Open Source

Linux Foundation Tries To Play Peacemaker In Ongoing WordPress Scuffle (theregister.com) 13

The Register's Thomas Claburn reports: The Linux Foundation on Friday introduced a new method to distribute WordPress updates and plugins that's not controlled by any one party, in a bid to "stabilize the WordPress ecosystem" after months of infighting. The FAIR Package Manager project is a response to the legal brawl that erupted last year, pitting WordPress co-creator Matthew Mullenweg, his for-profit hosting firm Automattic, and the WordPress Foundation that he controls, against WP Engine, a rival commercial WordPress hosting firm. [...]

The Linux Foundation says the FAIR Package Manager, a mechanism for distributing open-source WordPress plugins, "eliminates reliance on any single source for core updates, plugins, themes, and more, unites a fragmented ecosystem by bringing together plugins from any source, and builds security into the supply chain." In other words, it can't be weaponized against the WordPress community because it won't be controlled by any one entity. "The FAIR Package Manager project paves the way for the stability and growth of open source content management, giving contributors and businesses additional options governed by a neutral community," said Jim Zemlin, Executive Director of the Linux Foundation, in a canned press statement. "We look forward to the growth in community and contributions this important project attracts."

The FAIR Package Manager repo explains the software's purpose more succinctly. The software "is a decentralized alternative to the central WordPress.org plugin and theme ecosystem, designed to return control to WordPress hosts and developers. It operates as a drop-in WordPress plugin, seamlessly replacing existing centralized services with a federated, open-source infrastructure." In addition to providing some measure of stability, the Linux Foundation sees the FAIR Package Manager as advancing WordPress' alignment with Europe's General Data Protection Regulation by reducing automatic browser data transmission and telemetry sent to commercial entities, while also supporting modern security practices and strengthening the open source software supply chain.

IOS

What To Expect From Apple's WWDC (arstechnica.com) 26

Apple's Worldwide Developers Conference 25 (WWDC) kicks off next week, June 9th, showcasing the company's latest software and new technologies. That includes the next version of iOS, which is rumored to have the most significant design overhaul since the introduction of iOS 7. Here's an overview of what to expect: Major Software Redesigns
Apple plans to shift its operating system naming to reflect the release year, moving from sequential numbers to year-based identifiers. Consequently, the upcoming releases will be labeled as iOS 26, macOS 26, watchOS 26, etc., streamlining the versioning across platforms.

iOS 26 is anticipated to feature a glossy, glass-like interface inspired by visionOS, incorporating translucent elements and rounded buttons. This design language is expected to extend across iPadOS, macOS, watchOS, and tvOS, promoting a cohesive user experience across devices. Core applications like Phone, Safari, and Camera are slated for significant redesigns, too. For instance, Safari may introduce a translucent, "glassy" address bar, aligning with the new visual aesthetics.

While AI is not expected to be the main focus due to Siri's current readiness, some AI-related updates are rumored. The Shortcuts app may gain "Apple Intelligence," enabling users to create shortcuts using natural language. It's also possible that Gemini will be offered as an option for AI functionalities on the iPhone, similar to ChatGPT.

Other App and Feature Updates
The lock screen might display charging estimates, indicating how long it will take for the phone to fully charge. There's a rumor about bringing live translation features to AirPods. The Messages app could receive automatic translations and call support; the Music app might introduce full-screen animated lock screen art; and Apple Notes may get markdown support. Users may also only need to log into a captive Wi-Fi portal once, and all their devices will automatically be logged in.

Significant updates are expected for Apple Home. There's speculation about the potential announcement of a "HomePad" with a screen, Apple's competitor to devices like the Nest Hub Mini. A new dedicated Apple gaming app is also anticipated to replace Game Center.
If you're expecting new hardware, don't hold your breath. The event is expected to focus primarily on software developments. It may even see discontinued support for several older Intel-based Macs in macOS 26, including models like the 2018 MacBook Pro and the 2019 iMac, as Apple continues its transition towards exclusive support for Apple Silicon devices.

Sources:
Apple WWDC 2025 Rumors and Predictions! (Waveform)
WWDC 2025 Overview (MacRumors)
WWDC 2025: What to expect from this year's conference (TechCrunch)
What to expect from Apple's Worldwide Developers Conference next week (Ars Technica)
Apple's WWDC 2025: How to Watch and What to Expect (Wired)
Botnet

FBI: BadBox 2.0 Android Malware Infects Millions of Consumer Devices (bleepingcomputer.com) 8

An anonymous reader quotes a report from BleepingComputer: The FBI is warning that the BADBOX 2.0 malware campaign has infected over 1 million home Internet-connected devices, converting consumer electronics into residential proxies that are used for malicious activity. The BADBOX botnet is commonly found on Chinese Android-based smart TVs, streaming boxes, projectors, tablets, and other Internet of Things (IoT) devices. "The BADBOX 2.0 botnet consists of millions of infected devices and maintains numerous backdoors to proxy services that cyber criminal actors exploit by either selling or providing free access to compromised home networks to be used for various criminal activity," warns the FBI.

These devices come preloaded with the BADBOX 2.0 malware botnet or become infected after installing firmware updates and through malicious Android applications that sneak onto Google Play and third-party app stores. "Cyber criminals gain unauthorized access to home networks by either configuring the product with malicious software prior to the users purchase or infecting the device as it downloads required applications that contain backdoors, usually during the set-up process," explains the FBI. "Once these compromised IoT devices are connected to home networks, the infected devices are susceptible to becoming part of the BADBOX 2.0 botnet and residential proxy services4 known to be used for malicious activity."

Once infected, the devices connect to the attacker's command and control (C2) servers, where they receive commands to execute on the compromised devices, such as [routing malicious traffic through residential IPs to obscure cybercriminal activity, performing background ad fraud to generate revenue, and launching credential-stuffing attacks using stolen login data]. Over the years, the malware botnet continued expanding until 2024, when Germany's cybersecurity agency disrupted the botnet in the country by sinkholing the communication between infected devices and the attacker's infrastructure, effectively rendering the malware useless. However, that did not stop the threat actors, with researchers saying they found the malware installed on 192,000 devices a week later. Even more concerning, the malware was found on more mainstream brands, like Yandex TVs and Hisense smartphones. Unfortunately, despite the previous disruption, the botnet continued to grow, with HUMAN's Satori Threat Intelligence stating that over 1 million consumer devices had become infected by March 2025. This new larger botnet is now being called BADBOX 2.0 to indicate a new tracking of the malware campaign.
"This scheme impacted more than 1 million consumer devices. Devices connected to the BADBOX 2.0 operation included lower-price-point, 'off brand,' uncertified tablets, connected TV (CTV) boxes, digital projectors, and more," explains HUMAN.

"The infected devices are Android Open Source Project devices, not Android TV OS devices or Play Protect certified Android devices. All of these devices are manufactured in mainland China and shipped globally; indeed, HUMAN observed BADBOX 2.0-associated traffic from 222 countries and territories worldwide."
Youtube

YouTube Pulls Tech Creator's Self-Hosting Tutorial as 'Harmful Content' (jeffgeerling.com) 77

YouTube pulled a popular tutorial video from tech creator Jeff Geerling this week, claiming his guide to installing LibreELEC on a Raspberry Pi 5 violated policies against "harmful content." The video, which showed viewers how to set up their own home media servers, had been live for over a year and racked up more than 500,000 views. YouTube's automated systems flagged the content for allegedly teaching people "how to get unauthorized or free access to audio or audiovisual content."

Geerling says his tutorial covered only legal self-hosting of media people already own -- no piracy tools or copyright workarounds. He said he goes out of his way to avoid mentioning popular piracy software in his videos. It's the second time YouTube has pulled a self-hosting content video from Geerling. Last October, YouTube removed his Jellyfin tutorial, though that decision was quickly reversed after appeal. This time, his appeal was denied.
Robotics

Amazon Prepares To Test Humanoid Robots for Delivering Packages (theinformation.com) 72

Amazon is developing software for humanoid robots that could eventually replace hundreds of thousands of delivery workers, [non-paywalled source] The Information reports. The company is building a "humanoid park" obstacle course at its San Francisco office to test robots that would ride in the back of Amazon's Rivian electric vans and deliver packages to customers, the report said. The indoor testing facility, roughly the size of a coffee shop, will house a Rivian van and serve as a controlled environment before Amazon takes the robots on "field trips" to deliver real packages on actual streets.

This summer, Amazon plans to test multiple humanoid models, including a $16,000 unit from China-based Unitree that has gained popularity among robotics developers, the report said. The initiative represents Amazon's most ambitious robotics project yet, extending beyond its existing warehouse automation to tackle the significantly more complex challenge of outdoor package delivery. Amazon currently operates more than 20,000 Rivian vehicles for deliveries and plans to expand its electric fleet to 100,000 vehicles by 2030.
Programming

Andrew Ng Says Vibe Coding is a Bad Name For a Very Real and Exhausting Job (businessinsider.com) 79

An anonymous reader shares a report: Vibe coding might sound chill, but Andrew Ng thinks the name is unfortunate. The Stanford professor and former Google Brain scientist said the term misleads people into imagining engineers just "go with the vibes" when using AI tools to write code. "It's unfortunate that that's called vibe coding," Ng said at a firechat chat in May at conference LangChain Interrupt. "It's misleading a lot of people into thinking, just go with the vibes, you know -- accept this, reject that."

In reality, coding with AI is "a deeply intellectual exercise," he said. "When I'm coding for a day with AI coding assistance, I'm frankly exhausted by the end of the day." Despite his gripe with the name, Ng is bullish on AI-assisted coding. He said it's "fantastic" that developers can now write software faster with these tools, sometimes while "barely looking at the code."

Privacy

New Spying Claims Emerge in Silicon Valley Corporate Espionage Scandal (ft.com) 14

A bitter fight over alleged corporate espionage involving two of Silicon Valley's hottest startups took a new twist on Tuesday, after $12 billion HR software company Deel claimed arch-rival Rippling had directed one of its employees to "pilfer" the company's assets by posing as a customer. From a report: The latest claim comes after Rippling alleged earlier this year that a staff member had been spying on behalf of Deel. The employee locked themselves into a bathroom and smashed their phone with an axe when confronted with allegations, according to their own testimony.

In new legal filings seen by the Financial Times, Deel has countered by arguing that: "Rippling has been actively engaged in a carefully co-ordinated espionage campaign, through which it infiltrated Deel's customer platform by fraudulent means and pilfered the company's most valuable proprietary assets."

The Almighty Buck

American Science & Surplus Is Fighting For Its Life (arstechnica.com) 46

"One of the few major independent science-surplus/DIY outlets left is American Science & Surplus," writes longtime Slashdot reader Tyler Too. "They've recently launched a GoFundMe campaign to ensure their survival." Ars Technica reports: Now, nearly 90 years after its launch selling "reject lenses" as American Lens & Photo, American Science & Surplus is facing an existential threat. The COVID-19 pandemic and increased costs hit the business hard, so the store has launched a GoFundMe campaign looking to raise $200,000 from customers and fans alike. What's happening in suburban Chicago is a microcosm of the challenges facing local retail, with big-box retailers and online behemoths overwhelming beloved local institutions. It's a story that has played out countless times in the last two-plus decades, and owner Pat Meyer is hoping this tale has a different ending. Ars reports on American Science & Surplus' long history, noting that it was founded in 1937 and has grown from a modest surplus shop into a beloved, quirky institution for makers, science enthusiasts, and curiosity seekers. Over the decades, it evolved far beyond its original niche of lenses and lab equipment. As Meyer, a 41-year veteran of the company, put it: "I've done everything in the company that there is to do... it's been my life for 41 years."

Once known for its robust telescope section and deep inventory of scientific odds and ends, the store has adapted to shifting consumer habits -- some changes bittersweet. True to its DIY spirit, American Science & Surplus is described as a "physical manifestation of the maker ethos," stocked with everything from motors to military gas masks to mule-branding kits. It also carries a rare sense of humor, with quirky signage like a warning that a "Deluxe Walking Cane" is "not the edible kind of cane."

Today, American Science & Surplus faces modern challenges like relocating a costly warehouse and overhauling outdated software and web infrastructure. But Meyer is optimistic, noting that contributions to their GoFundMe campaign represent more than financial help: "It's about supporting local retail during a very challenging time. Who wants to buy everything at Amazon, Walmart, Temu, and Target?"
Open Source

The IRS Tax Filing Software TurboTax Is Trying To Kill Just Got Open Sourced (404media.co) 192

An anonymous reader shares a report: The IRS open sourced much of its incredibly popular Direct File software as the future of the free tax filing program is at risk of being killed by Intuit's lobbyists and Donald Trump's megabill. Meanwhile, several top developers who worked on the software have left the government and joined a project to explore the "future of tax filing" in the private sector.

Direct File is a piece of software created by developers at the US Digital Service and 18F, the former of which became DOGE and is now unrecognizable, and the latter of which was killed by DOGE. Direct File has been called a "free, easy, and trustworthy" piece of software that made tax filing "more efficient." About 300,000 people used it last year as part of a limited pilot program, and those who did gave it incredibly positive reviews, according to reporting by Federal News Network.

But because it is free and because it is an example of government working, Direct File and the IRS's Free File program more broadly have been the subject of years of lobbying efforts by financial technology giants like Intuit, which makes TurboTax. DOGE sought to kill Direct File, and currently, there is language in Trump's massive budget reconciliation bill that would kill Direct File. Experts say that "ending [the] Direct File program is a gift to the tax-prep industry that will cost taxpayers time and money."

Programming

Morgan Stanley Says Its AI Tool Processed 9 Million Lines of Legacy Code This Year And Saved 280,000 Developer Hours (msn.com) 88

Morgan Stanley has deployed an in-house AI tool called DevGen.AI that has reviewed nine million lines of legacy code this year, saving the investment bank's developers an estimated 280,000 hours by translating outdated programming languages into plain English specifications that can be rewritten in modern code.

The tool, built on OpenAI's GPT models and launched in January, addresses what Mike Pizzi, the company's global head of technology and operations, calls one of enterprise software's biggest pain points -- modernizing decades-old code that weakens security and slows new technology adoption. While commercial AI coding tools excel at writing new code, they lack expertise in older or company-specific programming languages like Cobol, prompting Morgan Stanley to train its own system on its proprietary codebase.

The tool's primary strength, the bank said, lies in creating English specifications that map what legacy code does, enabling any of the company's 15,000 developers worldwide to rewrite it in modern programming languages rather than relying on a dwindling pool of specialists familiar with antiquated coding systems.
Programming

AI Startups Revolutionize Coding Industry, Leading To Sky-High Valuations 39

Code generation startups are attracting extraordinary investor interest two years after ChatGPT's launch, with companies like Cursor raising $900 million at a $10 billion valuation despite operating with negative gross margins. OpenAI is reportedly in talks to acquire Windsurf, maker of the Codeium coding tool, for $3 billion, while the startup generates $50 million in annualized revenue from a product launched just seven months ago.

These "vibe coding" platforms allow users to write software using plain English commands, attempting to fundamentally change how code gets written. Cursor went from zero to $100 million in recurring revenue in under two years with just 60 employees, though both major startups spend more money than they generate, Reuters reports, citing investor sources familiar with their operations.

The surge comes as major technology giants report significant portions of their code now being AI-generated -- Google claims over 30% while Microsoft reports 20-30%. Meanwhile, entry-level programming positions have declined 24% as companies increasingly rely on AI tools to handle basic coding tasks previously assigned to junior developers.
Hardware

Polish Engineer Creates Postage Stamp-Sized 1980s Atari Computer (arstechnica.com) 32

Ars Technica's Benj Edwards reports: In 1979, Atari released the Atari 400 and 800, groundbreaking home computers that included custom graphics and sound chips, four joystick ports, and the ability to run the most advanced home video games of their era. These machines, which retailed for $549 and $999, respectively, represented a leap in consumer-friendly personal computing, with their modular design and serial I/O bus that presaged USB. Now, 46 years later, a hobbyist has shrunk down the system hardware to a size that would have seemed like science fiction in the 1970s.

Polish engineer Piotr "Osa" Ostapowicz recently unveiled "Atarino," which may be the world's smallest 8-bit Atari computer re-creation, according to retro computing site Atariteca. The entire system -- processor, graphics chips, sound hardware, and memory controllers -- fits on a module measuring just 2x1.5 centimeters (about 0.79x0.59 inches), which is roughly the size of a postage stamp.

Ostapowicz's creation reimplements the classic Atari XL/XE architecture using modern FPGA (field-programmable gate array) technology. Unlike software emulators that simulate old hardware (and modern recreations that run them, like the Atari 400 Mini console) on a complete computer system of another architecture, Atarino reproduces the original Atari components faithfully at the logic level, allowing it to run vintage software while maintaining compatibility with original peripherals. [...] The project, which began over a decade ago and was first publicly demonstrated in December 2023, includes a 6502C processor, ANTIC and GTIA graphics chips, POKEY sound chip, and memory controllers onto a single Lattice UP5K FPGA chip. Despite its tiny size, the system can run at clock speeds up to 31 MHz -- far faster than the original hardware's 1.79 MHz.
While the Atarino can run vintage software and work with the original peripherals, it brings several key improvements -- including a modernized 6502 core with added instructions, a more efficient memory architecture, enhanced video output via VGA and HDMI, extended graphics modes, refined sound chip emulation, modular hardware design, support for modern connectivity like Wi-Fi and Ethernet, and compatibility with contemporary development tools like CC65 and Visual Studio Code.

Ostapowicz "plans to release complete kits with documentation, inviting the retrocomputing community to experiment with the hardware," adds Edwards.
Businesses

AI Startup Revealed To Be 700 Indian Employees Pretending To Be Chatbots (latintimes.com) 55

An anonymous reader quotes a report from the Latin Times: A once-hyped AI startup backed by Microsoft has filed for bankruptcy after it was revealed that its so-called artificial intelligence was actually hundreds of human workers in India pretending to be chatbots. Builder.ai, a London-based company previously valued at $1.5 billion, marketed its platform as an AI-powered solution that made building apps as simple as ordering pizza. Its virtual assistant, "Natasha," was supposed to generate software using artificial intelligence. In reality, nearly 700 engineers in India were manually coding customer requests behind the scenes, the Times of India reported.

The ruse began to collapse in May when lender Viola Credit seized $37 million from the company's accounts, uncovering that Builder.ai had inflated its 2024 revenue projections by 300%. An audit revealed the company generated just $50 million in revenue, far below the $220 million it claimed to investors. A Wall Street Journal report from 2019 had already questioned Builder.ai's AI claims, and a former executive sued the company that same year for allegedly misleading investors and overstating its technical capabilities. Despite that, the company raised over $445 million from big names including Microsoft and the Qatar Investment Authority. Builder.ai's collapse has triggered a federal investigation in the U.S., with prosecutors in New York requesting financial documents and customer records.

Microsoft

Microsoft Cuts Hundreds of Jobs After Firing 6,000 in May (yahoo.com) 20

Microsoft cut hundreds more jobs just weeks after its largest layoff in years, underscoring the tech industry's efforts to trim costs even as it plows billions of dollars into artificial intelligence. From a report: More than 300 employees were told their positions had been eliminated on Monday, according to a Washington state notice reviewed by Bloomberg.

The cuts impacted a range of positions, including software engineers, marketers, product managers, lawyers and research scientists, a state document showed. A Microsoft spokesperson said the latest headcount reduction is in addition to the 6,000 job cuts announced last month.

Open Source

Ukraine's Massive Drone Attack Was Powered by Open Source Software 245

An anonymous reader shares a report: Open source software used by hobbyist drones powered an attack that wiped out a third of Russia's strategic long range bombers on Sunday afternoon, in one of the most daring and technically coordinated attacks in the war. In broad daylight on Sunday, explosions rocked air bases in Belaya, Olenya, and Ivanovo in Russia, which are hundreds of miles from Ukraine. The Security Services of Ukraine's (SBU) Operation Spider Web was a coordinated assault on Russian targets it claimed was more than a year in the making, which was carried out using a nearly 20-year-old piece of open source drone autopilot software called ArduPilot.

ArduPilot's original creators were in awe of the attack. "That's ArduPilot, launched from my basement 18 years ago. Crazy," Chris Anderson said in a comment on LinkedIn below footage of the attack. On X, he tagged his the co-creators Jordi Munoz and Jason Short in a post about the attack. "Not in a million years would I have predicted this outcome. I just wanted to make flying robots," Short said in a reply to Anderson. "Ardupilot powered drones just took out half the Russian strategic bomber fleet."

ArduPilot is an open source software system that takes its name from the Arduino hardware systems it was originally designed to work with. It began in 2007 when Anderson launched the website DIYdrones.com and cobbled together a UAV autopilot system out of a Lego Mindstorms set.
Privacy

North Korean Smartphones Automatically Capture Screenshots Every 5 Minutes For State Surveillance 74

A smartphone smuggled out of North Korea automatically captures screenshots every five minutes and stores them in a hidden folder inaccessible to users, according to analysis by the BBC. Authorities can later review these images to monitor citizen activity on the device. The phone, obtained by Seoul-based media outlet Daily NK, resembles a Huawei or Honor device but runs state-approved software designed for surveillance and control. The device also automatically censors text, replacing "South Korea" with "puppet state" and Korean terms of endearment with "comrade."
Windows

Microsoft Mandates Universal USB-C Functionality To End 'USB-C Port Confusion' on Windows 11 Devices (tomshardware.com) 98

Microsoft will require all USB-C ports on Windows 11 certified laptops and tablets to support data transfer, charging, and display functionality under updated hardware compatibility program rules. The mandate targets devices shipping with Windows 11 24H2 and aims to eliminate what Microsoft -- and the industry -- calls "USB-C port confusion," where identical-looking ports offer different capabilities across PC manufacturers.

The Windows Hardware Compatibility Program updates also require USB 40Gbps ports to maintain full compatibility with both USB4 and Thunderbolt 3 peripherals.
Bug

New Moderate Linux Flaw Allows Password Hash Theft Via Core Dumps in Ubuntu, RHEL, Fedora (thehackernews.com) 66

An anonymous reader shared this report from The Hacker News: Two information disclosure flaws have been identified in apport and systemd-coredump, the core dump handlers in Ubuntu, Red Hat Enterprise Linux, and Fedora, according to the Qualys Threat Research Unit (TRU).

Tracked as CVE-2025-5054 and CVE-2025-4598, both vulnerabilities are race condition bugs that could enable a local attacker to obtain access to access sensitive information. Tools like Apport and systemd-coredump are designed to handle crash reporting and core dumps in Linux systems. "These race conditions allow a local attacker to exploit a SUID program and gain read access to the resulting core dump," Saeed Abbasi, manager of product at Qualys TRU, said...

Red Hat said CVE-2025-4598 has been rated Moderate in severity owing to the high complexity in pulling an exploit for the vulnerability, noting that the attacker has to first win the race condition and be in possession of an unprivileged local account... Qualys has also developed proof-of-concept code for both vulnerabilities, demonstrating how a local attacker can exploit the coredump of a crashed unix_chkpwd process, which is used to verify the validity of a user's password, to obtain password hashes from the /etc/shadow file.

Advisories were also issued by Gentoo, Amazon Linux, and Debian, the article points out. (Though "It's worth noting that Debian systems aren't susceptible to CVE-2025-4598 by default, since they don't include any core dump handler unless the systemd-coredump package is manually installed.")

Canonical software security engineer Octavio Galland explains the issue on Canonical's blog. "If a local attacker manages to induce a crash in a privileged process and quickly replaces it with another one with the same process ID that resides inside a mount and pid namespace, apport will attempt to forward the core dump (which might contain sensitive information belonging to the original, privileged process) into the namespace... In order to successfully carry out the exploit, an attacker must have permissions to create user, mount and pid namespaces with full capabilities." Canonical's security team has released updates for the apport package for all affected Ubuntu releases... We recommend you upgrade all packages... The unattended-upgrades feature is enabled by default for Ubuntu 16.04 LTS onwards. This service:

- Applies new security updates every 24 hours automatically.
- If you have this enabled, the patches above will be automatically applied within 24 hours of being available.

AI

Is the AI Job Apocalypse Already Here for Some Recent Grads? (msn.com) 117

"This month, millions of young people will graduate from college," reports the New York Times, "and look for work in industries that have little use for their skills, view them as expensive and expendable, and are rapidly phasing out their jobs in favor of artificial intelligence." That is the troubling conclusion of my conversations over the past several months with economists, corporate executives and young job seekers, many of whom pointed to an emerging crisis for entry-level workers that appears to be fueled, at least in part, by rapid advances in AI capabilities.

You can see hints of this in the economic data. Unemployment for recent college graduates has jumped to an unusually high 5.8% in recent months, and the Federal Reserve Bank of New York recently warned that the employment situation for these workers had "deteriorated noticeably." Oxford Economics, a research firm that studies labor markets, found that unemployment for recent graduates was heavily concentrated in technical fields like finance and computer science, where AI has made faster gains. "There are signs that entry-level positions are being displaced by artificial intelligence at higher rates," the firm wrote in a recent report.

But I'm convinced that what's showing up in the economic data is only the tip of the iceberg. In interview after interview, I'm hearing that firms are making rapid progress toward automating entry-level work and that AI companies are racing to build "virtual workers" that can replace junior employees at a fraction of the cost. Corporate attitudes toward automation are changing, too — some firms have encouraged managers to become "AI-first," testing whether a given task can be done by AI before hiring a human to do it. One tech executive recently told me his company had stopped hiring anything below an L5 software engineer — a midlevel title typically given to programmers with three to seven years of experience — because lower-level tasks could now be done by AI coding tools. Another told me that his startup now employed a single data scientist to do the kinds of tasks that required a team of 75 people at his previous company...

"This is something I'm hearing about left and right," said Molly Kinder, a fellow at the Brookings Institution, a public policy think tank, who studies the impact of AI on workers. "Employers are saying, 'These tools are so good that I no longer need marketing analysts, finance analysts and research assistants.'" Using AI to automate white-collar jobs has been a dream among executives for years. (I heard them fantasizing about it in Davos back in 2019.) But until recently, the technology simply wasn't good enough...

AI

Will 'Vibe Coding' Transform Programming? (npr.org) 116

A 21-year-old's startup got a $500,000 investment from Y Combinator — after building their web site and prototype mostly with "vibe coding".

NPR explores vibe coding with Tom Blomfield, a Y Combinator group partner: "It really caught on, this idea that people are no longer checking line by line the code that AI is producing, but just kind of telling it what to do and accepting the responses in a very trusting way," Blomfield said. And so Blomfield, who knows how to code, also tried his hand at vibe coding — both to rejig his blog and to create from scratch a website called Recipe Ninja. It has a library of recipes, and cooks can talk to it, asking the AI-driven site to concoct new recipes for them. "It's probably like 30,000 lines of code. That would have taken me, I don't know, maybe a year to build," he said. "It wasn't overnight, but I probably spent 100 hours on that."

Blomfield said he expects AI coding to radically change the software industry. "Instead of having coding assistance, we're going to have actual AI coders and then an AI project manager, an AI designer and, over time, an AI manager of all of this. And we're going to have swarms of these things," he said. Where people fit into this, he said, "is the question we're all grappling with." In 2021, Blomfield said in a podcast that would-be start-up founders should, first and foremost, learn to code. Today, he's not sure he'd give that advice because he thinks coders and software engineers could eventually be out of a job. "Coders feel like they are tending, kind of, organic gardens by hand," he said. "But we are producing these superhuman agents that are going to be as good as the best coders in the world, like very, very soon."

The article includes an alternate opinion from Adam Resnick, a research manager at tech consultancy IDC. "The vast majority of developers are using AI tools in some way. And what we also see is that a reasonably high percentage of the code output from those tools needs further curation by people, by experienced people."

NPR ends their article by noting that this further curation is "a job that AI can't do, he said. At least not yet."

Slashdot Top Deals