Space

China Lands Rocket During an Orbital Launch For First Time (space.com) 32

China successfully recovered an orbital rocket booster for the first time, landing the Long March 10B's first stage into a net-equipped sea platform after its maiden launch. "This mission marks my country's first successful controlled recovery of a launch vehicle and the world's first network-based recovery of a launch vehicle," the China Aerospace Science and Technology Corporation (CASC) announced via social media shortly after the launch. (Translation by Google.) "It signifies a historic breakthrough for my country in the field of reusable rocket technology and will lay a solid foundation for accelerating the improvement of my country's space access capabilities." Space.com reports: The Long March 10B is a two-stage rocket that stands about 207 feet (63 meters) tall, according to the state-owned CASC, the main contractor for China's space program. The vehicle's first stage burns kerosene and liquid oxygen (LOX) propellants, whereas the second stage uses LOX and liquid methane. In reusable mode, the Long March 10B can loft about 16 tons of payload to low Earth orbit.

And the rocket flew with a payload on its debut liftoff -- a satellite that successfully reached "its predetermined orbit," according to the CASC update. That post did not provide any details about the spacecraft or its orbit. It did give a brief rundown of the first-stage recovery, however. "Approximately 6 minutes after the first and second stages separated, the first stage returned vertically and was successfully recovered at a sea-based recovery platform using a net system," CASC officials wrote, noting that launch occurred from the Hainan Commercial Space Launch Site on Friday at 12:15 a.m. EDT (0415 GMT; 12:15 p.m. Beijing time.) "The launch and first-stage recovery missions were a complete success."

AI

OpenAI to Retire ChatGPT Atlas Browser Less Than a Year After Launch 7

OpenAI is retiring its ChatGPT Atlas browser less than a year after launch. Going forward, its browsing features will be shifted into a redesigned ChatGPT desktop app that also combines Codex, a built-in browser, and "ChatGPT Work" for acting across apps and files. PCMag reports: OpenAI disclosed Atlas's retirement in a Thursday post introducing a more powerful ChatGPT desktop app, following reports that the company planned on turning it into a "superapp." [...] In a tweet, OpenAI product staff member James Sun added, "The current targeted date for deprecation is 8/9, and we'll share more information in the upcoming days both in-app and via email."

The sunsetting means the Windows version of ChatGPT Atlas has been canceled, though the ChatGPT desktop app is still available on both Mac and Windows. The company is already touting the built-in browser, noting: "You can ask ChatGPT to research a market, compare sources, pull information from websites, or open and refine files from Google Workspace and Microsoft 365 inside the app. It can use the browser to bring in fresh context, take steps across web pages, and keep the work moving while you review and guide the result."
Google

Google Search Hits All-Time Usage Record (cnbc.com) 27

Google says the World Cup drove Search to its highest usage in history, with queries per second peaking right after Argentina's winning goal against Egypt. CNBC reports: The milestone comes as the company tries to prove its traditional search engine can keep its relevance in the age of AI, where chatbots have become more prevalent. Google still controls 90% of the search market, its stock price has more than doubled in the past year and revenue growth in the first quarter was the fastest for any period since 2022.

Google said its top searched query after the game was "argentina vs egypt." Globally, the company also saw people searching for things like "argentina x colombia" and "how many world cup goals does messi have." Additional queries included "what is it called when a player hits another player in game" and "is it messi's last world cup."

AI

OpenAI Rolls Out GPT-5.6 After Government Greenlight, Announces 'ChatGPT Work' 18

OpenAI has received approval from the Trump administration to publicly roll out GPT-5.6 after an earlier limited preview restricted access to government-approved organizations. The company also launched ChatGPT Work, a new GPT-5.6-powered agent that combines ChatGPT and Codex-style capabilities. "It can gather context from the apps, files, and workflows you choose and create finished materials such as documents, spreadsheets, presentations, and web apps," OpenAI wrote in a blog post, adding that a "unified plugins directory" allows ChatGPT to connect to tools like Slack, Gmail, Google Drive, calendars, and CRMs. The Verge reports: Mac and Windows users worldwide, including free ChatGPT users, should have immediate access to ChatGPT Work and GPT-5.6 via the ChatGPT desktop app. On mobile and the web, Pro, Enterprise, and Edu users will first get access, while Plus and Business users will receive access "over the next few days," OpenAI wrote, adding that the "rollout is starting globally and will continue gradually toward full availability over the next 24 hours."

[...] OpenAI is hoping that its new product, which is a direct competitor to Anthropic's Claude Cowork (combining its own Claude and Claude Code), will push it ahead in the race. OpenAI is especially banking on Sol, the most powerful of the GPT-5.6 model suite, to set "a new standard for intelligence and efficiency," particularly when it comes to coding, cybersecurity, and science, as well as computer use capabilities. The company is also marketing the model as a lower-cost alternative to competitors' most powerful models, amid complaints of an industry-wide money squeeze and AI lab costs being passed onto customers.
Open Source

Google Hands Open Health Stack To the Linux Foundation (nerds.xyz) 7

BrianFagioli writes: The Linux Foundation intends to launch the Open Health Stack Software Foundation, a new vendor-neutral home for the Google Open Health Stack project. Google is contributing the project code and assets while Google.org is providing a $3 million grant. The initiative is also backed by Microsoft, Anthropic, and the World Health Organization, with the goal of building open source, AI-ready digital health infrastructure. Will moving the project under Linux Foundation governance accelerate adoption, or is this simply another foundation that most developers will never interact with? The new project will focus on core HL7 FHIR technologies for healthcare interoperability, the Open Health Stack Player deployment toolkit, and AI Commons -- a model-agnostic healthcare AI initiative being co-developed with the World Health Organization.

A notable part of the announcement is its planned Implementer Program, which aims to give startups, small businesses, and local developers in low- and middle-income countries a formal role in governance. In other words, the effort is not just about building healthcare software standards, but about making sure the people implementing them in underserved markets help shape the project too.
Social Networks

Meta Now Lets Anyone Use Your Instagram Photos In AI Images (wired.com) 70

UPDATE: Within three days Meta removed this controversial feature. TechCrunch notes reports that the decision came "amid scrutiny from users and talent agencies, including CAA."

Tuesday an anonymous reader had shared this report from Wired: Meta launched its inaugural AI image model from the Meta Superintelligence Labs on Tuesday, its effort to compete with the likes of OpenAI's GPT Images 2.0 and Google's Nano Banana 2 in the AI image generation race. The new model, called Muse Image, rolled out with deep integrations woven into the Instagram app. As part of this update, public Instagram profiles are now automatically opted into being fodder for generative AI remixes. All someone has to do is tag your account's profile in a prompt -- if it's public -- and they can use Meta AI to generate an image using your likeness.

Meta positions this feature as a cheeky way to personalize generations with images of real people. "Whether you want to design a custom event invitation, mock up a collaborative creative concept, or generate a personalized graphic, tagging a username lets Meta AI use public photos to build a visual that's ready to post," reads one of Meta's announcement blogs about the new AI tool. [...] Instagram's help center site includes more details about how this feature will impact users, saying that "people may be able to create content with your Instagram content using AI features at Meta" if you leave your account public and on the default settings. (A previously archived version of this page from 2025 does not include similar, AI-focused language.)
Instagram users who want to stop others from using their public posts for AI images (without switching your account to private) must manually disable the options under the app's "Sharing and reuse" settings. However, turning off the setting only blocks future AI generations; any AI images already created from their content will remain.

Meta also says users will not be notified when others create AI-generated content using their posts.
The Courts

Supreme Court Allows Texas To Require Age Verification For Mobile Apps (cnn.com) 120

The Supreme Court allowed Texas to enforce a law requiring app stores to verify users' ages and obtain parental consent before minors can download apps. Tech industry groups argue the law broadly restricts young people's access to digital speech, but the court let a 5th Circuit order stand without explanation or noted dissents. CNN notes that the Supreme Court's decision "doesn't resolve the case but rather will allow Texas to enforce the law while the litigation continues to play out." From the report: "A minor child who downloads a software application from an app store agrees to contractual terms of service, including whether the child's location will be tracked, whether the child's privacy will be protected, whether information from the child's phone can be sold by the developer, and whether the child waives the right to sue," Texas told the Supreme Court in urging the court to allow its law to take effect.

But the Computer & Communications Industry Association, a trade group whose members include Apple and Google, said the law would effectively bar young people from accessing a wide range of content, "be it a book by Ernest Hemingway or J.K. Rowling, a Taylor Swift album, or a subscription to National Geographic." Allowing the law to take effect, the group said, would have "profound consequences for the protection of digital speech."

[...] In the new case, involving Texas' age verification for apps, a federal district court blocked the law's enforcement in December -- days before it was set to take effect. But a three-judge panel of the conservative 5th US Circuit Court of Appeals put that decision on hold in early June, allowing the state to enforce it. By declining to take up the emergency appeal from the computer and student groups, the Supreme Court has left the 5th Circuit's decision in place.

EU

Google Ordered to Pay $2 Billion For Anti-Competitive Practices By Swedish Court (msn.com) 85

Google was ordered to pay almost $2 billion this week to Pricerunner, reports Bloomberg: The Patent and Market Court in Stockholm, which issued the judgment on Wednesday, dismissed most parts of the claim in which Pricerunner sought 80 billion Swedish kronor, or roughly $8.2 billion, in the wake of a European Union antitrust crackdown... The Swedish price-comparison website argued that Google has been abusing its dominant position as a search engine by favoring its own comparison shopping service over competing portals for more than a decade. Wednesday's award compensates for lost revenue caused by Google's preferential treatment of its own comparison-shopping service over independent price-comparison services, conduct that also drives up costs for consumers, [Pricerunner owner] Klarna said in a statement after the judgment...

A Google spokesperson said the company doesn't agree with the court's decision and will consider its legal options. [The ruling can be appealed.] Changes implemented in 2017 to Google's platform are working and generating growth and jobs for hundreds of comparison shopping services operating more than 1500 websites across Europe, according to the statement.

The litigation is linked to a 2017 decision by the European Commission to fine Google €2.4 billion for illegally leveraging its search dominance to give its own shopping service an edge. The EU decision unleashed a wave of so-called follow-on suits, which were delayed for years as Google appealed the EU fine. Two years ago the EU's top tribunal confirmed that the company did violate antitrust laws — meaning EU-based plaintiffs no longer have to prove that in court. A Berlin court last year ordered the tech giant to pay €573 million in damages to two German price-comparison websites, a ruling Google appealed. Similar cases are pending across Europe.

AI

Meta is Quietly Launching Pocket, an App for Vibe-coding and Scrolling Small 'Gizmos' (techcrunch.com) 25

"Mozilla shut down the well-loved read-it-later Pocket app last year, and now Meta is launching an app called Pocket with an entirely different, AI-focused pitch," writes The Verge.

While it's not available for downloads in most locations, Meta's Pocket will allow people "to generate small, interactive apps and games using AI prompts," writes TechCrunch. They're called "gizmos", and Pocket "also offers a scrollable feed where you can play with gizmos others have made."

Some context from The Verge: Meta CEO Mark Zuckerberg is all in on AI as the new social media, and he's previously described a vision of how users could use AI to make interactive experiences and share them with people. The launch of Pocket appears to be one manifestation of that idea... It follows Meta hiring engineers from a company called Atma Sciences Inc., which made an app called Gizmo, as Business Insider reported in March.

On a help center page, Meta also describes a gizmo as a "playable AI-generated experience," and when you post one, Meta says you can choose to let other people remix them.

"Based on the app's screenshots in Google Play, there are many similarities to Gizmo's original app, which is still listed," notes TechCrunch.

"Pocket is another example of Meta's push to make AI creation tools more mainstream, extending its earlier efforts, which included AI-generated images created via its Meta AI app and AI videos created with its app called Vibes. It has also added AI features across its social platforms... " Given that Meta has not officially announced Pocket's debut, it's likely that Pocket is still in its initial experimentation phase. Its counterpart Gizmo, however, had generated 635,000 lifetime installs across both iOS and Google Play, according to Appfigures, which noted it had a 98% positive sentiment.
Crime

Windows 11 Identifier Code Used to Arrest 19-Year-Old Over Alleged Ransomware Spree (tomshardware.com) 69

America's Justice Department and FBI teamed joined Finland's National Bureau of Investigation to arrest a teenager they say is part of one of the world's biggest cybercrime syndicates, reports Tom's Hardware. The "Scattered Spider" syndicate has extorted over $100 million in ransom payments, according to Department of Justice figures: 19-year-old Peter Stokes is a dual U.S.-Estonian citizen who was trying to board a flight to Japan from Helsinki, when law enforcement caught up with him. [T]he main criminal complaint against Stokes stems from a May 2025 attack on a luxury jewelry dealer based in the United States. The attackers apparently called the company's IT helpdesk using Google Voice, posing as employees. They were able to convince the help desk into resetting their credentials, which allowed them to infiltrate three accounts, two of which had admin privileges. From there, the group, allegedly including Stokes, stole important data and held the jeweler at ransom, demanding an $8 million payment in crypto. The company ultimately regained access to their infrastructure and avoided paying the ransom, but the operational disruption still caused a purported $2 million in losses. This served as the spark that led to Stokes' eventual arrest in Helsinki, as the prosecutors slowly followed the paper and digital trail laid by the attackers.

Microsoft played a key role in the process by providing GDID [Global Device Identifier] data to the FBI to help them apprehend the alleged criminal... [I]t's a unique identifier assigned to every Windows install that tracks device-specific telemetry. It's the reason why sometimes changing a major component in your PC can revoke your Windows license... [T]he court documents from the case reveal that Stokes used Windows, from which investigators were able to link his physical hardware to specific internet activity and locations... Stokes' web activity, videogame history, IP addresses, tool usage (including Ngrok), Azure status, and more were logged with timestamps, and were provided to the investigators by Microsoft...

Stokes was carrying two hard drives full of incriminating evidence with him when boarding his flight to Japan... His real identity has actually been known since 2024, but since he was a minor living across Estonia and the UAE at the time, he could only be monitored until the time was right.

The official criminal complaint even includes a selfie photo that Stokes posted on Snapchat (hiding his face behind dozens of hundred dollar bills). It then notes that behind Stokes the wallpaper, carpet, and furniture match New York's Empire Hotel — and that Stokes had visited the hotel's web site in Germany before then flying to New York...

"Following the arrest, Stokes was extradited to the U.S., where he appeared in front of a federal court in Chicago for the first time on June 30, 2026, and he remains in custody," adds Tom's Hardware.

"The accused is now awaiting trial, having been charged with conspiracy, cyber intrusion, and fraud..."
Power

New Google Ad Imagines America's 'Declaration of Independence' Written With AI Help (techcrunch.com) 68

An anonymous reader shared this report from TechCrunch: Two hundred and fifty years after the signing of the Declaration of Independence, a new commercial from Google asks: What if the Founding Fathers had access to Google Workspace?

With the tagline "Group project, but make it 1776," the ad depicts a largely unseen Thomas Jefferson mid-draft when he gets a nagging text from Ben Franklin, leading to a very Google-centric collaboration process. Edits are suggested in Google Docs, a meeting gets scheduled in Google Calendar and conducted remotely via Google Meet (with every single attendee apparently turning their camera off?), then the whole thing is finalized with e-signatures; cue the fireworks.

Of course, since this is an ad from a tech company in the year 2026, AI has a role to play. The fictionalized founders use Google's "help me visualize" AI tool to try out different animals on the national seal, Gemini takes notes on the meeting, and the founders also ask the chatbot for advice before declining King George III's document access request.

TechCrunch call it "very tongue-in-cheek," noting that at one point Samuel Adams even asks, "Can we settle this over beers?" And they argue that "the AI evangelism is relatively discreet when compared to many other recent ads."
Security

AI Agent Executes 'First' End-To-End Ransomware Attack 36

Sysdig says it has documented the first ransomware attack carried out end to end by an AI agent, which autonomously exploited exposed systems, stole credentials, established persistence, compromised a production database, and destroyed data. The research team named the attacker "JadePuffer" and said it gained initial access to an internet-facing Langflow instance by exploiting CVE-2025-3248. "The most striking characteristic, however, was the LLM's behavior," Sysdig director of threat research Michael Clark said in a blog post. An anonymous reader quotes an excerpt from The Register: JadePuffer's "self-narrating" payloads "contained natural language reasoning, target prioritization, and the kind of detailed annotations that human operators don't often write but LLM-generated code produces reflexively," Clark added. "The operation also adapted in real time, retrying failed steps within refined parameters. In one sequence, it went from a failed login to a working fix in 31 seconds." After exploiting CVE-2025-3248, a missing authentication vulnerability in Langflow that allows remote, unauthenticated attackers to execute arbitrary Python on the host, the AI agent began scanning for and collecting secrets, including LLM provider API keys, cloud credentials "with explicit coverage of Chinese providers" including Alibaba, Aliyun, Tencent, and Huawei, while also scanning for AWS, Azure and Google Cloud Platform, cryptocurrency wallets, and database credentials.

The AI also installed a crontab entry on the Langflow server to maintain persistence and call back to the attacker's infrastructure every 30 minutes. JadePuffer's intended target was a separate internet-exposed production server running a MySQL database and an Alibaba Nacos configuration service, we're told. Nacos is an open-source service-discovery and dynamic configuration platform developed by Alibaba and used in the cloud provider's microservices applications. The agent connected to the server's exposed MySQL port using root credentials, although Sysdig doesn't know how the attacker obtained them. These credentials weren't stolen from the victim's environment.

JadePuffer then attacked Nacos via multiple vectors including an authorization bypass flaw (CVE-2021-29441) and forging a valid JSON web token (JWT) using Nacos's default signing key. Additionally, using its root database access, the LLM injected a backdoor administrator into the Nacos backing database. It ultimately encrypted all 1,342 Nacos service configuration items using MySQL's built-in AES encryption function, and created an extortion demand, ransom note, Bitcoin payment address, and a Proton Mail contact [...]. However, according to the threat hunters, the victim can't recover the encrypted data, even if they paid the ransom demand, because the agent escalated "from row-level deletion to dropping entire database schemas, narrating its own targeting rationale," without backing up any of the encrypted data.
AI

SpaceX Reportedly Has an AI Device Prototype 24

According to the Wall Street Journal, SpaceX showed investors an early prototype of a slim, "handset-like" AI device running a proprietary operating system and integrating xAI technology. Elon Musk, however, denied the report, calling it "utterly false." TechCrunch reports: SpaceX, alongside sister company Tesla, does have the manufacturing expertise to pull off mass-producing a bunch of AI devices -- not to mention access to the chips needed to power any on-device compute. SpaceX has also signaled that it's keen to expand into wireless, with Starlink Mobile as a potential competitor to Verizon and AT&T. One analyst even went as far as to speculate that T-Mobile or AT&T would make fine acquisition targets for the rocket builder, though such a purchase would, undoubtedly, be pricey.

It's also not clear if SpaceX is just throwing spaghetti at the wall or if it will attempt to really mass-produce and market such a device. But one thing that seems clearer is that if OpenAI is doing it, Musk would, perhaps, want to try to do it better. [...]

Like OpenAI, SpaceX's prototype is reportedly designed to run on a proprietary operating system and integrate technology from xAI, Musk's AI company that SpaceX acquired earlier this year. This would prevent these new devices from being trapped inside another company's platforms (like Google's Android). But the intent also appears to be to create something new, with native AI interfaces. That said, the graveyard is crowded with the unsuccessful launches of AI devices from companies like Humane and Rabbit. A company wanting to sell an AI device does not equate to consumers wanting to buy such a thing. Yet.
Cloud

Meta Is Reportedly Building Its Own Cloud Business (engadget.com) 30

Meta is reportedly developing its own cloud business that could sell access to its AI models and lease data-center computing capacity to other companies. The move would put Meta in direct competition with Amazon, Google, and SpaceX. Engadget reports: The cloud business could offer multiple services, according to [Bloomberg], like selling access to AI models run on Meta's infrastructure, or leasing the computing power of its data centers to other companies looking to train AI. Offering something akin to Amazon Web Services could help make back some of what Meta has already spent on its new bet. As part of its AI plans, the company has committed to investing $600 billion in the US by 2028. Meta has also already made more than a few expensive hires to build its AI superintelligence team. Meta Compute, the data center and AI-focused initiative Meta created in January, is currently developing the new cloud business, according to Bloomberg.
The Courts

Meta Loses Bid To Dismiss US States' Claims That Facebook, Instagram Addict Children (reuters.com) 29

A federal judge rejected Meta's bid to dismiss claims from 29 state attorneys general alleging that Facebook and Instagram were designed to addict children while concealing the harms. The judge found significant factual disputes that must be decided at trial. They also ruled that Meta failed to comply with federal parental notice and consent requirements for children under 13, "and granted summary judgement to the states on that issue," reports Reuters. From the report: In a separate statement, California Attorney General Rob Bonta called the decision a "critical win" in holding Meta accountable for fueling a mental health crisis among American children. Gonzalez Rogers also oversees related multidistrict litigation by more than 2,600 individuals, school districts and local governments over whether social media platforms such as Facebook, Instagram, Google and YouTube, Snapchat and TikTok addict children.

The states said research has shown that children's use of Facebook and Instagram could lead to depression, anxiety, insomnia, interference with education and daily life, and self-harm including suicide. Meta countered that the attorneys general had no evidence it misled consumers about its platforms' alleged addictiveness, including in congressional testimony by Chief Executive Mark Zuckerberg. The Menlo Park, California-based company said this was because "social media addiction" is not an established psychiatric condition, and therefore statements that its platforms are not addictive could not be false. Meta also said it didn't violate the children's online privacy law because it directed Facebook and Instagram to a general audience, not just children under age 13.

In a 38-page decision, Gonzalez Rogers found material factual disputes over whether Meta's social media platforms are addictive, whether Meta falsely denied it designed them that way, and whether it "partially" directed the platforms at children. "The AGs present a reasonable interpretation of [Meta's] statements that Facebook and Instagram are not designed in ways that cause teens to compulsively use the platforms to their detriment," the judge wrote. "To the extent plaintiffs' evidence shows that the platforms are in fact designed to do just that, a jury could reasonably find the statements were untrue to a reasonable person," she added. A trial over California, Colorado, Kentucky and New Jersey's claims against Meta is scheduled for August 18, court records show.
Further reading: Will Social Media Change After YouTube and Meta's Court Defeat?
Google

Google Pulls the Plug On Tenor API, Killing GIF Pickers Around the Web (9to5google.com) 18

Google has shut down the Tenor API, breaking GIF pickers in services that still relied on it and forcing platforms such as X to migrate elsewhere. 9to5Google notes that the library itself remains available at Tenor.com and "integrations within Google products are also still active, including Gboard, Google Messages, and more." From the report: The Tenor API has been rejecting new API sign-ups in January of this year, but existing integrations remained in place. This week, though, they're shutting down, and any integrations that remain in place will stop working on July 1. The support page adds details that "any API or Ads Distribution Agreements" with Tenor will be terminated on June 30, while "current integrations" will be "fully decommissioned" as of June 30.

One of the most notable examples here is Twitter/X, which has relied on Tenor for its GIF picker for years. Twitter/X Head of Product Nikita Bier confirmed that the platform has migrated elsewhere, which is why the "recently used" section was purged, and why you might notice fewer GIF options when posting. Other platforms affected include Discord, WhatsApp, and Bluesky.

The Courts

US Supreme Court Rules Geofence Warrants Require Constitutional Privacy Protections (theguardian.com) 97

The U.S. Supreme Court ruled 6-3 (PDF) in Chatrie v United States (No. 25-112) that geofence warrants sweeping up smartphone location data constitute searches under the Fourth Amendment. The Court found that individuals have a "reasonable expectation of privacy" in such data, even when the tracking covers only a brief period or records movements in public. "An individual has a reasonable expectation of privacy in records about his cell phone's location, and police intrude on that constitutionally protected interest when they demand the information -- even though for only a limited time, and from a third-party tech company," wrote Justice Elena Kagan. Longtime Slashdot reader schwit1 submitted the story. The Guardian reports: The use of geofence warrants is widespread, and gives law enforcement agencies the power to compel tech companies to hand over sensitive cell phone data from people at or near crime scenes. The warrants allow police and the FBI to collect this information from individuals within the radius of a virtual "fence" during a particular timeframe. But they are not restricted to requesting data for precise targets.

The Chatrie case focuses on local police's pursuit of an armed bank robber in Richmond, Virginia. He fled with $195,000. Law enforcement tracked Okello Chatrie down through their use of geofence warrants. Chatrie had opted in to an optional Google "location history" feature that documented his location every few minutes. He was eventually sentenced to 12 years in prison, after pleading guilty. Chatrie's lawyers argued that this search was overly broad and violated his fourth amendment rights, which protects individuals from "unreasonable search and seizure." Lawyers said that police's use of geofence warrants amounted to an official "search" under the fourth amendment, and didn't meet the constitution's requirements for one.

The government had argued that accessing only a short amount of cellphone location information means this tactic does not count as a fourth amendment search and accordingly, should not be afforded the same privacy protections. But the judges in the majority disagreed. The judges in the majority opinion also wrote that the government's characterization of generating location history as a voluntary choice is "meritless." They suggested that people aren't choosing to share private information with third parties and the government "just by doing the ordinary thing cellphone users do." "The point of carrying smartphones is to use what is on them," including the apps and services they provide -- many of which use location data to customize a user's experience, they said.

[...] While the majority opinion noted that police conducted a fourth amendment search by accessing Chatrie's location history data, they noted that the court of appeals will weigh in on whether the "search was reasonable, meaning that each of its steps was properly described with particularity and found to be supported by probable cause." Law enforcement has said they need geofence warrants to find suspects and witnesses -- after reaching dead ends. The US government, for its part, has argued that people can't have a "reasonable expectation of privacy" when they are in public and have allowed a third party company, such as Google, to collect and analyze phone location data.

China

China's AI Matches Anthropic in Cybersecurity, Causing Worry Over US Restrictions (msn.com) 57

Chinese AI systems "have matched the performance of Anthropic's powerful model Mythos in some cybersecurity scenarios," reports the Wall Street Journal.

They call it "a development poised to reset the global tech race and pressure the White House in its overhaul of U.S. AI policy." Security researchers said that a new AI model, released this month by China's Zhipu AI, also known as Z.ai, can match the latest U.S. models when it comes to finding security bugs, although it still lags behind Anthropic's and OpenAI's products in other tasks. Overall, the capability gap between top U.S. models and those built by Chinese companies has narrowed significantly, and use of Chinese AI systems has surged as businesses seek to rein in runaway costs. A host of companies, including Microsoft, are weighing how they can offer Chinese models on their platforms, a development that is set to alter the balance of power among tech companies...

Unlike models from Anthropic or OpenAI, Zhipu's GLM-5.2 is open-weight. That means it can be downloaded and run on hardware operated by anybody and can be modified and used without supervision. Open-weight models are ideal for users who want unfettered access to systems they control, but they are also ideal for hackers, who can run them in the shadows. GLM-5.2 has ranked as one of the 10 most-used AI models, according to data from OpenRouter, a company that provides access to more than 400 AI models. In some benchmarking tests, according to the cybersecurity company Semgrep, GLM-5.2 bested Anthropic's Claude Opus 4.8 model, which was released in May. When given further instructions, Opus 4.8 and GLM-5.2 can match Mythos in bug-finding ability, according to researchers...

"Banning Fable while selling chips China needs to develop its own version is a gift to China," said Saif Khan, a distinguished technology fellow at the Institute for Progress think tank who worked on export restrictions in the Biden administration. The U.S. needs to maximize the use of Mythos and comparable models to harden its cyber defenses while it can, he added. Among the Mythos 5 and Fable 5 users that had lost access before Friday's decision to restore Mythos 5 access for some trusted entities: the National Security Agency, which had been testing the tools and found them impressive in trials, according to people familiar with the matter... "It is incentivizing companies across the globe to use cheaper but very capable Chinese open-weight models, while at the same time undermining the U.S. AI industry," said Niels Provos, a researcher who led security teams at Google and Stripe. "I don't understand it."

Thanks to long-time Slashdot reader schwit1 for sharing the article.
AI

Forget Prompt Engineering: 'Loop Engineering' Is All the Rage Now (businessinsider.com) 90

An anonymous reader quotes a report from Business Insider: For the most powerful voices in AI, it's all about being in the loop. Claude Code creator Boris Cherny recently said he doesn't write his own AI prompts much anymore. Thanks to loops, he doesn't have to. "It's an agent that prompts Claude," Cherny recently told CNBC, adding, "I don't write the prompt anymore. Claude writes the prompt, and now I'm talking to that new Claude that is kind of coordinating." In the same interview, Cherny said that loops and a similar feature were examples of the kind of work he would be proudest of in a decade.

Cherny isn't the only one embracing "loop engineering." OpenAI engineer Peter Steinberger, the creator of the viral OpenClaw project, wrote a public reminder to users who are still writing out prompts for AI agents. "Here's your monthly reminder that you shouldn't be prompting coding agents anymore," Steinberger wrote recently on X. "You should be designing loops that prompt your agents." [...] Steinberger shared an example of a loop he uses: "Tell codex to maintain your repos, wake up every 5 minutes and direct work to threads. That makes it easy to parallelize+steer work as needed."
Claire Vo, founder of ChatPRD and host of the "How I AI," said, "it's really just reminding people that you don't have to use your human fingers to type in a prompt in order for your agent to do work on your behalf."

The days of directly prompting generative AI coding tools are "kind of over, or at least some think it's going to be," Addy Osmani, director of Google Cloud, wrote in his post explaining the concept.
AI

Linux Foundation Launches Akrites To Coordinate AI-Driven Open Source Security (nerds.xyz) 17

BrianFagioli writes: The Linux Foundation has announced Akrites, a new initiative to coordinate vulnerability disclosure and remediation for critical open source software as AI dramatically speeds up vulnerability discovery. Founding members include AWS, Google, Microsoft, OpenAI, Red Hat, NVIDIA, IBM, Cisco, JPMorganChase, and others. Akrites will provide a shared Security Incident Response Team (SIRT), a standardized coordinated vulnerability disclosure process, and act as a "maintainer of last resort" for abandoned but widely used packages.

The goal is to reduce duplicate reports, avoid conflicting patches, and help upstream maintainers address vulnerabilities before they can be exploited. As AI makes it easier to find security flaws, can a coordinated industry effort help protect open source, or does it risk giving large corporations too much influence over the ecosystem?
"Akrites is the largest coordinated effort in history to create systems and deploy tooling that leverages the collective power of the community to make everyone safer," the Linux Foundation said in an open letter. "Akrites participants will contribute engineering resources; work to build and ship fixes; or fund the engineers who do. Some companies have contributed mightily already. The reality is, collectively, we need to contribute more."

Slashdot Top Deals