SoylentNews

"Anonymous Coward" writes:

An approach it calls "quantum echoes" takes 13,000 times longer on a supercomputer

[...] Today, Google and a large collection of academic collaborators are publishing a paper describing a computational approach that demonstrates a quantum advantage compared to current algorithms—and may actually help us achieve something useful.

Google's latest effort centers on something it's calling "quantum echoes." The approach could be described as a series of operations on the hardware qubits that make up its machine. These qubits hold a single bit of quantum information in a superposition between two values, with probabilities of finding the qubit in one value or the other when it's measured. Each qubit is entangled with its neighbors, allowing its probability to influence those of all the qubits around it. The operations that allow computation, called gates, are ways of manipulating these probabilities. Most current hardware, including Google's, perform manipulations on one or two qubits at a time (termed one- and two-qubit gates, respectively.

[...] So how do you turn quantum echoes into an algorithm? On its own, a single "echo" can't tell you much about the system—the probabilities ensure that any two runs might show different behaviors. But if you repeat the operations multiple times, you can begin to understand the details of this quantum interference. And performing the operations on a quantum computer ensures that it's easy to simply rerun the operations with different random one-qubit gates and get many instances of the initial and final states—and thus a sense of the probability distributions involved.

This is also where Google's quantum advantage comes from. Everyone involved agrees that the precise behavior of a quantum echo of moderate complexity can be modeled using any leading supercomputer. But doing so is very time-consuming, so repeating those simulations a few times becomes unrealistic. The paper estimates that a measurement that took its quantum computer 2.1 hours to perform would take the Frontier supercomputer approximately 3.2 years. Unless someone devises a far better classical algorithm than what we have today, this represents a pretty solid quantum advantage.

But is it a useful algorithm? The repeated sampling can act a bit like the Monte Carlo sampling done to explore the behavior of a wide variety of physical systems. Typically, however, we don't view algorithms as modeling the behavior of the underlying hardware they're being run on; instead, they're meant to model some other physical system we're interested in. That's where Google's announcement stands apart from its earlier work—the company believes it has identified an interesting real-world physical system with behaviors that the quantum echoes can help us understand.

Snotnose writes:

No tech, no snark, no politics, just good pictures

Your day is about to get a lot better! After so much anticipation, the Nikon Comedy Wildlife Awards entry finalists have finally been revealed, and they are great. They're hilarious. Witty. Dynamic. And they're inspiring us to pick up the camera, too.

Today, we're featuring the finalist photos in all their glory, so scroll down to add a bit of humor and sunshine to your life. If anyone you know needs their spirits picked up, be sure to send them this way.

Original Submission

AnonTechie writes:

TechCrunch

New AI-powered web browsers such as OpenAI's ChatGPT ATLAS and Perplexity's Comet are trying to unseat Google Chrome as the front door to the internet for billions of users. A key selling point of these products are their web browsing AI agents, which promise to complete tasks on a user's behalf by clicking around on websites and filling out forms.

But consumers may not be aware of the major risks to user privacy that come along with agentic browsing, a problem that the entire tech industry is trying to grapple with.

Cybersecurity experts who spoke to TechCrunch say AI browser agents pose a larger risk to user privacy compared to traditional browsers. They say consumers should consider how much access they give web browsing AI agents, and whether the purported benefits outweigh the risks.

[...] There are a few practical ways users can protect themselves while using AI browsers. Rachel Tobac, CEO of the security awareness training firm SocialProof Security, tells TechCrunch that user credentials for AI browsers are likely to become a new target for attackers. She says users should ensure they're using unique passwords and multi-factor authentication for these accounts to protect them.

Tobac also recommends users to consider limiting what these early versions of ChatGPT Atlas and Comet can access, and siloing them from sensitive accounts related to banking, health, and personal information. Security around these tools will likely improve as they mature, and Tobac recommends waiting before giving them broad control.

Based on these concerns, would you use such browsers ?

Original Submission

An Anonymous Coward has submitted the following:

A December update to Microsoft Teams that will be disabled by default will reportedly track user location and report it if the feature is enabled. This will allow bosses to tell if an employee is in the office or working from home and set their status accordingly. It will also be able to tell if the user is not at their normal home logon location and provide evidence to employers showing the user's location. Workers who have been taking mini holidays while claiming to be working from home may be affected by this new feature.

The idea of the new feature is to eliminate confusion for bosses about where a worker is within the building and to see if they are working remotely.

But those who work from home argue it is an invasion of privacy.

"Micro management at peak? All online work doesn't need you to be in the office, we can do it from home," one X user said.

"Why is this needed?" another added.

Almost half of Gen Z workers surveyed (44 per cent) revealed last year that they took a secret trip, with most giving their workplace the impression they were working normal hours and using a virtual background in meetings to trick their employer.

Ella Maree, 26, started hush-tripping after Covid when her corporate workplace adopted a 3:2 work week, which meant she could work from home on Mondays and Fridays.

"Since travel options were limited, hush trips became my go-to choice," she said.

"I flew out Thursday evening and worked by the hotel pool, restaurant and room on Friday. I maintained the same level of productivity as if I were physically in the office or working from home, so really, a win-win situation.

"Most of my office work from home Friday, so really, I'm just making the most of our remote work flexibility."

Ms Maree insisted her boss "wouldn't mind" given workplaces are mostly connected online and that she was always getting her work done.

How many Soylentils still have the ability to WFH, either full-time or part-time? I thought one of the attractions of WFH is the ability to work when the hours suit you and not the standard 9-5 (for non-Usians). Would you consider working from a different location a breach of your contract?

Original Submission

upstart writes:

Alibaba Cloud says it cut Nvidia AI GPU use by 82% with new pooling system:

Alibaba Cloud claims its new Aegaeon pooling system reduces the number of Nvidia GPUs required to serve large language models by 82% during a multi-month beta test inside its Model Studio marketplace. The result, published in a peer-reviewed paper presented at the 2025 ACM Symposium on Operating Systems (SOSP) in Seoul, suggests that cloud providers may be able to extract significantly more inference capacity from existing silicon, especially in constrained markets like China, where the supply of Nvidia's latest H20s remains limited.

Unlike training-time breakthroughs that chase model quality or speed, Aegaeon is an inference-time scheduler designed to maximize GPU utilization across many models with bursty or unpredictable demand. Instead of pinning one accelerator to one model, Aegaeon virtualizes GPU access at the token level, allowing it to schedule tiny slices of work across a shared pool. This means one H20 could serve several different models simultaneously, with system-wide “goodput” — a measure of effective output — rising by as much as nine times compared to older serverless systems.

The system was tested in production over several months, according to the paper, which lists authors from both Peking University and Alibaba’s infrastructure division, including CTO Jingren Zhou. During that window, the number of GPUs needed to support dozens of different LLMs — ranging in size up to 72 billion parameters — fell from 1,192 to just 213.

Original Submission

An Anonymous Coward writes:

https://intezer.com/blog/beginners-guide-to-malware-analysis-and-reverse-engineering/
https://archive.ph/U2ZWQ

Malware analysis and reverse engineering are powerful but can also be challenging and time-consuming. Performing a thorough analysis typically requires deep knowledge, specialized tools, and extensive experience. However, not every security analyst has the expertise or the resources to conduct an exhaustive investigation for every suspicious file they encounter. Moreover, a comprehensive, in-depth reverse engineering effort isn’t always necessary or practical, for example, if another researcher has already reported and documented the file.

This blog series on “Breaking down malware” introduces a flexible, practical approach to malware analysis. Our goal is to guide you through determining the level of analysis required based on the context and initial findings. We will explore various techniques and tools that can help you efficiently assess a suspicious file, quickly determining whether a deeper dive is warranted or if initial triage provides sufficient insight.

[...] Malware (short for malicious software) analysis involves examining malicious software to understand its behavior, capabilities, and effects. By gaining insights into how malware functions, security teams can create effective detection, mitigation, and prevention strategies. It resembles digital forensics, where analysts serve as detectives, dissecting malware to uncover its mechanisms and defense methods. Just as doctors research diseases to develop cures, security researchers study malware to improve defense systems.

Original Submission

fliptop writes:

Ford will ramp up production of the F-150 and F-Series Super Duty in 2026, but the Lightning will pay the price :

A fire at a Novelis aluminum plant has disrupted operations for several automakers, including Ford and its top-selling F-150. The setback has been costly, but the Blue Oval plans to bounce back next year by ramping up truck production.

Under the plan, the Dearborn Truck Plant will add a third shift with roughly 1,200 employees. This will be supported by more than 90 new workers at Dearborn Stamping as well as more than 80 additional employees at Dearborn Diversified Manufacturing.

Thanks to these workers and the extra shift, Ford aims to produce an additional 45,000+ F-150s in 2026. They’ll have traditional powertrains as the F-150 Lightning hasn’t lived up to expectations.

[...] In total, the automaker will increase production by more than 50,000 units and create up to 1,000 new jobs. Ford’s Chief Operating Officer, Kumar Galhotra, said “The people who keep our country running depend on America’s most popular vehicle – F-Series trucks – and we are mobilizing our team to meet that demand.”

Related:

• GM to Take $1.6 Billion Hit as It Scales Back Electric Vehicle Operations
• Electric Truck-Maker Nikola Falls Into Bankruptcy Joining a Procession of Failed EV Startups
• Ford Motor Company is Planning a Big EV Future

Original Submission

anubi writes:

Nexperia, a Chinese Semiconductor manufacturing plant, located in the Netherlands, was seized by Dutch authorities last week in response to embargo pressures.

https://www.reuters.com/world/asia-pacific/nexperia-says-it-is-negotiating-with-both-us-china-over-export-controls-2025-10-14/

Original Submission

Do you live in Australia and have an old module Samsung phone? If so, check your SMS messages as your phone may soon no longer work. Due to recent issues with triple zero and subsequent lawsuits Australian Telcos are blocking devices that cannot fallback to make calls on the national 000 number. Emergency Management Minister Kristy McBain has ruled out government assistance to Australians whose mobile phone may be unable to call triple-0. Devices affected by this block will no longer work after 26/11/2025.

The mobile devices affected by the issue are Galaxy A7 (2017), Galaxy A5 2017, Galaxy J1 2016j, Galaxy J3 2016, Galaxy J5 (2017), Galaxy S6, Galaxy S6 edge, Galaxy S6 Edge+, Galaxy S7 and Galaxy S7 Edge.

Ms McBain said the telecommunications companies were working to assess how many devices were impacted, but the number was estimated to be about 10,000.

[...] In a statement, TPG Telecom, which owns Vodafone, said it had identified a cohort of older Samsung handsets leading into the 3G network shutdown in 2024 that were unable to make triple-0 calls on the TPG/Vodafone mobile network and could not be fixed with a software upgrade.

"These devices were blocked from the Vodafone network as part of the 3G shutdown process," a spokesman said.

"Recently, we became aware that some of those same handsets that worked on other networks were unable to connect to triple-0 when only Vodafone coverage was available.

"These Samsung devices were found to be configured in way that permanently locked them to making triple-0 calls on the Vodafone 3G network even if being used with the SIM of another mobile operator and able to make triple-0 calls on their 4G network. This limitation was not previously known to TPG Telecom."

[...] An Optus spokesman earlier said during emergencies, and at times mobile phones could not connect to its regular network, phones were designed to search for another available network to reach triple-0.

"These situations relate to rare occasions when both the Optus and Telstra networks are unavailable and the phone needs to switch to Vodafone in order to contact emergency services," a spokesman said.

"This only happens under very specific conditions, but it's critically important that all devices can reach triple-0."

Is it the Year of the Linux Phone yet?

Original Submission

"Anonymouse" writes:

Cache Poisoning Vulnerabilities Found in 2 DNS Resolving Apps

The makers of BIND, the Internet's most widely used software for resolving domain names, are warning of two vulnerabilities that allow attackers to poison entire caches of results and send users to malicious destinations that are indistinguishable from the real ones.

The vulnerabilities, tracked as CVE-2025-40778 and CVE-2025-40780, stem from a logic error and a weakness in generating pseudo-random numbers, respectively. They each carry a severity rating of 8.6. Separately, makers of the Domain Name System resolver software Unbound warned of similar vulnerabilities that were reported by the same researchers. The unbound vulnerability severity score is 5.6

[...] In 2008, researcher Dan Kaminsky revealed one of the more severe Internet-wide security threats ever. Known as DNS cache poisoning, it made it possible for attackers to send users en masse to imposter sites instead of the real ones belonging to Google, Bank of America, or anyone else. With industry-wide coordination, thousands of DNS providers around the world—in coordination with makers of browsers and other client applications—implemented a fix that averted this doomsday scenario.

[...] What Kaminsky realized was that there were only 65,536 possible transaction IDs. An attacker could exploit this limitation by flooding a DNS resolver with lookup results for a specific domain. Each result would use a slight variation in the domain name, such as 1.arstechnica.com, 2.arstechnica.com, 3.arstechnica.com, and so on. Each result would also include a different transaction ID. Eventually, an attacker would reproduce the correct number of an outstanding request, and the malicious IP would get fed to all users who relied on the resolver that made the request. The attack was called DNS cache poisoning because it tainted the resolver's store of lookups.

[...] "Because exploitation is non-trivial, requires network-level spoofing and precise timing, and only affects cache integrity without server compromise, the vulnerability is considered Important rather than Critical," Red Hat wrote in its disclosure of CVE-2025-40780.

The vulnerabilities nonetheless have the potential to cause harm in some organizations. Patches for all three should be installed as soon as practicable.

Original Submission

upstart writes:

It's Typhoon season...year round:

China's Salt Typhoon gang appears to have successfully attacked a European telecommunications firm, according to security researchers at Darktrace.

Salt Typhoon is an espionage gang linked to the People's Republic of China that hacked America's major telecommunications firms and stole metadata and other information belonging to "nearly every American," according to a top FBI cyber official who spoke with The Register about the intrusions.

The crew's actions against US telcos came to light last year; however, it has been active since at least 2019 using tactics including exploiting edge devices, planting backdoors for stealthy, long-term network access, and stealing sensitive data across more than 80 countries.

Today's Darktrace report is the latest indication that Salt Typhoon is still actively targeting high-value networks and using stealthy techniques to avoid being caught.

In the European telco intrusion described by Darktrace, the suspected spies exploited a buggy Citrix NetScaler Gateway appliance in the first week of July 2025 to gain access to the telecom's network, according to the AI-powered security shop's research team.

While Darktrace doesn't say which flaw(s) the suspected Chinese snoops abused to break in, Citrix had a busy summer patching security holes in its NetScaler Gateway products that had already been found and exploited by attackers.

"We didn't confirm which one," Nathaniel Jones, field CISO and VP of security and AI strategy at Darktrace, told The Register. "Given the timing, defenders were concurrently patching recent NetScaler flaws (e.g., CVE-2025-5349, CVE-2025-5777 in June)."

[...] After compromising the Citrix NetScaler appliance, the Salt Typhoon miscreants pivoted to Citrix Virtual Delivery Agent (VDA) hosts in the client's Machine Creation Services (MCS) subnet component. "Initial access activities in the intrusion originated from an endpoint potentially associated with the SoftEther VPN service, suggesting infrastructure obfuscation from the outset," Darktrace's threat hunters wrote in a Monday blog.

hubie writes:

Copilot now has its own virtual character for its voice mode:

It's been nearly 30 years since Microsoft's Office assistant, Clippy, first graced our screens as an annoying paperclip. After the Groucho-browed interruptions of Clippy came to an end in 2001 with Office XP, Microsoft tried to revive the spirit of an assistant with Cortana on Windows Phone. The technology still wasn't quite there a decade ago, but now Microsoft is ready to try again with Mico, a new character for Copilot's voice mode.

"Clippy walked so that we could run," jokes Jacob Andreou, corporate VP of product and growth at Microsoft AI, in an interview with The Verge. Microsoft has been testing Mico (rhymes with "pico") for a few months now, as a virtual character that responds with real-time expressions when you talk to it. Mico is now being turned on by default in Copilot's voice mode, where you'll also have the option to turn the bouncing orb off.

"You can see it, it reacts as you speak to it, and if you talk about something sad you'll see its facial expressions react almost immediately," explains Andreou. "All the technology fades into the background, and you just start talking to this cute orb and build this connection with it."

Mico will only be available in the US at launch, and this new Copilot virtual character will also rely on a new memory feature inside Copilot to be able to surface facts it has learned about you and the things you're working on.

Microsoft is also adding a Learn Live mode to Mico that will turn the character into a Socratic tutor that "guides you through concepts instead of just giving answers." It even uses interactive whiteboards and visual cues, and looks like it's targeted at students preparing for finals or anyone trying to practice a new language.

[...] Mico also forms a key part of Microsoft's new initiative to get people to talk to their computers. The software maker is running ads on TV marketing the latest Windows 11 PCs as "the computer you can talk to." Microsoft tried to convince people to use Cortana on Windows 10 PCs a decade ago, and that effort ended in the Cortana app being shut down on Windows 11 a couple of years ago.

Original Submission

hubie writes:

Cast-off turbines generate up to 48 MW of electricity apiece:

Faced with multi-year delays to secure grid power, US data center operators are deploying aeroderivative gas turbines — effectively retired commercial aircraft engines bolted into trailers — to keep AI infrastructure online.

According to IEEE Spectrum, facilities in Texas are already spinning up units based on General Electric's CF6-80C2 and LM6000, the same turbine cores once found on 767s and Airbus A310s. Vendors like ProEnergy and Mitsubishi Power have turned these into modular, fast-start generators capable of delivering 48 megawatts apiece, enough to support a large AI cluster while utility-scale infrastructure lags.

Fast, loud, and anything but elegant, these "bridging power" units come from vendors like ProEnergy, which offers trailerized turbines built around ex-aviation cores that can spin up in minutes to meet energy demand. Meanwhile, Mitsubishi Power's FT8 MOBILEPAC, which derives from Pratt & Whitney jet engines, delivers a similar output in a self-contained footprint designed for fast deployment.

While this might not be the cheapest, and certainly not the cleanest, way to power racks, it's a viable stopgap for companies racing to hit AI milestones while local substations and modular nuclear power deployments remain years away.

[...] In one of the more visible examples, OpenAI's parent group is deploying nearly 30 LM2500XPRESS units at a facility near Abilene, Texas, as part of its multi-billion-dollar Stargate project. Each unit spins up to 34 megawatts, fast enough to cold-start servers in under ten minutes.

Also see: Data Centers Look to Old Airplane Engines for Power

Original Submission

upstart writes:

New method extracts desirable elements from waste magnets using less energy and acid:

All the world's discarded phones, bricked laptops, and other trashed electronics are collectively a treasure trove of rare earth elements (REEs). But separating out and recovering these increasingly sought-after materials is no easy task.

However, a team of researchers says it has developed a way of separating REEs from waste—magnets, in this case—that is relatively easy, uses less energy, and isn't nearly as emissions and pollution intensive as current methods. The team published a paper describing this method in the Proceedings of the National Academy of Sciences.

In short, this process involves using an electric current to heat waste magnets to very high temperatures very fast, and using chlorine gas to react with the non-REEs in the mix, keeping them in the vapor phase. James Tour, one of the authors and a professor of materials science and nanoengineering at Rice University, says that the research can help the United States meet its growing need for these elements.

"The country's scurrying to try to see how we can get these [REEs]," he says. "And, in our argument, it's all in our waste... We have it right here, just pull it right back out of the waste."

In 2018, Tour and his colleagues discovered that this rapid heating process, called flash joule heating, can turn any carbon source—including coal, biochar, and mixed plastic—into graphene, a very thin, strong, and conductive material.

Building on this, in 2023, they developed a method that uses flash joule heating and chlorine. In this work, they identified the Gibbs free energy, the reactivity of a material, for the oxide form of all 17 REEs and nine common oxides found in REE waste.

Ground-up waste magnets are put on a platform made of carbon and surrounded by a glass chamber. A current runs through the platform, rapidly producing immense heat, thousands of degrees celsius in a matter of seconds. Chlorine gas is then released into the chamber, creating chlorides of unwanted elements like iron and lowering their boiling points.

Between the chlorine gas and the heat, the non-REE components vaporize and form deposits on the interior of the chamber. The REEs are left behind in oxide or oxychloride form on the carbon platform, ready to be collected.

upstart writes:

Latvian police bust European cybercrime ring and arrest seven suspects:

Latvian police have busted a major internet fraud network that has scammed thousands of victims across Europe.

Police arrested seven suspects, the EU's law enforcement agency Europol said on Friday.

To dismantle the criminal ring, law enforcement investigators from Austria, Estonia and Latvia, in partnership with the EU agencies Europol and Eurojust, teamed up.

The probe culminated in an operation that took place on 10 October.

The detained suspects are believed to be responsible for more than 1,700 individual cyberfraud cases in Austria and 1,500 in Latvia.

They are accused of having scammed victims out of nearly €5 million, of which €4.5 million were in Austria and €420,000 in Latvia.

As part of the operation, which was dubbed SIMCARTEL, police seized 1,200 SIM box devices and 40,000 active SIM cards, Europol said.

"Other offences facilitated by this criminal service include fraud, extortion, migrant smuggling and the distribution of child sexual abuse material," Europol wrote in a statement.

Original Submission