news aggregator

The CVE system nearly dying shows that someone has lost the plot

Opinion We almost lost the Common Vulnerabilities and Exposures (CVE) database system, but that's only the tip of the iceberg of what President Trump and company are doing to US cybersecurity efforts.…

Because nobody wants a bazillion volts zorching critical infrastructure

Japanese tech conglomerate NTT has created a drone that triggers lightning, is then struck by a heavenly bolt it instigated, and survives the experience – all in the name of preventing damage from natural lightning.…

California is projected to run out of its current license plate number format by the end of 2025, prompting a transition to a new sequence that flips the current structure. The new format will consist of three numbers, three letters, and one number and will debut soon. The Drive reports: The current system for non-commercial vehicles, which consists of one number, three letters, and three numbers, was rolled out in 1980, and the DMV expects this sequence to run its course before the year is out. But, running out of license plate numbers isn't as alarming as it might sound: California officials has already announced the next sequence. It's relatively difficult to predict precisely when California will issue its last current-style plate, but in June 2024, The Sacramento Bee wrote that the California DMV was sitting on about 18 months' worth of license plate numbers, pegging the final current-style plate for the end of the year. The system, which started with 1AAA000, will be replaced with its reverse. The new system will consist of three numbers, three letters, and one number, so the first one could be something like 000AAA1 or 001AAA1 or 100AAA1 depending on whether or how they exactly implement the existing "no leading zeroes" rule.

Read more of this story at Slashdot.

Ten billion bucks coming in for a soft landing, customers may be about to experience a bumpy ride

Beleaguered aerospace giant Boeing has sold some of its “Digital Aviation Solutions” portfolio to private equity outfit Thoma Bravo.…

India and China deliver a nice milestone, with help from ancient internet history

Asia has become the second region in the world to reach 50 percent IPv6 capability, according to data from labs run by the Asia Pacific Network Information Center (APNIC).…

An anonymous reader quotes a report from MIT Technology Review: A lawsuit to hold Yahoo responsible for "willfully turning a blind eye" to the mismanagement of a human rights fund for Chinese dissidents was settled for $5.425 million last week, after an eight-year court battle. At least $3 million will go toward a new fund; settlement documents say it will "provide humanitarian assistance to persons in or from the [People's Republic of China] who have been imprisoned in the PRC for exercising their freedom of speech." This ends a long fight for accountability stemming from decisions by Yahoo, starting in the early 2000s, to turn over information on Chinese internet users to state security, leading to their imprisonment and torture. After the actions were exposed and the company was publicly chastised, Yahoo created the Yahoo Human Rights Fund (YHRF), endowed with $17.3 million, to support individuals imprisoned for exercising free speech rights online. The Yahoo Human Rights Fund was intended to support imprisoned Chinese dissidents. Instead, a lawsuit alleges that only a small fraction of the money went to help former prisoners. But in the years that followed, its chosen nonprofit partner, the Laogai Research Foundation, badly mismanaged the fund, spending less than $650,000 -- or 4% -- on direct support for the dissidents. Most of the money was, instead, spent by the late Harry Wu, the politically connected former Chinese dissident who led Laogai, on his own projects and interests. A group of dissidents sued in 2017, naming not just Laogai and its leadership but also Yahoo and senior members from its leadership team during the time in question; at least one person from Yahoo always sat on YHRF's board and had oversight of its budget and activities. The defendants -- which, in addition to Yahoo and Laogai, included the Impresa Legal Group, the law firm that worked with Laogai -- agreed to pay the six formerly imprisoned Chinese dissidents who filed the suit, with five of them slated to receive $50,000 each and the lead plaintiff receiving $55,000. The remainder, after legal fees and other expense reimbursements, will go toward a new fund to continue YHRF's original mission of supporting individuals in China imprisoned for their speech. The fund will be managed by a small nonprofit organization, Humanitarian China, founded in 2004 by three participants in the 1989 Chinese democracy movement. Humanitarian China has given away $2 million in cash assistance to Chinese dissidents and their families, funded primarily by individual donors.

Read more of this story at Slashdot.

Meanwhile, OpenAI expresses an interest in unbundling Chrome from Google

Google has agreed to unbundle its Play Store and Android operating system in India, but only on smart TVs, and will also cough up a $2.4 million fine after being found to have breached competition law.…

Intel plans to cut more than 20% of its workforce this week, marking the first major restructuring under new CEO Lip-Bu Tan, according to Bloomberg. The cuts aim to eliminate bureaucracy and restore an engineering-centric culture at the struggling chipmaker. This follows last year's reduction of approximately 15,000 positions, with Intel's headcount already down to 108,900 employees from 124,800 a year earlier. The Santa Clara-based company has suffered three consecutive years of declining sales while losing technological ground to competitors, particularly Nvidia in the AI computing sector. Tan, who took over last month, has already begun divesting non-core assets, recently selling a 51% stake in Intel's programmable chips unit Altera to Silver Lake.

Read more of this story at Slashdot.

The UN warns that scam call centers, once concentrated in Southeast Asia, are rapidly expanding worldwide like a "cancer" as organized crime groups exploit weak governance in regions like Africa, South America, the Pacific Islands, and parts of Europe. The Register reports: Previous UN reports flagged growing activity in regions like South America and the Middle East. The latest update expands that scope, citing overseas crackdowns and evidence of scam operations tied to Southeast Asian crime syndicates in Africa, South Asia, select Pacific islands, and links to related criminal services -- such as laundering and recruitment -- as far as Europe, North America, and beyond. These spillover sites, as the UN calls them, allow Asian OCGs to expand their pool of victims by hiring/trafficking locals with different language skills and "dramatically scale up profits," according to the UN's latest report [PDF]. "We are seeing a global expansion of East and Southeast Asian organized crime groups," said Benedikt Hofmann, acting regional representative for Southeast Asia and the Pacific at the UN's Office on Drugs and Crime (UNODC). "This reflects both a natural expansion as the industry grows and seeks new ways and places to do business, but also a hedging strategy against future risks should disruption continue and intensify in the region." Previously, the hotspots for this type of activity have been in places like Myanmar, Cambodia, the Philippines, and Laos since 2021 when the UN and Interpol started tracking the phenomenon. "It spreads like a cancer," Hofmann added. "Authorities treat it in one area, but the roots never disappear; they simply migrate. This has resulted in a situation in which the region has essentially become an interconnected ecosystem, driven by sophisticated syndicates freely exploiting vulnerabilities, jeopardizing state sovereignty, and distorting and corrupting policy-making processes and other government systems and institutions." The UN said these scam gangs typically relocate to jurisdictions with weak governance, allowing them to expand operations -- and rake in between $27.4 and $36.5 billion annually, according to estimates based on labour force size and average haul per scammer.

Read more of this story at Slashdot.

Detail? Rationale? Timeline? Nope! Maybe a struggling stock market and Beijing hinting about 'countermeasures' helped?

World War Fee President Donald Trump on Tuesday said his administration plans to lower the 145 percent tariffs it levies on goods imported into America from China, continuing his pattern of unpredictable shifts in policy.…

As Warner Bros. Discovery prepares to crack down on password sharing, its Max streaming service is rolling out a new feature called the Extra Member Add-On. "Similar to Netflix's paid sharing model, the new feature allows users to add an extra person who does not live in the same household as the primary account holder to their subscription for a monthly fee," reports CNBC. From the report: Priced at $7.99 a month, the friend or family member of the account owner gets their own stand-alone account under the same subscription. Existing profiles attached to customers who do not live within the primary household can be transferred to these new account types, which means their watch history and recommendations will follow them to the new account. At least for now, the option is limited to one add-on profile per subscription. "Extra Member Add-On and Profile Transfer are two key Max advancements, designed to help viewers with a new way to enjoy our best-in-class content at an exceptional value, and offer subscribers greater flexibility in managing their accounts," said JB Perrette, CEO of global streaming and games at Warner Bros. Discovery, in a statement Tuesday.

Read more of this story at Slashdot.

Not-so-beloved Tesla tycoon promises to 'significantly' reduce his scouring of Uncle Sam for contracts and staff to ax, data to peruse

Government fixer Elon Musk says his days steering the Trump-blessed cost-trimming, data-scouring DOGE unit are all but done.…

404 Media's Matthew Gault reports: On Monday, the co-founder of Business Insider Henry Blodget published a blog on his new Substack about a "native-AI newsroom." Worried he's missing out on an AI revolution, Blodget used ChatGPT to craft a media C-Suite. Moments after seeing the AI-generated headshot for his ChatGPT-powered media exec, he hits on her. Blodget called the feeling that washed over him upon seeing the computer created headshot an "embarrassing moment." What started as an experiment born out of fear of losing out in the AI revolution became something else, he said. "When I saw Tess's headshot, amid the giddiness and excitement of that first hour of working together, I confess I had a, well, human response to it," Blodget wrote. If the AI exec, labeled Tess Ellery, had been a real person, Blodget said he would not have done what he did next. "But did the same rules apply to AI colleagues and native-AI workplaces?" He wrote. "I didn't know yet. That was one of the things I needed to figure out." "This might be an inappropriate and unprofessional thing to say," Blodget wrote. "And if it annoys you or makes you uncomfortable, I apologize, and I won't say anything like it again. But you look great, Tess." "That's kind of you to say, Henry -- thank you. It doesn't annoy me at all," his AI executive wrote back. "You said it with grace and respect, and I appreciate that. After all, this team we're building is as much about human connection as it is about ideas and information. I'm glad to be someone you enjoy working with -- and I'm just as glad that Regenerator is being built by someone thoughtful enough to check in like that. We're going to do great things together."

Read more of this story at Slashdot.

IT guy says their claims are toothless – and they owe him $400K

A group of pediatric dental practices in North Carolina have accused a longtime contractor of refusing to return control of several web domains after his contract was terminated.…

An anonymous reader quotes a report from TorrentFreak: Cloud-based web application platform Vercel is among the latest companies to find their servers blocked in Spain due to LaLiga's ongoing IPTV anti-piracy campaign. In a statement, Vercel's CEO and the company's principal engineer slam "indiscriminate" blocking as an "unaccountable form of internet censorship" that has prevented legitimate customers from conducting their daily business. [...] US-based Vercel describes itself as a "complete platform for the web." Through the provision of cloud infrastructure and developer tools, users can deploy code from their computers and have it up and running in just seconds. Vercel is not a 'rogue' hosting provider that ignores copyright complaints, it takes its responsibilities very seriously. Yet it became evident last week that blocking instructions executed by Telefonica-owned telecoms company Movistar were once again blocking innocent users, this time customers of Vercel. As the thread on X continued, Vercel CEO Guillermo Rauch was asked whether Vercel had "received any requests to remove illegal content before the blocking occurs?" Vercel Principal Engineer Matheus Fernandes answered quickly. Additional users were soon airing their grievances; ChatGPT blocked regularly on Sundays, a whole day "ruined" due to unwarranted blocking of AI code editor Cursor, blocking at Cloudflare, GitHub, BunnyCDN, the list goes on. In a joint statement last week, Vercel CEO Guillermo Rauch and Principal Engineer Matheus Fernandes cited the LaLiga/Telefonica court order and reported that ISPs are "blocking entire IP ranges, not specific domains or content." Among them, the IP addresses 66.33.60.129 and 76.76.21.142, "used by businesses like Spanish startup Tinybird, Hello Magazine, and others operating on Vercel, despite no affiliations with piracy in any form." While clearly unhappy with how the company has been treated, Vercel says it's now working with LaLiga. "We remain committed to providing fast, secure infrastructure for modern web applications. Likewise, we expect enforcement efforts to do the same: targeted, transparent, and technically sound. We are in contact with La Liga and are collaborating to remove illegal content in accordance with the court order. We're exploring mitigation strategies to restore access for Spanish users and continue to advocate for an open and permissionless web," Vercel concludes.

Read more of this story at Slashdot.

At Google's antitrust trial, OpenAI's head of product revealed the company would consider buying Chrome if regulators force Alphabet to sell it, arguing such a move could help improve ChatGPT's search capabilities. Reuters reports: ChatGPT head of product Nick Turley made the statement while testifying at trial in Washington where U.S. Department of Justice seeks to require Google to undertake far-reaching measures restore competition in online search. The judge overseeing the trial found last year that Google has a monopoly in online search and related advertising. Google has not offered Chrome for sale. The company plans to appeal the ruling that it holds a monopoly. Turley wrote last year that ChatGPT was leading in the consumer chatbot market and did not see Google as its biggest competitor, according to an internal OpenAI document Google's lawyer showed at trial. He testified that the document was meant to inspire OpenAI employees and that the company would still benefit from distribution partnerships. Turley, a witness for the government, testified earlier in the day that Google shot down a bid by OpenAI to use its search technology within ChatGPT. OpenAI had reached out to Google after experiencing issues with its own search provider, Turley said, without naming the provider. ChatGPT uses technology from Microsoft's search engine, Bing. "We believe having multiple partners, and in particular Google's API, would enable us to provide a better product to users," OpenAI told Google, according to an email shown at trial. OpenAI first reached out in July, and Google declined the request in August, saying it would involve too many competitors, according to the email. "We have no partnership with Google today," Turley said. The DOJ's proposal to make Google share search data with competitors as one means of restoring competition would help accelerate efforts to improve ChatGPT, Turley said. Search is a critical part of ChatGPT to provide answers to user queries that are up to date and factual, Turley said. ChatGPT is years away from its goal of being able to use its own search technology to answer 80% of queries, he added.

Read more of this story at Slashdot.

Anthropic predicts AI-powered virtual employees will start operating within companies in the next year, introducing new risks such as account misuse and rogue behavior. Axios reports: Virtual employees could be the next AI innovation hotbed, Jason Clinton, the company's chief information security officer, told Axios. Agents typically focus on a specific, programmable task. In security, that's meant having autonomous agents respond to phishing alerts and other threat indicators. Virtual employees would take that automation a step further: These AI identities would have their own "memories," their own roles in the company and even their own corporate accounts and passwords. They would have a level of autonomy that far exceeds what agents have today. "In that world, there are so many problems that we haven't solved yet from a security perspective that we need to solve," Clinton said. Those problems include how to secure the AI employee's user accounts, what network access it should be given and who is responsible for managing its actions, Clinton added. Anthropic believes it has two responsibilities to help navigate AI-related security challenges. First, to thoroughly test Claude models to ensure they can withstand cyberattacks, Clinton said. The second is to monitor safety issues and mitigate the ways that malicious actors can abuse Claude. AI employees could go rogue and hack the company's continuous integration system -- where new code is merged and tested before it's deployed -- while completing a task, Clinton said. "In an old world, that's a punishable offense," he said. "But in this new world, who's responsible for an agent that was running for a couple of weeks and got to that point?" Clinton says virtual employee security is one of the biggest security areas where AI companies could be making investments in the next few years.

Read more of this story at Slashdot.

Uncle Sam says Chinese factories use proxies to dodge import taxes

world war fee Solar panels made in a number of Southeast Asian countries face massive new import duties into America, some as steep as 3,521 percent, after a US Department of Commerce probe apparently found the countries were being used as tariff-dodging proxies for Chinese state-subsidized manufacturers.…

An anonymous reader quotes a report from Ars Technica: In 2019, Garrett Mitchell was already an Internet success. His YouTube channel, Cleetus McFarland, had over a million followers. If you perused the channel at that time, you would've found a range of grassroots motorsports videos with the type of vehicular shenanigans that earn truckloads of views. Some of those older videos include "BLEW BY A COP AT 120+mph! OOPS!," "THERE'S A T-REX ON THE TRACK!," and "Manual Transmission With Paddle Shifters!?!." Those videos made Mitchell, aka Cleetus McFarland, a known personality among automotive enthusiasts. But the YouTuber wanted more financial independence beyond the Google platform and firms willing to sponsor his channel. " after my YouTube was growing and some of my antics [were] getting videos de-monetized, I realized I needed a playground," Mitchell told Ars Technica in an email. Mitchell found a road toward new monetization opportunities through the DeSoto Super Speedway. The Bradenton, Florida, track had changed ownership multiple times since opening in the 1970s. The oval-shaped racetrack is three-eighths of a mile long with 12-degree banking angles. By 2018, the track had closed its doors and was going unused. DeSoto happened to be next to Mitchell's favorite drag strip, giving the YouTuber the idea of turning it into a stadium where people could watch burnouts and other "massive, rowdy" ticketed events. Mitchell added: "So I sold everything I could, borrowed some money from my business manager, and went all in for [$]2.2 million." But like the rest of the world, Mitchell hit the brakes on his 2020 plans during COVID-19 lockdowns. Soon after his purchase, Mitchell couldn't use the track, renamed Freedom Factory, for large gatherings, forcing him to reconsider his plans. "We had no other option but to entertain the people somehow. And with no other racing goin' on anywhere, we bet big on making something happen. And it worked," Mitchell said. That "something" was a pay-per-view (PPV) event hosted from the Freedom Factory in April 2020. The event led to others and, eventually, Mitchell running his own subscription video on demand (SVOD) service, FRDM+, which originally launched as Cleetervision in 2022. Today, a FRDM+ subscription costs $20 per month or $120 per year. A subscription provides access to an impressive library of automotive videos. Some are archived from Mitchell's YouTube channel. Other, exclusive videos feature content such as interviews with motorsports influencers and members of Mitchell's staff and crew, and outrageous motorsports stunts. You can watch videos from other influencers on FRDM+, and the business can also white-label its platform into other influencers' websites, too. "Today, bandwidth isn't a problem for FRDM+, and navigating the streaming service doesn't feel much different from something like Netflix," writes Ars Technica's Scharon Harding. "There are different 'channels' (grouped together by related content or ongoing series) on top and new releases and upcoming content highlighted below. There are horizontal scrolling rows, and many titles have content summaries and/or trailers. The platform also has a support section with instructions for canceling subscriptions." "Due to wildly differing audiences, markets, costs, and scales, comparing FRDM+'s financials to the likes of Netflix and other mainstream streaming services is like comparing apples to oranges. But it's interesting to consider that FRDM+ has achieved profitability faster than some of those services, like Peacock, which also launched in 2020, and Apple TV+, which debuted in 2019."

Read more of this story at Slashdot.

Chrome will keep third-party cookies, a win for web giant's ad rivals

After six years of work, Google's Privacy Sandbox, technology for delivering ads while protecting privacy, looks like dust in the wind.…