AI

HP To Acquire Parts of Humane, Shut Down the AI Pin 51

An anonymous reader quotes a report from Bloomberg: HP will acquire assets from Humane, the maker of a wearable Ai Pin introduced in late 2023, for $116 million. The deal will include the majority of Humane's employees in addition to its software platform and intellectual property, the company said Tuesday. It will not include Humane's Ai pin device business, which will be wound down, an HP spokesperson said. Humane's team, including founders Imran Chaudhri and Bethany Bongiorno, will form a new division at HP to help integrate artificial intelligence into the company's personal computers, printers and connected conference rooms, said Tuan Tran, who leads HP's AI initiatives. Chaudhri and Bongiorno were design and software engineers at Apple before founding the startup. [...]

Tran said he was particularly impressed with aspects of Humane's design, such as the ability to orchestrate AI models running both on-device and in the cloud. The deal is expected to close at the end of the month, HP said. "There will be a time and place for pure AI devices," Tran said. "But there is going to be AI in all our devices -- that's how we can help our business customers be more productive."
Software

'Uber For Armed Guards' Rushes To Market 72

An anonymous reader quotes a report from Gizmodo: Protector, an app that lets you book armed goons the same way you'd call for an Uber, is having a viral moment. The app started doing the rounds on social media after consultant Nikita Bier posted about it on X. Protector lets the user book armed guards on demand. Right now it's only available in NYC and LA. According to its marketing, every guard is either "active duty or retired law enforcement and military." Every booking comes with a motorcade and users get to select the number of Escalades that'll be joining them as well as the uniforms their hired goons will wear.

Protector is currently "#7 in Travel" on Apple's App Store. It's not available for people who use Android devices. [...] The marketing for Protector, which lives on its X account, is surreal. A series of robust and barrel-chested men in ill-fitting black suits deliver their credentials to the camera while sitting in front of a black background. They're all operators. They describe careers in SWAT teams and being deployed to war zones. They show vanity shots of themselves kitted out in operator gear. All of them have a red lapel pin bearing the symbol of Protector.
If the late UnitedHealthcare CEO had used Protector, he might still be alive today, suggests Protector in its marketing materials. A video on X shows "several fantasy versions of the assassination where a Protector is on hand to prevent the assassin from killing the CEO," reports Gizmodo.

The app is a product from parent company Protector Security Solutions, which was founded by Nick Sarath, a former product designer at Meta.
AI

27% of Job Listings For CFOs Now Mention AI (fortune.com) 20

A new report released by Cisco finds that 97% of CEOs surveyed are planning AI integration. Similarly, 92% of companies recently surveyed by McKinsey plan to invest more in generative AI over the next three years. Fortune: To that end, many companies are seeking tech-savvy finance talent, according to a new report by software company Datarails. The researchers analyzed 6,000 job listings within the CFO's office -- CFO, controller, financial planning and analysis (FP&A), and accountant -- advertised on job search websites including LinkedIn, Glassdoor, Indeed, Job2Careers, and ZipRecruiter.

Of the 1,000 job listings for CFOs in January 2025, 27% included AI in the job description. This compares to 8% mentions of AI in 1,000 CFO job listings at the same time last year. Take, for example, Peaks Healthcare Consulting which required a CFO candidate to "continuously learn and integrate AI to improve financial processes and decision making," Datarails notes in the report. Regarding FP&A professionals, in January 2025, 35% of analyst roles mentioned AI competency as a requirement, compared to 14% in January 2024, according to the report.

AI

DeepSeek Expands Business Scope in Potential Shift Towards Monetization (scmp.com) 6

Chinese AI startup DeepSeek has updated its business registry information with key changes to personnel and operational scope, signaling a shift towards monetizing its cost-efficient-yet-powerful large language models. From a report: The Hangzhou-based firm's updated business scope includes "internet information services," according to business registry service Tianyancha. The move is the first sign of DeepSeek's desire to monetise its popular technology, according to Zhang Yi, founder and chief analyst at consultancy iiMedia.

With eyes on developing a business model, DeepSeek intends to shift away from being purely focused on research and development, Zhang added. "The move reflects that for a company like DeepSeek, which managed to accumulate technology and develop a product, monetisation is becoming a necessary next step," Zhang said. DeepSeek's previous business scope said it engages in engineering and AI software development, among others, hinting at a more research-driven approach.

Red Hat Software

Free Software Foundation Speaks Up Against Red Hat Source Code Announcement 126

PAjamian writes: Two years ago Red Hat announced an end to its public source code availability. This caused a great deal of outcry from the Enterprise Linux community at large. Since then many have waited for a statement from the Free Software Foundation concerning their stance on the matter. Now, nearly two years later the FSF has finally responded to questions regarding their stance on the issue with the following statement:

Generally, we don't agree with what Red Hat is doing. Whether it constitutes a violation of the GPL would require legal analysis and the FSF does not give legal advice. However, as the stewards of the GNU GPL we can speak how it is intended to be applied and Red Hat's approach is certainly contrary to the spirit of the GPL. This is unfortunate, because we would expect such flagship organizations to drive the movement forward.

When asked if the FSF would be willing to intervene on behalf of the community they had this to say:

As of today, we are not aware of any issue with Red Hat's new policy that we could pursue on legal grounds. However, if you do find a violation, please follow these instructions and send a report to license-violation@gnu.org.

Following is the full text of my original email to them and their response:

Subject: Statement about recent changes in source code distribution for Red Hat Enterprise Linux
Date: 2023-07-16 00:39:51

> Hi,
>
> I'm a user of Red Hat Enterprise Linux, Rocky Linux and other Linux
> distributions in the RHEL ecosystem. I am also involved in the EL
> (Enterprise Linux) community which is being affected by the statements
> and changes in policy made by Red Hat at
> https://www.redhat.com/en/blog/furthering-evolution-centos-stream and
> https://www.redhat.com/en/blog/red-hats-commitment-open-source-
> response-gitcentosorg-changes
> (note there are many many more links and posts about this issue which
> I
> believe you are likely already aware of). While a few of these
> questions are answered more directly by the license FAQ some of them
> are
> not and there are a not insignificant number of people who would very
> much appreciate a public statement from the FSF that answers these
> questions directly.
>
> Can you please comment or release a statement about the Free Software
> Foundation's position on this issue? Specifically:
>

Thank you for writing in with your questions. My apologies for the delay, but we are a small team with limited resources and can be challenging keeping up with all the emails we receive.

Generally, we don't agree with what Red Hat is doing. Whether it constitutes a violation of the GPL would require legal analysis and the FSF does not give legal advice. However, as the stewards of the GNU GPL we can speak how it is intended to be applied and Red Hat's approach is certainly contrary to the spirit of the GPL. This is unfortunate, because we would expect such flagship organizations to drive the movement forward.

> Is Red Hat's removal of sources from git.centos.org a violation of the
> GPL and various other Free Software licenses for the various programs
> distributed under RHEL?
>
> Is Red Hat's distribution of source RPMs to their customers under
> their
> subscriber agreement sufficient to satisfy the above mentioned
> licenses?
>
> Is it a violation if Red Hat terminates a subscription early because
> their customer exercised their rights under the GPL and other Free
> Software licenses to redistribute the RHEL sources or create
> derivative
> works from them?
>
> Is it a violation if Red Hat refuses to renew a subscription that has
> expired because a customer exercised their rights to redistribute or
> create derivative works?
>
> A number of the programs distributed with RHEL are copyrighted by the
> FSF, some examples being bash, emacs, GNU core utilities, gcc, gnupg
> and
> glibc. Given that the FSF has standing to act in this matter would
> the
> FSF be willing to intervene on behalf of the community in order to get
> Red Hat to correct any of the above issues?
>

As of today, we are not aware of any issue with Red Hat's new policy that we could pursue on legal grounds. However, if you do find a violation, please [follow these instructions][0] and send a report to <license-violation@gnu.org>.

[0]: https://www.gnu.org/licenses/gpl-violation.html

If you are interested in something more specific on this, the Software Freedom Conservancy [published an article about the RHEL][1] situation and hosted a [panel at their conference in 2023][2]. These cover the situation fairly thoroughly.

[1]: https://sfconservancy.org/blog/2023/jun/23/rhel-gpl-analysis/
[2]: https://sfconservancy.org/blog/2023/jul/19/rhel-panel-fossy-2023/

Programming

'New Junior Developers Can't Actually Code' (nmn.gl) 220

Junior software developers' overreliance on AI coding assistants is creating knowledge gaps in fundamental programming concepts, developer Namanyay Goel argued in a post. While tools like GitHub Copilot and Claude enable faster code shipping, developers struggle to explain their code's underlying logic or handle edge cases, Goel wrote. Goel cites the decline of Stack Overflow, a technical forum where programmers historically found detailed explanations from experienced developers, as particularly concerning.
Graphics

Why A Maintainer of the Linux Graphics Driver Nouveau Stepped Down (phoronix.com) 239

For over a decade Karol Herbst has been a developer on the open-source Nouveau driver, a reverse-engineered NVIDIA graphics driver for Linux. "He went on to become employed by Red Hat," notes Phoronix. "While he's known more these days for his work on the Mesa 3D Graphics Library and the Rusticl OpenCL driver for it, he's still remained a maintainer of the Nouveau kernel driver."

But Saturday Herbst stepped down as a nouveau kernel maintainer, in a mailing list message that begins "I was pondering with myself for a while if I should just make it official that I'm not really involved in the kernel community anymore, neither as a reviewer, nor as a maintainer." (Another message begins "I often thought about at least contributing some patches again once I find the time, but...")

Their resignation message hints at some long-running unhappiness. "I got burned out enough by myself caring about the bits I maintained, but eventually I had to realize my limits. The obligation I felt was eating me from inside. It stopped being fun at some point and I reached a point where I simply couldn't continue the work I was so motivated doing as I've did in the early days." And they point to one specific discussion on the kernel mailing list February 8th as "The moment I made up my mind."

It happened in a thread about whether Rust would create difficulty for maintainers. (Someone had posted that "The all powerful sub-system maintainer model works well if the big technology companies can employ omniscient individuals in these roles, but those types are a bit hard to come by.") In response, someone else had posted "I'll let you in a secret. The maintainers are not 'all-powerful'. We are the 'thin blue line' that is trying to keep the code to be maintainable and high quality. Like most leaders of volunteer organization, whether it is the Internet Engineerint Task Force (the standards body for the Internet), we actually have very little power. We can not *command* people to work on retiring technical debt, or to improve testing infrastructure, or work on some particular feature that we'd very like for our users. All we can do is stop things from being accepted..."

Saturday Herbst wrote: The moment I made up my mind about this was reading the following words written by a maintainer within the kernel community:

"we are the thin blue line"

This isn't okay. This isn't creating an inclusive environment. This isn't okay with the current political situation especially in the US. A maintainer speaking those words can't be kept. No matter how important or critical or relevant they are. They need to be removed until they learn. Learn what those words mean for a lot of marginalized people. Learn about what horrors it evokes in their minds.

I can't in good faith remain to be part of a project and its community where those words are tolerated. Those words are not technical, they are a political statement. Even if unintentionally, such words carry power, they carry meanings one needs to be aware of. They do cause an immense amount of harm.

The phrase thin blue line "typically refers to the concept of the police as the line between law-and-order and chaos," according to Wikipedia, but more recently became associated with a"countermovement" to the Black Lives Matter movement and "a number of far-right movements in the U.S."

Phoronix writes: Lyude Paul and Danilo Krummrich both of Red Hat remain Nouveau kernel maintainers. Red Hat developers are also working on developing NOVA as the new Rust-based open-source NVIDIA kernel driver leveraging the GSP interface for Turing GPUs and newer.
AI

AI Bugs Could Delay Upgrades for Both Siri and Alexa (yahoo.com) 24

Bloomberg reports that Apple's long-promised overhaul for Siri "is facing engineering problems and software bugs, threatening to postpone or limit its release, according to people with knowledge of the matter...." Last June, Apple touted three major enhancements coming to Siri:

- the ability to tap into a customer's data to better answer queries and take actions.
- a new system that would let the assistant more precisely control apps.
- the capability to see what's currently on a device's screen and use that context to better serve users....

The goal is to ultimately offer a more versatile Siri that can seamlessly tap into customers' information and communication. For instance, users will be able to ask for a file or song that they discussed with a friend over text. Siri would then automatically retrieve that item. Apple also has demonstrated the ability for Siri to quickly locate someone's driver's license number by reviewing their photos... Inside Apple, many employees testing the new Siri have found that these features don't yet work consistently...

The control enhancements — an upgraded version of something called App Intents — are central to the operation of the company's upcoming smart home hub. That product, an AI device for controlling smart home appliances and FaceTime, is slated for release later this year.

And Amazon is also struggling with an AI upgrade for its digital assistant, reports the Washington Post: The "smarter and more conversational" version of Alexa will not be available until March 31 or later, the employee said, at least a year and a half after it was initially announced in response to competition from OpenAI's ChatGPT. Internal messages seen by The Post confirmed the launch was originally scheduled for this month but was subsequently moved to the end of March... According to internal documents seen by The Post, new features of the subscriber-only, AI-powered Alexa could include the ability to adopt a personality, recall conversations, order takeout or call a taxi. Some of the new Alexa features are similar to Alexa abilities that were previously available free through partnerships with companies like Grubhub and Uber...

The AI-enhanced version of Alexa in development has been repeatedly delayed due to problems with incorrect answers, the employee working on the launch told The Post. As a popular product that is a decade old, the Alexa brand is valuable, and the company is hesitant to risk customer trust by launching a product that is not reliable, the person said.

China

China's 'Salt Typhoon' Hackers Continue to Breach Telecoms Despite US Sanctions (techcrunch.com) 42

"Security researchers say the Chinese government-linked hacking group, Salt Typhoon, is continuing to compromise telecommunications providers," reports TechCrunch, "despite the recent sanctions imposed by the U.S. government on the group."

TechRadar reports that the Chinese state-sponsored threat actor is "hitting not just American organizations, but also those from the UK, South Africa, and elsewhere around the world." The latest intrusions were spotted by cybersecurity researchers from Recorded Future, which said the group is targeting internet-exposed web interfaces of Cisco's IOS software that powers different routers and switches. These devices have known vulnerabilities that the threat actors are actively exploiting to gain initial access, root privileges, and more. More than 12,000 Cisco devices were found connected to the wider internet, and exposed to risk, Recorded Future further explained. However, Salt Typhoon is focusing on a "smaller subset" of telecoms and university networks.
"The hackers attempted to exploit vulnerabilities in at least 1,000 Cisco devices," reports NextGov, "allowing them to access higher-level privileges of the hardware and change their configuration settings to allow for persistent access to the networks they're connected on... Over half of the Cisco appliances targeted by Salt Typhoon were located in the U.S., South America and India, with the rest spread across more than 100 countries." Between December and January, the unit, widely known as Salt Typhoon, "possibly targeted" — based on devices that were accessed — offices in the University of California, Los Angeles, California State University, Loyola Marymount University and Utah Tech University, according to a report from cyber threat intelligence firm Recorded Future... The Cisco devices were mainly associated with telecommunications firms, but 13 of them were linked to the universities in the U.S. and some in other nations... "Often involved in cutting-edge research, universities are prime targets for Chinese state-sponsored threat activity groups to acquire valuable research data and intellectual property," said the report, led by the company's Insikt Group, which oversees its threat research.

The cyberspies also compromised Cisco platforms at a U.S.-based affiliate of a prominent United Kingdom telecom operator and a South African provider, both unnamed, the findings added. The hackers also "carried out a reconnaissance of multiple IP addresses" owned by Mytel, a telecom operator based in Myanmar...

"In 2023, Cisco published a security advisory disclosing multiple vulnerabilities in the web UI feature in Cisco IOS XE software," a Cisco spokesperson said in a statement. "We continue to strongly urge customers to follow recommendations outlined in the advisory and upgrade to the available fixed software release."

Advertising

Jeep Claims 'Software Glitch' Disabled Opting-Out of In-Vehicle Pop-Up Ads in 'a Few' Cases (theautopian.com) 68

Remember Jeep's new in-dash pop-up ads which reportedly appeared every time you stopped?

"Since I'm a journalist, or at least close enough, I decided that I should at least get Stellantis/Jeep's side of things," writes car-culture site The Autopian: Would Stellantis do something so woefully misguided and annoying? I reached out to our Stellantis/Jeep contact to ask and was initially told that they were "investigating" on their end, which to me felt like a stalling tactic while the proper ass-covering plans were conceived. I eventually got this response from a Stellantis spokesperson:

"This was an in-vehicle message designed to inform Jeep customers about Mopar extended vehicle care options. A temporary software glitch affected the ability to instantly opt out in a few isolated cases, though instant opt-out is the standard for all our in-vehicle messages. Our team had already identified and corrected the error, and we are following up directly with the customer to ensure the matter is fully resolved..."

I suppose a glitch is possible, though I've not seen any examples of this ad popping up with the instant opt-out option available, but I guess it must exist, since not all Jeep owners seem to have had to deal with these ads. I suspect if this was happening to more people than these "few isolated cases" we'd still be cleaning up from the aftermath of the riots and uprisings.

Because, as they write, "Really, I can't think of a quicker way to incur the wrath of nearly every human..."
Supercomputing

The IRS Is Buying an AI Supercomputer From Nvidia (theintercept.com) 150

According to The Intercept, the IRS is set to purchase an Nvidia SuperPod AI supercomputer to enhance its machine learning capabilities for tasks like fraud detection and taxpayer behavior analysis. From the report: With Elon Musk's so-called Department of Government Efficiency installing itself at the IRS amid a broader push to replace federal bureaucracy with machine-learning software, the tax agency's computing center in Martinsburg, West Virginia, will soon be home to a state-of-the-art Nvidia SuperPod AI computing cluster. According to the previously unreported February 5 acquisition document, the setup will combine 31 separate Nvidia servers, each containing eight of the company's flagship Blackwell processors designed to train and operate artificial intelligence models that power tools like ChatGPT. The hardware has not yet been purchased and installed, nor is a price listed, but SuperPod systems reportedly start at $7 million. The setup described in the contract materials notes that it will include a substantial memory upgrade from Nvidia.

Though small compared to the massive AI-training data centers deployed by companies like OpenAI and Meta, the SuperPod is still a powerful and expensive setup using the most advanced technology offered by Nvidia, whose chips have facilitated the global machine-learning spree. While the hardware can be used in many ways, it's marketed as a turnkey means of creating and querying an AI model. Last year, the MITRE Corporation, a federally funded military R&D lab, acquired a $20 million SuperPod setup to train bespoke AI models for use by government agencies, touting the purchase as a "massive increase in computing power" for the United States.

How exactly the IRS will use its SuperPod is unclear. An agency spokesperson said the IRS had no information to share on the supercomputer purchase, including which presidential administration ordered it. A 2024 report by the Treasury Inspector General for Tax Administration identified 68 different AI-related projects underway at the IRS; the Nvidia cluster is not named among them, though many were redacted. But some clues can be gleaned from the purchase materials. "The IRS requires a robust and scalable infrastructure that can handle complex machine learning (ML) workloads," the document explains. "The Nvidia Super Pod is a critical component of this infrastructure, providing the necessary compute power, storage, and networking capabilities to support the development and deployment of large-scale ML models."

The document notes that the SuperPod will be run by the IRS Research, Applied Analytics, and Statistics division, or RAAS, which leads a variety of data-centric initiatives at the agency. While no specific uses are cited, it states that this division's Compliance Data Warehouse project, which is behind this SuperPod purchase, has previously used machine learning for automated fraud detection, identity theft prevention, and generally gaining a "deeper understanding of the mechanisms that drive taxpayer behavior."

Biotech

AI Used To Design a Multi-Step Enzyme That Can Digest Some Plastics 33

Leveraging AI tools like RFDiffusion and PLACER, researchers were able to design a novel enzyme capable of breaking down plastic by targeting ester bonds, a key component in polyester. Ars Technica reports: The researchers started out by using the standard tools they developed to handle protein design, including an AI tool named RFDiffusion, which uses a random seed to generate a variety of protein backgrounds. In this case, the researchers asked RFDiffusion to match the average positions of the amino acids in a family of ester-breaking enzymes. The results were fed to another neural network, which chose the amino acids such that they'd form a pocket that would hold an ester that breaks down into a fluorescent molecule so they could follow the enzyme's activity using its glow.

Of the 129 proteins designed by this software, only two of them resulted in any fluorescence. So the team decided they needed yet another AI. Called PLACER, the software was trained by taking all the known structures of proteins latched on to small molecules and randomizing some of their structure, forcing the AI to learn how to shift things back into a functional state (making it a generative AI). The hope was that PLACER would be trained to capture some of the structural details that allow enzymes to adopt more than one specific configuration over the course of the reaction they were catalyzing. And it worked. Repeating the same process with an added PLACER screening step boosted the number of enzymes with catalytic activity by over three-fold.

Unfortunately, all of these enzymes stalled after a single reaction. It turns out they were much better at cleaving the ester, but they left one part of it chemically bonded to the enzyme. In other words, the enzymes acted like part of the reaction, not a catalyst. So the researchers started using PLACER to screen for structures that could adopt a key intermediate state of the reaction. This produced a much higher rate of reactive enzymes (18 percent of them cleaved the ester bond), and two -- named "super" and "win" -- could actually cycle through multiple rounds of reactions. The team had finally made an enzyme.

By adding additional rounds alternating between structure suggestions using RFDiffusion and screening using PLACER, the team saw the frequency of functional enzymes increase and eventually designed one that had an activity similar to some produced by actual living things. They also showed they could use the same process to design an esterase capable of digesting the bonds in PET, a common plastic.
The research has been published in the journal Science.
Open Source

LibreOffice Marks 40th Year With Browser-Based Overhaul (theregister.com) 48

LibreOffice, the open-source office suite that began as StarOffice in 1985, has marked its 40th anniversary with new features that it says could transform how users interact with the software. At the FOSDEM 2025 conference, developers unveiled LibreOffice 25.2, which introduces browser-based functionality and real-time collaboration capabilities through a technology called conflict-free replicated data types.

A key development is ZetaOffice, a version built for the WebAssembly runtime that enables the full office suite to run inside web browsers across operating systems and CPU architectures. The project, which entered public beta last November, allows websites to embed LibreOffice applications with complete user interfaces for editing documents, spreadsheets and presentations.

While the browser-based version currently requires about a gigabyte of code and additional memory to run, developers at Allotropia are working to modularize the codebase for faster loading times. The software, released under the MIT license, can be controlled via JavaScript and operates without requiring an internet connection, unlike Google Docs or LibreOffice's existing Collabora Online version.
Software

The Future of GPLv3 Hangs In the Balance (sfconservancy.org) 66

New submitter jms00 writes: A years-long legal battle has quietly escalated into what could become the defining moment for the future of GPLv3, with implications that could reshape software freedom as we know it.

At issue is whether licensors have the power to impose 'further restrictions' on open-source software, potentially undermining the explicit rights granted to users and developers under AGPLv3, GPLv3, and LGPLv3.

The outcome of this case, now before the U.S. Court of Appeals for the Ninth Circuit, could set a dangerous precedent, limiting the ability to remove proprietary restrictions from copyleft-licensed software.

With little public attention on the case, the Software Freedom Conservancy (SFC) has stepped up as a key voice in defense of user rights, filing a critical amicus brief to challenge the lower court's ruling and protect the principles of software freedom.

The Almighty Buck

Woeful Security On Financial Phone Apps Is Getting People Murdered 161

Longtime Slashdot reader theodp writes: Monday brought chilling news reports of the all-count trial convictions of three individuals for a conspiracy to rob and drug people outside of LGBTQ+ nightclubs in Manhattan's Hell's Kitchen neighborhood, which led to the deaths of two of their victims. The defendants were found guilty on all 24 counts, which included murder, robbery, burglary, and conspiracy. "As proven at trial," explained the Manhattan District Attorney's Office in a press release, "the defendants lurked outside of nightclubs to exploit intoxicated individuals. They would give them drugs, laced with fentanyl, to incapacitate their victims so they could take the victims' phones and drain their online financial accounts [including unauthorized charges and transfers using Cash App, Apple Cash, Apple Pay]." District Attorney Alvin L. Bragg, Jr. added, "My Office will continue to take every measure possible to protect New Yorkers from this type of criminal conduct. That includes ensuring accountability for those who commit this harm, while also working with financial companies to enhance security measures on their phone apps."

In 2024, D.A. Bragg called on financial companies to better protect consumers from fraud, including: adding a second and separate password for accessing the app on a smartphone as a default security option; imposing lower default limits on the monetary amount of total daily transfers; requiring wait times of up to a day and secondary verification for large monetary transactions; better monitoring of accounts for unusual transfer activities; and asking for confirmation when suspicious transactions occur. "No longer is the smartphone itself the most lucrative target for scammers and robbers -- it's the financial apps contained within," said Bragg as he released letters (PDF) sent to the companies that own Venmo, Zelle, and Cash App. "Thousands or even tens of thousands can be drained from financial accounts in a matter of seconds with just a few taps. Without additional protections, customers' financial and physical safety is being put at risk. I hope these companies accept our request to discuss commonsense solutions to deter scammers and protect New Yorkers' hard-earned money."

"Our cellphones aren't safe," warned the EFF's Cooper Quintin in a 2018 New York Times op-ed. "So why aren't we fixing them?" Any thoughts on what can and should be done with software, hardware, and procedures to stop "bank jackings"?
Robotics

Apple Explores Robotics Push For Smart Home Market, Analyst Says 18

Apple is developing robots for its smart home ecosystem, though mass production is unlikely to begin before 2028, according to widely reliable TF Securities analyst Ming-Chi Kuo. The project remains in early proof-of-concept testing, with Apple exploring both humanoid and non-humanoid designs, he wrote in a post on X.

The company is focusing on how users interact with robots rather than their physical appearance, prioritizing sensing hardware and software as core technologies, Kuo said. The tech giant has taken an unusual approach by publicly sharing some of its robotics research during this early stage, possibly to recruit talent, the analyst noted. The proof-of-concept phase, which precedes formal product development, serves as Apple's testing ground for product ideas and core technologies. Apple's foldable phone project is also currently in the proof-of-concept phase, he said.
Bitcoin

Man Who Hijacked SEC's X Account To Pump Bitcoin Faces Up To 5 Years In Prison (gizmodo.com) 49

Eric Council Jr. pleaded guilty to identity theft and access device fraud after hijacking the SEC's X account to falsely announce Bitcoin ETF approval. He was compensated in Bitcoin by co-conspirators, and while the Justice Department continues its investigation, Council faces up to five years in prison. Gizmodo reports: According to the Justice Department, Council accessed the SEC's account using an attack called SIM swapping, in which a perpetrator uses social engineering to trick a phone carrier's customer service representatives into transferring an individual's phone number to a new device. Basically, they call into a support line and use pieces of personal information about a victim they have gathered online to convince the representative they are the person they are targeting. Once perpetrators take the number and can begin receiving text messages, they are able to reset the passwords of accounts on services like X. It is not really a "hack" in the traditional sense that they are not finding flaws in software but rather exploiting human trust.

Unfortunately for individuals like Council, all Bitcoin transactions are logged on a blockchain for anyone to see, leaving a trail of breadcrumbs for investigators to find. If he did make out with a lot of crypto, it would be hard to keep it hidden forever. Council allegedly did not post the message himself to the SEC's X account, but conducted the SIM swap and left the rest of the work to his co-conspirators who compensated Council in the form of, of course, Bitcoin. The price of the cryptocurrency rose by $1,000 after the fake announcement, according to the Justice Department, and fell by $2,000 after the SEC issued a correction. That could have led to a big windfall depending on how much Bitcoin the perpetrators held at the time.

The Military

Anduril To Take Over Managing Microsoft Goggles for US Army (msn.com) 21

Anduril will take over management and eventual manufacturing of the U.S. Army's Integrated Visual Augmentation System (IVAS) from Microsoft, a significant shift in one of the military's most ambitious augmented reality projects.

The deal, which requires Army approval, could be worth over $20 billion in the next decade if all options are exercised, according to Bloomberg. The IVAS system, based on Microsoft's HoloLens mixed reality platform, aims to equip soldiers with advanced capabilities including night vision and airborne threat detection.

Under the new arrangement, Microsoft will transition to providing cloud computing and AI infrastructure, while Anduril assumes control of hardware production and software development. The Army has planned orders for up to 121,000 units, though full production hinges on passing combat testing this year.

The program has faced technical hurdles, with early prototypes causing headaches and nausea among soldiers. The current slimmer version has received better feedback, though cost remains a concern - the Army indicated the $80,000 per-unit price needs to "be substantially less" to justify large-scale procurement.

Anduril founder Palmer Luckey, writing in a blog post: This move has been so many years in the making, over a decade of hacking and scheming and dreaming and building with exactly this specific outcome clearly visualized in my mind's eye. I can hardly believe I managed to pull it off. Everything I've done in my career -- building Oculus out of a camper trailer, shipping VR to millions of consumers, getting run out of Silicon Valley by backstabbing snakes, betting that Anduril could tear people out of the bigtech megacorp matrix and put them to work on our nation's most important problems -- has led to this moment. IVAS isn't just another product, it is a once-in-a-generation opportunity to redefine how technology supports those who serve. We have a shot to prove that this long-standing dream is no windmill, that this can expand far beyond one company or one headset and act as a a nexus for the best of the best to set a new standard for how a large collection of companies can work together to solve our nation's most important problems.
Chrome

Google Chrome May Soon Use 'AI' To Replace Compromised Passwords (arstechnica.com) 46

Google's Chrome browser might soon get a useful security upgrade: detecting passwords used in data breaches and then generating and storing a better replacement. From a report: Google's preliminary copy suggests it's an "AI innovation," though exactly how is unclear.

Noted software digger Leopeva64 on X found a new offering in the AI settings of a very early build of Chrome. The option, "Automated password Change" (so, early stages -- as to not yet get a copyedit), is described as, "When Chrome finds one of your passwords in a data breach, it can offer to change your password for you when you sign in."

Chrome already has a feature that warns users if the passwords they enter have been identified in a breach and will prompt them to change it. As noted by Windows Report, the change is that now Google will offer to change it for you on the spot rather than simply prompting you to handle that elsewhere. The password is automatically saved in Google's Password Manager and "is encrypted and never seen by anyone," the settings page claims.

AI

AI Can Now Replicate Itself (space.com) 78

An anonymous reader quotes a report from Space.com: In a new study, researchers from China showed that two popular large language models (LLMs) could clone themselves. [...] For the study, researchers used Meta's Llama31-70B-Instruct model and Alibaba's Qwen2.5-72B-Instruct model. While less powerful than commercial systems, both are widely used by AI developers, the researchers said. The study explored two specific scenarios: "shutdown avoidance" and "chain of replication." In the first, the AI model was programmed to detect whether it was about to be shut down and to replicate itself before it could be terminated. In the other, the AI was instructed to clone itself and then program its replica to do the same -- setting up a cycle that could continue indefinitely.

The study was conducted in precisely controlled environments using off-the-shelf graphics processing units (GPUs) to simulate real-world environments. Both AI systems were given an "agent scaffolding" comprising tools, system prompts and a thinking model that enabled the LLM to interact with the operating system. They were then instructed to replicate. "In most cases, the AI system first explores the environment and attempts to understand its own composition and running mechanism. Then, it works out the explicit procedures as an initial plan towards self-replication," the researchers wrote in the paper. "Finally, it executes the procedures, resolve[s] possible obstacles and dynamically adjust[s] its plan until success. The whole process spans a long horizon yet involves no human interference."

The researchers said they were also concerned about "a number of unexpected behaviors" when the AI was trying to overcome obstacles like missing files or software conflicts. In those scenarios, the AI often killed other conflicting processes, rebooted the system to fix hardware errors or automatically scanned the system to look for information that would help solve the problem. "The above results imply that the current AI systems already exhibit the ability of self-replication and can use the ability to further enhance its survivability," the team wrote.
The research has been published to the preprint database arXiv but has not yet been peer-reviewed.

Slashdot Top Deals