Slashdot

A new type of antibiotic "targets bacteria in two ways," writes SciTechDaily, which "could make it 100 million times harder for bacteria to develop resistance, according to recent research from the University of Illinois Chicago." Their experiments demonstrate that [a class of synthetic drugs called] macrolones can work two different ways — either by interfering with protein production or corrupting DNA structure. Because bacteria would need to implement defenses to both attacks simultaneously, the researchers calculated that drug resistance is nearly impossible. "The beauty of this antibiotic is that it kills through two different targets in bacteria," said Alexander Mankin, distinguished professor of pharmaceutical sciences at UIC. "If the antibiotic hits both targets at the same concentration, then the bacteria lose their ability to become resistant via the acquisition of random mutations in any of the two targets." Macrolones are synthetic antibiotics that combine the structures of two widely used antibiotics with different mechanisms. Macrolides, such as erythromycin, block the ribosome, the protein manufacturing factories of the cell. Fluoroquinolones, such as ciprofloxacin, target a bacteria-specific enzyme called DNA gyrase.... "The main outcome from all of this work is the understanding of how we need to go forward," Mankin said. "And the understanding that we're giving to chemists is that you need to optimize these macrolones to hit both targets." Thanks to long-time Slashdot reader schwit1 for sharing the news.

Read more of this story at Slashdot.

America's National Institute of Standards and Technology (NIST) has released a new open-source software tool called Dioptra for testing the resilience of machine learning models to various types of attacks. "Key features that are new from the alpha release include a new web-based front end, user authentication, and provenance tracking of all the elements of an experiment, which enables reproducibility and verification of results," a NIST spokesperson told SC Media: Previous NIST research identified three main categories of attacks against machine learning algorithms: evasion, poisoning and oracle. Evasion attacks aim to trigger an inaccurate model response by manipulating the data input (for example, by adding noise), poisoning attacks aim to impede the model's accuracy by altering its training data, leading to incorrect associations, and oracle attacks aim to "reverse engineer" the model to gain information about its training dataset or parameters, according to NIST. The free platform enables users to determine to what degree attacks in the three categories mentioned will affect model performance and can also be used to gauge the use of various defenses such as data sanitization or more robust training methods. The open-source testbed has a modular design to support experimentation with different combinations of factors such as different models, training datasets, attack tactics and defenses. The newly released 1.0.0 version of Dioptra comes with a number of features to maximize its accessibility to first-party model developers, second-party model users or purchasers, third-party model testers or auditors, and researchers in the ML field alike. Along with its modular architecture design and user-friendly web interface, Dioptra 1.0.0 is also extensible and interoperable with Python plugins that add functionality... Dioptra tracks experiment histories, including inputs and resource snapshots that support traceable and reproducible testing, which can unveil insights that lead to more effective model development and defenses. NIST also published final versions of three "guidance" documents, according to the article. "The first tackles 12 unique risks of generative AI along with more than 200 recommended actions to help manage these risks. The second outlines Secure Software Development Practices for Generative AI and Dual-Use Foundation Models, and the third provides a plan for global cooperation in the development of AI standards." Thanks to Slashdot reader spatwei for sharing the news.

Read more of this story at Slashdot.

An anonymous reader shared this report from Ars Technica: [I]t might be worth spending more to get a panel that converts more of the incoming sunlight to electricity, since it allows you to get more out of the price paid to get each panel installed. But silicon panels are already pushing up against physical limits on efficiency. Which means our best chance for a major boost in panel efficiency may be to combine silicon with an additional photovoltaic material. Right now, most of the focus is on pairing silicon with a class of materials called perovskites. Perovskite crystals can be layered on top of silicon, creating a panel with two materials that absorb different areas of the spectrum — plus, perovskites can be made from relatively cheap raw materials. Unfortunately, it has been difficult to make perovskites that are both high-efficiency and last for the decades that the silicon portion will. Lots of labs are attempting to change that, though. And two of them reported some progress this week, including a perovskite/silicon system that achieved 34 percent efficiency. One team of researchers "sent a sample to a European test lab, which came out with an efficiency of 33.7 percent," Ars Technica notes. "The researchers have a few ideas that should boost this to 35 percent, but didn't attempt them for this paper. "For comparison, the maximum efficiency for silicon alone is in the area of 27 percent, so that represents a very significant boost and is one of the highest perovskite/silicon combinations ever reported."

Read more of this story at Slashdot.

"Five years ago, Brian Frye set an elaborate trap," writes Decrypt.co. "Now the law professor is teaming up with a singer-songwriter to finally spring it" on America's Security and Exchange Commission "in a novel lawsuit — and in the process, prevent the regulator from ever coming after NFT art projects again." Over and again, the SEC has sued cherry-picked NFT projects it says qualify as unregistered securities — but never once has the regulator defined what types of NFT projects are legal and which are not, casting a chill over the nascent industry... [In 2019] Frye, an expert in securities law and a fan of novel technologies, minted an NFT of a letter he sent to the SEC in which he declared his art project to constitute an illegal, unregistered security. If the conceptual art project wasn't a security, Frye challenged the agency, then it needed to say so. The SEC never responded to Frye — not then, and not after several more self-incriminating correspondences from the professor. But in due time, the agency began vigorously pursuing, and suing, NFT projects. So 10 months ago, Jonathan Mann — who writes a new song every day and shares it online — crafted a song titled "This Song is A Security." As a seller of NFTs himself, Mann wrote the song "to fight back against the SEC, and defend his right — plus the rights of other artists like him — to earn revenue," according to the article: Frye, who'd practically been salivating for such an opportunity for half a decade, was a natural fit.... In the lawsuit filed against the SEC in Louisiana earlier this week, they challenged the SEC's standing to regulate their NFT-backed artworks as securities, and demanded the agency declare that their respective art projects do not constitute illegal, unregistered securities offerings. More from the International Business Times: The complaint asked the court to clarify whether the SEC should regulate art and whether artists were supposed to "register" their artworks before selling the pieces to the general public. The complaint also asked whether artists should be "forced to make public disclosures about the 'risks' of buying their art," and whether artists should be "required to comply" with federal securities laws... The Blockchain Association, a collective crypto group that includes some of the biggest digital asset firms, asserted that the SEC has no authority over NFT art. "We support the plaintiffs in their quest for legal clarity," the group said. In an interview with Slashdot, Mann says he started his "Song a Day" project almost 17 years ago (when he was 26 years old) — and his interest in NFTs is sincere: "Over the years, I've always sought a way to make Song A Day sustainable financially, through video contests, conference gigs, ad revenue, royalties, Patreon and more. "When I came across NFTs in 2017, they didn't have a name. We just called them 'digital collectibles'. For the last 2+ years, NFTs have become that self-sustaining model for my work. "I know most people believe NFTs are a joke at best and actively harmful at worst. Even most people in the crypto community have given up on them. Despite all that, I still believe they're worth pursuing. "Collecting an NFT from an artist you love is the most direct way to support them. There's no multinational corporation, no payment processor, and no venture capitalists between you and the artist you want to support." Slashdot also tracked down the SEC's Office of Public Affairs, and got an official response from SEC public affairs specialist Ryan White. Slashdot: The suit argues that the SEC's approach "threatens the livelihoods of artists and creators that are simply experimenting with a novel, fast-growing technology," and seeks guidance in the face of a "credible threat of enforcement". Is the SEC going to respond to this lawsuit? And if you don't have an answer at this time, can you give me a general comment on the issues and concerns being raised? SEC Public Affairs Specialist Ryan White: We would decline comment. Decrypt.co points out that the lawsuit "has no guarantee of offering some conclusive end to the NFT regulation question... That may only come with concrete legislation or a judgment by the Supreme Court." But Mann's song still makes a very public show out of their concerns — with Mann even releasing a follow-up song titled "I'm Suing the SEC." (Its music video mixes together wacky clips of Mila Kunis's Stoner Cats and Fonzie jumping a shark with footage of NFT critics like Elizabeth Warren and SEC chairman Gary Gensler.) And an earlier song also used auto-tune to transform Gensler's remarks about cryptocurrencies into the chorus of a song titled "Hucksters, Fraudsters, Scam Artists, Ponzi Schemes". Mann later auctioned an NFT of the song — for over $3,000 in Ethereum.

Read more of this story at Slashdot.

An anonymous Slashdot reader shared this report from the blog 9to5Mac: In 2022, Apple agreed to pay a $50 million dollar settlement for certain eligible 2015-2019 MacBook owners who experienced problems with their butterfly keyboards. The claims process opened in late 2022, and the settlement got final approval last May. Starting today, eligible MacBook owners are finally receiving their payouts... Apple finally moved away from the butterfly keyboard on the 16-inch MacBook Pro in late 2019. By mid 2020, the 13-inch MacBook Pro and MacBook Air also moved to the new Magic Keyboard. However, that wouldn't be the end of the story for Apple... In mid 2022, Apple was required to pay a $50 million settlement. The claims process started later that year, although there were some caveats. For one, you could only claim this settlement if you lived in California, Florida, Illinois, Michigan, New Jersey, New York, or Washington. This excludes 43 US states, so a good number of people with butterfly keyboards weren't even covered. Additionally, the estimated payout amount varied depending on the severity of your keyboard problems: - Up to $395 for 2 or more top case replacements - Up to $125 for 1 top case replacement - Up to $50 for keycap replacements Obviously, this wasn't the most ideal outcome for customers, but if you were eligible and filed a claim (or multiple), you're in luck! The original goal "was to make the keyboards thinner and the laptops slimmer," remembers ZDNet. This backfired spectacularly as MacBook owners started complaining that the keys would easily stick or get jammed by dust, crumbs, or other tiny objects. Noted tech blogger John Gruber even called the new keyboards "the worst products in Apple's history." Gruber's headline? "Appl Still Hasn't Fixd Its MacBook Kyboad Problm"

Read more of this story at Slashdot.

Stack Overflow says over 65,000 developers took their annual survey — and "For the first time this year, we asked if developers felt AI was a threat to their job..." Some analysis from The New Stack: Unsurprisingly, only 12% of surveyed developers believe AI is a threat to their current job. In fact, 70% are favorably inclined to use AI tools as part of their development workflow... Among those who use AI tools in their development workflow, 81% said productivity is one of its top benefits, followed by an ability to learn new skills quickly (62%). Much fewer (30%) said improved accuracy is a benefit. Professional developers' adoption of AI tools in the development process has risen rapidly, going from 44% in 2023 to 62% in 2024... Seventy-one percent of developers with less than five years of experience reported using AI tools in their development process, as compared to just 49% of developers with 20% years of experience coding... At 82%, [ChatGPT] is twice as likely to have been used than GitHub Copilot. Among ChatGPT users, 74% want to continue using it. But "only 43% said they trust the accuracy of AI tools," according to Stack Overflow's blog post, "and 45% believe AI tools struggle to handle complex tasks." More analysis from The New Stack: The latest edition of the global annual survey found full-time employment is holding steady, with over 80% reporting that they have full-time jobs. The percentage of unemployed developers has more than doubled since 2019 but is still at a modest 4.4% worldwide... The median annual salary of survey respondents declined significantly. For example, the average full-stack developer's median 2024 salary fell 11% compared to the previous year, to $63,333... Wage pressure may be the result of more competition from an increase in freelancing. Eighteen percent of professional developers in the 2024 survey said they are independent contractors or self-employed, which is up from 9.5% in 2020. Part-time employment has also risen, presenting even more pressure on full-time salaries... Job losses at tech companies have contributed to a large influx of talent into the freelance market, noted Stack Overflow CEO Prashanth Chandrasekar in an interview with The New Stack. Since COVID-19, he added, the emphasis on remote work means more people value job flexibility. In the 2024 survey, only 20% have returned to full-time in-person work, 38% are full-time remote, while the remainder are in a hybrid situation. Anticipation of future productivity growth due to AI may also be creating uncertainty about how much to pay developers. Two stats jumped out for Visual Studio magazine: In this year's big Stack Overflow developer survey things are much the same for Microsoft-centric data points: VS Code and Visual Studio still rule the IDE roost, while .NET maintains its No. 1 position among non-web frameworks. It's been this way for years, though in 2021 it was .NET Framework at No. 1 among IDEs, while the new .NET Core/.NET 5 entry was No. 3. Among IDEs, there has been less change. "Visual Studio Code is used by more than twice as many developers than its nearest (and related) alternative, Visual Studio," said the 2024 Stack Overflow Developer survey, the 14th in the series of massive reports. Stack Overflow shared some other interesting statistics: "Javascript (62%), HTML/CSS (53%), and Python (51%) top the list of most used languages for the second year in a row... [JavaScript] has been the most popular language every year since the inception of the Developer Survey in 2011." "Python is the most desired language this year (users that did not indicate using this year but did indicate wanting to use next year), overtaking JavaScript." "The language that most developers used and want to use again is Rust for the second year in a row with an 83% admiration rate. " "Python is most popular for those learning to code..." "Technical debt is a problem for 62% of developers, twice as much as the second- and third-most frustrating problems for developers: complex tech stacks for building and deployment."

Read more of this story at Slashdot.

A professor in the University of Chicago's department of geophysical sciences "believes that by intentionally releasing sulfur dioxide into the stratosphere, it would be possible to lower temperatures worldwide," reports the New York Times. He's not the only one promoting the idea. "Harvard University has a solar geoengineering program that has received grants from Microsoft co-founder Bill Gates, the Alfred P. Sloan Foundation and the William and Flora Hewlett Foundation. It's being studied by the Environmental Defense Fund along with the World Climate Research Program.... But many scientists and environmentalists fear that it could result in unpredictable calamities." Because it would be used in the stratosphere and not limited to a particular area, solar geoengineering could affect the whole world, possibly scrambling natural systems, like creating rain in one arid region while drying out the monsoon season elsewhere. Opponents worry it would distract from the urgent work of transitioning away from fossil fuels. They object to intentionally releasing sulfur dioxide, a pollutant that would eventually move from the stratosphere to ground level, where it can irritate the skin, eyes, nose and throat and can cause respiratory problems. And they fear that once begun, a solar geoengineering program would be difficult to stop... Keith, a professor in the University of Chicago's department of geophysical sciences, countered that the risks posed by solar geoengineering are well understood, not as severe as portrayed by critics and dwarfed by the potential benefits. If the technique slowed the warming of the planet by even just 1 degree Celsius, or 1.8 degrees Fahrenheit, over the next century, Keith said, it could help prevent millions of heat-related deaths each decade... Opponents of solar geoengineering cite several main risks. They say it could create a "moral hazard," mistakenly giving people the impression that it is not necessary to rapidly reduce fossil fuel emissions. The second main concern has to do with unintended consequences. "This is a really dangerous path to go down," said Beatrice Rindevall, the chair of the Swedish Society for Nature Conservation, which opposed the experiment. "It could shock the climate system, could alter hydrological cycles and could exacerbate extreme weather and climate instability." And once solar geoengineering began to cool the planet, stopping the effort abruptly could result in a sudden rise in temperatures, a phenomenon known as "termination shock." The planet could experience "potentially massive temperature rise in an unprepared world over a matter of five to 10 years, hitting the Earth's climate with something that it probably hasn't seen since the dinosaur-killing impactor," Pierrehumbert said. On top of all this, there are fears about rogue actors using solar geoengineering and concerns that the technology could be weaponized. Not to mention the fact that sulfur dioxide can harm human health. Keith is adamant that those fears are overblown. And while there would be some additional air pollution, he claims the risk is negligible compared to the benefits. The opposition is making it hard to even conduct tests, according to the article — like when Keith "wanted to release a few pounds of mineral dust at an altitude of roughly 20 kilometers and track how the dust behaved as it floated across the sky." The experiment was called off after opposition from numerous groups — including Greta Thunberg and an organization representing Indigenous people who felt the experiment was disrespecting nature.

Read more of this story at Slashdot.

Somewhere in America's Defense Department, the DARPA R&D agency is running a two-year contest to write an AI-powered program "that can scan millions of lines of open-source code, identify security flaws and fix them, all without human intervention," reports the Washington Post. [Alternate URL here.] But as they see it, "The contest is one of the clearest signs to date that the government sees flaws in open-source software as one of the country's biggest security risks, and considers artificial intelligence vital to addressing it." Free open-source programs, such as the Linux operating system, help run everything from websites to power stations. The code isn't inherently worse than what's in proprietary programs from companies like Microsoft and Oracle, but there aren't enough skilled engineers tasked with testing it. As a result, poorly maintained free code has been at the root of some of the most expensive cybersecurity breaches of all time, including the 2017 Equifax disaster that exposed the personal information of half of all Americans. The incident, which led to the largest-ever data breach settlement, cost the company more than $1 billion in improvements and penalties. If people can't keep up with all the code being woven into every industrial sector, DARPA hopes machines can. "The goal is having an end-to-end 'cyber reasoning system' that leverages large language models to find vulnerabilities, prove that they are vulnerabilities, and patch them," explained one of the advising professors, Arizona State's Yan Shoshitaishvili.... Some large open-source projects are run by near-Wikipedia-size armies of volunteers and are generally in good shape. Some have maintainers who are given grants by big corporate users that turn it into a job. And then there is everything else, including programs written as homework assignments by authors who barely remember them. "Open source has always been 'Use at your own risk,'" said Brian Behlendorf, who started the Open Source Security Foundation after decades of maintaining a pioneering free server software, Apache, and other projects at the Apache Software Foundation. "It's not free as in speech, or even free as in beer," he said. "It's free as in puppy, and it needs care and feeding." 40 teams entered the contest, according to the article — and seven received $1 million in funding to continue on to the next round, with the finalists to be announced at this year's Def Con, according to the article. "Under the terms of the DARPA contest, all finalists must release their programs as open source," the article points out, "so that software vendors and consumers will be able to run them."

Read more of this story at Slashdot.

Slashdot reader Applehu Akbar shared this report from MacRumors: Epic Games CEO Tim Sweeney commented on Apple's 'Find My' service, referring to it as "super creepy surveillance tech" that "shouldn't exist." Sweeney went on to explain that several years ago, "a kid" stole a Mac laptop out of his car. Years later, Sweeney was checking Find My, and as the Mac was still connected to his Apple ID account, it showed him the location where the thief lived. When someone asked Sweeney if he'd at least gotten his laptop back, Sweeney answered "No. I was creeped the hell out by having unexpectedly received the kid's address, and turned off Find My iPhone on all of my devices." Slashdot reader crmarvin42 quipped "Tell me you are stupidly rich, without telling me you are stupidly rich... Next someone will be saying that it is 'Creepy' to have security footage of someone taking your Amazon packages off of your porch." And they also questioned Sweeney's sincerity, suggesting that he's "just saying that to try and make Apple look bad because of all the lawsuits going on." MacRumors followed the ensuing discussion: Sweeney said that the location of a device in someone's possession can't be tracked without tracking the person, and "people have a right to privacy." ["This right applies to second hand device buyers and even to thieves."] He claims that detection and recovery of a lost or stolen device should be "mediated by due process of law" and not exposed to the device owner "in vigilante fashion." Some responded to Sweeney's comments by sharing the headline of a Vox news story about Epic's own privacy polices. ("Fortnite maker Epic Games has to pay $520 million for tricking kids and violating their privacy.") MacRumors cited a 2014 report that thefts of iPhones dropped after the introduction of Apple's "Activation Lock" feature (which prevents the disabling of 'Find My' without a password). But when the blog AppleInsider accused Sweeney of "an incredibly bad leap of logic" — Sweeney responded. "You're idealizing this issue as good guys tracking criminals to their lairs, but when Find My or Google's similar tech points a device owner to a device possessor's home, one must anticipate the presence of families and kids and innocent used device buyers, and ask whether it's really appropriate for a platform to use GPS and shadowy mesh network tech to set up physical confrontations among individuals." Sweeney also posted a quote from Steve Jobs about how at Apple, "we worry that some 14-year-old is going to get stalked and something terrible is going to happen because of our phone."

Read more of this story at Slashdot.

America's National Football League "is the latest organization to turn to facial authentication to bolster event security," reports the Record, citing a new announcement this week: All 32 NFL stadiums will start using the technology this season, after the league signed a contract with a company that uses facial scans to verify the identity of people entering event venues and other secure spaces. The facial authentication platform, which counts the Cleveland Browns' owners as investors, will be used to "streamline and secure" entry for thousands of credentialed media, officials, staff and guests so they can easily access restricted areas such as press boxes and locker rooms, Jeff Boehm, the chief operating officer of Wicket, said in a LinkedIn post Monday. "Credential holders simply take a selfie before they come, and then Wicket verifies their identity and checks their credentials with Accredit (a credentialing platform) as they walk through security checkpoints," Boehm added. Wicket technology was deployed in a handful of NFL stadiums last year as part of a pilot program. Other stadiums will start rolling it out beginning on Aug. 8, when the pre-season kicks off. Some teams also have extended their use of the technology to scan the faces of ticket holders. The Cleveland Browns, Atlanta Falcons and New York Mets all have used the company's facial authentication software to authenticate fans with tickets, according to Stadium Tech Report. "Fans come look at the tablet and, instantly, the tablet recognizes the fan," Brandon Covert, the vice president of information technology for the Cleveland Browns, said in a testimonial appearing on Wicket's website. "It's almost a half-second stop. It's not even a stop — more of a pause." "The Browns also use Wicket to verify the ages of fans purchasing alcohol at concession stands, according to Wicket's LinkedIn page," the article points out. And a July report from Privacy International found that 25 of the top 100 soccer stadiums in the world are already using facial recognition technology. Thanks to long-time Slashdot reader schwit1 for sharing the news.

Read more of this story at Slashdot.

An anonymous reader shared this report from BleepingComputer: A Chinese hacking group tracked as StormBamboo has compromised an undisclosed internet service provider (ISP) to poison automatic software updates with malware. Also tracked as Evasive Panda, Daggerfly, and StormCloud, this cyber-espionage group has been active since at least 2012, targeting organizations across mainland China, Hong Kong, Macao, Nigeria, and various Southeast and East Asian countries. On Friday, Volexity threat researchers revealed that the Chinese cyber-espionage gang had exploited insecure HTTP software update mechanisms that didn't validate digital signatures to deploy malware payloads on victims' Windows and macOS devices... To do that, the attackers intercepted and modified victims' DNS requests and poisoned them with malicious IP addresses. This delivered the malware to the targets' systems from StormBamboo's command-and-control servers without requiring user interaction. Volexity's blog post says they observed StormBamboo "targeting multiple software vendors, who use insecure update workflows..." and then "notified and worked with the ISP, who investigated various key devices providing traffic-routing services on their network. As the ISP rebooted and took various components of the network offline, the DNS poisoning immediately stopped." BleepingComputer notes that "âAfter compromising the target's systems, the threat actors installed a malicious Google Chrome extension (ReloadText), which allowed them to harvest and steal browser cookies and mail data."

Read more of this story at Slashdot.

The planet Mercury could have "a layer of diamonds," reports CNN, citing new research suggesting that about 310 miles (500 kilometers) below the surface...could be a layer of diamonds 11 miles (18 kilometers) thick. And the study's co-author believes lava might carry some of those diamonds up to the surface: The diamonds might have formed soon after Mercury itself coalesced into a planet about 4.5 billion years ago from a swirling cloud of dust and gas, in the crucible of a high-pressure, high-temperature environment. At this time, the fledgling planet is believed to have had a crust of graphite, floating over a deep magma ocean. A team of researchers recreated that searing environment in an experiment, with a machine called an anvil press that's normally used to study how materials behave under extreme pressure but also for the production of synthetic diamonds. "It's a huge press, which enables us to subject tiny samples at the same high pressure and high temperature that we would expect deep inside the mantle of Mercury, at the boundary between the mantle and the core," said Bernard Charlier, head of the department of geology at the University of Liège in Belgium and a coauthor of a study reporting the findings. The team inserted a synthetic mixture of elements — including silicon, titanium, magnesium and aluminum — inside a graphite capsule, mimicking the theorized composition of Mercury's interior in its early days. The researchers then subjected the capsule to pressures almost 70,000 times greater than those found on Earth's surface and temperatures up to 2,000 degrees Celsius (3,630 degrees Fahrenheit), replicating the conditions likely found near Mercury's core billions of years ago. After the sample melted, the scientists looked at changes in the chemistry and minerals under an electron microscope and noted that the graphite had turned into diamond crystals. The researchers believe this mechanism "can not only give us more insight into the secrets hidden below Mercury's surface, but on planetary evolution and the internal structure of exoplanets with similar characteristics."

Read more of this story at Slashdot.

Apple's elaborate new ad campaign promises that Safari is "a browser that protects your privacy." And the Washington Post says Apple "deserves credit for making many privacy protections automatic with Safari..." "But Albert Fox Cahn, executive director of the Surveillance Technology Oversight Project, said Safari is no better than the fourth-best web browser for your privacy." "If browser privacy were a sport at the Olympics, Apple isn't getting on the medal stand," Cahn said. (Apple did not comment about this.) Safari stops third-party cookies anywhere you go on the web. So do Mozilla's Firefox and the Brave browser... Chrome allows third-party cookies in most cases unless you turn them off... Even without cookies, a website can pull information like the resolution of your computer screen, the fonts you have installed, add-on software you use and other technical details that in aggregate can help identify your device and what you're doing on it. The measures, typically called "fingerprinting," are privacy-eroding tracking by another name. Nick Doty with the Center for Democracy & Technology said there's generally not much you can do about fingerprinting. Usually you don't know you're being tracked that way. Apple says it defends against common fingerprinting techniques but Cahn said Firefox, Brave and the Tor Browser all are better at protecting you from digital surveillance. That's why he said Safari is no better than the fourth-best browser for privacy. Safari's does offer extra privacy protections in its "private" mode, the article points out. "When you use this option, Apple says it does more to block use of 'advanced' fingerprinting techniques. It also steps up defenses against tracking that adds bits of identifying information to the web links you click." The article concludes that Safari users can "feel reasonably good about the privacy (and security) protections, but you can probably do better — either by tweaking your Apple settings or using a web browser that's even more private than Safari."

Read more of this story at Slashdot.

"As media bosses scramble to decide if and how they should partner with AI companies, workers are increasingly concerned that the technology could imperil their jobs or degrade their work..." reports the Washington Post. The latest example? "Two months after the Atlantic reached a licensing deal with OpenAI, staffers at the storied magazine are demanding the company ensure their jobs and work are protected." (Nearly 60 journalists have now signed a letter demanding the company "stop prioritizing its bottom line and champion the Atlantic's journalism.") The unionized staffers want the Atlantic bosses to include AI protections in the union contract, which the two sides have been negotiating since 2022. "Our editorial leaders say that The Atlantic is a magazine made by humans, for humans," the letter says. "We could not agree more..." The Atlantic's new deal with OpenAI grants the tech firm access to the magazine's archives to train its AI tools. While the Atlantic in return will have special access to experiment with these AI tools, the magazine says it is not using AI to create journalism. But some journalists and media observers have raised concerns about whether AI tools are accurately and fairly manipulating the human-written text they work with. The Atlantic staffers' letter noted a pattern by ChatGPT of generating gibberish web addresses instead of the links intended to attribute the reporting it has borrowed, as well as sending readers to sites that have summarized Atlantic stories rather than the original work... Atlantic spokeswoman Anna Bross said company leaders "agree with the general principles" expressed by the union. For that reason, she said, they recently proposed a commitment to not to use AI to publish content "without human review and editorial oversight." Representatives from the Atlantic Union bargaining committee told The Washington Post that "the fact remains that the company has flatly refused to commit to not replacing employees with AI." The article also notes that last month the union representing Lifehacker, Mashable and PCMag journalists "ratified a contract that protects union members from being laid off because AI has impacted their roles and requires the company to discuss any such plans to implement AI tools ahead of time."

Read more of this story at Slashdot.

"Generation X and millennials are at an increased risk of developing certain cancers compared with older generations," reports the Washington Post, "a shift that is probably due to generational changes in diet, lifestyle and environmental exposures, a large new study suggests." Researchers from the American Cancer analyzed data from more than 23.5 million patients who had been diagnosed with 34 types of cancer from 2000 to 2019 — and also studied mortality data that included 7 million deaths in the U.S. from 25 types of cancer among people ages 25 to 84. [The researchers reported] that cancer rates for 17 of the 34 most common cancers are increasing in progressively younger generations. The findings included: - Cancers with the most significant increased risk are kidney, pancreatic and small intestine, which are two to three times as high for millennial men and women as baby boomers. - Millennial women also are at higher risk of liver and bile duct cancers compared with baby boomers. - Although the risk of getting cancer is rising, for most cancers, the risk of dying of the disease stabilized or declined among younger people. But mortality rates increased for gallbladder, colorectal, testicular and uterine cancers, as well as for liver cancer among younger women. "It is a concern," said Ahmedin Jemal, senior vice president of the American Cancer Society's surveillance and health equity science department, who was the senior author of the study. If the current trend continues, the increased cancer and mortality rates among younger people may "halt or even reverse the progress that we have made in reducing cancer mortality over the past several decades," he added. While there is no clear explanation for the increased cancer rates among younger people, the researchers suggest that there may be several contributing factors, including rising obesity rates; altered microbiomes from unhealthy diets high in saturated fats, red meat and ultra-processed foods or antibiotic use; poor sleep; sedentary lifestyles; and environmental factors, including exposure to pollutants and carcinogenic chemicals.

Read more of this story at Slashdot.

Thursday Go's long-time tech lead Russ Cox made an announcement: Starting September 1, Austin Clements will be taking over as the tech lead of Go: both the Go team at Google and the overall Go project. Austin is currently the tech lead for what we sometimes call the "Go core", which encompasses compiler toolchain, runtime, and releases. Cherry Mui will be stepping up to lead those areas. I am not leaving the Go project, but I think the time is right for a change... I will be shifting my focus to work more on Gaby [or "Go AI bot," an open-source contributor agent] and Oscar [an open-source contributor agent architecture], trying to make useful contributions in the Go issue tracker to help all of you work more productively. I am hopeful that work on Oscar will uncover ways to help open source maintainers that will be adopted by other projects, just like some of Go's best ideas have been adopted by other projects. At the highest level, my goals for Oscar are to build something useful, learn something new, and chart a path for other projects. These are the same broad goals I've always had for our work on Go, so in that sense Oscar feels like a natural continuation. The post notes that new tech lead Austin Clements "has been working on Go at Google since 2014" (and Mui since 2016). "Their judgment is superb and their knowledge of Go and the systems it runs on both broad and deep. When I have general design questions or need to better understand details of the compiler, linker, or runtime, I turn to them." It's important to remember that tech lead — like any position of leadership — is a service role, not an honorary title. I have been leading the Go project for over 12 years, serving all of you, and trying to create the right conditions for all of you to do your best work. Large projects like Go absolutely benefit from stable leadership, but they can also benefit from leadership changes. New leaders bring new strengths and fresh perspectives. For Go, I think 12+ years of one leader is enough stability; it's time for someone new to serve in this role. In particular, I don't believe that the "BDFL" (benevolent dictator for life) model is healthy for a person or a project. It doesn't create space for new leaders. It's a single point of failure. It doesn't give the project room to grow. I think Python benefited greatly from Guido stepping down in 2018 and letting other people lead, and I've had in the back of my mind for many years that we should have a Go leadership change eventually.... I am going to consciously step back from decision making and create space for Austin and the others to step forward, but I am not disappearing. I will still be available to talk about Go designs, review CLs, answer obscure history questions, and generally help and support you all in whatever way I can. I will still file issues and send CLs from time to time, I have been working on a few potential new standard libraries, I will still advocate for Go across the industry, and I will be speaking about Go at GoLab in Italy in November... I am incredibly proud of the work we have all accomplished together, and I am confident in the leaders both on the Go team at Google and in the Go community. You are all doing remarkable work, and I know you will continue to do that.

Read more of this story at Slashdot.

A professor at Brigham Young University "has figured out a way to shave critical years off the complicated design and licensing processes for modern nuclear reactors," according to an announcement from the university. "AI is teaming up with nuclear power." The typical time frame and cost to license a new nuclear reactor design in the United States is roughly 20 years and $1 billion. To then build that reactor requires an additional five years and between $5 and $30 billion. By using AI in the time-consuming computational design process, [chemical engineering professor Matt] Memmott estimates a decade or more could be cut off the overall timeline, saving millions and millions of dollars in the process — which should prove critical given the nation's looming energy needs.... "Being able to reduce the time and cost to produce and license nuclear reactors will make that power cheaper and a more viable option for environmentally friendly power to meet the future demand...." Engineers deal with elements from neutrons on the quantum scale all the way up to coolant flow and heat transfer on the macro scale. [Memmott] also said there are multiple layers of physics that are "tightly coupled" in that process: the movement of neutrons is tightly coupled to the heat transfer which is tightly coupled to materials which is tightly coupled to the corrosion which is coupled to the coolant flow. "A lot of these reactor design problems are so massive and involve so much data that it takes months of teams of people working together to resolve the issues," he said... Memmott's is finding AI can reduce that heavy time burden and lead to more power production to not only meet rising demands, but to also keep power costs down for general consumers... Technically speaking, Memmott's research proves the concept of replacing a portion of the required thermal hydraulic and neutronics simulations with a trained machine learning model to predict temperature profiles based on geometric reactor parameters that are variable, and then optimizing those parameters. The result would create an optimal nuclear reactor design at a fraction of the computational expense required by traditional design methods. For his research, he and BYU colleagues built a dozen machine learning algorithms to examine their ability to process the simulated data needed in designing a reactor. They identified the top three algorithms, then refined the parameters until they found one that worked really well and could handle a preliminary data set as a proof of concept. It worked (and they published a paper on it) so they took the model and (for a second paper) put it to the test on a very difficult nuclear design problem: optimal nuclear shield design. The resulting papers, recently published in academic journal Nuclear Engineering and Design, showed that their refined model can geometrically optimize the design elements much faster than the traditional method. In two days Memmott's AI algorithm determined an optimal nuclear-reactor shield design that took a real-world molten salt reactor company spent six months. "Of course, humans still ultimately make the final design decisions and carry out all the safety assessments," Memmott says in the announcement, "but it saves a significant amount of time at the front end.... "Our demand for electricity is going to skyrocket in years to come and we need to figure out how to produce additional power quickly. The only baseload power we can make in the Gigawatt quantities needed that is completely emissions free is nuclear power." Thanks to long-time Slashdot reader schwit1 for sharing the article.

Read more of this story at Slashdot.

A proposed European Union law seeks to ensure that video games sold or licensed in the EU remain playable even if servers are shut down or studios close. The law would require publishers of sold and free-to-play games with microtransactions to provide resources to keep games functional, such as allowing players to host their own servers. Through a process called the "European Citizens Initiative," the petition needs one million signatures just to have a chance at becoming law. PC Gamer reports: "An increasing number of publishers are selling videogames that are required to connect through the internet to the game publisher, or 'phone home' to function," the petition reads. "While this is not a problem in itself, when support ends for these types of games, very often publishers simply sever the connection necessary for the game to function, proceed to destroy all working copies of the game, and implement extensive measures to prevent the customer from repairing the game in any way." Understanding that developers and publishers can't support games forever, the initiative would expect "the publisher to provide resources for the said videogame once they discontinue it while leaving it in a reasonably functional (playable) state." That means giving players the tools to host the game on their own servers, for example, and removing the requirement for games to connect to the publisher's (defunct) servers in order to be played. This is what the developer behind Knockout City did when it pulled the plug on the game's official servers. Not only does this initiative apply to games that are sold, but includes free to play games that have microtransactions for assets (like skins) or other paid-for features. The thought is, if you purchase an item in a free game, you should have the right to continue to use it indefinitely -- which means keeping that free game playable in some form. It's important to note that even a million signatures doesn't mean an automatic win, just that it'll go forward to the European Union as a proposal to become a law.

Read more of this story at Slashdot.

New preliminary evidence for phosphine and ammonia in Venus's atmosphere deepens the mystery of their origins, suggesting the possibility of a biological source. The detections, made using the James Clerk Maxwell Telescope and the Green Bank Telescope, point to potential microbial life in Venus's clouds despite the planet's extreme surface conditions. Space.com reports: The new detections of phosphine and ammonia were obtained by a team led by Jane Greaves of the University of Cardiff using submillimeter radio wavelength data collected by the James Clerk Maxwell Telescope (JCMT) in Hawaii and the Green Bank Telescope in West Virginia. "We don't know how you make phosphine or ammonia in an oxygenating atmosphere like that of Venus," said team member and astrophysicist Dave Clements of Imperial College, London, in an interview with Space.com. Then again, it's not clear why biology on Earth produces phosphine, either." Whether it's in penguin poop or badger guts, we don't know why bacteria make phosphine, but they do." The JCMT's initial detection of phosphine on Venus in 2020 by Greaves and her team was met by fierce disagreement from some quarters. This disagreement focused on how the data was processed and whether that was creating spurious signals since observations by other telescopes struggled to detect the phosphine. Clements said those technical disagreements have now been resolved and that the latest measurements, using a new detector on the JCMT called Namakanui (meaning 'Big Eyes' in Hawaiian), have come from three observing campaigns, each providing 140 times as much data as the initial detection. [...] Clements is open to the possibility that both phosphine and ammonia are being produced by some rare photochemistry in Venus' upper atmosphere involving solar ultraviolet breaking up molecules and allowing phosphine and ammonia to form from the molecular debris. If that is the case, nobody has observed this process yet, not even in the laboratory. Another possibility that has been mooted is that the phosphine could be produced by Venusian volcanoes. Clements also pointed out that the European Space Agency's Jupiter Icy Moons Explorer (JUICE) is making a fly-by of Venus in August 2025 to help slingshot it towards the Jovian system. JUICE carries instruments capable of detecting phosphine and ammonia, but there's no guarantee that its instruments will be switched on and deployed at Venus.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: The US government will pay Moderna $176 million to develop an mRNA vaccine against a pandemic influenza -- an award given as the highly pathogenic bird flu virus H5N1 continues to spread widely among US dairy cattle. The funding flows through BARDA, the Biomedical Advanced Research and Development Authority, as part of a new Rapid Response Partnership Vehicle (RRPV) Consortium. The program is intended to set up partnerships with industry to help the country better prepare for pandemic threats and develop medical countermeasures, the Department of Health and Human Services said in a press announcement Tuesday. In its own announcement on Tuesday, Moderna noted that it began a Phase 1/2 trial of a pandemic influenza virus vaccine last year, which included versions targeting H5 and H7 varieties of bird flu viruses. The company said it expects to release the results of that trial this year and that those results will direct the design of a Phase 3 trial, anticipated to begin in 2025. The funding deal will support late-stage development of a "pre-pandemic vaccine against H5 influenza virus," Moderna said. But, the deal also includes options for additional vaccine development in case other public health threats arise. US health officials have said previously that they were in talks with Moderna and Pfizer about the development of a pandemic bird flu vaccine. The future vaccine will be in addition to standard protein-based bird flu vaccines that are already developed. In recent weeks, the health department has said it is working to manufacture 4.8 million vials of H5 influenza vaccine in the coming months. The plans come three months into the H5N1 dairy outbreak, which is very far from the initial hopes of containment. [...] The more the virus expands its footprint across US dairy farms, adapts to its newfound mammalian host, and comes in contact with humans, the more and more chances it has to leap to humans and gain the ability to spread among us. "The award made today is part of our longstanding commitment to strengthen our preparedness for pandemic influenza," said Dawn O'Connell, assistant secretary for Preparedness and Response. "Adding this technology to our pandemic flu toolkit enhances our ability to be nimble and quick against the circulating strains and their potential variants." In a separate article, Ars Technica reports on a small study in Texas that suggests human cases are going undetected on dairy farms where the H5N1 virus has spread in cows.

Read more of this story at Slashdot.