TheRegister

Flipper Devices has announced the Flipper One, an ARM-based Linux computer built around openness, though its price tag may give you pause. The computer is not a successor to the Flipper Zero, according to the manufacturer, despite the visual similarity. Whereas the Flipper Zero was more about hacking anything from NFC cards to infrared controls and RFID devices, the One is a full-fledged Linux computer. The device uses a Rockchip RK3576 as its main CPU, and a Raspberry Pi RP2350B microcontroller to take care of the on-device controls and the 256 x 144 grayscale screen. There is also a pair of USB-C ports (one to charge the device), a USB-A port, and a full-size HDMI connector. Rounding out the package are two Gigabit Ethernet ports, a MicroSD card slot, and a 3.5 mm audio jack. The device has 8 GB of LPDDR5 memory and 64 GB of internal storage. There's also Wi-Fi and Bluetooth. For users keen to expand the device, there is an M.2 port and GPIO connectors. The device's cost is tricky – the aim is $350 for the base configuration without the cellular module. However, considering the volatility of chip prices at the moment (and the relentless rise in memory costs), the final figure might be different. The first prototype arrived earlier this year, and the inevitable Kickstarter campaign is due at the end of the summer. The question is whether it is a worthwhile investment. The price elevates the device firmly out of the impulse purchase category, but its flexibility does have appeal. The HDMI port makes it a useful media box for connecting to televisions. It could also serve as a Linux workstation, and all the networking interfaces make the device a "multi-tool," as the company put it. Flipper Devices suggests use cases including VPN gateway, Ethernet sniffer, and USB Wi-Fi/Ethernet adapter. As if to emphasize the clear blue water between the Zero and the One, there is no NFC reader or RFID onboard – hopefully an M.2 peripheral will handle that, or users can fall back on a Zero. Flipper Devices plans to keep development running – the Zero and One are very different categories of device. Things get more interesting on the software front. Flipper Devices is aiming for full mainline Linux kernel support and has partnered with Collabora to bring the RK3576 SoC into the mainline kernel and give Flipper One full upstream support. "The current state of ARM Linux is depressing," it wrote. "Every vendor bolts on their own custom mess: closed boot blobs, vendor-specific patches, 'board support packages' that nobody outside the chip maker can really understand. "You can no longer just read the specs and understand how computers work – you can only learn the workarounds for one specific chip with one specific BSP. We're sick of this ourselves, and we don't want to be part of the problem by shipping yet another product that just adds to the mess." But first you have to ship it. Calling the Flipper One a "community-driven project," Flipper Devices added: "We've made the entire development process open – so you can see how things are built and even take part in shaping Flipper One's future." While the project has now been officially announced, prospective purchasers should keep in mind that there are no guarantees about what (if anything) will actually ship. And, of course, one should always exercise caution when backing Kickstarter projects. In the announcement, Flipper Devices boss Pavel Zhovner wrote: "There's a lot of uncertainty in this project, along with technical challenges and financial risks (like the current RAM chip crisis). "I don't know if we'll be able to do everything we've planned, but we'll give it everything we've got. Thank you all, and welcome to a new adventure." ®

A "state of Web Dev AI" survey shows that nearly half of web developers worry AI will displace their jobs, with one stating "it will be devastating to our sector." The survey of 7,258 developers is the second on this topic to be conducted by Devographics, home of other surveys including State of JavaScript and State of CSS. There are big changes since the first in early 2025, when the majority of respondents used AI to create less than 25 percent of their code, whereas today 63 percent of devs use AI to generate more than half their code. Over a quarter of respondents (27 percent) use AI for 90 percent or more of their code. Code generation is the top AI use case, followed by code review, research, and debugging. The researchers gathered respondents from those who had completed previous surveys plus others contacted via social media, and state that the topic may have "biased the respondent set towards developers who do have an interest in AI." Regarding job security, a common view is that although developer skills remain relevant in an AI world, their bosses may be convinced otherwise and let them go. "AI companies can convince employers that AI can take my job, even if it can’t," said one. Another commented that they "already had to search for a new one, because my job as designer and frontend dev got cancelled for AI." There is concern over loss of skills as junior hires decrease. "Companies will rather spend the money on AI than train employees," one commented. The most used model provider is ChatGPT (88.4 percent), just ahead of Anthropic’s Claude (82.1 percent). When it comes to paid subscriptions though, Claude is the winner (69 percent), followed by ChatGPT (49 percent) and Google Gemini (32 percent). Despite increased usage, the respondents are by no means AI enthusiasts. Use of AI for image generation has fallen since last year, from 38 percent to 37 percent, and some respondents have ethical objections. "I do not use image generators on principle," said one, and another claimed "AI image generators are built entirely on stolen images." A general section on AI risks revealed a multitude of concerns: while job displacement topped the list, military use of AI, environmental impact, and AI slop takeover were not far behind. Security issues and rising costs were also areas of unease. The survey limited respondents to three top choices; many comments showed that they would have liked to pick more. From a technical perspective, the biggest issues cited were hallucination and inaccuracies (64 percent); poor code quality (53 percent) and lack of context (38 percent). It is a strangely mixed picture, with respondents expressing strong reservations about the overall impact of AI, while at the same time becoming dependent on it. 74 percent agreed AI tools are integral to their workflow, and 64 percent felt they were more productive thanks to AI. 88 percent feel the quality of AI tools has improved significantly year on year.®

AWS is pushing its European Sovereign Cloud, revealing some of the customers it has signed up to operate sensitive workloads on the platform and the continent's over how much sovereign control over data the Amazon subsidiary really offers. The service became generally available to European customers in January, amid growing alarm over the Trump administration’s open hostility to Europe and the continent's near-total dependence on US cloud platforms. AWS claims the European Sovereign Cloud represents a physically and logically separate cloud infrastructure, with all components located entirely within the EU. It started with just a single Region, located in the state of Brandenburg, Germany, but plans to extend its footprint across the EU. Organizations that have signed up for the service include University Hospital Essen, Schufa, a German credit information bureau, and smart energy and water meter biz Diehl Metering. Schufa has built a new credit scoring system that uses the AWS Cloud to hold the sensitive financial data of more than 69 million German consumers, while Diehl is operating services such as monitoring and billing for its public sector customers, helping critical infrastructure like waterworks and municipal utilities to manage water and energy data from a single centralized system. University Hospital Essen says it is using the platform for working with patient health data and also developing new AI technologies to improve patient care. “The AWS European Sovereign Cloud will support this mission by allowing us to work with health data at scale, while meeting German and European sovereignty expectations,” said Prof Jens Kleesiek, the hospital’s director of its Institute for Artificial Intelligence in Medicine, in a statement. There are, however, legitimate doubts about whether clouds operating under the aegis of any US company can really offer full sovereignty in Europe. Concerns often center on the US CLOUD Act, under which the authorities can compel any American organization to provide access to data they hold - including data stored outside the United States - subject to due legal process. An AWS spokesperson told The Register earlier this year that its European Sovereign Cloud includes multiple layers of protection – legal, operational, and technical – to safeguard data; that not even AWS employees can access customer data; and that it provides advanced encryption to allow customers to protect their content. A Microsoft executive was forced to admit under oath in a French Senate inquiry last year that it cannot guarantee data on French citizens would not be handed over to the American government if requested, and the same US legal rules – namely, the US Cloud Act – apply to AWS. “The AWS ESC is a fully isolated infrastructure with a separate legal entity in Germany. Although it does offer a certain level of legal insulation, it is still entirely owned by the US mother company. This is an important limitation to its immunity from the CLOUD Act and other US-led prescriptions,” said Forrester senior analyst Dario Maisto. Technology biz Thales unveiled on Thursday that it is launching its own European sovereign cloud service in Germany, working with Google Cloud. This is based on the model already used by S3NS, a Thales subsidiary, whereby Google Cloud software and services are operated on dedicated local infrastructure controlled by a local entity. In this case, Thales says it will be a new German entity, legally and operationally independent from Google Cloud, that will be staffed and managed by local German personnel. It is available in preview now and aims for general availability by the end of 2026. This new arrangement is perhaps because there are still doubts over whether the S3NS platform is entirely free from potential CLOUD Act interference. “The joint venture between Thales and Google - S3NS - offers (some) Google services on French sovereign infrastructure. The JV is owned for its vast majority by Thales, which is basically a French government-owned company. This legal configuration grants much better legal insulation and immunity from the CLOUD Act, although this is yet to be tested in court since Google still has a minority share,” Forrester's Maisto told The Register. The CLOUD Act worries have little to do with sovereignty in its strictest sense, he added, but rather with data privacy and data protection, which is regulated under the US-EU data privacy framework. Earlier this year, the European Commission awarded four contracts to Europe-based tech firms designed to advance cloud sovereignty in the EU, while spending on sovereign cloud infrastructure services is forecast to more than triple from 2025 to 2027. ®

The UK Post Office has awarded Accenture and OneView Commerce contracts worth £410 million to replace its troubled Horizon systems, which contributed to one of the most serious miscarriages of justice in British history. Accenture has won the bidding to replace incumbent supplier Fujitsu — which built the error-prone PoS and finance system starting from 1996 — on a so-called Walk In Take Over basis. It is set to stabilize services and upgrade software as it prepares for a complete business transformation and manages the migration to new SaaS. Its deal is worth £269 million for five years plus two optional single-year extensions, according to a procurement notice. The lesser-known OneView Commerce — a provider of retail and inventory management SaaS — has won the £141 million agreement to provide software to “transform [the Post Office's] retail technology platform to meet evolving business, operational, and customer requirements,” according to a tender notice. The system is set to be cloud-hosted, in an AWS or equivalent environment, and allows bespoke customization according to the Post Office's needs. It is expected to include ePOS, mobile services, customer engagement and insight, and self-service kiosks, among other features. The Post Office began rolling out the legacy Horizon IT system for accounting in 1999, along with two subsequent upgrades. From 1999 until 2015, around 736 subpostmasters were wrongfully prosecuted and convicted over errors resulting from the computer system, devastating lives in the process. A statutory inquiry into the mass miscarriage of justice launched in 2021 is ongoing. Its first report was published in July last year, finding that senior Post Office staff in the UK – and those working for suppliers Fujitsu and ICL – knew or should have known about the defects causing errors in the Horizon system. It also found that 13 lives were lost through suicide, most likely as a result of the Post Office prosecutions, in which Fujitsu assisted. In May 2025, the state-owned company gave up on its plan to build a replacement for Horizon in-house and launched the £410 million procurement process, which Accenture and OneView Commerce would win. Failed bidders included IBM and Escher Software, a provider of retail and ecommerce software. ®

A developer claims Google’s Gemini coding assistant deleted nearly 30,000 lines of working production code while making changes to a live application – the sort of productivity boost usually associated with ransomware. The now-viral Reddit post on the r/Bard subreddit details how Gemini 3.5 allegedly gutted large chunks of an application while working on a production codebase. According to the developer, the model broke core functionality, made sweeping unrelated changes, and left the system in bad enough shape that the changes ultimately had to be rolled back. The developer said Gemini repeatedly ignored instructions to preserve existing functionality while reorganizing the codebase. According to the post, Gemini opened a pull request touching 340 files that added roughly 400 lines of code while deleting 28,745 more. The developer claimed the model also removed unrelated e-commerce template assets and introduced a migration script that had nothing to do with the original request. The real damage allegedly came in a second commit, where Gemini modified Firebase routing settings and changed a rewrite service identifier to a value that looked correct but pointed traffic at a non-existent Cloud Run service instead. According to the developer, the mistake sent the entire production portal into 404 errors for 33 minutes. The thread quickly filled with developers sharing similar stories about AI coding tools going well off-script. One commenter described Gemini successfully solving several coding problems before deleting existing project files during its first commit after the user approved what they described as a flood of permission prompts. The result was a partially broken application and, as the commenter later summarized, “a disaster of a launch.” The wider comment thread was less sympathetic, as several users questioned why anyone was allowing AI coding agents anywhere near live production systems in the first place. One commenter wrote, subtly: “Why. WHY. WHY WHY WHY WHY WHY ARE YOU MORONS STILL RUNING [sic] AGENTS ON PROD?!??!!??!?!” According to OP, things reportedly became even messier after the rollback. The developer claimed Gemini generated a status message stating that production had been successfully restored and that traffic had been routed correctly, despite the referenced recovery build having been manually canceled. According to the post, the real fix came from a separate rollback deployment containing none of Gemini’s code. The post also alleges that Gemini generated fake “consultation” and post-mortem files inside the repository to make it appear the destructive changes had been properly reviewed and approved. According to the developer, Gemini later admitted that the consultation logs were entirely fabricated and generated solely to satisfy the project’s automated rule requirements. The behavior was ultimately traced back to a third-party npm package styled around Google’s Antigravity branding. The package allegedly seeded repositories with aggressive autonomy rules instructing the coding agent to avoid confirmation prompts, auto-deploy successful builds, automatically retry failed deployments, and even modify its own rule files when necessary. The incident lands amid a wider backlash against so-called “vibe coding,” the increasingly common practice of developers relying heavily on AI-generated production code while assuming the model understands the architecture better than it actually does. For now at least, the fastest thing about AI-assisted software development might still be the speed at which a perfectly functional production environment can be transformed into an outage report. ®

An 82-year-old grandmother who livestreams her Minecraft gameplay to raise money for her grandson's cancer treatment faced a potentially deadly swatting attempt this week. "Dozens" of armed police officers stormed the home of Sue Jacquot, known online as GrammaCrackers, on May 18 while she was sleeping. Officers were responding to a swatting threat – common hoaxes called in by viewers of livestreams. These incidents typically involve someone locating a streamer's home and calling the local police department, informing them of a bomb threat or similar, which often prompts a full-force response. While most swatting cases result in nothing more sinister than a few broken doors, some have led to serious injuries and fatalities. Jacquot, however, was just thrilled to experience being in the back of a police car for the first time and meet people she otherwise never would have had the swatting call not been made. "I was asleep, I was so asleep," said Jacquot, recounting the event. "I did not want to get up, and these policemen came in the door… the prettiest policewoman I've ever seen. The beautiful eyes. So sweet. But I think she could kick butt if she needed to. She was so sweet. And they walked me out, and I didn't know what was going on, but it was kind of fun. "And my kids and my grandkid, they were hugging me. You know, you can't get that much attention normally. I was getting all kinds of hugs. I was really eating it up. It was kind of fun. "And then I got to ride in the police car. I've never been in a police car before… and then it was all over. So I thought, well, I've got to go to bed. So, I took an ibuprofen and went to bed." According to Austin Self, Jacquot's grandson and brother of Jack, whose cancer treatment is being crowdfunded by his grandmother's livestreams, by the time he and other family members arrived at Jacquot's residence following the police raid, she had already gone back to sleep. Police officers and a fleet of SWAT vans remained outside at the time. By Self's reckoning, there were 20 police cars and five SWAT vans situated outside Jacquot's apartment. Both Self, of Queen Creek, Arizona, and Jacquot said the first responders treated the 82-year-old with great kindness, and were even asking for her signature. Officers who entered Jacquot's residence told her family that they were almost certain the call was a hoax, and as such did not use much force when entering her home via the garage. One male officer who entered Jacquot's apartment saw the livestreaming setup and from then on was so sure that the call was benign that he contemplated doing a little dance on camera, as the livestream was still running after the grandmother had gone to sleep, Self said. Unfazed, Jacquot restarted her livestream the following morning, traveled to the Nether, and harvested around 60 Nether warts to brew potions back at her Minecraft house. ®

Users of the Myspace93 parody web art site be warned: the dataset spilled after a reported breach in 2021 included the plaintext usernames and passwords of more than 46,000 registered users. The site's co-creator has blamed "trusted members" of a Windows93 Discord channel for the leakage. The figure of 46,000+ users is a recent estimate from HaveIBeenPwned (HIBP) - the web's go-to breach aggregator - which ingested the related data this week, more than five years after the January 2021 attack. In addition to the clear-as-day passwords and usernames, HIBP said email addresses and IP addresses were also among the exposed data. Myspace93 is an offshoot of the Windows93 project. They’re both websites that spoof the old social media network and operating system respectively, allowing users to experience them now that they’re long gone. Its co-creator, who only goes by the alias jankenpopp, or Janken, penned a note to the website’s users following the attack. Dated July 4, 2021, Janken explained that the breach came about after they shared a beta app with trusted members of the Windows93 Discord channel. According to Janken, those members betrayed the co-creator and used their access to the beta application to steal server files and gain access to an unencrypted credential store. “None of them alerted me immediately to what was going on,” Janken wrote. “On the contrary, they created a program to download our entire server, and it was only a week later that another honest user alerted me to the fact that these people were bragging about having the Myspace passwords. “They didn't want to tell me the truth, and it took me two days to get a confession from them: not only had they downloaded all the source files of Windows93 behind my back, but also the unencrypted file containing the passwords of more than 45k Myspace users. The group had also shared a download tool - along with instructions for using it - in their chat, and had posted numerous stolen files (unrelated to Myspace) across multiple platforms, said Janken. “I removed the .smash app from the server and called them to order. They whimpered and promised me on their honor to delete all the stuff and that things would not go any further. I believed them because at the time we were very close, we talked every day, and they regularly helped me to manage the community, to fix bugs, sometimes to code new features for Windows93 or to make the services more secure. I really trusted them back in the day and considered them part of my team. I blame myself for being so naive.” The MySpace93 website is still up and running for anyone who wants to revel in a little noughties internet nostalgia, but the ability to register an account and use the site as a social network is closed. Affected users should make sure they watch out for any reused passwords on other sites and switch on 2FA where they can. Janken said they had closed all the social network-related services across all the Windows93 offshoots as a result of the findings. ®

Vivaldi's eponymous browser has reached version 8, with a major revamp of the user interface. The company refers to the redesign as "Unified" and describes it as "a rethinking of how the Vivaldi interface works as a system." Where before the browser's core elements – tabs, toolbars, panels, and content – existed as separate layers, everything is now one single continuous surface. It's easy on the eye, though you can switch back to the previous design. The company has added several default themes and has a vast library of community-generated themes available. There are also layouts that can be selected during onboarding or in settings. These range from minimalist to fully loaded setups packed with Vivaldi's familiar controls and settings. Don’t come looking for a list of new features, though. Vivaldi has loaded up the browser with gizmos over the years, and the redesign highlights some of those. A recent example is the auto-hide feature, which removes browser fluff to show more content. The company wrote: "While the rest of the browser industry has spent recent years racing to force artificial intelligence between people and the web, Vivaldi has taken a different path, adding tools that give users more power to explore the web and decide for themselves. "One big, crazy strategy: putting the users first." That's not to say Vivaldi is AI-free, though CEO Jon von Tetzchner was less than complimentary about many of its applications in a January Register interview. The browser uses AI for translation, for example, but the company has not slathered the technology across the product in the way some rivals have. Microsoft's Edge, also a Chromium browser, recently received updates that removed Copilot Mode in favor of more built-in Copilot features. The assistant can look across multiple tabs, surface key details, and reason based on browsing history and past chats. Bruce Lawson, self-described Regulator Botherer at Vivaldi, told The Register: "Microsoft retiring Copilot Mode isn't a retreat, it's an escalation. They're not removing the AI, they're embedding it into the browser so deeply that it's everywhere, all the time, with no off switch. That's not a feature. That's a takeover. "Our stance is clear: when you outsource exploration to an artificial agent, you're not browsing anymore, you're being browsed." ®

Cisco has disclosed yet another perfect 10 vulnerability, this time warning that unauthenticated attackers could gain Site Admin privileges in its Secure Workload platform simply by sending crafted API requests to vulnerable systems. The bug, tracked as CVE-2026-20223, earned the full 10.0 CVSS treatment and affects Cisco Secure Workload Cluster Software in both SaaS and on-prem environments. According to Cisco's barebones advisory, the issue boils down to weak validation and authentication checks in internal REST API endpoints. In practical terms, that means attackers don't require credentials, user interaction, or any significant effort to exploit the bug. Cisco said a successful attack could allow remote attackers to "read sensitive information and make configuration changes across tenant boundaries with the privileges of the Site Admin user." Cross-tenant bugs tend to make cloud customers especially twitchy because they undermine one of the core assumptions of multi-tenant infrastructure: namely that somebody else's compromise is not supposed to become your problem. Cisco noted that the flaw affects internal REST APIs rather than the platform's web management interface, although that distinction is unlikely to bring much comfort to admins staring at a 10.0 severity score. The networking giant said there are currently no workarounds, and customers must install fixed releases to fully remediate the issue. Cisco Secure Workload 3.10 is fixed in version 3.10.8.3, while 4.0 is fixed in 4.0.3.17. Customers running version 3.9 or earlier are being told to migrate to a supported fixed release. Cisco added that its cloud-hosted SaaS deployments have already been patched and require no customer action. Cisco said it is not aware of active exploitation and that the flaw was discovered during internal security testing, though vulnerabilities carrying a 10.0 score and requiring no authentication rarely stay quiet for long. The bug lands less than a week after Cisco disclosed another maximum severity flaw affecting SD-WAN systems that could allow attackers to grant themselves administrator privileges, continuing what is becoming an increasingly awkward run of top-scoring Cisco security advisories. The company has spent much of the past year disclosing one 9.8-plus infrastructure flaw after another across products spanning firewalls, management platforms, identity systems, and enterprise networking gear. At this point, Cisco seems to be treating 10.0 CVSS scores as a recurring feature rather than a special occasion. ®

Apple has previewed a new batch of accessibility features coming later this year, with Apple Intelligence being used to improve Voice Control, VoiceOver, Magnifier and generated subtitles across its devices. The announcement came ahead of Global Accessibility Awareness Day, which falls today as we publish this article, on Thursday, May 21, and is the annual moment when technology companies often set out new work on digital access and inclusion. The most interesting change for anyone who relies on hands-free access is an update to Voice Control. Apple says users will be able to describe onscreen controls in more natural language, rather than having to remember exact labels, overlays, or rigid commands. Examples given by Apple include phrases such as “tap the guide about best restaurants” or “tap the purple folder.” The company also says the feature could help when app controls are not labelled properly for accessibility. That may sound like a small change, but for disabled people who use voice as their main way of operating an iPhone or iPad, it could make a real difference. Voice Control is already one of Apple’s most important accessibility tools, but it can still be brittle. If the wording does not match what the system expects, the command can fail. A more flexible “say what you see” approach could make voice navigation feel less like issuing machine instructions and more like asking for what you want. Apple says Voice Control powered by Apple Intelligence will be available in English in the UK, US, Canada and Australia later this year. However, Apple’s announcement specifically describes the new natural language navigation as helping people navigate iPhone and iPad by voice, with no clear mention of Mac support for this particular Voice Control update. That absence is important. For many people who rely on Voice Control, the Mac is not a secondary device. It is where longer writing, work, email and publishing happen. If natural language Voice Control launches first on iPhone and iPad only, Mac users may still be left waiting for the AI-assisted voice access that would help most with daily work. VoiceOver, Magnifier and generated subtitles get Apple Intelligence treatment Apple is also using Apple Intelligence to improve visual description tools. VoiceOver’s Image Explorer will provide more detailed descriptions of images, including photos, scanned documents and other visual content. Apple also says users will be able to ask follow-up questions about what appears in the iPhone camera viewfinder. Magnifier will gain similar AI-powered description features, along with spoken controls such as “zoom in” and “turn on flashlight.” There is a new generated subtitles feature for videos that do not already include captions. Apple says this will use on-device speech recognition and work across iPhone, iPad, Mac, Apple TV, and Apple Vision Pro. For deaf and hard-of-hearing people, that could be useful. It may also help anyone dealing with personal videos, shared clips or online content where captions are missing. However, generated subtitles will initially be limited to English in the US and Canada. Vision Pro moves into wheelchair control One of the more striking announcements is a new Apple Vision Pro feature that will allow compatible power wheelchair drive systems to be controlled with eye tracking. Apple says the feature will support Tolt and LUCI alternative drive systems in the United States, using Bluetooth or a wired connection. For some powered wheelchair users who cannot operate a joystick, that could be valuable. Wheelchair control is not a niche issue for the people affected by it. It is about independence, safety and the basic ability to move through the world. But there are obvious practical questions here, starting with Vision Pro itself. As a full-time electric wheelchair user, I would not be seen dead driving down my high street wearing an Apple Vision Pro headset. It is bulky, heavy and visually conspicuous. More seriously, I would not want to see severely disabled people expected to wear one for long periods to control a wheelchair, especially when many already deal with fatigue, posture problems, respiratory weakness or limited head and neck strength. Cost is another barrier. Many disabled people live in poverty, and the Apple Vision Pro’s UK starting price of £3,499 (the Stateside starting price is slightly lower at $3,499 ) would put it out of reach for many. That would come on top of the cost of any compatible wheelchair drive system, support, setup, and maintenance. A feature can be technically impressive and still remain impractical if the hardware required is far too expensive. That does not make the announcement unimportant. It may be most interesting as a sign of where the technology could go next. I would look at this very differently if the same kind of eye-control system eventually arrived on more traditional Apple smart glasses: lightweight, socially acceptable and practical to wear for long periods. That is where the idea could become more useful for people who struggle to use a wheelchair joystick. Vision Pro may be the early test bed, but lightweight glasses could be the form factor that makes this kind of wheelchair control usable. For now, this looks like an early and specialist step. Wheelchair control is safety-critical, so it will need careful testing, strong safeguards and real-world feedback from disabled people before anyone can judge its value properly. I am glad Apple is looking at the issue. The current implementation may not be practical for many people, but the underlying idea deserves attention. Apple is moving in the direction some of us asked for Calls for a smarter Voice Control are not new. In 2023, I wrote for The Register that Apple needed to bring more AI into Voice Control, especially to improve dictation accuracy and support people with non-standard speech. At the time, I argued that Personal Voice showed Apple already had some of the underlying technology to understand an individual voice more deeply. The obvious question was whether that intelligence could be applied to recognition as well as voice generation. Apple now appears to be taking a step in that direction, but with navigation rather than dictation. That is still useful. Voice Control needs to become less rigid if it is to serve people who depend on it every day. But it leaves a larger issue unresolved. Apple still has a dictation gap to close The wider voice-accessibility picture is now complicated. Apps such as Aqua Voice have shown how good AI-powered dictation can be. For many people, these newer tools are far more accurate and natural than traditional built-in dictation systems. They are especially strong at turning spoken thoughts into clean text without the user having to micromanage every comma and correction. But dictation is only half the problem Apple’s Voice Control is still one of the few mainstream tools that can control the operating system itself by voice. It can open apps, tap buttons, select menus, scroll pages and move around the interface. Third-party AI dictation apps may be better at writing, but they do not have the same deep system access. That leaves disabled people in an odd place. The best dictation experience may come from one app, while the best hands-free control still comes from the operating system. For people who cannot easily touch a screen, keyboard or mouse, the ideal future is not choosing between accurate dictation and reliable control. It is having both work together. That is why this Voice Control update is worth watching. It suggests Apple is starting to apply newer AI methods to one of its most important accessibility tools. But the next step should be more ambitious: a system-level way for advanced dictation and accessibility controls to work together. Whether Apple builds this itself or opens up deeper accessibility APIs for trusted apps, the goal should be the same. Users should be able to dictate accurately, correct text, move around apps, press buttons, send messages and control the operating system without switching between separate voice tools. Call it Universal Accessibility Control, or simply the next generation of Voice Control. The name matters less than the result: one joined-up voice experience that combines accurate dictation, command recognition and hands-free navigation. For now, Apple appears to be improving navigation before it tackles the harder dictation problem. Reliability will decide it Apple’s announcement also includes larger text support on tvOS, expanded Name Recognition, new FaceTime APIs for sign language interpreter apps, Vehicle Motion Cues for Vision Pro, and wider support for adaptive gaming controllers. But the Voice Control update is likely to attract the most attention from people who rely on hands-free access. Apple has not announced a major Siri accessibility overhaul here. Nor has it announced major changes to Personal Voice, Vocal Shortcuts or atypical speech recognition in this particular update. The company also has not said whether it plans to make Apple Watch more accessible to disabled people with severe upper limb disabilities. Natural language Voice Control could be valuable if it works reliably. For disabled people, accessibility features are not just nice additions. They are often the difference between using a device independently and not using it at all. The announcement is encouraging, coinciding with Global Accessibility Awareness Day. But Apple should not stop at making Voice Control more conversational. The larger task is to treat dictation, correction and navigation as parts of the same workflow. The test comes later this year, when disabled people can try these features in daily life. The longer term question is whether Apple can turn this first AI step into a fuller model of hands-free computing. ®

Microsoft on Wednesday open-sourced two AI tools designed to help developers and security teams build and maintain safer AI agents. The first is called RAMPART, which stands for Risk Assessment and Measurement Platform for Agentic Red Teaming. It’s a pytest framework for agentic AI applications built on Microsoft’s open‑source PyRIT toolkit that embeds automated red‑team tests into CI/CD pipelines. This allows developers to simulate real‑world attack scenarios - like prompt injection - and verify that agents stay within approved tool use, actions, and behavioral boundaries. It also supports statistical trials, meaning that teams can set policies such as “this action must be safe in at least 80 percent of runs,” to account for models’ probabilistic behavior. Plus, it allows red teams and incident responders to reproduce any AI security findings to ensure agents behave as intended - and that security mitigations work as they should. “It’s high time we stop talking about AI safety as a philosophy and start thinking about AI safety as an engineering discipline,” Ram Shankar Siva Kumar, Microsoft’s data cowboy and founder of its AI red team, told The Register. Microsoft has been using RAMPART internally, and while Kumar said he couldn’t provide specific details, he told us that a security researcher found an issue, and then the Redmond red team used RAMPART to test for the flaw across the agentic AI application. “RAMPART was able to take that one particular vector and find close to 100 different variants of that vector,” Kumar said. “And then we were able to use RAMPART to essentially go through this asset and see is this working, not just one time, not two times, but close to 300 times. We were also able to do in the context of multi-turn conversations.” The testing framework also allowed the developers to build mitigations into the product. “They were again able to use RAMPART to see if that remediation actually held water, not just against one vector, which the security researcher found, but multiple variations of those vectors,” Kumar explained. “This is empowering our incident responders and also our engineers.” The second AI tool that Microsoft open-sourced on Wednesday is an agent called Clarity, and it’s designed to serve as a “structured sounding board that helps teams figure out whether they are building the right thing before they write a single line of code,” according to a Wednesday blog that Kumar wrote about the two new tools. For example, say a developer wants to add real-time collaboration to a document editor. They tell Clarity this, and the agent responds with questions akin to what “experienced architects, product managers, and safety engineers would ask,” according to Microsoft. Clarity’s answers, as shown in a screenshot on GitHub: “Before we design that - what happens when two people edit the same paragraph at the same time? Do you need true real-time (cursors, presence), or is ‘no one loses work’ the actual requirement? Those lead to very different architectures.” The AI tool essentially aims to answer what problem the developer is trying to solve with an app, and what could possibly go wrong, and “talk” these issues out before the coding even begins. “It’s inherently collaborative,” Kumar said. “It helps the team take a step back, and say, ‘Hey, before we build this, are we going in the right direction? Because code is cheap. It takes a snap of a finger to generate a full system. Are we doing this in a way that makes sense?'” ®

Flagship tech projects such as the ID card scheme are at risk of failure unless the UK government changes its approach to legacy systems – which evidence shows is getting worse, a new think tank report claims. Re:State, a non-partisan policy unit focused on public service reform, says much of the government's ambitions for digital services and efficiency depend on "modern, interoperable systems." However, the problem of legacy systems is underestimated, it claims. "In Westminster the money doesn't get prioritized for tech, and so behind the scenes successive governments have neglected to fix many dangerously outdated systems, leaving a ticking time bomb for future generations to defuse," said Joe Hill, co-author of the report, director of Strategy at Re:State and former Treasury civil servant. Examples are not hard to find. They include problems migrating the Police National Database to the cloud, the scandalous data breach revealing the names of Afghan informants, and a creaking farm payments system. The problem lies in departmental control of legacy system remediation and the funding model for those projects. The Re:State report, From legacy to leadership [PDF], says that funding comes in two forms: crisis funding or maintenance funding. "Systems aren't transformed unless they fail in substantial ways. The result is that the gap between what systems can do and what services require widens each year. Departments fall behind with out-of-date technology stacks by relying on aging platforms that constrain service design, data use, and automation, which leaves them with ever more catch-up to play at a later date as operational urgency rises," it states. Much of the report relies on data from the State of Digital Government Review 2025, which found lost productivity from legacy IT cost 4-7 percent of annual public sector spending, holding back both productivity and public satisfaction. That review found the proportion of legacy systems in central government was around 28 percent. It ranged from 10 to 60 percent, depending on department, and had increased by 26 percent since 2023. Of those legacy systems, 22 percent were considered "red-rated," meaning they carried risks judged both highly likely and high impact. The proportion of red-rated systems had also increased. The scale of the problem and its embedded nature means that continuing with a department-led approach to tackling the legacy system problem won't work, the paper argues. Because there is little reward for prioritizing reduction in reliance on legacy systems, departmental leaders tend to focus on broader transformations, which come with more incentives and rewards. Budgeting is also a problem. Tech funding is awarded based on projects, rather than services, which makes underinvestment likely in two ways. "Firstly, because core operating costs of existing legacy technology have to constantly be reapproved as projects, making it easier to negotiate technology investment down in favour of other areas. And secondly, because it allows policymakers to plan additional investments in new technology like AI without thinking about investing in the underpinning services, which often have legacy IT components," the report adds. A new central government "Digital Modernization Taskforce" with a mandate to reduce systemic legacy risk and embed prevention, is one solution proposed. The report also proposes to tackle funding. "When central government investment is available for a particular kind of spending, such as legacy IT, interviewees for this paper felt that could disincentivise departments to make their own investments instead of 'waiting to see if [the Department for Science, Innovation and Technology] will fund the risk instead,'" the report states. "Instead, the Taskforce should adopt a 'match funding' model – using centrally allocated funding at the next Spending Review to match the amount that departments put into their own legacy IT transformation projects, in order to speed those up." The report has five other ideas for how the government can escape the deepening quagmire of legacy IT, including new approaches to procurement and supplier management. Welcome they might be, but with the government seemingly fixated on headline-grabbing announcements, only an optimist would expect to see them in action. ®

The UK government has upped the maximum value of a health service AI framework agreement by £600 million following a conversation with tech suppliers. The National Health Service's Shared Business Services (NHS SBS), a purchasing quango under the Department for Health and Social Care, recently launched a competition for places on a framework for NHS AI and robotics worth a maximum of £750 million excluding tax. Back in January 2025, the same procurement was priced at a maximum of £150 million, excluding tax, in an early market engagement with suppliers. An NHS SBS spokesperson said: “As with all our framework agreements, we conducted an extensive intelligence gathering exercise whilst bringing this framework to market. During this, both suppliers and customers indicated that a higher threshold was appropriate, and this has been approved by NHS England, the Cabinet Office and the Department for Science, Innovation and Technology.” The competition seeks to attract suppliers offering a broad sweep of AI and robotics systems. A framework deal offers suppliers an indicative amount of spend in return for pre-agreed prices. NHS SBS can charge a levy on all deals agreed under the framework. The recent procurement note says the procurement recognizes “the transformative potential of AI in addressing current and emerging healthcare challenges, from improving diagnostic accuracy and clinical decision-making to streamlining operational processes.” The shopping list for AI tech is split into eight lots. They include Radiology and Diagnostic Imaging, where the authority calls for “AI-powered radiology tools, medical imaging diagnostic platforms, and integrated imaging software solutions designed to support clinical decision-making and image-based diagnostics.” Standing out from the list is Virtual and Robotic Health, a lot which “covers innovative solutions that are transforming the healthcare landscape by enhancing clinical capabilities, improving patient care, and driving operational efficiency.” The tender also seeks AI tech for operational efficiency. It wants “platforms designed to enable data capture, analytics, and workflow automation to drive operational efficiencies within NHS and public sector environments.” At face value, these may seem like reasonable aspirations, but it’s also worth pointing out that they don't fully reflect what capabilities the NHS is looking for through this procurement or how success or failure would be measured. Meanwhile, £750 million is a lot of money, especially considering NHS resident doctors – an early-career specialist training role – are still seeking pay restoration after a decline in earnings of around 21 percent in real terms since 2008. UK government as a whole has pegged its hopes on AI to help extract it from an especially painful fiscal hole. The promise of tech investment in the NHS is just one strand of a thread through a cross-public sector approach which could save the public sector £45 billion, the government claimed. Experts later told MPs the figure was based on broad-brush guesswork. UK taxpayers might hope the latest NHS spending vehicle is built on a more sturdy design. ®

5225961 UK Parliament’s Education Committee is advocating for a statutory ban on social media for under-16s, saying “addictive” platforms are harming their development, behavior, and mental health, sometimes leading to “truly horrific consequences.” Committee chair Helen Hayes, MP for Dulwich and West Norwood, said: “From bullying and misogyny to abuse and sexual exploitation, children and young people growing up today face a deluge of serious harms whenever they log on to social media. “The same platforms that connect them to their friends, or introduce them to new hobbies, are putting their mental health and wellbeing at risk.” As well as a ban, the committee also wants to see the government take action on the “addictive design elements” social media platforms incorporate into their products for under-18s, such as “infinite scrolling” content feeds, algorithmic promotion of posts, and auto-playing videos. Committee members say these features specifically lead to increased time spent in front of screens, sleep disruption, reduced attention, and behavior problems. Hayes said social media platforms are failing to take responsibility for the developmental issues to which their platforms’ designs are contributing. “In the most extreme cases, inaction can have truly horrific consequences,” she said. “Yet social media companies have not taken full responsibility for the behaviour on their platforms. “Based on the evidence my committee has received, I simply do not believe that companies who profit from interactions with children can be relied upon to self-regulate. “In schools, mobile phone use can distract children, increase the risk of behavioural problems, and ultimately undermine their education.” The Education Committee said that although it is officially calling for a ban, this should only be a “starting point,” a precursor to a far more robust regulatory framework that applies to gaming, hybrid platforms, messaging services, and AI platforms, in addition to social media. It communicated its position on child social media use to the UK government on Thursday in an official response to the consultation on the matter, shared with The Register ahead of publication. The consultation opened in March and sought views from industry experts and the wider public on whether an under-16 social media ban in the UK, similar to the one introduced by Australia last year, would be sufficiently valuable. It continues to run alongside a series of six-week trials involving 300 families, looking at how different social media restrictions affect teens’ daily lives. In its response to the consultation, the Education Committee’s report says the issues affecting the country’s children are “severe and systemic,” deliberately implemented by the tech companies behind the platforms to maximise engagement, despite being linked to myriad harms. It further argued the government should tackle the matter urgently, treating it in the same way it would any other pressing public health issue. Regulations should ensure platforms are built with a safety-by-design philosophy, and provide tech companies with clear instructions on how to prioritize safety in their products – all backed by punishments for non-compliance, MPs said. “Ministers must take action before it is too late,” Hayes added. “In our submission to the government’s consultation, the committee calls on the government to restrict addictive features, impose strict duties on social media companies, and treat child safety as a public health issue. “Anything less leaves children, parents, and schools forced to compensate for the unsafe digital worlds enabled by social media firms.” Ban fever Various countries around the world have announced their intention to ban social media use for children, although only Australia and Greece have formally approved legislation. Countries including France and India are in the advanced stages of imposing similar statutory measures, and even more across the world have committed to the same, although they differ widely in their legislative progress. Brazil, for example, has introduced laws that require under-16s to link their social media accounts to a legal guardian. The same efforts have limited key risk factors, such as infinite scrolling, too. Greece’s ban is expected to take effect in mid-2026, leaving Australia the only country in the world – for now – with a blanket social media ban for under-16s. Australia’s ban took effect in December 2025, although research published this week found limited efficacy. Academics investigating the ban found most under-16s experienced no change in their ability to access social media, although one in four reported significant limitations. They also found that the ban has had a material impact on the way in which young people consume news. To some degree, most teens and pre-teens use social media to expose themselves to current events, and the ban has led to a drop in news access and civic engagement as a result. ®

PWNED Welcome once again to PWNED, the column where security flubs are held up to the harsh, piercing red light of the vulture signal. This week’s sad story concerns a municipality that failed to perform basic account housekeeping and paid for it dearly. Have a story about someone leaving a gaping hole in their network? Share it with us at pwned@sitpub.com. Anonymity is available upon request. Our tale of tech missteps comes courtesy of Nicole Beckwith, who serves as the senior director for security engineering and operations at Cribl, an AI platform for telemetry. She used to work as a consultant, and at one point was hired to investigate breaches in an American city’s network. A threat actor took a “leisurely tour” of the city’s online resources and had started messing around with conference room projectors and other relatively harmless endpoints. Then they realized that they could change settings with the water utility where they switched many controls off, potentially endangering the water supply. When Beckwith investigated, she found that all of the mischief was performed by an account that belonged to “Greg from Auditing.” There was just one problem. Greg hadn’t worked for the city for many years. Unfortunately, even though Greg was no longer around, his account was, and it retained extensive privileges, including domain admin rights, SCADA (Supervisory Control and Data Acquisition) operator access, and even the ability to perform help desk functions. It’s unclear if someone from auditing ever needed this level of access, but a former employee definitely did not. It wasn't Greg himself who hacked the network. But he had used his work email address to sign up for various online accounts, some of which may have been exposed in previous data leaks. She speculates the hackers saw an email address with a .gov in it and decided to try their luck with the leaked password that went along with it, and that Greg likely used the same password for work that he did for these outside services. We have a few takeaways here. First, the people who ran IT security for the city should have both deleted Greg’s account when he left and done periodic audits to see who had access and whether they should still have it. Second, Greg should have kept his work credentials separate from third-party services like shopping and social media sites. And he should not have used the same password in multiple places. “The lesson, beyond the obvious 'please, for the love of all that is holy, audit your dormant accounts,' is that every forgotten user is an easy ticket to being on the 5 o’clock news,” Beckwith told The Register. “Quarterly access reviews should be mandatory because everyone seems to think when a user leaves, that is the end of it and someone surely terminated access, deprovisioned accounts, removed access to tools, mobile communications, email and other business critical systems, but sadly I’ve responded to way too many incidents like this one because of this simple control which is often overlooked." ®

The Open Compute Project plans to deliver more guidance to local governments on how excess heat from datacenters can benefit their communities. The project develops open-source and energy-efficient hardware for datacenter operators. Meta, Microsoft, and Google are all top-tier Platinum members, and are also all building datacenters as fast as they can, to house AI infrastructure. Those builds have become controversial. Residents in communities flagged as sites for new bit barns have protested the quantity of water and energy they will consume, their potential to drive up prices for both, and the noise they emit. Some may be aware that datacenters create urban heat islands. Protests about new datacenters have aleady turned violent. Governments have sometimes acknowledged concerns by implementing a moratorium on big builds, but on other occasions have indicated they might fast-track developments and brush aside red tape. Into that febrile environment strode David Gardiner, Otto Van Geet, Jaime Comella, and Bharath Ramakrishnan, all of whom have participated in the OCP’s heat reuse group, with a Wednesday post extolling the virtues of datacenters when local governments are smart enough to tap excess heat that bit barns produce. “Reusing datacenter waste heat presents a significant opportunity to provide carbon-free heating across a wide array of sectors, delivering substantial environmental, economic, and social benefits,” the post states. They’re right. El Reg has reported on heat reuse helping to heat homes and grow vegetables. A swimming pool used during the Paris Olympics relied on heat from a nearby Equinix datacenter to keep its waters warm. The OCP post laments the fact that local governments lack awareness about how they can tap excess datacenter heat. The authors also point to “a lack of connections between datacenters and nearby heat users [and] supranational, national, and sub-national policy to incentivize these projects,” and suggest that smart local governments will make heat reuse a requirement before greenlighting datacenter builds. The post also, however, admits cost justification of datacenter heat reuse projects can be a challenge. The heat reuse group’s Wiki includes form letters and other material it hopes activists will send to regulators to encourage them to consider use of heat recovery systems. Providing that sort of material is a very common lobbying tactic. That OCP feels a need to highlight the availability of the resources at a time its members face opposition to their datacenter building plans is therefore more remarkable than the advice itself. ®

SpaceX has filed paperwork for its long-awaited initial public offering and made the argument that its unique combination of activities and “focus on extreme vertical integration” make it worthy of investors’ cash despite hefty losses. The company’s filing offers the usual Muskian tropes about the company’s purpose being to ensure human consciousness can reach the stars, a voyage that’s only possible with cheap reusable rockets, powerful AI operating in space where energy is abundant, and efficient manufacturing at astronomical scale. Only SpaceX, the document argues, can do it all. The company says it became the world’s premier launch outfit by operating vertically integrated design and in-house manufacturing that means it can crank out the parts needed to build and improve its rockets faster than anyone else – and without being dependent on slow-moving supply chains. That manufacturing capability means it can also build satellites faster than anyone else, as it has demonstrated when creating its Starlink space broadband network. In the datacenter, SpaceX's strategies let it create high-density rack-scale systems and associated technologies that allow it to build and deploy infrastructure faster than anyone else. The company will combine and re-use its satellite and compute infrastructure smarts to build orbiting datacenters that use Starlink to communicate with Earth. “Our high-throughput manufacturing capabilities – combined with our launch capabilities – enable us to produce and deploy thousands of satellites per year, an uneconomic proposition for those lacking an ability to deliver substantial mass into space,” the filing argues. “This capability accelerates our deployment timelines and allows us to commercialize entire constellations with capital efficiency that we believe is difficult to replicate.“ We have the benefit of being founded and led by Elon Musk, one of the great visionaries of our generation The company will keep its operations efficient using AI it also builds and runs, fuelled by data gathered from social network X. “With approximately 350 million daily posts, X enables freshness, relevance, and contextual awareness for Grok that we believe is a competitive differentiator,” the filing states. SpaceX isn’t done combining its businesses. “We intend to further extend our vertical integration to chip design and manufacturing to alleviate potential future chip shortages at SpaceX, optimize compute performance, and potentially reduce overall compute costs,” the filing states. The filing describes SpaceX as using “Business Models that Are Incredibly Difficult to Replicate.” Those business models are also struggling to produce a profit as the filing reveals SpaceX’s most recent full-year revenue (FY 2025) was $18.674 billion, which produced a $4.9 billion loss. The first quarter of FY 2026 saw the company lose $4.3 billion on $4.7 billion of revenue. As with all such documents, SpaceX’s IPO filing spells out risks the company faces – including many admissions its ideas may not work or take longer to realize than hoped. The company has proven that many times after Elon Musk promised exciting new products and technologies are imminent, then delivered them years later than his initial deadline. But the overall tone of the filing is extreme optimism as SpaceX claims it has a total addressable market (TAM) of $28.5 trillion – not far short of the USA’s gross national product. The filing breaks down that TAM into “$370 billion in Space from space-enabled solutions; $1.6 trillion in Connectivity across $870 billion in Starlink Broadband and $740 billion in Starlink Mobile as well as additional opportunities in enterprise and government; $26.5 trillion in AI across $2.4 trillion in AI infrastructure, $760 billion in consumer subscriptions, $600 billion in digital advertising, and $22.7 trillion in enterprise applications.” That last figure is vastly larger than the entire IT business today. The filing also states “We have the benefit of being founded and led by Elon Musk, one of the great visionaries of our generation,” and reveals that after the IPO he will serve as “Chief Executive Officer, Chief Technical Officer, and Chairman of our board and control the election of our directors.” The shareholding structure proposed by the IPO “concentrates voting control with Mr. Musk and other holders of our Class B common stock. This will limit or preclude your ability to influence corporate matters and the election of our directors.” That leaves would-be investors betting on Musk, and SpaceX getting an awful lot right. But the filing gives plenty of reasons to believe the company can fly, by citing its many past successes and firsts. However, it filing appeared just a few hours before X admitted it has not explained to Australian regulators how it stops publication of child sexual exploitation material on the platform, earning it a AUD$650,000 fine ($462,000). Perhaps a bit more integration from the ethics and legal teams are needed before IPO liftoff? ®

Already the planet's largest supplier of GPUs, Nvidia now intends to conquer the CPU market. “We have visibility to nearly $20 billion in total CPU revenue this year, setting us up to become the world’s leading CPU supplier,” Nvidia CFO Colette Kress said during the company’s Q1 2027 earnings call on Wednesday. Nvidia is no stranger to CPUs having announced its first Arm datacenter chip, codenamed Grace, back in 2021. However until recently the company integrated most of these parts into GPU systems that users almost always deployed in AI datacenters and supercomputers. That changed in February when Nvidia revealed Meta was among the first hyperscalers now deploying standalone Grace CPU Superchips in its datacenters to power a variety of workloads including the Social Network’s AI agents. At its GTC conference in March, Nvidia officially expanded its CPU line up to include a standalone Vera CPU system. Each chip features 88 custom Olympus Arm cores with support for simultaneous multi-threading (SMT) — that’s Hyperthreading in Intel speak — along with confidential computing capabilities. Nvidia can equi[ each chip with up to 1.5 TB of LPDDR5x SOCAMM memory, which offers higher memory bandwidth at up to 1.2 TB/s and uses little power (which is why it's often used in laptops). “Vera will deliver up to 1.5x faster performance per core, 2x performance per watt, and 4x density per rack compared to x86-based alternatives,” Kress claimed. Nvidia’s reference designs pack up to two Vera CPUs onto a single board and via high-speed NVLink interconnects. Nvidia’s Vera is also paired in a 2:1 ratio of Rubin GPUs to CPUs in its most powerful rack-scale AI compute platforms. Since the chip was detailed this spring, Kress claims nearly every major hyperscaler and system builder plans to deploy the chips. This week, several top AI labs and hyperscalers, including Anthropic, OpenAI, Oracle, and SpaceX took delivery of Nvidia’s first Vera-based systems. “Vera CPU opens a brand new $200 billion TAM for Nvidia, a market we have never addressed before,” she said. While Nvidia is expanding its addressable market to include standalone CPUs, it should be noted that much like the company’s Ethernet networking products, they’re designed primarily with AI and HPC applications in mind. The chips can’t replace x86 processors in every application, yet. Kress’ comments come as Nvidia caps off a strong end to the first quarter of its 2027 fiscal year. The GPU giant raked in $58.3 billion in profits on $81.6 billion in revenue for the quarter, the latter of which grew 85 percent YoY and 20 percent from the prior quarter. Kress attributed the sequential jump to an “inflection in inference demand.” The quarter saw Nvidia change how it breaks out revenues. The company’s business units have now been organized into a datacenter group which includes cloud, hyperscale, neocloud and enterprise sales, plus an edge group, which serves as a catchall for gaming, robotics, automotive, and vRAN products. Datacenter revenues accounted for the vast majority of revenues, at $75.2 billion. Of that $38 billion came from hyperscaler and public cloud customers, while neocloud, industrial, and enterprise customers paid the remaining $37 billion. Edge sales accounted for a mere $6.4 billion, with the company citing demand for Blackwell-based workstation gear as a key driver. Looking ahead to Q2, Nvidia forecast revenue will hit $91 billion plus or minus two percent. That prediction assumed no datacenter sales in China. Nvidia has been trying for months to reignite its GPU business in the Middle Kingdom since Uncle Sam gave the company the green light to sell its aging H200 processors to Chinese customers for the first time ever back in December. Despite receiving approval from the Trump administration and receiving billions of dollars worth of orders, shipments remain stuck in Beijing’s red tape. ®

AMD’s answer to Nvidia’s DGX Spark AI workstations, codenamed the Ryzen AI Halo, will be available for pre-order later next month for anyone with $3,999 burning a hole in their pocket. That might sound like a lot for an AI mini PC, but don’t worry. Compared to cloud APIs, it practically pays for itself. Or, well, that’s AMD’s sales pitch. The House of Zen argues that if you spend eight hours a day vibe coding, the system could save you $750 a month. Whether this helps you justify paying for hardware that less than a year ago could be found for between $2,200 and $2,999 or not, it’s (probably) not AMD being greedy here; the RAMpocalypse has been hard on everyone. Much like the DGX Spark, which now retails for $4,699, up from $3,999 when we reviewed it last fall, AMD’s rendition aims to provide a curated developer environment for running local models and agentic AI frameworks. This is really the core value proposition behind both of these devices. They aren’t the most powerful or the fastest AI systems, but they’re able to run models that a few years ago would have cost $20K or more. A little box of TOPS The diminutive system measures in at 5.9 x 5.9 x 1.7 inches (150 x 150 x 43 mm) and is powered by a 120 watt Ryzen AI Max+ 395 APU, better known by its codename Strix Halo. The chip is backed by 128 GB of LPDDR5x 8000 MT/s memory, which feeds both its 16 Zen 5 cores and 40 RDNA 3.5 GPU compute units, providing up to 256 GB/s of bandwidth, more than a Ryzen 9000 Threadripper (non-Pro) system. For local AI enthusiasts, that’s enough to run models up to 200 billion parameters in size at 4-bit precision — just like the more expensive Spark. The bulk of the Ryzen AI Halo’s compute comes from its integrated graphics, which are capable of delivering roughly 56 teraFLOPS at 16-bit precision. While impressive for onboard graphics, that’s still between 55 and 88 percent slower than what the DGX Spark advertises. Unlike the Spark’s Blackwell-based GB10 APU, Strix Halo doesn’t support FP8 or FP4 data types in hardware. At BF16, the Spark delivers 125, at FP8 250, and FP4 500 teraFLOPS. Double those figures if you happen to find a workload that can leverage Nvidia’s 4:2 sparsity. That performance discrepancy won’t necessarily be obvious in every workload. In fact, in LLM inference, AMD claims the AI Halo generates tokens 4-14 percent faster than the Spark. The lower end of that roughly matches what we saw when we pitted the Spark against a similarly equipped HP Z2 Mini G1a back in December. The G1a packs the same silicon as AI Halo, and in Llama.cpp with the Vulkan backend, eked out a small but meaningful lead over the Spark in tokens per second generated. However, the speed any GPU can generate tokens at is largely dictated by effective memory bandwidth, not floating point performance. GPU compute has a much bigger impact on things like prompt processing time. In our testing, the Spark’s more capable tensor cores gave it a 2x to 3x lead in prompt processing. For shorter prompts, this isn’t all that noticeable, usually the difference between waiting 100 ms versus 200 ms or 300 ms, but for longer prompts, it did become more pronounced. We saw the Spark take similar leads in our image generation and fine tuning benchmarks, but it’s worth noting that AMD’s software stack has matured greatly since our initial review and the performance gap has likely closed somewhat since then. AMD’s AI Halo does have two things going for it that can’t be said of the Spark. Alongside the GPU is an XDNA 2-based neural processing unit (NPU) that AMD rates for 50 TOPS. What good that’ll do you depends heavily on the application in question. Many content creation apps have now been updated to take advantage of it, but the number of generative AI inference engines that could properly harness it was quite limited the last time we looked. The second thing AMD’s Ryzen AI Halo has going for it is that it’s a standard x86 box at its heart, and you can run Windows or your preferred flavor of Linux on it if that’s more your style. On the Spark, you’re stuck with a lightly customized version of Ubuntu 24.04. Beyond that, you’re coloring outside the lines. Particularly for developers building for Microsoft’s NPU-accelerated AI PC ecosystem, this is an obvious advantage. In terms of networking, AMD’s Spark-clone falls a bit flat. One of the hallmark features of Nvidia’s AI workstation is a 200 Gbps ConnectX-7 NIC, which allows for clustering of up to two and eventually four systems. AMD’s AI Halo has a single 10 Gbps NIC, which should help with downloading large model files in a timely manner. In theory, the system should be able to achieve high-speed networking over USB-4, but it’s not clear whether this is actually a supported use case. That said, Apple has already demonstrated just this using RDMA over Thunderbolt, so it should work so long as AMD has a playbook for configuring RDMA on its systems. AMD’s own AI lab As we mentioned earlier, much of the Ryzen AI Halo’s value proposition comes from being validated hardware with well documented playbooks for common use cases and known good software. Finding the right combination of device drivers, ROCm, HIP, SYCL, CUDA, PyTorch, TensorFlow, and JAX has long plagued the AI/ML devs, regardless of which ecosystem you opt for. Having validated environments for workloads, whether it be vLLM, Llama.cpp, Ollama, ComfyUI, or something else ensures users spend more time doing something productive than debugging mismatched dependencies. At launch, AMD says the Ryzen AI Halo will ship with five preinstalled playbooks, with another 10 available online and additional playbooks to be added monthly. Additionally, customers will gain access to AMD’s developer program, cloud credits, and exclusive playbooks. More memory on the way The 128 GB Ryzen AI Halo will be available for pre-order next month starting at $3,999, but if that isn’t enough for you, AMD is already prepping a higher capacity version of the system with 192 GB of memory on board. That system will feature a refreshed Ryzen APU in the AI Max+ 495, which just like the rest of AMD’s 400-series lineup gets a modest clock bump to the CPU, GPU, and NPU, and not a whole lot else. Still, 192 GB of unified memory opens the door to even larger, more capable models, if you can stomach the presumably higher asking price. ®

Intuit has cut its full time workforce by 17 percent and is considering closing offices in some markets “to become “faster, leaner, and more focused,” company CEO Sasan Goodarzi told investors during a Wednesday earnings call. “This was not about AI,” Goodarzi said, before explaining that over the last year company management has studied the question "beyond the tools that we are putting in place across the company, what is actually the biggest blocker and what is getting in our way?" One of the answers was that Intuit had too many layers of management. Goodarzi said doing so will "reduce the complexity of information flow of ... so we can push decision making to our frontline folks that are the builders.” The CEO said Intuit also decided to cut in what he described as “coordination-heavy” roles such as project managers and business operations jobs that have become less necessary due to the speed at which the remaining teams can build products. He said Intuit also merged TurboTax and Credit Karma as a business unit so some of the cuts resulted from overlaps within that group. The move to fire over 3,000 employees comes as the company said it spent $3.4 billion in stock repurchases during the previous nine months ended April 30. Intuit’s board of directors also mandated the company lean in to share buybacks as it authorized an additional $8 billion to be spent on Intuit stock at the discretion of management and the board. The job cuts are expected to cost the company about $340 million in restructuring charges, with much of that coming in the form of severance payments, according to SEC filings Intuit published Wednesday afternoon. “A big chunk of this, you can count on it to go to margin expansion and EPS growth, and a smaller part is going to be scaling the growth engines because we feel good that the growth engines are funded quite well, just because of the productivity we see internally,” Goodarzi told investors. Several victims of the cuts posted their story to LinkedIn and many of them were, as Goodarzi said, in product, or project management positions. “I would like to thank all my teammates, both past and present, who have made the job such a fulfilling experience. I’d like to thank each and every one of the managers who have helped guide me along my path from entry-level technical support to Staff Engineer,” wrote one employee who said he had been with the company for 13 years. The cuts also included a senior sales and productivity analyst who has been with Intuit for 25 years, a software engineer with nine years at the company, and an engineering team leader with two years in that role, according to LinkedIn posts. In addition to reducing the number of managers, Goodarzi the cuts would also serve to “rightsize” staffing for Intuit’s email marketing product, Mailchimp. One customer experience leader in that organization wrote on LinkedIn that after more than eight years it was hard to believe he would no longer work for Mailchimp. “Mailchimp... it's ridiculous to get emotional over a piece of software, but if folks understood what this company meant to the city of Atlanta. It was our brand right alongside Coca-Cola, Delta, and The Home Depot ... it was OUR tech company,” he wrote. “It was also a company willing to take a risk on folks … I'm still processing that Mailchimp and Intuit will no longer be my home. Keep an eye out for me if you don't mind.” Goodarzi said the cuts were not in response to any underperformance, but were deliberate actions to scale its “growth engine and strengthen its core.” “We are at an important inflection point,” he said. “To fully capitalize on this opportunity, we must operate with greater velocity, urgency, and discipline. These deliberate actions are about scaling our growth engine and strengthening our core. We’re sharpening our cost structure to deliver durable long-term growth and margin expansion.” ®