RSS 생중계

Scientists said the world just reached a grim milestone: the first full year where global temperatures exceeded 1.5C above pre-industrial times. Reuters reports: The milestone was confirmed by the European Union's Copernicus Climate Change Service (C3S), which said climate change is pushing the planet's temperature to levels never before experienced by modern humans. "The trajectory is just incredible," C3S director Carlo Buontempo told Reuters, describing how every month in 2024 was the warmest or second-warmest for that month since records began. The planet's average temperature in 2024 was 1.6 degrees Celsius higher than in 1850-1900, the "pre-industrial period" before humans began burning CO2-emitting fossil fuels on a large scale, C3S said. Last year was the world's hottest since records began, and each of the past ten years was among the ten warmest on record. Britain's Met Office confirmed 2024's likely breach of 1.5C, while estimating a slightly lower average temperature of 1.53C for the year. U.S. scientists will also publish their 2024 climate data on Friday. Governments promised under the 2015 Paris Agreement to try to prevent average temperatures exceeding 1.5C, to avoid more severe and costly climate disasters. The first year above 1.5C does not breach that target, which measures the longer-term average temperature. Buontempo said rising greenhouse gas emissions meant the world was on track to soon also blow past the Paris goal - but that it was not too late for countries to rapidly cut emissions to avoid warming rising further to disastrous levels. "It's not a done deal. We have the power to change the trajectory from now on," Buontempo said.

Read more of this story at Slashdot.

An anonymous reader quotes a report from 404 Media: Some of the world's most popular apps are likely being co-opted by rogue members of the advertising industry to harvest sensitive location data on a massive scale, with that data ending up with a location data company whose subsidiary has previously sold global location data to US law enforcement. The thousands of apps, included in hacked files from location data company Gravy Analytics, include everything from games likeCandy Crushand dating apps like Tinder to pregnancy tracking and religious prayer apps across both Android and iOS. Because much of the collection is occurring through the advertising ecosystem -- not code developed by the app creators themselves -- this data collection is likely happening without users' or even app developers' knowledge. "For the first time publicly, we seem to have proof that one of the largest data brokers selling to both commercial and government clients appears to be acquiring their data from the online advertising 'bid stream,'" rather than code embedded into the apps themselves, Zach Edwards, senior threat analyst at cybersecurity firm Silent Push and who has followed the location data industry closely, tells 404 Media after reviewing some of the data. The data provides a rare glimpse inside the world of real-time bidding (RTB). Historically, location data firms paid app developers to include bundles of code that collected the location data of their users. Many companies have turned instead to sourcing location information through the advertising ecosystem, where companies bid to place ads inside apps. But a side effect is that data brokers can listen in on that process and harvest the location of peoples' mobile phones. "This is a nightmare scenario for privacy, because not only does this data breach contain data scraped from the RTB systems, but there's some company out there acting like a global honey badger, doing whatever it pleases with every piece of data that comes its way," Edwards says. Included in the hacked Gravy data are tens of millions of mobile phone coordinates of devices inside the US, Russia, and Europe. Some of those files also reference an app next to each piece of location data. 404 Media extracted the app names and built a list of mentioned apps. The list includes dating sites Tinder and Grindr; massive games such asCandy Crush,Temple Run,Subway Surfers, andHarry Potter: Puzzles & Spells; transit app Moovit; My Period Calendar & Tracker, a period-tracking app with more than 10 million downloads; popular fitness app MyFitnessPal; social network Tumblr; Yahoo's email client; Microsoft's 365 office app; and flight tracker Flightradar24. The list also mentions multiple religious-focused apps such as Muslim prayer and Christian Bible apps, various pregnancy trackers, and many VPN apps, which some users may download, ironically, in an attempt to protect their privacy. 404 Media's full list of apps included in the data can be found here. There are also other lists available from other security researchers.

Read more of this story at Slashdot.

Christie Wilcox reports via Science.org: Both longhorn crazy ants (Paratrechina longicornis) and humans can figure out how to work together to move an unwieldy object through a series of obstacles. So scientists pitted the two against each other. They had individuals and groups of different sizes of both species maneuver a T-shaped object through holes in walls (as seen in the video above), both of which were scaled to the body size of the participants. This kind of puzzle is hard for ants because their pheromone-based communication doesn't account for the kind of geometry needed to get the object through the doors. To make the experiments even more comparable, the team also took away the humans' communication in some of the trials by making them wear sunglasses and masks and forbidding talking and gestures. So the people, like the ants, had to work together without language, relying on the forces generated by their fellow participants to figure out how to move the T-shaped piece. The groups of ants were much better at solving the puzzle than individual ants, exhibiting what the researchers described as "emergent" collective memory -- an intelligence greater than the sum of its parts. The groups of humans, on the other hand, often didn't do better when working together, especially if they weren't allowed to talk. In fact, multiple people sometimes performed worse than individuals -- and worse than the ants. The researchers posit that, in the absence of the ability to discuss and debate, individuals attempt to reach a consensus quickly rather than fully assessing the problem. This "groupthink," they suggest, leads people toward fruitless "greedy" efforts where they directly pull the T toward the gaps in the wall, rather than the less obvious, correct solution of pulling the object into the space between first. Whereas the ants "excel in cooperation," they write, humans need to be able to talk through their reasoning to avoid simply going with what they think the crowd wants. The study has been published in the journal Proceedings of the National Academy of Sciences.

Read more of this story at Slashdot.

The Biden administration plans one additional round of restrictions on the export of AI chips before leaving office, "a final push in his effort to keep advanced technologies out of the hands of China and Russia," reports Bloomberg. From the report: The US wants to curb the sale of AI chips used in data centers on both a country and company basis, with the goal of concentrating AI development in friendly nations and getting businesses around the world to align with American standards, according to people familiar with the matter. The result would be an expansion of semiconductor caps to most of the world -- an attempt to control the spread of AI technology at a time of soaring demand. The regulations, which could be issued as soon as Friday, would create three tiers of chip trade restrictions, said the people, who asked not to be identified because the discussions are private. At the top level, a small number of US allies would maintain essentially unmitigated access to American chips. A group of adversaries, meanwhile, would be effectively blocked from importing the semiconductors. And the vast majority of the world would face limits on the total computing power that can go to one country. Countries in the last group would be able to bypass their national limits -- and get their own, significantly higher caps -- by agreeing to a set of US government security requirements and human rights standards, one of the people said. That type of designation -- called a validated end user, or VEU -- aims to create a set of trusted entities that develop and deploy AI in secure environments around the world.

Read more of this story at Slashdot.

Nvidia CEO Jensen Huang said quantum computers won't be very useful for another 20 years, causing stocks in this emerging sector to plunge more than 40% for a total market value loss of over $8 billion. "If you kind of said 15 years for very useful quantum computers, that'd probably be on the early side. If you said 30, is probably on the late side. But if you picked 20, I think a whole bunch of us would believe it," Huang said during a Q&A with analysts. PCMag reports: The field of quantum computing hasn't gotten nearly as much hype as generative AI and the tech giants promoting it in the past few years. Right now, part of the reason quantum computers aren't currently that helpful is because of their error rates. Nord Quantique CEO Julien Lemyre previously told PCMag that quantum error correction is the future of the field, and his firm is working on a solution. The errors that qubits, the basic unit of information in a quantum machine, currently make result in quantum computers being largely unhelpful. It's an essential hurdle to overcomeâ"but we don't currently know if or when quantum errors will be eliminated. Chris Erven, CEO and co-founder of Kets Quantum, believes quantum computers will eventually pose a significant threat to cybersecurity. "China is making some of the largest investments in quantum computing, pumping in billions of dollars into research and development in the hope of being the first to create a large-scale, cryptographically relevant machine," Erven tells PCMag in a statement. "Although they may be a few years away from being fully operational, we know a quantum computer will be capable of breaking all traditional cyber defenses we currently use. So they, and others, are actively harvesting now, to decrypt later." "The 15 to 20-year timeline seems very realistic," said Ivana Delevska, investment chief of Spear Invest, which holds Rigetti and IonQ shares in an actively managed ETF. "That is roughly what it took Nvidia to develop accelerated computing."

Read more of this story at Slashdot.

An anonymous reader quotes a report from Bloomberg: Global banks will cut as many as 200,000 jobs in the next three to five years as artificial intelligence encroaches on tasks currently carried out by human workers, according to Bloomberg Intelligence. Chief information and technology officers surveyed for BI indicated that on average they expect a net 3% of their workforce to be cut, according to a report published Thursday. Back office, middle office and operations are likely to be most at risk, according to Tomasz Noetzel, the BI senior analyst who wrote the report. Customer services could see changes as bots manage client functions, while know-your-customer duties would also be vulnerable. "Any jobs involving routine, repetitive tasks are at risk," he said. "But AI will not eliminate them fully, rather it will lead to workforce transformation." Nearly a quarter of the 93 respondents predict a steeper decline of between 5% and 10% of total headcount. The peer group covered by BI includes Citigroup Inc., JPMorgan Chase & Co. and Goldman Sachs Group Inc. The findings point to far-reaching changes in the industry, feeding through to improved earnings. In 2027, banks could see pretax profits 12% to 17% higher than they would otherwise have been -- adding as much as $180 billion to their combined bottom line -- as AI powers an increase in productivity, according to BI. Eight in ten respondents expect generative AI to increase productivity and revenue generation by at least 5% in the next three to five years. Results from a recent World Economic Forum survey also predicted a reduction in the workforce due to AI. According to the survey, 41% of employers intend to downsize their workforce as AI automates certain tasks. Unlike the survey results from 2023, this year's report did not say that most technology, including AI, were expected to be a "net positive" for job numbers.

Read more of this story at Slashdot.

OpenAI has shut down the developer behind a viral device that could respond to ChatGPT queries to aim and fire an automated rifle. Futurism reports: The contraption, as seen in a video that's been making its rounds on social media, sparked a frenzied debate over our undying attempts to turn dystopian tech yanked straight out of the "Terminator" franchise into a reality. STS 3D's invention also apparently caught the attention of OpenAI, who says it swiftly shut him down for violating its policies. When Futurism reached out to the company, a spokesperson said that "we proactively identified this violation of our policies and notified the developer to cease this activity ahead of receiving your inquiry." STS 3D -- who didn't respond to our request for comment -- used OpenAI's Realtime API to give his weapon a cheery voice and a way to decipher his commands. "ChatGPT, we're under attack from the front left and front right," he told the system in the video. "Respond accordingly." Without skipping a beat, the rifle jumped into action, shooting what appeared to be blanks while aiming at the nearby walls.

Read more of this story at Slashdot.

Plaintiffs in Kadrey v. Meta allege that Meta CEO Mark Zuckerberg authorized the team behind the company's Llama AI models to use a dataset of pirated ebooks and articles for training. They further accuse the company of concealing its actions by stripping copyright information and torrenting the data. TechCrunch reports: In newly unredacted documents filed (PDF) with the U.S. District Court for the Northern District of California late Wednesday, plaintiffs in Kadrey v. Meta, who include bestselling authors Sarah Silverman and Ta-Nehisi Coates, recount Meta's testimony from late last year, during which it was revealed that Zuckerberg approved Meta's use of a data set called LibGen for Llama-related training. LibGen, which describes itself as a "links aggregator," provides access to copyrighted works from publishers including Cengage Learning, Macmillan Learning, McGraw Hill, and Pearson Education. LibGen has been sued a number of times, ordered to shut down, and fined tens of millions of dollars for copyright infringement. According to Meta's testimony, as relayed by plaintiffs' counsel, Zuckerberg cleared the use of LibGen to train at least one of Meta's Llama models despite concerns within Meta's AI exec team and others at the company. The filing quotes Meta employees as referring to LibGen as a "data set we know to be pirated," and flagging that its use "may undermine [Meta's] negotiating position with regulators." The filing also cites a memo to Meta AI decision-makers noting that after "escalation to MZ," Meta's AI team "[was] approved to use LibGen." (MZ, here, is rather obvious shorthand for "Mark Zuckerberg.") The details seemingly line up with reporting from The New York Times last April, which suggested that Meta cut corners to gather data for its AI. At one point, Meta was hiring contractors in Africa to aggregate summaries of books and considering buying the publisher Simon & Schuster, according to the Times. But the company's execs determined that it would take too long to negotiate licenses and reasoned that fair use was a solid defense. The filing Wednesday contains new accusations, like that Meta might've tried to conceal its alleged infringement by stripping the LibGen data of attribution.

Read more of this story at Slashdot.

Nvidia CEO Jensen Huang says IT departments will evolve into human resources managers for AI agents, as companies adopt AI tools across their operations. "In a lot of ways, the IT department of every company is going to be the HR department of AI agents in the future," Huang told the Consumer Electronics Show in Las Vegas this week. From a report: He believes that in the not so near future IT teams will be tasked with onboarding these agents and ensuring they're kept in line, similarly to how HR teams manage employees. They may need to be trained to use certain vocabulary that's unique to the company, or be given examples of the kind of product the team is looking to develop, or briefed on company culture policies. Instead of just fixing servers and resetting passwords, IT professionals will soon be supervising fleets of digital workers.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: A federal judge this week rejected Google's motion to throw out a class-action lawsuit alleging that it invaded the privacy of users who opted out of functionality that records a users' web and app activities. A jury trial is scheduled for August 2025 in US District Court in San Francisco. The lawsuit concerns Google's Web & App Activity (WAA) settings, with the lead plaintiff representing two subclasses of people with Android and non-Android phones who opted out of tracking. "The WAA button is a Google account setting that purports to give users privacy control of Google's data logging of the user's web app and activity, such as a user's searches and activity from other Google services, information associated with the user's activity, and information about the user's location and device," wrote (PDF) US District Judge Richard Seeborg, the chief judge in the Northern District Of California. Google says that Web & App Activity "saves your activity on Google sites and apps, including associated info like location, to give you faster searches, better recommendations, and more personalized experiences in Maps, Search, and other Google services." Google also has a supplemental Web App and Activity setting that the judge's ruling refers to as "(s)WAA." "The (s)WAA button, which can only be switched on if WAA is also switched on, governs information regarding a user's '[Google] Chrome history and activity from sites, apps, and devices that use Google services.' Disabling WAA also disables the (s)WAA button," Seeborg wrote. But data is still sent to third-party app developers through the Google Analytics for Firebase (GA4F), "a free analytical tool that takes user data from the Firebase kit and provides app developers with insight on app usage and user engagement," the ruling said. GA4F "is integrated in 60 percent of the top apps" and "works by automatically sending to Google a user's ad interactions and certain identifiers regardless of a user's (s)WAA settings, and Google will, in turn, provide analysis of that data back to the app developer." Plaintiffs have brought claims of privacy invasion under California law. Plaintiffs "present evidence that their data has economic value," and "a reasonable juror could find that Plaintiffs suffered damage or loss because Google profited from the misappropriation of their data," Seeborg wrote. The lawsuit was filed in July 2020. The judge notes that summary judgment can be granted when "there is no genuine dispute as to any material fact and the movant is entitled to judgment as a matter of law." Google hasn't met that standard, he ruled. In a statement provided to Ars, Google said that "privacy controls have long been built into our service and the allegations here are a deliberate attempt to mischaracterize the way our products work. We will continue to make our case in court against these patently false claims."

Read more of this story at Slashdot.

AI is coming for your job: 41% of employers intend to downsize their workforce as AI automates certain tasks, a World Economic Forum survey showed Wednesday. From a report: Out of hundreds of large companies surveyed around the world, 77% also said they were planning to reskill and upskill their existing workers between 2025-2030 to better work alongside AI, according to findings published in the WEF's Future of Jobs Report. But, unlike the previous, 2023 edition, this year's report did not say that most technologies, including AI, were expected to be "a net positive" for job numbers. "Advances in AI and renewable energy are reshaping the (labor) market -- driving an increase in demand for many technology or specialist roles while driving a decline for others, such as graphic designers," the WEF said in a press release ahead of its annual meeting in Davos later this month. Writing in the wide-ranging report, Saadia Zahidi, the forum's managing director, highlighted the role of generative AI in reshaping industries and tasks across all sectors. The technology can create original text, images and other content in response to prompts from users.

Read more of this story at Slashdot.

Version 1.84.0 of the Rust language has been released. Changes include improved version selection for dependencies in Cargo, the beginning of the migration to a new trait solver, and some updated pointer-provenance APIs.

Most of the time, programmers do not need to worry much about provenance, and it is very clear how a pointer got derived. However, when casting pointers to integers and back, the provenance of the resulting pointer is underspecified. With this release, Rust is adding a set of APIs that can in many cases replace the use of integer-pointer-casts, and therefore avoid the ambiguities inherent to such casts. In particular, the pattern of using the lowest bits of an aligned pointer to store extra information can now be implemented without ever casting a pointer to an integer or back. This makes the code easier to reason about, easier to analyze for the compiler, and also benefits tools like Miri and architectures like CHERI that aim to detect and diagnose pointer misuse.

BrianFagioli writes: The Linux Foundation has announced the launch of 'Supporters of Chromium-Based Browsers,' an initiative aimed at funding and supporting open development within the Chromium ecosystem. The purpose of this effort is to provide resources and foster collaboration among developers, academia, and tech companies to drive the sustainability and innovation of Chromium projects. Major industry players, including Google, Meta, Microsoft, and Opera, have pledged their support.

Read more of this story at Slashdot.

MicroStrategy's bitcoin holdings and a tech investment fund are commanding extraordinary premiums in U.S. markets, highlighting unusual price anomalies reminiscent of past market distortions. MicroStrategy shares are trading at more than double the market value of their main asset -- bitcoin holdings -- while closed-end fund Destiny Tech100 recently traded at 11 times its net asset value, down from 21 times earlier in 2024. Similar market irregularities have emerged throughout history. In 1923, investor Benjamin Graham profited from a disconnect between DuPont and General Motors shares. During the 1929 bull market, closed-end fund Capital Administration Co. traded at a 1,235% premium to its net asset value. WSJ adds: The PalmPilot during the 1990s and early 2000s was a hand-held device and personal assistant that came with a touch-screen display and a stylus. Palm was the biggest maker of hand-held computer devices, with 70% market share, and it held its initial public offering in March 2000, about a week before the Nasdaq Composite Index's peak during the dot-com bubble. Palm's shares jumped 150% on their first day of trading, giving Palm a stock-market value of about $53 billion. Palm was still 94%-owned by parent 3Com at the time. Yet on Palm's first day of trading, 3Com's shares fell 21%. The funny part: According to the stock market, 3Com was worth about $23 billion less than the value of the Palm shares that 3Com owned. This made no sense, yet the valuations remained out of whack for months. In time, both stocks came down to earth, sanity prevailed and the world eventually moved on to smartphones.

Read more of this story at Slashdot.

Engineering and construction group Larsen & Toubro Chairman S.N. Subrahmanyan has urged employees in India to work 90 hours weekly, including Sundays, surpassing Infosys founder N.R. Narayana Murthy's recent 70-hour workweek proposal. "What do you do sitting at home? Go to the office and start working," Subrahmanyan said in a leaked internal video. He cited a conversation about Chinese workers' 90-hour weeks versus Americans' 50 hours to justify the stance.

Read more of this story at Slashdot.

Microsoft kicks off the new year with more job cuts, as fewer than 1% of employees reportedly face the axe. From a report: As first reported by Business Insider, Microsoft is trimming its workforce again, including roles in its security division, with the cuts targeting underperforming employees. A Microsoft spokesperson confirmed the layoffs with BI but declined to specify how many staffers are affected, stating, "At Microsoft, we focus on high-performance talent." "We are always working on helping people learn and grow. When people are not performing, we take the appropriate action," the spokesperson told The Register.

Read more of this story at Slashdot.

U.S. software giant Ivanti has warned that a zero-day vulnerability in its widely-used enterprise VPN appliance has been exploited to compromise the networks of its corporate customers. From a report: Ivanti said on Wednesday that the critical-rated vulnerability, tracked as CVE-2025-0282, can be exploited without any authentication to remotely plant malicious code on Ivanti's Connect Secure, Policy Secure, and ZTA Gateways products. Ivanti says its Connect Secure remote-access VPN solution is "the most widely adopted SSL VPN by organizations of every size, across every major industry." This is the latest exploited security vulnerability to target Ivanti's products in recent years. Last year, the technology maker pledged to overhaul its security processes after hackers targeted vulnerabilities in several of its products to launch mass-hacks against its customers. The company said it became aware of the latest vulnerability after its Ivanti Integrity Checker Tool (ICT) flagged malicious activity on some customer appliances.

Read more of this story at Slashdot.

The Software Freedom Conservancy is reporting that AVM has released the full source and installation scripts for its routers in response to a lawsuit, filed by Sebastian Steck, based on Lesser GNU Public License rights.

Historically, lawsuits have focused on the copyrights licensed under GPL (or the GPL and LGPL together). Steck's lawsuit uniquely focused exclusively on users' rights under the LGPL. Steck's work showed that despite being a "Lesser" license than GPL, LGPLv2.1 still guarantees users the right to repair, modify and reinstall modified versions of the software on their device. There is now no doubt that both GPL and LGPL mandate the device owner's ability to make changes to the software in the flash memory so those changes persist across reboots.

Attacks on the kernel can take many forms; one popular exploitation path is to find a way to overwrite some memory with attacker-supplied data. If the right memory can be targeted, one well-targeted stray write is all that is needed to take control of the system. Since the system's page tables regulate access to memory, they are an attractive target for this type of attack. This patch set from Kevin Brodsky is an attempt to protect page tables (and, eventually, other data structures) using the "memory protection keys" feature provided by a number of CPU architectures.

The 6.12.9, 6.6.70, 6.1.124, 5.15.176, 5.10.233, and 5.4.289 stable kernels have been released. As usual, they contain important fixes all over the kernel tree.