"Who asked for any of this in the first place?" wonders a New York Times consumer-tech writer. (Alternate URL here.) "Judging from the feedback I get from readers, lots of people outside the tech industry remain uninterested in AI — and are increasingly frustrated with how difficult it has become to ignore." The companies rely on user activity to train and improve their AI systems, so they are testing this tech inside products we use every day. Typing a question such as "Is Jay-Z left-handed?" in Google will produce an AI-generated summary of the answer on top of the search results. And whenever you use the search tool inside Instagram, you may now be interacting with Meta's chatbot, Meta AI. In addition, when Apple's suite of AI tools, Apple Intelligence, arrives on iPhones and other Apple products through software updates this month, the tech will appear inside the buttons we use to edit text and photos.

The proliferation of AI in consumer technology has significant implications for our data privacy, because companies are interested in stitching together and analyzing our digital activities, including details inside our photos, messages and web searches, to improve AI systems. For users, the tools can simply be an annoyance when they don't work well. "There's a genuine distrust in this stuff, but other than that, it's a design problem," said Thorin Klosowski, a privacy and security analyst at the Electronic Frontier Foundation, a digital rights nonprofit, and a former editor at Wirecutter, the reviews site owned by The New York Times. "It's just ugly and in the way."

It helps to know how to opt out. After I contacted Microsoft, Meta, Apple and Google, they offered steps to turn off their AI tools or data collection, where possible. I'll walk you through the steps.
The article suggests logged-in Google users can toggle settings at myactivity.google.com. (Some browsers also have extensions that force Google's search results to stop inserting an AI summary at the top.) And you can also tell Edge to remove Copilot from its sidebar at edge://settings.

But "There is no way for users to turn off Meta AI, Meta said. Only in regions with stronger data protection laws, including the EU and Britain, can people deny Meta access to their personal information to build and train Meta's AI." On Instagram, for instance, people living in those places can click on "settings," then "about" and "privacy policy," which will lead to opt-out instructions. Everyone else, including users in the United States, can visit the Help Center on Facebook to ask Meta only to delete data used by third parties to develop its AI.
By comparison, when Apple releases new AI services this month, users will have to opt in, according to the article. "If you change your mind and no longer want to use Apple Intelligence, you can go back into the settings and toggle the Apple Intelligence switch off, which makes the tools go away."

Libreboot is a distribution of coreboot "aimed at replacing the proprietary BIOS firmware contained by most computers."

So then what exactly is GNU Boot? Its home page explains... In November 2022, Libreboot began to include non-libre code. We have made repeated efforts to continue collaboration with those developers to help their version of Libreboot remain libre, but that was not successful. Now we've stepped forward to stand up for freedom, ours and that of the wider community, by maintaining our own version — a genuinely libre Libreboot, that after some hurdles gave birth to this project: GNU Boot.
But today, Phoronix writes: While priding itself on being "100% free", last December [GNU Boot] had to drop some motherboard support and CPU code after discovering they were shipping some files that are non-free by their free software standards. Today they announced another mistake in having inadvertently been shipping additional non-free code.

GNU Boot discovered an issue with non-free code affecting not only them but also some of the Linux distributions that pride themselves on being fully free software / 100% open-source. This latest snafu they say is "more problematic" than their prior non-free code discover due to impacting the free software Linux distributions too. The issue at hand though comes down to test data contained within the archive and that containing non-free code in the form of microcode, BIOS bits, and Intel Management Engine firmware.
"We also contacted Replicant..." according to the announcement, "a free Android distro that also ships vboot source code." And in addition, "We had to re-release all the affected tarballs." (Which at this point is three release candidates...)

"The foundation behind the Gnome desktop environment is having to go through some serious belt-tightening..." writes Linux Magazine.

From an October 7th announcement by The Gnome Foundation: Our plan for the previous financial year was to operate a break-even budget. We raised less than expected last year, due to a very challenging fundraising environment for nonprofits, on top of internal changes such as the departure of our previous Executive Director, Holly Million. The Foundation has a reserves policy which requires us to keep a certain amount of money in the bank account, to preserve core operations in the event of interruptions to our income. In order to meet our reserves policy, this year's budget had to reduce our expenditure to below expected income, and generate a small surplus to reinstate the Foundation's financial reserves to the necessary level...

We're asking for your support in several ways:

- Look out for opportunities to volunteer your time and skills in areas where we've had to reduce staff involvement.

- Share ideas on how to organize and improve our activities in this new context.

- Consider making donations to support the GNOME Foundation's core priorities, if you're able...

Through these difficult decisions, the GNOME Foundation is able to meet its reserves policy, ensuring sufficient funds for the coming year. Our budget for the new financial year is realistic and supports four full time staff, who are able to support key operations like finance, infrastructure and events. We are additionally contracting a number of other individuals on a short term or part time basis, to help with fund raising, websites and delivering on our project commitments.

We are going to be looking to the GNOME community to help with the areas that are most affected by our reduced staffing. If you would like to help GNOME with its events, marketing, or fundraising, we would love to hear from you.
In their new budget, "expenses have been greatly reduced," according to an October 10 update: We are also very relieved to be able to provide a surplus budget for the first time in many years, and doing so while still being able to support the community: events, infrastructure, internships, travel funding, and meeting our commitment to donors for work done in some parts of the stack, e.g.: Flathub, parental controls and GNOME Software.

"Six years after the Spectre transient execution processor design flaws were disclosed, efforts to patch the problem continue to fall short," writes the Register: Johannes Wikner and Kaveh Razavi of Swiss University ETH Zurich on Friday published details about a cross-process Spectre attack that derandomizes Address Space Layout Randomization and leaks the hash of the root password from the Set User ID (suid) process on recent Intel processors. The researchers claim they successfully conducted such an attack.... [Read their upcomong paper here.] The indirect branch predictor barrier (IBPB) was intended as a defense against Spectre v2 (CVE-2017-5715) attacks on x86 Intel and AMD chips. IBPB is designed to prevent forwarding of previously learned indirect branch target predictions for speculative execution. Evidently, the barrier wasn't implemented properly.

"We found a microcode bug in the recent Intel microarchitectures — like Golden Cove and Raptor Cove, found in the 12th, 13th and 14th generations of Intel Core processors, and the 5th and 6th generations of Xeon processors — which retains branch predictions such that they may still be used after IBPB should have invalidated them," explained Wikner. "Such post-barrier speculation allows an attacker to bypass security boundaries imposed by process contexts and virtual machines." Wikner and Razavi also managed to leak arbitrary kernel memory from an unprivileged process on AMD silicon built with its Zen 2 architecture.

Videos of the Intel and AMD attacks have been posted, with all the cinematic dynamism one might expect from command line interaction.

Intel chips — including Intel Core 12th, 13th, and 14th generation and Xeon 5th and 6th — may be vulnerable. On AMD Zen 1(+) and Zen 2 hardware, the issue potentially affects Linux users. The relevant details were disclosed in June 2024, but Intel and AMD found the problem independently. Intel fixed the issue in a microcode patch (INTEL-SA-00982) released in March, 2024. Nonetheless, some Intel hardware may not have received that microcode update. In their technical summary, Wikner and Razavi observe: "This microcode update was, however, not available in Ubuntu repositories at the time of writing this paper." It appears Ubuntu has subsequently dealt with the issue.

AMD issued its own advisory in November 2022, in security bulletin AMD-SB-1040. The firm notes that hypervisor and/or operating system vendors have work to do on their own mitigations. "Because AMD's issue was previously known and tracked under AMD-SB-1040, AMD considers the issue a software bug," the researchers explain. "We are currently working with the Linux kernel maintainers to merge our proposed software patch."
BleepingComputer adds that the ETH Zurich team "is working with Linux kernel maintainers to develop a patch for AMD processors, which will be available here when ready."

Phoronix's Michael Larabel reports: Germany's Sovereign Tech Fund (STF) is today celebrating its second anniversary for "empowering public digital infrastructure." In the past two years it has invested more than $24.9 million into sixty open technologies. This effort backed by the German government has provided nearly $25 million USD in open-source funding over the past two years. In this time there has been more than 500 submissions proposing over 114 million euros in work.

This Sovereign Tech Funding has helped open-source projects provide much needed maintenance to their software, enhance the security posture of the software, and make other open-source improvements in the public interest. You can learn more about the Sovereign Tech Fund via their blog.

The U.S. Federal Trade Commission is investigating farm equipment maker Deere over its repair policies, focusing on whether the company's restrictions on repairs violate customers' "right to repair." Reuters reports: The investigation, authorized on Sept. 2, 2021, focuses on repair restrictions manufacturers place on hardware or software, often referred to by regulators as impeding customers' "right to repair" the goods they purchase. The probe was made public through a filing by data analytics company Hargrove & Associates Inc, which sought to quash an FTC subpoena seeking market data submitted to it by members of the Association of Equipment Manufacturers. Neither HAI nor AEM is a target of the FTC probe [...].

The FTC is probing whether Deere violated the Federal Trade Act's section 5, according to the filing. The law prohibits unfair or deceptive practices affecting commerce, and the FTC has recently used it in a broad array of cases, including against Amazon and pharmacy benefit managers.

An anonymous reader shares a report: At the end of September, Kaspersky forcibly uninstalled and replaced itself with a new antivirus called UltraAV on the computers of around a million Americans, many of whom were surprised and aghast that they were not asked to give their consent for the change. The move was the end result of the U.S. government ban on all sales of Kaspersky software in the country and -- at least in theory -- marked the end of Kaspersky in America.

But not everyone in the U.S. has given up on the Russian-made antivirus. Some Americans have found ways to get around the ban and are still using Kaspersky's antivirus, TechCrunch has learned. Several people who live in the U.S. said in posts on Reddit that they are holding out as Kaspersky customers. When TechCrunch asked them about their motivations, their reasons range from being skeptical of the reasons behind the ban, or having paid for the product already, to simply preferring the product over its rivals.

The blockchain-based identity verification company founded by Sam Altman is now called "World." It also unveiled a new version of the "Orb" biometric devices the company uses to scan users' eyes. CoinTelegraph reports: World, as it's now known, also revealed a slew of other updates including a new version of its Orb biometric scanning devices, new options for identity verification and partnership integrations with popular apps including FaceTime, WhatsApp, and Zoom. [...] The new Orb, powered by Nvidia hardware, will be more efficient and "five times" more powerful than its predecessor with a smaller footprint and fewer parts. The company also said the new Orb would eventually be available in self-service kiosks in some markets.

World also announced that users will soon be able to verify their identity through methods other than the firm's Orb hardware. Through a program called World ID Credentials, the company says users with NFC-enabled government issued passports will allow them to verify their identity on the World app. Another major announcement came in the form of World ID Deep Face, a service the company claims has "solved deepfakes." According to the company, its software can be implemented into just about any app where video can be uploaded or streamed to determine whether videos featuring verified persons are real or have been faked using AI. Finally, the company also announced that so far 15 million users have signed up for its World app service; among them, seven million are verified.

Google's NotebookLM app has been updated to let you generate custom podcasts from almost any source material. The AI software is also dropping the "experimental" tag. Wired reports: To make an AI podcast using NotebookLM, open up the Google Labs website and start a New Notebook. Then, add any source documents you would like to be used for the audio output. These can be anything from files on your computer to YouTube links. Next, when you click on the Notebook guide, you'll now see the option to generate a deep dive as well as the option to customize it first. Choose Customize and add your prompt for how you'd like the AI podcast to come out. The software suggests that you consider what sections of the sources you'd like highlighted, larger topics you want further explored, or different intended audiences who you want the message to reach.

One tip [Raiza Martin, who leads the NotebookLM team inside of Google Labs] shares for trying out the new feature is to generate the Audio Overview without changes, and while you're listening to this first iteration, write down any burning questions you have or topics you wish it expanded on. Afterwards, use these notes as a launching pad to create your prompts for NotebookLM and regenerate that AI podcast with your interests in mind. [...] Yes, Google's NotebookLM might flatten the specifics of a big document or get some details mixed up, but being able to generate more personalized podcasts from disparate sources truly does feel like a transformation -- and luckily nothing like turning into a giant bug. You can view some examples of AI-generated podcasts here.

The business world's favourite software program enters its 40th year. The Economist: Excel has featured in plenty of workplace blunders -- though its defenders will be quick to blame human error. The financial world is littered with tales of costly spreadsheet errors. Excel has also been blamed for botching gene names in over a third of genomics papers (because it labelled them as dates); underreporting covid-19 cases in England (because it only had a limited number of rows in which to record the results); and disrupting the trial of January 6th rioters in America (because sensitive information was left in hidden cells).

Such snafus have not dented Excel's dominance. Might artificial intelligence (AI) steal its crown? With whizzy new tools powered by the technology promising to make data analysis easier, the familiar grid of numbers and calculations could soon feel outdated. Rather than replacing spreadsheets, though, AI might make them even better. Last month Microsoft introduced an AI assistant for Excel which lets users crunch data using natural-language prompts. Excel, and its faithful, aren't ready to be filtered out just yet.

An anonymous reader quotes a report from Wired: Real-time video deepfakes are a growing threat for governments, businesses, and individuals. Recently, the chairman of the US Senate Committee on Foreign Relations mistakenly took a video call with someone pretending to be a Ukrainian official. An international engineering company lost millions of dollars earlier in 2024 when one employee was tricked by a deepfake video call. Also, romance scams targeting everyday individuals have employed similar techniques. "It's probably only a matter of months before we're going to start seeing an explosion of deepfake video, face-to-face fraud," says Ben Colman, CEO and cofounder at Reality Defender. When it comes to video calls, especially in high-stakes situations, seeing should not be believing.

The startup is laser-focused on partnering with business and government clients to help thwart AI-powered deepfakes. Even with this core mission, Colman doesn't want his company to be seen as more broadly standing against artificial intelligence developments. "We're very pro-AI," he says. "We think that 99.999 percent of use cases are transformational -- for medicine, for productivity, for creativity -- but in these kinds of very, very small edge cases the risks are disproportionately bad." Reality Defender's plan for the real-time detector is to start with a plug-in for Zoom that can make active predictions about whether others on a video call are real or AI-powered impersonations. The company is currently working on benchmarking the tool to determine how accurately it discerns real video participants from fake ones. Unfortunately, it's not something you'll likely be able to try out soon. The new software feature will only be available in beta for some of the startup's clients.

As Reality Defender works to improve the detection accuracy of its models, Colman says that access to more data is a critical challenge to overcome -- a common refrain from the current batch of AI-focused startups. He's hopeful more partnerships will fill in these gaps, and without specifics, hints at multiple new deals likely coming next year. After ElevenLabs was tied to a deepfake voice call of US president Joe Biden, the AI-audio startup struck a deal with Reality Defender to mitigate potential misuse. [...] "We don't ask my 80-year-old mother to flag ransomware in an email," says Colman. "Because she's not a computer science expert." In the future, it's possible real-time video authentication, if AI detection continues to improve and shows to be reliably accurate, will be as taken for granted as that malware scanner quietly humming along in the background of your email inbox.

An anonymous reader quotes a report from 404 Media: The code that runs Redbox DVD rental machines has been dumped online, and, in the wake of the company's bankruptcy, a community of tinkerers and reverse engineers are probing the operating system to learn how it works. Naturally, one of the first things people did was make one of the machines run Doom. As has been detailed in several great articles elsewhere, the end of Redbox has been a clusterfuck, with pharmacies, grocery stores, and other retailers stuck with very large, heavy, abandoned DVD rental kiosks. To many people's surprise, many of the kiosks remain operational even with the bankruptcy of Redbox's parent company, which has led some people to "liberate" DVDs from the abandoned kiosks. Reddit is full of posts by people who say they have taken dozens of DVDs from kiosks all over the country. Free DVDs is one thing. But in recent days, people have realized that they can, in some cases, get free Redbox kiosks. In an August filing, Walgreens told the bankruptcy court that it has 5,400 abandoned kiosks at its stores, and that it is spending $184,000 a month keeping them powered. "Walgreens should not be required to continue to 'store' and power Redbox kiosks across the country without any form of payment," the company wrote. And so tinkerers and reverse engineers have begun asking stores whether they can take the devices off their hands. There are also posts on Reddit by contractors who are selling them, and I was able to find various Redbox DVD kiosks being advertised for sale on Facebook Marketplace. (There are far more listings on Facebook Marketplace from people who have obtained hundreds or thousands of Redbox DVDs and are now selling them.)

Recently the operating system for Redbox kiosks was dumped online, and this community is now probing it to see how it works. In a thread on Mastodon, reverse engineer Foone Turing has been posting some of her findings, which include the fact that Redbox machines contain a file that has "a complete list of titles ever rented, and the email addresses of the people who rented them, and where and when." She also found that the first six and last four digits of credit card information was logged. She said that the records on the particular unit that she was looking at contained 2,471 different transactions and had records on it dating back to 2015. Other reverse engineers have found that Redbox kiosks contained information about the physical locations of every other kiosk. The server that they communicated with is currently offline (because the company is bankrupt). But people have also been putting together information about what different error codes in the software mean (for example, the error code "0020BDT" would happen when an obstruction was detected in the machine). They have also found and dumped service manuals for different parts of the device and have found a few login passwords (one password is "US#1Choice4movierentals"). [...] There has also been discussion about how the machines could be modified to talk to a new server, or whether the operating system could be put on a DIY Redbox device. Another person installed Minecraft on their Redbox. It is still very early days, but, with the bankruptcy of Redbox's parent company, ironically these devices are being given new life.

Apple's $3,499 Vision Pro is struggling to attract major software-makers to develop apps for the device, a challenge that threatens to slow the progress of the company's biggest new product in a decade. WSJ: New apps released on the Vision Pro every month have slowed since its launch in January. Some of the most successful virtual-reality software developers have so far opted not to build apps for the headset. Without enough killer apps, certain users have found the device less useful and are opting to sell it. "It's a chicken-or-egg problem," said Bertrand Nepveu, who previously worked on the Vision Pro at Apple and is now an investor in this area at Triptyq Capital.

Nepveu and app developers think Apple should fund app makers to give them an incentive to port over their existing apps from other headsets or to develop fresh content. This practice has become common in the industry, with headset leader Meta Platforms funding many developers and even buying several app makers. The social-media company is a formidable competitor to Apple, with a market share of all headsets reaching 74% in the second quarter this year, according to Counterpoint Research.

Digital River has not paid numerous merchants since midsummer for software and digital products they sold through its MyCommerce platform. The Register: "After over 20 years of partnership with Digital River, Traction Software Ltd has been left feeling as though we've been 'rug pulled,'" Lee Midgley, managing director of Traction Software, told The Register. "For the past three months, we've experienced a complete halt in software sales revenue payments with no support, no direct contact, and only additional terms and conditions designed to delay resolution and extract more money from us.

"Astonishingly, Digital River continued to take sales from our loyal customers until we removed them from the order system. It now appears they have no intention of making payments and may be entering a liquidation process under a new CEO who has been involved in similar situations before."

The new CEO, Barry Kasoff, was first noted on the e-commerce biz website in August. Kasoff is also listed as the president of Realization Services, "a full-service strategic consulting firm specializing in turnaround management and value enhancement..." The privately-owned, Minnesota-based business appears to have laid off a significant number of employees, presumably the result of what its UK subsidiary describes as cost reduction initiatives implemented in late 2022.

Phoronix's Michael Larabel reports: Intel and AMD have jointly announced the creation of an x86 ecosystem advisory group to bring together the two companies as well as other industry leaders -- both companies and individuals such as Linux creator Linus Torvalds. Intel and AMD are forming this x86 ecosystem advisory group to help foster collaboration and innovations around the x86 (x86_64) ISA. [...] Besides Intel amd AMD, other founding members include Broadcom, Dell, Google, HPE, HP Inc, Lenovo, Microsoft, Oracle, and Red Hat. Here are the "intended outcomes" for the group, as stated in the press release: The intended outcomes include:
- Enhancing customer choice and compatibility across hardware and software, while accelerating their ability to benefit from new, cutting-edge features.
- Simplifying architectural guidelines to enhance software consistency and standardize interfaces across x86 product offerings from Intel and AMD.
- Enabling greater and more efficient integration of new capabilities into operating systems, frameworks and applications.

Many colleges are under financial pressure, and the cracks are starting to show. From a report: At least 20 colleges closed in 2024, and more are set to shut down after the current academic year, according to the latest tally by Implan, an economic software and analysis company. Altogether, more than 40 colleges have closed since 2020, according to a separate report by Best Colleges.

As the sticker price at some private colleges nears six figures a year, students have increasingly opted for less expensive public schools or alternatives to a four-year degree altogether, such as trade programs or apprenticeships. At the same time, the population of college-age students is also shrinking, a trend referred to as the "enrollment cliff."

Though native Linux game servers have been scarce over the last two decades, "I've seen people using the Box64 emulator to play x86_64 games on ARM devices," writes Slashdot reader VennStone. "It got me thinking: why not apply this to game servers...?

"I thought it would be fun to see if I could build a super low-power Trackmania 2 server using a Raspberry Pi Zero 2 W."

They dubbed the experiment "Trackberry", and shared all the technical details in a blog post at Interfacing Linux (includinga video). For example, they installed PyEnv so it could create a virtual environment for the PyPlanet server controller. ("That's right, your little Pi Zero 2 W is about to compile some software, slowly....")

But ultimately "it turns out that the A53 can run not only the server but also the server controller, with minimal effort. Five players push one core to around 50% load, while the others handle the database and controller." WHY STOP THERE? There are a gang of x86 Linux servers that could potentially run with Box64. Imagine playing Pirraria, 7 Days to Pi, Counter-Pi 2, Pitorio, and countless others! Granted, you may need a more powerful device than a Raspberry Pi Zero 2 W. I'll leave that research up to you.

My main takeaway from this experiment? Box64 is straight-up Scandinavian witchcraft and is not to be trifled with. Not even a little bit.

That said, it introduces a compelling option for those of us looking to run dedicated game servers that don't require much in the way of system resources. Under load, TrackBerry averages 2.8 watts and, according to the scientific number digits below, ends up running just under $3.00 a year or $0.25 a month. I find the concept of having a stack of microSD cards, each holding a different game server, neat....

You can see TrackBerry in action every Tuesday and Friday on Twitch...

Last month C dropped from 3rd to 4th in TIOBE's ranking of programming language popularity (which tries to calculate each language's share of search engine results). Java moved up into the #3 position in September, reports TechRepublic, which notes that by comparison October "saw relatively little change" — though percentages of search results increased slightly. "At number one, Python jumped from 20.17% in September to 21.9% in October. In second place, C++ rose from 10.75% in September to 11.6%. In third, Java ascended from 9.45% to 10.51%..."

Is there a larger trend? TIOBE CEO Paul Jansen writes that the need to harvest more data increases demand for fast data manipulation languages. But they also need to be easy to learn ("because the resource pool of skilled software engineers is drying up") and secure ("because of continuous cyber threats.") King of all, Python, is easy to learn and secure, but not fast. Hence, engineers are frantically looking for fast alternatives for Python. C++ is an obvious candidate, but it is considered "not secure" because of its explicit memory management. Rust is another candidate, although not easy to learn. Rust is, thanks to its emphasis on security and speed, making its way to the TIOBE index top 10 now. [It's #13 — up from #20 a year ago]

The cry for fast, data crunching languages is also visible elsewhere in the TIOBE index. The language Mojo [a faster superset of Python designed for accelerated hardware like GPUs]... enters the top 50 for the first time. The fact that this language is only 1 year old and already showing up, makes it a very promising language.
In the last 12 months three languages also fell from the top ten:

• PHP (dropping from #8 to #15)

• SQL (dropping from #9 to #11)

• Assembly language (dropping from #10 to #16)

The Wall Street Journal delves into the origin story of that teenaged Grand Theft Auto VI leaker. Arion Kurtaj, now 19 years old, is the most notorious name that has emerged from a sprawling set of online communities called the Com... Their youthful inventiveness and tenacity, as well as their status as minors that make prosecution more complicated, have made the Com especially dangerous, according to law-enforcement officials and cybersecurity investigators. Some kids, they say, are recruited from popular online spaces like Minecraft or Roblox.... [William McKeen, a supervisory special agent with the FBI's Cyber Division] said the average age of anyone arrested for a crime in the U.S. is 37, while the average age of someone arrested for cybercrime is 19. Cybersecurity investigators have found posts they say suggest Kurtaj has been involved in online attacks since he was 11.
"He had limited social skills and trouble developing relationships, records say — and ultimately looked for approval in the booming world of cybercrime..." [When Kurtaj was 14] he landed in a residential school serving children with severe emotional and behavioral needs. Kurtaj was physically assaulted by a staff member at his school who was later convicted as a result, according to a person familiar with the case. In early 2021, his mother brought him home and removed him from government care, court records say. He never returned to school. He was 16.

A month after his mother pulled him out of school, investigators say that Kurtaj was part of a hacking group called Recursion Team that broke into the videogame firm Electronic Arts and stole 780 gigabytes of data. When Electronic Arts refused to engage, they dumped the stolen data online. Within a week of that hack, investigators had identified Kurtaj and provided his name to the FBI. Later in that summer of 2021, according to court records, Kurtaj partnered with another teenager, known as ASyntax, and several Brazilian hackers, and started calling themselves Lapsus$. The group hacked into the British telecommunications giant BT in an effort to steal money using a technique called SIM swapping... The hacks weren't always for money. In late 2021, Lapsus$ hacked into a website operated by Brazil's Ministry of Health and deleted the country's database of Covid vaccinations, according to law enforcement...

If the Com has a social center, it's a website called Doxbin, where users publish personal details, such as home addresses and phone numbers, of their online rivals in an attempt to intimidate each other. Kurtaj bought Doxbin in November 2021 for $75,000, according to Chainalysis. But after a few months, the previous owners accused Kurtaj of mismanaging the site and pressured him to sell it back. He relented. Then in January 2022, cybersecurity investigators say, he doxxed the entire site, publishing a database that included usernames, passwords and email addresses that he'd downloaded when he was the owner. For cybersecurity experts, it was a gold mine. "It helped investigators piece together which crimes were done by who," said Allison Nixon, chief research officer at Unit 221B, an online investigations firm.

Doxbin's owners responded with a dox of Kurtaj and his family, including his home address and photos of him, investigators say — setting up the chain of events that would put Kurtaj in the Travelodge.
After two weeks of "protective custody" there — during which time he was supposed to be computer-free — Kurtaj "was arrested a third time and charged with hacking, fraud and blackmail. Authorities said that while at the Travelodge, he broke into Uber and taunted the company by posting a link to a photo of an erect penis on the company's internal Slack messaging system, then stole software and videos from Rockstar Games. Stolen clips had popped up in a Grand Theft Auto discussion forum from a user named teapotuberhacker and stirred a frenzy.

"As officers collected evidence, the teen stood by, emotionless, police say...."

"Kurtaj's lawyers and some experts on autism have said a potential lifetime of incarceration isn't appropriate for a teenager like Kurtaj..."

Thanks to long-time Slashdot reader SpzToid for sharing the article.

This week (MIT-licensed) WebAssembly runtime Wasmer announced "a major milestone in making any software run with WebAssembly."

The announcement's headline? Running Clang in the browser using WebAssembly... Thanks to the newest release of Wasmer (4.4) and the Wasmer JS SDK (0.8.0) you can now run [compiler front-end] clang anywhere Wasmer runs! This allows compiling C programs from virtually anywhere. Including Javascript and your preferred browser! (we tested Chrome, Safari and Firefox and everything is working like a charm)...

- You can compile C code to WebAssembly easily just using the Wasmer CLI: no toolchains or complex installations needed, install Wasmer and you are ready to go...!

- You can compile C projects directly from JavaScript...!

- We expect online IDEs to start adopting the SDK to allow their users compile and run C programs in the browser....

Do you want to use clang in your Javascript project? Thanks to our newly released Wasmer JS SDK you can do it easily, in both the browser and Node.js/Bun etc... Wasmer's clang can even optimize the file for you automatically using wasm-opt under the hood (Clang automatically detects if wasm-opt is used, and it will be automatically called when optimizing the file). Imagine using Emscripten without needing its toolchain installed — or even better, imagine running Emscripten in the browser.
The announcement looks to a future of compiling native Python libraries, when "any project depending on LLVM can now be easily compiled to WebAssembly..."

"This is the beginning of an awesome journey, we can't wait to see what you create next with this."