RSS 생중계

India's income tax department will gain powers to access citizens' social media accounts, emails and other digital spaces beginning April 2026 under the new income tax bill, in a significant expansion of its search and seizure authority. The legislation, which has raised privacy concerns among legal experts, allows tax officers to "gain access by overriding the access code" to computer systems and "virtual digital spaces" if they suspect tax evasion. The bill broadly defines virtual digital spaces to include email servers, social media accounts, online investment accounts, banking platforms, and cloud servers. "The expansion raises significant concerns regarding constitutional validity, potential state overreach, and practical enforcement," Sonam Chandwani, Managing Partner at KS Legal and Associates, told Indian newspaper Economic Times.

Read more of this story at Slashdot.

Goldman Sachs, in a research note Thursday (the note isn't publicly posted): Annualized revenue for public companies exposed to the build-out of AI infrastructure increased by over $340 billion from 2022 through 2024Q4 (and is projected to increase by almost $580 billion by end-2025). In contrast, annualized real investment in AI-related categories in the US GDP accounts has only risen by $42 billion over the same period. This sharp divergence has prompted questions from investors about why US GDP is not receiving a larger boost from AI. A large share of the nominal revenue increase reported by public companies reflects cost inflation (particularly for semiconductors) and foreign revenue, neither of which should boost real US GDP. Indeed, we find that margin expansion ($30 billion) and increased revenue from other countries ($130 billion) account for around half of the publicly reported AI spending surge. That said, the BEA's (Bureau of Economic Analysis) methodology potentially understates the impact of AI-related investment on real GDP by around $100 billion. Manufacturing shipments and net imports imply that US semiconductor supply has increased by over $35 billion since 2022, but the BEA records semiconductor purchases as intermediate inputs rather than investment (since semiconductors have historically been embedded in products that are later resold) and therefore excludes them from GDP. Cloud services used to train and support AI models are similarly mostly recorded as intermediate inputs. Combined, we find that these explanations can explain most of the AI investment discrepancy, with only $50 billion unexplained. Looking ahead, we see more scope for AI-related investment to provide a moderate boost to real US GDP in 2025 since AI investment should broaden to categories like data centers, servers and networking hardware, and utilities that will likely be captured as real investment. However, we expect the bulk of investment in semiconductors and cloud computing will remain unmeasured barring changes to US national account methodology.

Read more of this story at Slashdot.

Utah has become the first U.S. state to pass legislation requiring app store operators to verify users' ages and obtain parental consent for minors downloading apps. The App Store Accountability Act adds to a wave of children's online safety bills advancing through state legislatures nationwide. Similar legislation has faced legal challenges, with many being blocked in courts. A comparable federal bill failed last year amid free expression concerns. The approach shifts verification responsibility to mobile app stores rather than individual websites, a move supported by Meta, Snap, and X in a joint statement urging Congress to follow suit. "Parents want a one-stop shop to verify their child's age and grant permission," they stated. Critics, including Chamber of Progress, warn the law threatens privacy and constitutional rights. A federal judge previously blocked a similar Utah law over First Amendment concerns.

Read more of this story at Slashdot.

Amazon has launched a pilot program testing "AI-aided dubbing" for select content on Prime Video, offering translations between English and Latin American Spanish for 12 licensed movies and series including "El Cid: La Leyenda," "Mi Mama Lora" and "Long Lost." The company describes a hybrid approach where "localization professionals collaborate with AI," suggesting automated dubbing receives professional editing for accuracy. The initiative, the company said, aims to increase content accessibility as streaming services expand globally.

Read more of this story at Slashdot.

Inside this week's LWN.net Weekly Edition:

• Front: Firefox forks; Bend and Vine; FineIBT; Guard pages; Fedora's Flatpak packaging; Zotero.
• Briefs: LFS 12.3; FerretDB 2.0; Firefox; Fish 4.0; Incus 6.10; Thunderbird 136.0; Xen 4.20; Quotes; ...
• Announcements: Newsletters, conferences, security updates, patches, and more.

Google announced Wednesday it is expanding its AI Overviews to more query types and users worldwide, including those not logged into Google accounts, while introducing a new "AI Mode" chatbot feature. AI Mode, which resembles competitors like Perplexity or ChatGPT Search, will initially be limited to Google One AI Premium subscribers who enable it through the Labs section of Search. The feature delivers AI-generated answers with supporting links interspersed throughout, powered by Google's search index. "What we're finding from people who are using AI Overviews is that they're really bringing different kinds of questions to Google," said Robby Stein, VP of product on the Search team. "They're more complex questions, that may have been a little bit harder before." Google is also upgrading AI Overviews with its Gemini 2.0 model, which Stein says will improve responses for math, coding and reasoning-based queries.

Read more of this story at Slashdot.

The Google Bug Hunters blog has a detailed description of how a vulnerability in AMD's microcode-patching functionality was discovered and exploited; the authors have also released a set of tools to assist with this kind of research in the future.

Secure hash functions are designed in such a way that there is no secret key, and there is no way to use knowledge of the intermediate state in order to generate a collision. However, CMAC was not designed as a hash function, and therefore it is a weak hash function against an adversary who has the key. Remember that every AMD Zen CPU has to have the same AES-CMAC key in order to successfully calculate the hash of the AMD public key and the microcode patch contents. Therefore, the key only needs to be revealed from a single CPU in order to compromise all other CPUs using the same key. This opens up the potential for hardware attacks (e.g., reading the key from ROM with a scanning electron microscope), side-channel attacks (e.g., using Correlation Power Analysis to leak the key during validation), or other software or hardware attacks that can somehow reveal the key. In summary, it is a safe assumption that such a key will not remain secret forever.

European nations have heightened security after a series of suspected sabotage attacks on submarine infrastructure in the Baltic Sea, with officials increasingly pointing to Russia as the likely culprit. Finnish authorities detained the tanker Eagle S in December after it allegedly damaged three undersea fiber-optic connections with Estonia and one with Germany. The vessel, carrying Russian oil as part of a "shadow fleet" evading sanctions, made suspicious course changes while crossing cable routes. In November, two more submarine cables in the Baltic were damaged, with investigations focusing on Chinese-owned cargo ship Yi Peng 3, which reduced speed near the cables and turned off its transponder. NATO launched Baltic Sentry in January to enhance surveillance, deploying ships and naval drones off Estonia's coast. The alliance also established a coordination cell following the 2022 Nord Stream pipeline sabotage. Russia has denied involvement, accusing NATO of using "myths" to increase its Baltic presence.

Read more of this story at Slashdot.

Nintendo has trumpeted its latest legal success in the company's ongoing fight against pirated games as "significant" not only for itself, "but for the entire games industry." From a report: The Mario maker today confirmed it had won a final victory over French file-sharing company Dstorage, which operates the website 1fichier.com, following years of legal wrangling and repeated appeals. Nintendo's victory means European file-sharing companies must now remove illegal copies of games when asked to do so, or be held accountable and cough up potentially sizable fines as punishment. In 2021, the Judicial Court of Paris ordered Dstorage pay Nintendo $1 million in damages after it was found to be hosting pirate games. Dstorage launched an appeal, which then failed in 2023, and was ordered to pay Nintendo further costs. But the case didn't end there. Dstorage finally took the matter to the highest French judiciary court, where it argued that a specific court order was required before it needed to remove content from its hosting services. This bid has also now failed, ending the long-running matter for good.

Read more of this story at Slashdot.

Geoffrey.landis writes: Over the last three months of 2024, more than 800 cases of GPS interference were recorded in Lithuanian airspace. Estonia and Finland have also raised concerns, accusing Russia of deploying technology to jam satellite navigation signals near Nato's eastern flank. A group of British scientists -- dubbed the "Time Lords" -- are working on a solution: to develop portable atomic clocks. By carrying a group of atoms cooled to -273C on the plane itself, rather than relying on an external signal, the technology can't be interfered with by jamming. But the problem is that the equipment is still too large to be used routinely on planes. The UK Hub for Quantum Enabled Position Navigation and Timing (QEPNT) was set up last December by the government to shrink the devices on to a chip, making them robust enough for everyday life and affordable for everyone. Henry White, part of the team from BAE Systems that worked on the test flight, told BBC News that he thought the first application could be aboard ships, "where there's a bit more space".

Read more of this story at Slashdot.

Half of the world's climate-heating carbon emissions come from the fossil fuels produced by just 36 companies, analysis has revealed. From a report: The researchers said the 2023 data strengthened the case for holding fossil fuel companies to account for their contribution to global heating. Previous versions of the annual report have been used in legal cases against companies and investors. The report found that the 36 major fossil fuel companies, including Saudi Aramco, Coal India, ExxonMobil, Shell and numerous Chinese companies, produced coal, oil and gas responsible for more than 20bn tonnes of CO2 emissions in 2023. If Saudi Aramco was a country, it would be the fourth biggest polluter in the world after China, the US and India, while ExxonMobil is responsible for about the same emissions as Germany, the world's ninth biggest polluter, according to the data. Global emissions must fall by 45% by 2030 if the world is to have a good chance of limiting temperature rise to 1.5C, the internationally agreed target. However, emissions are still rising, supercharging the extreme weather that is taking lives and livelihoods across the planet. The International Energy Agency has said new fossil fuel projects started after 2021 are incompatible with reaching net zero emissions by 2050. Most of the 169 companies in the Carbon Majors database increased their emissions in 2023, which was the hottest year on record at the time.

Read more of this story at Slashdot.

Version 2.0.0 of FerretDB has been released. FerretDB is an open-source alternative to MongoDB, which switched to a non-open license in 2018, built on top of PostgreSQL. This release utilizes the DocumentDB PostgreSQL extension for better performance, adds vector search, and replication.

Microsoft warned that an advanced Chinese hacking group is waging a campaign of supply-chain attacks. From a report: The company's threat intelligence division said in a blog post Wednesday that the group, known as Silk Typhoon, was targeting remote management tools and cloud applications in order to spy on a range of companies and organizations in the US and abroad. Microsoft said it observed in late 2024 that hackers were targeting cloud storage services, from which they would steal keys that could be used to access customer data. The group breached state and local government organizations and companies in the technology sector, seeking information on US government policy and documents related to law enforcement investigations. Silk Typhoon was behind a December hack that targeted the US Treasury Department, compromising more than 400 computers, Bloomberg News previously reported.

Read more of this story at Slashdot.

Functional programming languages have a long association with graphs. In the 1990s, it was even thought that parallel graph-reduction architectures could make functional programming languages much faster than their imperative counterparts. Alas, that prediction mostly failed to materialize. Even though graphs are still used as a theoretical formalism in order to define and optimize functional languages (such as Haskell's spineless tagless graph-machine), they are still mostly compiled down to the same old non-parallel assembly code that every other language uses. Now, two projects — Bend and Vine — have sprung up attempting to change that, and prove that parallel graph reduction can be a useful technique for real programs.

OpenAI is preparing to launch a tiered pricing structure for its AI agent products, with high-end research assistants potentially costing $20,000 per month, [alternative source] according to The Information. The AI startup, which already generates approximately $4 billion in annualized revenue from ChatGPT, plans three service levels: $2,000 monthly agents for "high-income knowledge workers," $10,000 monthly agents for software development, and $20,000 monthly PhD-level research agents. OpenAI has told some investors that agent products could eventually constitute 20-25% of company revenue, the report added.

Read more of this story at Slashdot.

The Xen Project has announced the release of Xen 4.20. This release adds support for AMD Zen 5 CPUs, improved compliance with the MISRA C standard, work on PCI-passthrough on Arm, and more. Xen 4.20 also removes support for Xeon Phi CPUs, which were discontinued in 2018. See the feature list and release notes for more information.

Apple has refreshed its MacBook Air lineup with the M4 processor, adding a new sky blue color option and reducing prices across the board. The 13-inch model now starts at $999, while the 15-inch begins at $1,199. Both models are available to order immediately and will ship on March 12. The updated MacBook Airs feature the same thin design as previous generations but now include the 12-megapixel Center Stage webcam found in current MacBook Pro models. Both variants come with the M4 chip, aligning them with Apple's recent Mac Mini, iMac, and MacBook Pro refreshes. Base configurations include an M4 with a 10-core CPU and 8-core GPU, 16GB of unified memory, and 256GB of storage. Customers can upgrade to a 10-core GPU (matching the base 14-inch MacBook Pro), 32GB of RAM, and up to 2TB of storage. A significant technical improvement is the support for two external 6K displays while keeping the laptop's lid open, addressing a limitation of previous Air models.

Read more of this story at Slashdot.

Version 136.0 of the Thunderbird Desktop mail client has been released. The release includes a quick toggle for adapting messages to dark mode, and a new "Appearance" setting to control message threading and sorting order globally, as well as a number of bug fixes. See the security advisory for a full list of security vulnerabilities addressed in Thunderbird 136.0.

Version 12.3 of Linux From Scratch (LFS) has been released, along with Beyond Linux From Scratch (BLFS) 12.3. LFS provides step-by-step instructions on building a customized Linux system entirely from source, and BLFS helps to extend an LFS installation into a more usable system. Notable changes in this release include toolchain updates to GNU Binutils 2.44, GNU C Library (glibc) 2.41, and Linux 6.13.2. The Changelog has a full list of changes since the previous stable release.

Google is urging officials at President Donald Trump's Justice Department to back away from a push to break up the search engine company, citing national security concerns, Bloomberg reported Wednesday, citing sources familiar with the discussions. From the report: Representatives for the Alphabet unit asked the government in a meeting last week to take a less aggressive stance as the US looks to end what a judge ruled to be an illegal online search monopoly, said the people, who asked not to be identified discussing the private deliberations. The Biden administration in November had called for Google to sell its Chrome web browser and make other changes to its business including an end to billions of dollars in exclusivity payments to companies including Apple. Although Google has previously pushed back on the Biden-era plan, the recent discussions may preview aspects of the company's approach to the case as it continues under the Trump administration. A federal judge is set to rule on how Google must change its practices following hearings scheduled for next month. Both sides are due to file their final proposals to the judge on Friday.

Read more of this story at Slashdot.