RSS 생중계

Scientists have released DinoTracker, a free AI-powered app that identifies dinosaur footprints by analyzing shape patterns rather than relying on potentially flawed historical labels. "When we find a dinosaur footprint, we try to do the Cinderella thing and find the foot that matches the slipper," said Prof Steve Brusatte, a co-author of the work. "But it's not so simple, because the shape of a dinosaur footprint depends not only on the shape of the dinosaur's foot but also the type of sand or mud it was walking through, and the motion of its foot." The Guardian reports: [...] Brusatte, [Dr Gregor Hartmann, the first author of the new research from Helmholtz-Zentrum in Germany] and colleagues fed their AI system with 2,000 unlabelled footprint silhouettes. The system then determined how similar or different the imprints were from each other by analysing a range of features it identified as meaningful. The researchers discovered these eight features reflected variations in the imprints' shapes, such as the spread of the toes, amount of ground contact and heel position. The team have turned the system into a free app called DinoTracker that allows users to upload the silhouette of a footprint, explore the seven other footprints most similar to it and manipulate the footprint to see how varying the eight features can affect which other footprints are deemed most similar. Hartmann said that at present experts had to double check if factors such as the material the footprints were made in, and their age, matched the scientific hypothesis, but the system clustered prints with those expected from classifications made by human experts about 90% of the time. The findings have been published in the journal PNAS.

Read more of this story at Slashdot.

A data breach at SoundCloud exposed information tied to 29.8 million user accounts, according to Have I Been Pwned. While SoundCloud says no passwords or financial data were accessed, attackers mapped email addresses to public profile data and later attempted extortion. BleepingComputer reports: The company confirmed the breach on December 15, following widespread reports from users who were unable to access SoundCloud and saw 403 "Forbidden" errors when connecting via VPN. SoundCloud told BleepingComputer at the time that it had activated its incident response procedures after detecting unauthorized activity involving an ancillary service dashboard. "We understand that a purported threat actor group accessed certain limited data that we hold," SoundCloud said. "We have completed an investigation into the data that was impacted, and no sensitive data (such as financial or password data) has been accessed. The data involved consisted only of email addresses and information already visible on public SoundCloud profiles." While SoundCloud didn't provide further details regarding the incident, BleepingComputer learned that the breach affected 20% of all SoundCloud users, roughly 28 million accounts based on publicly reported user figures (SoundCloud later published a security notice confirming the information provided by BleepingComputer's sources). After the breach, BleepingComputer also learned that the ShinyHunters extortion gang was responsible for the attack, with sources saying that the threat group was also attempting to extort SoundCloud. This was confirmed by SoundCloud in a January 15 update, which said the threat actors had "made demands and deployed email flooding tactics to harass users, employees, and partners."

Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: The Supreme Court is taking up a case on whether Paramount violated the 1988 Video Privacy Protection Act (VPPA) by disclosing a user's viewing history to Facebook. The case, Michael Salazar v. Paramount Global, hinges on the law's definition of the word "consumer." Salazar filed a class action against Paramount in 2022, alleging that it "violated the VPPA by disclosing his personally identifiable information to Facebook without consent," Salazar's petition to the Supreme Court said. Salazar had signed up for an online newsletter through 247Sports.com, a site owned by Paramount, and had to provide his email address in the process. Salazar then used 247Sports.com to view videos while logged in to his Facebook account. "As a result, Paramount disclosed his personally identifiable information -- including his Facebook ID and which videos he watched—to Facebook," the petition (PDF) said. "The disclosures occurred automatically because of the Facebook Pixel Paramount installed on its website. Facebook and Paramount then used this information to create and display targeted advertising, which increased their revenues." The 1988 law (PDF) defines consumer as "any renter, purchaser, or subscriber of goods or services from a video tape service provider." The phrase "video tape service provider" is defined to include providers of "prerecorded video cassette tapes or similar audio visual materials," and thus arguably applies to more than just sellers of tapes. The legal question for the Supreme Court "is whether the phrase 'goods or services from a video tape service provider,' as used in the VPPA's definition of 'consumer,' refers to all of a video tape service provider's goods or services or only to its audiovisual goods or services," Salazar's petition said. The Supreme Court granted his petition (PDF) to hear the case in a list of orders released yesterday. [...] SCOTUSblog says that "the case will likely be scheduled for oral argument in the court's 2026-27 term," which begins in October 2026.

Read more of this story at Slashdot.

OpenAI has launched Prism, a free scientific research app that aims to do for scientific writing what coding agents did for programming. Engadget reports: Prism builds on Crixet, a cloud-based LaTeX platform the company is announcing it acquired today. For the uninitiated, LaTeX is a typesetting system for formatting scientific documents and journals. Nearly the entire scientific community relies on LaTeX, but it can make some tasks, such as drawing diagrams through TikZ commands, time-consuming to do. Beyond that, LaTeX is just one of the software tools a scientist might turn to when preparing to publish their research. That's where Prism comes into the picture. Like Crixet before it, the app offers robust LaTeX editing and a built-in AI assistant. Where previously it was Crixet's own Chirp agent, now it's GPT-5.2 Thinking. OpenAI's model can help with more than just formatting journals -- in a press demo, an OpenAI employee used it to find and incorporate scientific literature that was relevant to the paper they were working on, with GPT-5.2 automating the process of writing the bibliography. [...] Later in the same demo, the OpenAI employee used Prism to generate a lesson plan for a graduate course on general relativity, as well as a set of problems for students to solve. OpenAI envisions these features helping scientists and professors spend less time on the more tedious tasks in their professions.

Read more of this story at Slashdot.

Amazon has agreed to pay $309 million and provide additional remedies in a class-action settlement over claims that customers were wrongly denied refunds after returning items. Plaintiffs say (PDF) the deal delivers over $1 billion in total value, including more than $600 million in refunds and operational changes. Reuters reports: Amazon denied any wrongdoing in agreeing to the settlement. "Following an internal review in 2025, we identified a small subset of returns where we issued a refund without the payment completing, or where we could not verify that the correct item had been sent back to us, so no refund had been issued," an Amazon spokesperson said, adding that the company had taken steps to resolve the issue. The lawsuit, filed in 2023, said Amazon caused "substantial unjustified monetary losses" for consumers who in some instances properly returned an item but were still charged for it. In a court filing, Amazon said customers accepted the terms of the company's return policies, including the possibility they would be recharged for failing to return the product within a specified time frame. The proposed settlement class covers U.S. purchasers of goods on Amazon from September 2017 who allegedly did not receive timely or correct refunds, or who were later charged despite returning items. Class members are expected to recover the full amount of any incorrectly denied refund or retrocharge, plus interest, the plaintiffs told the court.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: This week, the first high-profile lawsuit -- considered a "bellwether" case that could set meaningful precedent in the hundreds of other complaints -- goes to trial. That lawsuit documents the case of a 19-year-old, K.G.M, who hopes the jury will agree that Meta and YouTube caused psychological harm by designing features like infinite scroll and autoplay to push her down a path that she alleged triggered depression, anxiety, self-harm, and suicidality. TikTok and Snapchat were also targeted by the lawsuit, but both have settled. The Snapchat settlement came last week, while TikTok settled on Tuesday just hours before the trial started, Bloomberg reported. For now, YouTube and Meta remain in the fight. K.G.M. allegedly started watching YouTube when she was 6 years old and joined Instagram by age 11. She's fighting to claim untold damages -- including potentially punitive damages -- to help her family recoup losses from her pain and suffering and to punish social media companies and deter them from promoting harmful features to kids. She also wants the court to require prominent safety warnings on platforms to help parents be aware of the risks. [...] To win, K.G.M.'s lawyers will need to "parcel out" how much harm is attributed to each platform, due to design features, not the content that was targeted to K.G.M., Clay Calvert, a technology policy expert and senior fellow at a think tank called the American Enterprise Institute, wrote. Internet law expert Eric Goldman told The Washington Post that detailing those harms will likely be K.G.M.'s biggest struggle, since social media addiction has yet to be legally recognized, and tracing who caused what harms may not be straightforward. However, Matthew Bergman, founder of the Social Media Victims Law Center and one of K.G.M.'s lawyers, told the Post that K.G.M. is prepared to put up this fight. "She is going to be able to explain in a very real sense what social media did to her over the course of her life and how in so many ways it robbed her of her childhood and her adolescence," Bergman said. The research is unclear on whether social media is harmful for kids or whether social media addiction exists, Tamar Mendelson, a professor at Johns Hopkins Bloomberg School of Public Health, told the Post. And so far, research only shows a correlation between Internet use and mental health, Mendelson noted, which could doom K.G.M.'s case and others.' However, social media companies' internal research might concern a jury, Bergman told the Post. On Monday, the Tech Oversight Project, a nonprofit working to rein in Big Tech, published a report analyzing recently unsealed documents in K.G.M.'s case that supposedly provide "smoking-gun evidence" that platforms "purposefully designed their social media products to addict children and teens with no regard for known harms to their wellbeing" -- while putting increased engagement from young users at the center of their business models. Most of the unsealed documents came from Meta. An internal email shows Mark Zuckerberg decided Meta's top strategic priority was getting teens "locked in" to Meta's family of apps. Another damning document discusses allowing "tweens" to use a private mode inspired by fake Instagram accounts ("finstas"). The same document includes an admission that internal data showed Facebook use correlated with lower well-being. Internal communications showed Meta seemingly bragging that "teens can't switch off from Instagram even if they want to" and an employee declaring, "oh my gosh yall IG is a drug," likening all social media platforms to "pushers."

Read more of this story at Slashdot.

Citigroup has rolled out mandatory AI training for all 175,000 of its employees across 80 locations worldwide, a sweeping initiative that CEO Jane Fraser describes as helping workers "reinvent themselves" before the technology permanently alters what they do for a living. The $205 billion bank sent out an internal memo last year requiring staffers to learn prompting skills specifically. Fraser told the Washington Post at Davos that AI "will change the nature of what people do every day" and "will take some jobs away." The adaptive training platform lets experts complete the course in under 10 minutes while beginners need about 30 minutes. Citi reported last year that employees had entered more than 6.5 million prompts into its built-in AI tools, and Q4 2025 data shows a 70% adoption rate for the bank's proprietary AI tools.

Read more of this story at Slashdot.

Mozilla, the nonprofit organization behind the Firefox browser that has spent two decades battling tech giants over control of the internet, is now turning its attention to AI and deploying roughly $1.4 billion in reserves to fund what president Mark Surman calls a "rebel alliance" of startups focused on AI safety, transparency and governance. The organization released a report Tuesday outlining its strategy to counter the growing dominance of OpenAI and Anthropic, which have raised more than $60 billion and $30 billion respectively from investors and now command valuations of $500 billion and $350 billion. Mozilla Ventures, a fund launched in 2022 with an initial $35 million commitment, has invested in more than 55 companies to date and is exploring raising additional capital. Surman, who runs the organization from a farm outside Toronto, acknowledged the financial mismatch but said Mozilla is playing the long game. By 2028, he wants Mozilla to be funding a "mainstream" open-source AI ecosystem for developers. The effort faces headwinds from the Trump administration, which has criticized AI safety efforts as "woke AI" and signed an executive order establishing a task force to challenge state AI regulations.

Read more of this story at Slashdot.

An anonymous reader shares a report: Meta plans to test new subscriptions that give people access to exclusive features on its apps, the company told TechCrunch on Monday. The tech giant said the new subscriptions will unlock more productivity and creativity, along with expanded AI capabilities. In the coming months, Meta said it will offer a premium experience on Instagram, Facebook, and WhatsApp that gives users access to special features and more control over how they share and connect, while keeping the core experiences free. Meta doesn't appear to be locked into one strategy, noting that it will test a variety of subscription features and bundles, and that each app subscription will have a distinct set of exclusive features.

Read more of this story at Slashdot.

An anonymous reader shares a report: Google on Tuesday announced an expanded set of Android theft-protection features, designed to make its mobile devices less of a target for criminals. Building on existing tools like Theft Detection Lock, Offline Device Lock, and others introduced in 2024, the newly launched updates include stronger authentication safeguards and enhanced recovery tools, the company said. [...] With the new features, users of Android devices running Android 16 or higher will have more control over the Failed Authentication Lock feature that automatically locks the device after an excessive number of failed login attempts. Now users will have access to a dedicated on/off toggle switch in the device's settings. The devices will also offer stronger protection against a thief trying to guess a device owner's PIN, pattern, or password by increasing the lockout time after failed attempts. Plus, Identity Check, a feature rolled out for Android 15 and higher last year, now covers all features and apps that use biometrics -- like banking apps or the Google Password Manager.

Read more of this story at Slashdot.

France will replace the American platforms Microsoft Teams and Zoom with its own domestically developed video conferencing platform, which will be used in all government departments by 2027, the country said. From a report: The move is part of France's strategy to stop using foreign software vendors, especially those from the United States, and regain control over critical digital infrastructure. It comes at a crucial moment as France, like Europe, reaches a turning point regarding digital sovereignty. "The aim is to end the use of non-European solutions and guarantee the security and confidentiality of public electronic communications by relying on a powerful and sovereign tool," said David Amiel, minister for the civil service and state reform. On Monday, the government announced it will instead be using the French-made videoconference platform Visio. The platform has been in testing for a year and has around 40,000 users.

Read more of this story at Slashdot.

Microsoft has quietly suppressed an unexplained anomaly on its network that was routing traffic destined for example.com -- a domain reserved under RFC2606 specifically for testing purposes and not obtainable by any party -- to sei.co.jp, a domain belonging to Japanese electronics cable maker Sumitomo Electric. The misconfiguration meant anyone attempting to set up an Outlook account using an example.com email address could have inadvertently sent test credentials to Sumitomo Electric's servers. Under RFC2606, example.com resolves only to IP addresses assigned to the Internet Assigned Names Authority. Microsoft confirmed it has "updated the service to no longer provide suggested server information for example.com" and said it is investigating. Security researcher Dan Tentler of Phobos Group noted the company appears to have simply removed the problematic endpoint rather than fixing the underlying routing -- "not found" errors now appear where the JSON responses previously occurred. Tinyapps.org, which noted the behavior earlier this month, said the misconfiguration had persisted for five years. Microsoft has not explained how Sumitomo Electric's domain entered its configuration. The incident follows 2024's revelation that a forgotten test account with admin privileges enabled Russia-state hackers to monitor Microsoft executives' email for two months.

Read more of this story at Slashdot.

There is a new GnuPG update for a "critical security bug" in recent GnuPG releases.

A crafted CMS (S/MIME) EnvelopedData message carrying an oversized wrapped session key can cause a stack buffer overflow in gpg-agent during the PKDECRYPT--kem=CMS handling. This can easily be used for a DoS but, worse, the memory corruption can very likley also be used to mount a remote code execution attack. The bug was introduced while changing an internal API to the FIPS required KEM API.

Only versions 2.5.13 through 2.5.16 are affected.

The Bulletin of the Atomic Scientists on Tuesday set their symbolic Doomsday Clock to 85 seconds before midnight -- the closest the timepiece has ever been to the theoretical point of annihilation since scientists created it during the Cold War in 1947. The clock now stands four seconds nearer than last year's setting, and this marks the third time in four years that the Bulletin has moved it closer to midnight. The Chicago-based nonprofit pointed to aggressive behavior by nuclear powers Russia, China and the United States, fraying nuclear arms control frameworks, ongoing conflicts in Ukraine and the Middle East, unregulated AI integration into military systems, and climate change. "In terms of nuclear risks, nothing in 2025 trended in the right direction," said Alexandra Bell, the Bulletin's president and CEO. The last remaining nuclear arms pact between the US and Russia, the New START treaty, expires on February 5.

Read more of this story at Slashdot.

GNU C Library maintainer Carlos O'Donell has announced that the project will be moving its core services away from Sourceware in favor of services hosted at the Linux Foundation.

While it was clear to the GNU Toolchain leadership that requirements were coming to improve the toolchain cyber-security posture, these requirements were not clear to all project developers. As part of receiving this feedback we have worked to document and define a secure development policy for glibc and at a higher level the GNU Toolchain. While Sourceware has started making some critical technical changes, the GNU Toolchain still faces serious, systemic concerns about securing a global, highly available service and building a sustainable, diverse sponsorship model.

This has been a long-running discussion; see this 2022 article for some background.

Amazon is closing all of its Amazon Go and Amazon Fresh physical stores in a shift to focus on its online same-day delivery service and new big-box retail stores. From a report: The e-commerce giant said Tuesday that some of its shuttered Amazon-branded brick-and-mortar stores would be converted into Whole Foods Market locations. Amazon said its branded stores failed to deliver the right economic model and distinctive customer experience necessary for large-scale expansion. Amazon's same-day delivery service for groceries is currently available in more than 5,000 U.S. cities and towns. The company said it plans to expand the service to more communities in 2026 but didn't specify where. Amazon said it planned to open over 100 new Whole Foods Market stores over the next few years.

Read more of this story at Slashdot.

OpenAI launched a dedicated team in October called OpenAI for Science, led by vice president Kevin Weil, that aims to make scientists more productive -- but Weil admitted in an interview with MIT Technology Review that the LLM cannot yet produce novel discoveries and says that's not currently the mission. UC Berkeley statistician Nikita Zhivotovskiy, who has used LLMs since the first ChatGPT, told the publication: "So far, they seem to mainly combine existing results, sometimes incorrectly, rather than produce genuinely new approaches." "I don't think models are there yet," Weil admitted. "Maybe they'll get there. I'm optimistic that they will." The models excel at surfacing forgotten solutions and finding connections across fields, but Weil says the bar for accelerating science doesn't require "Einstein-level reimagining of an entire field." GPT-5 has read substantially every paper written in the last 30 years, he says, and can bring together analogies from unrelated disciplines. That accumulation of existing knowledge -- helping scientists avoid struggling on problems already solved -- is itself an acceleration.

Read more of this story at Slashdot.

The kernel's "kfunc" mechanism is a way of exporting kernel functions so that they can be called directly from BPF programs. There are over 300 kfuncs in current kernels, ranging in functionality from string processing (bpf_strnlen()) to custom schedulers (scx_bpf_kick_cpu()) and beyond. Sometimes these kfuncs need access to context information that is not directly available to BPF programs, and which thus cannot be passed in as arguments. The implicit arguments patch set from Ihor Solodrai is the latest attempt to solve this problem.

Pinterest said on Tuesday it would trim its workforce by less than 15% and reduce office space, as the social media company looks to reallocate resources to AI-focused roles and initiatives. From a report: The announcement comes as the company competes with TikTok and Meta-owned Facebook and Instagram for digital advertising budgets, as these platforms continue to draw marketers with their extensive user base. Pinterest had 5,205 full-time employees as of September 2025. The latest job cut would translate to less than 780 positions. Top executives at the World Economic Forum's annual meeting said while jobs would disappear, new ones would spring up, with two telling Reuters that AI would be used as an excuse by companies which were planning layoffs anyway. Last week, design software maker Autodesk also announced a 7% job cut to redirect investments to its cloud platform and AI efforts.

Read more of this story at Slashdot.

Samsung said today that its Galaxy Z TriFold, the first tri-fold smartphone to ship in the U.S., will be available starting January 30 at a price point of $2,899 -- substantially more expensive than any other phone on the U.S. market, including Samsung's own $2,000 Galaxy Z Fold 7 and a fully loaded 2TB iPhone 17 Pro Max. The company will only sell the device through its website and Samsung Experience Stores; mobile carrier partners including Verizon, T-Mobile, and AT&T won't be offering it directly. The TriFold unfolds into a 10-inch tablet, measures 3.9mm at its thinnest point, and is rated for 200,000 folds over its lifetime. Samsung launched the TriFold in South Korea on December 12 at 3.59 million won, about $2,450 at the time. Early reviews have praised the expansive inner screen for video but noted the 309-gram weight, thick folded dimensions, and half-baked software as significant drawbacks.

Read more of this story at Slashdot.