RSS 생중계

Security updates have been issued by AlmaLinux (kernel and kernel-rt), Debian (node-sha.js and python-django), Fedora (chromium, cups, exiv2, perl-Catalyst-Authentication-Credential-HTTP, perl-Catalyst-Plugin-Session, perl-Plack-Middleware-Session, and qemu), Red Hat (container-tools:rhel8, podman, and udisks2), SUSE (cargo-audit, cargo-c, cargo-packaging, and kernel-devel), and Ubuntu (libcpanel-json-xs-perl, libjson-xs-perl, rubygems, sqlite3, and vim).

An anonymous reader quotes a report from Ars Technica: The companies seeking to build larger AI models have been increasingly stymied by a lack of high-quality training data. As tech firms scour the web for more data to feed their models, they could increasingly rely on potentially sensitive user data. A team at Google Research is exploring new techniques to make the resulting large language models (LLMs) less likely to 'memorize' any of that content. LLMs have non-deterministic outputs, meaning you can't exactly predict what they'll say. While the output varies even for identical inputs, models do sometimes regurgitate something from their training data -- if trained with personal data, the output could be a violation of user privacy. In the event copyrighted data makes it into training data (either accidentally or on purpose), its appearance in outputs can cause a different kind of headache for devs. Differential privacy can prevent such memorization by introducing calibrated noise during the training phase. Adding differential privacy to a model comes with drawbacks in terms of accuracy and compute requirements. No one has bothered to figure out the degree to which that alters the scaling laws of AI models until now. The team worked from the assumption that model performance would be primarily affected by the noise-batch ratio, which compares the volume of randomized noise to the size of the original training data. By running experiments with varying model sizes and noise-batch ratios, the team established a basic understanding of differential privacy scaling laws, which is a balance between the compute budget, privacy budget, and data budget. In short, more noise leads to lower-quality outputs unless offset with a higher compute budget (FLOPs) or data budget (tokens). The paper details the scaling laws for private LLMs, which could help developers find an ideal noise-batch ratio to make a model more private. The work the team has done here has led to a new Google model called VaultGemma, its first open-weight model trained with differential privacy to minimize memorization risks. It's built on the older Gemma 2 foundation and sized at 1 billion parameters, which the company says performs comparably to non-private models of similar size. It's available now from Hugging Face and Kaggle.

Read more of this story at Slashdot.

Bruce66423 shares a report from The Guardian: MI5 has conceded it "unlawfully" obtained the communications data of a former BBC journalist, in what was claimed to be an unprecedented admission from the security services. The BBC said it was a "matter of grave concern" that the agency had obtained communications data from the mobile phone of Vincent Kearney, a former BBC Northern Ireland home affairs correspondent. The admission came in a letter to the BBC and to Kearney, in relation to a tribunal examining claims that several reporters in Northern Ireland were subjected to unlawful scrutiny by the police. It related to work carried out by Kearney for a documentary into the independence of the Office of the Police Ombudsman for Northern Ireland (PONI). Kearney is now the northern editor at Irish broadcaster RTE. In documents submitted to the Investigatory Powers Tribunal (IPT), MI5 conceded it obtained phone data from Kearney on two occasions in 2006 and 2009. Jude Bunting KC, representing Kearney and the BBC, told a hearing on Monday: "The MI5 now confirms publicly that in 2006 and 2009 MI5 obtained communications data in relation to Vincent Kearney." He said the security service accepted it had breached Kearney's rights under article 8 and article 10 of the European convention on human rights. They relate to the right to private correspondence and the right to impart information without interference from public authorities. "This appears to be the first time in any tribunal proceedings in which MI5 publicly accept interference with a journalist's communications data, and also publicly accept that they acted unlawfully in doing so," Bunting said. He claimed the concessions that it accessed the journalist's data represented "serious and sustained illegality on the part of MI5." Bruce66423 comments: "The good news is that it's come out. The bad news is that it has taken 16 years to do so. The interesting question is whether there will be any meaningful consequences for individuals within MI5; there's a nice charge of 'malfeasance in public office' that can be used to get such individuals into a criminal court. Or will the outcome be like that of when the CIA hacked the US Senate's computers, lied about it, and nothing happened?"

Read more of this story at Slashdot.

Fiverr is laying off 250 employees, or about 30% of its workforce, as it restructures to become an "AI-first" company. "We are launching a transformation for Fiverr, to turn Fiverr into an AI-first company that's leaner, faster, with a modern AI-focused tech infrastructure, a smaller team, each with substantially greater productivity, and far fewer management layers," CEO Micha Kaufman said. Reuters reports: While it isn't clear what kinds of jobs will be impacted, Fiverr operates a self-service digital marketplace where freelancers can connect with businesses or individuals requiring digital services like graphic design, editing or programming. Most processes on the platform take place with minimal employee intervention as ordering, delivery and payments are automated. The company's name comes from most gigs starting at $5 initially, but as the business grew, the firm has introduced subscription services and raised the bar for service prices. Fiverr said it does not expect the job cuts to materially impact business activities across the marketplace in the near term and plans to reinvest part of the savings in the business.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: Today, OpenAI's Economic Research Team went a long way toward answering that question, on a population level, releasing a first-of-its-kind National Bureau of Economic Research working paper (in association with Harvard economist David Denning) detailing how people end up using ChatGPT across time and tasks. While other research has sought to estimate this kind of usage data using self-reported surveys, this is the first such paper with direct access to OpenAI's internal user data. As such, it gives us an unprecedented direct window into reliable usage stats for what is still the most popular application of LLMs by far. After digging through the dense 65-page paper, here are seven of the most interesting and/or surprising things we discovered about how people are using OpenAI today. Here are the seven most interesting and surprising findings from the study: 1. ChatGPT is now used by "nearly 10% of the world's adult population," up from 100 million users in early 2024 to over 700 million users in 2025. Daily traffic is about one-fifth of Google's at 2.6 billion GPT messages per day. 2. Long-term users' daily activity has plateaued since June 2025. Almost all recent growth comes from new sign-ups experimenting with ChatGPT, not from established users increasing their usage. 3. 46% of users are aged 18-25, making ChatGPT especially popular among the youngest adult cohort. Factoring in under-18 users (not counted in the study), the majority of ChatGPT users likely weren't alive in the 20th century. 4. At launch in 2022, ChatGPT was 80% male-dominated. By late 2025, the balance has shifted: 52.4% of users are now female. 5. In 2024, work vs. personal use was close to even. By mid-2025, 72% of usage is non-work related -- people are using ChatGPT more for personal, creative, and casual needs than for productivity. 6. 28% of all conversations involve writing assistance (emails, edits, translations). For work-related queries, that jumps to 42% overall, and 52% among business/management jobs. Furthermore, the report found that editing and critiquing text is more common than generating text from scratch. 7. 14.9% of work-related usage is dealt with "making decisions and solving problems." This shows people don't just use ChatGPT to do tasks -- they use it as an advisor or co-pilot to help weigh options and guide choices.

Read more of this story at Slashdot.

The FTC is investigating whether Ticketmaster is doing enough to prevent bots from illegally reselling tickets on its platform, with a decision on the matter coming within weeks, according to Bloomberg (paywalled). Reuters reports: The 2016 law prohibits the use of bots and other methods to bypass ticket purchase limits set by online sellers. As part of the probe, FTC investigators are assessing whether Ticketmaster has a financial incentive to allow resellers to circumvent its ticket limit rules, according to the report. A settlement is also possible, Bloomberg reported. If the FTC pursues a case and Live Nation loses, the company could face billions of dollars in penalties, as the law permits fines of up to $53,000 per violation.

Read more of this story at Slashdot.

A leaked Meta video revealed upcoming "Meta Ray-Ban Display" smart glasses with a monocular HUD and sEMG wristband control, set to debut at Connect 2025 for around $800. Despite past hesitation, it looks like EssilorLuxottica has agreed to co-brand after Meta invested $3.5 billion in the company, taking a 3% stake. UploadVR reports: Meta's HUD glasses with the sEMG wristband will in fact be Ray-Ban branded, a leaked video which also depicts the HUD and wristband in action reveals. A quickly removed unlisted video on Meta's YouTube channel showed what will soon be Meta and EssilorLuxottica's full lineup: - The regular Ray-Ban Meta glasses. - The recently-launched Oakley Meta HSTN glasses. - The rumored Oakley Meta Sphaera glasses, with eye protection and a centered camera. - The rumored monocular heads-up display (HUD) glasses controlled by Meta's long-in-development sEMG wristband, which are labeled as "Meta Ray-Ban" with the word "Display" underneath. The smart glasses are expected to be made official during the Meta Connect 2025 keynote at 5pm PT on Wednesday.

Read more of this story at Slashdot.

Robinhood has filed with the SEC to launch "Robinhood Ventures Fund I," a publicly traded fund designed to give retail investors access to startup shares before IPOs. TechCrunch reports: While the current version of the application is public, Robinhood hasn't filled in the fine-print yet. This means we don't know how many shares it plans to sell, nor other details like the management fee it plans to charge. It's also unclear which startups it hopes this fund will eventually hold. The paperwork says it "expects" to invest in aerospace and defense, AI, fintech, robotics as well as software for consumers and enterprises. Robinhood's big pitch is that retail investors are being left out of the gains that are amassed by startup investors like VCs. That's true to an extent. "Accredited investors" -- or those with a net worth large enough to handle riskier investments -- already have a variety of ways of buying equity in startups, such as with venture firms like OurCrowd. Retail investors that are not rich enough to be accredited have more limited options. There are funds similar to what Robinhood has proposed, including Cathy Wood's ARK Venture Fund, a mutual fund which holds stakes in companies like Anthropic, Databricks, OpenAI, SpaceX, and others. [...] This new closed-end "Ventures Fund I" is a more classic, mutual fund-style, approach. As to when Robinhood's new fund will be available we don't know that either yet.

Read more of this story at Slashdot.

An anonymous reader quotes a report from TechCrunch: Carla Rover once spent 30 minutes sobbing after having to restart a project she vibe coded. Rover has been in the industry for 15 years, mainly working as a web developer. She's now building a startup, alongside her son, that creates custom machine learning models for marketplaces. She called vibe coding a beautiful, endless cocktail napkin on which one can perpetually sketch ideas. But dealing with AI-generated code that one hopes to use in production can be "worse than babysitting," she said, as these AI models can mess up work in ways that are hard to predict. She had turned to AI coding in a need for speed with her startup, as is the promise of AI tools. "Because I needed to be quick and impressive, I took a shortcut and did not scan those files after the automated review," she said. "When I did do it manually, I found so much wrong. When I used a third-party tool, I found more. And I learned my lesson." She and her son wound up restarting their whole project -- hence the tears. "I handed it off like the copilot was an employee," she said. "It isn't." Rover is like many experienced programmers turning to AI for coding help. But such programmers are also finding themselves acting like AI babysitters -- rewriting and fact-checking the code the AI spits out. A recent report by content delivery platform company Fastly found that at least 95% of the nearly 800 developers it surveyed said they spend extra time fixing AI-generated code, with the load of such verification falling most heavily on the shoulders of senior developers. These experienced coders have discovered issues with AI-generated code ranging from hallucinating package names to deleting important information and security risks. Left unchecked, AI code can leave a product far more buggy than what humans would produce. Working with AI-generated code has become such a problem that it's given rise to a new corporate coding job known as "vibe code cleanup specialist." TechCrunch spoke to experienced coders about their time using AI-generated code about what they see as the future of vibe coding. Thoughts varied, but one thing remained certain: The technology still has a long way to go. "Using a coding co-pilot is kind of like giving a coffee pot to a smart six-year-old and saying, 'Please take this into the dining room and pour coffee for the family,'" Rover said. Can they do it? Possibly. Could they fail? Definitely. And most likely, if they do fail, they aren't going to tell you. "It doesn't make the kid less clever," she continued. "It just means you can't delegate [a task] like that completely." Further reading: The Software Engineers Paid To Fix Vibe Coded Messes

Read more of this story at Slashdot.

The Internet Archive has reached a confidential settlement with Universal Music Group and other major labels, "ending a closely watched copyright battle over the nonprofit's effort to digitize and stream historic recordings," reports the San Francisco Chronicle. From the report: The case (PDF), UMG Recordings, Inc. v. Internet Archive, targeted the Archive's Great 78 Project, an initiative to digitize more than 400,000 fragile shellac records from the early 20th century. The collection includes music by artists such as Frank Sinatra, Ella Fitzgerald and Billie Holiday, and has been made available online for free public access. Record labels including Universal, Sony Music Entertainment and Capitol Records had sought $621 million in damages, arguing the Archive's streaming of these recordings constituted copyright infringement. The Internet Archive, based in San Francisco's Richmond District, describes itself as a digital library dedicated to providing "universal access to all knowledge." Its director of library services, Chris Freeland, acknowledged the settlement in a brief statement. "The parties have reached a confidential resolution of all claims and will have no further public comment on this matter," he wrote.

Read more of this story at Slashdot.

Registration for the 2025 Linux Plumbers Conference (Tokyo, December 11 to 13) is now open. LPC tickets often sell out quickly, so it would be best not to delay if you intend to attend.

An anonymous reader quotes a report from Politico: In roughly six weeks, three California Democrats, a labor head and two ride-hailing leaders managed to pull off what would have been unthinkable just one year prior: striking a deal between labor unions and their longtime foes, tech giants Uber and Lyft. California lawmakers announced the agreement in late August, paving a path for ride-hailing drivers to unionize as labor wanted, in exchange for the state drastically reducing expensive insurance coverage mandates protested by the companies. It earned rare public support from Gov. Gavin Newsom and received final approval from state lawmakers this week. The swift speed of the negotiating underscores what was at risk: the prospect of yet another nine-figure ballot measure campaign or lengthy court battle between two deeply entrenched sides, according to interviews with five people involved in the talks. Their accounts shed new light on how the deal came together: how the talks started, who was in the room, and the lengths they went to in order to turn around such a quick proposal -- from taking video meetings while recovering from surgery to the unexpected aid of one lawmaker's newborn baby. "This was really quite fast," said Ramona Prieto, Uber's chief policy expert in Sacramento. "It wasn't like this was months of negotiating." The landmark proposal is only the second time a state has reached such a framework for Uber and Lyft drivers, after Massachusetts did so in 2024. And unlike Massachusetts, it came together without reverting to a ballot fight. California already saw its most expensive ballot measure effort to date in 2020, when Uber and Lyft spent more than $200 million backing an initiative to bar app-based workers from being classified as traditional employees, known as Proposition 22. Its passage sparked a legal challenge from labor leaders that wasn't resolved until July 2024, when California's Supreme Court affirmed the ballot measure's constitutionality. [...] But the compromise still faces hurdles ahead. A recent lawsuit has raised fresh scrutiny of how the deal came together and what truly motivated it. Further criticism from those left out of the negotiating room is putting dealmakers on the defense as they try to sell it more widely. Plus, the final deal isn't what some labor leaders hoped when they first set out to strengthen drivers' rights in 2019. [...] And while the deal allows gig workers to unionize, that doesn't guarantee the necessary 10 percent of the state's 800,000 ride-hailing drivers actually will. Many who drive for Uber and Lyft do so part-time, and labor leaders acknowledge the challenge of organizing a disparate population that doesn't have a space to meet one another.

Read more of this story at Slashdot.

404 Media: A data broker owned by the country's major airlines, including American Airlines, United and Delta, is selling access to five billion plane ticketing records to the government for warrantless searching and monitoring of peoples' movements, including by the FBI, Secret Service, ICE, and many other agencies, according to a new contract and other records reviewed by 404 Media. The contract provides new insight into the scale of the sale of passengers' data by the Airlines Reporting Corporation (ARC), the airlines-owned data broker. The contract shows ARC's data includes information related to more than 270 carriers and is sourced through more than 12,800 travel agencies. ARC has previously told the government to not reveal to the public where this passenger data came from, which includes peoples' names, full flight itineraries, and financial details. "Americans' privacy rights shouldn't depend on whether they bought their tickets directly from the airline or via a travel agency. ARC's sale of data to U.S. government agencies is yet another example of why Congress needs to close the data broker loophole by passing my bipartisan bill, the Fourth Amendment Is Not For Sale Act," Senator Ron Wyden told 404 Media in a statement.

Read more of this story at Slashdot.

Treasury Secretary Scott Bessent announced that the U.S. and China have reached a tentative "framework" agreement on TikTok's U.S. operations, with Presidents Trump and Xi set to finalize details Friday. "It's between two private parties, but the commercial terms have been agreed upon," he said. The update comes two days before TikTok parent company ByteDance faces a Sept. 17 deadline to divest the platform's U.S. business or potentially be shut down in the country. The deadline may need to be pushed back yet again to get the deal signed. CNBC reports: Both President Donald Trump and Chinese President Xi Jinping will meet Friday to discuss the terms. Trump also said in a Truth Social post Monday that a deal was reached "on a 'certain' company that young people in our Country very much wanted to save." Bessent indicated the framework could pivot the platform to U.S.-controlled ownership. China's lead trade negotiator, Li Chenggang, confirmed the framework deal was in place and said the U.S. should not continue to suppress Chinese companies, according to Reuters.

Read more of this story at Slashdot.

Microsoft is adding the free Microsoft 365 Copilot Chat and agents to Office apps for all Microsoft 365 business users today. From a report: Word, Excel, PowerPoint, Outlook, and OneNote are all being updated with a Copilot Chat sidebar that will help draft documents, analyze spreadsheets, and more without needing an additional Microsoft 365 Copilot license. "Copilot Chat is secure AI chat grounded in the web -- and now, it's available in the Microsoft 365 apps," explains Seth Patton, general Manager of Microsoft 365 Copilot product marketing. "It's content aware, meaning it quickly understands what you're working on, tailoring answers to the file you have open. And it's included at no additional cost for Microsoft 365 users." While this free version of Copilot will rewrite documents, provide summaries, and help create slides in PowerPoint, the $30 per month, per user Microsoft 365 Copilot license will still have the best integration in Office apps. The Microsoft 365 Copilot license is also not limited to a single document, and can reason over entire work data.

Read more of this story at Slashdot.

Lead times for high-capacity hard drives have exceeded 52 weeks as AI workloads drive unprecedented demand for warm storage that sits between fast SSDs and offline tape archives, according to TrendForce. Western Digital notified customers of price increases across its entire hard drive portfolio citing demand for "every capacity" in its product line. The shortage stems from AI infrastructure requirements including training datasets, model checkpoints and inference logs that consume petabytes of storage space. These files are too large for primary SSD storage but must remain accessible for quick retrieval. Hard drive manufacturers have not significantly expanded production capacity in approximately a decade. Cloud service providers are evaluating QLC SSDs for cold data storage despite costs remaining four to five times higher per gigabyte than mechanical drives. Memory suppliers are developing SSD products specifically for this intermediate storage tier.

Read more of this story at Slashdot.

President Donald Trump called Monday for companies to report earnings every six months instead of quarterly. Trump posted on social media that semi-annual reporting would save money and let managers focus on running companies. The SEC mandated quarterly reports in 1970. Trump made similar comments in 2018 that prompted SEC public comment but no regulatory changes. Critics argue quarterly reporting increases costs and encourages short-term thinking. Supporters say frequent disclosures maintain investor trust and reduce market manipulation risks. Further reading: The Renewed Bid To End Quarterly Earnings Reports.

Read more of this story at Slashdot.

Brooke Deuson is the developer behind Trafficking Free Tomorrow, a nonprofit organization that produces free software to help law enforcement combat human trafficking. She is a survivor of human trafficking herself. She spoke at RustConf 2025 about her mission, and why she chose to write her anti-trafficking software in Rust. Interestingly, it has nothing to do with Rust's lifetime-analysis-based memory-safety — instead, her choice was motivated by the difficulty she faces getting police departments to actually use her software. The fact that Rust is statically linked and capable of cross compilation by default makes deploying Rust software in those environments easier.

Toxic fumes from jet engines are leaking into aircraft cabins at an accelerating rate, reaching 108 incidents per million departures in 2024 compared to 12 in 2014, a Wall Street Journal investigation found. The fumes contain neurotoxins and carbon monoxide that have caused brain injuries in crew members. JetBlue flight attendant Florence Chesson suffered permanent neurological damage after inhaling engine oil vapors in 2018, diagnosed by neurologists as equivalent to an NFL linebacker's concussion. The surge is driven by Airbus A320 aircraft, particularly the A320neo model introduced in 2016. WSJ reports Airbus loosened maintenance requirements under airline pressure despite knowing the changes would increase incidents. The FAA received over 700 fume event reports from major U.S. airlines in 2024. Most commercial jets except Boeing's 787 use a "bleed air" system that pulls cabin air through engines.

Read more of this story at Slashdot.

A third of UK employers are using "bossware" technology to track workers' activity with the most common methods including monitoring emails and web browsing. From a report: Private companies are most likely to deploy in-work surveillance and one in seven employers are recording or reviewing screen activity, according to a UK-wide survey that estimates the extent of office snooping. The findings, shared with the Guardian by the Chartered Management Institute (CMI), are based on responses from hundreds of UK managers and suggest there has been a recent growth in computerised work surveillance. In 2023, less than a fifth of people thought they were being monitored by an employer, the Information Commissioner's Office (ICO) found. The finding that about a third of managers report their organisations are monitoring workers' online activities on employer-owned devices is probably an underestimate, as roughly the same proportion said they don't know what tracking their organisations do. Many monitoring systems are aimed at preventing insider threats and safeguarding sensitive information as well as detecting productivity dips. But the trend appears to be causing unease. A large minority of managers are opposed to the practice, saying it undermines trust with staff and invades their personal privacy, the CMI found.

Read more of this story at Slashdot.