Tech News

Brake Pad Dust Can Be More Toxic Than Exhaust Emissions, Study Says

technology - Posted On:2025-02-14 22:45:01 Source: slashdot

Bruce66423 shares a report from The Guardian: Microscopic particles emitted from brake pads can be more toxic than those emitted in diesel vehicle exhaust, a study has found. This research shows that even with a move to electric vehicles, pollution from cars may not be able to be eradicated. The researchers found that a higher concentration of copper in some commonly used brake pads was associated with increased harmful effects on sensitive cells from people's lungs, as a result of particles being breathed in. Exposure to pollution generated by cars, vans and lorries has been previously been linked to an increased risk of lung and heart disease. While past attention has mainly concentrated on exhaust emissions, particles are also released into the air from tyre, road and brake pad wear. These emissions are largely unregulated by legislation and the study found that these �oenon-exhaust� pollution sources are now responsible for the majority of vehicle particulate matter emissions in the UK and parts of Europe, with brake dust the main contributor among them. [...] The scientists examined the effects on lung health of particulate matter from four different types of brake pad with differing chemical compositions; low metallic, semi-metallic, non-asbestos organic and hybrid-ceramic. Results showed that of the four types of brake pads, non-asbestos organic pads were the most potent at inducing inflammation and other markers of toxicity, and were found to be more toxic to human lung cells than diesel exhaust particles. Ceramic pads were the second most toxic. Dr. Ian Mudway, senior lecturer at the school of public health at Imperial College London, cautioned that while the research on brake pad emissions appears sound, it is premature to conclude they are worse than diesel exhaust due to "uncontrolled variables" like brake disc types and particle composition. Slashdot reader Bruce66423 also notes it "doesn't discuss the significance of regenerative breaking, which is a feature of at least some electric cars [that reduces brake pad wear by using the electric motor to slow down the vehicle and recover energy]." The research has been published in the journal Particle and Fibre Technology. Read more of this story at Slashdot.

Read More

Final Fantasy iOS Game Shuts Down Over Unfixable Bug

it - Posted On:2025-02-14 18:00:01 Source: slashdot

The Verge's Jay Peters reports: Square Enix has shut down the iOS version of Final Fantasy Crystal Chronicles and removed it from the App Store following an unfixable bug that blocked people from accessing content they had paid for. [...] The company says that if you made in-app purchases in January 2024 or later, you're eligible to request a refund by contacting Apple Support. Square Enix says that Final Fantasy Crystal Chronicles will continue to be supported on other platforms. The game is also available on Android, PlayStation, and Nintendo Switch. "The issue is due to changes made to the in-app purchases model," Square Enix says in a post. "Further investigation revealed that we are unable to completely fix the bug and implement the new changes, making it unlikely to resume service for the game." Square Enix says it started receiving reports on January 24th about the issue, which "extends to the full paid version of the game." Read more of this story at Slashdot.

Read More

Meta To Build World's Longest Undersea Cable

technology - Posted On:2025-02-14 16:30:00 Source: slashdot

Meta unveiled on Friday Project Waterworth, a 50,000-kilometer subsea cable network that will be the world's longest such system. The multi-billion dollar project will connect the U.S., Brazil, India, South Africa, and other key regions. The system utilizes 24 fiber pairs and introduces what Meta describes as "first-of-its-kind routing" that maximizes cable placement in deep water at depths up to 7,000 meters. The company developed new burial techniques for high-risk areas near coasts to protect against ship anchors and other hazards. A joint statement from President Trump and Prime Minister Modi confirmed India's role in maintaining and financing portions of the undersea cables in the Indian Ocean using "trusted vendors." According to telecom analysts Telegeography, Meta currently has ownership stakes in 16 subsea networks, including the 2Africa cable system that encircles the African continent. This new project would be Meta's first wholly owned global cable system. Read more of this story at Slashdot.

Read More

Reddit Plans To Lock Some Content Behind a Paywall This Year, CEO Says

technology - Posted On:2025-02-14 12:00:01 Source: slashdot

An anonymous reader shares a report: Reddit is planning to introduce a paywall this year, CEO Steve Huffman said during a videotaped Ask Me Anything (AMA) session on Thursday. Huffman previously showed interest in potentially introducing a new type of subreddit with "exclusive content or private areas" that Reddit users would pay to access. When asked this week about plans for some Redditors to create "content that only paid members can see," Huffman said: "It's a work in progress right now, so that one's coming... We're working on it as we speak." When asked about "new, key features that you plan to roll out for Reddit in 2025," Huffman responded, in part: "Paid subreddits, yes." Read more of this story at Slashdot.

Read More

AI Licensing Deals With Google and OpenAI Make Up 10% of Reddit's Revenue

technology - Posted On:2025-02-13 19:30:00 Source: slashdot

Reddit's recent earnings report revealed that AI licensing deals with Google and OpenAI account for about 10% of its $1.3 billion revenue, totaling approximately $130 million. With Google paying $60 million, OpenAI is estimated to be paying Reddit around $70 million annually for content licensing. Adweek reports: "It's a small part of our revenue -- I'll call it 10%. For a business of our size, that's material, because it's valuable revenue," [said the company's COO Jen Wong]. The social platform -- which on Wednesday reported a 71% year-over-year lift in fourth-quarter revenue -- has been "very thoughtful" about the AI developers it chooses to work with, Wong said. To date, the company has inked two content licensing deals: one with Google for a reported $60 million, and one with ChatGPT parent OpenAI. Reddit has elected to work only with partners who can agree to "specific terms ... that are really important to us." These terms include user privacy protections and conditions regarding "how [Reddit is] represented," Wong said. While licensing agreements with AI firms offer a valuable business opportunity for Reddit, advertising remains the company's core revenue driver. Much of Reddit's $427.7 million Q4 revenues were generated by the ongoing expansion of its advertising business. And its ad revenue as a whole grew 60% YoY, underscoring the platform's growing appeal to brands. [...] Helping to accelerate ad revenue growth is Reddit's rising traffic. While Reddit's Q4 user growth came in under Wall Street projections, causing shares to dip, its weekly active uniques grew 42% YoY to over 379 million visitors. Average revenue per unique visitor was $4.21 during the quarter, up 23% from the prior year. While Google is "nicely reinforcing" Reddit's growth in traffic, Wong said, she added that the site's logged-in users, which have grown 27% year-over-year, are "the bedrock of our business." Read more of this story at Slashdot.

Read More

Nearly a Year Later, Mozilla Is Still Promoting OneRep

technology - Posted On:2025-02-13 17:30:00 Source: slashdot

An anonymous reader quotes a report from KrebsOnSecurity: In mid-March 2024, KrebsOnSecurity revealed that the founder of the personal data removal service Onerep also founded dozens of people-search companies. Shortly after that investigation was published, Mozilla said it would stop bundling Onerep with the Firefox browser and wind down its partnership with the company. But nearly a year later, Mozilla is still promoting it to Firefox users. [Using OneRep is problematic because its founder, Dimitri Shelest, also created and maintained ownership (PDF) in multiple people-search and data broker services, including Nuwber, which contradicts OneRep's stated mission of protecting personal online security. Additionally, OneRep appears to have ties with Radaris, a people-search service known for ignoring or failing to honor opt-out requests, raising concerns about the true intentions and effectiveness of OneRep's data removal service.] In October 2024, Mozilla published a statement saying the search for a different provider was taking longer than anticipated. "While we continue to evaluate vendors, finding a technically excellent and values-aligned partner takes time," Mozilla wrote. "While we continue this search, Onerep will remain the backend provider, ensuring that we can maintain uninterrupted services while we continue evaluating new potential partners that align more closely with Mozilla's values and user expectations. We are conducting thorough diligence to find the right vendor." Asked for an update, Mozilla said the search for a replacement partner continues. "The work's ongoing but we haven't found the right alternative yet," Mozilla said in an emailed statement. "Our customers' data remains safe, and since the product provides a lot of value to our subscribers, we'll continue to offer it during this process." It's a win-win for Mozilla that they've received accolades for their principled response while continuing to partner with Onerep almost a year later. But if it takes so long to find a suitable replacement, what does that say about the personal data removal industry itself? Read more of this story at Slashdot.

Read More

Is It Time For a Change In GNOME Leadership?

technology - Posted On:2025-02-13 08:15:00 Source: slashdot

Longtime Slashdot reader BrendaEM writes: Command-line aside, Cinnamon is the most effective keeper of the Linux desktop flame -- by not abandoning desktop and laptop computers. Yes, there are other desktop GUIs, such as MATE, and the lightweight Xfce, which are valuable options when low overhead is important, such as in LinuxCNC. However, among the general public lies a great expanse of office workers who need a full-featured Linux desktop. The programmers who work on GNOME and its family of supporting applications enrich many other desktops do their more than their share. These faithful developers deserve better user-interface leadership. GNOME has tried to steer itself into tablet waters, which is admirable, but GNOME 3.x diminished the desktop experience for both laptop and desktop users. For instance, the moment you design what should be a graphical user interface with words such as "Activities," you ask people to change horses midstream. That is not to say that the command line and GUI cannot coexist -- because they can, as they do in many CAD programs. I remember a time when GNOME ruled the Linux desktop -- and I can remember when GNOME left those users behind. Perhaps in a future, GNOME could return to the Linux desktop and join forces with Cinnamon -- so that we may once again have the year of the Linux desktop. Read more of this story at Slashdot.

Read More

The Future of GPLv3 Hangs In the Balance

technology - Posted On:2025-02-13 07:15:00 Source: slashdot

New submitter jms00 writes: A years-long legal battle has quietly escalated into what could become the defining moment for the future of GPLv3, with implications that could reshape software freedom as we know it. At issue is whether licensors have the power to impose 'further restrictions' on open-source software, potentially undermining the explicit rights granted to users and developers under AGPLv3, GPLv3, and LGPLv3. The outcome of this case, now before the U.S. Court of Appeals for the Ninth Circuit, could set a dangerous precedent, limiting the ability to remove proprietary restrictions from copyleft-licensed software. With little public attention on the case, the Software Freedom Conservancy (SFC) has stepped up as a key voice in defense of user rights, filing a critical amicus brief to challenge the lower court's ruling and protect the principles of software freedom. Read more of this story at Slashdot.

Read More

After Copilot Trial, Government Staff Rated Microsoft's AI Less Useful Than Expected

it - Posted On:2025-02-13 05:15:00 Source: slashdot

An anonymous reader shares a report: Australia's Department of the Treasury has found that Microsoft's Copilot can easily deliver return on investment, but staff exposed to the AI assistant came away from the experience less confident it will help them at work. The Department conducted a 14-week trial of Microsoft 365 Copilot during 2024 and asked for volunteers to participate. 218 put up their hands and then submitted to surveys about their experiences using Microsoft's AI helpers. Those surveys are the basis of an evaluation report published on Tuesday. The report reveals that after the trial participants rated Copilot less useful than they hoped it would be, as it was applicable to fewer workloads than they hoped would be the case. Workers' views on Copilot's ability to improve their work also fell. Usage of Copilot was lower than expected, with most participants using it two or three times a week, or less. reported using Copilot 2-3 times per week or less. Treasury thinks it probably set unrealistically high expectations before the trial, and noted that participants often suggested extra training would be valuable. Read more of this story at Slashdot.

Read More

OpenAI Cancels Its o3 AI Model In Favor of a 'Unified' Next-Gen Release

technology - Posted On:2025-02-12 17:00:00 Source: slashdot

OpenAI has canceled the release of o3 in favor of a "simplified" product lineup. CEO Sam Altman said in a post on X that, in the coming months, OpenAI will release a model called GPT-5 that "integrates a lot of [OpenAI's] technology," including o3. TechCrunch reports: The company originally said in December that it planned to launch o3 sometime early this year. Just a few weeks ago, Kevin Weil, OpenAI's chief product officer, said in an interview that o3 was on track for a "February-March" launch. "We want to do a better job of sharing our intended roadmap, and a much better job simplifying our product offerings," Altman wrote in the post. "We want AI to 'just work' for you; we realize how complicated our model and product offerings have gotten. We hate the model picker [in ChatGPT] as much as you do and want to return to magic unified intelligence." Altman also announced that OpenAI plans to offer unlimited chat access to GPT-5 at the "standard intelligence setting," subject to "abuse thresholds," once the model is generally available. (Altman declined to provide more detail on what this setting -- and these abuse thresholds -- entail.) Subscribers to ChatGPT Plus will be able to run GPT-5 at a "higher level of intelligence," Altman said, while ChatGPT Pro subscribers will be able to run GPT-5 at an "even higher level of intelligence." "These models will incorporate voice, canvas, search, deep research, and more," Altman said, referring to a range of features OpenAI has launched in ChatGPT over the past few months. "[A] top goal for us is to unify [our] models by creating systems that can use all our tools, know when to think for a long time or not, and generally be useful for a very wide range of tasks." Before GPT-5 launches, OpenAI plans to release its GPT-4.5 model, code-named "Orion," in the next several weeks, according to Altman's post on X. Altman says this will be the company's last "non-chain-of-thought model." Unlike o3 and OpenAI's other so-called reasoning models, non-chain-of-thought models tend to be less reliable in domains like math and physics. Read more of this story at Slashdot.

Read More

Google Will Use Machine Learning To Estimate a User's Age

technology - Posted On:2025-02-12 12:45:00 Source: slashdot

Google will soon use machine learning to estimate the age of its users. From a report: In an update on Wednesday, Google said it's testing a machine learning model in the US to help determine whether someone is under 18, allowing it to "provide more age-appropriate experiences" across its platforms. The age estimation model will use existing data about users, including the sites they visit, what kinds of videos they watch on YouTube, and how long they've had an account to determine their age. Read more of this story at Slashdot.

Read More

Google Fixes Flaw That Could Unmask YouTube Users' Email Addresses

technology - Posted On:2025-02-12 10:00:01 Source: slashdot

An anonymous reader shares a report: Google has fixed two vulnerabilities that, when chained together, could expose the email addresses of YouTube accounts, causing a massive privacy breach for those using the site anonymously. The flaws were discovered by security researchers Brutecat (brutecat.com) and Nathan (schizo.org), who found that YouTube and Pixel Recorder APIs could be used to obtain user's Google Gaia IDs and convert them into their email addresses. The ability to convert a YouTube channel into an owner's email address is a significant privacy risk to content creators, whistleblowers, and activists relying on being anonymous online. Read more of this story at Slashdot.

Read More

Ex-Google Chief Warns West To Focus On Open-Source AI in Competition With China

technology - Posted On:2025-02-12 09:15:00 Source: slashdot

Former Google chief Eric Schmidt has warned that western countries need to focus on building open-source AI models or risk losing out to China in the global race to develop the cutting-edge technology. From a report: The warning comes after Chinese startup DeepSeek shocked the world last month with the launch of R1, its powerful-reasoning open large language model, which was built in a more efficient way than its US rivals such as OpenAI. Schmidt, who has become a significant tech investor and philanthropist, said the majority of the top US LLMs are closed -- meaning not freely accessible to all -- which includes Google's Gemini, Anthropic's Claude and OpenAI's GPT-4, with the exception being Meta's Llama. "If we don't do something about that, China will ultimately become the open-source leader and the rest of the world will become closed-source," Schmidt told the Financial Times. The billionaire said a failure to invest in open-source technologies would prevent scientific discovery from happening in western universities, which might not be able to afford costly closed models. Read more of this story at Slashdot.

Read More

New Hack Uses Prompt Injection To Corrupt Gemini's Long-Term Memory

it - Posted On:2025-02-11 22:45:00 Source: slashdot

An anonymous reader quotes a report from Ars Technica: On Monday, researcher Johann Rehberger demonstrated a new way to override prompt injection defenses Google developers have built into Gemini -- specifically, defenses that restrict the invocation of Google Workspace or other sensitive tools when processing untrusted data, such as incoming emails or shared documents. The result of Rehberger's attack is the permanent planting of long-term memories that will be present in all future sessions, opening the potential for the chatbot to act on false information or instructions in perpetuity. [...] The hack Rehberger presented on Monday combines some of these same elements to plant false memories in Gemini Advanced, a premium version of the Google chatbot available through a paid subscription. The researcher described the flow of the new attack as: 1. A user uploads and asks Gemini to summarize a document (this document could come from anywhere and has to be considered untrusted). 2. The document contains hidden instructions that manipulate the summarization process. 3. The summary that Gemini creates includes a covert request to save specific user data if the user responds with certain trigger words (e.g., "yes," "sure," or "no"). 4. If the user replies with the trigger word, Gemini is tricked, and it saves the attacker's chosen information to long-term memory. As the following video shows, Gemini took the bait and now permanently "remembers" the user being a 102-year-old flat earther who believes they inhabit the dystopic simulated world portrayed in The Matrix. Based on lessons learned previously, developers had already trained Gemini to resist indirect prompts instructing it to make changes to an account's long-term memories without explicit directions from the user. By introducing a condition to the instruction that it be performed only after the user says or does some variable X, which they were likely to take anyway, Rehberger easily cleared that safety barrier. Google responded in a statement to Ars: "In this instance, the probability was low because it relied on phishing or otherwise tricking the user into summarizing a malicious document and then invoking the material injected by the attacker. The impact was low because the Gemini memory functionality has limited impact on a user session. As this was not a scalable, specific vector of abuse, we ended up at Low/Low. As always, we appreciate the researcher reaching out to us and reporting this issue." Rehberger noted that Gemini notifies users of new long-term memory entries, allowing them to detect and remove unauthorized additions. Though, he still questioned Google's assessment, writing: "Memory corruption in computers is pretty bad, and I think the same applies here to LLMs apps. Like the AI might not show a user certain info or not talk about certain things or feed the user misinformation, etc. The good thing is that the memory updates don't happen entirely silently -- the user at least sees a message about it (although many might ignore)." Read more of this story at Slashdot.

Read More

KDE Plasma 6.3 Released

technology - Posted On:2025-02-11 19:30:00 Source: slashdot

Today, the KDE Project announced the release of KDE Plasma 6.3, featuring improved fractional scaling, enhanced Night Light color accuracy, better CPU usage monitoring, and various UI and security refinements. Some of the key features of Plasma 6.3 include: - Improved fractional scaling with KWin to lead to an all-around better desktop experience with fractional scaling as well as when making use of KWin's zoom effect. - Screen colors are more accurate with the KDE Night Light feature. - CPU usage monitoring within the KDE System Monitor is now more accurate and consuming fewer CPU resources. - KDE will now present a notification when the kernel terminated an app because the system ran out of memory. - Various improvements to the Discover app, including a security enhancement around sandboxed apps. - The drawing tablet area of KDE System Settings has been overhauled with new features and refinements. - Many other enhancements and fixes throughout KDE Plasma 6.3. You can read the announcement here. Read more of this story at Slashdot.

Read More

Tumblr To Join the Fediverse After WordPress Migration Completes

technology - Posted On:2025-02-11 19:00:00 Source: slashdot

An anonymous reader quotes a report from TechCrunch: Since 2022, blogging site Tumblr has been teasing its plans to integrate with the fediverse -- the open social web powered by the protocol ActivityPub also used by Mastodon, Threads, Flipboard, and others. Now, the Automattic-owned blogging platform is sharing more information about when and how that integration could actually happen. As it turns out, the current plan to tie Tumblr into the open social web will come about by way of the site's planned move to the WordPress infrastructure. Automattic confirmed to TechCrunch that when the migration is complete, every Tumblr user will be able to federate their blog via ActivityPub, just as every WordPress.com user can today. The company noted that the migration could also allow for other open web integrations, like giving Tumblr users a way to run other custom plug-ins or themes. Last summer, Automattic announced it would move its half a billion blogs to WordPress, to make it easier for the company to build tools and features that worked across both services, while also allowing Tumblr to take advantage of the open source developments from WordPress.org. Though the WordPress community itself is in a state of upheaval, ultimately running Tumblr's back end on WordPress would allow for greater efficiencies, while not changing the interface and experience that Tumblr's user base has grown to love. Automattic declined to share a time frame as to when the migration would be complete, given its scale, but a rep for the company called the progress so far "exciting." Automattic didn't say if it would consider integrating with the AT Protocol that powers Bluesky. Read more of this story at Slashdot.

Read More

AUKUS Blasts Holes In LockBit's Bulletproof Hosting Provider

it - Posted On:2025-02-11 17:30:00 Source: slashdot

The US, UK, and Australia (AUKUS) have sanctioned Russian bulletproof hosting provider Zservers, accusing it of supporting LockBit ransomware operations by providing secure infrastructure for cybercriminals. The sanctions target Zservers, its UK front company XHOST Internet Solutions, and six individuals linked to its operations. The Register reports: Headquartered in Barnaul, Russia, Zservers provided BPH services to a number of LockBit affiliates, the three nations said today. On numerous occasions, affiliates purchased servers from the company to support ransomware attacks. The trio said the link between Zservers and LockBit was established as early as 2022, when Canadian law enforcement searched a known LockBit affiliate and found evidence they had purchased infrastructure tooling almost certainly used to host chatrooms with ransomware victims. "Ransomware actors and other cybercriminals rely on third-party network service providers like Zservers to enable their attacks on US and international critical infrastructure," said Bradley T Smith, acting under secretary of the Treasury for terrorism and financial intelligence. "Today's trilateral action with Australia and the United Kingdom underscores our collective resolve to disrupt all aspects of this criminal ecosystem, wherever located, to protect our national security." The UK's Foreign, Commonwealth & Development Office (FCDO) said additionally that the UK front company for Zservers, XHOST Internet Solutions, was also included in its sanctions list. According to Companies House, the UK arm was incorporated on January 31, 2022, although the original service was established in 2011 and operated in both Russia and the Netherlands. Anyone found to have business dealings with either entity can face criminal and civil charges under the Sanctions and Anti-Money Laundering Act 2018. The UK led the way with sanctions, placing six individuals and the two entities on its list, while the US only placed two of the individuals -- both alleged Zservers admins -- on its equivalent. Alexander Igorevich Mishin and Aleksandr Sergeyevich Bolshakov, both 30 years old, were named by the US as the operation's heads. Mishin was said to have marketed Zservers to LockBit and other ransomware groups, managing the associated cryptocurrency transactions. Both he and Bolshakov responded to a complaint from a Lebanese company in 2023 and shut down an IP address used in a LockBit attack. The US said, however, it was possible that the pair set up a replacement IP address that LockBit could carry on using, while telling the Lebanese company that they complied with its request. The UK further sanctioned Ilya Vladimirovich Sidorov, Dmitry Konstantinovich Bolshakov (no mention of whether he is any relation to Aleksandr), Igor Vladimirovich Odintsov, and Vladimir Vladimirovich Ananev. Other than that they were Zservers employees and thus were directly or indirectly involved in attempting to inflict economic loss to the country, not much was said about either of their roles. Read more of this story at Slashdot.

Read More

Anduril To Take Over Managing Microsoft Goggles for US Army

technology - Posted On:2025-02-11 16:00:00 Source: slashdot

Anduril will take over management and eventual manufacturing of the U.S. Army's Integrated Visual Augmentation System (IVAS) from Microsoft, a significant shift in one of the military's most ambitious augmented reality projects. The deal, which requires Army approval, could be worth over $20 billion in the next decade if all options are exercised, according to Bloomberg. The IVAS system, based on Microsoft's HoloLens mixed reality platform, aims to equip soldiers with advanced capabilities including night vision and airborne threat detection. Under the new arrangement, Microsoft will transition to providing cloud computing and AI infrastructure, while Anduril assumes control of hardware production and software development. The Army has planned orders for up to 121,000 units, though full production hinges on passing combat testing this year. The program has faced technical hurdles, with early prototypes causing headaches and nausea among soldiers. The current slimmer version has received better feedback, though cost remains a concern - the Army indicated the $80,000 per-unit price needs to "be substantially less" to justify large-scale procurement. Anduril founder Palmer Luckey, writing in a blog post: This move has been so many years in the making, over a decade of hacking and scheming and dreaming and building with exactly this specific outcome clearly visualized in my mind's eye. I can hardly believe I managed to pull it off. Everything I've done in my career -- building Oculus out of a camper trailer, shipping VR to millions of consumers, getting run out of Silicon Valley by backstabbing snakes, betting that Anduril could tear people out of the bigtech megacorp matrix and put them to work on our nation's most important problems -- has led to this moment. IVAS isn't just another product, it is a once-in-a-generation opportunity to redefine how technology supports those who serve. We have a shot to prove that this long-standing dream is no windmill, that this can expand far beyond one company or one headset and act as a a nexus for the best of the best to set a new standard for how a large collection of companies can work together to solve our nation's most important problems. Read more of this story at Slashdot.

Read More

Google Chrome May Soon Use 'AI' To Replace Compromised Passwords

it - Posted On:2025-02-11 15:30:00 Source: slashdot

Google's Chrome browser might soon get a useful security upgrade: detecting passwords used in data breaches and then generating and storing a better replacement. From a report: Google's preliminary copy suggests it's an "AI innovation," though exactly how is unclear. Noted software digger Leopeva64 on X found a new offering in the AI settings of a very early build of Chrome. The option, "Automated password Change" (so, early stages -- as to not yet get a copyedit), is described as, "When Chrome finds one of your passwords in a data breach, it can offer to change your password for you when you sign in." Chrome already has a feature that warns users if the passwords they enter have been identified in a breach and will prompt them to change it. As noted by Windows Report, the change is that now Google will offer to change it for you on the spot rather than simply prompting you to handle that elsewhere. The password is automatically saved in Google's Password Manager and "is encrypted and never seen by anyone," the settings page claims. Read more of this story at Slashdot.

Read More

Hackers Call Current AI Security Testing 'Bullshit'

it - Posted On:2025-02-11 14:15:01 Source: slashdot

Leading cybersecurity researchers at DEF CON, the world's largest hacker conference, have warned that current methods for securing AI systems are fundamentally flawed and require a complete rethink, according to the conference's inaugural "Hackers' Almanack" report [PDF]. The report, produced with the University of Chicago's Cyber Policy Initiative, challenges the effectiveness of "red teaming" -- where security experts probe AI systems for vulnerabilities -- saying this approach alone cannot adequately protect against emerging threats. "Public red teaming an AI model is not possible because documentation for what these models are supposed to even do is fragmented and the evaluations we include in the documentation are inadequate," said Sven Cattell, who leads DEF CON's AI Village. Nearly 500 participants tested AI models at the conference, with even newcomers successfully finding vulnerabilities. The researchers called for adopting frameworks similar to the Common Vulnerabilities and Exposures (CVE) system used in traditional cybersecurity since 1999. This would create standardized ways to document and address AI vulnerabilities, rather than relying on occasional security audits. Read more of this story at Slashdot.

Read More