Slashdot

A magician who implanted an RFID chip in his hand lost access to it after forgetting the password, leaving him effectively locked out of the tech embedded in his own body. The Register reports: "It turns out," said [said magician Zi Teng Wang], "that pressing someone else's phone to my hand repeatedly, trying to figure out where their phone's RFID reader is, really doesn't come off super mysterious and magical and amazing." Then there are the people who don't even have their phone's RFID reader enabled. Using his own phone would, in Zi's words, lack a certain "oomph." Oh well, how about making the chip spit out a Bitcoin address? "That literally never came up either." In the end, Zi rewrote the chip to link to a meme, "and if you ever meet me in person you can scan my chip and see the meme." It was all suitably amusing until the Imgur link Zi was using went down. Not everything on the World Wide Web is forever, and there is no guarantee that a given link will work indefinitely. Indeed, access to Imgur from the United Kingdom was abruptly cut off on September 30 in response to the country's age verification rules. Still, the link not working isn't the end of the world. Zi could just reprogram the chip again, right? Wrong. "When I went to rewrite the chip, I was horrified to realize I forgot the password that I had locked it with." The link eventually started working again, but if and when it stops, Zi's party piece will be a little less entertaining. He said: "Techie friends I've consulted with have determined that it's too dumb and simple to hack, the only way to crack it is to strap on an RFID reader for days to weeks, brute forcing every possible combination." Or perhaps some surgery to remove the offending hardware.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Scientific American: Amid a deepening ecological crisis and acute water shortage, Tehran can no longer remain the capital of Iran, the country's president has said. The situation in Tehran is the result of "a perfect storm of climate change and corruption," says Michael Rubin, a political analyst at the American Enterprise Institute. "We no longer have a choice," said Iranian president Masoud Pezeshkian during a speech on Thursday. Instead Iranian officials are considering moving the capital to the country's southern coast. But experts say the proposal does not change the reality for the nearly 10 million people who live in Tehran and are now suffering the consequences of a decades-long decline in water supply. Iran's capital has moved many times over the centuries, notes the report. "But this marks the first time the Iranian government has moved the capital because of an ecological catastrophe." Yet, Rubin says, "it would be a mistake to look at this only through the lens of climate change" and not factor in the water, land, and wastewater mismanagement and corruption that have made the crisis worse. Linda Shi, a social scientist and urban planner at Cornell University, says: "Climate change is not the thing that is causing it, but it is a convenient factor to blame in order to avoid taking responsibility" for poor political decisions.

Read more of this story at Slashdot.

The International Association of Cryptologic Research (IACR) was forced to cancel its leadership election after a trustee lost their portion of the Helios voting system's decryption key, making it impossible to reveal or verify the final results. Ars Technica reports: The IACR said Friday that the votes were submitted and tallied using Helios, an open source voting system that uses peer-reviewed cryptography to cast and count votes in a verifiable, confidential, and privacy-preserving way. Helios encrypts each vote in a way that assures each ballot is secret. Other cryptography used by Helios allows each voter to confirm their ballot was counted fairly. "Unfortunately, one of the three trustees has irretrievably lost their private key, an honest but unfortunate human mistake, and therefore cannot compute their decryption share," the IACR said. "As a result, Helios is unable to complete the decryption process, and it is technically impossible for us to obtain or verify the final outcome of this election." The IACR will switch to a two-of-three private key system to prevent this sort of thing from happening again. Moti Yung, the trustee responsible for the incident, has resigned and is being replaced by Michael Abdalla.

Read more of this story at Slashdot.

Google has begun testing sponsored ads inside its Gemini-powered AI Mode, placing labeled "sponsored" links at the bottom of AI-generated responses. Engadget reports: [A] Google spokesperson says the result shown is akin to similar tests it's been running this year. "People seeing ads in AI Mode in the wild is simply part of Google's ongoing tests, which we've been running for several months," the spokesperson said. The push to start offering ads in AI Mode was announced in May. The company also told 9to5Google that there are no current plans to fully update AI Mode to incorporate ads. For now, the software seems to be prioritizing organic links over sponsored links, but we all know how insidious ads can be once the floodgates open...

Read more of this story at Slashdot.

The SEC has officially dismissed its high-profile case against SolarWinds and its CISO that was tied to a Russia-linked cyberattack involving the software company. Reuters reports: The landmark case, which SEC brought in late 2023, rattled the cybersecurity community and later faced scrutiny from a judge who dismissed many of the charges. The SEC had said SolarWinds and its chief information security officer had violated U.S. securities laws by concealing vulnerabilities in connection with the high-profile 2020 Sunburst cyber attack. The SEC, SolarWinds and CISO Timothy Brown filed a motion on Thursday to dismiss the case with prejudice, according to a joint stipulation posted on the agency's website. A SolarWinds spokesperson said the firm is "clearly delighted" with the dismissal. "We hope this resolution eases the concerns many CISOs have voiced about this case and the potential chilling effect it threatened to impose on their work," the spokesperson said.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Bloomberg: Malaysia's palm oil giants, long-blamed for razing rainforests, fueling toxic haze and driving orangutans to the brink of extinction, are recasting themselves as unlikely champions in a different, potentially greener race: the quest to lure the world's AI data centers to the Southeast Asian country (source paywalled; alternative source). Palm oil companies are earmarking some of the vast tracts of land they own for industrial parks studded with data centers and solar panels, the latter meant to feed the insatiable energy appetites of the former. The logic is simple: data centers are power and land hogs. By 2035, they could demand at least five gigawatts of electricity in Malaysia -- almost 20% of the country's current generation capacity and roughly enough to power a major city like Miami. Malaysia also needs space to house server farms, and palm oil giants control more land than any other private entity in the country. The country has been at the heart of a regional data center boom. Last year, it was the fastest-growing data center market in the Asia-Pacific region and roughly 40% of all planned capacity in Southeast Asia is now slated for Malaysia, according to industry consultant DC Byte. Over the past four years, $34 billion in data center investments has poured into the country -- Alphabet's Google committed $2 billion, Microsoft announced a $2.2 billion investment and Amazon is spending $6.2 billion, to name a few. The government aims for 81 data centers by 2035. The rush is partly a spillover from Singapore, where a years-long moratorium on new centers forced operators to look north. Johor, just across the causeway, is now a hive of construction cranes and server farms -- including for firms such as Singapore Telecommunications, Nvidia and ByteDance. But delivering on government promises of renewable power is proving harder. The strains are already being felt in Malaysia's data center capital. Sedenak Tech Park, one of Johor's flagship sites, is telling potential tenants they'll need to wait until the fourth quarter of 2026 for promised water and power hookups under its second-phase expansion, according to DC Byte. The vacancy rate in Johor's live facilities is just 1.1%, according to real estate consultant Knight Frank. Despite its rapid growth, the market is nowhere near saturation, with six gigawatts of capacity expected to be built out over time, said Knight Frank's head of data centers for Asia Pacific, Fred Fitzalan Howard. That potential bottleneck has incentivized palm oil majors such as SD Guthrie Bhd. to pitch themselves as both landowners and green-power suppliers. The $8.9 billion palm oil producer, SD Guthrie, is the world's largest palm oil planter by acreage, with more than 340,000 hectares in Malaysia. "SD Guthrie is pivoting to solar farms and industrial parks, betting that tech giants hungry for server space will prefer sites with ready access to renewable energy," reports Bloomberg. "The company has reserved 10,000 hectares for such projects over the next decade, starting with clearing old rubber estates and low-yielding palm plots in areas near data center and semiconductor investment hubs." "The company's calculation is based on this: one megawatt of solar requires about 1.5 hectares. Helmy said SD Guthrie wants one gigawatt in operation within three years, enough to power up to 10 hyperscale data centers used for AI computing. The new business is expected to make up about a third of its profits by the end of the decade."

Read more of this story at Slashdot.

Phoronix's Michael Larabel reports: A 21 year old bug report requesting support of the XDG Base Directory specification is finally being addressed by Firefox. The Firefox 147 release should respect this XDG specification around where files should be positioned within Linux users' home directory. The XDG Base Directory specification lays out where application data files, configuration files, cached assets, and other files and file formats should be positioned within a user's home directory and the XDG environment variables for accessing those locations. To date Firefox has just positioned all files under ~/.mozilla rather than the likes of ~/.config and ~/.local/share.

Read more of this story at Slashdot.

Google's AI infrastructure chief told employees the company must double its AI serving capacity every six months in order to meet demand. In a presentation earlier this month, Amin Vahdat, a vice president at Google Cloud, gave a presentation titled "AI Infrastructure." It included a slide on "AI compute demand" that said: "Now we must double every 6 months.... the next 1000x in 4-5 years." CNBC reports: The presentation was delivered a week after Alphabet reported better-than-expected third-quarter results and raised its capital expenditures forecast for the second time this year, to a range of $91 billion to $93 billion, followed by a "significant increase" in 2026. Hyperscaler peers Microsoft, Amazon and Meta also boosted their capex guidance, and the four companies now expect to collectively spend more than $380 billion this year. Google's "job is of course to build this infrastructure but it's not to outspend the competition, necessarily," Vahdat said. "We're going to spend a lot," he said, adding that the real goal is to provide infrastructure that is far "more reliable, more performant and more scalable than what's available anywhere else." In addition to infrastructure build-outs, Vahdat said Google bolsters capacity with more efficient models and through its custom silicon. Last week, Google announced the public launch of its seventh generation Tensor Processing Unit called Ironwood, which the company says is nearly 30 times more power efficient than its first Cloud TPU from 2018. Vahdat said the company has a big advantage with DeepMind, which has research on what AI models can look like in future years. Google needs to "be able to deliver 1,000 times more capability, compute, storage networking for essentially the same cost and increasingly, the same power, the same energy level," Vahdat said. "It won't be easy but through collaboration and co-design, we're going to get there."

Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: The US crackdown on chip exports to China has continued with the arrests of four people accused of a conspiracy to illegally export Nvidia chips. Two US citizens and two nationals of the People's Republic of China (PRC), all of whom live in the US, were charged in an indictment (PDF) unsealed on Wednesday in US District Court for the Middle District of Florida. The indictment alleges a scheme to send Nvidia "GPUs to China by falsifying paperwork, creating fake contracts, and misleading US authorities," John Eisenberg, assistant attorney general for the Justice Department's National Security Division, said in a press release yesterday. The four arrestees are Hon Ning Ho (aka Mathew Ho), a US citizen who was born in Hong Kong and lives in Tampa, Florida; Brian Curtis Raymond, a US citizen who lives in Huntsville, Alabama; Cham Li (aka Tony Li), a PRC national who lives in San Leandro, California; and Jing Chen (aka Harry Chen), a PRC national who lives in Tampa on an F-1 non-immigrant student visa. The suspects face a raft of charges for conspiracy to violate the Export Control Reform Act of 2018, smuggling, and money laundering. They could serve many decades in prison if convicted and given the maximum sentences and forfeit their financial gains. The indictment says that Chinese companies paid the conspirators nearly $3.9 million. One of the suspects was briefly the CTO of Corvex, a Virginia-based AI cloud computing company that is planning to go public. Corvex told CNBC yesterday that it "had no part in the activities cited in the Department of Justice's indictment," and that "the person in question is not an employee of Corvex. Previously a consultant to the company, he was transitioning into an employee role but that offer has been rescinded."

Read more of this story at Slashdot.

British soldiers are using computer games such as Call of Duty to sharpen their "war-fighting readiness," an Army chief has said. From a report: General Sir Tom Copinger-Symes, the deputy commander of Cyber and Specialist Operations Command, said the war in Ukraine, where remote-operated drones have become crucial on the battlefield, proved the worth of having soldiers skilled in video gaming. The Ministry of Defence on Friday announced the launch of the International Defence Esports Games (IDEG), a video gaming tournament that will pit the best of Britain's "future cyber warriors" against military teams from 40 other countries.

Read more of this story at Slashdot.

The Japanese government said that the world's biggest nuclear plant would restart operations. Semafor: The Kashiwazaki-Kariwa site closed in 2012, as Japan -- which previously generated 30% of its electricity from nuclear power -- shuttered most of its fleet in the wake of the Fukushima meltdown. But like much of the world, it is looking once again to nuclear power for reliable, low-carbon energy, especially in the face of high gas and oil prices following Russia's invasion of Ukraine. It has restarted 14 out of 54 plants and announced plans for a first new reactor since the disaster.

Read more of this story at Slashdot.

Google confirmed in a statement Friday that hackers have stolen the Salesforce-stored data of more than 200 companies in a large-scale supply chain hack. TechCrunch reports: On Thursday, Salesforce disclosed a breach of "certain customers' Salesforce data" -- without naming affected companies -- that was stolen via apps published by Gainsight, which provides a customer support platform to other companies. In a statement, Austin Larsen, the principal threat analyst of Google Threat Intelligence Group, said that the company "is aware of more than 200 potentially affected Salesforce instances." After Salesforce announced the breach, the notorious and somewhat-nebulous hacking group known as Scattered Lapsus$ Hunters, which includes the ShinyHunters gang, claimed responsibility for the hacks in a Telegram channel, which TechCrunch has seen.

Read more of this story at Slashdot.

Microsoft has acknowledged in a support article that major Windows 11 core features including the Start Menu, Taskbar, File Explorer and System Settings break after applying monthly cumulative updates released on or after July 2025. The problems stem from XAML component issues that affect updates beginning with July's Patch Tuesday release (KB5062553). The failures occur during first-time user logins after cumulative updates are applied and on non-persistent OS installations like virtual desktop infrastructure setups. Microsoft lists Explorer.exe crashes, shellhost.exe crashes, StartMenuExperienceHost failures and System Settings that silently refuse to launch among the symptoms. The company provided PowerShell commands and batch scripts as temporary workarounds that re-register the affected packages. Both Windows 11 versions 24H2 and 25H2 share the same codebase and are affected. Microsoft said it is working on a fix but did not provide a timeline.

Read more of this story at Slashdot.

Thunderbird Pro has moved its Thundermail email service into production testing as the open-source email client's subscription bundle of additional services prepares for an Early Bird beta launch at $9 per month that will include email hosting, encrypted file sharing through Send, and scheduling via Appointment. Internal team members are now testing Thundermail accounts and the new Thunderbird Pro add-on automatically adds Thundermail accounts for users who sign up through it. The project migrated its data hosting from the Americas to Germany and the EU. Appointment received a major visual redesign being applied across all three services while Send completed an external security review and moved from its standalone add-on into the unified Thunderbird Pro add-on. The new website at tb.pro is live for signups and account management.

Read more of this story at Slashdot.

Adam Marshall spent more than a decade developing Kingdoms of the Dump while working as a custodian at a school in suburban Philadelphia, cleaning floors and hauling trash bags from 3 PM to 11 PM before coming home to work on his turn-based role-playing game until 5 or 6 AM. The game, which Bloomberg has called "one of the year's most charming RPGs," came out on Tuesday after Marshall and his childhood friend Matt Loiseau -- also a janitor -- built it using RPG Maker alongside a small team of hobbyists who mostly worked for free. The pair launched a Kickstarter campaign in 2019 that raised $76,560, but the pandemic disrupted their plans and forced them to lose contractors and rethink their approach. Marshall maintained this schedule for five years straight before quitting his custodial job last year to finish the game full-time. Kingdoms of the Dump has sold about 7,000 copies since its release. The game stars a walking trashcan named Dustin Binsley who adventures through landfills and sewers in a world made entirely of garbage.

Read more of this story at Slashdot.

AI nutrition tracking features in popular fitness apps are producing wildly inaccurate calorie and macro counts despite promises to simplify food logging through automated photo analysis. The Verge tested AI-powered nutrition tools in Ladder, Oura Advisor, January and MyFitnessPal. Ladder's AI estimated the outlet's carefully measured 355-calorie breakfast at 780 calories and got the macro breakdown wrong even after the reviewer manually edited entries to include exact brands and amounts. Oura Advisor routinely mistook matcha protein shakes for green smoothies. January misidentified barbecue sauce as teriyaki sauce and failed to detect mushrooms in a chicken dish. None of the apps could identify healthier ingredient swaps or accurately log ethnic foods. Oura classified a mix of edamame, quinoa and brown rice as mashed potatoes and white rice. Ladder logged dal makhani curry as chicken soup. The AI features require extensive manual corrections that negate any time savings from automated logging, the publication concluded in its scathing review.

Read more of this story at Slashdot.

Amazon's 14,000-plus layoffs announced last month touched almost every piece of the company's sprawling business, from cloud computing and devices to advertising, retail and grocery stores. But one job category bore the brunt of cuts more than others: engineers. CNBC: Documents filed in New York, California, New Jersey and Amazon's home state of Washington showed that nearly 40% of the more than 4,700 job cuts in those states were engineering roles. The data was reported by Amazon in Worker Adjustment and Retraining Notification, or WARN, filings to state agencies. The figures represent a segment of the total layoffs announced in October. Not all data was immediately available because of differences in state WARN reporting requirements.

Read more of this story at Slashdot.

Meta is venturing into the complex world of electricity trading, betting it can accelerate the construction of new US power plants that are vital to its AI ambitions. From a report: The foray into power trading comes after Meta heard from investors and plant developers that too few power buyers were willing to make the early, long-term commitments required to spur investment, according to Urvi Parekh, the company's head of global energy. Trading electricity will give the company the flexibility to enter more of those longer contracts. Plant developers "want to know that the consumers of power are willing to put skin in the game," Parekh said in an interview. "Without Meta taking a more active voice in the need to expand the amount of power that's on the system, it's not happening as quickly as we would like."

Read more of this story at Slashdot.

An anonymous reader shares a report: Microsoft is upgrading its Advanced Paste tool in PowerToys for Windows 11, allowing you to use an on-device AI model to power some of its features. With the 0.96 update, you can route requests through Microsoft's Foundry Local tool or the open-source Ollama, both of which run AI models on your device's neural processing unit (NPU) instead of connecting to the cloud. That means you won't need to purchase API credits to perform certain actions, like having AI translate or summarize the text copied to your clipboard. Plus, you can keep your data on your device.

Read more of this story at Slashdot.

OpenAI CEO Sam Altman told colleagues last month that Google's recent progress in AI could "create some temporary economic headwinds for our company," though he added that OpenAI would emerge ahead, The Information reports [non-paywalled source]. From the report: After OpenAI researchers heard that Google had created a new AI that appears to have leapfrogged OpenAI's in the way it was developed, Altman said in the memo that "we know we have some work to do but we are catching up fast." Still, he cautioned employees that "I expect the vibes out there to be rough for a bit."

Read more of this story at Slashdot.