Slashdot

"Several cybersecurity companies debuted advancements in AI agents at the Black Hat conference last week," reports Axios, "signaling that cyber defenders could soon have the tools to catch up to adversarial hackers." - Microsoft shared details about a prototype for a new agent that can automatically detect malware — although it's able to detect only 24% of malicious files as of now. - Trend Micro released new AI-driven "digital twin" capabilities that let companies simulate real-world cyber threats in a safe environment walled off from their actual systems. - Several companies and research teams also publicly released open-source tools that can automatically identify and patch vulnerabilities as part of the government-backed AI Cyber Challenge. Yes, but: Threat actors are now using those AI-enabled tools to speed up reconnaissance and dream up brand-new attack vectors for targeting each company, John Watters, CEO of iCounter and a former Mandiant executive, told Axios. The article notes "two competing narratives about how AI is transforming the threat landscape." One says defenders still have the upper hand. Cybercriminals lack the money and computing resources to build out AI-powered tools, and large language models have clear limitations in their ability to carry out offensive strikes. This leaves defenders with time to tap AI's potential for themselves. [In a DEF CON presentation a member of Anthropic's red team said its Claude AI model will "soon" be able to perform at the level of a senior security researcher, the article notes later] Then there's the darker view. Cybercriminals are already leaning on open-source LLMs to build tools that can scan internet-connected devices to see if they have vulnerabilities, discover zero-day bugs, and write malware. They're only going to get better, and quickly... Right now, models aren't the best at making human-like judgments, such as recognizing when legitimate tools are being abused for malicious purposes. And running a series of AI agents will require cybercriminals and nation-states to have enough resources to pay the cloud bills they rack up, Michael Sikorski, CTO of Palo Alto Networks' Unit 42 threat research team, told Axios. But LLMs are improving rapidly. Sikorski predicts that malicious hackers will use a victim organization's own AI agents to launch an attack after breaking into their infrastructure.

Read more of this story at Slashdot.

Matt Asay answered questions from Slashdot readers in 2010 as the then-COO of Canonical. Today he runs developer marketing at Oracle (after holding similar positions at AWS, Adobe, and MongoDB). And this week Asay contributed an opinion piece to InfoWorld reminding us of open source contributions from companies where "enlightened self-interest underwrites the boring but vital work — CI hardware, security audits, long-term maintenance — that grassroots volunteers struggle to fund." [I]f you look at the Linux 6.15 kernel contributor list (as just one example), the top contributor, as measured by change sets, is Intel... Another example: Take the last year of contributions to Kubernetes. Google (of course), Red Hat, Microsoft, VMware, and AWS all headline the list. Not because it's sexy, but because they make billions of dollars selling Kubernetes services... Some companies (including mine) sell proprietary software, and so it's easy to mentally bucket these vendors with license fees or closed cloud services. That bias makes it easy to ignore empirical contribution data, which indicates open source contributions on a grand scale. Asay notes Oracle's many contributions to Linux: In the [Linux kernel] 6.1 release cycle, Oracle emerged as the top contributor by lines of code changed across the entire kernel... [I]t's Oracle that patches memory-management structures and shepherds block-device drivers for the Linux we all use. Oracle's kernel work isn't a one-off either. A few releases earlier, the company topped the "core of the kernel" leaderboard in 5.18, and it hasn't slowed down since, helping land the Maple Tree data structure and other performance boosters. Those patches power Oracle Cloud Infrastructure (OCI), of course, but they also speed up Ubuntu on your old ThinkPad. Self-interested contributions? Absolutely. Public benefit? Equally absolute. This isn't just an Oracle thing. When we widen the lens beyond Oracle, the pattern holds. In 2023, I wrote about Amazon's "quiet open source revolution," showing how AWS was suddenly everywhere in GitHub commit logs despite the company's earlier reticence. (Disclosure: I used to run AWS' open source strategy and marketing team.) Back in 2017, I argued that cloud vendors were open sourcing code as on-ramps to proprietary services rather than end-products. Both observations remain true, but they miss a larger point: Motives aside, the code flows and the community benefits. If you care about outcomes, the motives don't really matter. Or maybe they do: It's far more sustainable to have companies contributing because it helps them deliver revenue than to contribute out of charity. The former is durable; the latter is not. There's another practical consideration: scale. "Large vendors wield resources that community projects can't match." Asay closes by urging readers to "Follow the commits" and "embrace mixed motives... the point isn't sainthood; it's sustainable, shared innovation. Every company (and really every developer) contributes out of some form of self-interest. That's the rule, not the exception. Embrace it." Going forward, we should expect to see even more counterintuitive contributor lists. Generative AI is turbocharging code generation, but someone still has to integrate those patches, write tests, and shepherd them upstream. The companies with the most to lose from brittle infrastructure — cloud providers, database vendors, silicon makers — will foot the bill. If history is a guide, they'll do so quietly.

Read more of this story at Slashdot.

Slashdot reader darwinmac writes: Volkswagen is offering a subscription model for extra horsepower on its ID.3 electric cars. Want to bump your ride from the standard 201 bhp to the full 228 bhp? That will be about £16.50 per month or £165 per year, or a one-time £649 "lifetime" fee that is tied to the car, not you. If you sell it, you have to pay again. VW defended this to the BBC by saying you are basically paying for a sportier experience without buying a higher powered model upfront, calling it "nothing new." Nothing changes mechanically. You are just paying VW to essentially flip a boolean somewhere in the car's software.

Read more of this story at Slashdot.

Puerto Rico expects 93 different power outages this summer, reports the Washington Post. But they also note that "roughly 1 in 10 Puerto Rican homes now have a battery and solar array for backup power" which have also "become a crucial source of backup power for the entire island grid." A network of 69,000 home batteries can generate as much electricity as a small natural gas turbine during an emergency, temporarily covering about 2 percent of the island's energy needs when things go wrong... "It has very, very certainly prevented more widespread outages," said Daniel Haughton, [transmission and distribution planning director for Puerto Rico's grid operator]. "In the instances that we had to [cut power], it was for a much shorter duration: A four-hour outage became a one- or two-hour outage." Puerto Rico's experience offers a glimpse into the future for the rest of the United States, where batteries are starting to play a big role in keeping the lights on. Authorities in Texas, California and New England have credited home batteries with preventing blackouts during summer energy crunches. As power grids across the country groan under the increasing strain of new data centers, factories and EVs, batteries offer a way for homeowners to protect themselves — and all of their neighbors — from the threat of outages. Batteries have been booming in the U.S. since 2022, when Congress created generous installation tax credits for homeowners and power companies. Home batteries generally come as an option alongside rooftop solar panels, according to Christopher Rauscher, head of grid services and electrification for Sunrun, a company that installs both. More than 70 percent of the people who hire Sunrun to put up solar panels also get a battery. With the tax credits — and the money saved on rising electricity costs — solar panels and batteries make financial sense for most American homes, according to a study Stanford University scientists published Aug. 1. About 60 percent of homes would save money in the long run with solar panels and batteries... Those batteries can have broader benefits, too. Utilities pay customers hundreds of dollars a year to sign their batteries up to form "virtual power plants," which send electricity to the grid whenever power plants can't keep up with demand. California's network of home batteries can now add 535 megawatts of electricity in an emergency — about half as much energy as a nuclear power plant... [H]omeowners can make thousands of dollars a year lowering their energy bills, selling solar power back to the grid or enrolling their batteries in a virtual power plant, depending on their power company's policies and state regulations. "Over time, you would get the full payback for your system and basically get your backup for free," said Ram Rajagopal, an associate professor of civil and environmental engineering who co-authored the Stanford study.

Read more of this story at Slashdot.

ChatGPT now has nearly 700 million weekly users, OpenAI says. But after launching GPT-5 last week, critics bashed its less-intuitive feel, reports CNBC, "ultimately leading the company to restore its legacy GPT-4 to paying chatbot customers." Yet GPT-5 was always about cracking the enterprise market "where rival Anthropic has enjoyed a head start," they write. And one week in, "startups like Cursor, Vercel, and Factory say they've already made GPT-5 the default model in certain key products and tools, touting its faster setup, better results on complex tasks, and a lower price." Some companies said GPT-5 now matches or beats Claude on code and interface design, a space Anthropic once dominated. Box, another enterprise customer, has been testing GPT-5 on long, logic-heavy documents. CEO Aaron Levie told CNBC the model is a "breakthrough," saying it performs with a level of reasoning that prior systems couldn't match... Still, the economics are brutal. The models are expensive to run, and both OpenAI and Anthropic are spending big to lock in customers, with OpenAI on track to burn $8 billion this year. That's part of why both Anthropic and OpenAI are courting new capital... GPT-5 is significantly cheaper than Anthropic's top-end Claude Opus 4.1 — by a factor of seven and a half, in some cases — but OpenAI is spending huge amounts on infrastructure to sustain that edge. For OpenAI, it's a push to win customers now, get them locked in and build a real business on the back of that loyalty... GPT-5 API usage has surged since launch, with the model now processing more than twice as much coding and agent-building work, and reasoning use cases jumping more than eightfold, said a person familiar with the matter who requested anonymity in order to discuss company data. Enterprise demand is rising sharply, particularly for planning and multi-step reasoning tasks. GPT-5âs traction over the past week shows how quickly loyalties can shift when performance and price tip in OpenAI's favor. AI-powered coding platform Qodo recently tested GPT-5 against top-tier models including Gemini 2.5, Claude Sonnet 4, and Grok 4, and said in a blog post that it led in catching coding mistakes. The model was often the only one to catch critical issues, such as security bugs or broken code, suggesting clean, focused fixes and skipping over code that didn't need changing, the company said. Weaknesses included occasional false positives and some redundancy. JetBrains has also adopted GPT-5 as the default for its AI Assistant and for its new no-code tool Kineto, according to the article. But Anthropic is still enjoying a great year too, with its annualized revenue growing 17x year-over-year (according to "a person familiar with the matter who requested anonymity")

Read more of this story at Slashdot.

Last month, Python "reached the highest ranking a programming language ever had in the TIOBE index," according to TIOBE CEO Paul Jansen. "We thought Python couldn't grow any further, but AI code assistants let Python take yet another step forward." According to recent studies of Stanford University (Yegor Denisov-Blanch), AI code assistants such as Microsoft Copilot, Cursor or Google Gemini Code Assist are 20% more effective if used for popular programming languages. The reason for this is obvious: there is more code for these languages available to train the underlying models. This trend is visible in the TIOBE index as well, where we see a consolidation of languages at the top. Why would you start to learn a new obscure language for which no AI assistance is available? This is the modern way of saying that you don't want to learn a new language that is hardly documented and/or has too few libraries that can help you. TIOBE's "Programming Community Index" attempts to calculate the popularity of languages using the number of skilled engineers, courses, and third-party vendors. It nows gives Python a 26.14% rating, which TechRepublic notes "is well ahead of the next two programming languages on this month's leaderboard: C++ is at 9.18% and C is 9.03%." But the first top six languages haven't changed since last year... PythonC++C JavaC#JavaScript Since August of 2024 SQL has dropped from its #7 rank down to #12 (meaning Visual Basic and Go each rise up one rank from their position a year ago, into the #7 and #8 positions). In the last year Perl has risen from the #25 position to #9, beating out Delphi/Oracle Pascal at #10, and Fortran at #11 (last year's #10). TIOBE CEO Jansen "told TechRepublic in an email that many people were asking why Perl was becoming more popular, but he didn't have a definitive answer. He said he double-checked the underlying data and found the increase to be accurate, though the reason for the shift remains unclear."

Read more of this story at Slashdot.