News

An Italian video game, 22 years in the making, has finally hit the market, setting a record for the longest development time in gaming history. "Kien," an action platformer for Nintendo's Game Boy Advance, began development in 2002 by a group of five inexperienced enthusiasts, The Guardian reports. Only one, Fabio Belsanti, saw the project through to completion. The game, inspired by 15th-century Tuscan manuscripts and early Japanese graphics, offers a challenging, nonlinear fantasy experience. It's now available on a translucent gray cartridge, complete with a printed manual -- a rarity in modern gaming. Belsanti's company, AgeOfGames, survived the delay by creating educational games. The recent boom in retro gaming finally made Kien's release feasible, he said.

Read more of this story at Slashdot.

Amazon's Kindle e-reader system is experiencing a widespread outage, affecting new book downloads and access to undownloaded titles in users' libraries. The issue, confirmed by Amazon support, is expected to last at least 48 hours.

Read more of this story at Slashdot.

An anonymous reader shares a report: A new test version of Windows 11 is available for Windows Insiders on the Dev Channel with Build 26120.961, which rolls out a significant change: a new Windows Start menu. You'll immediately notice that Microsoft has redesigned the Microsoft user account display, moving it to the center of the Start menu as soon as you click on the username or profile picture. This new "account manager" feature gives you quicker access to your various Microsoft accounts, such as Microsoft 365, Xbox Game Pass, and OneDrive cloud storage. To no surprise, Microsoft is using this prominent display to remind you of their own products and services. The difference to the current Windows 11 Start menu is obvious, as the following screenshot shows:

Read more of this story at Slashdot.

New research aimed at identifying foods that contain higher levels of PFAS found people who eat more white rice, coffee, eggs and seafood typically showed more of the toxic chemicals in their plasma and breast milk. The Guardian adds: The study checked samples from 3,000 pregnant mothers, and is among the first research to suggest coffee and white rice may be contaminated at higher rates than other foods. It also identified an association between red meat consumption and levels of PFOS, one of the most common and dangerous PFAS compounds. The authors said the findings highlight the chemicals' ubiquity and the many ways they can end up in the food supply.

Read more of this story at Slashdot.

An anonymous reader shares a report: Apple has removed several apps offering virtual private network services from the Russian App Store, following a request from Roskomnadzor, Russia's media regulator, independent news outlet Mediazona reported on Thursday. The VPN services removed by Apple include leading services such as ProtonVPN, Red Shield VPN, NordVPN and Le VPN. Those living in Russia will no longer be able to download the services, while users who already have them on their phones can continue using them, but will be unable to update them. Red Shield VPN posted a notice from Apple on X, which said that their app would be removed following a request from Roskomnadzor, "because it includes content that is illegal in Russia."

Read more of this story at Slashdot.

ZipNada writes: A federal court in Texas has partially blocked the government's ban on noncompete agreements that was set to take effect September 4. An estimated 30 million people, or one in five American workers, are bound by noncompetes. The employment agreements typically prevent workers -- everyone from minimum wage earners to CEOs -- from joining competing businesses or launching ones of their own. In its complaint, Ryan LLC accused the FTC of overstepping its statutory authority in declaring all noncompetes unfair and anticompetitive. Judge Brown agreed, writing, "The FTC lacks substantive rulemaking authority with respect to unfair methods of competition." Through a statement Wednesday evening, the FTC said its authority is supported by both statute and precedent. "We will keep fighting to free hardworking Americans from unlawful noncompetes, which reduce innovation, inhibit economic growth, trap workers, and undermine Americans' economic liberty," wrote FTC spokesman Douglas Farrar. The FTC has long argued that noncompetes hurt workers.

Read more of this story at Slashdot.

Two vulnerabilities were discovered in the GSS message token handling in krb5, the MIT implementation of Kerberos. An attacker can take advantage of these flaws to bypass integrity protections or cause a denial of service.

https://security-tracker.debian.org/tracker/DSA-5726-1

A hacker infiltrated OpenAI's internal messaging systems in early 2023, stealing confidential information about the ChatGPT maker's AI technologies, New York Times reported Thursday. The breach, disclosed to employees in April that year but kept from the public, has sparked internal debate over the company's security protocols and potential national security implications, the report adds. The hacker accessed an employee forum containing sensitive discussions but did not breach core AI systems. OpenAI executives, believing the hacker had no government ties, opted against notifying law enforcement, the Times reported. From the report: After the breach, Leopold Aschenbrenner, an OpenAI technical program manager focused on ensuring that future A.I. technologies do not cause serious harm, sent a memo to OpenAI's board of directors, arguing that the company was not doing enough to prevent the Chinese government and other foreign adversaries from stealing its secrets. Mr. Aschenbrenner said OpenAI had fired him this spring for leaking other information outside the company and argued that his dismissal had been politically motivated. He alluded to the breach on a recent podcast, but details of the incident have not been previously reported. He said OpenAI's security wasn't strong enough to protect against the theft of key secrets if foreign actors were to infiltrate the company.

Read more of this story at Slashdot.

An anonymous reader quotes a report from TorrentFreak: Hikari-no-Akari, a long-established and popular pirate site that specializes in Japanese music, is being targeted in U.S. federal court by Sony Music. [...] The music download portal, which links to externally hosted files, has been operating for well over a decade and currently draws more than a million monthly visits. In addition to the public-facing part of the site, HnA also has a private forum and Discord channel. [...] Apparently, Sony Music Japan has been keeping an eye on the unauthorized music portal. The company has many of its works shared on the site, including anime theme music, which is popular around the globe. For example, a few weeks ago, HnA posted "Sayonara, Mata Itsuka!" from the Japanese artist Kenshi Yonezu, which is used as the theme song for the asadora series "The Tiger and Her Wings." Around the same time, PEACEKEEPER, a song by Japanese musician STEREO DIVE FOUNDATION, featured in the third season of the series "That Time I Got Reincarnated as a Slime", was shared on the site. Sony Music Japan is a rightsholder for both these tracks, as well as many others that were posted on the site. The music company presumably tried to contact HnA directly to have these listings removed and reached out to its CDN service Cloudflare too, asking it to take action. [...] They are a prerequisite for obtaining a DMCA subpoena, which Sony Music Japan requested at a California federal court this week. Sony requested two DMCA subpoenas, both targeted at hikarinoakari.com and hnadownloads.co. The latter domain receives the bulk of its traffic from the first, which isn't a surprise considering the 'hnadownloads' name. Through the subpoena, the music company hopes to obtain additional information on the people behind these sites. That includes, names, IP-addresses, and payment info. Presumably, this will be used for follow-up enforcement actions. It's unclear whether Cloudflare will be able to hand over any usable information and for the moment, HnA remains online. Several of the infringing URLs that were identified by Sony have recently been taken down, including this one. However, others remain readily available. The same applies to private forum threads and Discord postings, of course.

Read more of this story at Slashdot.

Epilogue, the company behind the GB Operator emulator, which lets users play Game Boy cartridges on a PC, announced that it's working on an update to turn the Game Boy Camera into a lo-fi webcam. Time Extension reports: The Playback app currently allows you to download photos from the Game Boy Camera accessory, but Epilogue has just demonstrated the ability to use the peripheral as a webcam. "We now have a live feed from the Game Boy Camera, but still need to fine-tune some things and allow for configuration options," says the company. "We wanted to share this update because it was exciting to see it finally work, and [we] can't wait to see everyone having fun with it. It's the worst and the best webcam you'll ever have."

Read more of this story at Slashdot.

Cloudflare today unveiled a new feature part of its content delivery network (CDN) that prevents AI developers from scraping content on the web. According to Cloudflare, the feature is available for both the free and paid tiers of its service. SiliconANGLE reports: The feature uses AI to detect automated content extraction attempts. According to Cloudflare, its software can spot bots that scrape content for LLM training projects even when they attempt to avoid detection. "Sadly, we've observed bot operators attempt to appear as though they are a real browser by using a spoofed user agent," Cloudflare engineers wrote in a blog post today. "We've monitored this activity over time, and we're proud to say that our global machine learning model has always recognized this activity as a bot." One of the crawlers that Cloudflare managed to detect is a bot that collects content for Perplexity AI Inc., a well-funded search engine startup. Last month, Wired reported that the manner in which the bot scrapes websites makes its requests appear as regular user traffic. As a result, website operators have struggled to block Perplexity AI from using their content. Cloudflare assigns every website visit that its platform processes a score of 1 to 99. The lower the number, the greater the likelihood that the request was generated by a bot. According to the company, requests made by the bot that collects content for Perplexity AI consistently receive a score under 30. "When bad actors attempt to crawl websites at scale, they generally use tools and frameworks that we are able to fingerprint," Cloudflare's engineers detailed. "For every fingerprint we see, we use Cloudflare's network, which sees over 57 million requests per second on average, to understand how much we should trust this fingerprint." Cloudflare will update the feature over time to address changes in AI scraping bots' technical fingerprints and the emergence of new crawlers. As part of the initiative, the company is rolling out a tool that will enable website operators to report any new bots they may encounter.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Axios: The Food and Drug Administration will no longer allow the use of brominated vegetable oil (BVO) in food products and sodas due to concerns it poses a threat to people's health, the FDA announced Tuesday. The ban follows similar action in California against the food additive that's modified with bromine, which has been used in small quantities as a stabilizer in some citrus-flavored drinks and which is also found in fire retardants. Jim Jones, the deputy commissioner for the FDA's Human Foods Program, said in a statement that "removal of the only authorized use of BVO from the food supply was based on a thorough review of current science and research findings that raised safety concerns." The FDA "concluded that the intended use of BVO in food is no longer considered safe after the results of studies conducted in collaboration with the National Institutes of Health (NIH) found the potential for adverse health effects in humans," per an agency statement. A 2022 FDA study found that oral exposure to the additive "is associated with increased tissue levels of bromine and that at high levels of exposure the thyroid is a target organ of potential negative health effects in rodents." The ban takes effect on August 2. Companies will have one year from then to "reformulate, relabel, and deplete the inventory of BVO-containing products before the FDA begins enforcing the final rule," according to the agency.

Read more of this story at Slashdot.

Paul Voosen reports via Science Magazine: Few things prompt as much anxiety in science and the wider world as the growing use of artificial intelligence (AI) and the rising influence of China. This spring, these two factors created a rift at the European Geosciences Union (EGU), one of the world's largest geoscience societies, that led to the firing of its president. The whole episode has been "a packaging up of fear of AI and fear of China," says Michael Stephenson, former chief geologist of the United Kingdom and one of the founders of Deep-time Digital Earth (DDE), a $70 million effort to connect digital geoscience databases. In 2019, another geoscience society, the International Union of Geological Sciences (IUGS), kicked off DDE, which has been funded almost entirely by the government of China's Jiangsu province. The dispute pivots on GeoGPT, an AI-powered chatbot that is one of DDE's main efforts. It is being developed by Jian Wang, chief technology officer of e-commerce giant Alibaba. Built on Qwen, Alibaba's own chatbot, and fine-tuned on billions of words from open-source geology studies and data sets, GeoGPT is meant to provide expert answers to questions, summarize documents, and create visualizations. Stephenson tested an early version, asking it about the challenges of using the fossilized teeth of conodonts, an ancient relative of fish, to define the start of the Permian period 299 million years ago. "It was very good at that," he says. As awareness of GeoGPT spread, so did concern. Paul Cleverly, a visiting professor at Robert Gordon University, gained access to an early version and said in a recent editorial in Geoscientist there were "serious issues around a lack of transparency, state censorship, and potential copyright infringement." Paul Cleverly and GeoScienceWorld CEO Phoebe McMellon raised these concerns in a letter to IUGS, arguing that the chatbot was built using unlicensed literature without proper citations. However, they did not cite specific copyright violations, so DDE President Chengshan Wang, a geologist at the China University of Geosciences, decided not to end the project. Tensions at EGU escalated when a complaint about GeoGPT's transparency was submitted before the EGU's April meeting, where GeoGPT would be introduced. "It arrived at an EGU whose leadership was already under strain," notes Science. The complaint exacerbated existing leadership issues within EGU, particularly surrounding President Irina Artemieva, who was seen as problematic by some executives due to her affiliations and actions. Science notes that she's "affiliated with Germany's GEOMAR Helmholtz Centre for Ocean Research Kiel but is also paid by the Chinese Academy of Geological Sciences to advise it on its geophysical research." Artemieva forwarded the complaint via email to the DDE President to get his view, but forgot to delete the name attached to it, leading to a breach of confidentiality. This incident, among other leadership disputes, culminated in her dismissal and the elevation of Peter van der Beek to president. During the DDE session at the EGU meeting, van der Beek's enforcement actions against Chinese scientists and session attendees led to allegations of "harassment and discrimination." "Seeking to broker a peace deal around GeoGPT," IUGS's president and another former EGU president, John Ludden, organized a workshop and invited all parties to discuss GeoGPT's governance, ongoing negotiations for licensing deals and alternative AI models for GeoGPT's use.

Read more of this story at Slashdot.

The Spanish government is introducing a porn passport to help porn platforms verify users' ages. Slashdot reader fjo3 shares a report from Politico: Officially (and drily) called the Digital Wallet Beta (Cartera Digital Beta), the app Madrid unveiled on Monday would allow internet platforms to check whether a prospective smut-watcher is over 18. Porn-viewers will be asked to use the app to verify their age. Once verified, they'll receive 30 generated "porn credits" with a one-month validity granting them access to adult content. Enthusiasts will be able to request extra credits. While the tool has been criticized for its complexity, the government says the credit-based model is more privacy-friendly, ensuring that users' online activities are not easily traceable. The system will be available by the end of the summer. It will be voluntary, as online platforms can rely on other age-verification methods to screen out inappropriate viewers. It heralds an EU law going into force in October 2027, which will require websites to stop minors from accessing porn. Eventually, Madrid's porn passport is likely to be replaced by the EU's very own digital identity system (eIDAS2) -- a so-called wallet app allowing people to access a smorgasbord of public and private services across the whole bloc.

Read more of this story at Slashdot.

Ahead of its one-year anniversary, Meta CEO Mark Zuckerberg announced that Threads has reached more than 175 million monthly active users. The Verge reports: Back when it arrived in the App Store on July 5th, 2023, Musk was taking a wrecking ball to the service formerly called Twitter and goading Zuckerberg into a literal cage match that never happened. A year later, Threads is still growing at a steady clip -- albeit not as quickly as its huge launch -- while Musk hasn't shared comparable metrics for X since he took over. As with any social network, and especially for Threads, monthly users only tell part of the growth story. It's telling that, unlike Facebook, WhatsApp, and Instagram, Meta hasn't shared daily user numbers yet. That omission suggests Threads is still getting a lot of flyby traffic from people who have yet to become regular users. I've heard from Meta employees in recent months that much of the app's growth is still coming from it being promoted inside Instagram. Both apps share the same account system, which isn't expected to change.

Read more of this story at Slashdot.

An anonymous reader quotes a report from TechCrunch: When Rodney Brooks talks about robotics and artificial intelligence, you should listen. Currently the Panasonic Professor of Robotics Emeritus at MIT, he also co-founded three key companies, including Rethink Robotics, iRobot and his current endeavor, Robust.ai. Brooks also ran the MIT Computer Science and Artificial Intelligence Laboratory (CSAIL) for a decade starting in 1997. In fact, he likes to make predictions about the future of AI and keeps a scorecard on his blog of how well he's doing. He knows what he's talking about, and he thinks maybe it's time to put the brakes on the screaming hype that is generative AI. Brooks thinks it's impressive technology, but maybe not quite as capable as many are suggesting. "I'm not saying LLMs are not important, but we have to be careful [with] how we evaluate them," he told TechCrunch. He says the trouble with generative AI is that, while it's perfectly capable of performing a certain set of tasks, it can't do everything a human can, and humans tend to overestimate its capabilities. "When a human sees an AI system perform a task, they immediately generalize it to things that are similar and make an estimate of the competence of the AI system; not just the performance on that, but the competence around that," Brooks said. "And they're usually very over-optimistic, and that's because they use a model of a person's performance on a task." He added that the problem is that generative AI is not human or even human-like, and it's flawed to try and assign human capabilities to it. He says people see it as so capable they even want to use it for applications that don't make sense. Brooks offers his latest company, Robust.ai, a warehouse robotics system, as an example of this. Someone suggested to him recently that it would be cool and efficient to tell his warehouse robots where to go by building an LLM for his system. In his estimation, however, this is not a reasonable use case for generative AI and would actually slow things down. It's instead much simpler to connect the robots to a stream of data coming from the warehouse management software. "When you have 10,000 orders that just came in that you have to ship in two hours, you have to optimize for that. Language is not gonna help; it's just going to slow things down," he said. "We have massive data processing and massive AI optimization techniques and planning. And that's how we get the orders completed fast." "People say, 'Oh, the large language models are gonna make robots be able to do things they couldn't do.' That's not where the problem is. The problem with being able to do stuff is about control theory and all sorts of other hardcore math optimization," he said. "It's not useful in the warehouse to tell an individual robot to go out and get one thing for one order, but it may be useful for eldercare in homes for people to be able to say things to the robots," he said.

Read more of this story at Slashdot.

Netflix has started booting subscribers off its cheapest ad-free subscription tier, "starting with the UK and Canada, with more countries inevitably to follow," reports MacRumors. From the report: The streaming giant has reportedly begun notifying users via on-screen messages about the last day they can access the service unless they upgrade. One Reddit user shared a notification they had received from the Netflix app, saying: "Your last day to watch Netflix is July 13th. Choose a new plan to keep watching." Customers are being prompted to instead choose the cheaper Standard with ads, or the more expensive Standard or Premium 4K plans. The Basic plan, which costs $11.99 per month in the United States, has not been available to new subscribers since last year. In its early 2024 earnings call, Netflix announced its intention to retire its Basic plan in some countries where the ads plan has been introduced, starting with Canada and the UK in the second quarter, and then "taking it from there." Netflix said in May that its ad-supported streaming tier has 40 million global monthly active users, up 35 million from a year ago.

Read more of this story at Slashdot.

Matthew Connatser reports via The Register: Utility firms American Electric Power (AEP) and Exelon have filed an official objection with the Federal Energy Regulatory Commission (FERC) over Talen Energy's nuclear power deal with Amazon. Back in March, Amazon bought a nuclear-powered datacenter from Talen Energy -- an operator of electricity generation and transmission facilities in the US. As part of the deal, Amazon would get 480 MW straight from the 2.7 GW Talen nuclear power plant in Susquehanna, Pennsylvania, and may even be able to upgrade to 960 MW down the line. However, that Susquehanna atomic plant also provides power to PJM Interconnection, the regional power grid operator for much of the eastern US. The two companies -- Talen and PJM -- have an interconnection service agreement (ISA) that sets the rules for how Talen should deliver power to PJM's transmission system. To better accommodate the nuclear datacenter, Talen and PJM agreed to a new ISA, which has caught the ire of AEP and Exelon. The duo claim Talen and Amazon are basically getting a free ride that other PJM ratepayers will have to pay for, saying that even though Amazon's datacenter isn't directly connected to PJM, it still benefits from the power grid, meaning the other ratepayers are left holding the short end of the stick. Each of the station's two reactors has 1,350 MW available, and Amazon is already able to use 480 MW, and up to 960 MW in the future. If one of the reactors experiences an outage, the ISA says the datacenter is first in line for power from the other reactor, which leaves PJM with far less electricity than normal. That in turn would mean a lower energy supply for PJM's customers, who would have to pay more, at least according to the complaint's reasoning. The Talen-PJM ISA states that in this event, the nuclear datacenter will separate from the plant and get its power elsewhere, but AEP and Exelon are skeptical and want to know how exactly that would work. The complaint argues Amazon's DC is essentially using the grid, saying the "premise" of the tweaked ISA "is that this datacenter co-located load is like load on a remote island -- one that simply has no impact on the PJM grid and would thus be properly excluded from economic and other responsibility for maintaining the PJM grid. But that storyline does not stand up to scrutiny." "They present their filing as no more than a replacement of older agreements with updated terms and 'clarifications' regarding the parties' roles and obligations," the two utility companies told [PDF] FERC, requesting a hearing over the matter. "The filing [new ISA] casts the submission as a mere housekeeping exercise, as if there is nothing to see here." The protest adds: "The co-located load should not be allowed to operate as a free rider, making use of, and receiving the benefits of, a transmission system paid for by transmission ratepayers. We have no objection to co-location per se, but such load should pay its fair share of system use and other charges, just like other loads and customers." AEP and Exelon claim the new terms of the ISA contains a key loophole that hinges on the datacenter's co-location with the nuclear power plant, which allows its power usage to not be considered "in-network," even though the power load is synced to PJM's grid and could theoretically get power from it. [...] The end result, or so AEP and Exelon allege, is that Talen would be able to benefit from PJM's services without the associated cost. That would cost other customers between $58 million and $140 million per year overall, according to an analysis from Concentric Energy Advisors CEO Danielle Powers and chairman John Reed included with the filing. AEP and Exelon asked FERC to either hold a hearing to answer questions it feels are unresolved or to reject the new ISA outright. For its part, Talen claims the complaint's narrative is "demonstrably false" and that "transmission is not implicated."

Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: A California-based credit union with over 450,000 members said it suffered a ransomware attack that is disrupting account services and could take weeks to recover from. "The next few days -- and coming weeks -- may present challenges for our members, as we continue to navigate around the limited functionality we are experiencing due to this incident," Patelco Credit Union CEO Erin Mendez told members in a July 1 message (PDF) that said the security problem was caused by a ransomware attack. Online banking and several other services are unavailable, while several other services and types of transactions have limited functionality. Patelco Credit Union was hit by the attack on June 29 and has been posting updates on this page, which says the credit union "proactively shut down some of our day-to-day banking systems to contain and remediate the issue... As a result of our proactive measures, transactions, transfers, payments, and deposits are unavailable at this time. Debit and credit cards are working with limited functionality." Patelco Credit Union is a nonprofit cooperative in Northern California with $9 billion in assets and 37 local branches. "Our priority is the safe and secure restoration of our banking systems," a July 2 update said. "We continue to work alongside leading third-party cybersecurity experts in support of this effort. We have also been cooperating with regulators and law enforcement." Patelco says that check and cash deposits should be working, but direct deposits have limited functionality. Security expert Ahmed Banafa "said Tuesday that it looks likely that hackers infiltrated the bank's internal databases via a phishing email and encrypted its contents, locking out the bank from its own systems," the Mercury News reported. Banafa was paraphrased as saying that it is "likely the hackers will demand an amount of money from the credit union to restore its systems back to normal, and will continue to hold the bank's accounts hostage until either the bank finds a way around the hack or until the hackers are paid." Patelco hasn't revealed details about how it will recover from the ransomware attack but acknowledged to customers that their personal information could be at risk. "The investigation into the nature and scope of the incident is ongoing," the credit union said. "If the investigation determines that individuals' information is involved as a result of this incident, we will of course notify those individuals and provide resources to help protect their information in accordance with applicable laws." While ATMs "remain available for cash withdrawals and deposits," Patelco said many of its other services remain unavailable, including online banking, the mobile app, outgoing wire transfers, monthly statements, Zelle, balance inquiries, and online bill payments. Services with "limited functionality" include company branches, call center services, live chats, debit and credit card transactions, and direct deposits.

Read more of this story at Slashdot.

OpenAI's ChatGPT app for macOS contained a security vulnerability until Friday, potentially exposing users' conversations to unauthorized access, according to a developer's findings. The flaw allowed stored chats to be easily located and read in plain text on users' computers. Pedro Jose Pereira Vieito demonstrated the issue on social media, showing how a separate application could access and display recent ChatGPT conversations.

Read more of this story at Slashdot.