Linux fréttir

Project rated at 'Red' risk as it struggles to move off obsolete Oracle tech and cloud transition stalls

The risk rating of the UK's crime intelligence database is being elevated to "Red" by the governments projects' watchdog as the DB struggles to migrate from a legacy Oracle platform.…

Lloyds Data and AI lead doesn't want devs downloading models from the likes of Hugging Face – too risky

Lloyds Banking Group is leaning into 21st century tech - yet trying to do so in a way that the data of its 28 million customers is kept away from untested AI models developers might be tempted to deploy.…

Reddit's content became AI training data last year when Google signed a $60 million-per-year licensing agreement. But now Reddit is "in early talks" about a new deal seeking "deeper integration with Google's AI products," reports Bloomberg (citing executives familiar with the discussions). And Reddit also wants "a deal structure that could allow for dynamic pricing, where the social platform can be paid more" — with both Google and OpenAI — to "adequately reflect how valuable their data has been to these platforms..." Such licensing agreements are becoming more common as AI companies seek legal ways to train their models. OpenAI has also struck a series of partnership agreements with major media publishers such as Axel Springer SE, Time and Conde Nast to use their content in ChatGPT... Reddit remains among the most cited sources across AI platforms, according to analytics company Profound AI. However, Reddit executives have noticed that traffic coming from Google has limited value, as users seeking answers to a specific question often don't convert into becoming active Redditors, the people said. Now, Reddit is engaging with product teams at Google in hopes of finding ways to send more of its users deeper into its ecosystem of community forums, according to the executives. In return, Reddit is looking for ways to provide more high-quality data to its AI partners. Discussions between Reddit and Google have been productive, the people said. "We're midflight in our data licensing deals and still learning, but what we have seen is that Reddit data is highly cited and valued," Reddit Chief Operating Officer Jen Wong said on July 31 during a call with investors. "We'll continue to evaluate as we go."

Read more of this story at Slashdot.

Revenge on managers who slow things down is a drink best served with floating fungus

Who, Me? The world of work can sometimes drive IT pros to drink, leaving them more likely to make the sort of mistakes that The Register celebrates each week in Who, Me? It’s our reader-contributed column in which you share stories of making a mess at work, and cleaning up afterwards to the best of your ability.…

The Register looks forward to learning more about a possible Dell hyperscale sovereign social SaaS platform

Dell CEO Michael Dell is part of the consortium that intends to acquire TikTok’s US operations, according to US president Donald Trump.…

‘Cyber-attack’ on ticketing outfit Collins and cable cuts at Dallas ground hundreds of flights

Technology problems hit the commercial aviation industry hard over the weekend, leading to hundreds of cancelled flights and myriad delays on both sides of the Atlantic.…

"New research suggests ash and soot from burning wildlands has caused more than 41,000 excess deaths annually from 2011 to 2020," reports the Los Angeles Times: By 2050, as global warming makes large swaths of North America hotter and drier, the annual death toll from smoke could reach between 68,000 and 71,000, without stronger preventive and public health measures... In the span studied, millions of people were exposed to unhealthful levels of air pollution. When inhaled, this microscopic pollution not only aggravates people's lungs, it also enters the bloodstream, provoking inflammation that can induce heart attacks and stroke. For years, researchers have struggled to quantify the danger the smoke poses. In the paper published in Nature, they report it's far greater than public health officials may have recognized. Yet most climate assessments "don't often include wildfire smoke as a part of the climate-related damages. And it turns out, by our calculation, this is one of the most important climate impacts in the U.S." The study also estimates a higher number of deaths than previous work in part because it projected mortality up to three years after a person has been exposed to wildfire smoke. It also illustrates the dangers of smoke drifting from fire-prone regions into wetter parts of the country, a recent phenomenon that has garnered more attention with large Canadian wildfires contributing to hazy skies in the Midwest and East Coast in the last several years. "Everybody is impacted across the U.S.," said Minghoa Qiu [lead author and assistant professor at Stony Brook University]. "Certainly the Western U.S. is more impacted. But the Eastern U.S. is by no means isolated from this problem."

Read more of this story at Slashdot.

PLUS: India ponders tax breaks for datacenters; Samsung plans hiring spree; Taliban bans fiber internet; and more

Asia In Brief Huawei last week revealed that China’s Zhejiang University used its Ascend 1000 accelerators to create a version of DeepSeek’s R1 model that improves on the original by producing fewer responses that China’s government would rather avoid.…

Many Apple Watches will soon be able to alert users about possible high blood pressure, reports Reuters — culminating six years of research and development: Apple used AI to sort through the data from 100,000 people enrolled in a heart and movement study it originally launched in 2019 to see whether it could find features in the signal data from the watch's main heart-related sensor that it could then match up with traditional blood pressure measurements, said Sumbul Ahmad Desai [Apple's vice president of health]. After multiple layers of machine learning, Apple came up with an algorithm that it then validated with a specific study of 2,000 participants. Apple's privacy measures mean that "one of the ironies here is we don't get a lot of data" outside of the context of large-scale studies, Desai said. But data from those studies "gives us a sense of, scientifically, what are some other signals that are worth pulling the thread on ... those studies are incredibly powerful." The feature, which received approval from the U.S. Food and Drug Administration, does not measure blood pressure directly, but notifies users that they may have high blood pressure and encourages them to use a cuff to measure it and talk to a doctor. Apple plans to roll out the feature to more than 150 countries, which Ami Bhatt, chief innovation officer of the American College of Cardiology, said could help people discover high blood pressure early and reduce related conditions such as heart attacks, strokes and kidney disease. Bhatt, who said her views are her own and do not represent those of the college, said Apple appears to have been careful to avoid false positives that might alarm users. But she said the iPhone maker should emphasize that the new feature is no substitute for traditional measurements and professional diagnosis. The article notes that the feature will be available in Apple Watch Series 11 models that go on sale on Friday, as well as models back to the Apple Watch Series 9.

Read more of this story at Slashdot.

PLUS: Luxury brands under fire; FBI warns crims are spoofing it again; ICE buys phone cracking software

Infosec in brief Online criminals prefer to deal in digital assets, but a side effect of a ransomware attack has seen a French museum robbed of $705,000 in physical gold nuggets.…

"Astronomers have spotted a quasi-moon near Earth," reports CNN, "and the small space rock has likely been hanging out near our planet unseen by telescopes for about 60 years, according to new research." The newly discovered celestial object, named 2025 PN7, is a type of near-Earth asteroid that orbits the sun but sticks close to our planet. Like our world, 2025 PN7 takes one year to complete an orbit around the sun... The newly found 2025 PN7 is just one of a handful of known quasi-moons with orbits near our planet, including Kamo'oalewa, which is also thought to be an ancient lunar fragment. Kamo'oalewa is one of the destinations of China's Tianwen-2 mission launched in May, which aims to collect and return samples from the space rock in 2027. The Pan-STARRS observatory located on the Haleakala volcano in Hawaii captured observations of 2025 PN7 on August 29. Archival data revealed that the object has been in an Earth-like orbit for decades. The quasi-moon managed to escape the notice of astronomers for so long because it is small and faint, said Carlos de la Fuente Marcos, a researcher on the faculty of mathematical sciences at the Complutense University of Madrid who recently authored a paper about the space rock. The paper was published on September 2 in the journal Research Notes of the American Astronomical Society, which is for timely non-peer-reviewed astronomical observations. The space rock swings within 186,000 miles (299,337 kilometers) of us during its closest pass of our planet, de la Fuente Marcos said.... "It can only be detected by currently available telescopes when it gets close to our planet as it did this summer," de la Fuente Marcos explained. "Its visibility windows are few and far between. It is a challenging object...." Astronomers are still trying to figure out 2025 PN7's size. About 98 feet (30 meters) across is a reasonable estimate, de la Fuente Marcos said. It also has the potential to be 62 feet (19 meters) in diameter, according to EarthSky. The space rock is currently the smallest-known quasi-moon to have orbited near Earth, de la Fuente Marcos said.

Read more of this story at Slashdot.

Long-time Slashdot reader theodp writes: Over at the Communications of the ACM, Bard College CS Prof Valerie Barr explains why she's Feeling Cranky About AI and CS Education. Having seen CS education go through a number of we-have-to-teach-this moments over the decades — introductory programming languages, the Web, Data Science, etc. — Barr turns her attention to the next hand-wringing "what will we do" CS education moment with AI. "We're jumping through hoops without stopping first to question the run-away train," Barr writes... Barr calls for stepping back from "the industry assertion that the ship has sailed, every student needs to use AI early and often, and there is no future application that isn't going to use AI in some way" and instead thoughtfully "articulate what sort of future problem solvers and software developers we want to graduate from our programs, and determine ways in which the incorporation of AI can help us get there." From the article: In much discussion about CS education: a.) There's little interest in interrogating the downsides of generative AI, such as the environmental impact, the data theft impact, the treatment and exploitation of data workers. b.) There's little interest in considering the extent to which, by incorporating generative AI into our teaching, we end up supporting a handful of companies that are burning billions in a vain attempt to each achieve performance that is a scintilla better than everyone else's. c.) There's little interest in thinking about what's going to happen when the LLM companies decide that they have plateaued, that there's no more money to burn/spend, and a bunch of them fold—but we've perturbed education to such an extent that our students can no longer function without their AI helpers.

Read more of this story at Slashdot.

Optus was unaware network changes caused a problem, and ignored some customer complaints

Australian telco Optus says its staff may not have followed established processes when a firewall upgrade they conducted resulted in customers not being able to call emergency emergency services for fourteen hours – a period during which it is thought three of the carrier’s customers died after trying to seek help, according to the company's CEO.…

"On a recent assignment to test defenses, Dave Brauchler of the cybersecurity company NCC Group tricked a client's AI program-writing assistant into executing programs that forked over the company's databases and code repositories," reports the Washington Post. "We have never been this foolish with security," Brauchler said... Demonstrations at last month's Black Hat security conference in Las Vegas included other attention-getting means of exploiting artificial intelligence. In one, an imagined attacker sent documents by email with hidden instructions aimed at ChatGPT or competitors. If a user asked for a summary or one was made automatically, the program would execute the instructions, even finding digital passwords and sending them out of the network. A similar attack on Google's Gemini didn't even need an attachment, just an email with hidden directives. The AI summary falsely told the target an account had been compromised and that they should call the attacker's number, mimicking successful phishing scams. The threats become more concerning with the rise of agentic AI, which empowers browsers and other tools to conduct transactions and make other decisions without human oversight. Already, security company Guardio has tricked the agentic Comet browser addition from Perplexity into buying a watch from a fake online store and to follow instructions from a fake banking email... Advanced AI programs also are beginning to be used to find previously undiscovered security flaws, the so-called zero-days that hackers highly prize and exploit to gain entry into software that is configured correctly and fully updated with security patches. Seven teams of hackers that developed autonomous "cyber reasoning systems" for a contest held last month by the Pentagon's Defense Advanced Research Projects Agency were able to find a total of 18 zero-days in 54 million lines of open source code. They worked to patch those vulnerabilities, but officials said hackers around the world are developing similar efforts to locate and exploit them. Some longtime security defenders are predicting a once-in-a-lifetime, worldwide mad dash to use the technology to find new flaws and exploit them, leaving back doors in place that they can return to at leisure. The real nightmare scenario is when these worlds collide, and an attacker's AI finds a way in and then starts communicating with the victim's AI, working in partnership — "having the bad guy AI collaborate with the good guy AI," as SentinelOne's [threat researcher Alex] Delamotte put it. "Next year," said Adam Meyers, senior vice president at CrowdStrike, "AI will be the new insider threat." In August more than 1,000 people lost data to a modified Nx program (downloaded hundreds of thousands of times) that used pre-installed coding tools from Google/Anthropic/etc. According to the article, the malware "instructed those programs to root out" sensitive data (including passwords or cryptocurrency wallets) and send it back to the attacker. "The more autonomy and access to production environments such tools have, the more havoc they can wreak," the article points out — including this quote from SentinelOne threat researcher Alex Delamotte. "It's kind of unfair that we're having AI pushed on us in every single product when it introduces new risks."

Read more of this story at Slashdot.

Long-time Slashdot reader fahrbot-bot shared this report from ZME Science Researchers from the University of Turku, in collaboration with Aalto University and Wageningen University, have developed a bio-based UV protection film for solar cells that not only blocks nearly all harmful ultraviolet light but also outperforms commercial plastic films. The key ingredient is a water extract made from red onion skins... [T]he same sunlight that powers [solar cells] can also degrade their delicate components — particularly the electrolyte inside dye-sensitized solar cells (DSSCs), a type known for their flexibility and low-light performance. To mitigate this, manufacturers typically wrap cells in UV-protective films made from petroleum-based plastics like polyethylene terephthalate (PET). But these plastics degrade over time and are difficult to recycle... Nanocellulose can be processed into thin, transparent films that serve as the perfect substrate for UV-blocking compounds. Their breakthrough came when they dyed these films using an extract from red onion skins, a common kitchen waste. The result was a filter that blocked 99.9% of UV radiation up to 400 nanometers, a feat that outstripped even the PET-based commercial filters chosen for comparison... [T]he onion-treated filter excelled: it let through over 80% of light in the 650-1,100 nm range — an ideal sweet spot for energy absorption... Even predictive modeling based on early degradation trends suggested the CNF-ROE filter could extend a solar cell's lifetime to roughly 8,500 hours. The PET-based filter? Just 1,500 hours... [T]he red onion extract offered a rare combination of longevity, transparency, and sustainability... The team envisions biodegradable solar cells for smart packaging, remote sensors, or wearable devices — especially in applications where recovery and recycling are not feasible. Their work is part of the BioEST project, funded by the Research Council of Finland, which supports sustainable innovation across electronics and materials science. This achievement taps into a broader movement to decarbonize every step of solar energy production. Plastic packaging is one of the overlooked sources of emissions in clean technology. Swapping out fossil-based plastics for biodegradable alternatives helps close that loop... The findings appeared in the journal Applied Optical Materials.

Read more of this story at Slashdot.

In a debate on employment rights, a U.K. Parliament member brought up Meta's former director of global public policy Sarah Wynn-Williams Louise Haigh, the former Labour transport secretary, said Wynn-Williams was facing a fine of $50,000 (£37,000) every time she breached an order secured by Meta preventing her from talking disparagingly about the company... "I am sure that the whole house and the government will stand with Sarah as we pass this legislation to ensure that whistleblowers and those with the moral courage to speak out are always protected...." Meta has emphasised that Wynn-Williams entered into the non-disparagement agreement voluntarily as part of her departure. Meta said that to date, Wynn-Williams had not been forced to make any payments under the agreement... [The ruling came after Wynn-Williams published an exposé in March about her time at Facebook titled Careless People: A Cautionary Tale of Power, Greed, and Lost Idealism.] The ruling stated Wynn-Williams should stop promoting the book and, to the extent she could, stop further publication... Wynn-Williams has not spoken in public since appearing at the Senate hearing in April. Wynn-Williams "remains silenced" according to her lawyer, who tells the Guardian that Meta's arbitration proceedings in the U.K. "threaten to bankrupt" the whistleblower.

Read more of this story at Slashdot.

A July combat training exercise involved a satellite dish-style antenna that "could fire enough electromagnetic energy to fry the satellite 22,000 miles away," reports the Washington Post. But "Instead, the salvo would be more covert — millisecond pulses of energy that would subtly disrupt the satellite's signals, which U.S. military forces were using to communicate in the Pacific Ocean." The goal was to disguise the strike as a garbled connection that could be easily remedied by securing a loose cable or a simple reboot, leaving U.S. service members frustrated without raising their suspicions. [And using less power "would make it harder for the Blue Team to track where the interference was coming from."] This is how the next war could start: invisible shots fired in space on the electromagnetic spectrum that could render U.S. fighter jets and aircraft carriers deaf and blind, unable to communicate. In this case, the "aggressors" targeting the U.S. satellite were not from China or Russia, but rather an elite squadron of U.S. Space Force Guardians mimicking how potential adversaries would act in a conflict that begins in orbit... Involving more than 700 service members and spanning 50 million square miles and six time zones, the training exercise, called Resolute Space, was observed firsthand exclusively by The Washington Post. The article describes leadership at the U.S. Space Force "still honing their mission while jousting with adversaries, such as China, that are moving quickly and conducting combat-like operations in orbit... While the Space Force continues to evolve, many defense analysts and some members of Congress fear the United States has already ceded its dominance in space to China and others." With a budget of just $40 billion, the relatively tiny Space Force makes up just about 4 percent of the Defense Department's budget and less than 1 percent of its personnel. It has more than 15,000 Guardians, which also includes several thousand civilians. By comparison, the Army has nearly 1 million soldiers. The Space Force has been squeezed under the department of the Air Force and struggled to distinguish itself from the other branches... China, Russia and others have demonstrated that they can take out or interfere with the satellites operated by the Pentagon and intelligence agencies that provide the nation's missile warning and tracking, reconnaissance and communications. China in particular has moved rapidly to build an arsenal of space-based weapons... [R]ecently, several of China's satellites have engaged in what Space Force officials have called "dogfighting," jousting with U.S. satellites at high speeds and close ranges.

Read more of this story at Slashdot.

Last week the Guardian reported on "thousands of AI workers contracted for Google through Japanese conglomerate Hitachi's GlobalLogic to rate and moderate the output of Google's AI products, including its flagship chatbot Gemini... and its summaries of search results, AI Overviews." "AI isn't magic; it's a pyramid scheme of human labor," said Adio Dinika, a researcher at the Distributed AI Research Institute based in Bremen, Germany. "These raters are the middle rung: invisible, essential and expendable...." Ten of Google's AI trainers the Guardian spoke to said they have grown disillusioned with their jobs because they work in siloes, face tighter and tighter deadlines, and feel they are putting out a product that's not safe for users... In May 2023, a contract worker for Appen submitted a letter to the US Congress that the pace imposed on him and others would make Google Bard, Gemini's predecessor, a "faulty" and "dangerous" product This week Google laid off 200 of those moderating contractors, reports Wired. "These workers, who often are hired because of their specialist knowledge, had to have either a master's or a PhD to join the super rater program, and typically include writers, teachers, and people from creative fields." Workers still at the company claim they are increasingly concerned that they are being set up to replace themselves. According to internal documents viewed by WIRED, GlobalLogic seems to be using these human raters to train the Google AI system that could automatically rate the responses, with the aim of replacing them with AI. At the same time, the company is also finding ways to get rid of current employees as it continues to hire new workers. In July, GlobalLogic made it mandatory for its workers in Austin, Texas, to return to office, according to a notice seen by WIRED... Some contractors attempted to unionize earlier this year but claim those efforts were quashed. Now they allege that the company has retaliated against them. Two workers have filed a complaint with the National Labor Relations Board, alleging they were unfairly fired, one due to bringing up wage transparency issues, and the other for advocating for himself and his coworkers. "These individuals are employees of GlobalLogic or their subcontractors, not Alphabet," Courtenay Mencini, a Google spokesperson, said in a statement... "Globally, other AI contract workers are fighting back and organizing for better treatment and pay," the article points out, noting that content moderators from around the world facing similar issues formed the Global Trade Union Alliance of Content Moderators which includes workers from Kenya, Turkey, and Colombia. Thanks to long-time Slashdot reader mspohr for sharing the news.

Read more of this story at Slashdot.

Writing in Communications of the ACM, former Go tech lead Russ Cox warns we need to keep improving defenses of software supply chains, highlighting "promising approaches that should be more widely used" and "areas where more work is needed." There are important steps we can take today, such as adopting software signatures in some form, making sure to scan for known vulnerabilities regularly, and being ready to update and redeploy software when critical new vulnerabilities are found. More development should be shifted to safer languages that make vulnerabilities and attacks less likely. We also need to find ways to fund open source development to make it less susceptible to takeover by the mere offer of free help. Relatively small investments in OpenSSL and XZ development could have prevented both the Heartbleed vulnerability and the XZ attack. Some highlights from the 5,000-word article: Make Builds Reproducible. "The Reproducible Builds project aims to raise awareness of reproducible builds generally, as well as building tools to help progress toward complete reproducibility for all Linux software. The Go project recently arranged for Go itself to be completely reproducible given only the source code... A build for a given target produces the same distribution bits whether you build on Linux or Windows or Mac, whether the build host is X86 or ARM, and so on. Strong reproducibility makes it possible for others to easily verify that the binaries posted for download match the source code..." Prevent Vulnerabilities. "The most secure software dependencies are the ones not used in the first place: Every dependency adds risk... Another good way to prevent vulnerabilities is to use safer programming languages that remove error-prone language features or make them needed less often..." Authenticate Software. ("Cryptographic signatures make it impossible to nefariously alter code between signing and verifying. The only problem left is key distribution...") "The Go checksum database is a real-world example of this approach that protects millions of Go developers. The database holds the SHA256 checksum of every version of every public Go module..." Fund Open Source. [Cox first cites the XKCD cartoon "Dependencies," calling it "a disturbingly accurate assessment of the situation..."] "The XZ attack is the clearest possible demonstration that the problem is not fixed. It was enabled as much by underfunding of open source as by any technical detail." The article also emphasized the importance of finding and fixing vulnerabilities quickly, arguing that software attacks must be made more difficult and expensive. "We use source code downloaded from strangers on the Internet in our most critical applications; almost no one is checking the code.... We all have more work to do."

Read more of this story at Slashdot.

Near Microsoft's headquarters in Redmond, the Five Stones coffee shop advertised for a barista a few months ago — and started getting resumes from "people who listed Microsoft and other tech companies," writes the Wall Street Journal: The applicants typically had master's degrees and experience in graphic design or marketing roles, Andrews said — sometimes senior ones. They were applying to jobs at Five Stones that would pay Redmond's minimum wage, $16.66 an hour. Five Stones hasn't yet hired such candidates because the coffee shop gives priority to more traditional entry-level baristas, like high-schoolers... [Microsoft and Amazon] have laid off more than 46,000 employees since 2023, according to Layoffs.fyi, which tracks workforce reductions. That represents 85% of layoffs by Seattle-area tech companies... As Amazon and Microsoft have made cuts — and other local tech firms including Expedia and Redfin have followed suit — the effects have rippled through Seattle's other business sectors. Weakness in payroll and sales tax contributed to a projected $146 million shortfall in revenue over the next two years. Restaurant and retail spending is down in the business and shopping districts surrounding Amazon's and Microsoft's campuses, with total transactions falling by as much as 7% in some popular areas in the past year, according to data from Square. In the first half of 2025, around 450 restaurants closed in Seattle, or about 16% of its total. "At the halfway point of the year, we've already seen as many closures as we'd usually see in a full year," said Anthony Anton, chief executive officer of the Washington Hospitality Association. Uber driver Juan Prado made six figures in 2021, often shuttling passengers in town for job interviews and doing frequent drop-offs near downtown tech offices. Now, he said, demand is much lower. "There are moments where you can be online, and in certain areas, it shows nothing...." Seattle tech firms are asking for significantly fewer job placements than years ago, said Noelle McDonald, senior vice president at recruiting company Aquent, which counts Amazon and Microsoft as clients. Hiring windows have lengthened and open roles receive around 10 times as many applications. And of course, "Commercial real-estate vacancies stand at a record high as offices built to accommodate a boom sit empty... " While some laid-off employees launched their own startups, "the outlook for many tech workers is dour as companies invest in software tools they can use to streamline teams," the article points out. Microsoft CEO Satya Nadella "has said the company is increasingly looking to AI to perform coding and other tasks once done by people," while in June, Amazon "said its workforce would shrink going forward."

Read more of this story at Slashdot.