Google Asked To Remove 10 Billion 'Pirate' Search Results
An anonymous reader quotes a report from TorrentFreak: Rightsholders have asked Google to remove more than 10 billion 'copyright infringing' URLs from its search results. The search engine doesn't celebrate the milestone in any way, but the takedown notices document intriguing shifts in volume over time, as well as shifting takedown interests. [...] The path to 10 billion was turbulent. When Google first made DMCA details public it was processing a few million DMCA takedown requests in a year. That number swiftly increased to hundreds of millions and eventually reached a billion DMCA requests in 2016.
The exponential growth curve eventually flattened out and around 2017, the takedown volume started to decline. The decrease was in part due to various anti-piracy algorithms making pirated content less visible in search results. By downranking pirate sites, infringing content became harder to find. As a result, Google processed fewer takedown notices, a welcome change for both rightsholders and the search engine. Today, Google continues to make pirate sites less visible in search, but the reduction in takedown notices didn't last. On the contrary, over the past several months, Google search processed a record number of DMCA notices.
Last summer, the search giant recorded the 7 billionth takedown request and after that the numbers shot up, adding billions more in the year that followed. The company is now handling removal requests at a rate of roughly 2.5 billion per year; a new record. This represents more than 50 million takedown requests per week and roughly 5,000 every minute. [...] While the 10 billionth reported URL is undoubtedly a milestone, this number is largely driven by a few rightsholders, reporting outfits, and domain names. The aforementioned takedown outfit Link-Busters, for example, accounts for roughly 15% of all reported links, nearly 1.5 billion. Similarly, the ten most prolific rightsholders, including the BPI, HarperCollins, and VIZ Media, are responsible for 40% of all reported links. These ten companies are only a tiny fraction of the 600,000 rightsholders that reported pirated links, however. A small group of domains also receives a disproportionate amount of attention. In total, 5,400,061 domains have been reported, with the top domains having dozens of millions of flagged URLs each. However, most domains have only a few flagged links, some of which are erroneous.
<a href="http://twitter.com/home?status=Google+Asked+To+Remove+10+Billion+'Pirate'+Search+Results%3A+https%3A%2F%2Fyro.slashdot.org%2Fstory%2F24%2F11%2F05%2F2059252%2F%3Futm_source%3Dtwitter%26utm_medium%3Dtwitter" rel="nofollow"><img src="https://a.fsdn.com/sd/twitter_icon_large.png"></a>
<a href="http://www.facebook.com/sharer.php?u=https%3A%2F%2Fyro.slashdot.org%2Fstory%2F24%2F11%2F05%2F2059252%2Fgoogle-asked-to-remove-10-billion-pirate-search-results%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook" rel="nofollow"><img src="https://a.fsdn.com/sd/facebook_icon_large.png"></a>https://yro.slashdot.org/story/24/11/05/2059252/google-asked-to-remove-10-billion-pirate-search-results?utm_source=rss1.0moreanon&utm_medium=feed
at Slashdot.
https://yro.slashdot.org/story/24/11/05/2059252/google-asked-to-remove-10-billion-pirate-search-results?utm_source=rss1.0mainlinkanon&utm_medium=feed
The Hyperloop Lives On As a 1/12th Scale Model In Switzerland
Last December, Hyperloop One, the futuristic transportation company pursuing Elon Musk's dream of tube-based, airplane-speed travel, announced its shutdown. However, the concept itself has found a new lease on life in a scaled-down version overseas. According to The Verge's Andrew J. Hawkins, "The hyperloop, in fact, lives on -- as a 1/12th scale model in Switzerland." From the report: Sure, this isn't exactly the full realization of Musk's 2013 white paper, in which he theorized that aerodynamic aluminum capsules filled with passengers or cargo could be propelled through a nearly airless tube at speeds of up to 760mph. These tubes, either raised on pylons or sunk beneath the earth, could be built either within or between cities. Musk called it a "fifth mode of transportation" and argued it could help change the way we live, work, trade, and travel. The idea is being put to the test in Lausanne, Switzerland, where a 120-meter circular test track is being operated by a team that includes the Federal Institute of Technology Lausanne (EPFL), the School of Business and Engineering Vaud (HEIG-VD), and Swisspod Technologies. This week, the group announced that it had conducted "the longest" hyperloop test of its kind: traveling 11.8 km (7.3 miles) at a speed of 40.7km/h (25.3mph).
The circular test track has a circumference of 125.6 meters (412 feet) and a diameter of 40 centimeters (15.7 inches). It sounds modest, but the group claims that in a full-scale system, their test "directly translates" to a journey of 141.6 km (88 miles), which is about the distance between Geneva and Bern, or San Francisco to Sacramento, and speeds of up to 488.2 km/h (303.4mph). The project is called LIMITLESS, which stands for Linear Induction Motor Drive for Traction and Levitation in Sustainable Hyperloop Systems. During the test, the team "monitored the performance of vital subsystems," including propulsion, communication infrastructure, power electronics, and thermal management. They assessed "energy consumption, thrust variations, [linear induction motor] response, and control during acceleration, cruising, coasting, and braking scenarios."
Of course, a 1/12th-scale circular test track is hardly a sign that the hyperloop is alive and well. Most of the startups and companies pursuing a full-scale hyperloop have shut down, victims of financial mismanagement, as well as infrastructure and regulatory hurdles. Critics said that while the hyperloop may be technically feasible, it still only amounts to vaporware. It's been called a "utopian vision" that would be financially impossible to achieve. But the Swiss team is undeterred, promising to conduct a battery of future tests to further validate the system. Swisspod CEO Denis Tudor said the group plans to test its first freight product soon, and is currently building a larger test track in the US. "This is a key step toward making hyperloop for passengers a reality and changing how we connect, work, and live," he said.
<a href="http://twitter.com/home?status=The+Hyperloop+Lives+On+As+a+1%2F12th+Scale+Model+In+Switzerland%3A+https%3A%2F%2Ftech.slashdot.org%2Fstory%2F24%2F11%2F05%2F2217233%2F%3Futm_source%3Dtwitter%26utm_medium%3Dtwitter" rel="nofollow"><img src="https://a.fsdn.com/sd/twitter_icon_large.png"></a>
<a href="http://www.facebook.com/sharer.php?u=https%3A%2F%2Ftech.slashdot.org%2Fstory%2F24%2F11%2F05%2F2217233%2Fthe-hyperloop-lives-on-as-a-112th-scale-model-in-switzerland%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook" rel="nofollow"><img src="https://a.fsdn.com/sd/facebook_icon_large.png"></a>https://tech.slashdot.org/story/24/11/05/2217233/the-hyperloop-lives-on-as-a-112th-scale-model-in-switzerland?utm_source=rss1.0moreanon&utm_medium=feed
at Slashdot.
https://tech.slashdot.org/story/24/11/05/2217233/the-hyperloop-lives-on-as-a-112th-scale-model-in-switzerland?utm_source=rss1.0mainlinkanon&utm_medium=feed
Governments Stress Links Between Climate and Nature Collapse
An anonymous reader shares a report: As world leaders gathered in Colombia this week, they also watched for news from home, where many of the headlines carried the catastrophic consequences of ecological breakdown. Across the Amazon rainforest and Brazil's enormous wetlands, relentless fires had burned more than 22m hectares (55m acres). In Spain, the death toll in communities devastated by flooding passed 200. In the boreal forests that span Siberia, Scandinavia, Alaska and Canada, countries were recording alarming signs that their carbon sinks were collapsing under a combined weight of drought, tree death and logging. As Canada's wildfire season crept to a close, scientists calculated it was the second worst in two decades -- behind only last year's burn, which released more carbon than some of the world's largest emitting countries.
In global negotiations, climate and nature move along two independent tracks, and for years were broadly treated as distinct challenges. But as negotiations closed at the Cop16 biodiversity summit in Cali on Saturday, ministers from around the world underscored the crucial importance of nature to limiting damage from global heating, and vice versa -- emphasising that climate and biodiversity could no longer be treated as independent issues if either crisis was to be resolved. Countries agreed a text on links between the climate and nature, but failed to include language on a phase out of fossil fuels.
The UK environment secretary, Steve Reed, said that attending the summit in Colombia had brought home the links between climate and biodiversity. "One of the other things that's really struck me coming here and speaking to the Colombians in particular is how for them the nature crisis and the climate crisis are exactly the same thing. In the UK, perhaps more widely in the global north, we tend to talk a lot about climate and particularly net zero, and much less about nature -- perhaps because we're already more nature-depleted. But those two things connect entirely," he said. The Cop16 president, Susana Muhamad, Colombia's environment minister, has sought to put nature on a level with global efforts to decarbonise the world economy during the summit, warning that slashes to greenhouse gas emissions must be accompanied by the protection and restoration of the natural world if they are to be effective. Her presidency has repeatedly described nature and climate as "two sides of the same coin."
<a href="http://twitter.com/home?status=Governments+Stress+Links+Between+Climate+and+Nature+Collapse%3A+https%3A%2F%2Fnews.slashdot.org%2Fstory%2F24%2F11%2F04%2F1525243%2F%3Futm_source%3Dtwitter%26utm_medium%3Dtwitter" rel="nofollow"><img src="https://a.fsdn.com/sd/twitter_icon_large.png"></a>
<a href="http://www.facebook.com/sharer.php?u=https%3A%2F%2Fnews.slashdot.org%2Fstory%2F24%2F11%2F04%2F1525243%2Fgovernments-stress-links-between-climate-and-nature-collapse%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook" rel="nofollow"><img src="https://a.fsdn.com/sd/facebook_icon_large.png"></a>https://news.slashdot.org/story/24/11/04/1525243/governments-stress-links-between-climate-and-nature-collapse?utm_source=rss1.0moreanon&utm_medium=feed
at Slashdot.
https://news.slashdot.org/story/24/11/04/1525243/governments-stress-links-between-climate-and-nature-collapse?utm_source=rss1.0mainlinkanon&utm_medium=feed
New 'Open Source AI Definition' Criticized for Not Opening Training Data
Long-time Slashdot reader samj — also a long-time Debian developer — tells us there's some opposition to the newly-released Open Source AI definition. He calls it a "fork" that undermines the original Open Source definition (which was originally derived from Debian's Free Software Guidelines, written primarily by Bruce Perens), and points us to a new domain with a petition declaring that instead Open Source shall be defined "solely by the Open Source Definition version 1.9. Any amendments or new definitions shall only be recognized with clear community consensus via an open and transparent process."
This move follows some discussion on the Debian mailing list:
Allowing "Open Source AI" to hide their training data is nothing but setting up a "data barrier" protecting the monopoly, disabling anybody other than the first party to reproduce or replicate an AI. Once passed, OSI is making a historical mistake towards the FOSS ecosystem.
They're not the only ones worried about data. This week TechCrunch noted an August study which "found that many 'open source' models are basically open source in name only. The data required to train the models is kept secret, the compute power needed to run them is beyond the reach of many developers, and the techniques to fine-tune them are intimidatingly complex. Instead of democratizing AI, these 'open source' projects tend to entrench and expand centralized power, the study's authors concluded."
samj shares the concern about training data, arguing that training data is the source code and that this new definition has real-world consequences. (On a personal note, he says it "poses an existential threat to our pAI-OS project at the non-profit Kwaai Open Source Lab I volunteer at, so we've been very active in pushing back past few weeks.")
And he also came up with a detailed response by asking ChatGPT. What would be the implications of a Debian disavowing the OSI's Open Source AI definition? ChatGPT composed a 7-point, 14-paragraph response, concluding that this level of opposition would "create challenges for AI developers regarding licensing. It might also lead to a fragmentation of the open-source community into factions with differing views on how AI should be governed under open-source rules." But "Ultimately, it could spur the creation of alternative definitions or movements aimed at maintaining stricter adherence to the traditional tenets of software freedom in the AI age."
However the official FAQ for the new Open Source AI definition argues that training data "does not equate to a software source code."
Training data is important to study modern machine learning systems. But it is not what AI researchers and practitioners necessarily use as part of the preferred form for making modifications to a trained model.... [F]orks could include removing non-public or non-open data from the training dataset, in order to train a new Open Source AI system on fully public or open data...
[W]e want Open Source AI to exist also in fields where data cannot be legally shared, for example medical AI. Laws that permit training on data often limit the resharing of that same data to protect copyright or other interests. Privacy rules also give a person the rightful ability to control their most sensitive information — like decisions about their health. Similarly, much of the world's Indigenous knowledge is protected through mechanisms that are not compatible with later-developed frameworks for rights exclusivity and sharing.
Read on for the rest of their response...
<a href="http://twitter.com/home?status=New+'Open+Source+AI+Definition'+Criticized+for+Not+Opening+Training+Data%3A+https%3A%2F%2Fnews.slashdot.org%2Fstory%2F24%2F11%2F03%2F0257241%2F%3Futm_source%3Dtwitter%26utm_medium%3Dtwitter" rel="nofollow"><img src="https://a.fsdn.com/sd/twitter_icon_large.png"></a>
<a href="http://www.facebook.com/sharer.php?u=https%3A%2F%2Fnews.slashdot.org%2Fstory%2F24%2F11%2F03%2F0257241%2Fnew-open-source-ai-definition-criticized-for-not-opening-training-data%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook" rel="nofollow"><img src="https://a.fsdn.com/sd/facebook_icon_large.png"></a>https://news.slashdot.org/story/24/11/03/0257241/new-open-source-ai-definition-criticized-for-not-opening-training-data?utm_source=rss1.0moreanon&utm_medium=feed
at Slashdot.
https://news.slashdot.org/story/24/11/03/0257241/new-open-source-ai-definition-criticized-for-not-opening-training-data?utm_source=rss1.0mainlinkanon&utm_medium=feed
Can Heat Pumps Still Save the Planet from Climate Change?
"One technology critical to fighting climate change is lagging," reports the Washington Post, "thanks to a combination of high interest rates, rising costs, misinformation and the cycle of home construction. Adoption of heat pumps, one of the primary ways to cut emissions from buildings, has slowed in the United States and stalled in Europe, endangering the switch to clean energy.
"Heat pump investment in the United States has dropped by 4 percent in the past two years, even as sales of EVs have almost doubled, according to data from MIT and the Rhodium Group. In 13 European countries, heat pump sales dropped nearly in half in the first half of 2024, putting the European Union off-track for its climate goals."
"Many many markets are falling," said Paul Kenny, the director general of the European Heat Pump Association. "It takes time to change people's minds about a heating system." Heat pumps — essentially air conditioners that can also work in reverse, heating a space as well as cooling it — are crucial to making buildings more climate-friendly. Around 60 percent of American homes are still heated with furnaces running on oil, natural gas, or even propane; to cut emissions from homes, all American houses and apartments will need to be powered by electricity...
In the United States, experts point to lags in construction, high interest rates, and general belt-tightening from inflation... [Cora Wyent, director of research for the electrification advocacy group Rewiring America] added, heat pumps are still growing as a share of overall heating systems, gaining ground on gas furnaces. In 2023, heat pumps made up 55 percent of all heating systems sold, while gas furnaces made up just 45 percent. "Heat pumps are continuing to increase their total market share," she said.
Homeowners may also run into trouble when trying to find contractors to install heat pumps. Barton James, the president and CEO of the Air Conditioning Contractors of America, says many contractors don't have training on how to properly install heat pumps; if they install them incorrectly, the ensuing problems can sour consumers on the technology... In the United States, low gas prices also make the economics of heat pumps more challenging. Gas is around three times cheaper than electricity — while heat pumps make up most of that ground with efficiency, they aren't the most cost-effective option for every household.
The Post also spoke to the manager for the carbon-free buildings team at the clean energy think tank RMI. They pointed out that heating systems need to be replaced roughly every 15 years — and the next cycle doesn't start until 2035.
The article concludes that "even with government policies and subsidies, many parts of the move to clean energy will require individual people to make changes to their lives. According to the International Energy Agency, the number of heat pumps will have to triple by 2030 to stay on track with climate goals. The only way to do that, experts say, is if incentives, personal beliefs, and technology all align."
<a href="http://twitter.com/home?status=Can+Heat+Pumps+Still+Save+the+Planet+from+Climate+Change%3F%3A+https%3A%2F%2Fhardware.slashdot.org%2Fstory%2F24%2F11%2F02%2F198243%2F%3Futm_source%3Dtwitter%26utm_medium%3Dtwitter" rel="nofollow"><img src="https://a.fsdn.com/sd/twitter_icon_large.png"></a>
<a href="http://www.facebook.com/sharer.php?u=https%3A%2F%2Fhardware.slashdot.org%2Fstory%2F24%2F11%2F02%2F198243%2Fcan-heat-pumps-still-save-the-planet-from-climate-change%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook" rel="nofollow"><img src="https://a.fsdn.com/sd/facebook_icon_large.png"></a>https://hardware.slashdot.org/story/24/11/02/198243/can-heat-pumps-still-save-the-planet-from-climate-change?utm_source=rss1.0moreanon&utm_medium=feed
at Slashdot.
https://hardware.slashdot.org/story/24/11/02/198243/can-heat-pumps-still-save-the-planet-from-climate-change?utm_source=rss1.0mainlinkanon&utm_medium=feed
The 'Passive Housing' Trend is Booming
The Washington Post reports that a former Etsy CEO remodeled their home into what's known as a passive house. It's "designed to be as energy efficient as possible, typically with top-notch insulation and a perfect seal that prevents outside air from penetrating the home; air flows in and out through filtration and exhaust systems only."
Their benefits include protection from pollution and pollen, noise insulation and a stable indoor temperature that minimizes energy needs. That translates to long-term savings on heating and cooling.
While the concept has been around for about 50 years, experts say that the United States is on the cusp of a passive house boom, driven by lowered costs, state-level energy code changes and a general greater awareness of — and desire for — more sustainable housing... Massachusetts — which alongside New York and Pennsylvania is one of the leading states in passive house adoption — has 272 passive house projects underway thanks to an incentive program, says Zack Semke [the director of the Passive House Accelerator, a group of industry professionals who aim to spread lessons in passive house building]. Consumer demand for passive houses is also increasing, says Michael Ingui, an architect in New York City and the founder of the Passive House Accelerator... The need to lower our energy footprint is so much more top-of-mind today than it was 10 years ago, Ingui says, and covid taught us about the importance of good ventilation and filtered fresh air. "People are searching for the healthiest house," he says, "and that's a passive house...."
These days, new passive houses are usually large, multifamily apartment buildings or high-end single-family homes. But that leaves out a large swath of homeowners in the middle. To widen passive house accessibility to include all types of people and their housing needs, we need better energy codes and even more policies and incentives, says In Cho, a sustainability architect, educator and a co-founder of the nonprofit Passive House for Everyone! Passive houses "can and should serve folks from all socioeconomic backgrounds," she says. Using a one-two punch of mandates for energy efficient buildings and greater awareness to the public, that increased demand for passive houses will lead to more supply, Cho says. And we're already seeing those changes in the market.
Take triple-pane windows, for example, which are higher performing and more insulating than their double-pane counterparts. Even just 10 to 20 years ago, the difference in price between the two was high enough to make triple-pane windows cost-prohibitive for a lot of people, Cho says. Over the years, as the benefits of higher performing windows became more well-known, and as cities and states changed their energy codes, more companies began producing better windows. Now they're basically at price parity, she says. If we keep pushing for greater awareness and further policy changes, it's possible that all of the components of passive house buildings could follow that trend.
"For large multifamily projects, we're already seeing price parity in some cases, Semke says...
"But as it stands, single-family passive houses are still likely to cost a margin more than non-passive houses, he says. This is because price parity is easier to achieve when working at larger scales, but also because many of the housing policies and incentives encouraging passive house buildings are geared toward these larger projects."
<a href="http://twitter.com/home?status=The+'Passive+Housing'+Trend+is+Booming%3A+https%3A%2F%2Fhardware.slashdot.org%2Fstory%2F24%2F11%2F02%2F202229%2F%3Futm_source%3Dtwitter%26utm_medium%3Dtwitter" rel="nofollow"><img src="https://a.fsdn.com/sd/twitter_icon_large.png"></a>
<a href="http://www.facebook.com/sharer.php?u=https%3A%2F%2Fhardware.slashdot.org%2Fstory%2F24%2F11%2F02%2F202229%2Fthe-passive-housing-trend-is-booming%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook" rel="nofollow"><img src="https://a.fsdn.com/sd/facebook_icon_large.png"></a>https://hardware.slashdot.org/story/24/11/02/202229/the-passive-housing-trend-is-booming?utm_source=rss1.0moreanon&utm_medium=feed
at Slashdot.
https://hardware.slashdot.org/story/24/11/02/202229/the-passive-housing-trend-is-booming?utm_source=rss1.0mainlinkanon&utm_medium=feed
Don't Look Now, but GM's EV Sales Are on Fire
GM's president of global markets says their EV portfolio "is growing faster than the market," according to Investopedia, "because we have an all-electric vehicle for just about everybody, no matter what they like to drive."
The headline at Barrons? "Don't Look Now, but GM's EV Sales Are on Fire."
GM delivered almost 32,000 all-electric vehicles in the third quarter — a record — and up about 58% from a year earlier. The more affordable Chevy Equinox, which starts at about $35,000 before any federal tax credit, helped boost sales. GM delivered almost 10,000 of the new EVs, up from 1,013 in the second quarter, when they first went on sale.
EV penetration of total GM car sales was about almost 5%, up almost two percentage points year over year. EVs accounted for 19.4% of Cadillac sales, up about 11 percentage points year over year. Year to date, GM has delivered just over 70,000 all-electric cars.
GM originally planned to manufacture 200,000 EVs in 2024. That still looks aggressive, but the strong third-quarter showing makes 120,000 possible, which would be up almost 60% year over year — a respectable outcome. More important to investors than EV sales right now might be dealer inventories. GM said there were about 627,000 vehicles on dealer lots at the end of September. That's a little better than what Wolfe Research analyst Emmanuel Rosner expected. It indicates GM dealers have roughly 60 days worth of sales on their lots. That's a safe level. Lower dealer inventories reduce presure to reduce prices. They also reduce the need to cut production because dealer lots are full... GM expects to generate a full-year operating profit of about $14 billion.
Meanwhile, Stellantis "slashed its financial guidance recently, partly because it needs to dramatically reduce its U.S. inventories," according to the article. For example, its Jeep dealers ended August with roughly 122 days worth of sales on their lots, while its Dodge dealers "had almost 150 days of inventory."
And Investopedia argues that while GM's EV sales growth is "soaring," Ford's is showing "only modest gains."
[W]hile Ford's overall U.S. sales were 0.7% higher at 504,039, it had just a 12% gain in EVs to 23,509.3 In the second quarter, Ford's EV sales had soared 61% to 23,957. Sales growth was more than three times higher for Ford's hybrid models, with President of Ford Blue and Ford Customer Service Division Andrew Frick arguing that the company has "listened to customers to offer them vehicles with powertrains to meet their specific needs."
Ford is hoping to boost EV sales by offering buyers a free home charger and installation.
<a href="http://twitter.com/home?status=Don't+Look+Now%2C+but+GM's+EV+Sales+Are+on+Fire%3A+https%3A%2F%2Ftech.slashdot.org%2Fstory%2F24%2F11%2F02%2F2251208%2F%3Futm_source%3Dtwitter%26utm_medium%3Dtwitter" rel="nofollow"><img src="https://a.fsdn.com/sd/twitter_icon_large.png"></a>
<a href="http://www.facebook.com/sharer.php?u=https%3A%2F%2Ftech.slashdot.org%2Fstory%2F24%2F11%2F02%2F2251208%2Fdont-look-now-but-gms-ev-sales-are-on-fire%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook" rel="nofollow"><img src="https://a.fsdn.com/sd/facebook_icon_large.png"></a>https://tech.slashdot.org/story/24/11/02/2251208/dont-look-now-but-gms-ev-sales-are-on-fire?utm_source=rss1.0moreanon&utm_medium=feed
at Slashdot.
https://tech.slashdot.org/story/24/11/02/2251208/dont-look-now-but-gms-ev-sales-are-on-fire?utm_source=rss1.0mainlinkanon&utm_medium=feed
Is AI-Driven 0-Day Detection Here?
"AI-driven 0-day detection is here," argues a new blog post from ZeroPath, makers of a GitHub app that "detects, verifies, and issues pull requests for security vulnerabilities in your code."
They write that AI-assisted security research "has been quietly advancing" since early 2023, when researchers at the DARPA and ARPA-H's Artificial Intelligence Cyber Challenge demonstrated the first practical applications of LLM-powered vulnerability detection — with new advances continuing. "Since July 2024, ZeroPath's tool has uncovered critical zero-day vulnerabilities — including remote code execution, authentication bypasses, and insecure direct object references — in popular AI platforms and open-source projects." And they ultimately identified security flaws in projects owned by Netflix, Salesforce, and Hulu by "taking a novel approach combining deep program analysis with adversarial AI agents for validation. Our methodology has uncovered numerous critical vulnerabilities in production systems, including several that traditional Static Application Security Testing tools were ill-equipped to find..."
TL;DR — most of these bugs are simple and could have been found with a code review from a security researcher or, in some cases, scanners. The historical issue, however, with automating the discovery of these bugs is that traditional SAST tools rely on pattern matching and predefined rules, and miss complex vulnerabilities that do not fit known patterns (i.e. business logic problems, broken authentication flaws, or non-traditional sinks such as from dependencies). They also generate a high rate of false positives.
The beauty of LLMs is that they can reduce ambiguity in most of the situations that caused scanners to be either unusable or produce few findings when mass-scanning open source repositories... To do this well, you need to combine deep program analysis with an adversarial agents that test the plausibility of vulnerabilties at each step. The solution ends up mirroring the traditional phases of a pentest — recon, analysis, exploitation (and remediation which is not mentioned in this post)...
AI-driven vulnerability detection is moving fast... What's intriguing is that many of these vulnerabilities are pretty straightforward — they could've been spotted with a solid code review or standard scanning tools. But conventional methods often miss them because they don't fit neatly into known patterns. That's where AI comes in, helping us catch issues that might slip through the cracks.
"Many vulnerabilities remain undisclosed due to ongoing remediation efforts or pending responsible disclosure processes," according to the blog post, which includes a pie chart showing the biggest categories of vulnerabilities found:
53%: Authorization flaws, including roken access control in API endpoints and unauthorized Redis access and configuration exposure. ("Impact: Unauthorized access, data leakage, and resource manipulation across tenant boundaries.")
26%: File operation issues, including directory traversal in configuration loading and unsafe file handling in upload features. ("Impact: Unauthorized file access, sensitive data exposure, and potential system compromise.")
16%: Code execution vulnerabilities, including command injection in file processing and unsanitized input in system commands. ("Impact: Remote code execution, system command execution, and potential full system compromise.")
The company's CIO/cofounder was "former Red Team at Tesla," according to the startup's profile at YCombinator, and earned over $100,000 as a bug-bounty hunter. (And another co-founded is a former Google security engineer.)
Thanks to Slashdot reader Mirnotoriety for sharing the article.
<a href="http://twitter.com/home?status=Is+AI-Driven+0-Day+Detection+Here%3F%3A+https%3A%2F%2Fit.slashdot.org%2Fstory%2F24%2F11%2F02%2F2150233%2F%3Futm_source%3Dtwitter%26utm_medium%3Dtwitter" rel="nofollow"><img src="https://a.fsdn.com/sd/twitter_icon_large.png"></a>
<a href="http://www.facebook.com/sharer.php?u=https%3A%2F%2Fit.slashdot.org%2Fstory%2F24%2F11%2F02%2F2150233%2Fis-ai-driven-0-day-detection-here%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook" rel="nofollow"><img src="https://a.fsdn.com/sd/facebook_icon_large.png"></a>https://it.slashdot.org/story/24/11/02/2150233/is-ai-driven-0-day-detection-here?utm_source=rss1.0moreanon&utm_medium=feed
at Slashdot.
https://it.slashdot.org/story/24/11/02/2150233/is-ai-driven-0-day-detection-here?utm_source=rss1.0mainlinkanon&utm_medium=feed
As Data Centers for AI Strain the Power Grid, Bills Rise for Everyday Customers
While Amazon, Google, and other companies build new data centers — sometimes for their AI projects — parts of America "are facing higher electric bills," reports the Washington Post:
The facilities' extraordinary demand for electricity to power and cool computers inside can drive up the price local utilities pay for energy and require significant improvements to electric grid transmission systems. As a result, costs have already begun going up for customers — or are about to in the near future, according to utility planning documents and energy industry analysts. Some regulators are concerned that the tech companies aren't paying their fair share, while leaving customers from homeowners to small businesses on the hook.
In Oregon, electric utilities are warning regulators that consumers need protections from rising rates caused by data centers. From Virginia to Ohio and South Carolina, companies are battling over the extent of their responsibility for increases, attempting to fend off anger from customers. In the Mid-Atlantic, the regional power grid's energy costs shot up dramatically, and data centers are cited as among root causes of rate increases of up to 20 percent expected in 2025...
The tech firms and several of the power companies serving them strongly deny they are burdening others. They say higher utility bills are paying for overdue improvements to the power grid that benefit all customers. In some cases, they said in response to criticism from consumer and business advocates that they are committed to covering additional costs. But regulators — and even some utilities — are growing skeptical.
A jarring example of fallout on consumers is playing out on the Mid-Atlantic regional power grid, called PJM Interconnection, which serves 13 states and D.C. The recent auction to secure power for the grid during periods of extreme weather and high demand resulted in an 800 percent jump in the price that the grid's member utilities had to pay. The impact will be felt by millions by the spring, according to public records. Power bills will increase as much as 20 percent for customers of a dozen utilities in Maryland, Ohio, Pennsylvania, New Jersey and West Virginia, regulatory filings show. That includes households in the Baltimore area, where annual bills will increase an average of $192, said Maryland People's Counsel David Lapp, a state appointee who monitors utilities. The next auction, in 2025, could be more painful, Lapp said, leaving customers potentially "looking at increases of as much as $40 to $50 a month...."
Advocates cite another source of cost-shifting onto consumers: discounted rates that power companies and local government officials use to entice tech companies to build data centers... Google worked out a deal with Dominion Energy, blessed by regulators, to pay 6 cents per kilowatt hour for its power. That is less than half of what residential customers pay, as well as substantially less than is paid by businesses...
The article points out that in Pennsylvania, "Amazon's novel plan to fuel a data center from a reactor at the nearby Susquehanna nuclear plant is now in jeopardy, after regulators blocked it Friday. They cited potential impact on consumers as among their concerns. The plan threatens to leave other ratepayers stuck with a bill of $50 million to $140 million, according to testimony from [power utility] AEP and utility conglomerate Exelon."
And meanwhile, one Virginia retiree complained about a proposed $54 million transmission line and substation for an Amazon data center. "They are already making money hand over fist, and now they want us to pay for this?
<a href="http://twitter.com/home?status=As+Data+Centers+for+AI+Strain+the+Power+Grid%2C+Bills+Rise+for+Everyday+Customers%3A+https%3A%2F%2Fhardware.slashdot.org%2Fstory%2F24%2F11%2F02%2F0427238%2F%3Futm_source%3Dtwitter%26utm_medium%3Dtwitter" rel="nofollow"><img src="https://a.fsdn.com/sd/twitter_icon_large.png"></a>
<a href="http://www.facebook.com/sharer.php?u=https%3A%2F%2Fhardware.slashdot.org%2Fstory%2F24%2F11%2F02%2F0427238%2Fas-data-centers-for-ai-strain-the-power-grid-bills-rise-for-everyday-customers%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook" rel="nofollow"><img src="https://a.fsdn.com/sd/facebook_icon_large.png"></a>https://hardware.slashdot.org/story/24/11/02/0427238/as-data-centers-for-ai-strain-the-power-grid-bills-rise-for-everyday-customers?utm_source=rss1.0moreanon&utm_medium=feed
at Slashdot.
https://hardware.slashdot.org/story/24/11/02/0427238/as-data-centers-for-ai-strain-the-power-grid-bills-rise-for-everyday-customers?utm_source=rss1.0mainlinkanon&utm_medium=feed
NVIDIA Replaces Rival Chipmaker Intel on the Dow Jones Industrial Average
In 1896 the Dow Jones Industrial Average (or DJIA) was created as a kind of proxy indicator for the wider stock market. "A stock is typically added only if the company has an excellent reputation, demonstrates sustained growth and is of interest to a large number of investors," according to a source cited by Yahoo Finance. Its mix of stocks might be informally considered a sign of the times, since it's made up of 30 stocks that according to Wikipedia have been changed only 57 times over the last 128 years.
Wait — make that 58.... CNBC reports that NVIDIA is replacing Intel in the DJIA, "a shakeup to the blue-chip index that reflects the boom in AI and a major shift in the semiconductor industry."
Companies including Microsoft, Meta, Google and Amazon are purchasing Nvidia's GPUs, such as the H100, in massive quantities to build clusters of computers for their AI work. Nvidia's revenue has more than doubled in each of the past five quarters, and has at least tripled in three of them. The company has sginaled that demand for its next-generation AI GPU called Blackwell is "insane...."
While Nvidia has been soaring, Intel has been slumping. Long the dominant maker of PC chips, Intel has lost market share to Advanced Micro Devices and has made very little headway in AI. Intel shares have fallen by more than half this year as the company struggles with manufacturing challenges and new competition for its central processors. Intel said in a filing this week that the board's audit and finance committee approved cost and capital reduction activities, including lowering head count by 16,500 employees and reducing its real estate footprint. The job cuts were originally announced in August."
The DJIA will now include four of six tech companies worth $1 trillion — Apple, Microsoft, NVIDIA, and Amazon (which joined in February, replacing the owners of the Walgreens pharmacy chain). The other two trillion-dollar tech companies (not included in the DJIA) are Meta and Alphabet.
Adding NVIDIA to the DJIA will ensure "more representative exposure to the semiconductors industry" within the average, the index's curators told the Washington Post.
And also leaving the DJIA is power-generation company AES (which according to CNBC had a power mix of 54% renewables, 27% natural gas, 17% coal). It will be replaced by Vistra, defined by Wikipedia as America's largest competitive power generator, "with a capacity of approximately 39GW powered by a diverse portfolio including natural gas, nuclear, solar, and battery energy storage facilities."
In the 2020 Forbes Global 2000, Vistra Energy was ranked as the 756th-largest public company in the world. The company owns the Moss Landing Power Plant in California which currently (2021) contains the largest battery energy storage system in the world (400-MW/1,600-MWh). As of 2020, the company was ranked as the highest CO2 emitter in the U.S.
<a href="http://twitter.com/home?status=NVIDIA+Replaces+Rival+Chipmaker+Intel+on+the+Dow+Jones+Industrial+Average%3A+https%3A%2F%2Fhardware.slashdot.org%2Fstory%2F24%2F11%2F02%2F0328233%2F%3Futm_source%3Dtwitter%26utm_medium%3Dtwitter" rel="nofollow"><img src="https://a.fsdn.com/sd/twitter_icon_large.png"></a>
<a href="http://www.facebook.com/sharer.php?u=https%3A%2F%2Fhardware.slashdot.org%2Fstory%2F24%2F11%2F02%2F0328233%2Fnvidia-replaces-rival-chipmaker-intel-on-the-dow-jones-industrial-average%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook" rel="nofollow"><img src="https://a.fsdn.com/sd/facebook_icon_large.png"></a>https://hardware.slashdot.org/story/24/11/02/0328233/nvidia-replaces-rival-chipmaker-intel-on-the-dow-jones-industrial-average?utm_source=rss1.0moreanon&utm_medium=feed
at Slashdot.
https://hardware.slashdot.org/story/24/11/02/0328233/nvidia-replaces-rival-chipmaker-intel-on-the-dow-jones-industrial-average?utm_source=rss1.0mainlinkanon&utm_medium=feed
PimEyes 'Made a Public Rolodex of Our Faces'. Should You Opt Out?
The free face-image search engine PimEyes "scans through billions of images from the internet and finds matches of your photo that could have appeared in a church bulletin or a wedding photographer's website," -us/news/technology/they-made-a-public-rolodex-of-our-faces-here-s-how-i-tried-to-get-out/ar-AA1tlpPuwrites a Washington Post columnist.
So to find and delete themselves from "the PimEyes searchable Rolodex of faces," they "recently handed over a selfie and a digital copy of my driver's license to a company I don't trust."
PimEyes says it empowers people to find their online images and try to get unwanted ones taken down. But PimEyes face searches are largely open to anyone with either good or malicious intent. People have used PimEyes to identify participants in the Jan. 6, 2021, attack on the Capitol, and creeps have used it to publicize strangers' personal information from just their image.
The company offers an opt-out form to remove your face from PimEyes searches. I did it and resented spending time and providing even more personal information to remove myself from the PimEyes repository, which we didn't consent to be part of in the first place. The increasing ease of potentially identifying your name, work history, children's school, home address and other sensitive information from one photo shows the absurdity of America's largely unrestrained data-harvesting economy.
While PimEyes' CEO said they don't keep the information you provide to opt-out, "you give PimEyes at least one photo of yourself plus a digital copy of a passport or ID with personal details obscured..." according to the article. (PimEyes' confirmation email "said I might need to repeat the opt-out with more photos...")
Some digital privacy experts said it's worth opting out of PimEyes, even if it's imperfect, and that PimEyes probably legitimately needs a personal photo and proof of identity for the process. Others found it "absurd" to provide more information to PimEyes... or they weren't sure opting out was the best choice... Experts said the fundamental problem is how much information is harvested and accessible without your knowledge or consent from your phone, home speakers, your car and information-organizing middlemen like PimEyes and data brokers.
Nathan Freed Wessler, an American Civil Liberties Union attorney focused on privacy litigation, said laws need to change the assumption that companies can collect almost anything about you or your face unless you go through endless opt-outs. "These systems are scary and abusive," he said. "If they're going to exist, they should be based on an opt-in system."
<a href="http://twitter.com/home?status=PimEyes+'Made+a+Public+Rolodex+of+Our+Faces'.+Should+You+Opt+Out%3F%3A+https%3A%2F%2Fyro.slashdot.org%2Fstory%2F24%2F11%2F02%2F055255%2F%3Futm_source%3Dtwitter%26utm_medium%3Dtwitter" rel="nofollow"><img src="https://a.fsdn.com/sd/twitter_icon_large.png"></a>
<a href="http://www.facebook.com/sharer.php?u=https%3A%2F%2Fyro.slashdot.org%2Fstory%2F24%2F11%2F02%2F055255%2Fpimeyes-made-a-public-rolodex-of-our-faces-should-you-opt-out%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook" rel="nofollow"><img src="https://a.fsdn.com/sd/facebook_icon_large.png"></a>https://yro.slashdot.org/story/24/11/02/055255/pimeyes-made-a-public-rolodex-of-our-faces-should-you-opt-out?utm_source=rss1.0moreanon&utm_medium=feed
at Slashdot.
https://yro.slashdot.org/story/24/11/02/055255/pimeyes-made-a-public-rolodex-of-our-faces-should-you-opt-out?utm_source=rss1.0mainlinkanon&utm_medium=feed
Waymo Explores Using Google's Gemini To Train Its Robotaxis
Waymo is advancing autonomous driving with a new training model for its robotaxis built on Google's multimodal large language model (MLLM) Gemini. The Verge reports: Waymo released a new research paper today that introduces an "End-to-End Multimodal Model for Autonomous Driving," also known as EMMA. This new end-to-end training model processes sensor data to generate "future trajectories for autonomous vehicles," helping Waymo's driverless vehicles make decisions about where to go and how to avoid obstacles. But more importantly, this is one of the first indications that the leader in autonomous driving has designs to use MLLMs in its operations. And it's a sign that these LLMs could break free of their current use as chatbots, email organizers, and image generators and find application in an entirely new environment on the road. In its research paper, Waymo is proposing "to develop an autonomous driving system in which the MLLM is a first class citizen."
The paper outlines how, historically, autonomous driving systems have developed specific "modules" for the various functions, including perception, mapping, prediction, and planning. This approach has proven useful for many years but has problems scaling "due to the accumulated errors among modules and limited inter-module communication." Moreover, these modules could struggle to respond to "novel environments" because, by nature, they are "pre-defined," which can make it hard to adapt. Waymo says that MLLMs like Gemini present an interesting solution to some of these challenges for two reasons: the chat is a "generalist" trained on vast sets of scraped data from the internet "that provide rich 'world knowledge' beyond what is contained in common driving logs"; and they demonstrate "superior" reasoning capabilities through techniques like "chain-of-thought reasoning," which mimics human reasoning by breaking down complex tasks into a series of logical steps.
Waymo developed EMMA as a tool to help its robotaxis navigate complex environments. The company identified several situations in which the model helped its driverless cars find the right route, including encountering various animals or construction in the road. [...] But EMMA also has its limitations, and Waymo acknowledges that there will need to be future research before the model is put into practice. For example, EMMA couldn't incorporate 3D sensor inputs from lidar or radar, which Waymo said was "computationally expensive." And it could only process a small amount of image frames at a time. There are also risks to using MLLMs to train robotaxis that go unmentioned in the research paper. Chatbots like Gemini often hallucinate or fail at simple tasks like reading clocks or counting objects.
<a href="http://twitter.com/home?status=Waymo+Explores+Using+Google's+Gemini+To+Train+Its+Robotaxis%3A+https%3A%2F%2Ftech.slashdot.org%2Fstory%2F24%2F11%2F01%2F2150228%2F%3Futm_source%3Dtwitter%26utm_medium%3Dtwitter" rel="nofollow"><img src="https://a.fsdn.com/sd/twitter_icon_large.png"></a>
<a href="http://www.facebook.com/sharer.php?u=https%3A%2F%2Ftech.slashdot.org%2Fstory%2F24%2F11%2F01%2F2150228%2Fwaymo-explores-using-googles-gemini-to-train-its-robotaxis%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook" rel="nofollow"><img src="https://a.fsdn.com/sd/facebook_icon_large.png"></a>https://tech.slashdot.org/story/24/11/01/2150228/waymo-explores-using-googles-gemini-to-train-its-robotaxis?utm_source=rss1.0moreanon&utm_medium=feed
at Slashdot.
https://tech.slashdot.org/story/24/11/01/2150228/waymo-explores-using-googles-gemini-to-train-its-robotaxis?utm_source=rss1.0mainlinkanon&utm_medium=feed
US Indicts 26-Year-Old Gotbit Founder For Market Manipulation
The feds have indicted Aleksei Andriunin, a 26-year-old Russian national and founder of Gotbit, on charges of wire fraud and conspiracy to commit market manipulation. Crypto News reports: According to the U.S. Attorney's Office, the indictment alleges that Andriunin and his firm participated in a long-running scheme to artificially boost trading volumes for various cryptocurrency companies, including some based in the United States, to make them appear more popular and increase their trading value. Andriunin allegedly led these activities between 2018 and 2024 as Gotbit's CEO. He could face up to 20 years in prison, additional fines, and asset forfeiture if convicted, according to the U.S. Attorney's Office. Prosecutors say the scheme involved "wash trading," where the firm used its software to make fake trades that inflated a cryptocurrency's trading volume. This practice, called market manipulation, can mislead investors by giving the impression that demand for a particular cryptocurrency is higher than it actually is. Wash trades are illegal in traditional finance and are considered fraudulent because they deceive investors and manipulate market behavior.
Court documents also identify Gotbit's two directors, Fedor Kedrov and Qawi Jalili, as co-conspirators. The indictment claims Gotbit documented these activities in detailed records, tracking differences between genuine and artificial trading volumes. The firm allegedly pitched these services to prospective clients, explaining how Gotbit's tactics would bypass detection on public blockchains, where transactions are recorded transparently. The U.S. Department of Justice has announced that it seized over $25 million worth of cryptocurrency assets connected to these schemes and made four arrests across multiple firms. If you've been following the crypto industry, you're probably familiar with "pump-and-dump" schemes that have popped up throughout the years. Although it's a form of market manipulation, it's not quite the same as "wash trading."
In a pump-and-dump scheme, the perpetrator artificially inflates the price of a security (often a low-priced or thinly traded stock) by spreading misleading or exaggerated information to attract other buyers, who then drive up the price. Once the price has risen due to increased demand, the manipulators "dump" their shares at the inflated price, selling to the new buyers and pocketing the profits. The price typically crashes after the dump, leaving unsuspecting investors with overvalued shares and significant losses.
Wash trading, on the other hand, involves simultaneously buying and selling of the same asset to create the illusion of higher trading volume and activity. The purpose is to mislead other investors about the asset's liquidity and demand, often giving the impression that it is more popular or actively traded than it actually is. Wash trades usually occur without real changes in ownership or price movement, as the buyer and seller may even be the same person or entity. This tactic can manipulate prices indirectly by creating a perception of interest, but it does not involve a direct inflation followed by a sell-off, like a pump-and-dump scheme.
<a href="http://twitter.com/home?status=US+Indicts+26-Year-Old+Gotbit+Founder+For+Market+Manipulation%3A+https%3A%2F%2Fyro.slashdot.org%2Fstory%2F24%2F11%2F01%2F2133255%2F%3Futm_source%3Dtwitter%26utm_medium%3Dtwitter" rel="nofollow"><img src="https://a.fsdn.com/sd/twitter_icon_large.png"></a>
<a href="http://www.facebook.com/sharer.php?u=https%3A%2F%2Fyro.slashdot.org%2Fstory%2F24%2F11%2F01%2F2133255%2Fus-indicts-26-year-old-gotbit-founder-for-market-manipulation%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook" rel="nofollow"><img src="https://a.fsdn.com/sd/facebook_icon_large.png"></a>https://yro.slashdot.org/story/24/11/01/2133255/us-indicts-26-year-old-gotbit-founder-for-market-manipulation?utm_source=rss1.0moreanon&utm_medium=feed
at Slashdot.
https://yro.slashdot.org/story/24/11/01/2133255/us-indicts-26-year-old-gotbit-founder-for-market-manipulation?utm_source=rss1.0mainlinkanon&utm_medium=feed
Uranus' Moon Miranda May Have an Ocean Beneath Its Surface, Study Finds
A new study suggests Uranus' moon Miranda may harbor a vast subsurface ocean, challenging previous assumptions about its frozen state and positioning it as a potential ocean world alongside other icy moons. Phys.Org reports: Among the moons in the solar system, Miranda stands out. The few images Voyager 2 captured in 1986 show Miranda's southern hemisphere (the only part we've seen) is a Frankenstein-like hodgepodge of grooved terrain quartered off by rough scarps and cratered areas, like squares on a quilt. Most researchers suspect these bizarre structures are the result of tidal forces and heating within the moon. Caleb Strom, a graduate student at the University of North Dakota who worked with Nordheim and Alex Patthoff of the Planetary Science Institute in Arizona, revisited the Voyager 2 images. The team set out to explain Miranda's enigmatic geology by reverse engineering the surface features, working backward to uncover what the moon's interior structure must have been to shape the moon's geology in response to tidal forcing.
After first mapping the various surface features like cracks, ridges and Miranda's unique trapezoidal coronae, the team developed a computer model to test several possible structures of the moon's interior, matching the predicted stress patterns to the actual surface geology. The setup that produced the best match between predicted stress patterns and observed surface features required the existence of vast ocean beneath Miranda's icy surface some 100-500 million years ago. This subsurface ocean was at least 62 miles (100 kilometers) deep, according to the study, and hidden beneath an icy crust no more than 19 miles (30 kilometers) thick. Given Miranda has a radius of just 146 miles (235 kilometers), the ocean would have filled almost half of the moon's body. "That result was a big surprise to the team," Strom said.
Key to creating that ocean, the researchers believe, were tidal forces between Miranda and nearby moons. These regular gravitational tugs can be amplified by orbital resonances -- a configuration where each moon's period around a planet is an exact integer of the others' periods. Jupiter's moons Io and Europa, for example, have a 2:1 resonance: For every two orbits Io makes around Jupiter, Europa makes exactly one, leading to tidal forces that are known to sustain an ocean beneath Europa's surface. These orbital configurations and the resulting tidal forces deform the moons like rubber balls, leading to friction and heat that keeps interiors warm. This also creates stresses that crack the surface, creating a rich tapestry of geologic features. Numerical simulations have suggested that Miranda and its neighboring moons likely had such a resonance in the past, offering a potential mechanism that could have warmed Miranda's interior to produce and maintain a subsurface ocean.
At some point, the moons' orbital ballet desynchronized, slowing the heating process so that the moon's insides started to cool and solidify. But the team doesn't think Miranda's interior has fully frozen yet. If the ocean had completely frozen, Nordheim explained, it would have expanded and caused certain telltale cracks on the surface, which aren't there. This suggests that Miranda is still cooling -- and may have an ocean beneath its surface even now. Miranda's modern-day ocean is probably relatively thin, Strom noted. "But the suggestion of an ocean inside one of the most distant moons in the solar system is remarkable," he said. Miranda wasn't predicted to have an ocean. With its small size and old age, scientists thought it would likely be a frozen ball of ice. Any leftover heat from its formation was assumed to have dissipated long ago. But as Patthoff pointed out, predictions about ice moons can be wrong, as evidenced by Saturn's moon Enceladus. The study has been published in The Planetary Science Journal.
<a href="http://twitter.com/home?status=Uranus'+Moon+Miranda+May+Have+an+Ocean+Beneath+Its+Surface%2C+Study+Finds%3A+https%3A%2F%2Fscience.slashdot.org%2Fstory%2F24%2F10%2F31%2F2249217%2F%3Futm_source%3Dtwitter%26utm_medium%3Dtwitter" rel="nofollow"><img src="https://a.fsdn.com/sd/twitter_icon_large.png"></a>
<a href="http://www.facebook.com/sharer.php?u=https%3A%2F%2Fscience.slashdot.org%2Fstory%2F24%2F10%2F31%2F2249217%2Furanus-moon-miranda-may-have-an-ocean-beneath-its-surface-study-finds%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook" rel="nofollow"><img src="https://a.fsdn.com/sd/facebook_icon_large.png"></a>https://science.slashdot.org/story/24/10/31/2249217/uranus-moon-miranda-may-have-an-ocean-beneath-its-surface-study-finds?utm_source=rss1.0moreanon&utm_medium=feed
at Slashdot.
https://science.slashdot.org/story/24/10/31/2249217/uranus-moon-miranda-may-have-an-ocean-beneath-its-surface-study-finds?utm_source=rss1.0mainlinkanon&utm_medium=feed
Ghost Jobs Are Wreaking Havoc On Tech Workers
An anonymous reader quotes a report from SFGATE: If you've recently been laid off and have started the arduous process of looking for a new job, you've probably seen them on networking platforms like LinkedIn: postings for roles that are 30 days old, maybe more, with suspiciously wide salary ranges. They usually have hundreds, or even thousands, of hopeful applicants vying for the same position, but if you do a quick cross-check and notice that the role isn't posted on the company's actual website -- or any of their social media pages -- you should probably stop drafting that cover letter, because it's possible they're not hiring at all. "Ghost jobs," or ads for positions that aren't actually open, are a common phenomenon in the tech industry, which has been plagued by layoffs and budget cuts over recent years. As unemployed workers struggle to regain their footing, recruiters and career coaches who spoke with SFGATE warned that these fake jobs posted by real companies serve multiple, sometimes insidious purposes.
According to a 2024 survey from MyPerfectResume, 81% of recruiters admitted to posting ads for positions that were fake or already filled. While some respondents said employers did it to maintain a presence on job boards and build a talent pool, it's also used to commit psychological warfare: 25% said ghost jobs helped companies gauge how replaceable their employees were, while 23% said it helped make the company appear more stable during a hiring freeze. Another damning 2024 report from Resume Builder said that 62% companies posted them specifically to make their employees feel replaceable. They also made ads to "trick overworked employees" into believing that more people would be brought on to alleviate their overwhelming workload.
After interviewing 1,641 hiring managers, Resume Builder researchers found that 40% of employers posted fake job listings in 2024, and that three in 10 currently had ghost jobs listed. The idea to post them mostly trickled down from HR, followed by senior management and executives, their June 2024 article continued. Though the listings were posted on multiple hiring platforms, the majority of them appeared on LinkedIn and the companies' websites. Evidence suggests this trend is taking hold throughout the Bay Area, too. A collaborative document circulating online reveals a growing list of employers accused of posting ghost jobs. Many of them, it turns out, are tech companies with offices based in California.
<a href="http://twitter.com/home?status=Ghost+Jobs+Are+Wreaking+Havoc+On+Tech+Workers%3A+https%3A%2F%2Fslashdot.org%2Fstory%2F24%2F10%2F31%2F206209%2F%3Futm_source%3Dtwitter%26utm_medium%3Dtwitter" rel="nofollow"><img src="https://a.fsdn.com/sd/twitter_icon_large.png"></a>
<a href="http://www.facebook.com/sharer.php?u=https%3A%2F%2Fslashdot.org%2Fstory%2F24%2F10%2F31%2F206209%2Fghost-jobs-are-wreaking-havoc-on-tech-workers%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook" rel="nofollow"><img src="https://a.fsdn.com/sd/facebook_icon_large.png"></a>https://slashdot.org/story/24/10/31/206209/ghost-jobs-are-wreaking-havoc-on-tech-workers?utm_source=rss1.0moreanon&utm_medium=feed
at Slashdot.
https://slashdot.org/story/24/10/31/206209/ghost-jobs-are-wreaking-havoc-on-tech-workers?utm_source=rss1.0mainlinkanon&utm_medium=feed
US Military Makes First Confirmed OpenAI Purchase For War-Fighting Forces
An anonymous reader quotes a report from The Intercept: Less than a year after OpenAI quietly signaled it wanted to do business with the Pentagon, a procurement document obtained by The Intercept shows U.S. Africa Command, or AFRICOM, believes access to OpenAI's technology is "essential" for its mission. TheSeptember 30 documentlays out AFRICOM's rationale for buying cloud computing services directly from Microsoft as part of its $9 billion Joint Warfighting Cloud Capability contract, rather than seeking another provider on the open market. "The USAFRICOM operates in a dynamic and evolving environment where IT plays a critical role in achieving mission objectives," the document reads, including "its vital mission in support of our African Mission Partners [and] USAFRICOM joint exercises."
The document, labeled Controlled Unclassified Information, is marked as FEDCON, indicating it is not meant to be distributed beyond government or contractors. It shows AFRICOM's request was approved by the Defense Information Systems Agency. While the price of the purchase is redacted, the approval document notes its value is less than $15 million. Like the rest of the Department of Defense, AFRICOM -- which oversees the Pentagon's operations across Africa, including local military cooperation with U.S. allies there -- has an increasing appetite for cloud computing. The Defense Department already purchases cloud computing access from Microsoft via the Joint Warfighting Cloud Capability project. This new document reflects AFRICOM's desire to bypass contracting red tape and buy immediatelyMicrosoft Azure cloud services, including OpenAI software, without considering other vendors. AFRICOM states that the "ability to support advanced AI/ML workloads is crucial. This includes services for search, natural language processing, [machine learning], and unified analytics for data processing." And according to AFRICOM, Microsoft's Azure cloud platform, which includes a suite of tools provided by OpenAI, is the only cloud provider capable of meeting its needs.
Microsoft began selling OpenAI's GPT-4 large language model to defense customers in June 2023. Earlier this year, following the revelation that OpenAI had changed its mind on military work, the company announced a cybersecurity collaboration with DARPA in January and said its tools would be used for an unspecified veteran suicide prevention initiative. In April, Microsoft pitched the Pentagon on using DALL-E, OpenAI's image generation tool, for command and control software. But the AFRICOM document marks the first confirmed purchase of OpenAI's products by a U.S. combatant command whose mission is one of killing. OpenAI's stated corporate mission remains "to ensure that artificial general intelligence benefits all of humanity." The AFRICOM document marks the first confirmed purchase of OpenAI's products by a U.S. combatant command whose mission is one of killing. "Without access to Microsoft's integrated suite of AI tools and services, USAFRICOM would face significant challenges in analyzing and extracting actionable insights from vast amounts of data," reads the AFRICOM document. "This could lead to delays in decision-making, compromised situational awareness, and decreased agility in responding to dynamic and evolving threats across the African continent." The document contains little information about how exactly the OpenAI tools will be used.
<a href="http://twitter.com/home?status=US+Military+Makes+First+Confirmed+OpenAI+Purchase+For+War-Fighting+Forces%3A+https%3A%2F%2Ftech.slashdot.org%2Fstory%2F24%2F10%2F30%2F2042249%2F%3Futm_source%3Dtwitter%26utm_medium%3Dtwitter" rel="nofollow"><img src="https://a.fsdn.com/sd/twitter_icon_large.png"></a>
<a href="http://www.facebook.com/sharer.php?u=https%3A%2F%2Ftech.slashdot.org%2Fstory%2F24%2F10%2F30%2F2042249%2Fus-military-makes-first-confirmed-openai-purchase-for-war-fighting-forces%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook" rel="nofollow"><img src="https://a.fsdn.com/sd/facebook_icon_large.png"></a>https://tech.slashdot.org/story/24/10/30/2042249/us-military-makes-first-confirmed-openai-purchase-for-war-fighting-forces?utm_source=rss1.0moreanon&utm_medium=feed
at Slashdot.
https://tech.slashdot.org/story/24/10/30/2042249/us-military-makes-first-confirmed-openai-purchase-for-war-fighting-forces?utm_source=rss1.0mainlinkanon&utm_medium=feed
BBC Interviews Charley Kline and Bill Duvall, Creators of Arpanet
The BBC interviewed scientists Charley Kline and Bill Duvall 55 years after the first communications were made over a system called Arpanet, short for the Advanced Research Projects Agency Network. "Kline and Duvall were early inventors of networking, networks that would ultimately lead to what is today the Internet," writes longtime Slashdot reader dbialac. "Duvall had basic ideas what might come of the networks, but they had no idea of how much of a phenomenon it would turn into." Here's an excerpt from the interview: BBC: What did you expect Arpanet to become?
Duvall: "I saw the work we were doing at SRI as a critical part of a larger vision, that of information workers connected to each other and sharing problems, observations, documents and solutions. What we did not see was the commercial adoption nor did we anticipate the phenomenon of social media and the associated disinformation plague. Although, it should be noted, that in [SRI computer scientist] Douglas Engelbart's 1962 treatise describing the overall vision, he notes that the capabilities we were creating would trigger profound change in our society, and it would be necessary to simultaneously use and adapt the tools we were creating to address the problems which would arise from their use in society."
What aspects of the internet today remind you of Arpanet?
Duvall: Referring to the larger vision which was being created in Engelbart's group (the mouse, full screen editing, links, etc.), the internet today is a logical evolution of those ideas enhanced, of course, by the contributions of many bright and innovative people and organisations.
Kline: The ability to use resources from others. That's what we do when we use a website. We are using the facilities of the website and its programs, features, etc. And, of course, email. The Arpanet pretty much created the concept of routing and multiple paths from one site to another. That got reliability in case a communication line failed. It also allowed increases in communication speeds by using multiple paths simultaneously. Those concepts have carried over to the internet. Today, the site of the first internet transmission at UCLA's Boetler Hally Room 3420 functions as a monument to technology history (Credit: Courtesy of UCLA)
As we developed the communications protocols for the Arpanet, we discovered problems, redesigned and improved the protocols and learned many lessons that carried over to the Internet. TCP/IP [the basic standard for internet connection] was developed both to interconnect networks, in particular the Arpanet with other networks, and also to improve performance, reliability and more.
How do you feel about this anniversary?
Kline: That's a mix. Personally, I feel it is important, but a little overblown. The Arpanet and what sprang from it are very important. This particular anniversary to me is just one of many events. I find somewhat more important than this particular anniversary were the decisions by Arpa to build the Network and continue to support its development.
Duvall: It's nice to remember the origin of something like the internet, but the most important thing is the enormous amount of work that has been done since that time to turn it into what is a major part of societies worldwide.
<a href="http://twitter.com/home?status=BBC+Interviews+Charley+Kline+and+Bill+Duvall%2C+Creators+of+Arpanet%3A+https%3A%2F%2Ftech.slashdot.org%2Fstory%2F24%2F10%2F29%2F2233243%2F%3Futm_source%3Dtwitter%26utm_medium%3Dtwitter" rel="nofollow"><img src="https://a.fsdn.com/sd/twitter_icon_large.png"></a>
<a href="http://www.facebook.com/sharer.php?u=https%3A%2F%2Ftech.slashdot.org%2Fstory%2F24%2F10%2F29%2F2233243%2Fbbc-interviews-charley-kline-and-bill-duvall-creators-of-arpanet%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook" rel="nofollow"><img src="https://a.fsdn.com/sd/facebook_icon_large.png"></a>https://tech.slashdot.org/story/24/10/29/2233243/bbc-interviews-charley-kline-and-bill-duvall-creators-of-arpanet?utm_source=rss1.0moreanon&utm_medium=feed
at Slashdot.
https://tech.slashdot.org/story/24/10/29/2233243/bbc-interviews-charley-kline-and-bill-duvall-creators-of-arpanet?utm_source=rss1.0mainlinkanon&utm_medium=feed
Fitness App Strava Gives Away Location of Foreign Leaders, Report Finds
French newspaper Le Monde found that the fitness app Strava can easily track confidential movements of foreign leaders, including U.S. President Joe Biden, and presidential rivals Donald Trump and Kamala Harris. The Independent reports: Le Monde found that some U.S. Secret Service agents use the Strava fitness app, including in recent weeks after two assassination attempts on Trump, in a video investigation released in French and in English. Strava is a fitness tracking app primarily used by runners and cyclists to record their activities and share their workouts with a community. Le Monde also found Strava users among the security staff for French President Emmanuel Macron and Russian President Vladimir Putin. In one example, Le Monde traced the Strava movements of Macron's bodyguards to determine that the French leader spent a weekend in the Normandy seaside resort of Honfleur in 2021. The trip was meant to be private and wasn't listed on the president's official agenda.
Le Monde said the whereabouts of Melania Trump and Jill Biden could also be pinpointed by tracking their bodyguards' Strava profiles. In a statement to Le Monde, the U.S. Secret Service said its staff aren't allowed to use personal electronic devices while on duty during protective assignments but "we do not prohibit an employee's personal use of social media off-duty." "Affected personnel has been notified," it said. "We will review this information to determine if any additional training or guidance is required." "We do not assess that there were any impacts to protective operations or threats to any protectees," it added. Locations "are regularly disclosed as part of public schedule releases."
In another example, Le Monde reported that a U.S. Secret Service agent's Strava profile revealed the location of a hotel where Biden subsequently stayed in San Francisco for high-stakes talks with Chinese President Xi Jinping in 2023. A few hours before Biden's arrival, the agent went jogging from the hotel, using Strava which traced his route, the newspaper found. The newspaper's journalists say they identified 26 U.S. agents, 12 members of the French GSPR, the Security Group of the Presidency of the Republic, and six members of the Russian FSO, or Federal Protection Service, all of them in charge of presidential security, who had public accounts on Strava and were therefore communicating their movements online, including during professional trips. Le Monde did not identify the bodyguards by name for security reasons.
<a href="http://twitter.com/home?status=Fitness+App+Strava+Gives+Away+Location+of+Foreign+Leaders%2C+Report+Finds%3A+https%3A%2F%2Fyro.slashdot.org%2Fstory%2F24%2F10%2F28%2F2239220%2F%3Futm_source%3Dtwitter%26utm_medium%3Dtwitter" rel="nofollow"><img src="https://a.fsdn.com/sd/twitter_icon_large.png"></a>
<a href="http://www.facebook.com/sharer.php?u=https%3A%2F%2Fyro.slashdot.org%2Fstory%2F24%2F10%2F28%2F2239220%2Ffitness-app-strava-gives-away-location-of-foreign-leaders-report-finds%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook" rel="nofollow"><img src="https://a.fsdn.com/sd/facebook_icon_large.png"></a>https://yro.slashdot.org/story/24/10/28/2239220/fitness-app-strava-gives-away-location-of-foreign-leaders-report-finds?utm_source=rss1.0moreanon&utm_medium=feed
at Slashdot.
https://yro.slashdot.org/story/24/10/28/2239220/fitness-app-strava-gives-away-location-of-foreign-leaders-report-finds?utm_source=rss1.0mainlinkanon&utm_medium=feed
Apple Intelligence Is Out Today
An anonymous reader quotes a report from The Verge: Apple's AI features are finally starting to appear. Apple Intelligence is launching today on the iPhone, iPad, and Mac, offering features like generative AI-powered writing tools, notification summaries, and a cleanup tool to take distractions out of photos. It's Apple's first official step into the AI era, but it'll be far from its last. Apple Intelligence has been available in developer and public beta builds of Apple's operating systems for the past few months, but today marks the first time it'll be available in the full public OS releases. Even so, the features will still be marked as "beta," and Apple Intelligence will very much remain a work in progress. (You'll have to get on a waitlist to try Apple Intelligence, too.) Siri gets a new look, but its most consequential new features -- like the ability to take action in apps -- probably won't arrive until well into 2025.
In the meantime, Apple has released a very "AI starter kit" set of features. "Writing Tools" will help you summarize notes, change the tone of your messages to make them friendlier or more professional, and turn a wall of text into a list or table. You'll see AI summaries in notifications and emails, along with a new focus mode that aims to filter out unimportant alerts. The updated Siri is signified by a glowing border around the screen, and it now allows for text input by double-tapping the bottom of the screen. It's helpful stuff, but we've seen a lot of this before, and it'll hardly represent a seismic shift in how you use your iPhone. Apple says that more Apple Intelligence features will arrive in December. [...] Availability will expand in December to Australia, Canada, Ireland, New Zealand, South Africa, and the UK, with additional languages coming in April. Despite Apple's previous claim that Apple Intelligence wouldn't be available in the European Union due to the Digital Markets Act, the features will, in fact, be coming to Europe in April of next year.
Further reading: Apple Updates the iMac With M4 Chip
<a href="http://twitter.com/home?status=Apple+Intelligence+Is+Out+Today%3A+https%3A%2F%2Fmobile.slashdot.org%2Fstory%2F24%2F10%2F28%2F2053259%2F%3Futm_source%3Dtwitter%26utm_medium%3Dtwitter" rel="nofollow"><img src="https://a.fsdn.com/sd/twitter_icon_large.png"></a>
<a href="http://www.facebook.com/sharer.php?u=https%3A%2F%2Fmobile.slashdot.org%2Fstory%2F24%2F10%2F28%2F2053259%2Fapple-intelligence-is-out-today%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook" rel="nofollow"><img src="https://a.fsdn.com/sd/facebook_icon_large.png"></a>https://mobile.slashdot.org/story/24/10/28/2053259/apple-intelligence-is-out-today?utm_source=rss1.0moreanon&utm_medium=feed
at Slashdot.
https://mobile.slashdot.org/story/24/10/28/2053259/apple-intelligence-is-out-today?utm_source=rss1.0mainlinkanon&utm_medium=feed
The Search for Room-Temperature Superconductivity is Continuing
Communications of the ACM checks in on the quest for room-temperature superconductivity. "Time and time again, physicists have announced breakthroughs that were later found to be irreproducible, in error, or even fraudulent."
But "The issue is once again simmering..."
In January 2024, a group of researchers from Europe and South America announced they had achieved a milestone in room-temperature ambient-pressure superconductivity. Using Scotch-taped cleaved pyrolytic graphite with surface wrinkles, which formed line defects, they observed a room-temperature superconducting state. Their paper, published in the journal Advanced Quantum Technologies, has gained considerable attention in the scientific world... Although many in the scientific community remain incredulous, if valid, this development could help solve a key piece of the puzzle: how defects and wrinkles in a material such as scotch-taped cleaved pyrolytic graphite (HOPG) affect electrical properties and behavior within superconductive systems...
"We haven't reached a point where there is a clear path to room temperature superconductivity because researchers are either overly enthusiastic or deceptive," said Elie Track, chief technology officer at HYPRES, Inc., an Elmsford, NY, company that develops and commercializes superconductor integrated circuits (ICs) and systems. "People fail to check measurements and others can't reproduce their results. There is a lot of carelessness and sloppy science surrounding the space because people are so eager to achieve success." The team conducting research into scotch-taped cleaved pyrolytic graphite believe their discovery could tilt the search for practically useful room-temperature superconductivity in a favorable direction. They reported they were able to achieve one-dimensional superconductivity in pyrolytic graphite at temperatures as great as 300 degrees Kelvin (26.85 degrees Celsius), and at ambient pressure. Vinokur and physicist Maria Cristina Diamantini described the development as the first "unambiguous experimental evidence" for a global room temperature zero-resistance state. If true, the team's research could illuminate a path to new superconducting materials....
Others remain skeptical, however. For example Alan Kadin [a technical consultant in the field and a former professor of electrical engineering at the University of Rochester] pointed out that one of the key researchers for the project, Yakov Kopelevich, has been working in the field for two decades and, so far, "The results are not reproducible in other labs...Until someone else independently reproduces these results, I think we can safely ignore them," he argued...
Yet as scientists continue to bang away at the superconducting challenge — including the possibility of using generative AI to explore materials and techniques — optimism is growing that a major breakthrough could occur.
<a href="http://twitter.com/home?status=The+Search+for+Room-Temperature+Superconductivity+is+Continuing%3A+https%3A%2F%2Fhardware.slashdot.org%2Fstory%2F24%2F10%2F28%2F0211230%2F%3Futm_source%3Dtwitter%26utm_medium%3Dtwitter" rel="nofollow"><img src="https://a.fsdn.com/sd/twitter_icon_large.png"></a>
<a href="http://www.facebook.com/sharer.php?u=https%3A%2F%2Fhardware.slashdot.org%2Fstory%2F24%2F10%2F28%2F0211230%2Fthe-search-for-room-temperature-superconductivity-is-continuing%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook" rel="nofollow"><img src="https://a.fsdn.com/sd/facebook_icon_large.png"></a>https://hardware.slashdot.org/story/24/10/28/0211230/the-search-for-room-temperature-superconductivity-is-continuing?utm_source=rss1.0moreanon&utm_medium=feed
at Slashdot.
https://hardware.slashdot.org/story/24/10/28/0211230/the-search-for-room-temperature-superconductivity-is-continuing?utm_source=rss1.0mainlinkanon&utm_medium=feed
Has Online Shopping Left Warehouse Workers WIthout Political Power?
A writer for the New York Times editorial board argues we don't yet fully understand the impact of warehouses. "Thanks to the rise of online shopping and the proximity to so many American doorsteps, warehouses have become a major source of blue-collar employment," both in Bethlehem, Pennsylvania and beyond. "In Pennsylvania's Lehigh Valley, more than 19,000 people work in the warehouses that prepare our packages. Thousands more drive the trucks that deliver them."
But while the total number of warehouse-related jobs almost replaces the jobs lost from the closure of a major steel plant, "the political power that blue-collar workers once wielded has not been replaced."
Despite their large numbers, their importance to the economy, and their presence in Northampton — a swing county in a crucial battleground state — warehouse workers don't form an influential voting bloc in the way that steelworkers did... It turns out that making stuff isn't the same as distributing it. Working in a steel mill is a communal act that lends itself to the pursuit of political power in a way that warehouse jobs do not. Steelworkers toiled alongside one another, forming lifelong bonds, bowling leagues and unions that delivered a reliable voting bloc. Back when thousands of workers streamed out of the gates of Bethlehem Steel at quitting time, "politicians would come out to shake our hands," Jerry Green, retired president of United Steelworkers Local 2599, told me.
Factories were so good at political mobilization, in fact, that some credit them for democracy itself. Women and working-class men won the right to vote in the United States, Western Europe and much of East Asia after about a quarter of those populations were employed in factories, according to recent research by Sam van Noort, a lecturer at Princeton. Warehouses, by contrast, have no such mystique. Nobody campaigns outside the Walmart distribution centers here. Workers tend to be hired by staffing agencies and many stay for only a few months. They work on their own and rarely socialize. They are notoriously difficult to organize. Alec MacGillis, author of "Fulfillment: America in the Shadow of Amazon," told me that the biggest challenge for labor organizers at Amazon warehouses was getting workers to stay on the job long enough to feel a sense of solidarity.
Malenie Tapia, who moved to Bethlehem from Queens, N.Y., five years ago and took a job as a "picker" in a Zara warehouse, explained why. For eight hours a day, she grabbed items off numbered shelves and delivered them to packers who packed them into boxes. Talking to co-workers was forbidden, she said, except during a brief lunch break. "Sometimes I would go to the section in the back, where there would be less eyes on you, and sneak in a little moment of conversation," she said.
Here's what happened when the reporter asked a pair of Latino workers about their political opinions:
Most of all, they fretted about being replaced by machines. They spoke with dread about a fully automated McDonald's and a robot that unloads container ships. They didn't seem to see themselves as part of a working class that could band together to demand protections for their jobs.
The hot political issue around warehouses isn't the workers at all; it's the traffic and loss of green space associated with them. Both the Democratic and Republican candidates in the race for a state representative seat in Northampton have vowed to stop the proliferation of warehouses, which some citizens' groups say destroys their rural way of life. If warehouse workers had a political voice, they might push back. But they don't, so they won't. Warehouses have been an economic boon. But politically, for workers, they are a loss.
<a href="http://twitter.com/home?status=Has+Online+Shopping+Left+Warehouse+Workers+WIthout+Political+Power%3F%3A+https%3A%2F%2Fpolitics.slashdot.org%2Fstory%2F24%2F10%2F27%2F2042226%2F%3Futm_source%3Dtwitter%26utm_medium%3Dtwitter" rel="nofollow"><img src="https://a.fsdn.com/sd/twitter_icon_large.png"></a>
<a href="http://www.facebook.com/sharer.php?u=https%3A%2F%2Fpolitics.slashdot.org%2Fstory%2F24%2F10%2F27%2F2042226%2Fhas-online-shopping-left-warehouse-workers-without-political-power%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook" rel="nofollow"><img src="https://a.fsdn.com/sd/facebook_icon_large.png"></a>https://politics.slashdot.org/story/24/10/27/2042226/has-online-shopping-left-warehouse-workers-without-political-power?utm_source=rss1.0moreanon&utm_medium=feed
at Slashdot.
https://politics.slashdot.org/story/24/10/27/2042226/has-online-shopping-left-warehouse-workers-without-political-power?utm_source=rss1.0mainlinkanon&utm_medium=feed
UK Nuclear Site's Clean-Up Costs Rise To £136 Billion
The cost of cleaning up the U.K.'s largest nuclear site, "is expected to spiral to £136 billion" (about $176 billion), according to the Guardian, creating tension with the country's public-spending watchdog.
Projects to fix the state-owned buildings with hazardous and radioactive material "are running years late and over budget," the Guardian notes, with the National Audit Office suggesting spending at the Sellafield site has risen to more than £2.7 billion a year ($3.49 billion).
Europe's most hazardous industrial site has previously been described by a former UK secretary of state as a "bottomless pit of hell, money and despair". The Guardian's Nuclear Leaks investigation in late 2023 revealed a string of cybersecurity problems at the site, as well as issues with its safety and workplace culture. The National Audit Office found that Sellafield was making slower-than-hoped progress on making the site safe and that three of its most hazardous storage sites pose an "intolerable risk".
The site is a sprawling collection of buildings, many never designed to hold nuclear waste long-term, now in various states of disrepair. It stores and treats decades of nuclear waste from atomic power generation and weapons programmes, has taken waste from countries including Italy and Sweden, and is the world's largest store of plutonium.
Sellafield is forecast to cost £136bn to decommission, which is £21.4bn or 18.8% higher than was forecast in 2019. Its buildings are expected to be finally torn down by 2125 and its nuclear waste buried deep underground at an undecided English location. The underground project's completion date has been delayed from 2040 to the 2050s at the earliest, meaning Sellafield will need to build more stores and manage waste for longer. Each decade of delay costs Sellafield between £500m and £760m, the National Audit Office said.
Meanwhile, the government hopes to ramp up nuclear power generation, which will create more waste.
"Plans to clean up three of its worst ponds — which contain hazardous nuclear sludge that must be painstakingly removed — are running six to 13 years later than forecast when the National Audit Office last drew up a report, in 2018... "
"One pond, the Magnox swarf storage silo, is leaking 2,100 litres of contaminated water each day, the NAO found. The pond was due to be emptied by 2046 but this has slipped to 2059."
Thanks to long-time Slashdot reader AmiMoJo for sharing the news.
<a href="http://twitter.com/home?status=UK+Nuclear+Site's+Clean-Up+Costs+Rise+To+%26pound%3B136+Billion%3A+https%3A%2F%2Fnews.slashdot.org%2Fstory%2F24%2F10%2F26%2F0239228%2F%3Futm_source%3Dtwitter%26utm_medium%3Dtwitter" rel="nofollow"><img src="https://a.fsdn.com/sd/twitter_icon_large.png"></a>
<a href="http://www.facebook.com/sharer.php?u=https%3A%2F%2Fnews.slashdot.org%2Fstory%2F24%2F10%2F26%2F0239228%2Fuk-nuclear-sites-clean-up-costs-rise-to-136-billion%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook" rel="nofollow"><img src="https://a.fsdn.com/sd/facebook_icon_large.png"></a>https://news.slashdot.org/story/24/10/26/0239228/uk-nuclear-sites-clean-up-costs-rise-to-136-billion?utm_source=rss1.0moreanon&utm_medium=feed
at Slashdot.
https://news.slashdot.org/story/24/10/26/0239228/uk-nuclear-sites-clean-up-costs-rise-to-136-billion?utm_source=rss1.0mainlinkanon&utm_medium=feed
Did Capturing Carbon from the Air Just Get Easier?
"We passed Berkeley air — just outdoor air — into the material to see how it would perform," says U.C. Berkeley chemistry professor Omar Yaghi, "and it was beautiful.
"It cleaned the air entirely of CO2," Yaghi says in an announcement from the university. "Everything."
SFGate calls it "a discovery that could help potentially mitigate the effects of climate change..."
Yaghi's lab has worked on carbon capture since the 1990s and began work on these crystalline structures in 2005. The innovative substance has lots of tiny holes, making it "great for storing gases or liquids, much like a sponge holds water," Yaghi said... While it could take one to two years for the powder to be usable in large-scale applications, Yaghi co-founded Atoco, an Irvine company, to commercialize his research and expand it beyond just carbon capture and storage.
"Capturing carbon from the air just got easier," says the headline on the anouncement from the university, which explains why this technology is crucial:
[T]oday's carbon capture technologies work well only for concentrated sources of carbon, such as power plant exhaust. The same methods cannot efficiently capture carbon dioxide from ambient air, where concentrations are hundreds of times lower than in flue gases. Yet direct air capture, or DAC, is being counted on to reverse the rise of CO2 levels, which have reached 426 parts per million, 50% higher than levels before the Industrial Revolution. Without it, according to the Intergovernmental Panel on Climate Change, we won't reach humanity's goal of limiting warming to 1.5 degreesC (2.7 degreesF) above preexisting global averages.
A new type of absorbing material developed by chemists at the University of California, Berkeley, could help get the world to negative emissions... According to Yaghi, the new material could be substituted easily into carbon capture systems already deployed or being piloted to remove CO2 from refinery emissions and capture atmospheric CO2 for storage underground. UC Berkeley graduate student Zihui Zhou, the paper's first author, said that a mere 200 grams of the material, a bit less than half a pound, can take up as much CO2 in a year — 20 kilograms (44 pounds) — as a tree.
Their research was published this week in the journal Nature.
And it's also interesting that they're using AI, according to the university's announcement:
Yaghi is optimistic that artificial intelligence can help speed up the design of even better COFs and MOFs for carbon capture or other purposes, specifically by identifying the chemical conditions required to synthesize their crystalline structures. He is scientific director of a research center at UC Berkeley, the Bakar Institute of Digital Materials for the Planet (BIDMaP), which employs AI to develop cost-efficient, easily deployable versions of MOFs and COFs to help limit and address the impacts of climate change. "We're very, very excited about blending AI with the chemistry that we've been doing," he said.
Another potential use could be for harvesting water from desert air for drinking water, Yaghi told SFGate. But he seems very focused specifically on carbon capture.
"Another thing is that we need a strong determination among officials and industries to make carbon capture a high priority. Things have to change, but I believe that direct carbon capture from air is very doable."
<a href="http://twitter.com/home?status=Did+Capturing+Carbon+from+the+Air+Just+Get+Easier%3F%3A+https%3A%2F%2Fscience.slashdot.org%2Fstory%2F24%2F10%2F26%2F2318201%2F%3Futm_source%3Dtwitter%26utm_medium%3Dtwitter" rel="nofollow"><img src="https://a.fsdn.com/sd/twitter_icon_large.png"></a>
<a href="http://www.facebook.com/sharer.php?u=https%3A%2F%2Fscience.slashdot.org%2Fstory%2F24%2F10%2F26%2F2318201%2Fdid-capturing-carbon-from-the-air-just-get-easier%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook" rel="nofollow"><img src="https://a.fsdn.com/sd/facebook_icon_large.png"></a>https://science.slashdot.org/story/24/10/26/2318201/did-capturing-carbon-from-the-air-just-get-easier?utm_source=rss1.0moreanon&utm_medium=feed
at Slashdot.
https://science.slashdot.org/story/24/10/26/2318201/did-capturing-carbon-from-the-air-just-get-easier?utm_source=rss1.0mainlinkanon&utm_medium=feed
Egyptian Blogger/Developer Still Held in Prison 28 Days After His Release Date
In 2004 Alaa Abd El Fattah answered questions from Slashdot's readers about organizing the first-ever Linux installfest in Egypt.
In 2014 he was arrested for organizing poltical protests without requesting authorization, according to Wikipedia, and then released on bail — but then sentenced to five years in prison upon retrial. He was released in late March of 2019, but then re-arrested again in September by the National Security Agency, convicted of "spreading fake news" and jailed for five years...
Wikipedia describes Abd El-Fattah as an "Egyptian-British blogger, software developer and a political activist" who has been "active in developing Arabic-language versions of software and platforms." But this week an EFF blog post noticed that his released date had recently passed — and yet he was still in prison:
It's been 28 days since September 29, the day that should have seen British-Egyptian blogger, coder, and activist Alaa Abd El Fattah walk free. Egyptian authorities refused to release him at the end of his sentence, in contradiction of the country's own Criminal Procedure Code, which requires that time served in pretrial detention count toward a prison sentence. [Human Rights Watch says Egyptian authorities are refusing to count more than two years of pretrial detention toward his time served. Amnesty International has also called for his release.] In the days since, Alaa's family has been able to secure meetings with high-level British officials, including Foreign Secretary David Lammy, but as of yet, the Egyptian government still has not released Alaa...
Alaa deserves to finally return to his family, now in the UK, and to be reunited with his son, Khaled, who is now a teenager. We urge EFF supporters in the UK to write to their MP to place pressure on the UK's Labour government to use their power to push for Alaa's release.
Last month the EFF wrote::
Over 20 years ago Alaa began using his technical skills to connect coders and technologists in the Middle East to build online communities where people could share opinions and speak freely and privately. The role he played in using technology to amplify the messages of his fellow Egyptians — as well as his own participation in the uprising in Tahrir Square — made him a prominent global voice during the Arab Spring, and a target for the country's successive repressive regimes, which have used antiterrorism laws to silence critics by throwing them in jail and depriving them of due process and other basic human rights.
Alaa is a symbol for the principle of free speech in a region of the world where speaking out for justice and human rights is dangerous and using the power of technology to build community is criminalized...
<a href="http://twitter.com/home?status=Egyptian+Blogger%2FDeveloper+Still+Held+in+Prison+28+Days+After+His+Release+Date%3A+https%3A%2F%2Fyro.slashdot.org%2Fstory%2F24%2F10%2F26%2F0312259%2F%3Futm_source%3Dtwitter%26utm_medium%3Dtwitter" rel="nofollow"><img src="https://a.fsdn.com/sd/twitter_icon_large.png"></a>
<a href="http://www.facebook.com/sharer.php?u=https%3A%2F%2Fyro.slashdot.org%2Fstory%2F24%2F10%2F26%2F0312259%2Fegyptian-bloggerdeveloper-still-held-in-prison-28-days-after-his-release-date%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook" rel="nofollow"><img src="https://a.fsdn.com/sd/facebook_icon_large.png"></a>https://yro.slashdot.org/story/24/10/26/0312259/egyptian-bloggerdeveloper-still-held-in-prison-28-days-after-his-release-date?utm_source=rss1.0moreanon&utm_medium=feed
at Slashdot.
https://yro.slashdot.org/story/24/10/26/0312259/egyptian-bloggerdeveloper-still-held-in-prison-28-days-after-his-release-date?utm_source=rss1.0mainlinkanon&utm_medium=feed
Oddbean new post about login | logout
Notes by Slashdot (RSS Feed) | export
Is AI-Driven 0-Day Detection Here? "AI-driven 0-day detection is here," argues a new blog post from ZeroPath, makers of a GitHub app that "detects, verifies, and issues pull requests for security vulnerabilities in your code." They write that AI-assisted security research "has been quietly advancing" since early 2023, when researchers at the DARPA and ARPA-H's Artificial Intelligence Cyber Challenge demonstrated the first practical applications of LLM-powered vulnerability detection — with new advances continuing. "Since July 2024, ZeroPath's tool has uncovered critical zero-day vulnerabilities — including remote code execution, authentication bypasses, and insecure direct object references — in popular AI platforms and open-source projects." And they ultimately identified security flaws in projects owned by Netflix, Salesforce, and Hulu by "taking a novel approach combining deep program analysis with adversarial AI agents for validation. Our methodology has uncovered numerous critical vulnerabilities in production systems, including several that traditional Static Application Security Testing tools were ill-equipped to find..." TL;DR — most of these bugs are simple and could have been found with a code review from a security researcher or, in some cases, scanners. The historical issue, however, with automating the discovery of these bugs is that traditional SAST tools rely on pattern matching and predefined rules, and miss complex vulnerabilities that do not fit known patterns (i.e. business logic problems, broken authentication flaws, or non-traditional sinks such as from dependencies). They also generate a high rate of false positives. The beauty of LLMs is that they can reduce ambiguity in most of the situations that caused scanners to be either unusable or produce few findings when mass-scanning open source repositories... To do this well, you need to combine deep program analysis with an adversarial agents that test the plausibility of vulnerabilties at each step. The solution ends up mirroring the traditional phases of a pentest — recon, analysis, exploitation (and remediation which is not mentioned in this post)... AI-driven vulnerability detection is moving fast... What's intriguing is that many of these vulnerabilities are pretty straightforward — they could've been spotted with a solid code review or standard scanning tools. But conventional methods often miss them because they don't fit neatly into known patterns. That's where AI comes in, helping us catch issues that might slip through the cracks. "Many vulnerabilities remain undisclosed due to ongoing remediation efforts or pending responsible disclosure processes," according to the blog post, which includes a pie chart showing the biggest categories of vulnerabilities found: 53%: Authorization flaws, including roken access control in API endpoints and unauthorized Redis access and configuration exposure. ("Impact: Unauthorized access, data leakage, and resource manipulation across tenant boundaries.") 26%: File operation issues, including directory traversal in configuration loading and unsafe file handling in upload features. ("Impact: Unauthorized file access, sensitive data exposure, and potential system compromise.") 16%: Code execution vulnerabilities, including command injection in file processing and unsanitized input in system commands. ("Impact: Remote code execution, system command execution, and potential full system compromise.") The company's CIO/cofounder was "former Red Team at Tesla," according to the startup's profile at YCombinator, and earned over $100,000 as a bug-bounty hunter. (And another co-founded is a former Google security engineer.) Thanks to Slashdot reader Mirnotoriety for sharing the article. <a href="http://twitter.com/home?status=Is+AI-Driven+0-Day+Detection+Here%3F%3A+https%3A%2F%2Fit.slashdot.org%2Fstory%2F24%2F11%2F02%2F2150233%2F%3Futm_source%3Dtwitter%26utm_medium%3Dtwitter" rel="nofollow"><img src="https://a.fsdn.com/sd/twitter_icon_large.png"></a> <a href="http://www.facebook.com/sharer.php?u=https%3A%2F%2Fit.slashdot.org%2Fstory%2F24%2F11%2F02%2F2150233%2Fis-ai-driven-0-day-detection-here%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook" rel="nofollow"><img src="https://a.fsdn.com/sd/facebook_icon_large.png"></a> https://it.slashdot.org/story/24/11/02/2150233/is-ai-driven-0-day-detection-here?utm_source=rss1.0moreanon&utm_medium=feed at Slashdot. https://it.slashdot.org/story/24/11/02/2150233/is-ai-driven-0-day-detection-here?utm_source=rss1.0mainlinkanon&utm_medium=feed