"After approximately seven years in development, the Eclipse Foundation's Theia IDE project is now generally available," writes ADT magazine, "emerging from beta to challenge Microsoft's similar Visual Studio Code (VS Code) editor." The Eclipse Theia IDE is part of the Eclipse Cloud DevTools ecosystem. The Eclipse Foundation calls it "a true open-source alternative to VS Code," which was built on open source but includes proprietary elements, such as default telemetry, which collects usage data...

Theia was built on the same Monaco editor that powers VS Code, and it supports the same Language Server Protocol (LSP) and Debug Adapter Protocol (DAP) that provide IntelliSense code completions, error checking and other features. The Theia IDE also supports the same extensions as VS Code (via the Open VSX Registry instead of Microsoft's Visual Studio Code Marketplace), which are typically written in TypeScript and JavaScript. There are many, many more extensions available for VS Code in Microsoft's marketplace, while "Extensions for VS Code Compatible Editors" in the Open VSX Registry number 3,784 at the time of this writing...

The Eclipse Foundation emphasized another difference between its Theia IDE and VS Code: the surrounding ecosystem/community. "At the core of Theia IDE is its vibrant open source community hosted by the Eclipse Foundation," the organization said in a news release. "This ensures freedom for commercial use without proprietary constraints and fosters innovation and reliability through contributions from companies such as Ericsson, EclipseSource, STMicroelectronics, TypeFox, and more. The community-driven model encourages participation and adaptation according to user needs and feedback."

Indeed, the list of contributors to and adopters of the platform is extensive, also featuring Broadcom, Arm, IBM, Red Hat, SAP, Samsung, Google, Gitpod, Huawei and many others.
The It's FOSS blog has some screenshots and a detailed rundown.

ADT magazine stresses that there's also an entirely distinct (but related) project called the Eclipse Theia Platform (not IDE) which differs from VS Code by allowing developers "to create desktop and cloud IDEs using a single, open-source technology stack" [that can be used in open-source initiatives]. The Eclipse Theia platform "allows developers to customize every aspect of the IDE without forking or patching the code... fully tailored for the needs of internal company projects or for commercial resale as a branded product."

Longtime Slashdot reader theodp writes: "If Einstein paved the way for a new era in physics," explains auction house Christie's in a promotion piece for its upcoming offering of 150+ "objects of scientific and historical importance" from the Paul G. Allen Collection (including items from the shuttered Living Computers Museum), "Mr. Allen and his collaborators ushered in a new era of computing. Starting with MS-DOS in 1981, Microsoft then went on to revolutionize personal computing with the launch of Windows in 1985."

Christie's auction and characterization of MS-DOS as an Allen and Microsoft innovation comes 30 years after the death of Gary Kildall, whose unpublished memoir, the Seattle Times reported in Kildall's July 1994 obituary, called DOS "plain and simple theft" of Kildall's CP/M OS. PC Magazine's The Rise of DOS: How Microsoft Got the IBM PC OS Contract notes that Paul Allen himself traced the genesis of MS-DOS back to a phone call Allen made to Seattle Computer Products owner Rod Brock in which Microsoft licensed Tim Paterson's CP/M-inspired QDOS (Quick and Dirty Operating System) for $10,000 plus a royalty of $15,000 for every company that licensed the software. A shrewd buy-low-sell-high business deal, yes, but hardly an Einstein-caliber breakthrough idea.

YouTube has released an AI-powered eraser tool to help creators easily remove copyrighted music from their videos without affecting other audio such as dialog or sound effects. TechCrunch's Ivan Mehta reports: On its support page, YouTube still warns that, at times, the algorithm might fail to remove just the song. "This edit might not work if the song is hard to remove. If this tool doesn't successfully remove the claim on a video, you can try other editing options, such as muting all sound in the claimed segments or trimming out the claimed segments," the company said.

Alternatively, creators can choose to select "Mute all sound in the claimed segments" to silence bits of video that possibly has copyrighted material. Once the creator successfully edits the video, YouTube removes the content ID claim -- the company's system for identifying the use of copyrighted content in different clips. YouTube shared a video describing the feature on its Creator Insider channel.

An anonymous reader quotes a report from Ars Technica: More than 384,000 websites are linking to a site that was caught last week performing a supply-chain attack that redirected visitors to malicious sites, researchers said. For years, the JavaScript code, hosted at polyfill[.]com, was a legitimate open source project that allowed older browsers to handle advanced functions that weren't natively supported. By linking to cdn.polyfill[.]io, websites could ensure that devices using legacy browsers could render content in newer formats. The free service was popular among websites because all they had to do was embed the link in their sites. The code hosted on the polyfill site did the rest. In February, China-based company Funnull acquired the domain and the GitHub account that hosted the JavaScript code. On June 25, researchers from security firm Sansec reported that code hosted on the polyfill domain had been changed to redirect users to adult- and gambling-themed websites. The code was deliberately designed to mask the redirections by performing them only at certain times of the day and only against visitors who met specific criteria.

The revelation prompted industry-wide calls to take action. Two days after the Sansec report was published, domain registrar Namecheap suspended the domain, a move that effectively prevented the malicious code from running on visitor devices. Even then, content delivery networks such as Cloudflare began automatically replacing pollyfill links with domains leading to safe mirror sites. Google blocked ads for sites embedding the Polyfill[.]io domain. The website blocker uBlock Origin added the domain to its filter list. And Andrew Betts, the original creator of Polyfill.io, urged website owners to remove links to the library immediately. As of Tuesday, exactly one week after malicious behavior came to light, 384,773 sites continued to link to the site, according to researchers from security firm Censys. Some of the sites were associated with mainstream companies including Hulu, Mercedes-Benz, and Warner Bros. and the federal government. The findings underscore the power of supply-chain attacks, which can spread malware to thousands or millions of people simply by infecting a common source they all rely on.

Google is intensifying efforts to decrease its dependency on Apple's Safari browser, as a U.S. antitrust lawsuit threatens its default search engine status on iPhones. The tech giant has been trying to shift more iPhone searches to its own apps, with the percentage rising from 25% five years ago to the low 30s recently, The Information reported Friday.

Progress has stalled in recent months, however. To attract users, Google has run advertising campaigns showcasing unique features like Lens image search. The company recently hired former Instagram executive Robby Stein to lead this initiative, potentially leveraging AI to enhance its apps' appeal. Google paid Apple over $20 billion last year for default status on Safari. Reducing this dependency could protect Google's mobile search advertising revenue if the antitrust ruling goes against it. The report adds: Google executives considered having its new AI Overviews feature, which shows AI-generated responses to search queries, appear on its mobile apps but not on Safari, people who have worked on the product said. But Google ultimately decided against that move.

An anonymous reader shares a report: Generative AI could "distort collective understanding of socio-political reality or scientific consensus," and in many cases is already doing that, according to a new research paper from Google, one of the biggest companies in the world building, deploying, and promoting generative AI. The paper, "Generative AI Misuse: A Taxonomy of Tactics and Insights from Real-World Data," [PDF] was co-authored by researchers at Google's artificial intelligence research laboratory DeepMind, its security think tank Jigsaw, and its charitable arm Google.org, and aims to classify the different ways generative AI tools are being misused by analyzing about 200 incidents of misuse as reported in the media and research papers between January 2023 and March 2024.

Unlike self-serving warnings from Open AI CEO Sam Altman or Elon Musk about the "existential risk" artificial general intelligence poses to humanity, Google's research focuses on real harm that generative AI is currently causing and could get worse in the future. Namely, that generative AI makes it very easy for anyone to flood the internet with generated text, audio, images, and videos. Much like another Google research paper about the dangers of generative AI I covered recently, Google's methodology here likely undercounts instances of AI-generated harm. But the most interesting observation in the paper is that the vast majority of these harms and how they "undermine public trust," as the researchers say, are often "neither overtly malicious nor explicitly violate these tools' content policies or terms of service." In other words, that type of content is a feature, not a bug.

Cloudflare today unveiled a new feature part of its content delivery network (CDN) that prevents AI developers from scraping content on the web. According to Cloudflare, the feature is available for both the free and paid tiers of its service. SiliconANGLE reports: The feature uses AI to detect automated content extraction attempts. According to Cloudflare, its software can spot bots that scrape content for LLM training projects even when they attempt to avoid detection. "Sadly, we've observed bot operators attempt to appear as though they are a real browser by using a spoofed user agent," Cloudflare engineers wrote in a blog post today. "We've monitored this activity over time, and we're proud to say that our global machine learning model has always recognized this activity as a bot."

One of the crawlers that Cloudflare managed to detect is a bot that collects content for Perplexity AI Inc., a well-funded search engine startup. Last month, Wired reported that the manner in which the bot scrapes websites makes its requests appear as regular user traffic. As a result, website operators have struggled to block Perplexity AI from using their content. Cloudflare assigns every website visit that its platform processes a score of 1 to 99. The lower the number, the greater the likelihood that the request was generated by a bot. According to the company, requests made by the bot that collects content for Perplexity AI consistently receive a score under 30.

"When bad actors attempt to crawl websites at scale, they generally use tools and frameworks that we are able to fingerprint," Cloudflare's engineers detailed. "For every fingerprint we see, we use Cloudflare's network, which sees over 57 million requests per second on average, to understand how much we should trust this fingerprint." Cloudflare will update the feature over time to address changes in AI scraping bots' technical fingerprints and the emergence of new crawlers. As part of the initiative, the company is rolling out a tool that will enable website operators to report any new bots they may encounter.

Proton, the privacy-focused technology company, has launched Proton Docs, a new document editing tool that bears a striking resemblance to Google Docs. The service, launched as part of Proton Drive, offers features such as rich text editing, real-time collaboration, and multimedia support.

theodp writes: As with last year," tweeted College Board's AP Program Chief Trevor Packer, "the most challenging free-response question on this year's AP Computer Science A exam was Q4 on 2D Array." While it takes six pages of the AP CS A exam document [PDF] to ask question 4 (of 4), the ask of students essentially boils down to using Java to move from the current location in a 2-D grid to either immediately below or to the right of that location based on which neighbor contains the lesser value, and adding the value at that location to a total (suggested Java solution, alternative Excel VBA solution). Much like rules of the children's game Pop-O-Matic Trouble, moves are subject to the constraint that you cannot move to the right or ahead if it takes you to an invalid position (beyond the grid dimensions).

Ironically, many of the AP CS A students who struggled with the grid coding problem were likely exposed by their schools from kindergarten on to more than a decade's worth of annual Hour of Code tutorials that focused on the concepts of using code to move about in 2-D grids. The move-up-down-left-right tutorials promoted by schools came from tech-backed nonprofit Code.org and its tech giant partners and have been taught over the years by the likes of Bill Gates, Mark Zuckerberg, and President Obama, as well as characters from Star Wars, Disney Princess movies, and Microsoft Minecraft.

The news of American high school students struggling again with fairly straightforward coding problems after a year-long course of instruction comes not only as tech companies and tech-tied nonprofits lobby state lawmakers to pass bills making CS a high school graduation requirement in the US, but also as a new report from King's College urges lawmakers and educators to address a stark decline in the number of UK students studying computing at secondary school, which is blamed on the replacement of more approachable ICT (Information and Communications Technology) courses with more rigorous computer science courses in 2013 (a switch pushed by Google and Microsoft), which it notes students have perceived as too difficult and avoided taking.

An anonymous reader quotes a report from the Financial Times: Google's greenhouse gas emissions have surged 48 percent in the past five years due to the expansion of its data centers that underpin artificial intelligence systems, leaving its commitment to get to "net zero" by 2030 in doubt. The Silicon Valley company's pollution amounted to 14.3 million tons of carbon equivalent in 2023, a 48 percent increase from its 2019 baseline and a 13 percent rise since last year, Google said in its annual environmental report on Tuesday. Google said the jump highlighted "the challenge of reducing emissions" at the same time as it invests in the build-out of large language models and their associated applications and infrastructure, admitting that "the future environmental impact of AI" was "complex and difficult to predict."

Chief sustainability officer Kate Brandt said the company remained committed to the 2030 target but stressed the "extremely ambitious" nature of the goal. "We do still expect our emissions to continue to rise before dropping towards our goal," said Brandt. She added that Google was "working very hard" on reducing its emissions, including by signing deals for clean energy. There was also a "tremendous opportunity for climate solutions that are enabled by AI," said Brandt. [...] In Tuesday's report, Google said its 2023 energy-related emissions -- which come primarily from data center electricity consumption -- rose 37 percent year on year, and overall represented a quarter of its total greenhouse gas emissions. Google's supply chain emissions -- its largest chunk, representing 75 percent of its total emissions -- also rose 8 percent. Google said they would "continue to rise in the near term" as a result in part of the build-out of the infrastructure needed to run AI systems.

Google has pledged to achieve net zero across its direct and indirect greenhouse gas emissions by 2030, and to run on carbon-free energy during every hour of every day within each grid it operates by the same date. However, the company warned in Tuesday's report that the "termination" of some clean energy projects during 2023 had pushed down the amount of renewables it had access to. Meanwhile, the company's data centre electricity consumption had "outpaced" Google's ability to bring more clean power projects online in the US and Asia-Pacific regions. Google's data centre electricity consumption increased 17 percent in 2023, and amounted to approximately 7-10 percent of global data center electricity consumption, the company estimated.Its data centers also consumed 17 percent more water in 2023 than during the previous year, Google said.

Nearly half of Americans are using third-party antivirus software and the rest are either using the default protection in their operating system -- or none at all. From a report: In all, 46 percent of almost 1,000 US citizens surveyed by the reviews site Security.org said they used third-party antivirus on their computers, with 49 percent on their PCs, 18 percent using it on their tablets, and 17 percent on their phones. Of those who solely rely on their operating system's built-in security -- such as Microsoft's Windows Defender, Apple's XProtect, and Android's Google Play -- 12 percent are planning to switch to third-party software in the next six months.

Of those who do look outside the OS, 54 percent of people pay for the security software, 43 percent choose the stripped-down free version, and worryingly, three percent aren't sure whether they pay or not. Among paying users, the most popular brands were Norton, McAfee, and Malwarebytes, while free users preferred -- in order -- McAfee, Avast, and Malwarebytes. The overwhelming reason for purchasing, cited by 84 percent of respondents, was, of course, fear of malware. The next most common reasons were privacy, at 54 percent, and worries over online shopping, at 48 percent. Fear of losing cryptocurrency stashes from wallets was at eight percent, doubled since last year's survey.

An anonymous reader shares a report: ChromeOS Flex extends the lifespan of older hardware and contributes to reducing e-waste, making it an environmentally conscious choice. Unfortunately, recent developments hint at a potential end for ChromeOS Flex. As detailed in a June 12 blog post by Prajakta Gudadhe, senior director of engineering for ChromeOS, and Alexander Kuscher, senior director of product management for ChromeOS, Google's announcement about integrating ChromeOS with Android to enhance AI capabilities suggests that Flex might not be part of this future.

Google's plan, as detailed, suggests that ChromeOS Flex could be phased out, leaving its current users in a difficult position. The ChromiumOS community around ChromeOS Flex may attempt to adjust to these changes if Google open sources ChromeOS Flex, but this is not a guarantee. In the meantime, users may want to consider alternatives, such as various Linux distributions, to keep their older hardware functional.

An anonymous reader quotes a report from Ars Technica: Meta continues to hit walls with its heavily scrutinized plan to comply with the European Union's strict online competition law, the Digital Markets Act (DMA), by offering Facebook and Instagram subscriptions as an alternative for privacy-inclined users who want to opt out of ad targeting. Today, the European Commission (EC) announced preliminary findings that Meta's so-called "pay or consent" or "pay or OK" model -- which gives users a choice to either pay for access to its platforms or give consent to collect user data to target ads -- is not compliant with the DMA. According to the EC, Meta's advertising model violates the DMA in two ways. First, it "does not allow users to opt for a service that uses less of their personal data but is otherwise equivalent to the 'personalized ads-based service." And second, it "does not allow users to exercise their right to freely consent to the combination of their personal data," the press release said.

Now, Meta will have a chance to review the EC's evidence and defend its policy, with today's findings kicking off a process that will take months. The EC's investigation is expected to conclude next March. Thierry Breton, the commissioner for the internal market, said in the press release that the preliminary findings represent "another important step" to ensure Meta's full compliance with the DMA. "The DMA is there to give back to the users the power to decide how their data is used and ensure innovative companies can compete on equal footing with tech giants on data access," Breton said. A Meta spokesperson told Ars that Meta plans to fight the findings -- which could trigger fines up to 10 percent of the company's worldwide turnover, as well as fines up to 20 percent for repeat infringement if Meta loses. The EC agreed that more talks were needed, writing in the press release, "the Commission continues its constructive engagement with Meta to identify a satisfactory path towards effective compliance." Meta continues to claim that its "subscription for no ads" model was "endorsed" by the highest court in Europe, the Court of Justice of the European Union (CJEU), last year.

"Subscription for no ads follows the direction of the highest court in Europe and complies with the DMA," Meta's spokesperson said. "We look forward to further constructive dialogue with the European Commission to bring this investigation to a close."

Meta rolled out its ad-free subscription service option last November. "Depending on where you purchase it will cost $10.5/month on the web or $13.75/month on iOS and Android," said the company in a blog post. "Regardless of where you purchase, the subscription will apply to all linked Facebook and Instagram accounts in a user's Accounts Center. As is the case for many online subscriptions, the iOS and Android pricing take into account the fees that Apple and Google charge through respective purchasing policies."

Google is severing its trust in Entrust after what it describes as a protracted period of failures around compliance and general improvements. From a report: Entrust is one of the many certificate authorities (CA) used by Chrome to verify that the websites end users visit are trustworthy. From November 1 in Chrome 127, which recently entered beta, TLS server authentication certificates validating to Entrust or AffirmTrust roots won't be trusted by default.

Google pointed to a series of incident reports over the past few years concerning Entrust, saying they "highlighted a pattern of concerning behaviors" that have ultimately seen the security company fall down in Google's estimations. The incidents have "eroded confidence in [Entrust's] competence, reliability, and integrity as a publicly trusted CA owner," Google stated in a blog. The move follows a May publication by Mozilla, which compiled a sprawling list of Entrust's certificate issues between March and May this year. Entrust -- after an initial PR disaster -- acknowledged its procedural failures and said it was treating the feedback as a learning opportunity.

Google has unveiled its largest-ever expansion of Translate, adding 110 new languages powered by its PaLM 2 AI model. The update spans major world languages and endangered tongues, covering an additional 614 million speakers globally.

Highlights include Cantonese, long-requested by users, and a quarter of the new offerings from Africa. Some additions, like Manx from the Isle of Man, showcase dramatic revival stories. The expansion reflects Google's ambitious "1,000 Languages Initiative" and follows its 2022 addition of 24 languages using zero-shot machine translation. Challenges in implementation included navigating regional varieties and non-standardized forms, the company wrote in a blog post.

YouTube is negotiating with major record labels to license songs for AI tools that clone popular artists' music, according to Financial Times. The Google-owned platform is offering upfront payments to Sony, Warner, and Universal to secure rights for training AI software, aiming to launch new features this year. But there are roadblocks to the deal, the story adds: However, many artists remain fiercely opposed to AI music generation, fearing it could undermine the value of their work. Any move by a label to force their stars into such a scheme would be hugely controversial. [...]

YouTube last year began testing a generative AI tool that lets people create short music clips by entering a text prompt. The product, initially named "Dream Track," was designed to imitate the sound and lyrics of well-known singers. But only 10 artists agreed to participate in the test phase, including Charli XCX, Troye Sivan and John Legend, and Dream Track was made available to a just small group of creators.

An anonymous reader quotes a report from Reuters: Alphabet's Waymo said on Tuesday its autonomous ride-hailing service, Waymo One, is now available to everyone in San Francisco, nearly four years after a similar move in Phoenix, Arizona. Driverless vehicles are expected to drive commercial success for automakers even as regulatory scrutiny remains tight amid concerns of investors about growing investments in the nascent technology. Waymo had started a test service with its research-focused program in San Francisco in 2021, which included an autonomous specialist on board for all rides at that time, as it looked to commercialize the technology.

The company said that about 300,000 people had signed up to ride with Waymo since it first opened a waitlist in the city, signaling strong demand. Now with open access, anyone can request a ride on its app. The company had opened access to everyone in Phoenix, Arizona without a waitlist in 2020. Mountain View, California-based Waymo is a self-driving technology pioneer, which started its first U.S. driverless taxi service in 2020 over a decade after it was born in 2009 as a project inside Google. In March, the company received approval from the California Public Utilities Commission (CPUC) to start its Waymo One in Los Angeles and some cities near San Francisco.

Kurt Schlosser reports via GeekWire: Living Computers Museum + Labs, the Seattle institution created by the late Microsoft co-founder Paul Allen as a hands-on showcase for rare computing technology and interactive displays, will not reopen, more than four years after closing just ahead of the pandemic. Allen's estate, which has been managing and winding down his vast array of holdings since his death in 2018, confirmed to GeekWire that the 12-year-old museum is closed for good. The estate also announced Tuesday that some key pieces from Allen's personal collection of computer artifacts, displayed over the years at Living Computers, will be auctioned by Christie's as part of a broader sale of various Allen items later this year.

As directed by Allen's wishes, proceeds from the sale of any items will go to charitable causes. Allen's sister Jody Allen is the executor of his estate and for several years has been selling pieces of it, ranging from Seattle's Cinerama movie theater, the Everett, Wash.-based Flying Heritage and Combat Armor Museum, Vulcan Productions, Stratolaunch, the superyacht Octopus, and more. The estate previously teamed up with Christie's for a November 2022 auction of 155 masterpieces from Allen's extensive art collection. It was the world's most successful single-owner fine art auction ever, raising a record $1.62 billion.

The new auction, titled "Gen One: Innovations from the Paul G. Allen Collection," is billed as "a celebration of first-generation technologies and the pioneering minds behind them." The event will feature more than 150 items in three separate auctions, including "Firsts: The History of Computing," an online sale closing Sept. 12. This auction pays homage to Allen's role shaping the modern computing landscape. A highlight of the sale is a computer that Allen helped restore and on which he worked, a DEC PDP-10: KI-10. Built in 1971, it's the first computer that both Allen and Microsoft co-founder Bill Gates ever used prior to founding Microsoft. It's estimated to fetch $30,000 to $50,000. Christie's said details about other computers and related items from Allen's collection will be shared this summer.

The other two auctions of Allen property include "Pushing Boundaries: Ingenuity," a live auction on Sept. 10 that will feature items intended to tell the story of scientific and technological achievements spanning centuries. The top item is a 1939 signed letter from Albert Einstein to President Franklin Delano Roosevelt credited as the impetus behind the establishment of the Manhattan Project. It's estimated to fetch $4 million to $6 million. The third auction is "Over the Horizon: Art of the Future," an online auction closing Sept. 12, showcasing art devoted to interplanetary travel. A sale highlight is Chelsey Bonestell's "Saturn as Seen from Titan," circa 1952, and estimated to fetch $30,000 to $50,000.

Google is switching back to pagination for its search results, abandoning the continuous scroll feature introduced in 2022 for desktop and 2021 for mobile. The change, effective immediately for desktop users, aims to improve search result loading speeds, Google said, adding that infinite scrolling did not significantly enhance user satisfaction. Mobile users will see the change in coming months.

An anonymous reader shares a report: Over the weekend, a clip from a recent interview with Telegram's founder Pavel Durov went semi-viral on X (previously Twitter). In the video, Durov tells right-wing personality Tucker Carlson that he is the only product manager at the company, and that he only employs "about 30 engineers." Security experts say that while Durov was bragging about his Dubai-based company being "super efficient," what he said was actually a red flag for users.

"Without end-to-end encryption, huge numbers of vulnerable targets, and servers located in the UAE? Seems like that would be a security nightmare," Matthew Green, a cryptography expert at Johns Hopkins University, told TechCrunch. (Telegram spokesperson Remi Vaughn disputed this, saying it has no data centers in the UAE.) Green was referring to the fact that -- by default -- chats on Telegram are not end-to-end encrypted like they are on Signal or WhatsApp. A Telegram user has to start a "Secret Chat" to switch on end-to-end encryption, making the messages unreadable to Telegram or anyone other than the intended recipient.

Also, over the years, many people have cast doubt over the quality of Telegram's encryption, given that the company uses its own proprietary encryption algorithm, created by Durov's brother, as he said in an extended version of the Carlson interview. Eva Galperin, the director of cybersecurity at the Electronic Frontier Foundation and a longtime expert in the security of at-risk users, said that it's important to remember that Telegram, unlike Signal, is a lot more than just a messaging app.