Linux fréttir

Slashdot reader joshuark writes: Microsoft says that the File Explorer (formerly Windows Explorer) now automatically blocks previews for files downloaded from the Internet to block credential theft attacks via malicious documents, according to a report from BleepingComputer. This attack vector is particularly concerning because it requires no user interaction beyond selecting a file to preview and removes the need to trick a target into actually opening or executing it on their system. For most users, no action is required since the protection is enabled automatically with the October 2025 security update, and existing workflows remain unaffected unless you regularly preview downloaded files. "This change is designed to enhance security by preventing a vulnerability that could leak NTLM hashes when users preview potentially unsafe files," Microsoft says in a support document published Wednesday. It is important to note that this may not take effect immediately and could require signing out and signing back in.

Read more of this story at Slashdot.

Allows surveillance and cross-border evidence sharing, which worries human rights groups

The United Nations on Saturday staged a signing ceremony for the Convention against Cybercrime, the world’s first agreement to combat online crime. And while 72 nations picked up the pen, critics continue to point out the convention’s flaws.…

America's largest university system, with 460,000 students, is the 22-campus "Cal State" system, reports the New York Times. And it's recently teamed with Amazon, OpenAI and Nvidia, hoping to embed chatbots in both teaching and learning to become what it says will be America's "first and largest AI-empowered" university" — and prepare students for "increasingly AI-driven" careers. It's part of a trend of major universities inviting tech companies into "a much bigger role as education thought partners, AI instructors and curriculum providers," argues the New York Times, where "dominant tech companies are now helping to steer what an entire generation of students learn about AI, and how they use it — with little rigorous evidence of educational benefits and mounting concerns that chatbots are spreading misinformation and eroding critical thinking..." "Critics say Silicon Valley's effort to make AI chatbots integral to education amounts to a mass experiment on young people." As part of the effort, [Cal State] is paying OpenAI $16.9 million to provide ChatGPT Edu, the company's tool for schools, to more than half a million students and staff — which OpenAI heralded as the world's largest rollout of ChatGPT to date. Cal State also set up an AI committee, whose members include representatives from a dozen large tech companies, to help identify the skills California employers need and improve students' career opportunities... Cal State is not alone. Last month, California Community Colleges, the nation's largest community college system, announced a collaboration with Google to supply the company's "cutting edge AI tools" and training to 2.1 million students and faculty. In July, Microsoft pledged $4 billion for teaching AI skills in schools, community colleges and to adult workers... [A]s schools like Cal State work to usher in what they call an "AI-driven future," some researchers warn that universities risk ceding their independence to Silicon Valley. "Universities are not tech companies," Olivia Guest and Iris van Rooij, two computational cognitive scientists at Radboud University in the Netherlands, recently said in comments arguing against fast AI adoption in academia. "Our role is to foster critical thinking," the researchers said, "not to follow industry trends uncritically...." Some faculty members have pushed back against the AI effort, as the university system faces steep budget cuts. The multimillion-dollar deal with OpenAI — which the university did not open to bidding from rivals like Google — was wasteful, they added. Faculty senates on several Cal State campuses passed resolutions this year criticizing the AI initiative, saying the university had failed to adequately address students using chatbots to cheat. Professors also said administrators' plans glossed over the risks of AI to students' critical thinking and ignored troubling industry labor practices and environmental costs. Martha Kenney, a professor of women and gender studies at San Francisco State University, described the AI program as a Cal State marketing vehicle helping tech companies promote unproven chatbots as legitimate educational tools. The article notes that Cal State's chief information officer "defended the OpenAI deal, saying the company offered ChatGPT Edu at an unusually low price. "Still, California's community college system landed AI chatbot services from Google for more than 2 million students and faculty — nearly four times the number of users Cal State is paying OpenAI for — for free."

Read more of this story at Slashdot.

PLUS: China demotes tech self-sufficiency goal; Alibaba Cloud quietly quits VMware; India demands deepfake labels; and more!

Asia In Brief Australia’s Competition & Consumer Commission on Monday commenced legal proceedings against Microsoft for allegedly misleading users of its Microsoft 365 bundle.…

GM plans to dump Apple CarPlay and Android Auto on all its car new vehicles "in the near future," reports the Verge. In an episode of the Verge's Decoder podcast, GM CEO Mary Barra confirmed the upcoming change to "phone projections" for GM cars: The timing is unclear, but Barra pointed to a major rollout of what the company is calling a new centralized computing platform, set to launch in 2028, that will involve eventually transitioning its entire lineup to a unified in-car experience. In place of phone projection, GM is working to update its current Android-powered infotainment implementation with a Google Gemini-powered assistant and an assortment of other custom apps, built both in-house and with partners. GM's 2023 decision to drop CarPlay and Android Auto support in its EVs has proved controversial, though for now GM has maintained support for phone projection in its gas-powered vehicles.

Read more of this story at Slashdot.

PLUS: Judge spanks NSO; Mozilla requires data use disclosures; TARmageddon meets Rust; And more!

Infosec In Brief Former basketball star Shaquille O'Neal is 7'1" (215 cm), and therefore uses car customization companies to modify vehicles to fit his frame. But it appears cybercriminals have targeted Shaq’s preferred motor-modder.…

North Dakota experienced an almost 40% increase in electricity demand "thanks in part to an explosion of data centers," reports the Washington Post. Yet the state saw a 1% drop in its per kilowatt-hour rates. "A new study from researchers at Lawrence Berkeley National Laboratory and the consulting group Brattle suggests that, counterintuitively, more electricity demand can actually lower prices..." Between 2019 and 2024, the researchers calculated, states with spikes in electricity demand saw lower prices overall. Instead, they found that the biggest factors behind rising rates were the cost of poles, wires and other electrical equipment — as well as the cost of safeguarding that infrastructure against future disasters... [T]he largest costs are fixed costs — that is, maintaining the massive system of poles and wires that keeps electricity flowing. That system is getting old and is under increasing pressures from wildfires, hurricanes and other extreme weather. More power customers, therefore, means more ways to divvy up those fixed costs. "What that means is you can then take some of those fixed infrastructure costs and end up spreading them around more megawatt-hours that are being sold — and that can actually reduce rates for everyone," said Ryan Hledik [principal at Brattle and a member of the research team]... [T]he new study shows that the costs of operating and installing wind, natural gas, coal and solar have been falling over the past 20 years. Since 2005, generation costs have fallen by 35 percent, from $234 billion to $153 billion. But the costs of the huge wires that transmit that power across the grid, and the poles and wires that deliver that electricity to customers, are skyrocketing. In the past two decades, transmission costs nearly tripled; distribution costs more than doubled. Part of that trend is from the rising costs of parts: The price of transformers and wires, for example, has far outpaced inflation over the past five years. At the same time, U.S. utilities haven't been on top of replacing power poles and lines in the past, and are now trying to catch up. According to another report from Brattle, utilities are already spending more than $10 billion a year replacing aging transmission lines. And finally, escalating extreme-weather events are knocking out local lines, forcing utilities to spend big to make fixes. Last year, Hurricane Beryl decimated Houston's power grid, forcing months of costly repairs. The threat of wildfires in the West, meanwhile, is making utilities spend billions on burying power lines. According to the Lawrence Berkeley study, about 40 percent of California's electricity price increase over the last five years was due to wildfire-related costs. Yet the researchers tell the Washington Post that prices could still increase if utilities have to quickly build more infrastructure just to handle data center. But their point is "This is a much more nuanced issue than just, 'We have a new data center, so rates will go up.'" As the article points out, "Generous subsidies for rooftop solar also increased rates in certain states, mostly in places such as California and Maine... If customers install rooftop solar panels, demand for electricity shrinks, spreading those fixed costs over a smaller set of consumers.

Read more of this story at Slashdot.

"Snippets of proprietary or copyleft reciprocal code can enter AI-generated outputs, contaminating codebases with material that developers can't realistically audit or license properly." That's the warning from Sean O'Brien, who founded the Yale Privacy Lab at Yale Law School. ZDNet reports: Open software has always counted on its code being regularly replenished. As part of the process of using it, users modify it to improve it. They add features and help to guarantee usability across generations of technology. At the same time, users improve security and patch holes that might put everyone at risk. But O'Brien says, "When generative AI systems ingest thousands of FOSS projects and regurgitate fragments without any provenance, the cycle of reciprocity collapses. The generated snippet appears originless, stripped of its license, author, and context." This means the developer downstream can't meaningfully comply with reciprocal licensing terms because the output cuts the human link between coder and code. Even if an engineer suspects that a block of AI-generated code originated under an open source license, there's no feasible way to identify the source project. The training data has been abstracted into billions of statistical weights, the legal equivalent of a black hole. The result is what O'Brien calls "license amnesia." He says, "Code floats free of its social contract and developers can't give back because they don't know where to send their contributions...." "Once AI training sets subsume the collective work of decades of open collaboration, the global commons idea, substantiated into repos and code all over the world, risks becoming a nonrenewable resource, mined and never replenished," says O'Brien. "The damage isn't limited to legal uncertainty. If FOSS projects can't rely upon the energy and labor of contributors to help them fix and improve their code, let alone patch security issues, fundamentally important components of the software the world relies upon are at risk." O'Brien says, "The commons was never just about free code. It was about freedom to build together." That freedom, and the critical infrastructure that underlies almost all of modern society, is at risk because attribution, ownership, and reciprocity are blurred when AIs siphon up everything on the Internet and launder it (the analogy of money laundering is apt), so that all that code's provenance is obscured.

Read more of this story at Slashdot.

Can YouTube capture the hours people spending watching "traditional" TV? YouTube's CEO recently said its viewership on TV sets has "surpassed mobile and is now the primary device for YouTube viewing in the U.S.," writes The Hollywood Reporter. And YouTube is shelling out big money to stay on top: It's come a long way since the 19-second "me at the zoo" video was uploaded in April 2005. Now, per a KPMG report released Sept. 23, YouTube is second only to Comcast in terms of annual content spend, inclusive of payments to creators and media companies, paying out as much as Netflix and Paramount combined, $32 billion... The only question is what genres it will take over next, and how quickly it will do so. From talk shows to scripted dramas to, yes, live sports, there are signs that the platform's ambitions will collide with the traditional TV business sooner rather than later... YouTube has slowly, then all at once, become the de facto home for what had been late night, not only for the shows on linear TV, but for an emerging crop of new talent born on the platform. As it happens, late night itself transformed YouTube when the Saturday Night Live skit "Lazy Sunday" went viral 20 years ago on the platform, which had only been live for a few months... As consumer preferences collide with a burgeoning ecosystem of video podcasts (YouTube now claims more than 1 billion podcast users monthly), the world of late night, and for that matter TV talk shows more generally, increasingly revolves around the platform. One current late night producer says that almost every A-list booking now includes some sort of sketch or bit that they think will play well on YouTube, but booking those guests in the first place has become less of a sure thing. A veteran Hollywood publicist says that for many of their clients, they are now recommending that YouTube podcasts or shows become the first stop, or at least a major stop, on press tours... Nielsen has been tracking the streaming platforms that consumers watch on their TV screens ever since it launched what it calls The Gauge in 2021. But over the past year, YouTube's domination of The Gauge has unnerved executives at some competitors. The most recent Gauge report showed that YouTube was by far the most watched video platform, holding 13.1 percent share. Netflix, in second place, was at 8.7 percent. The article suggests YouTube's last challenge may be "scripted" entertainment — where their business model is different than Netflix or HBO. "On YouTube, it is up to the creator to finance and produce their content, and while the platform regularly releases new tools to help them (including AI-enabled tech that suggests video ideas and can create short background videos for use in Shorts), scripted entertainment is a particularly tricky challenge, requiring writers, directors, sets, costumes, lighting, editing, special effects and other production requirements that may go beyond the typical creator-led show."

Read more of this story at Slashdot.