news aggregator

The open-source libraries were created by Salesforce, Nvidia, and Apple with a Swiss group

Vulnerabilities in popular AI and ML Python libraries used in Hugging Face models with tens of millions of downloads allow remote attackers to hide malicious code in metadata. The code then executes automatically when a file containing the poisoned metadata is loaded.…

Just be careful not to entrust the AI model with your sensitive data

Anthropic on Monday announced the research preview of Claude Cowork, a tool for automating office work that comes with the now familiar recitation of machine learning risks.…

Step 1: Ask for deposit. Step 2: ??? Step 3: Build Moon hotel empire

Everest has been turned into a run-of-the-mill tourist attraction. Space tourism is over now that any celebrity can blast off into orbit. Next up: a hotel on the Moon, now taking reservations for only about six years from now, if you're willing to make a small deposit.…

Electric vehicles are more likely to be fixed at the roadside than petrol or diesel cars despite public fears to the contrary, according to new breakdown data from the AA. From a report: New research from Autotrader and the AA, carried out in December among more than 2,000 consumers, found 44% of respondents are concerned about the risk of breakdowns or roadside repairs when considering switching to an EV. Concern was highest among drivers aged 75 and over, with 56% saying they were worried. The North East recorded the highest level of concern at 52%, while women were slightly more likely to express reservations than men - 46% versus 41%. Even so, AA call-out data indicates EVs are more likely to be successfully repaired at the roadside than a 12-volt battery in a petrol or diesel car. Separately, industry data continues to indicate growing readiness to service electric cars. A recent Society of Motor Manufacturers and Traders (SMMT) survey of aftermarket businesses found 81.2% of UK workshops are already equipped to work on EVs, according to the campaign partners.

Read more of this story at Slashdot.

Analyst Ben Thompson, sharing the experience of watching an NBA game on the Vision Pro: When I started the broadcast [on Apple Vision Pro's immersive view of the Bucks vs. Lakers NBA game] I had, surprise surprise, a studio show, specially tailored for the Apple Vision Pro. In other words, there was a dedicated camera, a dedicated presenter, a dedicated graphics team, etc. There was even a dedicated announcing team! This all sounds expensive and special, and I think it was a total waste. Here's the thing that you don't seem to get, Apple: the entire reason why the Vision Pro is compelling is because it is not a 2D screen in my living room; it's an immersive experience I wear on my head. That means that all of the lessons of TV sports production are immaterial. In fact, it's worse than that: insisting on all of the trappings of a traditional sports broadcast has two big problems: first, because it is costly, it means that less content is available than might be otherwise. And second, it makes the experience significantly worse. [...] I have, as I noted, had the good fortune of sitting courtside at an NBA game, and this very much captured the experience. The biggest sensation you get by being close to the players is just how tall and fast and powerful they are, and you got that sensation with the Vision Pro; it was amazing. The problem, however, is that you would be sitting there watching Giannis or LeBron or Luka glide down the court, and suddenly you would be ripped out of the experience because the entirely unnecessary producer decided you should be looking through one of these baseline cameras under the hoop [...]

Read more of this story at Slashdot.

Great news for AMD and Nvidia, less so for cash-strapped consumers

Memory makers just can't churn out their DRAM fast enough. On the heels of an AI-driven shortage, SK Hynix on Tuesday announced a new 19 trillion Korean won (about $13 billion) advanced packaging and test facility in South Korea that could offer some relief - just not for consumer products like laptops and phones.…

Mercedes-Benz is pausing the roll-out of Drive Pilot, an "eyes off" conditionally automated driving feature that was available in Europe and the US. From a report: As first reported by German publication Handelsblatt, the revised S-Class will not have the Level 3 system when it arrives at the end of this month. Mercedes was one of the first automakers to offer a Level 3 driving system to its customers when it launched Drive Pilot with the electric EQS sedan and the gas-powered S-Class in the fall of 2023. At up to 40mph in traffic jam situations on highways, Drive Pilot provided hands-free, eyes-off driving that allows the driver to look away from the road at something else, like a game or a movie. It was big leap up from hands-free Level 2 systems -- Tesla's Autopilot and Full Self-Driving (FSD) included -- which still require the driver to be in full control, looking ahead and paying attention while the system is active. But now Mercedes says it is temporarily scrapping the feature, citing middling demand and the high production costs of developing the technology.

Read more of this story at Slashdot.

The Federal Communications Commission is letting Verizon lock phones to its network for longer periods, eliminating a requirement to unlock handsets 60 days after they are activated on its network. From a report: The change will make it harder for people to switch from Verizon to other carriers. The FCC today granted Verizon's petition for a waiver of the 60-day unlocking requirement. While the waiver is in effect, Verizon only has to comply with the CTIA trade group's voluntary unlocking policy. The CTIA policy calls for unlocking prepaid mobile devices one year after activation, while devices on postpaid plans can be unlocked after a contract, device financing plan, or early termination fee is paid. Unlocking a phone allows it to be used on another carrier's network. While Verizon was previously required to unlock phones automatically after 60 days, the CTIA code says carriers only have to unlock phones "upon request" from consumers. The FCC said the Verizon waiver will remain in effect until the agency "decides on an appropriate industry-wide approach for the unlocking of handsets."

Read more of this story at Slashdot.

America's largest power-grid operator, PJM, which delivers electricity to 67 million people across a 13-state region from New Jersey to Kentucky, is approaching a supply crisis as AI data centers in Northern Virginia's "Data Center Alley" consume electricity at an unprecedented rate. The nonprofit expects demand to grow by 4.8% annually over the next decade. Mark Christie, former chairman of the Federal Energy Regulatory Commission, said the reliability risk that was once "on the horizon" is now "across the street." Dominion Energy, the utility serving parts of Virginia, has received requests from data-center developers requiring more than 40 gigawatts of electricity -- roughly twice its Virginia network capacity at the end of 2024. Older power plants are going out of service faster than new ones can be built, and the grid could max out during periods of high demand, forcing rolling blackouts during heat waves or deep freezes. In November, efforts to establish new rules for data centers stalled when PJM, tech companies, power suppliers and utilities couldn't agree on a plan. Monitoring Analytics, the firm that oversees the market, warned that unless data centers bring their own power supply, "PJM will be in the position of allocating blackouts rather than ensuring reliability."

Read more of this story at Slashdot.

US House backs bill to regulate remote access to export-controlled chips

Chinese companies may be unable to import the best US GPUs, but they have found a workaround: renting access to that hardware via cloud services. Now, the US House of Representatives is moving to bring that loophole under the export-control law.…

Python Software Foundation: We are thrilled to announce that Anthropic has entered into a two-year partnership with the Python Software Foundation (PSF) to contribute a landmark total of $1.5 million to support the foundation's work, with an emphasis on Python ecosystem security. This investment will enable the PSF to make crucial security advances to CPython and the Python Package Index (PyPI) benefiting all users, and it will also sustain the foundation's core work supporting the Python language, ecosystem, and global community. Anthropic's funds will enable the PSF to make progress on our security roadmap, including work designed to protect millions of PyPI users from attempted supply-chain attacks. Planned projects include creating new tools for automated proactive review of all packages uploaded to PyPI, improving on the current process of reactive-only review. We intend to create a new dataset of known malware that will allow us to design these novel tools, relying on capability analysis. One of the advantages of this project is that we expect the outputs we develop to be transferable to all open source package repositories. As a result, this work has the potential to ultimately improve security across multiple open source ecosystems, starting with the Python ecosystem.

Read more of this story at Slashdot.

Forrester models slow, structural shift rather than sudden employment collapse

AI-pocalypse AI and automation could wipe out 6.1 percent of jobs in the US by 2030 – equating to 10.4 million fewer positions that are held by humans today.…

Big Tech warned expansion must come without higher household bills as Microsoft signals support

President Trump says tech giants must pay their way when it comes to delivering increased power needed for datacenters, rather than the burden falling on US citizens, and it seems Microsoft is on board with that.…

Scott Adams, who kept cubicle denizens laughing for more than three decades with Dilbert, the bitingly funny comic strip that poked fun at the absurdity of corporate life, died Tuesday. He was 68. From a report: His death was tearfully revealed by his first ex-wife, Shelly Miles, at the start of Real Coffee With Scott Adams. In May, he said on the podcast that he had been diagnosed with prostate cancer, which had spread to his bones. "I expect to be checking out from this domain this summer," he said. In a statement he wrote that was read by Miles over six minutes, he said, "Things did not go well for me ... my body fell before my brain." Sprung from Adams' days as a Pacific Bell applications engineer in San Ramon, California, Dilbert debuted in 1989 and at the height of its popularity appeared in more than 2,000 newspapers across 65 countries and in 25 languages with an estimated worldwide readership of more than 150 million. Though it had the appropriate level of cartoon exaggeration, the strip keenly captured office life and struck a nerve with the white-collar class.

Read more of this story at Slashdot.

JPMorgan Chase's chief financial officer Jeremy Barnum pushed back hard on Tuesday against President Donald Trump's proposed 10% cap on credit card interest rates, calling the measure "very bad for consumers" and "very bad for the economy" during a call with reporters. The proposed one-year cap, which Trump has said he wants implemented starting January 20, sent banking stocks tumbling last week and prompted financial groups to mount a defense. Barnum said JPMorgan would have to "change the business significantly and cut back" if the cap takes effect, adding that he believes the policy would produce "the exact opposite consequence to what the administration wants." Wall Street analysts remain skeptical the proposal will survive, noting that only Congress can enact such a measure. The average credit card interest rate in November stood at 20.97%, according to Federal Reserve data. Financial industry groups have countered that a 10% cap would result in millions of American households and small businesses losing access to credit entirely. A banking industry body called the potential impact "devastating."

Read more of this story at Slashdot.

Moxie Marlinspike, the engineer who created Signal Messenger and set a new standard for private communications, is now trialing Confer, an open source AI assistant designed to make user data unreadable to platform operators, hackers, and law enforcement alike. Confer relies on two core technologies: passkeys that generate a 32-byte encryption keypair stored only on user devices, and trusted execution environments on servers that prevent even administrators from accessing data. The code is open source and cryptographically verifiable through remote attestation and transparency logs. Marlinspike likens current AI interactions to confessing into a "data lake." A court order last May required OpenAI to preserve all ChatGPT user logs including deleted chats, and CEO Sam Altman has acknowledged that even psychotherapy sessions on the platform may not stay private.

Read more of this story at Slashdot.

The Emperor Penguin tries it… just for fun

Perhaps the most famous low-level systems programmer has tried "vibe coding" for himself – and he seems to be enjoying it.…

Meta has begun laying off more than 1,000 employees from its Reality Labs division as the company redirects resources away from virtual reality and metaverse products toward AI wearables and smartphone features. The cuts amount to roughly 10% of Reality Labs' 15,000-person workforce, according to an internal post from CTO Andrew Bosworth reviewed by Bloomberg. Reality Labs has lost more than $70 billion since the start of 2021, and top executives discussed budget cuts as deep as 30% for the metaverse group in December. Meta plans to continue developing its Horizon metaverse platform, but the focus will shift almost exclusively to mobile phones rather than the fully immersive VR headsets the company originally envisioned.

Read more of this story at Slashdot.

33-year-old was under surveillance for some time before returning home from the UAE

Dutch police believe they have arrested a man behind the AVCheck online platform - a service used by cybercrims that Operation Endgame shuttered in May.…

Microsoft announced Tuesday what it calls a "community first" initiative for its AI data centers, pledging to pay full electricity costs and reject local property tax breaks following months of growing opposition from residents facing higher power bills. The announcement in Washington, D.C. marks a clear departure from past practices; Microsoft has previously accepted tax abatements for data centers in Ohio and Iowa. Brad Smith, Microsoft's president, said the company has been developing the initiative since September. Residential power prices in data center hubs like Virginia, Illinois, and Ohio jumped 12-16% over the past year, faster than the U.S. average. Three Democratic senators launched an investigation last month into whether tech giants are raising residential bills. Microsoft also pledged a 40% improvement in water efficiency by 2030 and committed to replenishing more water than it uses in each district where it operates.

Read more of this story at Slashdot.