news aggregator

Researcher claims extension didn't start out by exfiltrating info... while dev says its actions are 'compliant'

Security boffins at Koi Security have warned of a shift in behavior of a popular Chrome VPN extension, FreeVPN.One, which recently appears to have begun snaffling screenshots of users' page activity and transmitting them to a remote server without their knowledge – and Google has yet to take it down.…

One fetcher bot seen smacking a website with 39,000 requests per minute

Cloud services giant Fastly has released a report claiming AI crawlers are putting a heavy load on the open web, slurping up sites at a rate that accounts for 80 percent of all AI bot traffic, with the remaining 20 percent used by AI fetchers. Bots and fetchers can hit websites hard, demanding data from a single site in thousands of requests per minute.…

Longtime Slashdot reader Xesdeeni writes: I received an email indicating Intuit will not support Windows 10 for the desktop versions of TurboTax starting this tax year. Laughably, they say "security is a top priority for us" before adding: "To use TurboTax Desktop software for tax year 2025, your computer will need to run on Microsoft Windows 11 [or] TurboTax Online." I'm just paranoid enough to use the desktop version, since at least it limits what they see to the forms they send to the IRS -- rather than everything. Even if I was willing to endure the added burden of printing and mailing the forms, this would be the end of that, since I'm out on Windows 11 for the reasons you already know. Here's what they sent: Hi there, We're reaching out to provide an update on TurboTax Desktop software for tax year 2025. After October 14, 2025, Microsoft will no longer provide software updates, technical assistance, or security fixes for Windows 10 operating system. Because security is a top priority for us, TurboTax Desktop software for tax year 2025 onwards will not be compatible with Windows 10 operating system. To use TurboTax Desktop software for tax year 2025, your computer will need to run on Microsoft Windows 11 operating system. You can also consider switching to TurboTax Online, which will work on any supported browser (available December 2025). For more resources and additional information about this change, go to this help article: How does the end of support for Windows 10 affect my TurboTax Desktop experience? Thanks for being part of the TurboTax family. Warm regards, The TurboTax Team Xesdeeni comments: "I've wanted a Linux offering for years now and only kept Windows for such limited products as this. I guess I can completely punt it now."

Read more of this story at Slashdot.

Compositional risk from multiple MCP Servers highlighted by report

Microsoft has declared general availability for MCP (model context protocol) servers in Visual Studio, likely to be the second most popular IDE after Visual Studio Code and with wide enterprise use.…

Fork runs Android apps and keeps old PCs ticking over ... all without signing into an account with the mothership

FydeOS is an alternative to ChromeOS Flex, but with a few significant differences – including Google-account-free operation.…

Google, TVA, and Kairos Power are teaming up to power data centers with advanced nuclear energy through a collaboration in Oak Ridge, Tennessee. The project aims to deliver 50 MW of nuclear energy by 2030. From a blog post: Today we announced the first deployment of Kairos Power's advanced nuclear reactor -- the Hermes 2 Plant in Oak Ridge, Tennessee -- through a new power purchase agreement (PPA) between Kairos Power and Tennessee Valley Authority (TVA). Marking the first purchase of electricity from an advanced GEN IV reactor by a U.S. utility, this agreement will enable 50 megawatts (MW) of nuclear energy on TVA's grid that powers our data centers in Montgomery County, Tennessee and Jackson County, Alabama. Last October, we began a long-term collaboration with Kairos Power to unlock up to 500 MW of nuclear power for the U.S. electricity system through multiple deployments of their small modular reactor. With this next step, we are creating a three-party solution where energy customers, utilities, and technology developers work together to advance new technologies that can help meet the world's growing energy needs with reliable, affordable capacity. Here's how it works: TVA will purchase electricity from Kairos Power's Hermes 2 plant, scheduled to begin operations in 2030. In this initial phase of the collaboration, we will procure clean energy attributes from the plant through TVA to help power our data centers in the region with locally sourced clean energy, every hour of every day.

Read more of this story at Slashdot.

US policymakers should take heed, says the Electronic Frontier Foundation

opinion Implementation of the U.K.'s Online Safety Act is giving internet users around the globe – including those in U.S. states moving to enact their own age verification laws – real-time proof that such laws impinge on everyone's rights to speak, read, and view freely. …

They’re cheap and grew up with AI … so you’re firing them why?

Amazon Web Services CEO Matt Garman has suggested firing junior workers because AI can do their jobs is “the dumbest thing I've ever heard.”…

Web giant reworks AI infra to improve utilization, with mix of chips from home and away

Chinese web giant Baidu is already breaking even with robotaxi operations in China and is confident they will be profitable once the company rolls into global markets.…

An anonymous reader quotes a report from Reuters: Serbian scientists have been experimenting with mealworms as a way to break down polystyrene. Larisa Ilijin, a principal research fellow at Belgrade's Institute for Biology, said the scientists had discovered that mealworms can digest various plastics, including polystyrene, which is used in packaging, insulation and food containers. In the project endorsed by the government and the United Nations' agency for international development, UNDP, and other international donors, they have been including the polystyrene in the regular food of the larval form of the yellow mealworm beetle, or Tenebrio molitor. They habitually eat more or less anything, but need the training to eat the plastic products. "We have larvae that have been adapted over a long time to biodegrade plastic, to be as efficient as possible in the process," Ilijin told Reuters. She said the bacteria living in their guts break down the plastic into carbon dioxide and water, and showed no evidence of leaving microplastic residue in their innards or faeces. The work builds on similar research projects in the U.S. and Africa. [...] The institute has given Belgrade-based Belinda Animals several containers of the mealworms. It is now breeding them and hoping to attract a network of similar farms. "When breaking down 1 kg of Styrofoam, larvae emit one to two grams of carbon dioxide ... If we incinerate it ... (Styrofoam) emits over 4,000 times more," owner Boris Vasiljev said. He also envisages the larvae being used as animal feed, should it reach a large commercial scale. The use of mealworms is still in its infancy, Ilijin said, as Serbia still needs to adopt regulations that would allow the use and sale of insect products for animal fodder. "Styrofoam takes over 500 years to decompose in nature ... this would be one of the good ways for solving the problem of plastic waste in nature," Ilijin said.

Read more of this story at Slashdot.

According to the Wall Street Journal, Meta has paused hiring in its artificial intelligence division after bringing on more than 50 researchers and engineers. "All that's happening here is some basic organizational planning: creating a solid structure for our new superintelligence efforts after bringing people on board and undertaking yearly budgeting and planning exercises," a spokesperson for Meta said in an emailed statement to Reuters. Over the last few months, Meta has been offering AI researchers salaries that dwarf those of the Manhattan Project and the Space Race. The company recently offered AI researcher Matt Deitke $250 million over four years (an average of $62.5 million per year), with potentially $100 million in the first year alone. Meta CEO Mark Zuckerberg reportedly also offered an unnamed AI engineer $1 billion in compensation to be paid out over several years.

Read more of this story at Slashdot.

Took out all traffic to port 443 at a time Beijing didn't have an obvious need to keep its netizens in the dark

China cut itself off from much of the global internet for just over an hour on Wednesday.…

A new review of nearly 700 studies on portable air cleaners found that over 90% of them were tested in empty spaces, not on people, leaving major gaps in evidence about whether these devices actually prevent infections or if they might even cause harm by releasing chemicals like ozone or formaldehyde. The Conversation reports: Many respiratory viruses, such as COVID-19 and influenza, can spread through indoor air. Technologies such as HEPA filters, ultraviolet light and special ventilation designs -- collectively known as engineering infection controls -- are intended to clean indoor air and prevent viruses and other disease-causing pathogens from spreading. Along with our colleagues across three academic institutions and two government science agencies, we identified and analyzed every research study evaluating the effectiveness of these technologies published from the 1920s through 2023 -- 672 of them in total. These studies assessed performance in three main ways: Some measured whether the interventions reduced infections in people; others used animals such as guinea pigs or mice; and the rest took air samples to determine whether the devices reduced the number of small particles or microbes in the air. Only about 8% of the studies tested effectiveness on people, while over 90% tested the devices in unoccupied spaces. We found substantial variation across different technologies. For example, 44 studies examined an air cleaning process called photocatalytic oxidation, which produces chemicals that kill microbes, but only one of those tested whether the technology prevented infections in people. Another 35 studies evaluated plasma-based technologies for killing microbes, and none involved human participants. We also found 43 studies on filters incorporating nanomaterials designed to both capture and kill microbes -- again, none included human testing.

Read more of this story at Slashdot.

Last week, following a recent U.S. Customs ruling, Apple reintroduced blood oxygen monitoring to certain Apple Watch models in the U.S., sidestepping an ITC import ban stemming from its legal dispute with medical device maker Masimo. Today, Masimo fired back with a new lawsuit against the U.S. Customs and Border Protection. 9to5Mac reports: The company says US Customs and Border Protection (CBP) overstepped its authority and violated due process when it reversed its earlier decision on August 1 and allowed Apple to restore the feature. Moreover, Masimo says it found out about the decision when Apple publicly announced the return of the feature: "It has now come to light that CBP thereafter reversed itself without any meaningful justification, without any material change in circumstances, and without any notice to Masimo, let alone an opportunity for Masimo to be heard. CBP changed its position on Apple's watch-plus-iPhone redesign through an ex parte proceeding. Specifically, on August 1, 2025, CBP issued an 3 ex parte ruling permitting Apple to import devices that, when used with iPhones already in the United States, perform the same functionality that the ITC found to infringe Masimo's patents. Masimo only discovered this ruling on Thursday, August 14, 2025, when Apple publicly announced it would be reintroducing the pulse oximetry functionality through a software update." The company is now asking the court for a temporary restraining order and preliminary injunction to block the CBP's decision, and reinstate the original ruling that "determined that Apple's redesigned watches could be imported only to the extent the infringing functionality was completely disabled." As reported by Bloomberg Law, Masimo says the following in its supporting brief: "Each passing day that this unlawful ruling remains in effect irreparably deprives Masimo of its right to be free from unfair trade practices and to preserve its competitive standing in the U.S. marketplace." Masimo further argues that CBP's move "effectively nullified" the ITC's exclusion order against Apple. Apple's appeal of that ban is still pending before the Federal Circuit.

Read more of this story at Slashdot.

A 22-year-old Oregon man has been charged with operating one of the most powerful botnets ever recorded. The network, known as Rapper Bot, launched over 370,000 DDoS attacks worldwide, including against X, DeepSeek, U.S. tech firms, and even Defense Department systems. It was allegedly operated by Ethan Foltz of Eugene, Oregon. The Wall Street Journal reports: Foltz faces a maximum of 10 years in prison on a charge of abetting computer intrusions, the Justice Department said in a news release. Rapper Bot was made up of tens of thousands of hacked devices and was capable of flooding victims' websites with enough junk internet traffic to knock them offline, an attack known as a distributed denial of service, or DDoS. In February, the networking company Nokia measured a Rapper Bot attack against a gaming platform at 6.5 trillion bits per second, well above the several hundred million bits a second of the average high-speed internet connection. "This would place Rapper Bot among the most powerful DDoS botnets to have ever existed," said a criminal complaint that the prosecutors filed Tuesday in a federal court in Alaska. Investigators said Rapper Bot's attacks were so powerful that they were able to overwhelm all but the most robust networks. Foltz allegedly rented out Rapper Bot to paying customers, including gambling website operators who would use the network in extortion attempts, according to the complaint. The botnet was used to launch more than 370,000 attacks in 80 countries, including China, Japan and the U.S., prosecutors said. It launched its attacks from hacked routers, digital video recorders and cameras, not from computers. [...] "At its height, it mobilized tens of thousands of devices, many with no prior role in DDoS," said Jerome Meyer, a researcher with Nokia's Deepfield network-analysis division. "Taking it down removes a major source of the largest attacks we see."

Read more of this story at Slashdot.

Redmond doesn't bother informing customers about some security fixes

Microsoft has chosen not to tell customers about a recently patched vulnerability in M365 Copilot.…

An anonymous reader quotes a report from The Verge's Victoria Song: The original Pixel Watch was late to the game. For years, there had been rumors of a Google smartwatch that never materialized. Then, when it finally arrived, it was a quintessential first-gen device, with thicc bezels, dismal battery life, and a host of quirks that needed ironing out. My DMs were full of people wondering when the watch would be unceremoniously dumped into Google's infamous product graveyard. A part of me wondered if Google was going to spend the next decade playing catch-up. Fast forward to 2025, and I'm holding the Pixel Watch 4 at Google's office in New York City. On the surface (and my wrist), it doesn't look like much has changed. But after fiddling with a few menus, watching some demos, and talking over the updates, it's evident that Google has a clear vision about where smartwatches are going. [...] Starting with hardware, the Pixel Watch 4 has a new domed "Actua 360" display -- as in, the display itself, not just the glass, is also domed. What this translates to is about 10 percent more visible screen space, 15 percent thinner bezels, and a 50 percent increase in maximum brightness to 3,000 nits. On a table, there's a lineup of the Pixel Watch 2, 3, and 4 with the flashlight app turned on. Side-by-side, the improvements are striking. Material 3 Expressive in Wear OS 6also helps emphasize the Pixel Watch's roundness. (No squircles here, folks.) The widgets have more rounded edges, and each screen has been redesigned to be more glanceable, fitting more complications. It's not Liquid Glass, but there are subtle animations when flitting through menus that call your attention to the Pixel Watch's rain droplet-inspired design. Altogether, it's a design tweak that makes senseandis aesthetically pleasing. Google also says battery life has improved. The 41mm watch gets an estimated 30 hours on a single charge, while the 45mm gets 40 hours. That can stretch up to two days in battery saver mode for the smaller watch and three days for the larger one. I couldn't test that at a hands-on, but I did get to see the improved fast charging in action. As with theGalaxy Watch 8, Gemini has a big presence on the Pixel Watch 4. It replaces Google Assistant and is capable of more complex queries -- even if none have been able to blow my mind yet. But, in a bid to make interacting with Gemini as smooth as possible, the speaker and haptic engines have also been updated so you can hear and interact more easily. There's also a new raise-to-talk gesture that lets you speak to Gemini without having to use the wake word. The processor has been upgraded to the Snapdragon W5 Gen 2 to enable more on-device AI features, as well, like smart replies. On the Pixel Watch 4, you'll get more smart reply options to texts that refer to the content of your conversations. They're not confined to the default Messages app, either. But the major AI update this time around is a Gemini-powered health coach that's slated to arrive alongside a revamped Fitbit app in October. ... The gist is the health coach will act more like a personal trainer than a Captain Obvious summary generator. If you sleep poorly, it'll adjust workout suggestions. (This is also why Google is also introducing an improved sleep algorithm.) You can tell it that you've been injured, and that too will be taken into consideration when generating weekly fitness plans. [...] Another big first is the Satellite SOS mode. If you're without your phone and in a remote area with no signal, you can still call emergency services. (So long as you have the LTE version of the watch.) The big thing here is that there's no extra subscription cost. The watch will also feature more accurate dual-frequency GPS -- a nice update given that I've had issues with the Pixel Watch's GPS maps in the past. The Pixel Watch 4 is priced at $349.99 and is available for pre-order now.

Read more of this story at Slashdot.

Digitally enabled omniscience is neat, if you can bear the cost of being constantly monitored by an AI agent

The headline-making Harvard duo who turned a pair of Meta smart glasses into a privacy violation machine last year now have their own pair of smart specs to sell, which they tell The Register will make people "super intelligent" by listening in on their conversations 24/7 and offering unsolicited feedback. …

Two Harvard dropouts are launching Halo X, a $249 pair of AI-powered smart glasses that continuously listen, record, and transcribe conversations while displaying real-time information to the wearer. "Our goal is to make glasses that make you super intelligent the moment you put them on," said AnhPhu Nguyen, co-founder of Halo. Co-founder Caine Ardayfio said the glasses "give you infinite memory." "The AI listens to every conversation you have and uses that knowledge to tell you what to say ... kinda like IRL Cluely," Ardayfio told TechCrunch. "If somebody says a complex word or asks you a question, like, 'What's 37 to the third power?' or something like that, then it'll pop up on the glasses." From the report: Ardayfio and Nguyen have raised $1 million to develop the glasses, led by Pillar VC, with support from Soma Capital, Village Global, and Morningside Venture. The glasses will be priced at $249 and will be available for preorder starting Wednesday. Ardayfio called the glasses "the first real step towards vibe thinking." The two Ivy League dropouts, who have since moved into their own version of the Hacker Hostel in the San Francisco Bay Area, recently caused a stir after developing a facial-recognition app for Meta's smart Ray-Ban glasses to prove that the tech could be used to dox people. As a potential early competitor to Meta's smart glasses, Ardayfio said Meta, given its history of security and privacy scandals, had to rein in its product in ways that Halo can ultimately capitalize on. [...] For now, Halo X glasses only have a display and a microphone, but no camera, although the two are exploring the possibility of adding it to a future model. Users still need to have their smartphones handy to help power the glasses and get "real time info prompts and answers to questions," per Nguyen. The glasses, which are manufactured by another company that the startup didn't name, are tethered to an accompanying app on the owner's phone, where the glasses essentially outsource the computing since they don't have enough power to do it on the device itself. Under the hood, the smart glasses use Google's Gemini and Perplexity as its chatbot engine, according to the two co-founders. Gemini is better for math and reasoning, whereas they use Perplexity to scrape the internet, they said.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: After the Trump administration confirmed a rumor that the US is planning to buy a 10 percent stake in Intel, US Senator Bernie Sanders (I-Vt.) came forward Wednesday to voice support for the highly unusual plan, finding rare common ground with Donald Trump. According to Commerce Secretary Howard Lutnick, the plan would see the US disbursing approved CHIPS Act grants only after acquiring non-voting shares of Intel and likely other chipmakers. That would allow the US to profit off its investment in chipmakers, Lutnick suggested, and Sanders told Reuters that he agreed American taxpayers could benefit from the potential deals. "If microchip companies make a profit from the generous grants they receive from the federal government, the taxpayers of America have a right to a reasonable return on that investment," Sanders said. While Lutnick gave Trump credit for coming up with what White House Press Secretary Karoline Leavitt described as a "creative idea that has never been done before" to protect US national and economic security, it appears that Lutnick is driving the initiative. "Lutnick has been pushing the equity idea," insiders granted anonymity previously told Reuters, "adding that Trump likes the idea." So far, Intel has engaged in talks, while the Taiwan Semiconductor Manufacturing Company (TSMC) and other major CHIPS grant recipients like Samsung and Micron have yet to comment on the potential arrangement the Trump administration seems likely to pursue. They may possibly risk clawbacks of grants if such deals aren't made. On Wednesday, Taiwan Economy Minister Kuo Jyh-huei said his ministry would be consulting with TSMC soon, while noting that as yet, it's hard to "thoroughly understand the underlying meaning" of Lutnick's public comments. So far, Lutnick has only specified that "any potential arrangement wouldn't provide the government with voting or governance rights in Intel," dispelling fears that the US would use its ownership stake to try to control the world's most important chipmakers. Further reading: Intel is Getting a $2 Billion Investment From SoftBank

Read more of this story at Slashdot.