The non-profit environmental site Grist reports on "an internal, employee-led effort to raise ethical concerns about Microsoft's work helping oil and gas producers boost their profits by providing them with cloud computing resources and AI software tools." There's been some disappointments — but also some successes, starting with the founding of an internal sustainability group within Microsoft that grew to nearly 10,000 employees: Former Microsoft employees and sources familiar with tech industry advocacy say that, broadly speaking, employee pressure has had an enormous impact on sustainability at Microsoft, encouraging it to announce industry-leading climate goals in 2020 and support key federal climate policies.

But convincing the world's most valuable company to forgo lucrative oil industry contracts proved far more difficult... Over the past seven years, Microsoft has announced dozens of new deals with oil and gas producers and oil field services companies, many explicitly aimed at unlocking new reserves, increasing production, and driving up oil industry profits...

As concerns over the company's fossil fuel work mounted, Microsoft was gearing up to make a big sustainability announcement. In January 2020, the company pledged to become "carbon negative" by 2030, meaning that in 10 years, the tech giant would pull more carbon out of the air than it emitted on an annual basis... For nearly two years, employees watched and waited. Following its carbon negative announcement, Microsoft quickly expanded its internal carbon tax, which charges the company's business groups a fee for the carbon they emit via electricity use, employee travel, and more. It also invested in new technologies like direct air capture and purchased carbon removal contracts from dozens of projects worldwide.

But Microsoft's work with the oil industry continued unabated, with the company announcing a slew of new partnerships in 2020 and 2021 aimed at cutting fossil fuel producers' costs and boosting production.
The last straw for one technical account manager was a 2023 LinkedIn post by a Microsoft technical architect about the company's work on oil and gas industry automation. The post said Microsoft's cloud service was "unlocking previously inaccessible reserves" for the fossil fuel industry, promising that with Microsoft's Azure service, "the future of oil and gas exploration and production is brighter than ever."

The technical account manager resigned from the position they'd held for nearly a decade, citing the blog post in a resignation letter which accused Microsoft of "extending the age of fossil fuels, and enabling untold emissions."

Thanks to Slashdot reader joshuark for sharing the news.

Red Hat Enterprise Linux 9.4 has been released. But also released is Rocky Linux 9.4, reports 9to5Linux: Rocky Linux 9.4 also adds openSUSE's KIWI next-generation appliance builder as a new image build workflow and process for building images that are feature complete with the old images... Under the hood, Rocky Linux 9.4 includes the same updated components from the upstream Red Hat Enterprise Linux 9.4
This week also saw the release of Alma Linux 9.4 stable (the "forever-free enterprise Linux distribution... binary compatible with RHEL.") The Register points out that while Alma Linux is "still supporting some aging hardware that the official RHEL 9.4 drops, what's new is largely the same in them both."

And last week also saw the launch of the AlmaLinux High-Performance Computing and AI Special Interest Group (SIG). HPCWire reports: "AlmaLinux's status as a community-driven enterprise Linux holds incredible promise for the future of HPC and AI," said Hayden Barnes, SIG leader and Senior Open Source Community Manager for AI Software at HPE. "Its transparency and stability empowers researchers, developers and organizations to collaborate, customize and optimize their computing environments, fostering a culture of innovation and accelerating breakthroughs in scientific research and cutting-edge AI/ML."
And this week, InfoWorld reported: Red Hat has launched Red Hat Enterprise Linux AI (RHEL AI), described as a foundation model platform that allows users to more seamlessly develop and deploy generative AI models. Announced May 7 and available now as a developer preview, RHEL AI includes the Granite family of open-source large language models (LLMs) from IBM, InstructLab model alignment tools based on the LAB (Large-Scale Alignment for Chatbots) methodology, and a community-driven approach to model development through the InstructLab project, Red Hat said.

Slashdot reader quonset writes: The last floppy disk was manufactured in 2011. Despite no new supplies being available for over a decade, there are still people, and organizations, who rely on floppy disks. Each has their own story as to why they rely on what is essentially 1970s technology.
From the BBC: Tom Persky, a US businessman, has been selling "new", as in, unopened, floppy disks for years and still finds the trade lucrative. He runs Floppydisk.com, which offers disks for about US$1 (£0.80) each, though some higher capacity versions cost up to US$10 (£8) per disk, he says. Persky has customers all over the world and you could split them roughly 50-50 into hobbyists and enthusiasts like Espen Kraft on one side, and industrial users on the other. This latter category encompasses people who use computers at work that require floppy disks to function. They are, essentially, locked in to a format that the rest of the world has largely forgotten.

"I sell thousands of floppy disks to the airline industry, still," says Persky. He declines to elaborate. "Companies are not happy about when I talk about them." But it is well-known that some Boeing 747s, for example, use floppy disks to load critical software updates into their navigation and avionics computers. While these older aircraft might not be so common in Europe or the US these days, you might find one in the developing world, for instance, Persky hints. There are also pieces of factory equipment, government systems — or even animatronic figures — that still rely on floppy disks.

And in San Francisco, the Muni Metro light railway, which launched in 1980, won't start up each morning unless the staff in charge pick up a floppy disk and slip it into the computer that controls the railway's Automatic Train Control System, or ATCS. "The computer has to be told what it's supposed to do every day," explains a spokesman for the San Francisco Municipal Transport Agency (SFMTA). "Without a hard drive, there is nowhere to install software on a permanent basis."

This computer has to be restarted in such a way repeatedly, he adds — it can't simply be left on, for fear of its memory degrading.
The article also includes this quote from a cybersecurity expert at Pen Test Partners. "If floppy was the only interface, the only way to get malware on to [the computer] would be via said floppy disk. That's quite a limiting factor for the attacker..."

The Dillo browser dates back to 1999, writes the Register, with its own rendering engine. And now Dillo "has returned with a new release, version 3.1.

"It's nearly nine years after version 3.05 appeared on the last day of June 2015." Version 3.1 incorporates dozens of fixes and improvements, as the official announcement describes.

Project lead Rodrigo Arias Mallo announced his resurrection attempt on Hacker News early this year. He has taken the last available code from the project's Mercurial repository, incorporated about 25 outstanding fixes, and added as many again of his own.

Dillo is a super-lightweight graphical web browser for Unix-like OSes, written using the Fast Light Toolkit. The latest version has a number of new features, although one of the most significant is support for Transport Layer Security. TLS is the successor to SSL, with a Microsoft-approved name. Dillo 3.1 supports it thanks to the Mbed-TLS library.
It doesn't support frames, embedded media playback, or JavaSccript — but it can run on very low-end hardware...

Thanks to Lproven (Slashdot reader #6,030) for sharing the news.

An anonymous reader quotes a report from the New York Times: Apple's top software executives decided early last year that Siri, the company's virtual assistant, needed a brain transplant. The decision came after the executives Craig Federighi and John Giannandrea spent weeks testing OpenAI's new chatbot, ChatGPT. The product's use of generative artificial intelligence, which can write poetry, create computer code and answer complex questions, made Siri look antiquated, said two people familiar with the company's work, who didn't have permission to speak publicly. Introduced in 2011 as the original virtual assistant in every iPhone, Siri had been limited for years to individual requests and had never been able to follow a conversation. It often misunderstood questions. ChatGPT, on the other hand, knew that if someone asked for the weather in San Francisco and then said, "What about New York?" that user wanted another forecast.

The realization that new technology had leapfrogged Siri set in motion the tech giant's most significant reorganization in more than a decade. Determined to catch up in the tech industry's A.I. race, Apple has made generative A.I. a tent pole project -- the company's special, internal label that it uses to organize employees around once-in-a-decade initiatives. Apple is expected to show off its A.I. work at its annual developers conference on June 10 when it releases an improved Siri that is more conversational and versatile, according to three people familiar with the company's work, who didn't have permission to speak publicly. Siri's underlying technology will include a new generative A.I. system that will allow it to chat rather than respond to questions one at a time. The update to Siri is at the forefront of a broader effort to embrace generative A.I. across Apple's business. The company is also increasing the memory in this year's iPhones to support its new Siri capabilities. And it has discussed licensing complementary A.I. models that power chatbots from several companies, including Google, Cohere and OpenAI. Further reading: Apple Might Bring AI Transcription To Voice Memos and Notes

Tim Levin reports via InsideEVs: Two things of note in the electric vehicle world happened today around the same time. First, the Geely Group-owned Chinese EV brand Zeekr debuted on the New York Stock Exchange today at a valuation of around $5.2 billion. Then, around 250 miles south in Washington, D.C., news emerged that the Biden Administration is set to quadruple tariffs on Chinese-made electric cars if they hit American roads. The timing may be purely coincidental. But after this week, one thing feels clearer than ever: the automotive Cold War between China and the West is fully underway, and EVs specifically are at the center of it all.

The Wall Street Journal got the scoop that the White House plans to announce higher tariffs on Chinese clean-energy imports in the coming days. Under the reported new policies, tariffs on Chinese EVs are set to quadruple, rising from the current 25% to a whopping 100%, anonymous sources told the outlet. In theory, that would substantially increase the cost of any Chinese-made EVs on our market, including, potentially, ones sold by known Western and other Asian brands. It's no secret why the U.S. is attempting to push back on Chinese EVs, to say nothing of other clean energy imports from that country like solar panels. China has spent years aggressively building up its capacity to manufacture electric cars. It's developed a stranglehold on the supply chains for lithium-ion batteries and the critical minerals they contain. It has lavished state incentives on both EV production and purchasing. In recent years, the country has emerged as a global EV powerhouse -- and, for the first time ever, an exporter on par with leaders like Japan and Germany.

Many still believe that China's cars are cheap and technologically subpar. But the truth is China has learned to build cars very, very well, as InsideEVs' own Kevin Williams discovered during a recent trip to the Beijing auto show. China's homegrown electrified vehicles range from the inexpensive -- some, like the BYD Seagull, cost less than $10,000 in their home market -- to higher-end, luxury-focused offerings like the Yangwang U8, a kind of plug-in hybrid competitor to the Mercedes G-Class that can "float" on water. From batteries to software, most are incredibly advanced. Car companies and policymakers in the U.S. (and Europe) say these cars pose a real threat to our nascent EV market, where many options still remain unaffordable and things like batteries and software are works in progress. In response, European Union officials have also launched investigations into Chinese imports that could lead to stronger tariffs. "In effect, the tariffs may end up buying the U.S. some time, rather than being a permanent solution here," concludes Levin. "After all, as Kevin Williams pointed out after going to Beijing: all of these crackdowns aren't guaranteed to yield better cars from Ford, General Motors and the rest."

According to the WSJ, the new tariffs on Chinese goods will also apply to solar panels, batteries and critical battery minerals. They're expected to be announced as soon as next week.

Zitchas writes: The practice of having games require a connection to a publisher's server -- whether it is to check for a license or to access plug-ins and DLC -- is an increasingly common thing in computer software; and many people are concerned that at some point in the future the publisher will shut down their server, and effectively render the person who paid for the game left with something that no longer functions. This has already happened to some games and software

Concerned citizens in Canada are taking the issue to their Parliament in order to push for a law that will mandate that when the server-side support for software is discontinued, companies must leave it in a functional state and remove mandatory connections to servers -- services that no longer exist. Perhaps even more importantly, the petition also asks government to pass a law prohibiting EULA's from forcing users to agree to waiving their right to this. Unfortunately, the petition is only open to citizens of Canada, so the rest of us are out of luck. Considering the potential benefits to the rest of the world if they enact legislation that does this, though, it might be worth suggesting to any of your Canadian friends to go sign the petition.

Jess Weatherbed reports via The Verge: At least 224 people with diabetes have reported injuries linked to a defective iOS app that caused their insulin pumps to shut down prematurely, according to the US Food and Drug Administration (FDA). On Wednesday, the agency announced that California-based medical device manufacturer Tandem Diabetes Care has issued a recall for version 2.7 of the iOS t:connect mobile app, which is used in conjunction with the company's t:slim X2 insulin pump. Specifically, the recall relates to a software issue that can cause the app to repeatedly crash and relaunch, resulting in the pump's battery being drained by excessive Bluetooth communication.

This battery drain can cause the pump to shut down "earlier than typically expected" according to Tandem, though the pump will notify users of an imminent shutdown via an alarm and low-power alert. The company has notified customers to update the mobile app to version 2.7.1 or later, which should fix the defective software. While no physical recall is taking place, the FDA has identified this as a "Class I" recall -- the most serious type, as it relates to issues with products that can potentially cause serious injuries or death. No deaths linked to the issues have been reported as of April 15th. Tandem is encouraging pump users to take particular care when they sleep as it's easier to miss battery depletion warnings, and is asking impacted customers to confirm they have been notified of the recall via this online form. For any other questions or concerns about the insulin pump recall, customers should contact Tandem Diabetes Care directly.

Dell is making sure its employees follow the company's updated return-to-office policy through a series of new tracking techniques. According to The Register, Dell will track employees' badge swipes and VPN connections and include a color-coded attendance grading system that summarizes employee presence.

"In the latest Jeff Clarke return-to-grade-school initiative, HR will be keeping an attendance report card on employees, grading them at four levels based on how well they meet the goal of being in the office 39 days a quarter," a source familiar with Dell told The Register, referring to the IT giant's chief operating officer. "Employees who do not meet the attendance requirement will have their status escalated up the ladder to Jeff Clarke, who apparently believes that being a hall monitor trumps growing revenue." From the report: Starting next Monday, May 13, the enterprise hardware slinger plans to make weekly site visit data from its badge tracking available to employees through the corporation's human capital management software and to give them color-coded ratings that summarize their status. Those ratings are: Blue flag indicates "consistent onsite presence"; Green flag indicates "regular onsite presence"; Yellow flag indicates "some onsite presence"; Red flag indicates "limited onsite presence".

A second Dell source explained managers aren't on the same page about the consequences of the color tiers, with some bosses suggesting employees want to remain Blue at all times and others indicating there's more leeway and they could put up with a few red flags. "It's a shit show here," we're told. [...] "Dell is tracking badge-ins and VPN connections to ensure employees are onsite when they claim they are (to deter 'coffee badging' or scanning your badge then going immediately home)," a third source told us. "This is likely in response to the official numbers about how many of our staff members chose to remain remote after the RTO mandate." [...]

We're told that the goal of the worker tracking appears to be workforce attrition. "The problem is the market is soft right now for tech," our second source, pointing to recent AWS job cuts. "Everyone is laying off." This person anticipates further Dell layoffs over the summer, though no dates have been set. Our third source indicated that the onsite tracking policy seems unusually aggressive for Dell. "Even pre-pandemic, they never pushed or pressured folks to be in the office," this person said. "A common phrase used to be 'Work happens where you make it,' with the office often being a ghost town multiple times a week, or after lunch, or pre-holidays." Dell in February reported fiscal year 2024 revenue of $88.4 billion, down 14 percent from 2023, and profits of $3.2 billion.

The Biden administration is poised to open up a new front in its effort to safeguard U.S. AI from China with preliminary plans to place guardrails around the most advanced AI models, the core software of artificial intelligence systems like ChatGPT, Reuters reported Wednesday. From the report: The Commerce Department is considering a new regulatory push to restrict the export of proprietary or closed source AI models, whose software and the data it is trained on are kept under wraps, three people familiar with the matter said. Any action would complement a series of measures put in place over the last two years to block the export of sophisticated AI chips to China in an effort to slow Beijing's development of the cutting edge technology for military purposes. Even so, it will be hard for regulators to keep pace with the industry's fast-moving developments.

Currently, nothing is stopping U.S. AI giants like Microsoft-backed OpenAI, Alphabet's Google DeepMind and rival Anthropic, which have developed some of the most powerful closed source AI models, from selling them to almost anyone in the world without government oversight. Government and private sector researchers worry U.S. adversaries could use the models, which mine vast amounts of text and images to summarize information and generate content, to wage aggressive cyber attacks or even create potent biological weapons. To develop an export control on AI models, the sources said the U.S. may turn to a threshold contained in an AI executive order issued last October that is based on the amount of computing power it takes to train a model. When that level is reached, a developer must report its AI model development plans and provide test results to the Commerce Department.

At the 27th annual Milken Institute Global Conference on Monday, OpenAI COO Brad Lightcap said today's ChatGPT chatbot "will be laughably bad" compared to what it'll be capable of a year from now. "We think we're going to move toward a world where they're much more capable," he added. Business Insider reports: Lightcap says large language models, which people use to help do their jobs and meet their personal goals, will soon be able to take on "more complex work." He adds that AI will have more of a "system relationship" with users, meaning the technology will serve as a "great teammate" that can assist users on "any given problem." "That's going to be a different way of using software," the OpenAI exec said on the panel regarding AI's foreseeable capabilities.

In light of his predictions, Lightcap acknowledges that it can be tough for people to "really understand" and "internalize" what a world with robot assistants would look like. But in the next decade, the COO believes talking to an AI like you would with a friend, teammate, or project collaborator will be the new norm. "I think that's a profound shift that we haven't quite grasped," he said, referring to his 10-year forecast. "We're just scratching the surface on the full kind of set of capabilities that these systems have," he said at the Milken Institute conference. "That's going to surprise us." You can watch/listen to the talk here.

An anonymous reader quotes a report from Ars Technica: In a major shake-up of its chip roadmap, Apple has announced a new M4 processor for today's iPad Pro refresh, barely six months after releasing the first MacBook Pros with the M3 and not even two months after updating the MacBook Air with the M3. Apple says the M4 includes "up to" four high-performance CPU cores, six high-efficiency cores, and a 10-core GPU. Apple's high-level performance estimates say that the M4 has 50 percent faster CPU performance and four times as much graphics performance. Like the GPU in the M3, the M4 also supports hardware-accelerated ray-tracing to enable more advanced lighting effects in games and other apps. Due partly to its "second-generation" 3 nm manufacturing process, Apple says the M4 can match the performance of the M2 while using just half the power.

As with so much else in the tech industry right now, the M4 also has an AI focus; Apple says it's beefing up the 16-core Neural Engine (Apple's equivalent of the Neural Processing Unit that companies like Qualcomm, Intel, AMD, and Microsoft have been pushing lately). Apple says the M4 runs up to 38 trillion operations per second (TOPS), considerably ahead of Intel's Meteor Lake platform, though a bit short of the 45 TOPS that Qualcomm is promising with the Snapdragon X Elite and Plus series. The M3's Neural Engine is only capable of 18 TOPS, so that's a major step up for Apple's hardware. Apple's chips since 2017 have included some version of the Neural Engine, though to date, those have mostly been used to enhance and categorize photos, perform optical character recognition, enable offline dictation, and do other oddities. But it may be that Apple needs something faster for the kinds of on-device large language model-backed generative AI that it's expected to introduce in iOS and iPadOS 18 at WWDC next month. A separate report from the Wall Street Journal says Apple is developing a custom chip to run AI software in datacenters. "Apple's server chip will likely be focused on running AI models, also known as inference, rather than in training AI models, where Nvidia is dominant," reports Reuters.

Further reading: Apple Quietly Kills the Old-school iPad and Its Headphone Jack

The Pixel 8A is officially here. The 8A gets Google's latest processor, adds a bunch of new AI features, and still starts at $499 in the US. But the very best news is that the 8A adopts the Pixel 8 and 8 Pro's seven years of software support, which is just unheard of in a midrange phone. From a report: The 8A retains the same general shape and size as its predecessor. But its 6.1-inch screen gets a couple of significant updates: the top refresh rate is now 120Hz, up from 90Hz, and the panel gets up to 40 percent brighter, up to 2,000 nits in peak brightness mode. They're important upgrades, especially since the 8A's main competition in the US, the OnePlus 12R, comes with an excellent display.

It comes with the same generative AI photo and video features that made a splash on the Pixel 8 and 8 Pro, including Best Take, Magic Editor, and Audio Magic Eraser. Circle to Search is also available, and the 8A will be able to run Google's mobile-optimized on-device AI model, Gemini Nano. As on the Pixel 8, it'll be a developer option delivered via feature drop. Other specs are either unchanged or slightly boosted compared to the last generation. There's still 8GB of RAM and 128GB of storage, though there's now a 256GB option. Camera hardware is unchanged from the 7A, including a stabilized 64-megapixel main sensor. There's an IP67 rating, consistent with the 7A, and battery capacity is a little higher at 4,492mAh compared to 4,385mAh. Wireless charging is available via Qi 1.3 at up to 7.5W -- no Qi2 here.

The Register provides a retrospective look at how Microsoft "absorbed the handset division of Nokia" ten years ago, only to kill the unit two years later and write it off as a tax loss. What went wrong? "It was a fatal combination of bad management, a market evolving in ways hidebound people didn't predict, and some really (with a few superb exceptions) terrible products," reports The Register. From the report: Like Nokia, Windows Mobile's popularity peaked in 2007, then started to drop away. The iPhone was the tech item of choice for fashionistas, Blackberry was seen as essential for serious business, and Android -- with Google as its new owner -- was gaining traction. Microsoft by that time had a new CEO in Steve Ballmer, who completely and famously failed to see the shifting sands in the mobile market. He dismissed the iPhone as a threat to what he thought was Windows Mobile's unassailable market position, and was roundly mocked for it. So the scene was set for a mobile standards war, and Steve Ballmer staked his professional pride on winning it. Microsoft recruited Nokia to help out. [...]

Under [Executive VP of Microsoft Stephen Elop's] leadership, a closer working relationship with Microsoft was a given -- but in 2013 Redmond announced it was going the whole hog and buying Nokia's handset business outright for $7.2 billion. The deal was done in April 2014, a decade ago from today. Microsoft also got a ten-year license on Nokia's patents and the option to renew in perpetuity. It also got Elop back, as executive vice president of the Microsoft Devices Group. That meant stepping down as CEO of Nokia, for which he trousered an 18.8 million bonus package -- a payoff the Finnish prime minister at the time called "outrageous." Nokia retained its networking business in Finland. It purchased Siemens' half of the Nokia Siemens Networks joint venture and renamed in Nokia Networks. The Nokia board rolled the dice again on hiring another non-Suomi manager, Rajeev Suri, and this time hit a double D20 in D&D terms.

When Ballmer stepped down from the helm at Microsoft in 2014 -- shortly before the Nokia deal completion -- he left a hot mess to deal with. His plan had been to develop the mobile operating system in conjunction with Windows 10, and Windows Mobile 10 was supposed to be a part of a unified code environment. While Windows 10 on the desktop wasn't a bad operating system, Windows Mobile 10 really was. The promised synergy just didn't happen -- it was power-hungry, clunky, and about as popular as a rattlesnake in a pinata. It was this mess that Satya Nadella faced when he took over the reins. Nadella was never very keen on the phone platform and spent more time in press conferences talking about cricket or the cloud than Microsoft's mobile ambitions. It was clear to all that this really wasn't working. Elop was laid off by Redmond a year later.

It was clear that Windows Mobile wasn't going to work. Android and iOS were drinking Microsoft's milkshake, and Redmond realized the game was up. Microsoft started shedding mobile jobs -- both in Finland and Redmond. While mobile was still publicly touted as the way forward for Microsoft with Ballmer gone, the impetus wasn't there and support for the mobile OS shriveled. In 2015 Microsoft declared it was writing off $7.6 billion on the Phone Hardware division as "goodwill and asset impairment charges" -- $400 million more than it had originally paid for the Finnish firm. Nokia bought European networking giant Alcatel-Lucent in a $16.7 billion deal in 2015. Around the same time, Suri announced a move into tablets, since it had a non-compete agreement with Microsoft on mobiles. Meanwhile a bunch of former Nokia execs who'd fled Elop and Microsoft had started a mobile biz of their own: HMD. It was Finnish, but outsourced production to Foxconn in China, and was planning to make cheapish Android devices. In 2016 Microsoft sold its mobile hardware arm to HMD for an undisclosed -- but probably not large -- sum. Nadella clearly wanted out of the whole business and the Finnish startup concentrated on selling good-enough Android smartphones to Nokia's traditional cheap markets.

An anonymous reader quotes a report from Wired: In April, Apple sent notifications to iPhone users in 92 countries, warning them they'd been targeted with spyware. "Apple detected that you are being targeted by a mercenary spyware attack that is trying to remotely compromise the iPhone associated with your Apple ID," the notification reads. Users quickly took to social media sites including X, trying to work out what the notification meant. Many of those targeted were based inIndia, but others in Europe also reported receiving Apple's warning. Weeks later, little is still known about the latest iPhone attacks. Former smartphone giant Blackberry, now a security firm, has released research indicating they are linked to a Chinese spyware campaign dubbed "LightSpy," but Apple spokesperson Shane Bauer says this is inaccurate.

While Apple says the latest spyware notifications aren't linked to LightSpy, the spyware remains a growing threat, particularly to people who may be targeted in Southern Asia, according to Blackberry's researchers. Described as a "sophisticated iOS implant," LightSpy first emerged targeting Hong Kong protesters in 2020. However, the latest iteration is much more capable than the first. "It is a fully-featured modular surveillance toolset that primarily focuses on exfiltrating victims' private information, including hyper-specific location data and sound recording during voice over IP calls," the researchers wrote. April's warnings were not the first time Apple has issued notifications of this kind. The iPhone maker has sent out alerts to people in over 150 countries since 2021 as spyware continues to target high-profile figures across the globe.

Spyware can be weaponized by nation-state adversaries -- but this is relatively rare and expensive. Its deployment is typically highly targeted against a very specific group of people, including journalists, political dissidents, government workers, and businesses in certain sectors. "Such attacks are vastly more complex than regular cybercriminal activity and consumer malware, as mercenary spyware attackers apply exceptional resources to target a very small number of specific individuals and their devices," Apple wrote in an advisory in April. "Mercenary spyware attacks cost millions of dollars and often have a short shelf life, making them much harder to detect and prevent. The vast majority of users will never be targeted by such attacks." Plus, Apple says its Lockdown Mode feature can successfully protect against attacks. "As we have said before, we are not aware of anyone using Lockdown Mode being successfully attacked with mercenary spyware," Bauer says. Still, for those who are targeted and caught unaware, spyware is extremely dangerous. There are a number of ways to protect yourself against spyware and zero-click exploits in particular:

1. Regularly Update Devices: Keep your devices updated to the latest software to protect against known vulnerabilities.
2. Restart Devices Daily: Regularly restarting your device can help disrupt persistent spyware infections by forcing attackers to reinfect the device, potentially increasing their chances of detection.
3. Disable Vulnerable Features: Consider disabling features prone to exploits, such as iMessage and FaceTime, especially if you suspect you're a target for spyware.
4. Use Multifactor Authentication and Secure Sources: Employ multifactor authentication and only install apps from verified sources to prevent unauthorized access and downloads.
5. Monitor for Indicators: Be vigilant for signs of infection such as battery drain, unexpected shutdowns, and high data usage, though these may not always be present with more sophisticated spyware.
6. Seek Professional Help: If you suspect a spyware infection, consider professional assistance or helplines like Access Now's Digital Security Helpline for guidance on removal.
7. Utilize Advanced Security Features: Activate security features like Apple's Lockdown Mode, which limits device functionality to reduce vulnerabilities, thus safeguarding against infections.

An anonymous reader shares an essay: Software designers refer to "the good enough principle." It means, simply put, that sometimes you should prioritise functionality over perfection. As a relentless imperfectionist, I'm inclined to embrace this idea. I gave this newsletter its name to encourage myself to post rough versions of my pieces rather than not to write them at all. When it comes to parenting, I'm a Winnicottian: I believe you shouldn't try to be the perfect mum or dad because there's no such thing. At work and in life, it's often true that the optimal strategy is not to strive for the optimal result, but to aim for what works and hope for the best.

The good enough can be a staging post to the perfect. The iPhone's camera was a "good enough" substitute for a compact camera. It did the job, but it wasn't as good as a Kodak or a Fuji. Until it was. Technological innovation often works like this, but the improvement curve isn't always as steep as with the smartphone camera. Sometimes we allow ourselves to get stuck with a product which is good enough to displace the competition, without fulfilling the same range of needs. The psychological and social ramifications can be profound.

Let's say you're a student and you use ChatGPT to write your essays for you. Give it the right prompts and it will produce pieces that are good enough to get the grade you need. That seems like a win: it saves you time and effort, presuming your tutors don't notice or don't care. Maybe you get through the whole of university this way. But be wary of this equilibrium. Over the longer term, you will be stunting the growth of your own mind. The struggle of turning inchoate thought into readable sentences and paragraphs is a powerful exercise for the brain. It's how you get better at thinking. It is thinking.

Wednesday Rest of World noticed an overlooked tech story in Argentina: Olga de León looked confused as she walked out of a nightclub on the edge of Buenos Aires on a recent Tuesday afternoon. She had just had her iris scanned. "No one told me what they'll do with my eye," de León, 57, told Rest of World. "But I did this out of need." De León, who lives off the $95 pension she receives from the state, had been desperate for money. Persuaded by her nephew, she agreed to have one of her irises scanned by Worldcoin, Sam Altman's blockchain project. In exchange, she received nearly $50 worth of WLD, the company's cryptocurrency.

De León is one of about half a million Argentines who have handed their biometric data over to Worldcoin. Beaten down by the country's 288% inflation rate and growing unemployment, they have flocked to Worldcoin Orb verification hubs, eager to get the sign-up crypto bonus offered by the company. A network of intermediaries — who earn a commission from every iris scan — has lured many into signing up for the practice in Argentina, where data privacy laws remain weak. But as the popularity of Worldcoin skyrockets in the country, experts have sounded the alarm about the dangers of giving away biometric data. Two provinces are now pushing for legal investigations. "Seeing that [iris scans have] been banned in European countries, shouldn't we be trying to stop it, too?" Javier Smaldone, a software consultant and digital security expert, told Rest of World.
Last month Worldcoin's web site announced that more than 10 million people in 160 countries had created a World ID and compatible wallet (performing 75 million transactions) — and that 5,195,475 people had also verified their World ID using Worldcoin's iris-scanning Orb.

But the article notes a big drop in the number of countries even allowing Worldcoin's iris-scanning — from 25 to just eight. While in less than a year Worldcoin opened nearly 60 centers across Argentina...

The Associated Press reports that an F-16 performing aerial combat tests at 550 miles per hour was "controlled by artificial intelligence, not a human pilot."

And riding in the front seat was the U.S. Secretary of the Air Force... AI marks one of the biggest advances in military aviation since the introduction of stealth in the early 1990s, and the Air Force has aggressively leaned in. Even though the technology is not fully developed, the service is planning for an AI-enabled fleet of more than 1,000 unmanned warplanes, the first of them operating by 2028.

It was fitting that the dogfight took place at [California's] Edwards Air Force Base, a vast desert facility where Chuck Yeager broke the speed of sound and the military has incubated its most secret aerospace advances. Inside classified simulators and buildings with layers of shielding against surveillance, a new test-pilot generation is training AI agents to fly in war. [U.S. Secretary of the Air Force] Frank Kendall traveled here to see AI fly in real time and make a public statement of confidence in its future role in air combat.

"It's a security risk not to have it. At this point, we have to have it," Kendall said in an interview with The Associated Press after he landed... At the end of the hourlong flight, Kendall climbed out of the cockpit grinning. He said he'd seen enough during his flight that he'd trust this still-learning AI with the ability to decide whether or not to launch weapons in war... [T]he software first learns on millions of data points in a simulator, then tests its conclusions during actual flights. That real-world performance data is then put back into the simulator where the AI then processes it to learn more.
"Kendall said there will always be human oversight in the system when weapons are used," the article notes.

But he also said looked for to the cost-savings of smaller and cheaper AI-controlled unmanned jets.

Slashdot reader fjo3 shared a link to this video. (More photos at Sky.com.)

The blog Its FOSS has 15,000 followers for its Mastodon account — which they think is causing problems: When you share a link on Mastodon, a link preview is generated for it, right? With Mastodon being a federated platform (a part of the Fediverse), the request to generate a link preview is not generated by just one Mastodon instance. There are many instances connected to it who also initiate requests for the content almost immediately. And, this "fediverse effect" increases the load on the website's server in a big way.

Sure, some websites may not get overwhelmed with the requests, but Mastodon does generate numerous hits, increasing the load on the server. Especially, if the link reaches a profile with more followers (and a broader network of instances)... We tried it on our Mastodon profile, and every time we shared a link, we were able to successfully make our website unresponsive or slow to load.
Slashdot reader nunojsilva is skeptical that "blurbs with a thumbnail and description" could create the issue (rather than, say, poorly-optimized web content). But the It's Foss blog says they found three GitHub issues about the same problem — one from 2017, and two more from 2023. And other blogs also reported the same issue over a year ago — including software developer Michael Nordmeyer and legendary Netscape programmer Jamie Zawinski.

And back in 2022, security engineer Chris Partridge wrote: [A] single roughly ~3KB POST to Mastodon caused servers to pull a bit of HTML and... an image. In total, 114.7 MB of data was requested from my site in just under five minutes — making for a traffic amplification of 36704:1. [Not counting the image.]
Its Foss reports Mastodon's official position that the issue has been "moved as a milestone for a future 4.4.0 release. As things stand now, the 4.4.0 release could take a year or more (who knows?)."

They also state their opinion that the issue "should have been prioritized for a faster fix... Don't you think as a community-powered, open-source project, it should be possible to attend to a long-standing bug, as serious as this one?"

The blog It's FOSS is "pissed at the casual arrogance of Ubuntu and its parent company Canonical..... The sheer audacity of not caring for its users reeks of Microsoft-esque arrogance." If you download a .deb package of a software, you cannot install it using the official graphical software center on Ubuntu anymore. When you double-click on the downloaded deb package, you'll see this error, "there is no app installed for Debian package files".

If you right-click and choose to open it with Software Center, you are in for another annoyance. The software center will go into eternal loading. It may look as if it is doing something, but it will go on forever. I could even livestream the loading app store on YouTube, and it would continue for the 12 years of its long-term support period.
Canonical software engineer Dennis Loose actually created an issue ticket for the problem himself — back in September of 2023. And two weeks ago he returned to the discussion to announce that fix "will be a priority for the next cycle". (Though "unfortunately we didn't have the capacity to work on this for 24.04...)

But Its Foss accused Canonical of "cleverly booting out deb in favor of Snap, one baby step at a time" (noting the problem started with Ubuntu 23.10): There is also the issue of replacing deb packages with Snap, even with the apt command line tool. You use 'sudo apt install chromium', you get a Snap package of Chromium instead of Debian
The venerable Linux magazine argues that Canonical "has secretly forced Snap installation on users." [I]t looks as if the Software app defaults to Snap packages for everything now. I combed through various apps and found this to be the case.... As far as the auto-installation of downloaded .deb files, you'll have to install something like gdebi to bring back this feature.