news aggregator

Google is enhancing Android's Factory Reset Protection (FRP) to make stolen phones virtually unusable by detecting setup wizard bypasses and requiring a second factory reset until ownership is verified. Android Authority reports: You can factory reset an Android phone in several ways. However, triggering a reset through the Android recovery menu or Google's Find My Device service activates Factory Reset Protection (FRP). During setup after such a reset, the wizard requires you to verify ownership by either signing into the previously associated Google account or entering the device's former lock screen PIN, password, or pattern. Failing this verification step blocks setup completion, rendering the device unusable. [...] Factory Reset Protection (FRP) is a valuable feature that discourages theft by rendering stolen Android phones useless to potential buyers if wiped improperly. However, FRP isn't foolproof; thieves have discovered numerous methods over the years to circumvent it. These bypasses typically involve skipping the setup wizard, allowing someone to use the phone without entering the previous owner's Google account details or screen lock. During The Android Show: I/O Edition, Google announced plans to "further harden Factory Reset protections, which will restrict all functionalities on devices that are reset without the owner's authorization." While the company didn't elaborate much, a screenshot it shared suggests that Android will likely detect if someone bypasses the setup wizard and then force another factory reset, preventing unauthorized use until the user proves ownership. [...] Google stated this FRP improvement is coming "later this year." Since the stable Android 16 release is coming soon, this timeline suggests the feature won't be part of the initial launch. It might arrive later in one of Android 16's Quarterly Platform Releases (QPRs), but that remains to be seen.

Read more of this story at Slashdot.

Nextcloud has accused Google of sabotaging its Android Files app by revoking the "All files access" permission, which the company says cripples functionality for its 824,000 users and forces reliance on limited alternatives like SAF and MediaStore. The Register reports: Nextcloud's Android Files app is a file synchronization tool that, according to the company, has long had permission to read and write all file types. "Nextcloud has had this feature since its inception in 2016," it said, "and we never heard about any security concerns from Google about it." That changed in 2024, when someone or something at Google's Play Store decided to revoke the permission, effectively crippling the application. Nextcloud was instructed to use "a more privacy-aware replacement." According to Nextcloud, "SAF cannot be used, as it is for sharing/exposing our files to other apps ... MediaStore API cannot be used as it does not allow access to other files, but only media files." Attempts to raise the issue with Google resulted in little more than copy-and-pasted sections of the developer guide. "Despite multiple appeals from our side and sharing additional background, Google is not considering reinstating upload for all files," Nextcloud said. The issue seems to stem from the Play Store. While a fully functional version is available on F-Droid, the Play Store edition is subject to Google's imposed limitations. Regarding the All files access permission, Google's developer documentation states: "If you target Android 11 and declare All files access, it can affect your ability to publish and update your app on Google Play." Nextcloud is clearly aggrieved by the change, as are its users. "This might look like a small technical detail but it is clearly part of a pattern of actions to fight the competition," it said. "What we are experiencing is a piece of the script from the big tech playbook." [...] Are there nefarious actors at play here, an automated process that auto-rejects apps with elevated access requirements, or is it just simple incompetence? "Either way," Nextcloud said, "it results in companies like ours just giving up, reducing functionality just to avoid getting kicked out of their app store." "The issue is that small companies -- like ours -- have pretty much no recourse," it added. Nextcloud went on to criticize oversight processes as slow-moving, with fines that sound hefty but amount to little more than a slap on the wrist. "Big Tech is scared that small players like Nextcloud will disrupt them, like they once disrupted other companies. So they try to shut the door."

Read more of this story at Slashdot.

ETH Zurich boffins exploit branch prediction race condition to steal info from memory, fixes have mild perf hit

Researchers at ETH Zurich in Switzerland have found a way around Intel's defenses against Spectre, a family of data-leaking flaws in the x86 giant's processor designs that simply won't die.…

An anonymous reader quotes a report from 404 Media: Late last night, House Republicans introduced new language to the Budget Reconciliation bill that will immiserate the lives of millions of Americans by cutting their access to Medicaid, and making life much more difficult for millions more by making them pay higher fees when they seek medical care. While a lot of attention will be justifiably given to these cuts, the bill has also crammed in new language that attempts to entirely stop states from enacting any regulation against artificial intelligence. "...no State or political subdivision thereof may enforce any law or regulation regulating artificial intelligence models, artificial intelligence systems, or automated decision systems during the 10 year period beginning on the date of the enactment of this Act," says the text of the bill introduced Sunday night by Congressman Brett Guthrie of Kentucky, Chairman of the House Committee on Energy and Commerce. The text of the bill will be considered by the House at the budget reconciliation markup on May 13. That language of the bill, how it goes on to define AI and other "automated systems," and what it considers "regulation," is broad enough to cover relatively new generative AI tools and technology that has existed for much longer. In theory, that language will make it impossible to enforce many existing and proposed state laws that aim to protect people from and inform them about AI systems. [...] In theory none of these states will be able to enforce these laws if Republicans manage to pass the Budget Reconciliation bill with this current language.

Read more of this story at Slashdot.

Air Force Dumb

The Trump administration is set to accept a $400 million luxury 747-8 from the royal family of Qatar – a lavish "palace in the sky" meant as a temporary Air Force One. But getting it up to presidential security standards could take years and cost hundreds of millions more.…

New submitter Synonymous Homonym writes: This year's USENIX ATC will be the last, but other USENIX conferences will keep happening.Since USENIX's inception in 1975, it has been a key gathering place for innovators in the advanced computing systems community. The early days of meetings evolved into the two annual conferences, the USENIX Summer and Winter Conferences, which in 1995 merged into the single Annual Technical Conference that has continued to evolve and serve thousands of our constituents for 30 years.USENIX recognizes the pivotal role that USENIX ATC has played in the shaping of the Association itself as well as the lives and careers of its many attendees and members. We also realize that change is inevitable, and all good things must come to an end: The last ATC will include both a celebration of USENIX's 50th anniversary on the evening of Monday, July 7, and a tribute to USENIX ATC on the evening of Tuesday, July 8.

Read more of this story at Slashdot.

Redmond talks up new technologies and capabilities for productivity, just don’t call it AI

Microsoft is axing 3 percent of its global workforce - its biggest purge since chopping 10,000 jobs in early 2023 - this time to flatten its management structure.…

An anonymous reader shares a report: During the Android Show leading up to Google I/O, Google on Tuesday offered a brief update on the adoption of the RCS (Rich Communication Services) protocol, an upgrade to SMS that offers high-resolution photos and videos, typing indicators, read receipts, improved group chat, and more. The company shared that the messaging standard now supports over a billion messages per day in the U.S. This metric is based on an average of the last 28 days, Google noted. The stat is notable because Google fought for years to get Apple to adopt support for RCS on iOS, allowing for better communication between Android and Apple devices. Previously, iPhone users who received texts from friends on Android had to deal with blurry videos and images, and couldn't as easily manage group chats when their green-bubbled friends joined. Unlike with iMessage, group chats with Android users couldn't be renamed, nor could people be added or removed, and you couldn't exit when you wanted. Emoji reactions also didn't work properly, leading to annoying texts to let you know how an Android user reacted, instead of just displaying their emoji reaction directly.

Read more of this story at Slashdot.

Pay-to-play security on CVSS 10 issue is now fixed

An update that fixed a critical flaw in data protection biz Commvault's Command Center was initially not available to a significant user subset – those testing out a free trial version of the product. That is, until a security researcher pointed out the problem.…

Microsoft has quietly extended support for Office applications running on Windows 10 well beyond the operating system's October 14, 2025 end-of-support deadline. Microsoft 365 subscribers will now receive updates through October 2028, while perpetual license versions will follow their standard lifecycle policies -- Office 2021 until October 2026 and Office 2024 until October 2029. Windows Defender malware definitions will also continue "through at least October 2028" despite Windows 10's imminent retirement. This reverses Microsoft's previous stance that all Office applications would become unsupported when Windows 10 reaches end-of-life.

Read more of this story at Slashdot.

But the government may be ignoring it anyway

The Trump administration's ongoing mass firing of government employees has been put on hold, with a federal judge calling the move "likely illegal" and ordering the government to hand over evidence to prove it didn't violate the law.…

The Department of Commerce officially rescinded the Biden administration's Artificial Intelligence Diffusion Rule on Tuesday, just days before its May 15 implementation date. The rule would have imposed first-ever export restrictions on U.S.-made AI chips to dozens of countries while tightening existing controls on China and Russia. Instead of implementing blanket restrictions, the DOC signaled a shift toward direct country-by-country negotiations. The department released interim guidance reminding companies that using Huawei's Ascend AI chips anywhere violates U.S. export rules and warned about consequences of allowing U.S. chips to train AI models in China. Commerce Secretary for Industry and Security Jeffery Kessler criticized the previous administration's approach, calling it "ill-conceived and counterproductive."

Read more of this story at Slashdot.

Intel has certified Shell's lubricant-based method for cooling servers more efficiently within data centers used for AI. From a report: The announcement on Tuesday, which follows the chipmaker's two-year trial of the technology, offers a way to use less energy at AI facilities, which are booming and are expected to double their electricity demand globally by 2030, consuming as much power then as all of Japan today, according to the International Energy Agency. So far, companies have largely used giant fans to reduce temperatures inside AI data centers, which generate more heat in order to run at a higher power. Increasingly, these fans consume electricity at a rate that rivals the computers themselves, something the facilities' operators would prefer to avoid, Intel Principal Engineer Samantha Yates said in an interview.

Read more of this story at Slashdot.

Stop us if you've heard this one before

A legal claim has been brought against Microsoft over alleged licensing practices that could result in a multibillion-pound payout for UK customers.…

Linux creator Linus Torvalds has abandoned his six-month experiment with a quieter low-profile keyboard in favor of his old mechanical one with Cherry MX Blue switches. In a post about Linux 6.15-rc6 on LKML.org, Torvalds explained that his typing accuracy suffered without the tactile feedback. "It seems I need the audible (or perhaps tactile) feedback to avoid the typing mistakes that I just kept doing," Torvalds wrote. The famously outspoken developer couldn't recall why he initially switched to the quieter keyboard, as he doesn't work in a shared office where the noise would disturb others. After the failed experiment with the unnamed quiet keyboard, Torvalds has now returned to what he describes as a "noisy clackety-clack" input device. He joked that since he can no longer blame his keyboard for typos, "going forward, I will now conveniently blame autocorrect."

Read more of this story at Slashdot.

Microsoft is laying off 3% of employees across all levels and geographies, the company said Tuesday. "We continue to implement organizational changes necessary to best position the company for success in a dynamic marketplace," a spokesperson told CNBC. Microsoft had 228,000 employees worldwide at the end of June, meaning that the move will affect thousands of employees.

Read more of this story at Slashdot.

Both agencies seem unbothered despite tech world's clear concerns for US infoseccers

CYBERUK The top brass from the UK's cyber agency say everything is business as usual when it comes to the GCHQ arm's relationship with CISA, amid growing unease about the current administration's treatment of its US equivalent.…

Gaming pioneer John Carmack believes we're not nearly as dependent on cutting-edge silicon as most assume -- we just lack the economic incentive to prove it. Responding to a "CPU apocalypse" thought experiment on X, the id Software founder and former Oculus CTO suggested that software inefficiency, not hardware limitations, is our greatest vulnerability. "More of the world than many might imagine could run on outdated hardware if software optimization was truly a priority," Carmack wrote, arguing that market pressures would drive dramatic efficiency improvements if new chips stopped arriving. His solution? "Rebuild all the interpreted microservice based products into monolithic native codebases!" -- essentially abandoning modern development patterns for the more efficient approaches of earlier computing eras. The veteran programmer noted that such changes would come with significant tradeoffs: "Innovative new products would get much rarer without super cheap and scalable compute."

Read more of this story at Slashdot.

The House of Zen’s low-end enterprise strategy is badge engineering at its best

AMD on Tuesday revealed its latest chips to get a Zen 5 refresh with the launch of its itty bitty Epyc 4005-series CPUs.…

Research flags rise in one-dimensional health research fueled by large language models

A report from a British university warns that scientific knowledge itself is under threat from a flood of low-quality AI-generated research papers.…