An anonymous reader quotes a report from Gizmodo: In an era where Silicon Valley's conservatism is both expressed openly and becoming more intense by the day, it's strange to think that tech was once seen as a hive of liberalism. The right-wing nature of today's tech industry means that its products tend to also be seen as serving right-wing interests, either in their actual operation (like X's openly and unrepentantly right-wing chatbot Grok) or by the simple fact that their existence serves to enrich a small group of very powerful, very conservative people.

But does it have to be this way? Can LLMs and AI agents find a place in the toolkit of progressive activist groups? The conviction that they can is the idea behind a new app called Outcry, which provides a chatbot designed specifically as a "private, on-device AI mentor for activists, organizers and movement builders." (There's also a web version, although it obviously lacks the privacy benefits of being entirely offline.) It's the brainchild of Occupy Wall Street co-creator Micah White, who recently wrote a blog post about the thinking behind the project.

[...] Outcry's other distinguishing feature is that its dataset is entirely offline -- it's included with the download. According to the readme, the entire dataset is downloaded to your device at first launch, and stored in your library's Application Support directory. So, how effectively does Outcry serve as a guide for collective action? "I'd say that its information is pretty high-level and general, not least because its offline nature prevents it from accessing specific details not contained in its database," writes Gizmodo's Tom Hawking.

He continued: "This app has the potential to be a really valuable resource, especially for people who are just beginning to become involved with activism and genuinely don't know where to begin -- and getting over that first step can be hard."

Illinois lawmakers on Wednesday passed a landmark AI safety bill (SB 315) that would require major AI companies to publish safety plans, submit annual third-party testing reports, report serious incidents quickly, and protect whistleblowers who flag emerging risks. OpenAI and Anthropic supported the bill, which could make Illinois a testing ground for state-level AI governance as federal regulation remains stalled. Ars Technica reports: To force companies to be more transparent about rapid developments, Illinois would likely rely on "the Big Four accounting and auditing firms -- Deloitte, EY, KPMG, and PwC -- to audit their safety practices," [said Scott Wisor, a policy director at a nonprofit called Secure AI Project, which supported the bill]. The required independent audits will likely frustrate Trump, who has tried and failed to stop states from implementing AI safety laws as Congress stalls on passing any legislation.

For Trump, the priority has been to promote AI industry interests, but he began considering expanding federal government safety testing after Anthropic's Mythos was released and the AI firm limited access due to safety concerns. Whether or not governments at any level are prepared to protect society from the most catastrophic AI risks remains a major concern for critics who wonder how and when governments will intervene. After inside sources started leaking the details of Trump's AI safety testing plans, critics warned that even the federal government may lack the necessary expertise to audit frontier AI models. And it seems the same criticism extends to independent auditors that Illinois may rely on but industry insiders suggest some AI firms may not entirely trust.

Adam Kovacevich is CEO of Chamber of Progress, a trade group that opposed SB 315 and counts Google and Apple among its members. He told Wired that Illinois' requirements "would force companies to expose sensitive systems to untested auditors in a regulatory regime that's all liability and no standards." Governor J.B. Pritzker confirmed his intent to sign, proclaiming that "Illinois is leading the nation in holding Big Tech accountable."

"I look forward to signing SB 315 and working with the legislature so that AI, when used, is used responsibly," Pritzker said.

Steve Wimmer, a senior policy and technical advisor for the Transparency Coalition, said his group considers the law to be "one of the most important pieces of legislation in 2026."

An anonymous reader quotes a report from Cybernews: The technology giant Microsoft has been accused of leaking the data of civil servants working for the Netherlands' regulatory agencies to the US House of Representatives. The civil servants affected by the leak work at the Authority for Consumers and Markets (ACM) and the Dutch Data Protection Authority (AP), according to the NL Times. They are involved in implementing the Digital Services Act (DSA), the European Union regulation on online services, aimed at combating illegal content and protecting user rights.

NL Times reports that Microsoft shared emails, minutes, and invitations sent by the civil servants without redacting their names in the documents. Willemijn Aerdts, Dutch State Secretary for Digital Economy and Sovereignty, said she discussed the allegations with US Ambassador to the Netherlands Joe Popolo. [...] The allegations against Microsoft further strengthen concerns over Europe's dependence on American technologies, which poses major risks to data privacy. Further reading: Netherlands Blocks US Takeover of Vital Digital Supplier

An anonymous reader quotes a report from CNBC: Federal prosecutors charged a Google employee with fraud on Wednesday, alleging that he made $1.2 million off of bets using insider information on Polymarket. Prosecutors claim that Michele Spagnuolo, a staff information security engineer at Google, used confidential information to place trades correctly betting that singer d4vd would be Google's most searched person in 2025. Spagnuolo has been charged with money laundering, commodities fraud and wire fraud. The complaint, filed in the Southern District of New York, was unsealed on Wednesday.

Spagnuolo was arrested Wednesday morning in New York, ABC reported. "Spagnuolo had access to Google's internal data systems, including a particular Google internal software tool that provided him access to confidential, nonpublic Year in Search data," the prosecutors said in their complaint. Some observers of the Polymarket platform flagged the user "AlphaRaccoon" back in December for suspicious trades on the most searched person contracts. The complaint Wednesday said that Spagnuolo was the person behind that account. "Google officially and publicly announced its Year in Search 2025 results on or about December 4, 2025. Soon after it did so, Spagnuolo's AlphaRaccoon account, profited approximately $1.2 million on his Google Year in Search 2025-related bets," the complaint said.

[...] Spagnuolo is also facing a civil case from the Commodity Futures Trading Commission, where he's charged with insider trading. The complaint detailed that Spagnuolo correctly predicted the outcomes of a slew of other search markets, including contracts like "Will Zohran Mamdani rank in the Top 5 most searched" and "Will Squid Game be the #1 searched TV show." "Spagnuolo misappropriated the material Confidential Information by knowingly or recklessly using it to trade the 2025 Year in Search List Contracts in breach of his duties of trust and confidentiality," the CFTC complaint alleged.

An anonymous reader quotes a report from Ars Technica: Now sites have a new way to spy on their visitors: measuring subtle interactions with their solid-state drives. The technique, named FROST (fingerprinting remotely using OPFS-based SSD timing), allows sites to monitor other sites a visitor is viewing and what apps are open on their devices. The technique, laid out in a research paper (PDF), exploits a side channel, a form of leak resulting from physical manifestations such as electromagnetic emanations, data caches, or the time required to complete a task. By measuring the manifestations, attackers can decrypt encrypted traffic and infer other confidential data.

The attack that FROST uses is known as a contention side channel, which measures the interaction of various processes all using (or competing for) a given resource. By measuring the timing of certain I/O (input-output) operations of the SSD a visitor is using, the researchers were able to determine the websites open in other tabs -- even on other browsers -- and the apps that were open on the visitor's device. FROST requires no interaction from the visitor other than opening the site hosting the attack. [...] Unlike previous contention side-channel attacks on SSDs, FROST runs exclusively in the browser. It uses JavaScript that interacts with the OPFS (origin private file system), an allocated storage space that's reserved for a specific site to run code needed to complete a given task. Websites can create one with no interaction required by the visitor.

While each file system is sandboxed, meaning it's isolated from other websites and from the device system itself, the JavaScript can measure the I/O interactions. Then, by running those interactions through a pretrained convolutional neural network -- a system that uses deep learning to analyze text, audio, and images -- the attacker can deduce various apps and websites open on the device. "The attacker continuously measures SSD contention by performing random reads from a large OPFS file," the researchers explained. "SSD contention caused by user activity causes measurable latency differences for these read operations. By training a convolutional neural network (CNN) on these traces, the attacker can fingerprint user activity on the host system by classifying new traces using the trained model."

Linux stable kernel maintainer Greg Kroah-Hartman says Rust can help Linux deal with a flood of AI-discovered security bugs (namely Dirty Frag, Copy Fail, and Fragnesia) by preventing common C mistakes around memory, locking, error handling, and untrusted data at build time rather than during human review. It's "not a silver bullet" and does not mean rewriting the whole kernel, but he said new drivers and subsystems will increasingly use Rust as Linux evolves forward. ZDNet reports: Kroah-Hartman illustrated those pitfalls with real C bugs in the kernel, including a 15-year-old Bluetooth bug that dereferenced a pointer without checking it and a Xen bug where "we forgot to unlock" in an error path. "The majority of the bugs in the kernel are this tiny, minor stuff," he explained. "Error conditions aren't checked, locks aren't forgotten, unreleased memories leak, and vulnerabilities add up over time. They crash the kernel. This is what we live with in C. This is why we don't like it." Kroah-Hartman argued that the "best beauty of Rust" is catching those mistakes at build time rather than in review. For example, when it comes to locking, he highlighted Rust's locking abstractions in the kernel: "The only way you can get access to inner pointers of structures is by grabbing that lock, and releasing the lock automatically. The compiler does it, it's guarded, the lock happens, everything's happy. You just can't write code to access these values...without grabbing the lock. The compiler will not let you."

Those properties, he argued, directly remove a huge fraction of the bugs he sees: "This is going to save us those two things. First, 60% of the bugs in the kernel right there, they're gone. Thank you." The payoff is earlier, more automated enforcement: "If this happens at build time, not review time, don't make me a maintainer who has to read your code [and] say, 'Oh, then you properly check that error value. Oh, did you properly grab the locks in the right spot?' Rust gives us that for free. This is the best thing ever." Even if Rust vanished tomorrow, Kroah-Hartman argued, it has already forced the kernel to clean up C code and interfaces. He credited Rust's influence outright: "We stole this from Rust. Thank you. It's a good idea, so if Rust disappeared tomorrow, we have cleaned up the C code in the kernel so much and taken in the ideas. We thank you, you've made Linux better with it just by existing."

[...] What ultimately sold a number of core maintainers, including him, on Rust was how it "makes reviewing code easier." With CI [Continuous Integration] bots enforcing builds and Rust's type system enforcing key invariants, maintainers can "focus on the logic" rather than resource bookkeeping: "I can care about that one function. I don't have to worry about the rest of this stuff, because I assume that it works properly, because it was built properly." Internally, he said, the top maintainers have already made their call on Rust's status: "The Linux kernel maintainers, we get together every year and talk about what the processes are doing. Last year, we said the Rust experiment is over. It's not an experiment. This is for real." The rationale: "The people behind it are real. We trust them. We know what they're doing. They've shown and put in the work to make Rust a viable language in the kernel, and we're going to make this stick. Let's go full speed ahead. And, as always," he said wryly, "world domination proceeds." "If you never remember anything else in my talk, just remember these four words. It came from Microsoft Security many, many years ago," Kroah-Hartman told attendees. "They realized all input is evil. You have to validate all input."

joshuark writes: BusPatrol, a company that has installed AI-powered cameras in tens of thousands of school buses around the U.S., now plans to turn those cameras into automatic license plate readers (ALPRs), capturing the location of every vehicle the buses drive past, and give that data to law enforcement, 404 Media has learned. BusPatrol has already taken steps to share the collected data with law enforcement contracting giant Axon, according to leaked BusPatrol documents and a source with knowledge of the plans. BusPatrol has acknowledged how controversial its plan to collect and share this data is, pointing specifically to concerns about ICE using license plate data, but emphasizes the likely success of selling the angle of protecting children.

"Who would have thought that school buses would be turned into the mass surveillance state?," Michael Soyfer, an attorney from the Institute for Justice, which has various ongoing ALPR-related lawsuits The Institute for Justice argues that warrantless use of ALPR systems is unconstitutional, describing similar systems as a "dragnet." Kate Spree, senior manager of brand communications at BusPatrol, said in an email "This inquiry is based on a false premise and inaccurate information. BusPatrol does not pool or sell data across communities; student safety program data is used only to support the BusPatrol program in the community where that data was created." When 404 Media asked clarifying questions and said that the reporting is based on leaked BusPatrol material, Spree stopped replying to text messages and emails. This plan gives new meaning to the animated cartoon series "The Magic School Bus"... Further reading: FBI Wants to Buy Nationwide Access to License Plate Readers

"Following months of public debate and protests against American IT giant Kyndryl's proposed acquisition of Solvinity, a Dutch cloud provider that hosts the Netherlands' online identity platform, the Dutch government has decided to block the acquisition," writes longtime Slashdot reader rastakid. "The deal triggered fears that it would mean that 'DigiD' data would fall under foreign control, and could be demanded by U.S. authorities." Politico reports: In a letter to the national parliament published on Tuesday, State Secretary for Digital Economy Willemijn Aerdts said the national authority charged with screening investments had advised the government to block the acquisition. The purchase was seen as posing "a possible risk to the public interest."

The government on Monday decided to adopt the advice and block the acquisition, Aerdts said. "The Netherlands attaches great value to the presence of foreign, especially U.S.-based tech companies, and their added value to the Dutch economy and digital infrastructure, but it maintains, at the same time, an independent investment screening framework aimed at protecting the public interest and which applies equally to all investors, independent of their country of origin," the letter read. Kyndryl said in a statement it was "extremely disappointed" about the decision. "The politicization of this process has overshadowed the clear and important benefits this transaction would have brought to Solvinity's customers and Dutch citizens."

Further reading: Challenges Face European Governments Pursuing 'Digital Sovereignty'

California lawmakers are moving to exempt most open-source operating systems from the state's upcoming age-verification law after backlash from Linux and privacy advocates who warned that the original rules could force decentralized projects to collect users' ages. The amendment would likely shield major Linux distributions, though SteamOS and other Linux-based platforms tied to proprietary app stores may still face compliance questions. Tom's Hardware reports: Assembly Bill 1856 (AB 1856), currently moving through California's legislature ahead of committee reviews in June, would amend the state's earlier age-assurance law by excluding software distributed under licenses that allow users to "copy, redistribute, and modify the software." The proposed amendment specifically states: "Operating system provider" does not mean a person or entity that distributes an operating system or application under license terms that permit a recipient to copy, redistribute, and modify the software.

The amendment follows months of backlash after California passed the original Assembly Bill 1043 (AB 1043), formally known as the Digital Age Assurance Act, in late 2025. The law sought to shift online age verification away from individual websites and apps and down to the operating-system level instead. Under the original law, operating systems would be required to request a user's age or birth date during device setup, then expose an "age bracket signal" to apps and app stores. The law, which defined brackets such as "under 13," "13-15," "16-17," and "18+," immediately raised questions about how such requirements would apply to decentralized, open-source software ecosystems. [...]

AB 1856 does not repeal the original Digital Age Assurance Act. Instead, it narrows the definition of who qualifies as an "operating system provider" under the law. Commercial platforms with proprietary app ecosystems could remain subject to California's age-assurance requirements even if most open-source Linux distributions are ultimately exempted. California Assembly Member Buffy Wicks introduced the amendment on February 11, 2026. However, the open-source exemption language appeared in later revisions that began drawing attention across Linux and privacy communities. The latest version is dated May 18, 2026, and as of May 19, 2026, the bill was read a second time and ordered to third reading.

Thursday California's governor issued an executive order "directing state agencies to prepare workers and businesses for AI-driven workforce disruption," reports San Francisco's KQED. In a statement the governor said "This moment demands that we reimagine the entire system — how we work, how we govern, how we prepare people for the future." The order mandates agencies to explore a range of policy options, including severance standards, expanded unemployment insurance, job retraining programs aimed specifically at white-collar workers, worker ownership models and a concept the governor called "universal basic capital," giving all residents a stake in assets such as corporate stocks, bonds or wealth funds...

Tom Kemp, executive director of the California Privacy Protection Agency, applauded the fact that the order named data privacy as a consumer protection concern and highlighted the CPPA's automated decision-making technology regulations, which he called "the nation's most comprehensive." Others are more skeptical. "Catastrophic job loss from AI is not inevitable, it's a political choice," Lorena Gonzalez, president of the California Federation of Labor Unions, AFL-CIO, wrote in a statement. However, Gonzalez noted one area of genuine agreement: the order's emphasis on collective bargaining as a tool for protecting workers from AI displacement...

According to Stanford HAI's 2026 AI Index, software developers ages 22 to 25 are among those most likely to see their skills made redundant earliest. This year, U.S. employment fell nearly 20% from 2024, even as headcount for older developers continued to grow. Following the job cuts announced at Meta, a union of Alphabet workers in the U.S. and Canada released a statement that suggests Silicon Valley's own labor force may seek to organize... "It's undeniable that our whole industry is being transformed by the corporate push to adopt new AI tools," [Alphabet Workers Union-CWA Local 9009 said in a statement]. "It's hard not to feel anxiety and fear when we can see more and more tech companies cutting huge portions of their workforce both in anticipation of replacing them with AI, and to fund their multi-billion-dollar bets on AI as the future of the industry..."

In February, AFL-CIO President Liz Shuler and Gonzalez delivered what amounted to an ultimatum to Newsom: regulate AI or lose labor's support for any future presidential run. Shuler called a potential AI-driven economic collapse a coming "crisis." In August 2025, Newsom announced a partnership with Google, Microsoft, IBM and Adobe to expand AI education in California schools and community colleges, a workforce preparation push that now looks like a precursor to Thursday's more sweeping order.
The article notes that after signing the bill the governor shared this comment on X.com. "California will pursue new policies that make sure working Californians — not just Big Tech — benefit from the wealth and breakthroughs coming out of this space."

Newsom telegraphed Thursday's order earlier this week, when he appeared at the Center for American Progress IDEAS Conference in Washington. "Businesses are going to make a fortune, and that's why you cannot continue to have a payroll tax system that taxes jobs and then subsidizes automation."

A proposal to make daylight saving time permanent has advanced in the U.S. House of Representative, reports California news station KCRA: A proposal to make daylight saving time permanent has advanced in the House, reigniting an age-old American debate around the twice-annual clock changes. And this time, the proposal has the president's backing. President Donald Trump said Thursday that he will work "very hard" to sign the so-called Sunshine Protection Act into law after the House Energy and Commerce Committee overwhelmingly approved the bill by a 48-1 vote.

The bill still needs to pass the full U.S. House, and then the U.S. Senate would consider taking up the measure.
The bill would allow U.S states to decide whether to "exempt themselves" from Daylight Saving Time, according to the article.

The bill's sponsor described the annual clock-switching as "inconvenient, unnecessary, and out of step with the needs of today's families and economy," while finally creating a permanent Daylight Saving would bring "more usable daylight hours throughout the year."

The Washington Post looks at arguments that "AI's coming upheaval may demand massive infusions of cash to everyday Americans". But they also look at some of the alternatives: Anthropic CEO Dario Amodei has called for similar public-relief measures, including, potentially, universal basic income, or UBI. Eventually "our current economic setup will no longer make sense," he wrote in a blog post, adding that "there will be a need for a broader societal conversation about how the economy should be organized."

Though OpenAI CEO Sam Altman once championed universal basic income, he has since embraced a new structure where the public has "collective ownership" of aspects of AI, according to Business Insider. "I think any version of the future that I can get really excited about means that everybody's got to participate in the upside," he said in a recent podcast interview. In April, OpenAI laid out a set of policy proposals aiming to address the coming upheaval, referencing the transition to the industrial age and the New Deal as points of comparison for what's on the horizon...

But some experts question whether tech billionaires, who spent decades resisting regulation, unions and higher taxes, would support the kind of massive redistribution such programs would require. "The only way to pay for UBI is to massively tax those enormously rich people who own the UBI machines," said Jesse Rothstein, a professor of public policy and economics at the University of California at Berkeley who served as chief economist at the U.S. Department of Labor. "It's a nice surprise to hear Elon Musk advocating for that...." Rothstein co-authored a study in 2019 that estimated granting a small income to the entire country would cost a massive amount — nearly double the total spending of Social Security, Medicare and Medicaid. To issue payments of $12,000 a year to U.S. adults, for example, "would require nearly doubling federal tax revenues," according to the paper...

Economists appear to broadly support other solutions beyond redistribution, such as job retraining. A working paper published this spring by the Federal Reserve Bank of Chicago showed economists support more narrowly tailored solutions to the economic disruption. In late April, Meta appeared to embrace that path, announcing "a multi-year initiative that provides free, rapid training to turn thousands of Americans with no prior experience into high-paid fiber technicians" for projects including data centers.
Key quotes from the article:

• Elon Musk said in an X post that "Universal HIGH INCOME via checks issued by the Federal government is the best way to deal with unemployment caused by AI."

• "I think it's a marketing tactic" responded Scott Santens, a universal basic income advocate and is CEO of the nonprofit Income to Support All Foundation. He argued to the Washington Post that Musk's comment is "trying to thread this needle of, 'I want to solve this stuff that will potentially put a lot of people out of work.' And how do you avoid people getting really [angry] at that? Okay, well, you're still going to get money, everything will be great it's just you won't have to work anymore...."

• The article also cites a recent commentary from Jay W. Richards, a senior research fellow and VP of social and domestic policy at the Heritage Foundation. "The new AI prophets of doom suffer from a failure of imagination. They simply cannot envision what work the future will bring, so they conclude it will bring none,"

The NTSB temporarily closed public access to nearly all investigation dockets after people used a spectrogram image from a PDF in the UPS flight 2976 crash file to reconstruct approximate cockpit voice recorder audio and post it online. "We show our work and we've been doing this type of thing for years. Nobody was aware that you can recreate audio from a picture," a spokesperson for the board said. "NTSB is looking to make sure there's nothing else in the docket that could compromise anybody's privacy... now that we understand the possibility of a digital recreation." CNN reports: Cockpit voice recordings, often referred to as the CVR, capture everything commercial pilots say and are valuable during NTSB investigations, but are almost never released out of respect for the victims and their families. UPS flight 2976 crashed on November 4, when an engine separated from the wing while it was taking off from Louisville, Kentucky. The three crew members onboard were killed along with 12 people on the ground. During a two-day investigative hearing this week, the board released a docket full of details about the crash. Besides thousands of pages of reports and video showing the engine separating, it included a transcript of the CVR and a PDF file showing an analysis of the spectrogram of the audio it recorded.

A spectrogram is a still image that is a visual representation of the audio, showing the ups and downs of the frequencies. Using that still image, members of the public were able to recreate the voices of the pilots in the moments before the plane crashed and post the results online. The clip, which included background noise and echoes, covered the last 30 seconds of the flight as the pilots struggled with the disabled aircraft as well as recordings of testing the NTSB did on another aircraft.

In a statement on Thursday, the board made clear it "does not release cockpit voice recordings" due to federal law and because of the highly sensitive nature of what they include, but it was "aware that advances in image recognition and computational methods have enabled individuals to reconstruct approximations of cockpit voice recorder audio from sound spectrum imagery." Investigation dockets are made public for transparency, but this week, the board took the rare step of closing public access to all dockets, including the one for the UPS crash. [...] The NTSB is urging platforms like X and Reddit to remove posts with the audio.

Trump Mobile confirmed that a third-party platform exposed customers' personal data to the open internet. The data included names, email addresses, mailing addresses, phone numbers, and order IDs. TechCrunch reports: Chris Walker, a spokesperson for the Trump-branded phone maker, told TechCrunch that the company is investigating the exposure and has not found evidence that content or financial information spilled online. The company said there was no breach of Trump Mobile's network, systems, or infrastructure. Walker said that the exposure was linked to a third-party platform provider that supports "certain Trump Mobile operations." He did not name the provider.

[...] On Wednesday, two YouTubers who ordered Trump Mobile's phone said a researcher alerted them that their personal information was exposed online. The YouTubers Coffeezilla and penguinz0 said they tried to alert Trump Mobile of the exposure after the researcher also tried but to no avail. Walker said Trump Mobile is evaluating whether it needs to notify customers of the exposure of their personal data. Further reading: Trump Phones Start Shipping - But Were There Really 600,000 Preorders?

Venmo is testing a major redesign that will make new users' payment posts viewable by their friends by default instead of being public. The Verge reports: It's a notable update for a platform that has struggled with privacy in the past. In 2021, BuzzFeed News tracked down President Joe Biden's Venmo account and the accounts of people in his inner circle because Venmo, at the time, had no way to keep your Venmo contacts private. It fixed that soon after.

As part of the redesign, if you're a new user and you do want your posts to be public (or private just to you), you'll be able to set that as part of the new onboarding flow. You can also change your preference in settings after the fact; an updated screen for sending money will also show if that post is private, visible just to friends, or is visible publicly before you make the transaction.