Technology

The San Francisco City Attorney's office is suing 16 of the most frequently visited AI-powered "undressing" websites, often used to create nude deepfakes of women and girls without their consent. From a report: The landmark lawsuit, announced at a press conference by City Attorney David Chiu, says that the targeted websites were collectively visited over 200 million times in the first six months of 2024 alone. The offending websites allow users to upload images of real, fully clothed people, which are then digitally "undressed" with AI tools that simulate nudity. One of these websites, which wasn't identified within the complaint, reportedly advertises: "Imagine wasting time taking her out on dates, when you can just use [the redacted website] to get her nudes."

Read more of this story at Slashdot.

America's top colleges and finance-industry recruiters have long had their eye on teenage whiz-kids who compete in a prestigious high-school math contest. Now, allegations of cheating are threatening to disrupt it. WSJ: Online leaks of tests for the country's best-known math contest -- the 74-year-old American Mathematics Competition -- are upsetting students who have spent years preparing for the exams. Ahead of the coming school year and test season, angry parents and math coaches have pushed the contest's administrator to tighten controls. The incident is the latest byproduct of a high-pressure college-admissions race that can lead students to look for any edge to get ahead. [...] As early as elementary school, students interested in flexing their math knowledge beyond what is taught in school can participate in math clubs and competitions. Each year, more than 300,000 students through high school participate in the AMC's first round of multiple-choice tests. Several thousand top performers are invited to sit for a higher-level test, and from there, around 600 compete in national "math olympiads." The top six math students in the nation then represent the U.S. internationally; the U.S. won its ninth International Mathematical Olympiad title this summer. Murmurs about cheating in the AMC have circulated for a few years, participants say, but reached critical levels during the past school year. The entirety of exams at each level of the competition were available online hours or days before students sat for the tests, a spokeswoman for the Mathematical Association of America confirmed. Testing sites in the U.S. and abroad receive the questions online early to give proctors time to print them out for the in-person exams.

Read more of this story at Slashdot.

Security researcher Bill Demirkapi unveiled a massive trove of leaked developer secrets and website vulnerabilities at the Defcon conference in Las Vegas. Using unconventional data sources, Demirkapi identified over 15,000 exposed secrets, including credentials for Nebraska's Supreme Court IT systems and Stanford University's Slack channels. The researcher also discovered 66,000 websites with dangling subdomain issues, making them vulnerable to attacks. Among the affected sites was a New York Times development domain. Demirkapi's tack involved scanning VirusTotal's database and passive DNS replication data to identify vulnerabilities at scale. He developed an automated method to revoke exposed secrets, working with companies like OpenAI to implement self-service deactivation of compromised API keys.

Read more of this story at Slashdot.

An anonymous reader shares a report: California's bill to prevent AI disasters, SB 1047, has faced significant opposition from many parties in Silicon Valley. California lawmakers bent slightly to that pressure Thursday, adding in several amendments suggested by AI firm Anthropic and other opponents. On Thursday the bill passed through California's Appropriations Committee, a major step toward becoming law, with several key changes, Senator Wiener's office told TechCrunch. [...] SB 1047 still aims to prevent large AI systems from killing lots of people, or causing cybersecurity events that cost over $500 million, by holding developers liable. However, the bill now grants California's government less power to hold AI labs to account. Most notably, the bill no longer allows California's attorney general to sue AI companies for negligent safety practices before a catastrophic event has occurred. This was a suggestion from Anthropic. Instead, California's attorney general can seek injunctive relief, requesting a company to cease a certain operation it finds dangerous, and can still sue an AI developer if its model does cause a catastrophic event.

Read more of this story at Slashdot.

NASA chief Bill Nelson didn't mince words about the agency's budget crunch. "You can't put 10 pounds of potatoes in a five-pound sack," he told ArsTechnica in an interview, addressing $4.7 billion in cuts over two years. To scientists fretting over axed missions, Nelson offered a frank "I feel your pain." The Mars Sample Return's ballooning $11 billion price tag and 2040 timeline forced a reset. "We pulled the plug," Nelson admitted, but he's banking on cheaper, creative alternatives emerging by year's end. The moon rover Viper got the chop too, blowing its budget by 40%. "There comes a limit," Nelson said, defending the tough call. Viper lunar rover project was "running 40 percent over budget." He defended these decisions as necessary given the $2 billion cut to science funding alone. The cuts stem from the Fiscal Responsibility Act. Nelson expressed hope for a "reprieve" in fiscal year 2026, but noted uncertainty due to another looming debt ceiling issue.

Read more of this story at Slashdot.

An anonymous reader shares a report: Google now displays convenient AI-based answers at the top of its search pages -- meaning users may never click through to the websites whose data is being used to power those results. But many site owners say they can't afford to block Google's AI from summarizing their content. That's because the Google tool that sifts through web content to come up with its AI answers is the same one that keeps track of web pages for search results, according to publishers. Blocking Alphabet's Google the way sites have blocked some of its AI competitors would also hamper a site's ability to be discovered online. Google's dominance in search -- which a federal court ruled last week is an illegal monopoly -- is giving it a decisive advantage in the brewing AI wars, which search startups and publishers say is unfair as the industry takes shape. The dilemma is particularly acute for publishers, which face a choice between offering up their content for use by AI models that could make their sites obsolete and disappearing from Google search, a top source of traffic.

Read more of this story at Slashdot.

Microsoft has removed an arbitrary 32GB size limit for FAT32 partitions in the latest Windows 11 Canary build, now allowing for a maximum size of 2TB. The change, implemented in Windows 11 Insider Preview Build 27686, allows users to create larger FAT32 partitions using the command-line format tool. Previously, Windows systems could read larger FAT32 file systems created on other platforms or through alternative methods, but were limited to creating 32GB partitions natively.

Read more of this story at Slashdot.

Epic Games launched its digital app store on iOS and Android devices on Friday, marking Fortnite's return to Apple's platform in the European Union after a four-year absence. The move follows the implementation of the EU's Digital Markets Act, which mandates Apple to allow third-party app stores. Epic's store is available globally on Android and in the EU for iOS devices running iOS 17.6 or later. Fortnite, along with Rocket League Sideswipe and Fall Guys, are now accessible through Epic's mobile store and the EU's AltStore. This marks Fall Guys' mobile debut. Epic CEO Tim Sweeney hailed the development as "tangible progress" but noted challenges remain, including Apple's new fees for third-party app distribution. The company aims for 100 million mobile store installations by year-end and plans to offer third-party games by December, with self-publishing slated for early 2025. Epic's 88/12 revenue split model will extend to mobile, potentially disrupting the mobile gaming marketplace dominated by Apple and Google.

Read more of this story at Slashdot.

A 43-year-old Jordanian national, Hashem Younis Hashem Hnaihen, was arrested in Orlando, Florida, and charged with threatening to use explosives and destroying a solar power facility. According to the U.S. Department of Justice, the charges could result in up to 60 years in prison. Gizmodo reports: Hashem Younis Hashem Hnaihen allegedly smashed windows at local businesses in Florida, leaving behind threatening letters about their perceived support of Israel, and broke into a solar power generation facility in Wedgefield, Florida back in June. Hnaihen allegedly spent hours smashing solar panels, cutting various wires, and destroying critical electronic equipment, according to a press release from the DOJ issued Thursday. Hnaihen was wearing a mask when he allegedly smashed the glass front doors of businesses that he thought supported Israel in June, the DOJ says, leaving behind "warning letters" that included lines like a desire to, "destroy or explode everything here in whole America. Especially the companies and factories that support the racist state of Israel." [...] Hnaihen was arrested on July 11, though news of his arrest was only made public today. Hnaihen entered a plea of not guilty and faces a maximum of 10 years in prison for each threat made against the Florida businesses and a maximum of 20 years for the destruction of an energy facility, according to the DOJ.

Read more of this story at Slashdot.

AT&T and Verizon are urging the FCC to reject SpaceX's plan to offer cellular service with T-Mobile, arguing that it would cause harmful interference to terrestrial mobile networks. Ars Technica reports: Filings urging the Federal Communications Commission to deny SpaceX's request for a waiver were submitted by AT&T and Verizon this week. The plan by SpaceX's Starlink division also faces opposition from satellite companies EchoStar (which owns Dish and Hughes) and Omnispace. SpaceX and T-Mobile plan to offer Supplemental Coverage from Space (SCS) for T-Mobile's cellular network using SpaceX satellites. As part of that plan, SpaceX is seeking a waiver of FCC rules regarding out-of-band emission limits. AT&T's petition to deny the SpaceX waiver request said the FCC's "recent SCS order appropriately recognized that SCS deployments should not present any risk to the vital terrestrial mobile broadband networks upon which millions of Americans rely today. The Commission authorized SCS as secondary to terrestrial mobile service, correctly explaining that the SCS framework must 'retain service quality of terrestrial networks, protect spectrum usage rights, and minimize the risk of harmful interference.'" AT&T said SpaceX's requested "ninefold increase" to the allowable power flux-density limits for out-of-band emissions "would cause unacceptable harmful interference to incumbent terrestrial mobile operations. Specifically, AT&T's technical analysis shows that SpaceX's proposal would cause an 18% average reduction in network downlink throughput in an operational and representative AT&T PCS C Block market deployment." Verizon's opposition to the waiver request similarly said that SpaceX's proposal "would subject incumbent, primary terrestrial licensee operations in adjacent bands to harmful interference." Wireless phone performance will suffer, Verizon said [...]. SpaceX and T-Mobile told FCC staff that their plan will not harm other wireless operations and predicted that competitors will make misleading claims. SpaceX also argued that the FCC's emissions limit is too strict and should be changed.

Read more of this story at Slashdot.

An anonymous reader quotes a report from the New York Times: Melted capsules. Cloudy insulin. Pills that may no longer work. Doctors and pharmacists say the scorching temperatures enveloping the country could be endangering people's health in an unexpected way: by overheating their medications. Millions of Americans now receive their prescription medications through mail-order shipments, either for convenience or because their health plans require it. But the temperatures inside the cargo areas of delivery trucks can reach 150 degrees Fahrenheit in the summer, according to drivers -- far exceeding the range of 68 to 77 degrees recommended by the national organization that sets standards for drug handling. Mail-order pharmacies say that their packaging is weather resistant and that they take special precautions when medication "requires specific temperature control." But in a study published last year, independent pharmaceutical researchers who embedded data-logging thermometers inside simulated shipments found that the packages had spent more than two-thirds of their transit time outside the appropriate temperature range, "regardless of the shipping method, carrier, or season." Extreme temperatures can alter the components in many medications, from pancreatic enzymes to the thyroid replacement drug levothyroxine to oral contraceptives, medical experts say. Dr. Mike Ren, a primary care physician and an assistant professor in the department of family and community medicine at the Baylor College of Medicine, said that liquid medications like insulin or AUVI-Q, the epinephrine injection for allergic reactions, are often at heightened risk of degradation because excessive heat exposure can cause the evaporation of liquid components that were compounded at precise ratios. Aerosolized medications, too, are uniquely vulnerable because of the risk of pressure changes in the canister. "Doctors recommend picking up your prescriptions at a local pharmacy whenever possible during hot summer months, particularly if your medication is liquid or aerosolized," notes the report. "If you are enrolled in an insurance program that requires using a mail-order pharmacy, ask for an exception during the summer or, at the very least, contact the on-call pharmacist at the mail-order company to get more information about shipping practices and to ask for temperature-controlled packaging. You should do this even if the drug does not require refrigeration." Once you do get your medication, you should make sure to preserve it in a cool, dry environment, away from direct sunlight. If you're flying, your prescriptions should be stored in your carry-on bag. They should never be left in a parked car.

Read more of this story at Slashdot.

sciencehabit shares a report from Science Magazine: A species of lungfish found in South America has claimed the title of the animal with the biggest genome sequenced so far. The DNA of Lepidosiren paradoxa comprises a staggering 91 billion chemical letters or "bases," 30 times as many as the human genome, researchers report today in Nature. However, those 91 billion bases of DNA only contain about the same number of genes that humans have -- roughly 20,000 -- with the rest consisting of noncoding, perhaps even "junk" DNA. By comparing this genome with those of other lungfishes, the researchers determined that L. paradoxa adds the equivalent of a human genome to its DNA every 10 million years.

Read more of this story at Slashdot.

According to Kaspersky, hackers linked to Chinese threat actors have targeted Russian state agencies and tech companies in a campaign named EastWind. The Record reports: [T]he attackers used the GrewApacha remote access trojan (RAT), an unknown PlugY backdoor and an updated version of CloudSorcerer malware, which was previously used to spy on Russian organizations. The GrewApacha RAT has been used by the Beijing-linked hacking group APT31 since at least 2021, the researchers said, while PlugY shares many similarities with tools used by the suspected Chinese threat actor known as APT27. According to Kaspersky, the hackers sent phishing emails containing malicious archives. In the first stage of the attack, they exploited a dynamic link library (DLL), commonly found in Windows computers, to collect information about the infected devices and load the additional malicious tools. While Kaspersky didn't explicitly attribute the recent attacks to APT31 or APT27, they highlighted links between the tools that were used. Although PlugY malware is still being analyzed, it is highly likely that it was developed using the DRBControl backdoor code, the researchers said. This backdoor was previously linked to APT27 and bears similarities to PlugX malware, another tool typically used by hackers based in China.

Read more of this story at Slashdot.

The IRS should reopen its Technology Retirement Office to effectively manage the retirement and replacement of legacy systems, according to a Treasury Inspector General for Tax Administration (TIGTA) audit. The Register reports: The report (PDF), from the Treasury Inspector General for Tax Administration (TIGTA), credits the IRS with fully implementing two out of four previous tech modernization recommendations, though argues the other two recommendations were ineffectively implemented. Those failures include the agency's decision in 2023 to scrap its own Technology Retirement Office, which stood up in 2021 "to strategically reduce the [IRS' IT] footprint." Without that office, "there is no enterprise-wide program to identify, prioritize, and execute the updating, replacing, or retiring of legacy systems" at the IRS, the inspector general declared, adding the unit should be reestablished or brought back in some similar form. The closure of the retirement office, in the eyes of the TIGTA, is part of the IRS's failure to properly identify and plan for shutting down legacy systems and possibly replacing them with something modern. According to the audit report, the IRS identified 107 of its 334 legacy systems as up for retirement, yet only two of those 107 have specific decommissioning plans. The TIGTA would like to see clear plans for all of those identified systems, and had hoped the retirement office (or similar) would provide them. Then there's the second incomplete recommendation, which the IG said is the IRS' failure to properly apply its own definition of a legacy system to all of its tech. [...] In its response to the IG report, the IRS said it had largely addressed the two incomplete recommendations, though not entirely as the Inspector General might want.

Read more of this story at Slashdot.

Microsoft says it will temporarily cease its contentious Windows 11 upgrade campaign following user backlash. The tech giant had been bombarding Windows 10 users with full-screen popups urging them to switch operating systems. Starting with April's security update, these intrusive notifications will be discontinued. Microsoft says it will unveil a revised upgrade strategy in the coming months, as Windows 10 support nears its October 2025 end date.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: Intel is partnering with Karma Automotive to develop an all-new computing platform for vehicles. The new software-defined vehicle architecture should first appear in a high-end electric coupe from Karma in 2026. But the partners have bigger plans for this architecture, with talk of open standards and working with other automakers also looking to make the leap into the software-defined future. [...] In addition to advantages in processing power and weight savings, software-defined vehicles are easier to update over-the-air, a must-have feature since Tesla changed that paradigm. Karma and Intel say their architecture should also have other efficiency benefits. They give the example of security monitoring that remains active even when the vehicle is turned off; they move this to a low-powered device using "data center application orchestration concepts." Intel is also contributing its power management SoC to get the most out of inverters, DC-DC converters, chargers, and as you might expect, the domain controllers use Intel silicon as well, apparently with some flavor of AI enabled. [...] Karma's first car to use the software-defined vehicle architecture will be the Kayeva, a $300,000 two-door with 1,000 hp (745 kW) on tap, which is scheduled to arrive in two years. But Intel and Karma want to offer the architecture to others in the industry. "For Tier 1s and OEMs not quite ready to take the leap from the old way of doing things to the new, Karma Automotive will play as an ally, helping them make that transition," said [Karma President Marques McCammon]. "Together, we're harnessing the combined might of Intel's technological prowess and Karma's ultra-luxury vehicle expertise to co-develop a revolutionary software-defined vehicle architecture," said McCammon. "This isn't just about realizing Karma's full potential; it's about creating a blueprint for the entire industry. We're not just building exceptional vehicles, we're paving the way for a new era of automotive innovation and offering a roadmap for those ready to make the leap."

Read more of this story at Slashdot.

AltStore PAL, a third-party iOS app store available in the EU, has eliminated its annual 1.50-euro subscription fee after receiving a "MegaGrant" from Epic Games. This grant was awarded for "innovation in app distribution," allowing AltStore to cover Apple's Core Technology Fee without charging users. The Verge reports: Epic uses MegaGrants as a way to "sponsor the development of exciting projects that may not otherwise have enough funding to fully realize," the company says. The grants are typically meant for smaller teams using Epic's technologies to "bring bold, challenging, and insanely creative dreams to life," but in this case, Epic awarded the grant for "innovation in app distribution," according to AltStore. AltStore didn't share the dollar value of the grant. Current subscribers won't be charged when their renewal date rolls around, AltStore says. The AltStore team also plans to "show our appreciation for our existing subscribers in a future update" but didn't specify what that might look like.

Read more of this story at Slashdot.

The SAG-AFTRA actors' union has struck a deal with online talent marketplace Narrativ, allowing actors to sell advertisers the rights to replicate their voices using AI. "Not all members will be interested in taking advantage of the opportunities that licensing their digital voice replicas might offer, and that's understandable," SAG-AFTRA official Duncan Crabtree-Ireland said in a statement. "But for those who do, you now have a safe option." Reuters reports: Narrativ connects advertisers and ad agencies with actors to create audio ads using AI. Under the deal, an actor can set the price for an advertiser to digitally replicate their voice, provided it at least equals the SAG-AFTRA minimum pay for audio commercials. Brands must obtain consent from performers for each ad that uses the digital voice replica. The union hailed the pact with Narrativ as setting a standard for the ethical use of AI-generated voice replicas in advertising.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Wired: Professional cycling has, in its recent history, been prone to a shocking variety of cheating methods and dirty tricks.Performance-enhancing drugs.Tacks strewn on race courses. Even stealthy motors hidden inside of wheel hubs. Now, for those who fail to download a software patch for their gear shifters -- yes, bike components now get software updates -- there may be hacker saboteurs to contend with, too. At the Usenix Workshop on Offensive Technologies earlier this week, researchers from UC San Diego and Northeastern University revealed a technique that would allow anyone with a few hundred dollars of hardware to hack Shimano wireless gear-shifting systems (Warning: source may be paywalled; alternative source) of the kind used by many of the top cycling teams in the world, including in recent events like the Olympics and the Tour de France. Their relatively simple radio attack would allow cheaters or vandals to spoof signals from as far as 30 feet away that trigger a target bike to unexpectedly shift gears or to jam its shifters and lock the bike into the wrong gear. The trick would, the researchers say, easily be enough to hamper a rival on a climb or, if timed to certain intense moments of a race, even cause dangerous instability. "The capability is full control of the gears. Imagine you're going uphill on a Tour de France stage: If someone shifts your bike from an easy gear to a hard one, you're going to lose time," says Earlence Fernandes, an assistant professor at UCSD's Computer Science and Engineering department. "Or if someone is sprinting in the big chain ring and you move it to the small one, you can totally crash a person's bike like that." [...] The researchers' technique exploits the increasingly electronic nature of modern high-end bicycles, which now have digital components like power meters, wireless control of fork suspensions, and wireless shifters. "Modern bicycles are cyber-physical systems," the researchers note in their Usenix paper. Almost all professional cyclists now use electronic shifters, which respond to digital signals from shifter controls on the bike's handlebars to move a bicycle's chain from gear to gear, generally more reliably than mechanical shifting systems. In recent years, those wired electronic shifters have transitioned again to wireless versions that pair via a radio connection, such as the popular Di2 wireless shifters sold by the Japanese cycling component firm Shimano, which the researchers focused on. Shimano says it has developed a firmware update to patch the exploit but it won't be available widely until late August. The update is intended to improve wireless transmission across Shimano Di2 component platforms, though specific details about the fix and how it prevents the identified attacks have not been disclosed for security reasons.

Read more of this story at Slashdot.

Climate activists have broken into four German airport sites, briefly bringing air traffic to a halt at two of those before police made arrests. From a report: Protesters from Letzte Generation -- Germany's equivalent to Just Stop Oil -- gained access on Thursday to airfields in areas near the takeoff and landing strips of Cologne-Bonn, Nuremberg, Berlin Brandenburg and Stuttgart airports at dawn. Air traffic was suspended for a short time at Nuremberg and Cologne-Bonn due to police operations. The activists cut holes in fences with bolt cutters, glued themselves to the asphalt and unfurled banners reading "Oil kills" and "Sign the treaty," in reference to Letzte Generation's demand that the German government negotiate and sign an agreement for an international ban on the use of oil, gas and coal by 2030. The action was reminiscent of similar protests this summer and followed raids carried out a week ago on the homes of climate activists in five German cities, at which police collected DNA samples, in what Letzte Generation called "an attempt at intimidation." The interior minister, Nancy Faeser, condemned the protest and called for anyone convicted of involvement in Thursday's action to be given prison sentences. She wrote: "These criminal actions are dangerous and stupid. These anarchists are risking not only their own lives, but are also endangering others. We have recommended tough prison sentences. And we obligate airports to secure their facilities significantly better."

Read more of this story at Slashdot.