taxpayers to polluters. Both rules are expected to prompt a new round of litigation from water utilities, local communities and others suing for cleanup costs. "To say that the floodgates are opening is an understatement," said Emily M. Lamond, an attorney who focuses on environmental litigation at the law firm Cole Schotz. "Take tobacco, asbestos, MTBE, combine them, and I think we're still going to see more PFAS-related litigation," she said, referring to methyl tert-butyl ether, a former harmful gasoline additive that contaminated drinking water. Together, the trio led to claims totaling hundreds of billions of dollars. Unlike tobacco, used by only a subset of the public, "pretty much every one of us in the United States is walking around with PFAS in our bodies," said Erik Olson, senior strategic director for environmental health at the Natural Resources Defense Council. "And we're being exposed without our knowledge or consent, often by industries that knew how dangerous the chemicals were, and failed to disclose that," he said. "That's a formula for really significant liability."

Read more of this story at Slashdot.

Danny Goodwin reports via Search Engine Land: A trove of leaked Google documents has given us an unprecedented look inside Google Search and revealed some of the most important elements Google uses to rank content. Thousands of documents, which appear to come from Google's internal Content API Warehouse, were released March 13 on Github by an automated bot called yoshi-code-bot. These documents were shared with Rand Fishkin, SparkToro co-founder, earlier this month. What's inside. Here's what we know about the internal documents, thanks to Fishkin and [Michael King, iPullRank CEO]: Current: The documentation indicates this information is accurate as of March. Ranking features: 2,596 modules are represented in the API documentation with 14,014 attributes. Weighting: The documents did not specify how any of the ranking features are weighted -- just that they exist. Twiddlers: These are re-ranking functions that "can adjust the information retrieval score of a document or change the ranking of a document," according to King. Demotions: Content can be demoted for a variety of reasons, such as: a link doesn't match the target site; SERP signals indicate user dissatisfaction; Product reviews; Location; Exact match domains; and/or Porn. Change history: Google apparently keeps a copy of every version of every page it has ever indexed. Meaning, Google can "remember" every change ever made to a page. However, Google only uses the last 20 changes of a URL when analyzing links. Other interesting findings. According to Google's internal documents: Freshness matters -- Google looks at dates in the byline (bylineDate), URL (syntacticDate) and on-page content (semanticDate). To determine whether a document is or isn't a core topic of the website, Google vectorizes pages and sites, then compares the page embeddings (siteRadius) to the site embeddings (siteFocusScore). Google stores domain registration information (RegistrationInfo). Page titles still matter. Google has a feature called titlematchScore that is believed to measure how well a page title matches a query. Google measures the average weighted font size of terms in documents (avgTermWeight) and anchor text. What does it all mean? According to King: "[Y]ou need to drive more successful clicks using a broader set of queries and earn more link diversity if you want to continue to rank. Conceptually, it makes sense because a very strong piece of content will do that. A focus on driving more qualified traffic to a better user experience will send signals to Google that your page deserves to rank." [...] Fishkin added: "If there was one universal piece of advice I had for marketers seeking to broadly improve their organic search rankings and traffic, it would be: 'Build a notable, popular, well-recognized brand in your space, outside of Google search.'"

Read more of this story at Slashdot.

Google is introducing the Gemini AI chatbot to Chromebook Plus models, enhancing features like text rewriting, image editing, and hands-free control. Here are a few of the top new features coming to ChromeOS, as summarized by Wired: The first notable feature is Help Me Write, which works in any text box. Select text in any text box and right-click -- you'll see a box next to the standard right-click context menu. You can ask Google's AI to rewrite the selected text, rephrase it in a specific way, or change the tone. I tried to use it on a few sentences in this story but did not like any of the suggestions it gave me, so your mileage may vary. Or maybe I'm a better writer than Google's AI. Who knows? Google's bringing the same generative AI wallpaper system you'll find in Android to ChromeOS. You can access this feature in ChromeOS's wallpaper settings and generate images based on specific parameters. Weirdly, you can create these when you're in a video-calling app too. You'll see a menu option next to the system tray whenever the microphone and video camera are being accessed -- tap on it and click "Create with AI" and you can generate an image for your video call's background. I'm not sure why I'd want a background of a "surreal bicycle made of flowers in pink and purple," but there you go. AI! Here's something a little more useful: Magic Editor in Google Photos. Yep, the same feature that debuted in Google's Pixel 8 smartphones is now available on Chromebook Plus laptops. In the Google Photos app, you can press Edit on a photo and you'll see the option for Magic Editor. (You'll need to download more editing tools to get started.) This feature lets you erase unwanted objects in your photos, move a subject to another area of the frame, and fill in the backgrounds of photos. I successfully erased a paint can in the background of a photo of my dog, and it worked pretty quickly. Then there's Gemini. It's available as a stand-alone app, and you can ask it to do pretty much anything. Write a cover letter, break down complex topics, ask for travel tips for a specific country. Just, you know, double-check the results and make sure there aren't any hallucinations. If you want to tap into Google's Gemini Advanced model, the company says it is offering 12 months free for new Chromebook Plus owners through the end of the year, so you have some time to redeem that offer. This is technically an upgrade from Google One, and it nets you Gemini for Workspace, 2 terabytes of storage, and a few other perks. New features coming to all Chromebooks include easy setup with Android phones via QR code for sharing Wi-Fi credentials, integration of Google Tasks into the system tray, a Game Dashboard for mapping controls and recording gameplay as GIFs, and a built-in screen recorder tool. Upcoming enhancements also include Hands-Free Control using face gestures, the Help Me Read feature with Gemini for summarizing websites and PDFs, and an Overview screen to manage open browser windows, tabs, and apps. You can check if your Chromebook is compatible with the Chromebook Plus OS update here.

Read more of this story at Slashdot.

The term "auth" is ambiguous, often meaning either authentication (authn) or authorization (authz), which leads to confusion and poor system design. Instead, Nicole Tietz-Sokolskaya, a software engineer at AI market research platform Remesh, argues that the industry adopt the terms "login" for authentication and "permissions" for authorization, as these are clearer and help maintain distinct, appropriate abstractions for each concept. From their blog post: We should always use the most clear terms we have. Sometimes there's not a great option, but here, we have wonderfully clear terms. Those are "login" for authentication and "permissions" for authorization. Both are terms that will make sense with little explanation (in contrast to "authn" and "authz", which are confusing on first encounter) since almost everyone has logged into a system and has run into permissions issues. There are two ways to use "login" here: the noun and the verb form. The noun form is "login", which refers to the information you enter to gain access to the system. And the verb form is "log in", which refers to the action of entering your login to use the system. "Permissions" is just the noun form. To use a verb, you would use "check permissions." While this is long, it's also just... fine? It hasn't been an issue in my experience. Both of these are abundantly clear even to our peers in disciplines outside software engineering. This to me makes it worth using them from a clarity perspective alone. But then we have the big benefit to abstractions, as well. When we call both by the same word, there's often an urge to combine them into a single module just by dint of the terminology. This isn't necessarily wrong -- there is certainly some merit to put them together, since permissions typically require a login. But it's not necessary, either, and our designs will be stronger if we don't make that assumption and instead make a reasoned choice.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: Some of the most infamous so-called shadow libraries have increasingly faced legal pressure to either stop pirating books or risk being shut down or driven to the dark web. Among the biggest targets are Z-Library, which the US Department of Justice has charged with criminal copyright infringement, and Library Genesis (Libgen), which was sued by textbook publishers last fall for allegedly distributing digital copies of copyrighted works "on a massive scale in willful violation" of copyright laws. But now these shadow libraries and others accused of spurning copyrights have seemingly found an unlikely defender in Nvidia, the AI chipmaker among those profiting most from the recent AI boom. Nvidia seemed to defend the shadow libraries as a valid source of information online when responding to a lawsuit from book authors over the list of data repositories that were scraped to create the Books3 dataset used to train Nvidia's AI platform NeMo. That list includes some of the most "notorious" shadow libraries -- Bibliotik, Z-Library (Z-Lib), Libgen, Sci-Hub, and Anna's Archive, authors argued. However, Nvidia hopes to invalidate authors' copyright claims partly by denying that any of these controversial websites should even be considered shadow libraries. "Nvidia denies the characterization of the listed data repositories as 'shadow libraries' and denies that hosting data in or distributing data from the data repositories necessarily violates the US Copyright Act," Nvidia's court filing said. The chipmaker did not go into further detail to define what counts as a shadow library or what potentially absolves these controversial sites from key copyright concerns raised by various ongoing lawsuits. Instead, Nvidia kept its response brief while also curtly disputing authors' petition for class-action status and defending its AI training methods as fair use. "Nvidia denies that it has improperly used or copied the alleged works," the court filing said, arguing that "training is a highly transformative process that may include adjusting numerical parameters including 'weights,' and that outputs of an LLM may be based, at least in part, on such 'weights.'" "Nvidia's argument likely depends on the court agreeing that AI models ingesting published works in order to transform those works into weights governing AI outputs is fair use," notes Ars. "However, authors have argued that 'these weights are entirely and uniquely derived from the protected expression in the training dataset' that has been copied without getting authors' consent or providing authors with compensation." "Authors suing Nvidia have taken the next step, linking the chipmaker to shadow libraries by arguing that 'these shadow libraries have long been of interest to the AI-training community because they host and distribute vast quantities of unlicensed copyrighted material. For that reason, these shadow libraries also violate the US Copyright Act.'"

Read more of this story at Slashdot.

The Internet Archive is "currently in its third day of warding off an intermittent DDoS cyber-attack," writes Chris Freeland, Director of Library Services at Internet Archive, in a blog post. While library staff stress that the archives are safe, access to its services are affected, including the Wayback Machine. From the post: Since the attacks began on Sunday, the DDoS intrusion has been launching tens of thousands of fake information requests per second. The source of the attack is unknown. "Thankfully the collections are safe, but we are sorry that the denial-of-service attack has knocked us offline intermittently during these last three days," explained Brewster Kahle, founder and digital librarian of the Internet Archive. "With the support from others and the hard work of staff we are hardening our defenses to provide more reliable access to our library. What is new is this attack has been sustained, impactful, targeted, adaptive, and importantly, mean." Cyber-attacks are increasingly frequent against libraries and other knowledge institutions, with the British Library, the Solano County Public Library (California), the Berlin Natural History Museum, and Ontario's London Public Library all being recent victims. In addition to a wave of recent cyber-attacks, the Internet Archive is also being sued by the US book publishing and US recording industries associations, which are claiming copyright infringement and demanding combined damages of hundreds of millions of dollars and diminished services from all libraries. "If our patrons around the globe think this latest situation is upsetting, then they should be very worried about what the publishing and recording industries have in mind," added Kahle. "I think they are trying to destroy this library entirely and hobble all libraries everywhere. But just as we're resisting the DDoS attack, we appreciate all the support in pushing back on this unjust litigation against our library and others."

Read more of this story at Slashdot.

Jan Leike, one of OpenAI's "superalignment" leaders, who resigned last week due to AI safety concerns, has joined Anthropic to continue the mission. According to Leike, the new team "will work on scalable oversight, weak-to-strong generalization, and automated alignment research." TechCrunch reports: A source familiar with the matter tells TechCrunch that Leike will report directly to Jared Kaplan, Anthropic's chief science officer, and that Anthropic researchers currently working on scalable oversight -- techniques to control large-scale AI's behavior in predictable and desirable ways -- will move to report to Leike as Leike's team spins up. In many ways, Leike's team sounds similar in mission to OpenAI's recently-dissolved Superalignment team. The Superalignment team, which Leike co-led, had the ambitious goal of solving the core technical challenges of controlling superintelligent AI in the next four years, but often found itself hamstrung by OpenAI's leadership. Anthropic has often attempted to position itself as more safety-focused than OpenAI.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Wired: Two years ago when "Michael," an owner of cryptocurrency, contacted Joe Grand to help recover access to about $2 million worth of bitcoin he stored in encrypted format on his computer, Grand turned him down. Michael, who is based in Europe and asked to remain anonymous, stored the cryptocurrency in a password-protected digital wallet. He generated a password using the RoboForm password manager and stored that password in a file encrypted with a tool called TrueCrypt. At some point, that file got corrupted and Michael lost access to the 20-character password he had generated to secure his 43.6 BTC (worth a total of about [...] $5,300, in 2013). Michael used the RoboForm password manager to generate the password but did not store it in his manager. He worried that someone would hack his computer and obtain the password. "At [that] time, I was really paranoid with my security," he laughs. Grand is a famed hardware hacker who in 2022 helped another crypto wallet owner recover access to $2 million in cryptocurrencyhe thought he'd lost forever after forgetting the PIN to his Trezor wallet. Since then, dozens of people have contacted Grand to help them recover their treasure. But Grand, known by the hacker handle "Kingpin," turns down most of them, for various reasons. Grand is an electrical engineer who began hacking computing hardware at age 10 and in 2008 cohosted the Discovery Channel's Prototype This show. He now consults with companies that build complex digital systems to help them understand how hardware hackers like him might subvert their systems. He cracked the Trezor wallet in 2022 using complex hardware techniques that forced the USB-style wallet to reveal its password. But Michael stored his cryptocurrency in a software-based wallet, which meant none of Grand's hardware skills were relevant this time. [...] Michael contacted multiple people who specialize in cracking cryptography; they all told him "there's no chance" of retrieving his money. But last June he approached Grand again, hoping to convince him to help, and this time Grand agreed to give it a try, working with a friend named Bruno in Germany who also hacks digital wallets. Grand and Bruno spent months reverse engineering the version of the RoboForm program that they thought Michael had used in 2013 and found that the pseudo-random number generator used to generate passwords in that version -- and subsequent versions until 2015 -- did indeed have a significant flaw that made the random number generator not so random. The RoboForm program unwisely tied the random passwords it generated to the date and time on the user's computer -- it determined the computer's date and time, and then generated passwords that were predictable. If you knew the date and time and other parameters, you could compute any password that would have been generated on a certain date and time in the past. [...] There was one problem: Michael couldn't remember when he created the password. According to the log on his software wallet, Michael moved bitcoin into his wallet for the first time on April 14, 2013. But he couldn't remember if he generated the password the same day or some time before or after this. So, looking at the parameters of other passwords he generated using RoboForm, Grand and Bruno configured RoboForm to generate 20-character passwords with upper- and lower-case letters, numbers, and eight special characters from March 1 to April 20, 2013. It failed to generate the right password. [...] Instead, they revealed that they had finally found the correct password -- no special characters. It was generated on May 15, 2013, at 4:10:40 pm GMT.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: A team of physicists has discovered that it's possible to build a real, actual, physical warp drive and not break any known rules of physics. One caveat: the vessel doing the warping can't exceed the speed of light, so you're not going to get anywhere interesting any time soon. But this research still represents an important advance in our understanding of gravity. [...] In a paper accepted for publication in the journal Classical and Quantum Gravity, [an international team of physicists led by Jared Fuchs at the University of Alabama in Huntsville] dug deep into relativity to explore if any version of a warp drive could work. The equations of general relativity are notoriously difficult to solve, especially in complex cases such as a warp drive. So the team turned to software algorithms; instead of trying to solve the equations by hand, they explored their solutions numerically and verified that they conformed to the energy conditions. The team did not actually attempt to construct a propulsion device. Instead, they explored various solutions to general relativity that would allow travel from point to point without a vessel undergoing any acceleration or experiencing any overwhelming gravitational tidal forces within the vessel, much to the comfort of any imagined passengers. They then checked whether these solutions adhered to the energy conditions that prevent the use of exotic matter. The researchers did indeed discover a warp drive solution: a method of manipulating space so that travelers can move without accelerating. There is no such thing as a free lunch, however, and the physicality of this warp drive does come with a major caveat: the vessel and passengers can never travel faster than light. Also disappointing: the fact that the researchers behind the new work don't seem to bother with figuring out what configurations of matter would allow the warping to happen. The findings have been published in the journal Classical and Quantum Gravity.

Read more of this story at Slashdot.

China's rapid solar power expansion is slowing due to grid bottlenecks, market reforms, and diminishing rooftop space, with new solar builds dropping 32% in March year-on-year. Reuters reports: The country's solar power expansion is slowing due to tighter curbs on supplying excess power from rooftop solar into the grid and changes in electricity pricing that are denting the economics of new solar projects. Forecasts show China's solar build this year will be heavily outpaced by growth in its photovoltaic (PV) module manufacturing capacity, raising the prospect the country will export more solar panels despite a trade backlash in Europe and the U.S. The main factor slowing the expansion of distributed solar - installations built near the point of use, mostly on rooftops - is that there is not enough storage or transmission capacity to soak up the excess power generated when the sun is shining. That in turn is leading regulators to take away some of the price support that led to the rapid growth of distributed solar. "In the next couple of years, this is going to be a huge problem that all provinces will face as grids are oversaturated, the infrastructure is overwhelmed," said Cosimo Ries, an analyst with Trivium China, a policy research group. [...] Renewable generators previously enjoyed a guarantee that grid operators would buy nearly all of their power at a rate tied to the coal index. That guarantee was lifted on April 1 and took effect earlier in some places, three industry experts said. Now, renewable generation is increasingly subject to less favourable market pricing. Shenhua Energy, a state-run coal and power firm, said in its first-quarter report that prices for its solar power fell 34.2% year-on-year to 283 yuan per megawatt-hour (MWh), while its coal power prices fell just 2.4% to 406 yuan per MWh. Wang Xiuqiang, a researcher at consultancy Beijing Linghang, attributed the lower solar prices and profitability to a higher proportion of market-based pricing. At the same time, grid companies are dialling back the 5% curtailment limit, "creating the risk for project owners that their generation might not be bought", said David Fishman of Shanghai-based energy consultancy the Lantau Group. Curtailment for Huaneng Power International, a major state-owned generator, rose to 7.7% in the first quarter from 3.1% a year earlier, Jefferies analysts said in a client note, citing Huaneng management. In a further challenge, the easiest-to-site projects have already been largely developed, said Shi Lida, research manager at Yongan Guofu Asset Management. At sites still available, rooftops may need to be reinforced, grid connections may be limited, or hours of sunlight may be short. "If your costs don't continue to fall, the investment will not be cost effective," Shi said. Further reading: Germany Has Too Many Solar Panels, and It's Pushed Energy Prices Negative

Read more of this story at Slashdot.

Scientists report that Greater Spotted Eagles altered their migration routes across Ukraine to avoid conflict and habitat destruction caused by the war. The BBC reports: The scientists studied GPS data from tagged birds in the months after the February 2022 invasion, a time of heavy fighting in northern Ukraine as Russia tried to take Kyiv by sending troops south from Belarus. The researchers from the Estonian University of Life Sciences and the British Trust for Ornithology reported their findings in the journal Current Biology. "The war in Ukraine has had a devastating impact on people and the environment. Our findings provide a rare window into how conflicts affect wildlife," said lead author Charlie Russell, a postgraduate researcher at the University of East Anglia. Classified as a vulnerable species, the Greater Spotted Eagle is a large, brownish-colored bird of prey. Researchers started following them using GPS tracking devices in 2017 but didn't expect to be monitoring them through an active conflict zone five years later. The findings reveal they made large deviations from their previously tracked routes. They also spent less time stopping at their usual refueling sites in Ukraine or avoided them entirely. As a result, they traveled farther, about an extra 52 miles (85km) on average. For migrating birds, stopover sites are essential places to get food, water, and shelter. These changes delayed the birds' arrival at the breeding grounds and likely made them use more energy, to damaging effect. "No doubt about it. I think the take-home story is that the conflict in Ukraine is fundamentally disrupting the migratory ecology of this species," said Dr Jim Reynolds, Assistant Professor in Ornithology and Animal Conservation at the University of Birmingham, who was independent from the study. "For a vulnerable species like this, anything that disrupts breeding performance is a major problem. As a conservation biologist, you worry about that in a massive way." Despite all the tagged birds surviving, researchers believe their experience may have affected their ability to breed.

Read more of this story at Slashdot.

An anonymous reader quotes a report from The Register: The Federal Trade Commission (FTC) has shared data on the most impersonated companies in 2023, which include Best Buy, Amazon, and PayPal in the top three. The federal agency detailed the top ten companies scammers impersonate and how much they make depending on the impersonation. By far the most impersonated corp was Best Buy and its repair business Geek Squad, with a total of 52k reports. Amazon impersonators came in second place with 34k reports, and PayPal a distant third with 10,000. Proportionally, the top three made up roughly 72 percent of the reports among the top ten, and Best Buy and Geek Squad scam reports were about 39 percent on their own. Though, high quantity doesn't necessarily translate to greater success for scammers, as the FTC also showed how much scammers made depending on what companies they impersonated. Best Buy and Geek Squad, Amazon, and PayPal scams made about $15 million, $19 million, and $16 million respectively, but that's nothing compared to the $60 million that Microsoft impersonators were able to fleece. [...] The FTC also reported the vectors scammers use to contact their victims. Phone and email are still the most common means, but social media is becoming increasingly important for scamming and features the most costly scams. The feds additionally disclosed the kinds of payment methods scammers use for all sorts of frauds, including company and individual impersonation scams, investment scams, and romance scams. Cryptocurrency and bank transfers were popular for investment scammers, who are the most prolific on social media, while gift cards were most common for pretty much every other type of scam. However, not all scammers ask for digital payment, as the Federal Bureau of Investigation says that even regular old mail is something scammers are relying on to get their ill-gotten gains.

Read more of this story at Slashdot.

Nine more accidents have been discovered by federal safety regulators during their safety investigation of Waymo's self-driving vehicles in Phoenix and San Francisco. TechCrunch reports: The National Highway Traffic Safety Administration Office of Defects Investigation (ODI) opened an investigation earlier this month into Waymo's autonomous vehicle software after receiving 22 reports of robotaxis making unexpected moves that led to crashes and potentially violated traffic safety laws. The investigation, which has been designated a "preliminary evaluation," is examining the software and its ability to avoid collisions with stationary objects and how well it detects and responds to "traffic safety control devices" like cones. The agency said Friday it has added (PDF) another nine incidents since the investigation was opened. Waymo reported some of these incidents. The others were discovered by regulators via public postings on social media and forums like Reddit, YouTube and X. The additional nine incidents include reports of Waymo robotaxis colliding with gates, utility poles, and parked vehicles, driving in the wrong lane with nearby oncoming traffic and into construction zones. The ODI said it's concerned the robotaxis "exhibiting such unexpected driving behaviors may increase the risk of crash, property damage, and injury." The agency said that while it's not aware of any injuries from these incidents, several involved collisions with visible objects that "a competent driver would be expected to avoid." The agency also expressed concern that some of these occurred near pedestrians. NHTSA has given Waymo until June 11 to respond to a series of questions regarding the investigation.

Read more of this story at Slashdot.

Google has warned nonprofit newsrooms that a new California bill taxing Big Tech for digital ad transactions would jeopardize future investments in the U.S. news industry. "This is the second time this year Google has threatened to pull investment in news in response to a regulatory threat in California -- but this time, hundreds of publishers outside of California would also feel the impact," reports Axios. From the report: Google's new outreach to smaller news outlets is happening in response to a different bill, introduced this year by State Sen. Steve Glazer, that would tax Big Tech companies like Google and Meta for "data extraction transactions," or digital ad transactions. Tax revenue would fund tax credits meant to support the hiring of more journalists in California by eligible nonprofit local news organizations. With the link tax bill, Google only threatened to pull news investments in California. But the company is telling partners that the ad tax proposal will threaten consideration of new grants nationwide by the Google News Initiative, which funds hundreds of smaller news outlets, sources told Axios. Previous commitments, however, should be secure. A spokesperson for the Institute for Nonprofit News said the organization believes that grants previously committed through GNI as described here "are secure, so INN members should continue to benefit through this particular Fundamentals Labs program." Google's concern, sources familiar with the company's thinking told Axios, is that the new California ad tax bill could set a troubling wider precedent for other states. California's Senate tax committee approved the "ad tax" bill May 8. Days after that, Google started making calls to nonprofits about potentially pausing future Google News Initiative funding, sources told Axios. Opponents argue (PDF) the ad tax burden would get passed down to consumers and businesses. They also say the measure would face legal challenges, similar to a digital ad tax introduced in Maryland last year.

Read more of this story at Slashdot.