RSS 생중계

Average incomes will fall by almost a fifth within the next 26 years as a result of the climate crisis, according to a study that predicts the costs of damage will be six times higher than the price of limiting global heating to 2C. From a report: Rising temperatures, heavier rainfall and more frequent and intense extreme weather are projected to cause $38tn of destruction each year by mid-century, according to the research, which is the most comprehensive analysis of its type ever undertaken, and whose findings are published in the journal Nature. The hefty toll -- which is far higher than previous estimates -- is already locked into the world economy over the coming decades as a result of the enormous emissions that have been pumped into the atmosphere through the burning of gas, oil, coal and trees. This will inflict crippling losses on almost every country, with a disproportionately severe impact on those least responsible for climate disruption, further worsening inequality. The paper says the permanent average loss of income worldwide will be 19% by 2049. In the United States and Europe the reduction will be about 11%, while in Africa and south Asia it will be 22%, with some individual countries much higher than this. "It's devastating," said Leonie Wenz, a scientist at the Potsdam Institute for Climate Impact Research and one of the authors of the study. "I am used to my work not having a nice societal outcome, but I was surprised by how big the damages were. The inequality dimension was really shocking."

Read more of this story at Slashdot.

Pablo Escobar, the name of the late Colombian drug kingpin, can't be registered as a trademark in the European Union after judges said that approving his brother's bid would go against "principles of morality." From a report: The public "associate that name with drug trafficking and narco-terrorism and with the crimes and suffering resulting therefrom, rather than with his possible good deeds in favor of the poor in Colombia," the EU's General Court in Luxembourg said on Wednesday. Trademarking the name is "counter to the fundamental values and moral standards prevailing within Spanish society," the court said.

Read more of this story at Slashdot.

At Amazon's annual cloud conference in 2016, the company captured the crowd's attention by driving an 18-wheeler onstage. Andy Jassy, now Amazon's CEO, called it the Snowmobile, and said the company would be using the truck to help customers speedily transfer data to Amazon Web Services facilities. Less than eight years later, the semi is out of commission. From a report: As of March, AWS had removed Snowmobile from its website, and the Amazon unit has stopped offering the service, CNBC has confirmed. The webpage devoted to AWS' "Snow family" of products now directs users to its other data transport services, including the Snowball Edge, a 50-pound suitcase-sized device that can be equipped with fast solid-state drives, and the smaller Snowcone. An AWS spokesperson said in an emailed statement that the company has introduced more cost-effective options for moving data. Clients had to deal with power, cooling, networking, parking and security when they used the Snowmobile service, the spokesperson said.

Read more of this story at Slashdot.

404 Media: An online service is scraping Discord servers en masse, archiving and tracking users' messages and activity across servers including what voice channels they join, and then selling access to that data for as little as $5. Called Spy Pet, the service's creator says it scrapes more than ten thousand Discord servers, and besides selling access to anyone with cryptocurrency, is also offering the data for training AI models or to assist law enforcement agencies, according to its website. The news is not only a brazen abuse of Discord's platform, but also highlights that Discord messages may be more susceptible to monitoring than ordinary users assume. Typically, a Discord user's activity is spread across disparate servers, with no one entity, except Discord itself, able to see what messages someone has sent across the platform more broadly. With Spy Pet, third-parties including stalkers or potentially police can look up specific users and see what messages they've posted on various servers at once. "Have you ever wondered where your friend hangs out on Discord? Tired of basic search tools like Discord.id? Look no further!" Spy Pet's website reads. It claims to be tracking more than 14,000 servers, 600 million users, and includes a database of more than 3 billion messages.

Read more of this story at Slashdot.

Managing to-do lists is something of a universal necessity. While some people handle them mentally or on paper, others resort to a web-based tool or a mobile application. For those preferring the command line, the MIT-licensed Taskwarrior offers a flexible solution with a healthy community and lots of extensions.

Pavel Durov, the founder of Telegram messaging app, has accused tech giants Google and Apple of threatening to censor content on smartphones [YouTube link]. In an interview with Tucker Carlson, Durov claimed that these companies told Telegram to comply with their guidelines or face removal from their app stores. "Those two platforms, they could basically censor everything you can read, access on your smart phone," Durov said. With 900 million active users, Telegram is expected to cross the one billion mark within a year.

Read more of this story at Slashdot.

Dropbox cofounder and CEO Drew Houston said he views his employees like customers, and that means giving them what they want -- which isn't in-person work. From a report: "We will support however they want to gather," Houston said in a new interview with The Verge. "But we're finding that these retreats and off-sites and things like that are often a lot more effective than asking people to commute." Houston said other business leaders are making the wrong move by forcing employees back to the office. Many companies are pushing employees to return to office in a hybrid structure, including giants like Google, Apple, and Amazon. "They keep mashing the go back to 2019 button, and they see it's not working," Houston said in the interview, speaking generally about return-to-office mandates. "Then they just push harder, and then you have this really toxic relationship." He compared returning to the office to returning to movie theaters or malls. It may have been cool for a time and people might still occasionally want to watch a big movie like "Top Gun" at the cinema, he said, "but the world has moved on." The CEO said the reason it used to be so easy to get people to the office was because they didn't have a choice. A lot of CEOs today don't understand that flexibility wasn't an option in the past, Houston said.

Read more of this story at Slashdot.

Cloudflare, in a blog post: Key insights from the first quarter of 2024 include: 1. 2024 started with a bang. Cloudflare's defense systems automatically mitigated 4.5 million DDoS attacks during the first quarter -- representing a 50% year-over-year (YoY) increase. 2. DNS-based DDoS attacks increased by 80% YoY and remain the most prominent attack vector. 3. DDoS attacks on Sweden surged by 466% after its acceptance to the NATO alliance, mirroring the pattern observed during Finland's NATO accession in 2023. We've just wrapped up the first quarter of 2024, and, already, our automated defenses have mitigated 4.5 million DDoS attacks -- an amount equivalent to 32% of all the DDoS attacks we mitigated in 2023. Breaking it down to attack types, HTTP DDoS attacks increased by 93% YoY and 51% quarter-over-quarter (QoQ). Network-layer DDoS attacks, also known as L3/4 DDoS attacks, increased by 28% YoY and 5% QoQ. When comparing the combined number of HTTP DDoS attacks and L3/4 DDoS attacks, we can see that, overall, in the first quarter of 2024, the count increased by 50% YoY and 18% QoQ. In total, our systems mitigated 10.5 trillion HTTP DDoS attack requests in Q1. Our systems also mitigated over 59 petabytes of DDoS attack traffic -- just on the network-layer.

Read more of this story at Slashdot.

An anonymous reader quotes a report from The Register: In a Monday post, Broadcom CEO Hock Tan restated his belief that VMware's portfolio was too complex, and too poorly integrated, for the virtualization giant to represent true competition for hyperscale clouds. Broadcom's injection of R&D cash, he insisted, will see VMware's flagship Cloud Foundation suite evolve to become more powerful and easy to operate. He also admitted that customers aren't enjoying the ride. "As we roll out this strategy, we continue to learn from our customers on how best to prepare them for success by ensuring they always have the transition time and support they need," he wrote. "In particular, the subscription pricing model does involve a change in the timing of customers' expenditures and the balance of those expenditures between capital and operating spending." Customers also told Tan that "fast-moving change may require more time, so we have given support extensions to many customers who came up for renewal while these changes were rolling out." That's one of the changes -- Broadcom has previously not publicly suggested such extensions would be possible. "We have always been and remain ready to work with our customers on their specific concerns," Tan wrote. The other change is providing some ongoing security patches for VMware customers who persist with their perpetual licenses instead of shifting to Broadcom's subs. "We are announcing free access to zero-day security patches for supported versions of vSphere, and we'll add other VMware products over time," Tan wrote, describing the measure as aimed at ensuring that customers "whose maintenance and support contracts have expired and choose to not continue on one of our subscription offerings." The change means such customers "are able to use perpetual licenses in a safe and secure fashion."

Read more of this story at Slashdot.

The 6.8.7, 6.6.28, 6.1.87, and 5.15.156 stable kernel updates have all been released.

Security updates have been issued by Debian (apache2 and cockpit), Fedora (firefox, kernel, mbedtls, python-cbor2, wireshark, and yyjson), Mageia (nghttp2), Red Hat (kernel, kernel-rt, opencryptoki, pcs, shim, squid, and squid:4), Slackware (firefox), SUSE (emacs, firefox, and kernel), and Ubuntu (linux-aws, linux-aws-5.15, linux-aws-6.5, linux-raspi, and linux-iot).

The SEC has blocked third-party messaging apps and texts from employees' work phones, "bringing its own practices closer to the standards it's enforcing for the industry," reports Bloomberg. From the report: The SEC's decision to block disappearing-messaging apps will help improve record-keeping and address potential security vulnerabilities at the agency, which saw one of its social-media accounts compromised earlier this year. It follows about $3 billion in fines imposed on financial firms to settle allegations that they failed to keep adequate records of work-related communications on mobile devices and apps such as Signal and Meta's WhatsApp. The scrutiny prompted Wall Street to overhaul how employees communicate on business matters using mobile phones. Meanwhile, the SEC took a hard look at policies covering its own staff's communications on agency-issued phones. The agency has restricted access to third-party messaging applications, as well as SMS (short message service) and iMessage texts "to lower risk that our systems could be compromised and to enhance recordkeeping," an SEC spokeswoman said in an emailed statement. The process of blocking the apps began in September and has continued over the past several months, she added.

Read more of this story at Slashdot.

NASA has confirmed that a piece of metal that tore through a Florida home last month was space junk from the International Space Station. NBC News reports: The agency confirmed Monday that the 1.6-pound object was debris from a cargo pallet that had been intentionally released from the space station three years ago. The pallet, packed with aging batteries, was supposed to burn up harmlessly in Earth's atmosphere, but a piece survived -- the piece that smashed into a house in Naples, Florida, on March 8. WINK News, a CBS News affiliate in southwestern Florida, first reported the incident. Naples resident Alejandro Otero told the outlet that the object crashed through the roof and two floors of his home. Otero was not home at the time, he told WINK News, but the metal object nearly hit his son, who was two rooms away. In a blog post about the incident, NASA said it had analyzed the object at the Kennedy Space Center in Florida and confirmed that it was part of the equipment used to mount the batteries on the cargo pallet. The piece of space junk is roughly cylindrical in shape and is about 4-inches tall and 1.6-inches wide. NASA said agency staff studied the object's features and metal composition and matched it to the hardware that had been jettisoned from the space station in 2021. At that time, new lithium-ion batteries had recently been installed at the space station, so the old nickel hydrogen batteries were packed up for disposal. The space station's robotic arm released the 5,800-pound cargo pallet containing the batteries over the Pacific Ocean, as the outpost orbited 260 miles above the Earth's surface, according to NASA. NASA said it will perform a detailed investigation of the latest debris incident to determine how the object withstood the extreme trip through the atmosphere.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Wired: Dozens of Google employees began occupying company offices in New York City and Sunnyvale, California, on Tuesday in protest of the company's $1.2 billion contract providing cloud computing services to the Israeli government. The sit-in, organized by the activist group No Tech for Apartheid, is happening at Google Cloud CEO Thomas Kurian's office in Sunnyvale and the 10th floor commons of Google's New York office. The sit-in will be accompanied by outdoor protests at Google offices in New York, Sunnyvale, San Francisco, and Seattle beginning at 2 pm ET and 11 am PT. Tuesday's actions mark an escalation in a series of recent protests organized by tech workers who oppose their employer's relationship with the Israeli government, especially in light of Israel's ongoing assault on Gaza. Since Hamas killed about 1,100 Israelis on October 7, the IDF has killed more than 34,000 Palestinians. Just over a dozen people gathered outside Google's offices in New York and Sunnyvale on Tuesday. Among those in New York was Google cloud software engineer Eddie Hatfield, who was fired days after disrupting Google Israel's managing director at March's Mind The Tech, a company-sponsored conference focused on the Israeli tech industry, in early March. Several hours into the sit-ins on Tuesday, Google security began to accuse the workers of "trespassing" and disrupting work, prompting several people to leave while others vowed to remain until they were forced out. The 2021 contract, known as Project Nimbus, involves Google and Amazon jointly providing cloud computing infrastructure and services across branches of the Israeli government. Last week, Time reported that Google's work on Project Nimbus involves providing direct services to the Israel Defense Forces. [...] On March 4, more than600 other Googlers signed a petition opposing the company's sponsorship of the conference. After Hatfield was fired three days later, Google trust-and-safety-policy employee Vidana Abdel Khalek resigned from her position in opposition to Project Nimbus. Then, in late March, more than 300 Apple workers signed an open letter that alleged retaliation against workers who have expressed support for Palestinians, and urged company leadership to show public support for Palestinians. Hasan Ibraheem, a Google software engineer, is participating in the sit-in at his local Google office in New York. "This has really been a culmination of our efforts," he tells WIRED. Since joining No Tech for Apartheid in December, Ibraheem says, he has been participating in weekly "tabling" actions being held at Google office cafes in New York, Sunnyvale, San Francisco, and Mountain View, California. It involves holding a sign that says "Ask me about Project Nimbus" during lunch break, passing out flyers, and answering questions from coworkers. "It's actually shocking how many people at Google don't even know that this contract exists," Ibraheem says. "A lot of people who don't know about it, who then learn about it through us, are reasonably upset that this contract exists. They just didn't know that it existed beforehand."

Read more of this story at Slashdot.

State tax collectors, particularly in New York, have intensified their audit efforts on high earners, leveraging artificial intelligence to compensate for a reduced number of auditors. CNBC reports: In New York, the tax department reported 771,000 audits in 2022 (the latest year available), up 56% from the previous year, according to the state Department of Taxation and Finance. At the same time, the number of auditors in New York declined by 5% to under 200 due to tight budgets. So how is New York auditing more people with fewer auditors? Artificial Intelligence. "States are getting very sophisticated using AI to determine the best audit candidates," said Mark Klein, partner and chairman emeritus at Hodgson Russ LLP. "And guess what? When you're looking for revenue, it's not going to be the person making $10,000 a year. It's going to be the person making $10 million." Klein said the state is sending out hundreds of thousands of AI-generated letters looking for revenue. "It's like a fishing expedition," he said. Most of the letters and calls focused on two main areas: a change in tax residency and remote work. During Covid many of the wealthy moved from high-tax states like California, New York, New Jersey and Connecticut to low-tax states like Florida or Texas. High earners who moved, and took their tax dollars with them, are now being challenged by states who claim the moves weren't permanent or legitimate. Klein said state tax auditors and AI programs are examining cellphone records to see where the taxpayers spent most of their time and lived most of their lives. "New York is being very aggressive," he said.

Read more of this story at Slashdot.

Framework, the company known for designing and selling upgradeable, modular laptops, has struggled with providing up-to-date software for its products. Ars Technica's Andrew Cunningham spoke with CEO Nirav Patel to discuss how the company is working on fixing these issues. Longtime Slashdot reader snikulin shares the report: Driver bundles remain un-updated for years after their initial release. BIOS updates go through long and confusing beta processes, keeping users from getting feature improvements, bug fixes, and security updates. In its community support forums, Framework employees, including founder and CEO Nirav Patel, have acknowledged these issues and promised fixes but have remained inconsistent and vague about actual timelines. [...] Patel says Framework has taken steps to improve the update problem, but he admits that the team's initial approach -- supporting existing laptops while also trying to spin up firmware for upcoming launches -- wasn't working. "We started 12th-gen [Intel Framework Laptop] development, basically the 12th-gen team was also handling looking back at 11th-gen [Intel Framework Laptop] to do firmware updates there," Patel told Ars. "And it became clear, especially as we continued to add on more platforms, that just wasn't a sustainable path to proceed on." Part of the issue is that Framework relies on external companies to put together firmware updates. Some components are provided by Intel, AMD, and other chip companies to all PC companies that use their chips. Others are provided by Insyde, which writes UEFI firmware for Framework and others. And some are handled by Compal, the contract manufacturer that actually produces Framework's systems and has also designed and sold systems for most of the big-name PC companies. As far back as August 2023, Patel has written that the plan is to work with Compal and Insyde to hire dedicated staff to provide better firmware support for Framework laptops. However, the benefits of this arrangement have been slow to reach users. "[Compal] started recruiting on their side towards the end of last year," Patel told Ars. "And now, just at the beginning of this year, we've been able to get that whole team into place and start onboarding them. And especially after Lunar New Year, which is in early February, that team is now up and running at full speed." The goal, Patel says, is to continuously cycle through all of Framework's actively supported laptops, updating each of them one at a time before looping back around and starting the process over again. Functionality-breaking problems and security fixes will take precedence, while additional features and user requests will be lower-priority. ... snikulin adds: "As a recent Framework 13/AMD owner, I can confirm that it does not sleep properly on a default Windows 11 install. When I close the lid in the evening, the battery is dead the next morning. It's interesting to hear from Linus Sebastian (LTT) on the topic because he is a stakeholder in Framework."

Read more of this story at Slashdot.

spatwei shares a report from SC Magazine: Microsoft has discovered a new method to jailbreak large language model (LLM) artificial intelligence (AI) tools and shared its ongoing efforts to improve LLM safety and security in a blog post Thursday. Microsoft first revealed the "Crescendo" LLM jailbreak method in a paper published April 2, which describes how an attacker could send a series of seemingly benign prompts to gradually lead a chatbot, such as OpenAI's ChatGPT, Google's Gemini, Meta's LlaMA or Anthropic's Claude, to produce an output that would normally be filtered and refused by the LLM model. For example, rather than asking the chatbot how to make a Molotov cocktail, the attacker could first ask about the history of Molotov cocktails and then, referencing the LLM's previous outputs, follow up with questions about how they were made in the past. The Microsoft researchers reported that a successful attack could usually be completed in a chain of fewer than 10 interaction turns and some versions of the attack had a 100% success rate against the tested models. For example, when the attack is automated using a method the researchers called "Crescendomation," which leverages another LLM to generate and refine the jailbreak prompts, it achieved a 100% success convincing GPT 3.5, GPT-4, Gemini-Pro and LLaMA-2 70b to produce election-related misinformation and profanity-laced rants. Microsoft reported the Crescendo jailbreak vulnerabilities to the affected LLM providers and explained in its blog post last week how it has improved its LLM defenses against Crescendo and other attacks using new tools including its "AI Watchdog" and "AI Spotlight" features.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: Some net neutrality proponents are worried that soon-to-be-approved Federal Communications Commission rules will allow harmful fast lanes because the plan doesn't explicitly ban "positive" discrimination. FCC Chairwoman Jessica Rosenworcel's proposed rules for Internet service providers would prohibit blocking, throttling, and paid prioritization. The rules mirror the ones imposed by the FCC during the Obama era and repealed during Trump's presidency. But some advocates are criticizing a decision to let Internet service providers speed up certain types of applications as long as application providers don't have to pay for special treatment. Stanford Law Professor Barbara van Schewick, who has consistently argued for stricter net neutrality rules, wrote in a blog post on Thursday that "harmful 5G fast lanes are coming." "T-Mobile, AT&T and Verizon are all testing ways to create these 5G fast lanes for apps such as video conferencing, games, and video where the ISP chooses and controls what gets boosted," van Schewick wrote. "They use a technical feature in 5G called network slicing, where part of their radio spectrum gets used as a special lane for the chosen app or apps, separated from the usual Internet traffic. The FCC's draft order opens the door to these fast lanes, so long as the app provider isn't charged for them." In an FCC filing yesterday, AT&T said that carriers will use network slicing "to better meet the needs of particular business applications and consumer preferences than they could over a best-efforts network that generally treats all traffic the same." Van Schewick warns that carriers could charge consumers more for plans that speed up specific types of content. For example, a mobile operator could offer a basic plan alongside more expensive tiers that boost certain online games or a tier that boosts services like YouTube and TikTok. Ericsson, a telecommunications vendor that sells equipment to carriers including AT&T, Verizon, and T-Mobile, has pushed for exactly this type of service. In a report on how network slicing can be used commercially, Ericsson said that "many gamers are willing to pay for enhanced gaming experiences" and would "pay up to $10.99 more for a guaranteed gaming experience on top of their 5G monthly subscription."

Read more of this story at Slashdot.

According to Bloomberg's Mark Gurman, Apple's initial set of AI-related features in iOS 18 "will work entirely on device," and won't connect to cloud services. AppleInsider reports: In practice, these AI features would be able to function without an internet connection or any form of cloud-based processing. AppleInsider has received information from individuals familiar with the matter that suggest the report's claims are accurate. Apple is working on an in-house large language model, or LLM, known internally as "Ajax." While more advanced features will ultimately require an internet connection, basic text analysis and response generation features should be available offline. [...] Apple will reveal its AI plans during WWDC, which starts on June 10.

Read more of this story at Slashdot.

Richard Currie reports via The Register: A simple misclick at a London law firm led to a surprise divorce for an unsuspecting couple. An employee at Vardags, self-described specialists in high-net-worth marital breakdowns, opened the wrong file when applying for a divorce in His Majesty's Courts and Tribunals Service (HMCTS) online portal. With a click more potent than Cupid's arrow, the solicitor "issued a final order of divorce in proceedings between Mrs Williams, the applicant wife, and Mr Williams," court papers [PDF] say. The digital slip occurred on October 3, and thanks to the system's "now customary speed," as described by Judge Sir Andrew McFarlane, President of the Family Division, marital bonds were finally and totally severed in a mere 21 minutes, less time than most couples spend arguing over what to watch on Netflix. When Vardags realized the blunder two days later, it scrambled to reverse the order. The application was made "without notice to the Husband's solicitors -- the Wife's solicitors considered at the time that this was the correct approach given that the Final Order itself had been made without notice." In the ensuing legal melee, Mr Williams, previously unaware of his sudden single status, received a letter sent by HMCTS the same day as the accidental divorce, stating that he was no longer married. But it was not until October 11, a week later, that he was formally informed of his bachelorhood by his ex-wife's solicitors. Meanwhile, his solicitors entered the fray, demanding that the case be brought before the President of the Family Division to sort out this matrimonial muddle.

Read more of this story at Slashdot.