RSS 생중계

Microsoft has started testing a change to Windows 11 that will see its AI-powered Copilot feature automatically open when Windows starts on "widescreen devices." From a report: The change is being tested as part of Microsoft's latest Dev Channel preview of Windows 11, allowing Windows testers to provide feedback ahead of a broader rollout. "We are trying out opening Copilot automatically when Windows starts on widescreen devices with some Windows Insiders in the Dev Channel," says Microsoft in a blog post. The company doesn't make it clear what exactly a "widescreen" device is, but the Windows 11 setting itself says Copilot will automatically open "when you're using a wider screen." So I'm assuming this is limited to ultrawide monitors and less traditional desktop resolutions, but I've asked Microsoft to clarify and will update you accordingly.

Read more of this story at Slashdot.

Security updates have been issued by Debian (kernel, linux-5.10, php-phpseclib, php-phpseclib3, and phpseclib), Fedora (openssh and tinyxml), Gentoo (FreeRDP and Prometheus SNMP Exporter), Mageia (packages), Red Hat (openssl), SUSE (gstreamer-plugins-rs and python-django-grappelli), and Ubuntu (dotnet6, dotnet7, dotnet8, openssh, and xerces-c).

Citigroup said it expects to incur as much as $1 billion in severance and reorganization costs this year as it continues the process of eliminating 20,000 roles as part of Chief Executive Officer Jane Fraser's quest to boost the Wall Street giant's lagging returns. From a report: Total expenses for the year will likely be between $53.5 billion and $53.8 billion, the New York-based bank said Friday. That would be a decrease from the $56.4 billion the firm spent in 2023.

Read more of this story at Slashdot.

An anonymous reader quotes a report from The Guardian: Joe Biden's administration has unveiled $623 million in funding to boost the number of electric vehicle charging points in the U.S., amid concerns that the transition to zero-carbon transportation isn't keeping pace with goals to tackle the climate crisis. The funding will be distributed in grants for dozens of programs across 22 states, such as EV chargers for apartment blocks in New Jersey, rapid chargers in Oregon and hydrogen fuel chargers for freight trucks in Texas. In all, it's expected the money, drawn from the bipartisan infrastructure law, will add 7,500 chargers to the US total. There are about 170,000 electric vehicle chargers in the U.S., a huge leap from a network that was barely visible prior to Biden taking office, and the White House has set a goal for 500,000 chargers to help support the shift away from gasoline and diesel cars. "The U.S. is taking the lead globally on electric vehicles," said Ali Zaidi, a climate adviser to Biden who said the US is on a trajectory to "meet and exceed" the administration's charger goal. "We will continue to see this buildout over the coming years and decades until we've achieved a fully net zero transportation sector," he added. On Thursday, the House approved legislation to undo a Biden administration rule meant to facilitate the proliferation of EV charging stations. "S. J. Res. 38 from Sen. Marco Rubio (R-Fla.), would scrap a Federal Highway Administration waiver from domestic sourcing requirements for EV chargers funded by the 2021 bipartisan infrastructure law. It already passed the Senate 50-48," reports Politico. "A waiver undercuts domestic investments and risks empowering foreign nations," said Rep. Sam Graves (R-Mo.), chair of the Transportation and Infrastructure Committee, during House debate Thursday. "If the administration is going to continue to push for a massive transition to EVs, it should ensure and comply with Buy America requirements." The White House promised to veto it and said it would backfire, saying it was so poorly worded it would actually result in fewer new American-made charging stations.

Read more of this story at Slashdot.

Emily Anthes reports via the New York Times: In late 2019, scientists began searching for 10,000 Americans willing to enroll their pets in an ambitious new study of health and longevity in dogs. The researchers planned to track the dogs over the course of their lives, collecting detailed information about their bodies, lifestyles and home environments. Over time, the scientists hoped to identify the biological and environmental factors that kept some dogs healthy in their golden years -- and uncover insights about aging that could help both dogs and humans lead longer, healthier lives. Today, the Dog Aging Project has enrolled 47,000 canines and counting, and the data are starting to stream in. The scientists say that they are just getting started. "We think of the Dog Aging Project as a forever project, so recruitment is ongoing," said Daniel Promislow, a biogerontologist at the University of Washington and a co-director of the project. "There will always be new questions to ask. We want to always have dogs of all ages participating." But Dr. Promislow and his colleagues are now facing the prospect that the Dog Aging Project might have its own life cut short. About 90 percent of the study's funding comes from the National Institute on Aging, a part of the National Institutes of Health, which has provided more than $28 million since 2018. But that money will run out in June, and the institute does not seem likely to approve the researchers' recent application for a five-year grant renewal, the scientists say. "We have been told informally that the grant is not going to be funded," said Matt Kaeberlein, the other director of the Dog Aging Project and a former biogerontology researcher at the University of Washington. (Dr. Kaeberlein is now the chief executive of Optispan, a health technology company.) The N.I.A. could still choose to provide more funding for the Dog Aging Project at some point, but if the researchers don't bring in more money in the coming months, they will have to pause or pare back the study. "It's almost an emergency," said Stephanie Lederman, the executive director of the nonprofit American Federation for Aging Research. "It's one of the most important projects in the field right now." [...] The institute's immediate priority is to raise enough money to keep the Dog Aging Project afloat. It would take about $7 million to conduct the research the team had planned to do over the next year, but $2 million would be enough to "keep the lights on," Dr. Promislow said. The institute is still awaiting its official tax exempt status but is already seeking donations. "We haven't yet identified a dog-loving billionaire interested in supporting aging research," Dr. Promislow said. "But we're certainly going to try."

Read more of this story at Slashdot.

Michaela Zee reports via Variety: More than 15 years after his death, stand-up comedian George Carlin has been brought back to life in an artificial intelligence-generated special called "George Carlin: I'm Glad I'm Dead." The hour-long special, which dropped on Tuesday, comes from Dudesy, a comedy AI that hosts a podcast and YouTube show with "Mad TV" alum Will Sasso and podcaster Chad Kultgen. "I just want to let you know very clearly that what you're about to hear is not George Carlin. It's my impersonation of George Carlin that I developed in the exact same way a human impressionist would," Dudesy said at the beginning of the special. "I listened to all of George Carlin's material and did my best to imitate his voice, cadence and attitude as well as the subject matter I think would have interested him today. So think of it like Andy Kaufman impersonating Elvis or like Will Ferrell impersonating George W. Bush." In the stand-up special, the AI-generated impression of Carlin, who died in 2008 of heart failure, tackled prevalent topics like mass shootings, the American class system, streaming services, social media and AI itself. "There's one line of work that is most threatened by AI -- one job that is most likely to be completely erased because of artificial intelligence: stand-up comedy," AI-generated Carlin said. "I know what all the stand-up comics across the globe are saying right now: "I'm an artist and my art form is too creative, too nuanced, too subtle to be replicated by a machine. No computer program can tell a fart joke as good as me.'" Kelly Carlin, the late stand-up comedian's daughter, posted a statement in response to the special: "My dad spent a lifetime perfecting his craft from his very human life, brain and imagination. No machine will ever replace his genius. These AI generated products are clever attempts at trying to recreate a mind that will never exist again. Let's let the artist's work speak for itself. Humans are so afraid of the void that we can't let what has fallen into it stay there. Here's an idea, how about we give some actual living human comedians a listen to? But if you want to listen to the genuine George Carlin, he has 14 specials that you can find anywhere."

Read more of this story at Slashdot.

An anonymous reader quotes a report from The Guardian: The stream through western Alaska never looked like this before. In aerial photography from the 1980s, it wove cleanly through the tundra, thin as thread. Today, in satellite images, it appears as a string of black patches: one large pond after another, dozens of meters apart. It's a transformation that is happening across the Arctic, the result of landscape engineering on an impressive scale. But this is no human endeavor to reshape the world. It is the work of the North American beaver, and there is no sign of it stopping. Were the waddling rodents making minor inroads, researchers may never have noticed. But the animals are pouring in, pushing north into new territories. The total number of animals is far from clear, but the ponds they create are hard to miss: in the Arctic tundra of Alaska alone, the number of beaver ponds on streams have doubled to at least 12,000 in the past 20 years. More lodges are dotted along lakes and river banks. The preponderance of beavers, which can weigh as much as 45kg, follows a collapse in trapping and the warming of a landscape that once proved too bleak for occupation. Global heating has driven the shrubification of the Arctic tundra; the harsh winter is shorter, and there is more free-running water in the coldest months. Instead of felling trees for their dams, the beavers construct them from surrounding shrubs, creating deep ponds in which to build their lodges. The new arrivals cause plenty of disruption. For some communities, the rivers and streams are the roads of the landscape, and the dams make effective roadblocks. As the structures multiply, more land is flooded and there can be less fresh water for drinking downstream. But there are other, less visible effects too. The animals are participants in a feedback loop: climate change opens the landscape to beavers, whose ponds drive further warming, which attracts even more paddle-tailed comrades. Physics suggested this would happen. Beaver ponds are new bodies of water that cover bare permafrost. Because the water is warm -- relatively speaking -- it thaws the hard ground, which duly releases methane, one of the most potent greenhouse gases. Scientists now have evidence this is happening. Armed with high-resolution satellite imagery, Tape and his colleagues located beaver ponds in the lower Noatak River basin area of north-western Alaska. They then analyzed infrared images captured by Nasa planes flying over the region. Overlaying the two revealed a clear link between beaver ponds and methane hotspots that extended for tens of meters around the ponds. "The transformation of these streams is a positive feedback that is accelerating the effects of climate change, and that is what's concerning," says Tape. "They are accelerating it at every one of these points." Because the Nasa images give only a snapshot in time, the researchers will head out next year to measure methane on the ground. With more measurements, they hope to understand how the emissions vary with the age of beaver ponds: do ponds release a steady flow of methane, or does the release wane after a decade or two? "What's happening here is happening on a huge scale," says Ken Tape, an ecologist at the University of Alaska, Fairbanks, who is tracking the influx of beavers into the sparse northern landscape. "Our modeling work, which is in progress right now, shows that this entire area, the north slope of Alaska, will be colonized by beavers by 2100."

Read more of this story at Slashdot.

E-commerce giant eBay agreed to pay a $3 million penalty for the harassment and stalking of a Massachusetts couple by several of its employees. "The couple, Ina and David Steiner, had been subjected to threats and bizarre deliveries, including live spiders, cockroaches, a funeral wreath and a bloody pig mask in August 2019," reports CBS News. From the report: Thursday's fine comes after several eBay employees ran a harassment and intimidation campaign against the Steiners, who publish a news website focusing on players in the e-commerce industry. "eBay engaged in absolutely horrific, criminal conduct. The company's employees and contractors involved in this campaign put the victims through pure hell, in a petrifying campaign aimed at silencing their reporting and protecting the eBay brand," Levy said. "We left no stone unturned in our mission to hold accountable every individual who turned the victims' world upside-down through a never-ending nightmare of menacing and criminal acts." The Justice Department criminally charged eBay with two counts of stalking through interstate travel, two counts of stalking through electronic communications services, one count of witness tampering and one count of obstruction of justice. The company agreed to pay $3 million as part of a deferred prosecution agreement. Under the agreement, eBay will be required to retain an independent corporate compliance monitor for three years, officials said, to "ensure that eBay's senior leadership sets a tone that makes compliance with the law paramount, implements safeguards to prevent future criminal activity, and makes clear to every eBay employee that the idea of terrorizing innocent people and obstructing investigations will not be tolerated," Levy said. Former U.S. Attorney Andrew Lelling said the plan to target the Steiners, which he described as a "campaign of terror," was hatched in April 2019 at eBay. Devin Wenig, eBay's CEO at the time, shared a link to a post Ina Steiner had written about his annual pay. The company's chief communications officer, Steve Wymer, responded: "We are going to crush this lady." About a month later, Wenig texted: "Take her down." Prosecutors said Wymer later texted eBay security director Jim Baugh. "I want to see ashes. As long as it takes. Whatever it takes," Wymer wrote. Investigators said Baugh set up a meeting with security staff and dispatched a team to Boston, about 20 miles from where the Steiners live. "Senior executives at eBay were frustrated with the newsletter's tone and content, and with the comments posted beneath the newsletter's articles," the Department of Justice wrote in its Thursday announcement. Two former eBay security executives were sentenced to prison over the incident.

Read more of this story at Slashdot.

SonicSpike shares a report from Forbes: X, the social media site formerly known as Twitter, announced it would begin rolling out a peer-to-peer payment service similar to Venmo or PayPal this year -- a feature the social media site's billionaire owner Elon Musk has long pushed as part of his plan to develop an "everything app." X officially announced the new feature in a blog post, touting the new service designed to enhance "user utility and new opportunities for commerce." The company did not give a timeframe on when the new service would be available, but Musk previously told Ark Invest CEO Cathie Wood it could launch as early as "mid-2024." According to the company, the new payment service will "showcas[e] the power of living more of your life in one place," as owner Elon Musk continues to promote X as a future "everything app" capable of handling social media, video and other original content on the same site. X Payments has registered to do business in at least 32 states, according to public records, and has acquired a money transmitter license needed to process payments in 10, TechCrunch reported in December.

Read more of this story at Slashdot.

Just six days after being launched atop a Falcon 9 rocket, one of SpaceX's six Starlink satellites was used to send text messages for the first time. Space.com reports: That update didn't reveal what the first Starlink direct-to-cell text said. In a post on X on Wednesday, SpaceX founder and CEO Elon Musk said the message was "LFGMF2024," but the chances are fairly high that he was joking. [...] Beaming connectivity service from satellites directly to smartphones -- which SpaceX is doing via a partnership with T-Mobile -- is a difficult proposition, as SpaceX noted in Wednesday's update. "For example, in terrestrial networks cell towers are stationary, but in a satellite network they move at tens of thousands of miles per hour relative to users on Earth," SpaceX wrote. "This requires seamless handoffs between satellites and accommodations for factors like Doppler shift and timing delays that challenge phone-to-space communications. Cell phones are also incredibly difficult to connect to satellites hundreds of kilometers away, given a mobile phone's low antenna gain and transmit power." The direct-to-cell Starlink satellites overcome these challenges thanks to "innovative new custom silicon, phased-array antennas and advanced software algorithms," SpaceX added. Overcoming tough challenges can lead to great rewards, and that's the case here, according to SpaceX President Gwynne Shotwell. "Satellite connectivity direct to cell phones will have a tremendous impact around the world, helping people communicate wherever and whenever they want or need to," Shotwell said via X on Wednesday.

Read more of this story at Slashdot.

An anonymous reader quotes a report from TechCrunch: Polestar CEO Thomas Ingenlath couldn't be happier with the integration of Google built-in, the branded product that embeds Google apps and services directly into the company's EVs. But don't expect the EV maker to drop Android Auto or Apple CarPlay as a result. On the sidelines of CES 2024, Ingenlath committed to sticking with Android Auto and Apple CarPlay, the middleware that allows drivers to project their smartphone onto the car's infotainment display. He went a step further and questioned automakers that have. GM, for instance, decided not to make the new 2024 Chevy Blazer EV compatible with Android Auto or Apple CarPlay. "It's still too important for our customers to have the choice," Ingenlath said during an interview at CES 2024. He later added that, in his view, removing the option isn't the right way of treating customers. "Our priority is very clear; We have a really fantastic system together with Google," he said. While Ingenlath admitted that adding that Google Built-in provides the best experience, he asked "why would we try to dogmatically educate our customers?" Polestar has been a champion of Google built-in. However, it's willingness to keep Android Auto and Apple CarPlay is notable because it illustrates the complexity of appeasing customers even if it might overshadow the native technology in the vehicle. "Ingenlath seems convinced that as Google built-in improves and continues to add apps and services, consumers will give up Android Auto or Apple CarPlay on there own," adds TechCrunch. "And the updates do keep coming." "At CES 2024, for instance, Polestar announced that the Chrome browser would start rolling out to Polestar 2 in beta, allowing drivers to surf the internet via the central vehicle display while parked. Ingenlath hinted of more improvements in the future, including more precise navigation in Google Maps that drills down to the specific lane as well as customized features designed for Polestar customers."

Read more of this story at Slashdot.

Dustin Bailey reports via GamesRadar: Valve has suddenly taken action against multiple fan games, stunning a fandom that had grown used to the company's freewheeling stance on unofficial community projects. One of those projects was Team Fortress: Source 2, an effort to bring the beloved multiplayer game back to life in a more modern engine using the S&box project. The project had already run into development difficulties and had essentially been on hiatus since September 2023, but now Valve has issued a DMCA takedown against it, effectively serving as the "nail in the coffin" for the project, as the devs explain on X. [...] The other project is Portal 64, a demake of the 2009 puzzle game that ports it to run on an actual N64. Developer James Lambert had been working on the project for years, but it gained substantial notoriety this past December with the release of First Slice, a playable demo featuring the first 13 test chambers. It doesn't appear that Valve issued a formal DMCA against Portal 64, but the end result is the same. In a Patreon post (which was eventually made public on X), Lambert said he had "been in communication with Valve about the future of the project. There is some news and it isn't good. Because the project depends on Nintendo's proprietary libraries, they have asked me to take the project down." I'm not fully clear on what "proprietary libraries" means here, but it seems likely that Portal 64 was developed using some variation of Nintendo's official development tools for N64, which were never officially released to the public. Open-source alternatives to those tools do exist, but might not have been in use here. [...] Given Valve's historic acceptance of fan games, the moves have been pretty shocking to the community.

Read more of this story at Slashdot.

Linux kernel 6.7 has been released, including support for the new next-gen copy-on-write (COW) bcachefs file system. The Register reports: Linus Torvalds announced the release on Sunday, noting that it is "one of the largest kernel releases we've ever had." Among the bigger and more visible changes are a whole new file system, along with fresh functionality for several existing ones; improved graphics support for several vendors' hardware; and the removal of an entire CPU architecture. [...] The single biggest feature of 6.7 is the new bcachefs file system, which we examined in March 2022. As this is the first release of Linux to include the new file system, it definitely would be premature to trust any important data to it yet, but this is a welcome change. The executive summary is that bcachefs is a next-generation file system that, like Btrfs and ZFS, provides COW functionality. COW enables the almost instant creation of "snapshots" of all or part of a drive or volume, which enables the OS to make disk operations transactional: In other words, to provide an "undo" function for complex sets of disk write operations. Having a COW file system on Linux isn't new. The existing next-gen file system in the kernel, Btrfs, also supports COW snapshots. The version in 6.7 sees several refinements. It inherits a feature implemented for Steam OS: Two Btrfs file systems with the same ID can be mounted simultaneously, for failover scenarios. It also has improved quota support and a new raid_stripe_tree that improves handling of arrays of dissimilar drives. Btrfs remains somewhat controversial. Red Hat banished it from RHEL years ago (although Oracle Linux still offers it) but SUSE's distros depend heavily upon it. It will be interesting to see how quickly SUSE's Snapper tool gains support for bcachefs: This new COW contender may reveal unquestioned assumptions built into the code. Since Snapper is also used in several non-SUSE distros, including Spiral Linux, Garuda, and siduction, they're tied to Btrfs as well. The other widely used FOSS next-gen file system, OpenZFS, also supports COW, but licensing conflicts prevent ZFS being fully integrated into the Linux kernel. So although multiple distros (such as NixOS, Proxmox, TrueNAS Scale, Ubuntu, and Void Linux) support ZFS, it must remain separate and distinct. This results in limitations, such as the ZFS Advanced Read Cache being separate from Linux's page cache. Bcachefs is all-GPL and doesn't suffer from such limitations. It aims to supply the important features of ZFS, such as integrated volume management, while being as fast as ext4 or XFS, and also surpass Btrfs in both performance and, crucially, reliability. A full list of changes in this release can be viewed via KernelNewbies.

Read more of this story at Slashdot.

The Federal Aviation Administration on Thursday said it had opened an investigation into whether Boeing failed to ensure that its 737 Max 9 plane was safe and manufactured to match the design approved by the agency. The New York Times (non-paywalled source): The F.A.A. said the investigation stemmed from the loss of a fuselage panel of a Boeing 737 Max 9 operated by Alaska Airlines shortly after it took off on Friday from Portland, Ore., leaving a hole in the side of the passenger cabin. The plane returned to Portland for an emergency landing. "This incident should have never happened and it cannot happen again," the agency said. In a letter to Boeing dated Jan. 10, the F.A.A. said that after the Portland incident, it was notified of additional issues with other Boeing 737 Max 9 planes. The letter does not detail what other issues were reported to the agency. Alaska and United Airlines, which operate most of the Max 9s in use in the United States, said on Monday that they discovered loose hardware on the panel when conducting preliminary inspections on their planes. The new investigation is the latest setback for Boeing, which is one of just two suppliers of large planes for most airlines. The company has struggled to regain the public's trust after two crashes, in Indonesia in 2018 and Ethiopia in 2019, involving the 737 Max 8 killed a total of 346 people.

Read more of this story at Slashdot.

An anonymous reader quotes a report from SecurityWeek.com: A Dutch engineer recruited by the country's intelligence services used a water pump to deploy the now-infamous Stuxnet malware in an Iranian nuclear facility, according to a two-year investigation conducted by Dutch newspaper De Volkskrant. Stuxnet, whose existence came to light in 2010, is widely believed to be the work of the United States and Israel, its goal being to sabotage Iran's nuclear program by compromising industrial control systems (ICS) associated with nuclear centrifuges. The malware, which had worm capabilities, is said to have infected hundreds of thousands of devices and caused physical damage to hundreds of machines. De Volkskrant's investigation, which involved interviews with dozens of people, found that the AIVD, the general intelligence and security service of the Netherlands, the Dutch equivalent of the CIA, recruited Erik van Sabben, a then 36-year-old Dutch national working at a heavy transport company in Dubai. Van Sabben was allegedly recruited in 2005 -- a couple of years before the Stuxnet malware was triggered -- after American and Israeli intelligence agencies asked their Dutch counterpart for help. However, the Dutch agency reportedly did not inform its country's government and it was not aware of the full extent of the operation. Van Sabben was described as perfect for the job as he had a technical background, he was doing business in Iran and was married to an Iranian woman. It's believed that the Stuxnet malware was planted on a water pump that the Dutch national installed in the nuclear complex in Natanz, which he had infiltrated. It's unclear if Van Sabben knew exactly what he was doing, but his family said he appeared to have panicked at around the time of the Stuxnet attack. [...] Michael Hayden, who at the time was the chief of the CIA, did agree to talk to De Volkskrant, but could not confirm whether Stuxnet was indeed delivered via water pumps due to it still being classified information. One interesting piece of information that has come to light in De Volkskrant's investigation is that Hayden reportedly told one of the newspaper's sources that it cost between $1 and $2 billion to develop Stuxnet.

Read more of this story at Slashdot.

quonset writes: Hertz rental has announced it's selling off one third of its 20,000 electric vehicle fleet and replacing them with gas powered vehicles. The reason? It's costing them too much to repair damaged EVs and their depreciation is hurting the bottom line. "[C]ollision and damage repairs on an EV can often run about twice that associated with a comparable combustion engine vehicle," Hertz CEO Stephen Scherr said in a recent analyst call. And EV price declines in the new car market have pushed down the resale value of Hertz's used EV rental cars.

Read more of this story at Slashdot.

Discord is laying off 17 percent of its staff, a move that CEO Jason Citron said is meant to "sharpen our focus and improve the way we work together to bring more agility to our organization." From a report: The cuts were announced today to employees in an all-hands meeting and internal memo The Verge has obtained. They'll impact 170 people across various departments. Based on Citron's message to employees and my understanding of the business, Discord isn't in dire financial straits, though it has yet to become profitable and is still trying to revive user growth after a surge during the pandemic. In his memo to employees, which you can read in full below, Citron said Discord grew its headcount too fast over the last few years -- an admission that has become quite common among tech CEOs as of late. "We grew quickly and expanded our workforce even faster, increasing by 5x since 2020," Citron wrote. "As a result, we took on more projects and became less efficient in how we operated."

Read more of this story at Slashdot.

Google formally endorsed the concept of right to repair Thursday and is set to testify in favor of a strong right to repair bill in Oregon later Thursday, a massive step forward for the right to repair movement. 404 Media: "Google believes that users should have more control over repair -- including access to the same documentation, parts and tools that original equipment manufacturer (OEM) repair channels have -- which is often referred to as 'Right to Repair,'" Google's Steven Nickel wrote in a white paper published Thursday. Crucially, Google specifically says that regulators should ban "parts pairing," which is a tactic used by Apple, John Deere, and other major manufacturers to artificially restrict which repair parts can be used with a given device: "Policies should constrain OEMs from imposing unfair anti-repair practices. For example, parts-pairing, the practice of using software barriers to obstruct consumers and independent repair shops from replacing components, or other restrictive impediments to repair should be discouraged," the white paper says.

Read more of this story at Slashdot.

Zack Whittaker, reporting for TechCrunch: Civil liberties advocates have long argued that "geofence" search warrants are unconstitutional for their ability to ensnare entirely innocent people who were nearby at the time a crime was committed. But errors in the geofence warrant applications that go before a judge can violate the privacy of vastly more people -- in one case almost two miles away. Attorneys at the ACLU of Northern California found what they called an "alarming error" in a geofence warrant application that "resulted in a warrant stretching nearly two miles across San Francisco." The error, likely caused by a typo, allowed the requesting law enforcement agency to capture information on anyone who entered the stretch of San Francisco erroneously marked on the search warrant. "Many private homes were also captured in the massive sweep," wrote Jake Snow, ACLU staff attorney, in a blog post about the findings. It's not known which law enforcement agency requested the nearly two-mile-long geofence warrant, or for how long the warrant was in effect. The attorneys questioned how many other geofence warrant application mistakes had slipped through and resulted in the return of vastly more data in error.

Read more of this story at Slashdot.

U.S. software giant Ivanti has confirmed that hackers are exploiting two critical-rated vulnerabilities affecting its widely-used corporate VPN appliance, but said that patches won't be available until the end of the month. From a report: Ivanti said the two vulnerabilities -- tracked as CVE-2023-46805 and CVE-2024-21887 -- were found in its Ivanti Connect Secure software. Formerly known as Pulse Connect Secure, this is a remote access VPN solution that enables remote and mobile users to access corporate resources over the internet. Ivanti said it is aware of "less than 10 customers" impacted so far by the "zero day" vulnerabilities, described as such given Ivanti had zero time to fix the flaws before they were maliciously exploited.

Read more of this story at Slashdot.