The Free Software Foundation turns forty on October 4, 2025 "and we will end our thirties on a high note!" they announced this week: We wish we were celebrating the achievement of software freedom for all computer users, but we're not there yet. Until our mission becomes reality and we can retire, instead, we are celebrating forty years of activism, and all that we have achieved.

Since our founding in 1985, we laid out many stepping stones on the road to software freedom, and we're eager to continue building the road ahead. We will celebrate our fortieth in the spirit of bringing the international free software community together, discussing what we can do next to make the world freer, and celebrating how far we've come. We're aiming for a libre planet! Sounds familiar? Instead of hosting one LibrePlanet conference in 2025, we're planning a jam-packed anniversary year, filled with several new and exciting activities!

We'll begin the anniversary year with an unprecedented memorabilia auction, starting as a silent auction on March 17, and culminating in a virtual live auction on March 23. By moving out of the FSF office, we got to sort through all the fun and historically important memorabilia and selected the best ones. This is your chance to get your very own personal souvenir of the FSF, from original GNU art to a famous katana and the very same VT220 that was standing on the FSF's front desk, and which people used to display ASCII art or to play free software games.

Let's claim the month of May as libre planet (or libre local) month! We're inviting free software supporters like you anywhere in the world, to organize an in-person community meetup in your area to bring people together. We're setting up a small fund for these local gatherings, can send stickers, flyers, ideas and tips, and you can invite an FSF staff member to give a talk or workshop during your event and of course, we'll help promote it...

Then, on the actual birthday of the FSF on October 4, 2025, there will be a big celebration in Boston, MA, and the entire free software community is invited... These are just some of the big ticket items we have worked out, but there is more! Keep an eye out on the FSF's pages, we'll be posting exact information on everything upcoming.
They're looking for volunteers — and they also suggest organizing a community meetup in your area. Plus, there's also an FSF Anniversary Logo Contest. "We would like to source the fortieth anniversary logo design directly from a free software supporter. Everyone is welcome to submit a design (or even multiple designs) no matter your previous experience in design."

The winning design "will be chosen by the community and ultimately immortalized in the history of the FSF," according to the announcement — displayed on the FSF homepage, printed on all celebration materials, "and possibly even stamped on some merchandise." But of course, the contest's requirements include respecting everyone's freedoms: - The logo must be produced using exclusively free software editing tools, such as GIMP, Krita, or Inkscape;

- Any fonts used in the design must be under the SIL Open Font license or another free license...
"The final logo will be released under CC BY, attributed to the FSF."

Nathan Sobo "joined GitHub in late 2011 to build the Atom text editor," according to an online biography, "and he led the Atom team until 2018." Max Brunsfeld joined the Atom team in 2013, and "While driving Atom towards its 1.0 launch during the day, Max spent nights and weekends building Tree-sitter, a blazing-fast and expressive incremental parsing framework that currently powers all code analysis at GitHub."

Last year they teamed up with Antonio Scandurra (another Atom alumnus) to launch a new startup called Zed (which in 2023 raised $10 million, according to TechCrunch). And today the open source blog It's FOSS checks in on their open-source code editor — "Zed Editor". Mainly written in Rust, it supports running in CLI, diagnosing project-wide errors, split panes, and markdown previews: By default, any added content is treated as plain text. I used the language switcher to change it to Rust so that I would get proper syntax highlighting, indentation, error detection, and other useful language-specific functions. The switch highlighted all the Rust elements correctly, and I then focused on Zed Editor's user interface. The overall feel of the editor was minimal, with all the important options being laid out nicely.

[Its status bar] had some interesting panels. The first one I checked was the Terminal Panel, which, as the name suggests, lets you run commands, scripts, and facilitates interaction with system files or processes directly from within the editor. I then moved to the Assistant Panel, which is home to various large language models that can be integrated into Zed Editor. There are options like Anthropic, GitHub Copilot Chat, Ollama, OpenAI, and Google AI... The Zed Editor team has also recently introduced Zed AI in collaboration with Anthropic for assisting with coding, allowing for code generation, advanced context-powered interactions, and more...

The real-time collaboration features on Zed Editor are quite appealing too. To check them out, I had to log in with my GitHub account. After logging in, the Collab Panel opened up, and I could see many channels from the official Zed community. I could chat with others, add collaborators to existing projects, join a call with the option to share my screen and track other collaborators' cursors, add new contacts, and carry out many other collaborative tasks.

One can also use extensions and themes to extend what Zed Editor can do. There are some nice pre-installed themes as well.

Back in 1976, Mattel Electronics Auto Race became the very first handheld game to use only solid-state electronics, according to Wikipedia. (Its only mechanical elements were its on/off switch and hand-operated controls...) Nearly half a century goes by — until the ancient and broken gizmo reaches long-time Slashdot reader Shayde, who "dove into disassembling the unit and figuring out the problem."

Ironically, at one point his voltimeter stopped working, because...its batteries were dead. But a tri-wing screwdriver reveals the game's beautiful 1976 circuitboard — before the video fast forwards through "an almost comical attempt by me, a systems software engineer, to sauter the connections back onto this 48-year-old connector." (Instead he ends up replacing the machine's 9-volt battery connector...) On his Patreon page, he writes that filming the video "took a stupidly long time to put together." But their Slashdot submission acknowledges that in the end, "Taking it apart and debugging it was fun. (Slight spoiler: I figured out what was wrong, was an easy fix), and the game plays great now!"

Any Slashdot readers have memories of playing Mattel Electronics Auto Race? My one experience felt like that time that a gaming magazine had nine children (ages 9 to 12) try to play old 1970s-era videogames like Pong. ("Wow. The score is tied. It's so exhilarating..." "My line is so beating the heck out of your stupid line...")

A 2002 Slashdot post informed the world that "Recently Blake Ross, a developer of the Phoenix web browser, has made a post on the Mozillazine forums looking for a new name for the project. Apparently the people over at Phoenix Technologies decided that the name interferes with their trademark since they make an 'internet access device'..."

And then, on November 9 of 2004, the BBC reported that "Microsoft's Internet Explorer has a serious rival in the long-awaited Firefox 1.0 web browser, which has just been released." Their headline? "Firefox Browser Takes on Microsoft." Fans of the software have banded together to raise cash to pay for an advert in the New York Times announcing that version 1.0 of the browser is available. ["Are you fed up with your browser? You're not alone...."] The release of Firefox 1.0 on 9 November might even cause a few heads to turn at Microsoft because the program is steadily winning people away from the software giant's Internet Explorer browser.

Firefox has been created by the Mozilla Foundation which was started by former browser maker Netscape back in 1998... Earlier incarnations, but which had the same core technology, were called Phoenix and Firebird. Since then the software has been gaining praise and converts, not least because of the large number of security problems that have come to light in Microsoft's Internet Explorer. Rivals to IE got a boost in late June when two US computer security organisations warned people to avoid the Microsoft program to avoid falling victim to a serious vulnerability.

Internet monitoring firm WebSideStory has charted the growing population of people using the Firefox browser and says it is responsible for slowly eroding the stranglehold of IE. Before July this year, according to WebSideStory, Internet Explorer was used by about 95% of web surfers. That figure had remained static for years. In July the IE using population dropped to 94.7% and by the end of October stood at 92.9%. The Mozilla Foundation claims that Firefox has been downloaded almost eight million times and has publicly said it would be happy to garner 10% of the Windows- using, net-browsing population.

Firefox is proving popular because, at the moment, it has far fewer security holes than Internet Explorer and has some innovations lacking in Microsoft's program. For instance, Firefox allows the pages of different websites to be arranged as tabs so users can switch easily between them. It blocks pop-ups, has a neat way of finding text on a page and lets you search through the pages you have browsed...
Firefox celebrated its 20th anniversary with a special video touting new and upcoming features like tab previews, marking up PDFs, and tab grouping.

And upgrading to the latest version of Firefox now displays this message on a "What's New" page. "Whether you just downloaded Firefox or have been with us since the beginning, you are a vital part of helping us make the internet a better place.

"We can't wait to show you what's coming next." ("Check out our special edition wallpapers — open a new tab and click the gear icon at the top right corner...")

UK government-appointed commissioners have labeled Birmingham City Council's Oracle Fusion rollout as "the poorest ERP deployment" they have seen. From a report: A report published by the UK council's Corporate Finance Overview and Scrutiny Committee found that 18 months after Fusion went live, the largest public authority in Europe "had not tactically stabilized the system or formulated clear plans to resolve the system issues and recover the operation."

The city council's cloud-based Oracle tech replaced the SAP system that it began using in 1999, but the disastrous project encountered a string of landmark failures. The council has failed to produce auditable accounts since Oracle was implemented in 2022, costs have ballooned from around 19 million pound to a projected estimate of 131 million pound and, because the council chose not to use system audit features, it cannot tell if fraud has taken place on its multibillion-pound spending budget for an 18-month period. In September last year, the council became effectively bankrupt due to outstanding equal pay claims and the Oracle implementation.

The report from "best value commissioners" appointed by central government to investigate struggling councils said that following the Oracle implementation, "a serious lack of trust had developed between members and officers driven by the failed implementation and subsequent lack of progress to resolve the situation."

Microsoft is introducing a feature to Notepad called Rewrite that will let you use AI to "rephrase sentences, adjust tone, and modify the length of your content." The Verge reports: If you're a Windows Insider with early access to the feature, you can try it by highlighting the text you want to adjust in Notepad, right-clicking it, and choosing Rewrite. Notepad will then display a dialogue box where you can decide how they want to change their text -- for example, if it needs to be longer or shorter. Rewrite will then offer three rewritten versions that you can replace your work with.

It's worth noting that you'll have to sign in to your Microsoft account to use Rewrite, as it's "powered by a cloud-based service that requires authentication and authorization." Microsoft is launching this feature in preview on Windows 11 in the US, France, UK, Canada, Italy, and Germany. In July, Microsoft rolled out spellcheck and autocorrect for Notepad.

Software engineer David Gomes writes in a blog post: I sometimes need to search for a website that will "convert a PNG to SVG", or "remove page from PDF" or "resize svg". And these apps are... okay. I don't really trust most of them with my data, and also a lot of times they just don't work or have too many ads. So, I've been noticing a trend of people just using AI agents to create full blown apps for these simple use cases.

I decided to try it myself for a "resize SVG" app since I recently had to go through a bunch of websites to do this. So, I pulled up Replit Agent and even though I've used it before, it doesn't cease to amaze me just how insanely good it is. The level of polish on this product is unlike any other AI agent out there right now. It starts off by drawing up a plan and asking you for feedback on that plan. Then, it'll just go to town and try to build the app. But what's super clever about it is that the agent asks you for feedback along the way. Effectively, the Replit Agent guides you, not the other way around (as one might have expected).

spatwei writes: Google has used a large language model (LLM) agent called "Big Sleep" to discover a previously unknown, exploitable memory flaw in a widely used software for the first time, the company announced Friday.

The stack buffer underflow vulnerability in a development version of the popular open-source database engine SQLite was found through variant analysis by Big Sleep, which is a collaboration between Google Project Zero and Google DeepMind.

Big Sleep is an evolution of Project Zero's Naptime project, which is a framework announced in June that enables LLMs to autonomously perform basic vulnerability research. The framework provides LLMs with tools to test software for potential flaws in a human-like workflow, including a code browser, debugger, reporter tool and sandbox environment for running Python scripts and recording outputs.

The researchers provided the Gemini 1.5 Pro-driven AI agent with the starting point of a previous SQLIte vulnerability, providing context for Big Sleep to search for potential similar vulnerabilities in newer versions of the software. The agent was presented with recent commit messages and diff changes and asked to review the SQLite repository for unresolved issues.

Google's Big Sleep ultimately identified a flaw involving the function "seriesBestIndex" mishandling the use of the special sentinel value -1 in the iColumn field. Since this field would typically be non-negative, all code that interacts with this field must be designed to handle this unique case properly, which seriesBestIndex fails to do, leading to a stack buffer underflow.

An anonymous reader quotes a report from the New York Times: Meta will allow U.S. government agencies and contractors working on national security to use its artificial intelligence models for military purposes, the company said on Monday, in a shift from its policy that prohibited the use of its technology for such efforts. Meta said that it would make its A.I. models, called Llama, available to federal agencies and that it was working with defense contractors such as Lockheed Martin and Booz Allen as well as defense-focused tech companies including Palantir and Anduril. The Llama models are "open source," which means the technology can be freely copied and distributed by other developers, companies and governments.

Meta's move is an exception to its "acceptable use policy," which forbade the use of the company's A.I. software for "military, warfare, nuclear industries," among other purposes. In a blog post on Monday, Nick Clegg, Meta's president of global affairs, said the company now backed "responsible and ethical uses" of the technology that supported the United States and "democratic values" in a global race for A.I. supremacy. "Meta wants to play its part to support the safety, security and economic prosperity of America -- and of its closest allies too," Mr. Clegg wrote. He added that "widespread adoption of American open source A.I. models serves both economic and security interests." The company said it would also share its technology with members of the Five Eyes intelligence alliance: Canada, Britain, Australia and New Zealand in addition to the United States.

An anonymous reader quotes a report from TechCrunch: The CEO of AI search company Perplexity, Aravind Srinivas, has offered to cross picket lines and provide services to mitigate the effect of a strike by New York Times tech workers. The NYT Tech Guild announced its strike Monday, after setting November 4 as its deadline months earlier. The workers represented provide software support and data analysis for the Times, on the business side of the outlet. They have been asking for an annual 2.5% wage increase and to cement a current two days per week in-office expectation, among other things. [...] Picketers demonstrated in front of the NYT building in New York as negotiations continued. Meanwhile, on X, formerly known as Twitter, Perplexity's CEO offered to step in for the striking workers.

Replying to Semafor media editor Max Tani quoting the publisher, Srinivas wrote: "Hey AG Sulzberger @nytimes sorry to see this. Perplexity is on standby to help ensure your essential coverage is available to all through the election. DM me anytime here." Many on X immediately castigated Srinivas for acting as a scab -- a derogatory term for people willing to perform the jobs of striking workers. It is widely considered a disreputable behavior in matters of labor and equity. By undercutting collective action, scabs limit the ability of workers to bargain with those in positions of power. Srinivas may simply be trying to make sure people have the information they need on election day. The company has lately unveiled its own elections info hub and map. But to offer its services explicitly as a replacement for striking workers was bound to be an unpopular move.

Though TechCrunch asked Perplexity for comment, Srinivas responded to TechCrunch's post on X saying that "the offer was *not* to 'replace' journalists or engineers with AI but to provide technical infra support on a high-traffic day." The striking workers in question, however, are the ones who provide that service to the NYT. It's not really clear what services other than AI tools Perplexity could offer, or why they would not amount to replacing the workers in question.

A former teacher has filed a federal lawsuit against PowerSchool, alleging the education technology giant illegally sells student data to third parties without proper consent. Emily Cherkin, lead plaintiff in the class action suit filed in San Francisco, claims PowerSchool has amassed 345 terabytes of data from 440 school districts, including sensitive information about students' health, behavior, and academic records. The company provides software services to more than 60 million students across 90 of the largest U.S. school districts.

The lawsuit alleges PowerSchool sells anonymized student data to over 100 partners, including educational consultants and government agencies, while marketing its analytics for workforce and policy planning. The company's Naviance college-planning software alone tracks 6 million high school students. PowerSchool has denied the allegations.

A hardware hacker has successfully modified Nintendo's $100 Alarmo device to run the classic video game Doom, marking another milestone in the gaming community's tradition of porting the 1993 shooter to unconventional devices.

YouTuber GaryOderNichts demonstrated the 2.8-inch circular alarm clock running Chocolate Doom natively, using the device's wheel for movement and side buttons for weapons. The hack requires no hardware modifications and works on the current 2.0 software version. The hack came after researchers discovered vulnerabilities in the Alarmo's STM32H7 microcontroller, enabling custom firmware installation through its USB-C port. The trick omits audio due to memory restrictions, GaryOderNichts notes, but it allows for custom animations and displays.

Cybercriminals have breached dozens of major companies including AT&T, Ticketmaster and Hot Topic by exploiting "infostealer" malware that harvests login credentials from infected computers, an investigation has found. The malware, spread through pirated software and social media, has infected 250,000 new devices daily, according to cybersecurity firm Recorded Future. Russian developers create the malware while contractors distribute it globally, deliberately avoiding former Soviet states. Hot Topic suffered potentially the largest retail hack ever in October when attackers accessed 350 million customer records using stolen developer credentials. Google and Microsoft are racing to patch vulnerabilities, but malware makers quickly adapt to new security measures.

Long-time Slashdot reader samj — also a long-time Debian developer — tells us there's some opposition to the newly-released Open Source AI definition. He calls it a "fork" that undermines the original Open Source definition (which was originally derived from Debian's Free Software Guidelines, written primarily by Bruce Perens), and points us to a new domain with a petition declaring that instead Open Source shall be defined "solely by the Open Source Definition version 1.9. Any amendments or new definitions shall only be recognized with clear community consensus via an open and transparent process."

This move follows some discussion on the Debian mailing list: Allowing "Open Source AI" to hide their training data is nothing but setting up a "data barrier" protecting the monopoly, disabling anybody other than the first party to reproduce or replicate an AI. Once passed, OSI is making a historical mistake towards the FOSS ecosystem.
They're not the only ones worried about data. This week TechCrunch noted an August study which "found that many 'open source' models are basically open source in name only. The data required to train the models is kept secret, the compute power needed to run them is beyond the reach of many developers, and the techniques to fine-tune them are intimidatingly complex. Instead of democratizing AI, these 'open source' projects tend to entrench and expand centralized power, the study's authors concluded."

samj shares the concern about training data, arguing that training data is the source code and that this new definition has real-world consequences. (On a personal note, he says it "poses an existential threat to our pAI-OS project at the non-profit Kwaai Open Source Lab I volunteer at, so we've been very active in pushing back past few weeks.")

And he also came up with a detailed response by asking ChatGPT. What would be the implications of a Debian disavowing the OSI's Open Source AI definition? ChatGPT composed a 7-point, 14-paragraph response, concluding that this level of opposition would "create challenges for AI developers regarding licensing. It might also lead to a fragmentation of the open-source community into factions with differing views on how AI should be governed under open-source rules." But "Ultimately, it could spur the creation of alternative definitions or movements aimed at maintaining stricter adherence to the traditional tenets of software freedom in the AI age."

However the official FAQ for the new Open Source AI definition argues that training data "does not equate to a software source code." Training data is important to study modern machine learning systems. But it is not what AI researchers and practitioners necessarily use as part of the preferred form for making modifications to a trained model.... [F]orks could include removing non-public or non-open data from the training dataset, in order to train a new Open Source AI system on fully public or open data...

[W]e want Open Source AI to exist also in fields where data cannot be legally shared, for example medical AI. Laws that permit training on data often limit the resharing of that same data to protect copyright or other interests. Privacy rules also give a person the rightful ability to control their most sensitive information — like decisions about their health. Similarly, much of the world's Indigenous knowledge is protected through mechanisms that are not compatible with later-developed frameworks for rights exclusivity and sharing.
Read on for the rest of their response...

This week's Ubuntu Summit 2024 was attended by Lproven (Slashdot reader #6,030). He's also a FOSS correspondent for the Register, where he's filed this report: One of the first full-length sessions was presented by David Morin, executive director of the Academy Software Foundation, introducing his organization in a talk about Open Source Software for Motion Pictures. Morin linked to the Visual Effects Society's VFX/Animation Studio Workstation Linux Report, highlighting the market share pie-chart, showing Rocky Linux 9 with at some 58 percent and the RHELatives in general at 90 percent of the market. Ubuntu 22 and 24 — the report's nomenclature, not this vulture's — got just 10.5 percent. We certainly didn't expect to see that at an Ubuntu event, with the latest two versions of Rocky Linux taking 80 percent of the studio workstation market...

What also struck us over the next three quarters of an hour is that Linux and open source in general seem to be huge components of the movie special effects industry — to an extent that we had not previously realized.
There's a "sizzle reel" showing examples of how major motion pictures used OpenColorIO, an open-source production tool for syncing color representations originally developed by Sony Pictures Imageworks. That tool is hosted by a collaboration between the Linux Foundation with the Science and Technology Council of the Academy of Motion Picture Arts and Sciences (the "Academy" of the Academy Awards). The collaboration — which goes by the name of the Academy Software Foundation — hosts 14 different projects The ASWF hasn't been around all that long — it was only founded in 2018. Despite the impact of the COVID pandemic, by 2022 it had achieved enough to fill a 45-page history called Open Source in Entertainment [PDF]. Morin told the crowd that it runs events, provides project marketing and infrastructure, as well as funding, training and education, and legal assistance. It tries to facilitate industry standards and does open source evangelism in the industry. An impressive list of members — with 17 Premier companies, 16 General ones, and another half a dozen Associate members — shows where some of the money comes from. It's a big list of big names. [Adobe, AMD, AWS, Autodesk...]
The presentation started with OpenVBD, a C++ library developed and donated by Dreamworks for working with three-dimensional voxel-based shapes. (In 2020 they created this sizzle reel, but this year they've unveiled a theme song.) Also featured was OpenEXR, originally developed at Industrial Light and Magic and sourced in 1999. (The article calls it "a specification and reference implementation of the EXR file format — a losslessly compressed image storage format for moving images at the highest possible dynamic range.")

"For an organization that is not one of the better-known ones in the FOSS space, we came away with the impression that the ASWF is busy," the article concludes. (Besides running Open Source Days and ASWF Dev Days, it also hosts several working groups like the Language Interop Project works on Rust bindings and the Continuous Integration Working Group on CI tools, There's generally very little of the old razzle-dazzle in the Linux world, but with the demise of SGI as the primary maker of graphics workstations — its brand now absorbed by Hewlett Packard Enterprise — the visual effects industry moved to Linux and it's doing amazing things with it. And Kubernetes wasn't even mentioned once.

The feds have indicted Aleksei Andriunin, a 26-year-old Russian national and founder of Gotbit, on charges of wire fraud and conspiracy to commit market manipulation. Crypto News reports: According to the U.S. Attorney's Office, the indictment alleges that Andriunin and his firm participated in a long-running scheme to artificially boost trading volumes for various cryptocurrency companies, including some based in the United States, to make them appear more popular and increase their trading value. Andriunin allegedly led these activities between 2018 and 2024 as Gotbit's CEO. He could face up to 20 years in prison, additional fines, and asset forfeiture if convicted, according to the U.S. Attorney's Office. Prosecutors say the scheme involved "wash trading," where the firm used its software to make fake trades that inflated a cryptocurrency's trading volume. This practice, called market manipulation, can mislead investors by giving the impression that demand for a particular cryptocurrency is higher than it actually is. Wash trades are illegal in traditional finance and are considered fraudulent because they deceive investors and manipulate market behavior.

Court documents also identify Gotbit's two directors, Fedor Kedrov and Qawi Jalili, as co-conspirators. The indictment claims Gotbit documented these activities in detailed records, tracking differences between genuine and artificial trading volumes. The firm allegedly pitched these services to prospective clients, explaining how Gotbit's tactics would bypass detection on public blockchains, where transactions are recorded transparently. The U.S. Department of Justice has announced that it seized over $25 million worth of cryptocurrency assets connected to these schemes and made four arrests across multiple firms. If you've been following the crypto industry, you're probably familiar with "pump-and-dump" schemes that have popped up throughout the years. Although it's a form of market manipulation, it's not quite the same as "wash trading."

In a pump-and-dump scheme, the perpetrator artificially inflates the price of a security (often a low-priced or thinly traded stock) by spreading misleading or exaggerated information to attract other buyers, who then drive up the price. Once the price has risen due to increased demand, the manipulators "dump" their shares at the inflated price, selling to the new buyers and pocketing the profits. The price typically crashes after the dump, leaving unsuspecting investors with overvalued shares and significant losses.

Wash trading, on the other hand, involves simultaneously buying and selling of the same asset to create the illusion of higher trading volume and activity. The purpose is to mislead other investors about the asset's liquidity and demand, often giving the impression that it is more popular or actively traded than it actually is. Wash trades usually occur without real changes in ownership or price movement, as the buyer and seller may even be the same person or entity. This tactic can manipulate prices indirectly by creating a perception of interest, but it does not involve a direct inflation followed by a sell-off, like a pump-and-dump scheme.

An anonymous reader quotes a report from TechCrunch: The trend of big touchscreens in cars has left many yearning for the not-so-distant days when most user interactions happened with physical buttons. But Rivian's chief software officer Wassym Bensaid believes using buttons in a car is an "anomaly." "It's a bug. It's not a feature," Bensaid said Wednesday at TechCrunch Disrupt 2024. "Ideally, you would want to interact with your car through voice. The problem today is that most voice assistants are just broken." To that end, Bensaid said that "every week" he's driving around an engineering vehicle that has an AI-powered voice assistant, though he did not specify which one. He mentioned earlier in his interview with TechCrunch's transportation editor Kirsten Korosec that Rivian has "partnerships that I cannot yet talk about."

"I think the car is actually a fantastic environment for AI," he said, while noting that latency and hallucinations are still very big problems that need to be solved. "The final north star I have is having voice [controls] become the primary means of interaction with the vehicle. The reality is that the vehicle is so feature-rich, that even if we do a fantastic job in the UI, there will always be prioritization that we need to do in terms of having things one or two menus behind," Bensaid told TechCrunch after he got off stage. Bensaid also said he's a big believer in the ability of AI-powered voice controls to handle complex requests. For instance, he said if a driver says "I'm hungry" the in-car assistant should be able to quickly direct them to a nearby restaurant that they might prefer. Bensaid said the company is committed to creating a unique, integrated user experienced tailored for Rivian owners -- one that won't include CarPlay.

CarPlay "takes over all the pixels in the screen, and it's a replacement of the entire experience, and we truly believe that with the technology capabilities that we have, we can offer a much more refined, integrated experience," he said.

Three months ago, Wall Street punished the world's largest technology firms for spending enormous amounts to develop artificial intelligence, only to deliver results that failed to justify the costs. Silicon Valley's response this quarter? Plans to invest even more. Bloomberg: The capital expenditures of the four largest internet and software companies -- Amazon, Microsoft, Meta and Alphabet -- are set to total well over $200 billion this year, a record sum for the profligate collective.

Executives from each company warned investors this week that their splurge will continue next year, or even ramp up. The spree underscores the extreme costs and resources consumed from the worldwide boom in AI ignited by the arrival of ChatGPT. Tech giants are racing to secure the scarce high-end chips and build the sprawling data centers the technology demands. To do so, the companies have cut deals with energy providers to power these facilities, even reviving a notorious nuclear plant.

British cybersecurity firm Sophos revealed this week that it waged a five-year battle against Chinese hackers who repeatedly targeted its firewall products to breach organizations worldwide, including nuclear facilities, military sites and critical infrastructure. The company told Wired that it traced the attacks to researchers in Chengdu, China, linked to Sichuan Silence Information Technology and the University of Electronic Science and Technology.

Sophos planted surveillance code on its own devices used by the hackers, allowing it to monitor their development of sophisticated intrusion tools, including previously unseen "bootkit" malware designed to hide in the firewalls' boot code. The hackers' campaigns evolved from mass exploitation in 2020 to precise attacks on government agencies and infrastructure across Asia, Europe and the United States. Wired story adds: Sophos' report also warns, however, that in the most recent phase of its long-running conflict with the Chinese hackers, they appear more than ever before to have shifted from finding new vulnerabilities in firewalls to exploiting outdated, years-old installations of its products that are no longer receiving updates. That means, company CEO Joe Levy writes in an accompanying document, that device owners need to get rid of unsupported "end-of-life" devices, and security vendors need to be clear with customers about the end-of-life dates of those machines to avoid letting them become unpatched points of entry onto their network. Sophos says it's seen more than a thousand end-of-life devices targeted in just the past 18 months.

"The only problem now isn't the zero-day vulnerability," says Levy, using the term "zero-day" to mean a newly discovered hackable flaw in software that has no patch. "The problem is the 365-day vulnerability, or the 1,500-day vulnerability, where you've got devices that are on the internet that have lapsed into a state of neglect."

Google is rolling out a dedicated weather app on Pixel phones (model 6 and newer with Android 15) that integrates AI-generated summaries and customizable widgets. Ars Technica reports: There's a prominent "AI generated weather report" on top of the weather stack, which is a combination of summary and familiarity. "Cold and rainy day, bring your umbrella and hold onto your hat!" is Google's example; I can't provide another one, because an update to "Gemini Nano" is pending. You can see weather radar for your location, along with forecasted precipitation movement. The app offers "Nowcasting" precipitation guesses, like "Rain continuing for 2 hours" or "Light rain in 10 minutes."

The best feature, one seen on the version of Weather that shipped to the Pixel Tablet and Fold, is that you can rearrange the order of data shown on your weather screen. I moved the UV index, humidity, sunrise/sunset, and wind conditions as high as they could go on my setup. It's a trade-off, because the Weather app's data widgets are so big as to require scrolling to get the full picture of a day, and you can't move the AI summary or 10-day forecast off the top. But if you only need a few numbers and like a verbal summary, it's handy. Sadly, if you're an allergy sufferer and you're not in the UK, Germany, France, or Italy, Google can't offer you any pollen data or forecasts. There is also, I am sad to say, no frog. You can download the app here.