SoylentNews

Arthur T Knackerbracket has processed the following story:

"In the cyber world, there's no such thing as a ceasefire," he told The Register.

If we see something in cyberspace that can disrupt us, we're going to attack it first, and we have that under US Cyber Command's mission

Bolukbas is chief technology officer and founder of Black Kite, a cyber-risk intelligence firm that assesses businesses' third-party supplier risks. His company also shares and receives threat intel with and from the US National Security Agency (NSA), as do other private security firms.

Prior to founding Black Kite in 2016, Bolukbas worked for NATO as a part of its counter cyberterrorism task force, helping member and partner countries harden their network defenses by simulating offensive cyber attacks against government agencies.

His final mission with NATO involved red-teaming a critical power grid in Kiev, Ukraine. Most of the facilities' systems were airgapped, isolated from external networks, which made it more difficult to break into. 

"It wasn't easy to target, so I said, 'OK, let me find the suppliers for this organization'," Bolukbas recalled. "I found 20 of them, picked one that would be the easiest to find and target, and used that to access the grid control panel, literally one command away from taking down the grid."

Shortly after, in 2015, Russia's Sandworm did shut off part of Ukraine's electricity grid, resulting in power outages for tens of thousands of Ukraine residents for a number of hours.

Ten years later, Bolukbas says he's worried about one of Iran's cyber-arms doing something similar to Israeli or American critical infrastructure in retaliation for the air strikes earlier this month.

"My belief is that they're going to go after the supply chain, because that's our weak spot," Bolukbas said, adding that while it's really difficult to breach the Pentagon's networks directly, Iran is "going to go after the supply chains of Israel and US Department of Defense suppliers."

He pointed to Russia compromising Western logistics firms and tech companies, including email providers, as a means of collecting valuable intel about Ukrainian targets and military strategy in that ongoing conflict. Russian cyberspies also breached internet-connected cameras at Ukrainian border crossings to track aid shipments, and targeted at least one provider of industrial control system (ICS) components for railway management, according to a joint government advisory issued last month.

hubie writes:

As AI kills search traffic, Google launches Offerwall to boost publisher revenue:

Google's AI search features are killing traffic to publishers, so now the company is proposing a possible solution. On Thursday, the tech giant officially launched Offerwall, a new tool that allows publishers to generate revenue beyond the more traffic-dependent options, like ads.

Offerwall lets publishers give their sites' readers a variety of ways to access their content, including through options like micropayments, taking surveys, watching ads, and more. In addition, Google says that publishers can add their own options to the Offerwall, like signing up for newsletters.

[...] Google notes that it's also using AI to determine when to display the Offerwall to each site visitor to increase engagement and revenue. However, publishers can set their own thresholds before the Offerwall is displayed, if they prefer.

Many of the solutions Offerwall introduces have been tried by publishers before, across a range of products and services. Micropayments, for instance, have repeatedly failed to take off. The economics don't tend to work, and there's additional friction in having to pay per article that's not been worth the payoff for readers or publishers alike, given implementation and maintenance costs.

[...] In Google's case, it's working with a third party, Supertab, which allows site visitors to pay a small amount to access the online content for a period of time — like 24 hours, a few days, a week, etc. The option (currently in beta) also supports subscription sign-ups and integrates with Google Ad Manager.

Google notes that publishers can also configure Offerwall to include their own logo and introductory text, then customize the choices it presents. One option that's enabled by default has visitors watch a short ad to earn access to the publisher's content. This is the only option that has a revenue share, and, on that front, it works the same way all Ad Manager solutions do, Google notes.

Another option has visitors click to choose from a set of topics they're interested in, which is then saved and used for ads personalization.

[...] However, early reports during the testing period said that publishers saw an average revenue lift of 9% after 1 million messages on AdSense, for viewing rewarded ads. Google Ad Manager customers saw a 5% to 15% lift when using Offerwall as well. Google also confirmed to TechCrunch via email that publishers with Offerwall saw an average revenue uplift of 9% during its year-plus in testing.

If Google AI is taking all of their clicks away, it would seem the publishers are over a barrel here and don't have much choice.

Original Submission

hubie writes:

Facebook is starting to feed its AI with private, unpublished photos

Always read the terms and conditions, folks:

For years, Meta trained its AI programs using the billions of public images uploaded by users onto Facebook and Instagram's servers. Now, it's also hoping to access the billions of images that users haven't uploaded to those servers. Meta tells The Verge that it's not currently training its AI models on those photos, but it would not answer our questions about whether it might do so in future, or what rights it will hold over your camera roll images.

On Friday, TechCrunch reported that Facebook users trying to post something on the Story feature have encountered pop-up messages asking if they'd like to opt into "cloud processing", which would allow Facebook to "select media from your camera roll and upload it to our cloud on a regular basis", to generate "ideas like collages, recaps, AI restyling or themes like birthdays or graduations."

By allowing this feature, the message continues, users are agreeing to Meta AI terms, which allows their AI to analyze "media and facial features" of those unpublished photos, as well as the date said photos were taken, and the presence of other people or objects in them. You further grant Meta the right to "retain and use" that personal information.

Meta's public stance is that the feature is "very early," innocuous and entirely opt-in: "We're exploring ways to make content sharing easier for people on Facebook by testing suggestions of ready-to-share and curated content from a person's camera roll. These suggestions are opt-in only and only shown to you – unless you decide to share them – and can be turned off at any time. Camera roll media may be used to improve these suggestions, but are not used to improve AI models in this test," reads a statement from Meta comms manager Maria Cubeta.

[...] And while Daniels and Cubeta tell The Verge that opting in only gives Meta permission to retrieve 30 days worth of your unpublished camera roll at a time, it appears that Meta is retaining some data longer than that. "Camera roll suggestions based on themes, such as pets, weddings and graduations, may include media that is older than 30 days," Meta writes.

Thankfully, Facebook users do have an option to turn off camera roll cloud processing in their settings, which, once activated, will also start removing unpublished photos from the cloud after 30 days.

Facebook is asking to use Meta AI on photos in your camera roll you haven't yet shared:

Facebook is asking users for access to their phone's camera roll to automatically suggest AI-edited versions of their photos — including ones that haven't been uploaded to Facebook yet.

The feature is being suggested to Facebook users when they're creating a new Story on the social networking app. Here, a screen pops up and asks if the user will opt into "cloud processing" to allow creative suggestions.

As the pop-up message explains, by clicking "Allow," you'll let Facebook generate new ideas from your camera roll, like collages, recaps, AI restylings, or photo themes. To work, Facebook says it will upload media from your camera roll to its cloud (meaning its servers) on an "ongoing basis," based on information like time, location, or themes.

[...] The creative tool is another example of the slippery slope that comes with sharing our personal media with AI providers. Like other tech giants, Meta has grand AI ambitions. Being able to tap into the personal photos users haven't yet shared on Facebook's social network could give the company an advantage in the AI race.

Unfortunately for end users, in tech companies' rush to stay ahead, it's not always clear what they're agreeing to when features like this appear.

[...] So far, there hasn't been much backlash about this feature. A handful of Facebook users have stumbled across the AI-generated photo suggestions when creating a new story and raised questions about it. For instance, one user on Reddit found that Facebook had pulled up an old photo (in this case, one that had previously been shared to the social network) and automatically turned it into an anime using Meta AI.

When another user in an anti-AI Facebook group asked for help shutting this feature off, the search led to a section called camera roll sharing suggestions in the app's Settings.

[...] Reached for comment, Meta spokesperson Maria Cubeta confirmed the feature is a test, saying, "We're exploring ways to make content sharing easier for people on Facebook by testing suggestions of ready-to-share and curated content from a person's camera roll."

"These suggestions are opt-in only and only shown to you – unless you decide to share them – and can be turned off at any time," she continued. "Camera roll media may be used to improve these suggestions, but are not used to improve AI models in this test."

The company is currently testing suggestions in the U.S. and Canada.

Original Submission

An Anonymous Coward writes:

https://www.bleepingcomputer.com/news/security/bluetooth-flaws-could-let-hackers-spy-through-your-microphone/

Vulnerabilities affecting a Bluetooth chipset present in more than two dozen audio devices from ten vendors can be exploited for eavesdropping or stealing sensitive information.

Researchers confirmed that 29 devices from Beyerdynamic, Bose, Sony, Marshall, Jabra, JBL, Jlab, EarisMax, MoerLabs, and Teufel are affected.

The list of impacted products includes speakers, earbuds, headphones, and wireless microphones.

The security problems could be leveraged to take over a vulnerable product and on some phones, an attacker within connection range may be able to extract call history and contacts.
Snooping over a Bluetooth connection

At the TROOPERS security conference in Germany, researchers at cybersecurity company ERNW disclosed three vulnerabilities in the Airoha systems on a chip (SoCs), which are widely used in True Wireless Stereo (TWS) earbuds.

The issues are not critical and besides close physical proximity (Bluetooth range), their exploitation also requires "a high technical skill set." They received the following identifiers:

        CVE-2025-20700 (6.7, medium severity score) - missing authentication for GATT services
        CVE-2025-20701 (6.7, medium severity score) - missing authentication for Bluetooth BR/EDR
        CVE-2025-20702 (7.5, high severity score) - critical capabilities of a custom protocol

ERNW researchers say they created a proof-of-concept exploit code that allowed them to read the currently playing media from the targeted headphones.

[...] Although the ERNW researchers present serious attack scenarios, practical implementation at scale is constrained by certain limitations.

"Yes — the idea that someone could hijack your headphones, impersonate them towards your phone, and potentially make calls or spy on you, sounds pretty alarming."

"Yes — technically, it is serious," the researchers say, adding that "real attacks are complex to perform."

The necessity of both technical sophistication and physical proximity confines these attacks to high-value targets, such as those in diplomacy, journalism, activism, or sensitive industries.

Airoha has released an updated SDK incorporating necessary mitigations, and device manufacturers have started patch development and distribution.

Nevertheless, German publication Heise says that the most recent firmware updates for more than half of the affected devices are from May 27 or earlier, which is before Airoha delivered the updated SDK to its customers.

Original Submission

Arthur T Knackerbracket has processed the following story:

The US Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) this week published guidance urging software developers to adopt memory-safe programming languages.

"The importance of memory safety cannot be overstated," the inter-agency report [PDF] says.

Memory safety refers to the extent to which programming languages provide ways to avoid vulnerabilities arising from the mishandling of computer memory. Languages like Rust, Go, C#, Java, Swift, Python, and JavaScript support automated memory management (garbage collection) or implement compile-time checks on memory ownership to prevent memory-based errors.

C and C++, two of the most widely used programming languages, are not memory-safe by default. And while developers can make them safer through diligent adherence to best practices and the application of static analysis tools, not everyone deploys code with that much care.

To further complicate matters, code written in nominally safe languages may still import unsafe C/C++ libraries using a Foreign Function Interface, potentially breaking memory safety guarantees.

[...] Google and Microsoft have attributed the majority of vulnerabilities in large software projects to memory safety errors. In Google's Android operating system, for example, 90 percent of high-severity vulnerabilities in 2018 came via memory safety bugs. In 2021, the Chocolate Factory noted that more than 70 percent of serious security issues in Chromium came from memory safety flaws.

The infamous Heartbleed flaw in the OpenSSL cryptographic library was the result of a memory safety error (an out-of-bounds read) in C code. And there are many other examples, including the mid-June Google Cloud outage, which Google's incident report attributes to a lack of proper error handling for a null pointer.

Within a few years, the tech industry began answering the call for memory-safe languages. In 2022, Microsoft executives began calling for new applications to be written in memory-safe languages like Rust. By 2023, Consumer Reports – a mainstream product review publication – published a report on memory safety and government officials like Jen Easterly, CISA's director at the time, cited the need to transition to memory-safe languages during public appearances.

KritonK writes:

https://www.amiga-news.de/en/news/AN-2025-06-00123-EN.html

Three weeks ago, Youtuber Christian 'Perifractic' Simpson announced in a video that he had received an offer to take over Commodore B.V., the owner of the remaining Commodore trademark rights. In a second video published on June 28 he announced the completed takeover: A group of unnamed angel investors has acquired the company for a low seven-figure sum. He himself is now the acting CEO, but the purchase price has not yet been paid - the company is still looking for investors.

In the half-hour video, Simpson lists a whole series of former Commodore employees (Michael Tomczyk, Bil Herd, David Pleasance, support staff such as James Harrison and Hans Olsen) or actor Thomas Middleditch ("Silicon Valley") as future "advisors". A financial participation of the community is not yet possible, as the international legal hurdles are too high. Commodore plans to revive the time before social networks and artificial intelligence, when computer technology was still considered a utopia rather than the scourge of mankind, with new "retro-futuristic" products. The years around the turn of the millennium are cited as a model several times.

Original Submission

upstart writes:

Scientists unlock the light-bending secrets of squid skin:

Squid are famous for flashing from glass-clear to kaleidoscopic in the blink of an eye, but biologists have long puzzled over the physical trick behind the act.

A research team led by the University of California, Irvine, joined by cephalopod experts at the Marine Biological Laboratory in Woods Hole, took that mystery head-on.

By peering into squid skin in three dimensions, they uncovered a hidden forest of nano-columns built from an uncommon protein called reflectin.

How squid skin bends light

These columns act much like tiny mirrors, bouncing or passing light depending on how close together they sit.

Alon Gorodetsky, an expert in chemical and biomolecular engineering at UC Irvine, is the senior author of the research.

"In nature, many animals use Bragg reflectors [which selectively transmit and reflect light at specific wavelengths] for structural coloration," he said. "A squid's ability to rapidly and reversibly transition from transparent to colored is remarkable."

"We found that cells containing specialized subcellular columnar structures with sinusoidal refractive index distributions enable the squid to achieve such feats."

hubie writes:

AI isn't just impacting how we write — it's changing how we speak and interact with others. And there's only more to come:

Join any Zoom call, walk into any lecture hall, or watch any YouTube video, and listen carefully. Past the content and inside the linguistic patterns, you'll find the creeping uniformity of AI voice. Words like "prowess" and "tapestry," which are favored by ChatGPT, are creeping into our vocabulary, while words like "bolster," "unearth," and "nuance," words less favored by ChatGPT, have declined in use. Researchers are already documenting shifts in the way we speak and communicate as a result of ChatGPT — and they see this linguistic influence accelerating into something much larger.

In the 18 months after ChatGPT was released, speakers used words like "meticulous," "delve," "realm," and "adept" up to 51 percent more frequently than in the three years prior, according to researchers at the Max Planck Institute for Human Development, who analyzed close to 280,000 YouTube videos from academic channels. The researchers ruled out other possible change points before ChatGPT's release and confirmed these words align with those the model favors, as established in an earlier study comparing 10,000 human- and AI-edited texts. The speakers don't realize their language is changing. That's exactly the point.

One word, in particular, stood out to researchers as a kind of linguistic watermark. "Delve" has become an academic shibboleth, a neon sign in the middle of every conversation flashing ChatGPT was here. "We internalize this virtual vocabulary into daily communication," says Hiromu Yakura, the study's lead author and a postdoctoral researcher at the Max Planck Institute of Human Development.

Arthur T Knackerbracket has processed the following story:

When we look out into the universe, we know it can support life – if it couldn’t, we wouldn’t exist. This has been stated in different ways over the years, but the essential thrust makes up the core of a philosophical argument known as the anthropic principle. It sounds obvious, even tautological, but it isn’t quite as simple as that.

To get your head around it, start with what scientists call the fine-tuning problem, the fact our universe seems perfectly balanced on the knife’s edge of habitability. Many fundamental constants, from the mass of a neutron to the strength of gravity, must have very specific values for life to be possible. “Some of these constants, if you make them too large, you just destabilise every atom,” says Luke Barnes at Western Sydney University in Australia.

The anthropic principle began as an attempt to explain why the universe is in this seemingly improbable state, and it boils down to a simple idea: the universe has to be this way, or else we wouldn’t be here to observe it.

There are two main formulations of the principle, both of which were set out in a 1986 book by cosmologist-mathematicians John Barrow and Frank Tipler. The weak principle states that because life exists, the universe’s fundamental constants are – at least here and now – in the range that allows life to develop. The strong principle adds the powerful statement that the fundamental constants must have values in that range because they are consistent with life existing. The “must” is important, as it can be taken as implying that the universe exists in order to support life.

If the weak principle is “I heard a tree fall in the forest, and therefore I must be in a place where trees can grow”, the strong principle says “A tree has fallen nearby, and therefore this planet was destined to have forests all along.”

Arthur T Knackerbracket has processed the following story:

Over the past decade, quantum computing has grown into a billion-dollar industry. Everyone seems to be investing in it, from tech giants, such as IBM and Google, to the US military.

But Ignacio Cirac at the Max Planck Institute of Quantum Optics in Germany, a pioneer of the technology, has a more sober assessment. “A quantum computer is something that at the moment does not exist,” he says. That is because building one that actually works – and is practical to use – is incredibly difficult.

Rather than the “bits” of conventional machines, these computers use quantum bits, or qubits, to encode information. These can be made in several ways, from tiny superconducting circuits to extremely cold atoms, but all of them are complex to build.

The upside is that their quantum properties can be used to do certain kinds of computation more quickly than standard computers.

Such speed-ups are attractive for a range of problems that normal computers struggle with, from simulating exotic physics systems to efficiently scheduling passenger flights or grocery deliveries to supermarkets. Five years ago, it seemed quantum computers would ameliorate these and many other computational challenges.

Today, the situation is a lot more nuanced. Progress in building ever bigger quantum computers has, admittedly, been stunning, with several companies developing machines with more than 1000 qubits. But this has also revealed impossible-to-ignore difficulties.

[...] So, which problems might still benefit from quantum computation? Quantum computers could break the cryptography systems we currently use for secure communication, and this makes the technology interesting to governments and other institutions whose security could be imperiled by it, says Scott Aaronson at the University of Texas at Austin.

Another place where quantum computers should still be useful is in modelling materials and chemical reactions. This is because quantum computers, themselves a system of quantum objects, are perfectly suited to simulate other quantum systems, such as electrons, atoms and molecules.

An Anonymous Coward writes:

https://www.bbc.com/news/articles/c6256wpn97ro

Work has begun on a controversial project to create the building blocks of human life from scratch, in what is believed to be a world first.

The research has been taboo until now because of concerns it could lead to designer babies or unforeseen changes for future generations.

But now the World's largest medical charity, the Wellcome Trust, has given an initial £10m to start the project and says it has the potential to do more good than harm by accelerating treatments for many incurable diseases.

Dr Julian Sale, of the MRC Laboratory of Molecular Biology in Cambridge, who is part of the project, told BBC News the research was the next giant leap in biology.

"The sky is the limit. We are looking at therapies that will improve people's lives as they age, that will lead to healthier aging with less disease as they get older.

"We are looking to use this approach to generate disease-resistant cells we can use to repopulate damaged organs, for example in the liver and the heart, even the immune system," he said.

But critics fear the research opens the way for unscrupulous researchers seeking to create enhanced or modified humans.

Dr Pat Thomas, director of the campaign group Beyond GM, said: "We like to think that all scientists are there to do good, but the science can be repurposed to do harm and for warfare".

[...] The Human Genome Project enabled scientists to read all human genes like a bar code. The new work that is getting under way, called the Synthetic Human Genome Project, potentially takes this a giant leap forward – it will allow researchers not just to read a molecule of DNA, but to create parts of it – maybe one day all of it - molecule by molecule from scratch.

[...] "Building DNA from scratch allows us to test out how DNA really works and test out new theories, because currently we can only really do that by tweaking DNA in DNA that already exists in living systems".

The project's work will be confined to test tubes and dishes and there will be no attempt to create synthetic life. But the technology will give researchers unprecedented control over human living systems.

upstart writes:

First images from world's largest digital camera reveal galaxies and cosmic collisions:

Millions of stars and galaxies fill a dreamy cosmic landscape in the first-ever images released from a new astronomical observatory with the largest digital camera in the world.

In one composite released Monday, bright pink clouds of gas and dust light up the Trifid and Lagoon nebulas, located several thousand light-years away from Earth. In another, a bonanza of stars and galaxies fills the sky, revealing stunning spirals and even a trio of galaxies merging and colliding.

A separate video uncovered a swarm of new asteroids, including 2,104 never-before-seen space rocks in our solar system and seven near-Earth asteroids that pose no danger to the planet.

The images and videos from the Vera C. Rubin Observatory represented just over 10 hours of test observations and were sneak peeks ahead of an event Monday that was livestreamed from Washington, D.C.

Keith Bechtol, an associate professor in the physics department at the University of Wisconsin-Madison who has been involved with the Rubin Observatory for nearly a decade, is the project's system verification and validation scientist, making sure the observatory's various components are functioning properly.

He said teams were floored when the images streamed in from the camera.

"There were moments in the control room where it was just silence, and all the engineers and all the scientists were just seeing these images, and you could just see more and more details in the stars and the galaxies," Bechtol told NBC News. "It was one thing to understand at an intellectual level, but then on this emotional level, we realized basically in real time that we were doing something that was really spectacular."

In one of the newly released images, the Rubin Observatory was able to spot objects in our cosmic neighborhood — asteroids in our solar system and stars in the Milky Way — alongside far more distant galaxies that are billions of light-years away.

"In fact, for most of the objects that you see in these images, we're seeing light that was emitted before the formation of our solar system," Bechtol said. "We are seeing light from across billions of years of cosmic history. And many of these galaxies have never been seen before."

looorg writes:

In the not to distant future you'll have/own the copyright for your face, voice bodily features as far as digital reproductions are concerned. That is if you live in Denmark. In an effort to combat deep fakes their citizens will gain those rights. Question is if it will matter much if the deep fakes are made or stored outside of Denmark. But it could perhaps be the start of something other EU countries might adapt if it turns out well for them.

The Danish government is to clamp down on the creation and dissemination of AI-generated deepfakes by changing copyright law to ensure that everybody has the right to their own body, facial features and voice.

It defines a deepfake as a very realistic digital representation of a person, including their appearance and voice.

It will also cover "realistic, digitally generated imitations" of an artist's performance without consent. Violation of the proposed rules could result in compensation for those affected.

What about, identical, twins? Or people that just look really like each other? Unclear as of yet. Also as noted how is the enforcement going to take place.

https://www.theguardian.com/technology/2025/jun/27/deepfakes-denmark-copyright-law-artificial-intelligence

Original Submission

The reason that the site was offline is that the cable to the NOC has been cut - again! It is not something that we could control.

We apologise for the problem. You could have stayed up-to-date with the cause and rectification if you had joined us on our back-up IRC - Libera.Chat, ##soylentnews (irc.libera.chat/6697)

Anonymous Coward writes:

The Fedora project is planning to reduce its package maintenance burden by dropping support for 32-bit x86 (i686) packages from the distribution's repositories. The plan detailed in the (mislabelled) change proposal is to drop 32-bit packages for Fedora 44. "By dropping completely the i686 architecture, Fedora will decrease the burden on package maintainers, release engineering, infrastructure, and users. Building and maintaining packages for i686 (and 32-bit architectures in general, but i686 is the last 32-bit architecture - partially - supported by Fedora) has been requiring more and more effort.

Many projects have already been officially dropping support for building and / or running on 32-bit architectures, requiring either adding back support for this architecture downstream in Fedora, or requiring packaging changes in a significant number of packages to adapt to this dropped support." The discussion under the proposal points out some of the situations where users will be unable to run software, such as the Steam gaming portal, under the current plan.

- - https://distrowatch.com/dwres.php?resource=showheadline&story=20014

Original Submission