An anonymous reader quotes a report from Ars Technica, written by Samuel Axon: In one of the most egregiously unethical uses of AI we've seen, a web advertising company has re-created some defunct, classic tech blogs like The Unofficial Apple Weblog (TUAW) and iLounge by mimicking the bylines of the websites' former writers and publishing AI-generated content under their names. The Verge reported on the fiasco in detail, including speaking to Christina Warren, a former writer for TUAW who now works at GitHub. Warren took to the social media platform Threads yesterday to point out that someone had re-launched TUAW at its original domain and populated it with fake content allegedly written by her and other past TUAW staff. Some of the content simply reworded articles that originally appeared on TUAW, while other articles tied real writers' names to new, AI-generated articles about current events.

TUAW was shut down in 2015, but its intellectual property and domain name continued to be owned by Yahoo. A Hong Kong-based web advertising firm named Web Orange Limited claims to have purchased the domain and brand name but not the content. The domain name still carries some value in terms of Google ranking, so Web Orange Limited seems to have relaunched the site and then used AI summarization tools to reword the original content and publish it under the original authors' names. (It did the same with another classic Apple blog, iLounge.) The site also includes author bios, which are generic and may have been generated, and they are accompanied by author photos that don't look anything like the real writers. The Verge found that some of these same photos have appeared in other places, like web display ads for iPhone cases and dating websites. They may have been AI-generated, though the company has also been caught reusing photos of real people without permission in other contexts.

At first, some of Web Orange Limited's websites named Haider Ali Khan, an Australian currently residing in Dubai, as the owner of the company. Khan's own website identified him as "an independent cyber security analyst" and "long-time advocate for web security" who also runs a web hosting company, and who "started investing in several technology reporting websites" and "manages and runs several news blogs such as the well-known Apple tech-news blog iLounge." However, mentions of his name were removed from the websites today, and the details on his personal website have apparently been taken offline. Warren emailed the company, threatening legal action. After she did that, the byline was changed to what we can only assume is a made-up name -- "Mary Brown." The same goes for many of the other author names on Web Orange Limited's websites.

The company likely tried to use the original authors' names as part of an SEO play; Google tracks the names of authors and gives them authority rankings on specific topics as another layer on top of a website's own authority. That way, Google can try to respond to user queries with results written by people who have built strong reputations in the users' areas of interest. It also helps Google surface authors who are experts on a topic but who write for multiple websites, which is common among freelance writers. The websites are still operational, even though the most arguably egregious breach of ethics -- the false use of real people's names -- has been addressed in many cases.

Alphabet unit Google's cloud subsidiary will look into other options in its fight against Microsoft's licensing practices, the head of Google Cloud head said on Wednesday. From a report: The comments by Amit Zavery came after Microsoft reached a deal with trade body CISPE to resolve the latter's antitrust complaint about its cloud licensing practices. "Many regulatory bodies have opened inquiries into Microsoft's licensing practices, and we are hopeful there will be remedies to protect the cloud market from Microsoft's anti-competitive behavior," he said.

"We are exploring our options to continue to fight against Microsoft's anti-competitive licensing in order to promote choice, innovation, and the growth of the digital economy in Europe."

A recent study has exposed a method of artificially inflating citation counts through "sneaked references," which are extra citations included in metadata but not in the actual text of articles. This manipulation, uncovered in journals by Technoscience Academy, distorts citation metrics that are critical for research funding and academic promotions. The Conversation reports: The investigation began when Guillaume Cabanac, a professor at the University of Toulouse, wrote a post on PubPeer, a website dedicated to post-publication peer review, in which scientists discuss and analyze publications. In the post, he detailed how he had noticed an inconsistency: a Hindawi journal article that he suspected was fraudulent because it contained awkward phrases had far more citations than downloads, which is very unusual. The post caught the attention of several sleuths who are now the authors of the JASIST article. We used a scientific search engine to look for articles citing the initial article. Google Scholar found none, but Crossref and Dimensions did find references. The difference? Google Scholar is likely to mostly rely on the article's main text to extract the references appearing in the bibliography section, whereas Crossref and Dimensions use metadata provided by publishers.

To understand the extent of the manipulation, we examined three scientific journals that were published by the Technoscience Academy, the publisher responsible for the articles that contained questionable citations. [...] In the journals published by Technoscience Academy, at least 9% of recorded references were "sneaked references." These additional references were only in the metadata, distorting citation counts and giving certain authors an unfair advantage. Some legitimate references were also lost, meaning they were not present in the metadata. In addition, when analyzing the sneaked references, we found that they highly benefited some researchers. For example, a single researcher who was associated with Technoscience Academy benefited from more than 3,000 additional illegitimate citations. Some journals from the same publisher benefited from a couple hundred additional sneaked citations.

We wanted our results to be externally validated, so we posted our study as a preprint, informed both Crossref and Dimensions of our findings and gave them a link to the preprinted investigation. Dimensions acknowledged the illegitimate citations and confirmed that their database reflects Crossref's data. Crossref also confirmed the extra references in Retraction Watch and highlighted that this was the first time that it had been notified of such a problem in its database. The publisher, based on Crossref's investigation, has taken action to fix the problem. To combat this practice of "sneaked references," the authors suggest several measures: rigorous verification of metadata by publishers and agencies like Crossref, independent audits to ensure data reliability, and increased transparency in managing references and citations.

At its Galaxy Unpacked event today, Samsung unveiled a slew of new devices ushering in the "Next Frontier of Mobile AI." With "cross-device intelligence," each device has its own set of AI features that Samsung said will be personalized for users, good for humanity, and empowering for creators. Ars Technica's Kevin Purdy reports: Aiming to put its Galaxy AI onto your wrist and fingers, Samsung announced a seventh version of its Galaxy Watch, a rugged and larger Galaxy Watch Ultra, and the first version of a Galaxy Ring. [...] The Galaxy Watch 7 and Watch Ultra are strikingly similar to their inspirations: the Apple Watch Ultra and the previous Galaxy Watch, respectively. [...] The Galaxy Z Fold 6 ($1,900) and Z Flip 6 ($1,100) have the kinds of boosts from their prior models you might expect. There's a Snapdragon 8 Gen 3 chip inside. The folding glass on both is supposedly stronger and now rated for IP48, which means dust resistance went from "X" (good luck) to "4" (1 mm and greater particles), which is still unfortunate at these price points, but that's life on the folding edge.

The outward-facing screen on the Z Fold 6 got a smidge bigger (6.2 to 6.3 inches), though it has the same inner display. Its cameras are much the same (50 megapixel main, 10 megapixel telephoto, 12 megapixel ultrawide), though the ultrawide claims better low-light performance. The Z Flip 6's most notable upgrade is its 4,000 mAh battery and a vapor cooling chamber inside. The base model gets 12GB of RAM instead of 8GB and 512GB of storage instead of 256GB on the base model.

There are other products not mentioned here announced by Samsung today, including its Galaxy Buds3 and Buds3 Pro, which are wireless earbuds that will remind you of certain other very popular wireless earbuds. What Samsung really had to pitch today was how its own Galaxy AI was the connective tissue between all of them. The screens on the Fold and Flip models are ideal for circling things to search them. The cameras can auto-zoom, the notes can be summarized, and translations, in particular, are everywhere. The watches and rings can track your health and suggest ways to make it better in all kinds of ways that merit a lot of disclosure about where all that data is going. Rick Osterloh, Google's devices and services chief, showed up to give a kind of Gemini blessing to Samsung's efforts.

Google has streamlined its Advanced Protection Program, allowing users to enroll using a single passkey instead of two physical security keys. The program, designed for individuals at high risk of targeted online attacks, now uses built-in biometric authentication on Pixel phones and iPhones.

Scharon Harding reports via Wired: In 2019, Nike got closer than ever to its dreams of popularizing self-tying sneakers by releasing the Adapt BB. Using Bluetooth, the sneakers paired to the Adapt app that let users do things like tighten or loosen the shoes' laces and control its LED lights. However, Nike has announced that it's "retiring" the app on August 6 (Warning: source may be paywalled; alternative source), when it will no longer be downloadable from Apple's App Store or the Google Play Store; nor will it be updated.

In an announcement recently spotted by The Verge, Nike's brief explanation for discontinuing the app is that Nike "is no longer creating new versions of Adapt shoes." The company started informing owners about the app's retirement about four months ago. Those who already bought the shoes can still use the app after August 6, but it's expected that iOS or Android updates will eventually make the app unusable. Also, those who get a new device won't be able to download Adapt after August 6.

Without the app, wearers are unable to change the color of the sneaker's LED lights. The lights will either maintain the last color scheme selected via the app or, per Nike, "if you didn't install the app, light will be the default color." While owners will still be able to use on-shoe buttons to turn the shoes on or off, check its battery, adjust the lace's tightness, and save fit settings, the ability to change lighting and control the shoes via mobile phone were big selling points of the $350 kicks.

OpenAI CEO Sam Altman and businesswoman Arianna Huffington have announced they're working on an "AI health coach" via Thrive AI Health. According to a Time magazine op-ed, the two executives said that the bot will be trained on "the best peer-reviewed science" alongside "the personal biometric, lab, and other medical data you've chosen to share with it." The Verge reports: The company tapped DeCarlos Love, a former Google executive who previously worked on Fitbit and other wearables, to be CEO. Thrive AI Health also established research partnerships with several academic institutions and medical centers like Stanford Medicine, the Rockefeller Neuroscience Institute at West Virginia University, and the Alice L. Walton School of Medicine. (The Alice L. Walton Foundation is also a strategic investor in Thrive AI Health.) Thrive AI Health's goal is to provide powerful insights to those who otherwise wouldn't have access -- like a single mother looking for quick meal ideas for her gluten-free child or an immunocompromised person in need of instant advice in between doctor's appointments. [...]

The bot is still in its early stages, adopting an Atomic Habits approach. Its goal is to gently encourage small changes in five key areas of your life: sleep, nutrition, fitness, stress management, and social connection. By making minor adjustments, such as suggesting a 10-minute walk after picking up your child from school, Thrive AI Health aims to positively impact people with chronic conditions like heart disease. It doesn't claim to be ready to provide real diagnosis like a doctor would but instead aims to guide users into a healthier lifestyle. "AI is already greatly accelerating the rate of scientific progress in medicine -- offering breakthroughs in drug development, diagnoses, and increasing the rate of scientific progress around diseases like cancer," the op-ed read.

Google will extend its Dark Web monitoring service to all account holders starting late July 2024, following the closure of its VPN offering last month. The feature, which scans for personal data compromised in breaches, was previously exclusive to Google One subscribers in dozens of countries.

An anonymous reader quotes a report from TechCrunch: As deep-pocketed companies like Amazon, Google and Walmart invest in and experiment with drone delivery, a phenomenon reflective of this modern era has emerged. Drones, carrying snacks and other sundries, are being shot out of the sky. Incidents are still rare. However, a recent arrest in Florida, in which a man allegedly shot down a Walmart drone, raises questions of what the legal ramifications are and whether those consequences could escalate if these events become more common. [...] While consumer drones have been proliferating for well over a decade, the question of legal ramifications hasn't been wholly clear. The Federal Aviation Administration (FAA) gave us a partial answer following a 2016 drone shooting in Arkansas. At the time, the FAA pointed interested parties to 18 U.S.C. 32. The law, titled "Aircraft Sabotage," is focused on the wanton destruction of "any aircraft in the special aircraft jurisdiction of the United States or any civil aircraft used, operated or employed in interstate, overseas, or foreign air commerce."

At first glance, the law appears primarily focused on manned aircraft, including a provision that "makes it a Federal offense to commit an act of violence against any person on the aircraft, not simply crew members, if the act is likely to endanger the safety of the aircraft." In responding to the Arkansas drone shooting, however, the FAA asserts that such protections can be interpreted to also include UAVs (unmanned aerial vehicles). The language does, indeed, appear broad enough to cover drones. That means, in turn, that the penalties are potentially as stiff. The subject was revived after a 2020 incident in Minnesota. In that case, the suspect was hit with felony charges relating to criminal damage and discharging a weapon within city limits. Those would likely also be the charges in most scenarios involving property, rather than bodily damage, drone or not. Even with these examples, there is not a rigid rule that predicts if or when prosecutors might also introduce a federal charge like 18 U.S.C. 32.

As the legal blog Above the Law notes, in most cases, the federal government has deferred to state law for enforcement. Meanwhile, in most cases where 18 U.S.C. 32 has been applied, if a human crew/passengers are involved, there could be other potential charges like murder. It certainly can be argued that shooting a large piece of hardware out of the sky in a heavily populated area invites its own potential for bodily harm, though it may not be prosecuted in the same manner. As drone delivery increases in the U.S., however, we may soon have an answer to the role federal legislation like 18 U.S.C. 32 will play in UAV shootings. Adding that into the picture brings penalties, including fines and up to 20 years in prison, potentially compounding those consequences. What is clear, though, is that the consequences can be severe, whether it is invoked.

An anonymous reader quotes a report from Fortune: On February 1st last year, Montana residents gawked upwards at a large white object hovering in the sky that looked to be another moon. The airborne object was in fact a Chinese spy balloon loaded with cameras, sensors, and other high-tech surveillance equipment, and it set off a nationwide panic as it drifted across the midwestern and southern United States. How much information the balloon gathered -- if any -- remains unknown, but the threat was deemed serious enough that an F-22 U.S. Air Force jet fired a Sidewinder missile at the unmanned balloon on a February afternoon, blasting it to pieces a few miles off the coast of South Carolina. At the same time that the eyes of Americans were fixed on the Chinese intruder in the sky, around 30 cars owned by Chinese companies and equipped with cameras and geospatial mapping technology were navigating the streets of greater Los Angeles, San Francisco, and San Jose. They collected detailed videos, audio recordings, and location data on their surroundings to chart out California's roads and develop their autonomous driving algorithms.

Since 2017, self-driving cars owned by Chinese companies have traversed 1.8 million miles of California alone, according to a Fortune analysis of the state's Department of Motor Vehicles data. As part of their basic functionality, these cars capture video of their surroundings and map the state's roads to within two centimeters of precision. Companies transfer that information from the cars to data centers, where they use it to train their self-driving systems. The cars are part of a state program that allows companies developing self-driving technology -- including Google-spinoff Waymo and Amazon-owned Zoox -- to test autonomous vehicles on public roads. Among the 35 companies approved to test by the California DMV, seven are wholly or partly China-based. Five of them drove on California roads last year: WeRide, Apollo, AutoX, Pony.ai, and DiDi Research America. Some Chinese companies are approved to test in Arizona and Texas as well.

Fitted with cameras, microphones, and sophisticated sensors, self-driving cars have long raised flags among privacy advocates. Matthew Guariglia, a policy analyst at the digital rights nonprofit Electronic Frontier Foundation, called self-driving cars "rolling surveillance devices" that passively collect massive amounts of information on Americans in plain sight. In the context of national security however, the data-hungry Chinese cars have received surprisingly little scrutiny. Some experts have compared them to Chinese-owned social media site TikTok, which has been subjected to a forced divestiture or ban on U.S. soil due to fears around its data collection practices threatening national security. The years-long condemnation of TikTok at the highest levels of the U.S. government has heightened the sense of distrust between the U.S. and China.

Some Chinese self-driving car companies appear to store U.S. data in China, according to privacy policies reviewed byFortune -- a situation that experts said effectively leaves the data accessible to the Chinese government. Depending on the type of information collected by the cars, the level of precision, and the frequency at which it's collected, the data could provide a foreign adversary with a treasure trove of intelligence that could be used for everything from mass surveillance to war planning, according to security experts who spoke withFortune. And yet, despite the sensitivity of the data, officials at the state and federal agencies overseeing the self-driving car testing acknowledge that they do not currently monitor, or have any process for checking, exactly what data the Chinese vehicles are collecting and what happens to the data after it is collected. Nor do they have any additional rules or policies in place for oversight of Chinese self-driving cars versus the cars in the program operated by American or European companies. "It is literally the wild, Wild West here," said Craig Singleton, director of the China program at the Foundation for Defense of Democracies, a conservative-leaning national security think tank. "There's no one in charge."

An anonymous reader writes: Google Maps is testing a new ad format that could cause distractions while driving. It brings up a pop-up notification during navigation that covers the bottom half of the screen with an unnecessary detour suggestion.

Anthony Higman on X (formerly Twitter) recently spotted the new ad format during their commute. According to Higman, the ad popped up while passing a Royal Farms gas station, even though they did not search for a gas station or convenience store while setting their destination. The ad has a Sponsored tag at the top of the card, followed by the name of the location, its review rating, and the estimated arrival time. It also includes two buttons to add it as a stop or cancel the suggestion.

Google plans to support its own long-term support (LTS) kernel releases for Android devices for four years, a move aimed at bolstering the security of the mobile operating system. This decision, reported by AndroidAuthority, comes in response to the Linux community's recent reduction of LTS support from six years to two years, a change that posed potential challenges for Android's security ecosystem.

The Android Common Kernel (ACK) branches, derived from upstream Linux LTS releases, form the basis of most Android devices' kernels. Google maintains these forks to incorporate Android-specific features and backport critical functionality. Regular updates to these kernels address vulnerabilities disclosed in monthly Android Security Bulletins. While the extended support period benefits Android users and manufacturers, it places significant demands on Linux kernel developers.

Microsoft told employees in China that from September they'll only be able to use iPhones for work, effectively cutting off Android-powered devices from the workplace. Bloomberg: The US company will soon require Chinese-based employees to use only Apple devices to verify their identities when logging in to work computers or phones, according to an internal memo reviewed by Bloomberg News. The measure, part of Microsoft's global Secure Future Initiative, will affect hundreds of workers across the Chinese mainland and is intended to ensure that all staff use the Microsoft Authenticator password manager and Identity Pass app.

The move highlights the fragmented nature of Android app stores in the country and the growing differences between Chinese and foreign mobile ecosystems. Unlike Apple's iOS store, Google Play isn't available in China, so local smartphone makers like Huawei and Xiaomi operate their own platforms. Microsoft has chosen to block access from those devices to its corporate resources because they lack Google's mobile services in the country, the message said.

Its FOSS writes: When it comes to Linux, we get to see some really cool, and sometimes quirky projects (read Hannah Montana Linux) that try to show off what's possible, and that's not a bad thing. One such quirky undertaking has recently surfaced, which sees a sophomore trying to one-up their friend, who had booted Linux off NFS. With their work, they have been able to run Arch Linux on Google Drive.
Their ultimate idea included FUSE (which allows running file-system code in userspace). The developer's blog post explains that when Linux boots, "the kernel unpacks a temporary filesystem into RAM which has the tools to mount the real filesystem... it's very helpful! We can mount a FUSE filesystem in that step and boot normally.... " Thankfully, Dracut makes it easy enough to build a custom initramfs... I decide to build this on top of Arch Linux because it's relatively lightweight and I'm familiar with how it work."
Doing testing in an Amazon S3 container, they built an EFI image — then spent days trying to enable networking... And the adventure continues. ("Would it be possible to manually switch the root without a specialized system call? What if I just chroot?") After they'd made a few more tweaks, "I sit there, in front of my computer, staring. It can't have been that easy, can it? Surely, this is a profane act, and the spirit of Dennis Ritchie ought't've stopped me, right? Nobody stopped me, so I kept going..." I build the unified EFI file, throw it on a USB drive under /BOOT/EFI, and stick it in my old server... This is my magnum opus. My Great Work. This is the mark I will leave on this planet long after I am gone: The Cloud Native Computer.

Despite how silly this project is, there are a few less-silly uses I can think of, like booting Linux off of SSH, or perhaps booting Linux off of a Git repository and tracking every change in Git using gitfs. The possibilities are endless, despite the middling usefulness.

If there is anything I know about technology, it's that moving everything to The Cloud is the current trend. As such, I am prepared to commercialize this for any company wishing to leave their unreliable hardware storage behind and move entirely to The Cloud. Please request a quote if you are interested in True Cloud Native Computing.

Unfortunately, I don't know what to do next with this. Maybe I should install Nix?

Windows Recall was "delayed" over concerns that storing unencrypted recordings of users' activity was a security risk.

But now Slashdot reader storagedude writes: The latest version of Microsoft's planned Windows Recall feature still contains data privacy and security vulnerabilities, according to a report by the Cyber Express.

Security researcher Kevin Beaumont — whose work started the backlash that resulted in Recall getting delayed last month — said the most recent preview version is still hackable by Alex Hagenah's "TotalRecall" method "with the smallest of tweaks."

The Windows screen recording feature could as yet be refined to fix security concerns, but some have spotted it recently in some versions of the Windows 11 24H2 release preview that will be officially released in the fall.
Cyber Express (the blog of threat intelligence vendor Cyble Inc) got this official response: Asked for comment on Beaumont's findings, a Microsoft spokesperson said the company "has not officially released Recall," and referred to the updated blog post that announced the delay, which said: "Recall will now shift from a preview experience broadly available for Copilot+ PCs on June 18, 2024, to a preview available first in the Windows Insider Program (WIP) in the coming weeks."

"Beyond that, Microsoft has nothing more to share," the spokesperson added.
Also this week, the blog Android Authority wrote that Google is planning to introduce its own "Google AI" features to Pixel 9 smartphones. They include the ability to enhance screenshots, an "Add Me" tool for group photos — and also "a feature resembling Microsoft's controversial Recall" dubbed "Pixel Screenshots." Google's take on the feature is different and more privacy-focused: instead of automatically capturing everything you're doing, it will only work on screenshots you take yourself. When you do that, the app will add a bit of extra metadata to it, like app names, web links, etc. After that, it will be processed by a local AI, presumably the new multimodal version of Gemini Nano, which will let you search for specific screenshots just by their contents, as well as ask a bot questions about them.

My take on the feature is that it's definitely a better implementation of the idea than what Microsoft created.. [B]oth of the apps ultimately serve a similar purpose and Google's implementation doesn't easily leak sensitive information...

It's worth mentioning Motorola is also working on its own version of Recall — not much is known at the moment, but it seems it will be similar to Google's implementation, with no automatic saving of everything on the screen.
The Verge describes the Pixel 9's Google AI as "like Microsoft Recall but a little less creepy."

"After approximately seven years in development, the Eclipse Foundation's Theia IDE project is now generally available," writes ADT magazine, "emerging from beta to challenge Microsoft's similar Visual Studio Code (VS Code) editor." The Eclipse Theia IDE is part of the Eclipse Cloud DevTools ecosystem. The Eclipse Foundation calls it "a true open-source alternative to VS Code," which was built on open source but includes proprietary elements, such as default telemetry, which collects usage data...

Theia was built on the same Monaco editor that powers VS Code, and it supports the same Language Server Protocol (LSP) and Debug Adapter Protocol (DAP) that provide IntelliSense code completions, error checking and other features. The Theia IDE also supports the same extensions as VS Code (via the Open VSX Registry instead of Microsoft's Visual Studio Code Marketplace), which are typically written in TypeScript and JavaScript. There are many, many more extensions available for VS Code in Microsoft's marketplace, while "Extensions for VS Code Compatible Editors" in the Open VSX Registry number 3,784 at the time of this writing...

The Eclipse Foundation emphasized another difference between its Theia IDE and VS Code: the surrounding ecosystem/community. "At the core of Theia IDE is its vibrant open source community hosted by the Eclipse Foundation," the organization said in a news release. "This ensures freedom for commercial use without proprietary constraints and fosters innovation and reliability through contributions from companies such as Ericsson, EclipseSource, STMicroelectronics, TypeFox, and more. The community-driven model encourages participation and adaptation according to user needs and feedback."

Indeed, the list of contributors to and adopters of the platform is extensive, also featuring Broadcom, Arm, IBM, Red Hat, SAP, Samsung, Google, Gitpod, Huawei and many others.
The It's FOSS blog has some screenshots and a detailed rundown.

ADT magazine stresses that there's also an entirely distinct (but related) project called the Eclipse Theia Platform (not IDE) which differs from VS Code by allowing developers "to create desktop and cloud IDEs using a single, open-source technology stack" [that can be used in open-source initiatives]. The Eclipse Theia platform "allows developers to customize every aspect of the IDE without forking or patching the code... fully tailored for the needs of internal company projects or for commercial resale as a branded product."

Longtime Slashdot reader theodp writes: "If Einstein paved the way for a new era in physics," explains auction house Christie's in a promotion piece for its upcoming offering of 150+ "objects of scientific and historical importance" from the Paul G. Allen Collection (including items from the shuttered Living Computers Museum), "Mr. Allen and his collaborators ushered in a new era of computing. Starting with MS-DOS in 1981, Microsoft then went on to revolutionize personal computing with the launch of Windows in 1985."

Christie's auction and characterization of MS-DOS as an Allen and Microsoft innovation comes 30 years after the death of Gary Kildall, whose unpublished memoir, the Seattle Times reported in Kildall's July 1994 obituary, called DOS "plain and simple theft" of Kildall's CP/M OS. PC Magazine's The Rise of DOS: How Microsoft Got the IBM PC OS Contract notes that Paul Allen himself traced the genesis of MS-DOS back to a phone call Allen made to Seattle Computer Products owner Rod Brock in which Microsoft licensed Tim Paterson's CP/M-inspired QDOS (Quick and Dirty Operating System) for $10,000 plus a royalty of $15,000 for every company that licensed the software. A shrewd buy-low-sell-high business deal, yes, but hardly an Einstein-caliber breakthrough idea.

YouTube has released an AI-powered eraser tool to help creators easily remove copyrighted music from their videos without affecting other audio such as dialog or sound effects. TechCrunch's Ivan Mehta reports: On its support page, YouTube still warns that, at times, the algorithm might fail to remove just the song. "This edit might not work if the song is hard to remove. If this tool doesn't successfully remove the claim on a video, you can try other editing options, such as muting all sound in the claimed segments or trimming out the claimed segments," the company said.

Alternatively, creators can choose to select "Mute all sound in the claimed segments" to silence bits of video that possibly has copyrighted material. Once the creator successfully edits the video, YouTube removes the content ID claim -- the company's system for identifying the use of copyrighted content in different clips. YouTube shared a video describing the feature on its Creator Insider channel.

An anonymous reader quotes a report from Ars Technica: More than 384,000 websites are linking to a site that was caught last week performing a supply-chain attack that redirected visitors to malicious sites, researchers said. For years, the JavaScript code, hosted at polyfill[.]com, was a legitimate open source project that allowed older browsers to handle advanced functions that weren't natively supported. By linking to cdn.polyfill[.]io, websites could ensure that devices using legacy browsers could render content in newer formats. The free service was popular among websites because all they had to do was embed the link in their sites. The code hosted on the polyfill site did the rest. In February, China-based company Funnull acquired the domain and the GitHub account that hosted the JavaScript code. On June 25, researchers from security firm Sansec reported that code hosted on the polyfill domain had been changed to redirect users to adult- and gambling-themed websites. The code was deliberately designed to mask the redirections by performing them only at certain times of the day and only against visitors who met specific criteria.

The revelation prompted industry-wide calls to take action. Two days after the Sansec report was published, domain registrar Namecheap suspended the domain, a move that effectively prevented the malicious code from running on visitor devices. Even then, content delivery networks such as Cloudflare began automatically replacing pollyfill links with domains leading to safe mirror sites. Google blocked ads for sites embedding the Polyfill[.]io domain. The website blocker uBlock Origin added the domain to its filter list. And Andrew Betts, the original creator of Polyfill.io, urged website owners to remove links to the library immediately. As of Tuesday, exactly one week after malicious behavior came to light, 384,773 sites continued to link to the site, according to researchers from security firm Censys. Some of the sites were associated with mainstream companies including Hulu, Mercedes-Benz, and Warner Bros. and the federal government. The findings underscore the power of supply-chain attacks, which can spread malware to thousands or millions of people simply by infecting a common source they all rely on.

Google is intensifying efforts to decrease its dependency on Apple's Safari browser, as a U.S. antitrust lawsuit threatens its default search engine status on iPhones. The tech giant has been trying to shift more iPhone searches to its own apps, with the percentage rising from 25% five years ago to the low 30s recently, The Information reported Friday.

Progress has stalled in recent months, however. To attract users, Google has run advertising campaigns showcasing unique features like Lens image search. The company recently hired former Instagram executive Robby Stein to lead this initiative, potentially leveraging AI to enhance its apps' appeal. Google paid Apple over $20 billion last year for default status on Safari. Reducing this dependency could protect Google's mobile search advertising revenue if the antitrust ruling goes against it. The report adds: Google executives considered having its new AI Overviews feature, which shows AI-generated responses to search queries, appear on its mobile apps but not on Safari, people who have worked on the product said. But Google ultimately decided against that move.