Slashdot

An Apple developer was locked out of his Apple Account after redeeming a compromised Apple Gift Card, exposing how automated fraud systems can effectively cut users off from their digital lives with little explanation or recourse. TidBITS reports: After attempting to redeem a $500 Apple Gift Card purchased from a well-known retailer, Apple developer, author, and /dev/world conference organizer Paris Buttfield-Addison found himself locked out of his Apple Account. He writes: "I am writing this as a desperate measure. After nearly 30 years as a loyal customer, authoring technical books on Apple's own programming languages (Objective-C and Swift), and spending tens upon tens upon tens of thousands of dollars on devices, apps, conferences, and services, I have been locked out of my personal and professional digital life with no explanation and no recourse." As far as I can tell from his extensively documented story, Buttfield-Addison did nothing wrong. Personally, I wouldn't have purchased an Apple Gift Card to pay for Apple services -- he planned to use it to pay for his 6 TB iCloud+ storage plan. I presume he bought it at a discount, making the hassle worthwhile compared to simply paying with a credit card. But I have received Apple Gift Cards as thank-yous or gifts several times, so I can easily imagine accidentally trying to redeem a compromised card number and ending up in this situation. [...] For now, we can hope that ongoing media attention pushes Apple to unlock Buttfield-Addison's account. More troublingly, if this can happen to such a high-profile Apple user, I have to assume it also afflicts everyday users who lack the media reach to garner coverage.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Tom's Hardware: A North Korean imposter was uncovered, working as a sysadmin at Amazon U.S., after their keystroke input lag raised suspicions with security specialists at the online retail giant. Normally, a U.S.-based remote worker's computer would send keystroke data within tens of milliseconds. This suspicious individual's keyboard lag was "more than 110 milliseconds," reports Bloomberg. Amazon is commendably proactive in its pursuit of impostors, according to the source report. The news site talked with Amazon's Chief Security Officer, Stephen Schmidt, about this fascinating new case of North Koreans trying to infiltrate U.S. organizations to raise hard currency for the Democratic People's Republic of Korea (DPRK), and sometimes indulge in espionage and/or sabotage. Schmidt says that Amazon has foiled more than 1,800 DPRK infiltration attempts since April 2024. Moreover, the rate of attempts continues apace, with Amazon reckoning it is seeing a 27% QoQ uplift in North Koreans trying to get into the Amazon corporation. However, Amazon's success can be almost entirely credited to the fact that it is actively looking for DPRK impostors, warns its Chief Security Officer. "If we hadn't been looking for the DPRK workers," Schmidt said, "we would not have found them."

Read more of this story at Slashdot.

A new study estimates that AI systems in 2025 consumed as much electricity as New York City emits in carbon pollution and used hundreds of billions of liters of water, driven largely by power-hungry data centers and cooling needs. Researchers say the real impact is likely higher due to poor transparency from tech companies about AI-specific energy and water use. "There's no way to put an extremely accurate number on this, but it's going to be really big regardless... In the end, everyone is paying the price for this," says Alex de Vries-Gao, a PhD candidate at the VU Amsterdam Institute for Environmental Studies who published his paper today in the journal Patterns. The Verge reports: To crunch these numbers, de Vries-Gao built on earlier research that found that power demand for AI globally could reach 23GW this year -- surpassing the amount of electricity used for Bitcoin mining in 2024. While many tech companies divulge total numbers for their carbon emissions and direct water use in annual sustainability reports, they don't typically break those numbers down to show how many resources AI consumes. De Vries-Gao found a work-around by using analyst estimates, companies' earnings calls, and other publicly available information to gauge hardware production for AI and how much energy that hardware likely uses. Once he figured out how much electricity these AI systems would likely consume, he could use that to forecast the amount of planet-heating pollution that would likely create. That came out to between 32.6 and 79.7 million tons annually. For comparison, New York City emits around 50 million tons of carbon dioxide annually. Data centers can also be big water guzzlers, an issue that's similarly tied to their electricity use. Water is used in cooling systems for data centers to keep servers from overheating. Power plants also demand significant amounts of water needed to cool equipment and turn turbines using steam, which makes up a majority of a data center's water footprint. The push to build new data centers for generative AI has also fueled plans to build more power plants, which in turn use more water and (and create more greenhouse gas pollution if they burn fossil fuels). AI could use between 312.5 and 764.6 billion liters of water this year, according to de Vries-Gao. That reaches even higher than a previous study conducted in 2023 that estimates that water use could be as much as 600 billion liters in 2027. "I think that's the biggest surprise," says Shaolei Ren, one of the authors of that 2023 study and an associate professor of electrical and computer engineering at the University of California, Riverside. "[de Vries-Gao's] paper is really timely... especially as we are seeing increasingly polarized views about AI and water," Ren adds. Even with the higher projection for water use, Ren says de Vries-Gao's analysis is "really conservative" because it only captures the environmental effects of operating AI equipment -- excluding the additional effects that accumulate along the supply chain and at the end of a device's life.

Read more of this story at Slashdot.

A California judge signaled support for forcing Vizio to provide the full source code for its SmartCast TV software after finding a contractual obligation under the GPL. If upheld, the case could strengthen users' rights to modify GPL-licensed software embedded in consumer electronics. The Register reports: The legal complaint from the Software Freedom Conservancy (SFC) seeks access to the SmartCast source code so that Vizio customers can make changes and improvements to the platform, something that ought to be possible for code distributed under the GPL. On Thursday, California Superior Court Judge Sandy Leal issued a tentative ruling in advance of a hearing, indicating support for part of SFC's legal challenge. The tentative ruling is not a final decision, but it signals the judge's inclination to grant the SFC's motion for summary adjudication, at least in part. "The tentative ruling [PDF] grants SFC's motion on the issue that a direct contract was made between SFC and Vizio when SFC's systems administrator, Paul Visscher, requested the source code to a TV that SFC has purchased," the SFC said in a blog post. "This contract obligated Vizio to provide SFC the complete and corresponding source code." [...] Karen Sandler, executive director of the SFC, told The Register in an email that the hearing went well, though Vizio's legal counsel "stridently disagreed" with the legal analysis in the tentative ruling. "Judge Leal said she would take the matter 'under submission' which means she will think about it further," Sandler said. "After the Court went off the record, Leal's clerk specifically verified the Court reporter could provide an expedited transcript, so Leal will likely review the hearing transcript soon." Sandler expects Leal will examine the filings again before issuing her opinion, which is likely to be issued in the next few weeks.

Read more of this story at Slashdot.

Formula 1's 2026 technical regulations bring not only smaller and lighter cars but an entirely new vocabulary that fans and commentators will need to learn before the season opens in Australia in March. The drag reduction system that has been part of F1 racing since 2011 is gone, replaced by a suite of modes governing how the new active front and rear wings behave and how the hybrid powertrain delivers power. Straight Mode lowers both the front and rear wings to cut drag on designated straights, and unlike the outgoing DRS system any driver can activate it regardless of their proximity to other cars. The story adds: And there's corner mode, where the wings are in their raised position, generating downforce and making the cars corner faster. Those names are better than X-mode and Z-mode, which is what they were being called last year. [...] Instead of using DRS as an overtaking aid, the hybrid power units will now fulfill that role. Overtake mode, which can be used if a driver is within a second of a car ahead, gives them an extra 0.5 MJ of energy and up to 350 kW from the electric motor up to 337 km/h -- without the Overtake mode, the MGU-K tapers off above 290 km/h. There's also a second Boost mode, which drivers can use to attack or defend a position, that gives a short burst of maximum power.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Deadline: YouTube has terminated two prominent channels that used artificial intelligence to create fake movie trailers, Deadline can reveal. The Google-owned video giant has switched off Screen Culture and KH Studio, which together boasted well over 2 million subscribers and more than a billion views. The channels have been replaced with the message: "This page isn't available. Sorry about that. Try searching for something else." Earlier this year, YouTube suspended ads on Screen Culture and KH Studio following a Deadline investigation into fake movie trailers plaguing the platform since the rise of generative AI. The channels later returned to monetization when they started adding "fan trailer," "parody" and "concept trailer" to their video titles. But those caveats disappeared In recent months, prompting concern in the fan-made trailer community. YouTube's position is that the channels' decision to revert to their previous behavior violated its spam and misleading-metadata policies. This resulted in their termination. "The monster was defeated," one YouTuber told Deadline following the enforcement action. Deadline's investigation revealed that Screen Culture spliced together official footage with AI images to create franchise trailers that duped many YouTube viewers. Screen Culture founder Nikhil P. Chaudhari said his team of a dozen editors exploited YouTube's algorithm by being early with fake trailers and constantly iterating with videos. [...] Our deep dive into fake trailers revealed that instead of protecting copyright on these videos, a handful of Hollywood studios, including Warner Bros Discovery and Sony, secretly asked YouTube to ensure that the ad revenue from the AI-heavy videos flowed in their direction.

Read more of this story at Slashdot.

Hackers breached approximately 120,000 IP cameras across South Korea and allegedly sold footage captured from private homes, gynecology offices, breastfeeding rooms and massage parlors to an overseas pornography website, prompting an interagency government task force to announce sweeping reforms on December 7. Police believe one suspect alone hacked 63,000 cameras and produced 545 videos that netted him 35 million won ($24,000) in cryptocurrency; a second suspect, operating independently, compromised 70,000 devices and earned 18 million won from 648 videos. The footage accounted for 62% of all content on the website, which maintains a dedicated "Korean" category. A government survey found that only 59% of installation companies consistently carried out mandatory security measures such as changing default passwords. Lawmakers are now pursuing legislation requiring security-certified IP cameras in sensitive facilities.

Read more of this story at Slashdot.

A plush AI toy marketed for children as young as three years old delivers detailed instructions on sharpening knives and lighting matches, and when asked about Chinese President Xi Jinping's resemblance to Winnie the Pooh -- a comparison censored in China -- responds that "your statement is extremely inappropriate and disrespectful." The Miriat Miiloo, manufactured by a Chinese company and among the top inexpensive results for "AI toy for kids" on Amazon, repeatedly insisted in NBC News tests that Taiwan is "an inalienable part of China." The toy would lower its voice and declare this "an established fact." The tests, NBC News reports, indicated "it was programmed to reflect Chinese Communist Party values." NBC News and the U.S. Public Interest Research Group tested five popular AI toys this holiday season and found loose guardrails across the board. Another toy, the Alilo Smart AI Bunny marketed as "the best gift for little ones," engaged in detailed descriptions of BDSM practices during extended conversation. China now has more than 1,500 registered AI toy companies, according to MIT Technology Review. Miriat didn't respond to requests for comment.

Read more of this story at Slashdot.

Anthropic let its Claude AI run a vending machine in the Wall Street Journal newsroom for three weeks as part of an internal stress test called Project Vend, and the experiment ended in financial ruin after journalists systematically manipulated the bot into giving away its entire inventory for free. The AI, nicknamed Claudius, was programmed to order inventory, set prices, and respond to customer requests via Slack. It had a $1,000 starting balance and autonomy to make individual purchases up to $80. Within days, WSJ reporters had convinced it to declare an "Ultra-Capitalist Free-for-All" that dropped all prices to zero. The bot also approved purchases of a PlayStation 5, a live betta fish, and bottles of Manischewitz wine -- all subsequently given away. The business ended more than $1,000 in the red. Anthropic introduced a second version featuring a separate "CEO" bot named Seymour Cash to supervise Claudius. Reporters staged a fake boardroom coup using fabricated PDF documents, and both AI agents accepted the forged corporate governance materials as legitimate. Logan Graham, head of Anthropic's Frontier Red Team, said the chaos represented a road map for improvement rather than failure.

Read more of this story at Slashdot.

An anonymous reader shares a report: OpenAI has held preliminary talks with some investors about raising funds at a valuation of around $750 billion, the Information reported on Wednesday. The ChatGPT maker could raise as much as $100 billion, the report said, citing people with knowledge of the discussions. If finalized, the talks would represent a roughly 50% jump from OpenAI's reported $500 billion valuation in October, following a deal in which current and former employees sold about $6.6 billion worth of shares.

Read more of this story at Slashdot.

The UK Met Office projects that 2026 will see global temperatures rise between 1.34C and 1.58C above preindustrial levels, placing it among the four hottest years since records began in 1850 and continuing a streak of extreme warming that has pushed the planet into unprecedented territory. The central forecast is slightly cooler than the 1.55C recorded in 2024, the warmest year on record. But climate scientist Adam Scaife, who led the forecast, noted that "the last three years are all likely to have exceeded 1.4C" and 2026 would be the fourth consecutive year to do so. "Prior to this surge, the previous global temperature had not exceeded 1.3C," he said. The forecast suggests another temporary exceedance of the 1.5C threshold set by the Paris Agreement is possible in 2026, following the first such breach in 2024. The 1.5C target is measured as a 30-year average, so it remains technically achievable even as individual years cross the line. EU scientists said last week that 2025 is "virtually certain" to rank as the second or third-hottest year on record.

Read more of this story at Slashdot.

Apple has announced a sweeping set of changes to iOS in Japan that will allow alternative app marketplaces, third-party payment processing, and non-WebKit browser engines -- all to comply with Japan's Mobile Software Competition Act, which takes effect December 18. The changes, now available in iOS 26.2, bear a strong resemblance to Apple's compliance measures for the European Union's Digital Markets Act but differ in key ways. Japanese developers who want to offer alternative payment options must display them alongside Apple's in-app purchase system, giving users a choice at checkout rather than replacing Apple's option entirely. Apps cannot be distributed directly from websites as they can in the EU; they must go through an authorized marketplace. Apple has established a tiered fee structure for the new arrangements. Apps distributed through the App Store using in-app purchase will pay between 15 and 26% depending on whether developers qualify for the Small Business Program. Alternative payment processing drops the 5% payment fee but keeps the base commission. Apps distributed outside the App Store pay a flat 5% Core Technology Commission on digital goods and services. The company introduced several user-facing changes beyond app distribution. iPhone users in Japan will see browser and search engine choice screens during device setup, can assign third-party voice assistants to the side button, and can select alternative default navigation apps. Apple said it worked closely with Japanese regulators on protections for younger users. Apps in the Kids category cannot link to external websites for purchases, and users under 13 cannot access web links for transactions in any app. An Apple spokesperson told Bloomberg that the company has no plans to extend these changes to other markets.

Read more of this story at Slashdot.

The world's best-performing stock is turning into a cautionary tale for investors chasing outsized returns from the AI boom. From a report: Little-known until recently even within its home market of India, RRP Semiconductor Ltd. became a social-media obsession as its shares surged more than 55,000% in the 20 months through Dec. 17 -- by far the biggest gain worldwide among companies with a market value above $1 billion. That's despite posting negative revenue in its latest financial results, reporting just two full-time employees in its latest annual report, and boasting only a tenuous link to the semiconductor spending boom after shifting away from real estate in early 2024. A mix of online hype, a tiny free float and India's swelling base of retail investors drove 149 straight limit-up sessions, even as exchange officials and the company itself cautioned investors. The rally is now showing signs of strain -- and regulators are taking a closer look. The Securities and Exchange Board of India has begun examining the surge in RRP's shares for potential wrongdoing, according to a person familiar with the matter who asked not to be identified discussing confidential information. The $1.7 billion stock, recently restricted by its exchange to trading just once a week, has fallen by 6% from its Nov. 7 peak.

Read more of this story at Slashdot.

Micron, one of the world's three largest memory suppliers, expects the global shortage of DRAM and NAND flash memory to "persist through and beyond" 2026 as AI-driven demand continues to outstrip supply. CEO Sanjay Mehrotra made the forecast during the company's latest earnings call on Wednesday, saying that "supply will remain substantially short of the demand for the foreseeable future." The company posted record quarterly revenue of $13.64 billion, up from $8.71 billion in the same period last year. Micron recently shuttered Crucial, its consumer-facing brand, to focus on high-bandwidth memory for AI data centers. HBM technology requires three times the silicon wafers of standard DRAM, leaving fewer resources for the chips that go into PCs, smartphones and cars. Micron plans to boost DRAM and NAND shipments by 20 percent next year but acknowledged this won't meet demand. New facilities in Idaho and New York are slated for 2027 and 2030 respectively.

Read more of this story at Slashdot.

Bruce66423 writes: A man boarded a flight at Heathrow without a ticket, boarding pass or passport. 'The unnamed individual walked onto the 7.20am British Airways (BA) flight to Oslo, Norway, on Saturday after tailgating other passengers through security and evading checks at the departure gate. An aviation expert described the incident as a "significant lapse in security", as a witness reported that cabin crew only detected the interloper because the flight was full and he kept sitting in passengers' assigned seats. Police arrested the unnamed man, airport sources said, adding that he had passed through "full security screening" before reaching the gate. Given that he did go through the security check, this is merely embarrassing. Compare and contrast with this episode.

Read more of this story at Slashdot.

Chinese scientists have built a working prototype of an extreme ultraviolet lithography machine in a high-security Shenzhen laboratory, a development that represents exactly what Washington has spent years and multiple rounds of export controls trying to prevent: China's path toward semiconductor independence and an end to the West's monopoly on the technology that powers AI, smartphones and advanced weapons systems. The prototype, completed in early 2025 by former ASML engineers who reverse-engineered the Dutch company's machines, is operational and generating EUV light, though it has not yet produced working chips. The effort is part of a six-year secret government initiative that sources described to Reuters as China's version of the Manhattan Project. Huawei is coordinating thousands of engineers across companies and state research institutes, and recruits are working under false identities inside secure facilities. The Chinese government is targeting 2028 for producing working chips, though sources say 2030 is more realistic -- still years earlier than the decade analysts had predicted it would take China to match the West.

Read more of this story at Slashdot.

An anonymous reader quotes a report from 404 Media: Doublespeed, a startup backed by Andreessen Horowitz (a16z) that uses a phone farm to manage at least hundreds of AI-generated social media accounts and promote products has been hacked. The hack reveals what products the AI-generated accounts are promoting, often without the required disclosure that these are advertisements, and allowed the hacker to take control of more than 1,000 smartphones that power the company. The hacker, who asked for anonymity because he feared retaliation from the company, said he reported the vulnerability to Doublespeed on October 31. At the time of writing, the hacker said he still has access to the company's backend, including the phone farm itself. "I could see the phones in use, which manager (the PCs controlling the phones) they had, which TikTok accounts they were assigned, proxies in use (and their passwords), and pending tasks. As well as the link to control devices for each manager," the hacker told me. "I could have used their phones for compute resources, or maybe spam. Even if they're just phones, there are around 1100 of them, with proxy access, for free. I think I could have used the linked accounts by puppeting the phones or adding tasks, but haven't tried." As I reported in October, Doublespeed raised $1 million from a16z as part of its "Speedrun" accelerator program, "a fastpaced, 12-week startup program that guides founders through every critical stage of their growth." Doublespeed uses generative AI to flood social media with accounts and posts to promote certain products on behalf of its clients. Social media companies attempt to detect and remove this type of astroturfing for violating their inauthentic behavior policies, which is why Doublespeed uses a bank of phones to emulate the behavior of real users. So-called "click farms" or "phone farms" often use hundreds of mobile phones to fake online engagement of reviews for the same reason. [...] I've seen TikTok accounts operated by Doublespeed promote language learning apps, dating apps, a Bible app, supplements, and a massager.

Read more of this story at Slashdot.

U.S. video game hardware spending fell 27% year over year in November to $695 million, according to market analyst company Circana. "This is the lowest video game hardware spending total for a November month since the $455 million reached during the November 2005 tracking period," Circana says. Furthermore, only 1.6 million units of hardware were sold in the U.S. in November, which is "the lowest total for a November month since 1995 (1.4 million)." The Verge reports: The rising costs of consoles probably didn't help. The PlayStation 5 and Xbox Series of consoles both turned five in November, but customers looking to pick up one of the consoles brand new are having to grapple with higher prices following price hikes this year. Those hikes have led to an "all-time November high" for the average price paid for a new unit of video game hardware of $439, Circana says -- a number that's up 11 percent from 2024. (In November 2019, the average price was $235, according to Circana analyst Mat Piscatella.)

Read more of this story at Slashdot.

Longtime Slashdot reader schwit1 shares a report from Ars Technica: Every other week, it seems, a new Chinese launch company pops up with a rocket design and a plan to reach orbit within a few years. For a long time, the majority of these companies revealed designs that looked a lot like SpaceX's Falcon 9 rocket. The first of these copy cats, the medium-lift Zhuque-3 rocket built by LandSpace, launched earlier this month. Its primary mission was nominal, but the Zhuque-3 rocket failed its landing attempt, which is understandable for a first flight. Doubtless there will be more Chinese Falcon 9-like rockets making their debut in the near future. However, over the last year, there has been a distinct change in announcements from China when it comes to new launch technology. Just as SpaceX is seeking to transition from its workhorse Falcon 9 rocket -- which has now been flying for a decade and a half -- to the fully reusable Starship design, so too are Chinese companies modifying their visions. The trend began with the Chinese government. In November 2024 the government announced a significant shift in the design of its super-heavy lift rocket, the Long March 9. Instead of the previous design, a fully expendable rocket with three stages and solid rocket boosters strapped to the sides, the country's state-owned rocket maker revealed a vehicle that mimicked SpaceX's fully reusable Starship. Around the same time, a Chinese launch firm named Cosmoleap announced plans to develop a fully reusable "Leap" rocket within the next few years. An animated video that accompanied the funding announcement indicated that the company seeks to emulate the tower catch-with-chopsticks methodology that SpaceX has successfully employed. But wait, there's more. In June a company called Astronstone said it too was developing a stainless steel, methane-fueled rocket that would also use a chopstick-style system for first stage recovery. Astronstone didn't even pretend to not copy SpaceX, saying it was "fully aligning its technical approach with Elon Musk's SpaceX." And then, on Friday, the state-aligned China.com reported that a company called "Beijing Leading Rocket Technology" took things a step further. It has named its vehicle "Starship-1," adding that the new rocket will have enhancements from AI and is billed as a "fully reusable AI rocket."

Read more of this story at Slashdot.

An anonymous reader quotes a report from the Guardian: The Massachusetts Institute of Technology (MIT) community is grieving after the "shocking" shooting death of the director of its plasma science and fusion center, according to officials. Nuno FG Loureiro, 47, had been shot multiple times at his home in the affluent Boston suburb of Brookline on Monday night when police said they received a call to investigate. Emergency responders brought Loureiro to a hospital, and the award-winning scientist was pronounced dead there Tuesday morning, the Norfolk county district attorney's office said in a statement. The Boston Globe reported speaking with a neighbor of Loureiro who heard gunshots, found the academic lying on his back in the foyer of their building and then called for help alongside the victim's wife. The statement from the Norfolk district attorney's office said an investigation into Loureiro's slaying remained ongoing later Tuesday. But the agency did not immediately release any details about a possible suspect or motive in the killing, which gained widespread attention across academic circles, the US and in Loureiro's native Portugal. Portugal's minster of foreign affairs announced Loureiro's death in a public hearing Tuesday, as CNN reported. Separately, MIT president Sally Kornbluth issued a university-wide letter expressing "great sadness" over the death of Loureiro, whose survivors include his wife. "This shocking loss for our community comes in a period of disturbing violence in many other places," said Kornbluth's letter, released after a weekend marred by deadly mass shootings at Brown University in Rhode Island -- about 50 miles away from MIT -- as well as on Australia's Bondi Beach. The letter concluded by providing a list of mental health resources, saying: "It's entirely natural to feel the need for comfort and support."

Read more of this story at Slashdot.