Major U.S. companies are tightening eligibility requirements for student discounts, cracking down on graduates who continue to claim benefits years after leaving school. Amazon, Spotify, and other firms are partnering with verification services like SheerID to validate student status, ending an era of lax enforcement that allowed many to exploit discounts long after graduation.

While companies aim to build brand loyalty among young consumers, they're also guarding against fraud. SheerID claims it helped clients avoid $2 billion in fraudulent discounts last year. Most streaming services retain over 90% of student customers after graduation, according to SheerID CEO Stephanie Copeland Weber. "They're building trust and loyalty with those consumers," she told WSJ.

There's a rot at the heart of modern software development that's destroying innovation, and infosec legend Moxie Marlinspike believes he knows exactly what's to blame: Agile development. Marlinspike argued that Agile methodologies, widely adopted over the past two decades, have confined developers to "black box abstraction layers" that limit creativity and understanding of underlying systems.

"We spent the past 20 years onboarding people into software by putting them into black box abstraction layers, and then putting them into organizations composed of black box abstraction layers," Marlinspike said. He contended this approach has left many software engineers unable to do more than derivative work, lacking the deep understanding necessary for groundbreaking developments. Thistle Technologies CEO Window Snyder echoed these concerns, noting that many programmers now lack knowledge of low-level languages and machine code interactions. Marlinspike posited that security researchers, who routinely probe beneath surface-level abstractions, are better positioned to drive innovation in software development.

Stressing science education, China is outpacing other countries in research fields like battery chemistry, crucial to its lead in electric vehicles. From a report: China's domination of electric cars, which is threatening to start a trade war, was born decades ago in university laboratories in Texas, when researchers discovered how to make batteries with minerals that were abundant and cheap. Companies from China have recently built on those early discoveries, figuring out how to make the batteries hold a powerful charge and endure more than a decade of daily recharges. They are inexpensively and reliably manufacturing vast numbers of these batteries, producing most of the world's electric cars and many other clean energy systems.

Batteries are just one example of how China is catching up with -- or passing -- advanced industrial democracies in its technological and manufacturing sophistication. It is achieving many breakthroughs in a long list of sectors, from pharmaceuticals to drones to high-efficiency solar panels. Beijing's challenge to the technological leadership that the United States has held since World War II is evidenced in China's classrooms and corporate budgets, as well as in directives from the highest levels of the Communist Party.

A considerably larger share of Chinese students major in science, math and engineering than students in other big countries do. That share is rising further, even as overall higher education enrollment has increased more than tenfold since 2000. Spending on research and development has surged, tripling in the past decade and moving China into second place after the United States. Researchers in China lead the world in publishing widely cited papers in 52 of 64 critical technologies, recent calculations by the Australian Strategic Policy Institute reveal.

OpenAI's latest AI model, GPT-4o, exhibits unusual behaviors, including voice cloning and random shouting, according to a new "red teaming" report. The model, which powers ChatGPT's Advanced Voice Mode alpha, is OpenAI's first trained on voice, text, and image data. In high-noise environments, GPT-4o occasionally mimics users' voices, a quirk OpenAI attributes to difficulties processing distorted speech. The company said it has implemented a "system-level mitigation" to address this issue. The report also reveals GPT-4o's tendency to generate inappropriate vocalizations and sound effects when prompted.

Signal developer Moxie Marlinspike criticized early encryption software's user-unfriendly design at Black Hat 2024, admitting he and others initially failed to consider non-technical users' needs. Speaking with Black Hat founder Jeff Moss, Marlinspike said developers of tools like Pretty Good Privacy (PGP) wrongly assumed users would adopt complex practices like running keyservers and signing keys over dinner. "We were just wrong," Marlinspike said, describing this as "software snobbery" that undermined wider adoption. "You take on the complexity instead of making the user deal with it," Marlinspike contrasted PGP's arcane interface with Signal's more accessible design.

According to Bloomberg's Mark Gurman (paywalled), Apple plans to launch a completely redesigned Mac mini with M4 and M4 Pro chips later this year. MacRumors reports: The new Mac mini will be the first major design change to the machine since 2010, making it Apple's smallest ever desktop computer. The new Mac mini will apparently approach the size of an Apple TV, but it may be slightly taller than the current model, which is 1.4 inches high. It will continue to feature an aluminum shell. Individuals working on the new device apparently say that it is "essentially an iPad Pro in a small box."

Apple is said to have tested Mac mini models with at least three USB-C ports on the back, as well as an area for the power cable and an HDMI port. There will continue to be two versions of the Mac mini: one with the standard M4 chip, similar to the iPad Pro, and one with an M4 Pro chip. The base model is set to begin shipping from suppliers this month ahead of release later in the year, while the high-end model will not be ready until October.

"Sonos is delaying two hardware releases originally planned for later this year as it deploys an all-hands-on-deck approach to fixing the app," writes The Verge's Chris Welch. The company released a redesigned mobile app on May 7th that has been riddled with flaws and missing features. Sonos also entered the crowded headphone market in May with the launch of its Ace headphones, but it was immediately "overshadowed" by problems with the new Sonos app, according to Sonos CEO Patrick Spence. The Verge reports: "I will not rest until we're in a position where we've addressed the issues and have customers raving about Sonos again," Spence said during the afternoon earnings call. "We believe our focus needs to be addressing the app ahead of everything else," he continued."This means delaying the two major new product releases we had planned for Q4 until our app experience meets the level of quality that we, our customers, and our partners expect from Sonos." One of those two products is almost certainly Sonos' next flagship soundbar, codenamed Lasso, which I revealed last month. "These products were ready to ship in Q4," Spence said in response to a question on the call.

He also went in-depth on the app issues and how Sonos plans to fix them. Spence remains adamant that overhauling the app and its underlying infrastructure "was the right thing to do" for the company's future; the new app "has a modular developer platform based on modern programming languages that will allow us to drive more innovation faster," he said. But Spence also now acknowledges that the project was rushed. "With the app, my push for speed backfired," he said. "As we rolled out the new software to more and more users, it became evident that there were stubborn bugs we had not discovered in our testing. As a result, far too many of our customers are having an experience that is worse than what they previously had." [...]

For now, Sonos is turning to some longtime experts for help. "I've asked Nick Millington, the original software architect of the Sonos experience, to do whatever it takes to address the issues with our new app," Spence said. Sonos board member Tom Conrad is helping to oversee the app improvement effort and "ensure" things stay on the right track.

Apple on Thursday announced changes to its Digital Markets Act (DMA) compliance plan for the European Union, as the tech giant faces an ongoing investigation by the European Commission for suspected non-compliance. The revised rules, set to roll out this fall, ease restrictions on developers' ability to promote external offers within iOS apps. Developers can now inform users about offers available beyond their own websites, including on other apps and marketplaces, without adhering to Apple-mandated templates.

Apple has also introduced a new fee structure for purchases made through external links. An "Initial Acquisition Fee" of 5% will apply to new users' first-year purchases, while a "Store Services Fee" of 10% (or 5% for smaller developers) will be charged on subsequent transactions. These changes replace the controversial Core Technology Fee, which is currently under EU scrutiny.

Spotify and Epic aren't satisfied with the changes. Spotify has called the new plan "unacceptable," arguing it disregards DMA requirements. Epic Games CEO Tim Sweeney labeled it "malicious compliance" involving "junk fees."

China's rapid deployment of robotaxis is raising concerns among the country's 7 million ride-hailing drivers, who fear job losses as autonomous vehicles hit the streets, according to a Reuters report. At least 19 Chinese cities are conducting robotaxi trials, with seven approving tests without human monitors. Baidu's Apollo Go plans to deploy 1,000 vehicles in Wuhan by year-end and operate in 100 cities by 2030. The push for self-driving technology aligns with President Xi Jinping's call for "new productive forces," but contrasts sharply with the more cautious approach in the United States. As robotaxi fleets proliferate, some drivers worry about their livelihoods, with one Wuhan driver predicting "everyone will go hungry."

ICON, a construction technology company, is nearing completion of 100 3D-printed homes in Wolf Ranch, Texas, using a massive robotic printer. The 45-foot-wide, 4.75-ton Vulcan printer began constructing the walls of what ICON claims is the world's largest 3D-printed community in November 2022. The printer extrudes a concrete mixture layer by layer, creating corduroy-textured walls. ICON senior project manager Conner Jenkins told Reuters the process is faster and more efficient than traditional construction, requiring fewer workers and reducing material waste.

The single-story homes, priced between $450,000 and $600,000, feature concrete walls resistant to water, mold, termites, and extreme weather. However, homeowners reported weak wireless signals due to the thick walls, necessitating mesh internet routers. ICON, which printed its first home in Austin in 2018, is also developing lunar construction systems for NASA's Artemis program.

Palantir Chief Technology Officer Shyam Sankar has called for faster defense spending, arguing the Pentagon should focus on rapid deployment over higher budgets. "The biggest challenge is speed," Sankar told Axios in an interview. "The Department of Defense would be better off spending half as much money twice as quickly."

The U.S. military has "lost our ability to value time," he said. The Denver-based software company, known for its work in areas ranging from vaccine logistics to Ukraine demining efforts, has positioned itself as a "software prime" in the defense sector.

The Internet Corporation for Assigned Names and Numbers (ICANN) has agreed to reserve the .internal top-level domain so it can become the equivalent to using the 10.0.0.0, 172.16.0.0 and 192.168.0.0 IPv4 address blocks for internal networks. From a report: Those blocks are reserved for private use by the Internet Assigned Numbers Authority, which requires they never appear on the public internet. As The Register reported when we spotted the proposal last January, ICANN wanted something similar but for DNS, by defining a top-level domain that would never be delegated in the global domain name system (DNS) root.

Doing so would mean the TLD could never be accessed on the open internet -- achieving the org's goal of delivering a domain that could be used for internal networks without fear of conflict or confusion. ICANN suggested such a domain could be useful, because some orgs had already started making up and using their own domain names for private internal use only. Networking equipment vendor D-Link, for example, made the web interface for its products available on internal networks at .dlink. ICANN didn't like that because the org thought ad hoc TLD creation could see netizens assume the TLDs had wider use -- creating traffic that busy DNS servers would have to handle. Picking a string dedicated to internal networks was the alternative. After years of consultation about whether it was a good idea -- and which string should be selected -- ICANN last week decided on .internal. Any future applications to register it as a global TLD won't be allowed.

The founder of Cambridge-based Riverlane, Steve Brierley, predicts quantum computing will have its "Sputnik" breakthrough within years. "Quantum computing is not going to be just slightly better than the previous computer, it's going to be a huge step forward," he said. Phys.org reports: His company produces the world's first dedicated quantum decoder chip, which detects and corrects the errors currently holding the technology back. In a sign of confidence in Riverlane's work and the sector in general, the company announced on Tuesday that it had raised $75 million in Series C funding, typically the last round of venture capital financing prior to an initial public offering. "Over the next two to three years, we'll be able to get to systems that can support a million error-free operations," said Earl Campbell, vice president of quantum science at Riverlane. This is the threshold where a quantum computer should be able to perform certain tasks better than conventional computers, he added.

Quantum computers are "really good at simulating other quantum systems", explained Brierley, meaning they can simulate interactions between particles, atoms and molecules. This could open the door to revolutionary medicines and also promises huge efficiency improvements in how fertilizers are made, transforming an industry that today produces around two percent of global CO2 emissions. It also paves the way for much more efficient batteries, another crucial weapon in the fight against climate change. "I think most people are more familiar with exponential after COVID, so we know how quickly something that's exponential can spread," said Campbell, inside Riverlane's testing lab, a den of oscilloscopes and chipboards. [...]

While today's quantum computers can only perform around 1,000 operations before being overwhelmed by errors, the quality of the actual components has "got to the point where the physical qubits are good enough," said Brierley. "So this is a super exciting time. The challenge now is to scale up... and to add error correction into the systems," he added. Such progress, along with quantum computing's potential to crack all existing cryptography and create potent new materials, is spurring regulators into action. "There's definitely a scrambling to understand what's coming next in technology. It's really important that we learn the lessons from AI, to not be surprised by the technology and think early about what those implications are going to be," said Brierley. "I think there will ultimately be regulation around quantum computing, because it's such an important technology. And I think this is a technology where no government wants to come second."

An anonymous reader quotes a report originally published by Business Insider: A Chinese state-backed company has launched its first 18 satellites in its bid to build a vast orbital network aimed at rivaling Starlink, according to local media. The launch on Monday by Shanghai Spacecom Satellite Technology involved 18 satellites and one rocket, per The China Securities Journal, which is run by state news agency Xinhua. According to the outlet, the rocket lifted off from the Taiyuan satellite and missile launch center in Shanxi province.

These satellites mark the first step in the company's effort to create a 15,000-strong network of Low Earth Orbit satellites, which the firm has dubbed the "Thousand Sails Constellation." The company said it plans to reach that final tally by 2030, per The China Securities Journal. Domestic media has widely called the project the Chinese version of Starlink, which runs about 6,000 satellites. Elon Musk has said that he plans to eventually host a network of 42,000 satellites.

The Thousand Sails Constellation, also known as the G60 project, is one of three planned major satellite networks in the country. Each is expected to field 10,000 or more satellites. Most are anticipated to orbit between 200 and 1,200 miles above the Earth's surface, which is also where Starlink satellites are generally found. The three constellations, along with dozens of ambitious space projects from other Chinese firms, have been fueled by a recent push from the central government to loop the private sector into its science and technology goals.

Ryan Christoffel writes via 9to5Mac: Since the Mac doesn't have the same locked-down app distribution system of iOS and iPadOS, Apple has created other tools meant to protect users. Some of those tools include app signing and notarization. Essentially, these provide a way for Apple to perform a level of vetting for macOS apps, even ones that don't hit the Mac App Store. The intent is to ultimately prevent harmful software from being inadvertently opened by Mac users. Trying to open an app that isn't correctly signed or notarized results in some scary warnings. But until now, power users could bypass those warnings -- and Apple's overall security process -- using a Control-click shortcut. But that shortcut is going away in macOS Sequoia.

According to a new post on the Apple Developer site: "In macOS Sequoia, users will no longer be able to Control-click to override Gatekeeper when opening software that isn't signed correctly or notarized. They'll need to visit System Settings > Privacy & Security to review security information for software before allowing it to run." The post then urges developers to make sure their software is properly signed so users won't need to jump through these hoops.

Lenovo's widely used ThinkPad laptop hasn't changed much over the years. Corporate technology leaders say that's why they love it. From a report: "There's a lot to be said for familiarity and that consistent experience," said Ace Hardware Chief Information Officer Rick Williams, whose company uses about 4,000 ThinkPads. The ThinkPad brand of personal computers, originally created by International Business Machines, hit the market in 1992 before Lenovo acquired it, along with IBM's PC division, in 2005. Since then, the boxy design -- originally inspired by the Japanese bento box -- has gotten thinner and lighter, but not much else has changed from a design perspective, Lenovo said.

The logo is the same, although in 2005 Lenovo did add the red dot over the "i" in "Think" that remains today. That logo has remained angled at 37 degrees on the device. And on the keyboard the small, red, old-timey trackpoint remains nestled between the "B," "G" and "H" keys (which Lenovo says some users swear by and some CIOs say they never use). Ports and camera placement have also been relatively consistent. And despite some experimentation with colors, the laptop itself primarily remains its original black. "You're going to recognize the iconic ThinkPad," said Tom Butler, executive director for worldwide commercial portfolio and product management at Hong Kong-based Lenovo.

Its strategy might seem counterintuitive in an industry where winners and losers are often determined based on their pace of innovation, and where to stay the same often means to become obsolete. Big consumer tech companies that dominated the early 2000s, like BlackBerry, Nokia and Motorola, ultimately couldn't keep pace with competitors and struggled. But for Lenovo, which plays in the enterprise space, it's paying off. Lenovo has been leading in market share in the worldwide personal computer vendor market, based on unit shipments, on and off for more than 10 years, according to research firm Gartner.

Security researchers from SafeBreach have found what they say is a Windows downgrade attack that's invisible, persistent, irreversible and maybe even more dangerous than last year's BlackLotus UEFI bootkit. From a report: After seeing the damage that UEFI bootkit could do by bypassing secure boot processes in Windows, SafeBreach's Alon Leviev became curious whether there were any other fundamental Windows components that could be abused in a similar manner. He hit the jackpot in one of the most unlikely places: The Windows update process.

"I found a way to take over Windows updates to update the system, but with control over all of the actual update contents," Leviev told us in an interview ahead of his Black Hat USA conference presentation today detailing his findings. Using his technique, having compromised a machine so that he could get in as a normal user, Leviev was able to control which files get updated, which registry keys are changed, which installers get used, and the like. And he was able to do all of it while side-stepping every single integrity verification implemented in the Windows update process. After that, "I was able to downgrade the OS kernel, DLLs, drivers ... basically everything that I wanted." To make matters worse, Leviev said that poking and prodding around the vulnerabilities he found enabled him to attack the entire Windows virtualization stack, including virtualization-based security (VBS) features that are supposed to isolate the kernel and make attacker access less valuable.

Things aren't working out well for Humane, a heavily-funded startup that launched an eponymous AI device earlier this year. Despite significant funding from prominent Silicon Valley figures, the product has been grappling with negative reviews -- and now more pressing issues are emerging. An anonymous reader shares a report: Shortly after Humane released its $699 AI Pin in April, the returns started flowing in. Between May and August, more AI Pins were returned than purchased, according to internal sales data obtained by The Verge. By June, only around 8,000 units hadn't been returned, a source with direct knowledge of sales and return data told me. As of today, the number of units still in customer hands had fallen closer to 7,000, a source with direct knowledge said.

At launch, the AI Pin was met with overwhelmingly negative reviews. Our own David Pierce said it "just doesn't work," and Marques Brownlee called it "the worst product" he's ever reviewed. Now, Humane is attempting to stabilize its operations and maintain confidence among staff and potential acquirers. The New York Times reported in June that HP is considering purchasing the company, and The Information reported last week that Humane is negotiating with its current investors to raise debt, which could later be converted into equity.

AI is upending India's technology outsourcing business. The industry is pivoting to adapt, but the changes could cost a large number of coveted jobs. From a report: The country's big outsourcing companies are already using AI and have plans to integrate it throughout their businesses. That might not save the low-end operations that run call centers or do other basic tasks within the so-called business process outsourcing sector.Â

AI is threatening to disrupt most businesses around the world, not just India's $250 billion outsourcing industry. The outsourcing boom in India over the past few decades created the "getting Bangalore-d" phenomenon in the U.S., often used for Americans who lost their jobs to more affordable Indian talent. AI's impact could have big repercussions as the industry employs 5.4 million people, according to tech-industry body Nasscom, and contributes about 8% of the country's economy. More than 80% of companies in the S&P 500 outsource some operations to India, according to HSBC.

Parody site creator David Senk has rebuffed CrowdStrike's attempt to shut down his "ClownStrike" website, which lampoons the cybersecurity firm's role in a recent global IT outage. Senk swiftly contested the Digital Millennium Copyright Act takedown notice, asserting fair use for parody. When hosting provider Cloudflare failed to acknowledge his counter-notice, Senk defiantly relocated the site to a Finnish server beyond U.S. jurisdiction. The IT consultant decried the takedown as "corporate cyberbullying," accusing CrowdStrike of exploiting copyright law to silence criticism. Despite CrowdStrike's subsequent admission that parody sites were not intended targets, Senk is remaining resolute, demanding a public apology and refusing to return to Cloudflare's services.