Slashdot

FFmpeg, the open source multimedia framework that powers video processing in Google Chrome, Firefox, YouTube and other major platforms, has called on Google to either fund the project or stop burdening its volunteer maintainers with security vulnerabilities found by the company's AI tools. The maintainers patched a bug that Google's AI agent discovered in code for decoding a 1995 video game but described the finding as "CVE slop." The confrontation centered on a Google Project Zero policy announced in July that publicly discloses reported vulnerabilities within a week and starts a ninety-day countdown to full disclosure regardless of patch availability. FFmpeg, written primarily in assembly language, handles format conversion and streaming for VLC, Kodi and Plex but operates without adequate funding from the corporations that depend on it. Nick Wellnhofer resigned as maintainer of libxml2, a library used in all major web browsers, because of the unsustainable workload of addressing security reports without compensation and said he would stop maintaining the project in December.

Read more of this story at Slashdot.

Democratic U.S. Senator Elizabeth Warren is escalating pressure on the defense industry to stop opposing military right-to-repair legislation, as House and Senate negotiators work to finalize the fiscal 2026 National Defense Authorization Act. From a report: In a sharply-worded November 5 letter to the National Defense Industrial Association (NDIA) obtained by Reuters, Warren accused the industry group of attempting to undermine bipartisan efforts to give the Pentagon greater ability to repair weapons and equipment it owns. She called the group's opposition "a dangerous and misguided attempt to protect an unacceptable status quo of giant contractor profiteering." Currently, the government is often required to pay contractors like NDIA members Lockheed Martin, Boeing and RTX to use expensive original equipment and installers to service broken parts, versus having trained military maintainers 3D print spares in the field and install them faster and more cheaply.

Read more of this story at Slashdot.

China has introduced a visa that will allow young foreign researchers in science, technology, engineering and mathematics to move there without having to secure a job first. From a report: Before the introduction of the K visa, most foreign STEM researchers hoping to move to China had to find a job in advance and then apply for a work visa. The Chinese government is making "a serious bid" to attract the world's brightest minds in STEM, says Jeremy Neufeld, the director of immigration policy at the Institute for Progress, a think tank in Washington DC. South Korea, Singapore and several other countries have also launched STEM-oriented visa programmes. The K visa was officially rolled out on 1 October, but Nature understands that applications are yet to open. Few details about eligibility have been released, except that restrictions will apply on the basis of an applicant's age, education and work experience. Foreign researchers who have graduated from 'famous' universities or institutes in China or abroad with a bachelor-or-higher degree in STEM will be eligible to apply. That also includes people who teach or research STEM topics in such organizations.

Read more of this story at Slashdot.

Animal testing in science would be phased out faster under a new plan to increase the use of artificial intelligence and 3D bioprinted human tissues, a UK minister has said. The Guardian: The roadmap unveiled by the science minister, Patrick Vallance, backs replacing certain animal tests that are still used where necessary to determine the safety of products such as life-saving vaccines and the impact pesticides have on living beings and the environment. The strategy says phasing out the use of animals in science can only happen when reliable and effective alternative methods with the same level of safety for human exposure can replace them. The government said new funding for researchers and streamlined regulation would help develop methods such as organ-on-a-chip systems -- tiny devices that mimic how human organs work using real human cells. Greater use of AI to analyse vast amounts of data about molecules and predict whether new medicines will be safe and work well on humans would be deployed, while 3D bioprinted tissues could create realistic human tissue samples, from skin to liver, for testing. Other plans under the strategy include an end to regulatory testing on animals to assess the potential for skin and eye irritation and skin sensitisation by the end of 2026. By 2027, researchers are expected under the strategy to end tests of the strength of botox on mice, while by 2030 pharmacokinetic studies -- which track how a drug moves through the body over time -- on dogs and non-human primates will be reduced.

Read more of this story at Slashdot.

BrianFagioli writes: Mozilla has released Firefox 145.0, and the standout change in this version is the official end of support for 32-bit Linux systems. Users on 32-bit distributions will no longer receive updates and are being encouraged to switch to the 64-bit build to continue getting security patches and new features. While most major Linux distributions have already moved past 32-bit support, this shift will still impact older hardware users and lightweight community projects that have held on to 32-bit for the sake of performance or preservation. The rest of the update introduces features such as built-in PDF comments, improved fingerprinting resistance for private browsing, tab group previews, password management in the sidebar, and minor UI refinements. Firefox also now compresses local translation models with Zstandard to reduce storage needs. But the end of 32-bit Linux support is the change that will leave the biggest mark, signaling another step toward a web ecosystem firmly centered on 64-bit computing.

Read more of this story at Slashdot.

The furious push by AI hyperscalers to build out data centers will need about $1.5 trillion of investment-grade bonds over the next five years and extensive funding from every other corner of the market, according to an analysis by JPMorgan. From a report: "The question is not 'which market will finance the AI-boom?' Rather, the question is 'how will financings be structured to access every capital market?'" according to strategists led by Tarek Hamid. Leveraged finance is primed to provide around $150 billion over the next half decade, they said. Even with funding from the investment-grade and high-yield bond markets, as well as up to $40 billion per year in data-center securitizations, it will still be insufficient to meet demand, the strategists added. Private credit and governments could help cover a remaining $1.4 trillion funding gap, the report estimates. The bank calculates an at least $5 trillion tab that could climb as high as $7 trillion, singlehandedly driving a reacceleration in growth in the bond and syndicated loan markets, the strategists wrote in a report Monday. The analysts project $300 billion in high-grade bonds going toward AI data centers next year. That could account for nearly one fifth of total issuance in that market, which a report from Barclays estimates will grow to $1.6 trillion.

Read more of this story at Slashdot.

The iPad Pro went on sale ten years ago, launching with a 12.9-inch screen that Apple believed would redefine computing through size alone. The company initially resisted making the device a laptop replacement and maintained strict limitations on multitasking, browser capabilities, and app installation. Over the past decade, Apple reversed course. The iPad Pro gained USB-C ports, external drive support, keyboard and trackpad accessories, and an improved Files app. The current M5 model includes OLED screens in 13- and 11-inch sizes. iPadOS 26 added free-form multitasking, a menu bar and the Preview app. The webcam now sits in landscape orientation. Despite these advances, the device remains constrained by App Store-only software installation, The Verge writes, limited system access, and the absence of desktop-class browsers. Apple spent years positioning the iPad as a third category between phones and computers. The hardware and accessories now support full computer functionality, but artificial software limitations remain in place.

Read more of this story at Slashdot.

Apple has launched the iPhone Pocket, a knitted bag designed to hold iPhones. The limited edition collaboration with Japanese designer Issey Miyake costs $229.95 for the crossbody version. A shorter version is priced at $149.95. Apple said the 3D-knitted design was inspired by "a piece of cloth" and was born from the idea of creating an additional pocket for any iPhone and small everyday items. Yoshiyuki Miyamae, design director at Miyake Design Studio, said the product "speaks to the bond between iPhone and its user" and explores "the joy of wearing iPhone in your own way." Steve Jobs mocked similar $29 iPod Socks as "a revolutionary new product" in 2004.

Read more of this story at Slashdot.

Sam Altman's Tools for Humanity has verified around 17.5 million people through its iris-scanning Orb device. The company has set a goal of reaching 1 billion users, so it is less than 2% of the way there. The startup has raised $240 million from investors including Andreessen Horowitz, Bain Capital and Khosla Ventures. PitchBook estimates its valuation at $2.5 billion. The Orb is a volleyball-sized metal sphere that scans irises to generate a World ID. Users can claim tokens of the cryptocurrency Worldcoin, currently worth around 80 cents per coin. Business Insider spoke to former Tools for Humanity employees, a former Orb operator from Kenya, and a former head of operations in Mexico City. Some questioned whether the company had a clear long-term strategy. Nick Maynard, vice president of fintech market research at Juniper Research, said he does not see a killer use case that will drive major traction. The company also continues to face regulatory headwinds. In October, agencies in the Philippines, Colombia and Thailand took action to halt operations. German authorities determined last year that the company's data protection measures would not be sufficient to protect against cybercriminals or state attackers.

Read more of this story at Slashdot.

Samsung is rolling out new conversational AI across its 2025 TVs that lets users ask questions about what's on the screen and beyond it. From a report: First announced in September, the generative AI update is rolling out now with support for several languages. Vision AI Companion is based on an upgraded, generative AI-based version of Samsung's virtual assistant Bixby. Samsung suggests you can use it to ask questions about on-screen content -- what that actor is famous for, who painted that artwork, or what the final score was in a football game. It can go beyond that though, offering TV and movie recommendations along with cooking advice, travel tips, and local restaurant discovery.

Read more of this story at Slashdot.

The UK and China today signed a new bilateral agreement on scientific collaboration [non-paywalled source], narrowing the scope of their partnership to exclude sensitive technologies. Lord Patrick Vallance, Britain's science and technology minister, met his Chinese counterpart Chen Jiachang in Beijing and agreed to focus cooperation on health, climate, planetary sciences, and agriculture. The previous agreement from 2017 had included satellites, remote sensing technology and robotics. Those fields are absent from the new accord. The countries announced no new funding for joint research. Vallance said the UK had "deliberately gone for areas which we think are not carrying such a security risk."

Read more of this story at Slashdot.

Longtime Slashdot reader theodp writes: The UK Department for Education is "replacing its narrowly focused computer science GCSE with a broader, future-facing computing GCSE [General Certificate of Secondary Education] and exploring a new qualification in data science and AI for 16-18-year-olds." The move aims to correct unintended consequences of a shift made more than a decade ago from the existing ICT (Information and Communications Technology) curriculum, which focused on basic digital skills, to a more rigorous Computer Science curriculum at the behest of major tech firms and advocacy groups to address concerns about the UK's programming talent pipeline. The UK pivot from rigorous CS to AI literacy comes as tech-backed nonprofit Code.org leads a similar shift in the U.S., pivoting from its original 2013 mission calling for rigorous CS for U.S. K-12 students to a new mission that embraces AI literacy. Code.org next month will replace its flagship Hour of Code event with a new Hour of AI "designed to bring AI education into the mainstream" with the support of its partners, including Microsoft, Google, and Amazon. Code.org has pledged to engage 25 million learners with the new Hour of AI this school year.

Read more of this story at Slashdot.

China's CO2 emissions have been flat or falling for 18 months, "adding evidence to the hope that the world's biggest polluter has managed to hit its target of peak CO2 emissions well ahead of schedule," reports the Guardian. From the report: Rapid increases in the deployment of solar and wind power generation -- which grew by 46% and 11% respectively in the third quarter of this year -- meant the country's energy sector emissions remained flat, even as the demand for electricity increased. China added 240GW of solar capacity in the first nine months of this year, and 61GW of wind, putting it on track for another renewable record in 2025. Last year, the country installed 333GW of solar power, more than the rest of the world combined. [...] The analysis by the Centre for Research on Energy and Clean Air (Crea), for the science and climate policy website Carbon Brief, found China's CO2 emissions were unchanged from a year earlier in the third quarter of 2025, thanks in part to declining emissions in the travel, cement and steel industries. But China has a record of underpromising and overdelivering on climate targets. Li Shuo, the director of the China Climate Hub at the Asia Society Policy Institute, a US-based thinktank, said in a recent note that the latest Chinese climate targets should be seen as a baseline and not a ceiling.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Gizmodo: It appears that Neom -- Saudi Arabia's hugely expensive, architecturally bizarre urban development project -- is floundering and close to collapse. A new report from the Financial Times cites high-level sources within the project to paint a picture of dysfunction and failure at the heart of the quixotic effort. Neom was envisioned as a vast series of fantastical urban developments spread across the coast of the Red Sea. At the center of the project is The Line -- a proposed 105-mile-long city which developers had initially projected could house as many as 9 million people by the year 2030. The Line is defined by bizarre architectural flourishes that, as the story notes, have seemed impossible even to the execs tasked with making them a reality. One such addition is an upside-down building, dubbed "the chandelier," that is supposed to hang over a "gateway" marina to the city: "As architects worked through the plans, the chandelier began to seem implausible. One recalled warning Tarek Qaddumi, The Line's executive director, of the difficulty of suspending a 30-story building upside down from a bridge hundreds of metres in the air. 'You do realize the earth is spinning? And that tall towers sway?' he said. The chandelier, the architect explained, could 'start to move like a pendulum,' then 'pick up speed,' and eventually 'break off,' crashing into the marina below." Yes, that doesn't sound great. Now, according to those sources the FT talked to, the project is looking more and more like a hugely expensive pipe dream that will never come to pass: "Today, with at least $50 billion spent, the desert is pock-marked with piling, and deep trenches stretch across the landscape. But Prince Mohammed, who chairs Neom, has dramatically scaled back the first phase of the plans. Neom told the FT that The Line remained 'a strategic priority' that would ultimately 'provide a new blueprint for humanity by changing the way people live.' But they described it as a 'multi-generational development of unprecedented scale and complexity.'" The outlet interviewed workers on the project who seem to feel that it's only a matter of time before the project is declared DOA: "While Neom employees say that much of The Line might still be technically buildable, they are not convinced anyone is ready to pay for it. Construction work across Neom has slowed, with the desert ski resort Trojena, the intended venue for the 2029 Asian Winter Games, one of the few sites still moving ahead at pace ... one former employee has said that everyone knows the project won't work; it is now just a matter of letting MBS down gently." Chief among the project's problems is the fact that, as Neom's bizarre developments have failed to materialize, it has become increasingly difficult to encourage investors to put up money for the absurdly expensive project. FT notes: "Senior executives were constantly asking for more money, but The Line was competing with other Neom projects. Some wealthy Saudi families put modest sums into the project, but the large investments Riyadh hoped to lure from foreign backers never materialized." The lack of adequate funding coming in has led a senior construction manager to tell FT that he feels the Line will never be built.

Read more of this story at Slashdot.

Slashdot reader alternative_right shares an exclusive BBC interview with Vyacheslav "Tank" Penchukov, once a top-tier cyber-crime boss behind Jabber Zeus, IcedID, and major ransomware campaigns. His story traces the evolution of modern cybercrime from early bank-theft malware to today's lucrative ransomware ecosystem, marked by shifting alliances, Russian security-service ties, and the paranoia that ultimately consumes career hackers. Here's an excerpt from the report: In the late 2000s, he and the infamous Jabber Zeus crew used revolutionary cyber-crime tech to steal directly from the bank accounts of small businesses, local authorities and even charities. Victims saw their savings wiped out and balance sheets upended. In the UK alone, there were more than 600 victims, who lost more than $5.2 million in just three months. Between 2018 and 2022, Penchukov set his sights higher, joining the thriving ransomware ecosystem with gangs that targeted international corporations and even a hospital. [...] Penchukov says he did not think about the victims, and he does not seem to do so much now, either. The only sign of remorse in our conversation was when he talked about a ransomware attack on a disabled children's charity. His only real regret seems to be that he became too trusting with his fellow hackers, which ultimately led to him and many other criminals being caught. "You can't make friends in cyber-crime, because the next day, your friends will be arrested and they will become an informant," he says. "Paranoia is a constant friend of hackers," he says. But success leads to mistakes. "If you do cyber-crime long enough you lose your edge," he says, wistfully.

Read more of this story at Slashdot.

"For months, extremely personal and sensitive ChatGPT conversations have been leaking into an unexpected destination," reports Ars Technica: the search-traffic tool for webmasters , Google Search Console. Though it normally shows the short phrases or keywords typed into Google which led someone to their site, "starting this September, odd queries, sometimes more than 300 characters long, could also be found" in Google Search Console. And the chats "appeared to be from unwitting people prompting a chatbot to help solve relationship or business problems, who likely expected those conversations would remain private." Jason Packer, owner of analytics consulting firm Quantable, flagged the issue in a detailed blog post last month, telling Ars Technica he'd seen 200 odd queries — including "some pretty crazy ones." (Web optimization consultant Slobodan ManiÄ helped Packer investigate...) Packer points out "nobody clicked share" or were given an option to prevent their chats from being exposed. Packer suspected that these queries were connected to reporting from The Information in August that cited sources claiming OpenAI was scraping Google search results to power ChatGPT responses. Sources claimed that OpenAI was leaning on Google to answer prompts to ChatGPT seeking information about current events, like news or sports... "Did OpenAI go so fast that they didn't consider the privacy implications of this, or did they just not care?" Packer posited in his blog... Clearly some of those searches relied on Google, Packer's blog said, mistakenly sending to GSC "whatever" the user says in the prompt box... This means "that OpenAI is sharing any prompt that requires a Google Search with both Google and whoever is doing their scraping," Packer alleged. "And then also with whoever's site shows up in the search results! Yikes." To Packer, it appeared that "ALL ChatGPT prompts" that used Google Search risked being leaked during the past two months. OpenAI claimed only a small number of queries were leaked but declined to provide a more precise estimate. So, it remains unclear how many of the 700 million people who use ChatGPT each week had prompts routed to Google Search Console. "Perhaps most troubling to some users — whose identities are not linked in chats unless their prompts perhaps share identifying information — there does not seem to be any way to remove the leaked chats from Google Search Console.."

Read more of this story at Slashdot.

The new series from Breaking Bad creator Vince Gilligan, Pluribus, was emphatically made by humans, not AI, reports TechCrunch: If you watched all the way to the end of the new Apple TV show "Pluribus," you may have noticed an unusual disclaimer in the credits: "This show was made by humans." That terse message — placed right below a note that "animal wranglers were on set to ensure animal safety" — could potentially provide a model for other filmmakers seeking to highlight that their work was made without the use of generative AI. In fact, yesterday the former X-Files writer told Variety "I hate AI. AI is the world's most expensive and energy-intensive plagiarism machine...." He goes on, about how AI-generated content is "like a cow chewing its cud — an endlessly regurgitated loop of nonsense," and how the U.S. will fail to regulate the technology because of an arms race with China. He works himself up until he's laughing again, proclaiming: "Thank you, Silicon Valley! Yet again, you've fucked up the world." He also says "there's a very high possibility that this is all a bunch of horseshit," according to the article. "It's basically a bunch of centibillionaires whose greatest life goal is to become the world's first trillionaires. I think they're selling a bag of vapor." And earlier this week he told Polygon that he hasn't used ChatGPT "because, as of yet, no one has held a shotgun to my head and made me do it." (Adding "I will never use it.") Time magazine called Thursday's two-episode premiere "bonkers." Though ironically, that premiere hit its own dystopian glitch. "After months of buildup and an omnipresent advertising campaign, Apple's much-anticipated new show Pluribus made its debut..." reports Macworld. "And the service promptly suffered a major outage across the U.S. and Canada." As reported by Bloomberg and others, users started to report that the service had crashed at around 10:30 p.m. ET, shortly after Apple made the first two episodes of the show available to stream. There were almost 13,000 reports on Downdetector before Apple acknowledged the problem on its System Status page. Reports say the outage was brief, lasting less than an hour... [T]here remains a Resolved Outage note on Apple TV (simply saying "Some users were affected; users experienced a problem with Apple TV" between 10:29 and 11.38 p.m.), as well as on Apple Music and Apple Arcade, which also went down at the same time. Social media reports indicated that the outage was widespread.

Read more of this story at Slashdot.

"The Firefox brand is getting a refresh and you get the first look," says a new web page at Firefox.com. "Kit's our new mascot and your new companion through an internet that's private, open and actually yours." Slashdot reader BrianFagioli believes the new mascot "is meant to communicate that message in a warmer, more relatable way." And Firefox is already selling shirts with Kit over the pocket (as well as stickers)...

Read more of this story at Slashdot.

For more than a decade, the nonprofit Common Crawl "has been scraping billions of webpages to build a massive archive of the internet," notes the Atlantic, making it freely available for research. "In recent years, however, this archive has been put to a controversial purpose: AI companies including OpenAI, Google, Anthropic, Nvidia, Meta, and Amazon have used it to train large language models. "In the process, my reporting has found, Common Crawl has opened a back door for AI companies to train their models with paywalled articles from major news websites. And the foundation appears to be lying to publishers about this — as well as masking the actual contents of its archives..." Common Crawl's website states that it scrapes the internet for "freely available content" without "going behind any 'paywalls.'" Yet the organization has taken articles from major news websites that people normally have to pay for — allowing AI companies to train their LLMs on high-quality journalism for free. Meanwhile, Common Crawl's executive director, Rich Skrenta, has publicly made the case that AI models should be able to access anything on the internet. "The robots are people too," he told me, and should therefore be allowed to "read the books" for free. Multiple news publishers have requested that Common Crawl remove their articles to prevent exactly this use. Common Crawl says it complies with these requests. But my research shows that it does not. I've discovered that pages downloaded by Common Crawl have appeared in the training data of thousands of AI models. As Stefan Baack, a researcher formerly at Mozilla, has written, "Generative AI in its current form would probably not be possible without Common Crawl." In 2020, OpenAI used Common Crawl's archives to train GPT-3. OpenAI claimed that the program could generate "news articles which human evaluators have difficulty distinguishing from articles written by humans," and in 2022, an iteration on that model, GPT-3.5, became the basis for ChatGPT, kicking off the ongoing generative-AI boom. Many different AI companies are now using publishers' articles to train models that summarize and paraphrase the news, and are deploying those models in ways that steal readers from writers and publishers. Common Crawl maintains that it is doing nothing wrong. I spoke with Skrenta twice while reporting this story. During the second conversation, I asked him about the foundation archiving news articles even after publishers have asked it to stop. Skrenta told me that these publishers are making a mistake by excluding themselves from "Search 2.0" — referring to the generative-AI products now widely being used to find information online — and said that, anyway, it is the publishers that made their work available in the first place. "You shouldn't have put your content on the internet if you didn't want it to be on the internet," he said. Common Crawl doesn't log in to the websites it scrapes, but its scraper is immune to some of the paywall mechanisms used by news publishers. For example, on many news websites, you can briefly see the full text of any article before your web browser executes the paywall code that checks whether you're a subscriber and hides the content if you're not. Common Crawl's scraper never executes that code, so it gets the full articles. Thus, by my estimate, the foundation's archives contain millions of articles from news organizations around the world, including The Economist, the Los Angeles Times, The Wall Street Journal, The New York Times, The New Yorker, Harper's, and The Atlantic.... A search for nytimes.com in any crawl from 2013 through 2022 shows a "no captures" result, when in fact there are articles from NYTimes.com in most of these crawls. "In the past year, Common Crawl's CCBot has become the scraper most widely blocked by the top 1,000 websites," the article points out...

Read more of this story at Slashdot.

A CRISPR-based drug given to study participants by infusion is raising hopes for a much easier way to lower cholesterol, reports CNN: With a snip of a gene, doctors may one day permanently lower dangerously high cholesterol, possibly removing the need for medication, according to a new pilot study published Saturday in the New England Journal of Medicine. The study was extremely small — only 15 patients with severe disease — and was meant to test the safety of a new medication delivered by CRISPR-Cas9, a biological sort of scissor which cuts a targeted gene to modify or turn it on or off. Preliminary results, however, showed nearly a 50% reduction in low-density lipoprotein, or LDL, the "bad" cholesterol which plays a major role in heart disease — the No.1 killer of adults in the United States and worldwide. The study, which will be presented Saturday at the American Heart Association Scientific Sessions in New Orleans, also found an average 55% reduction in triglycerides, a different type of fat in the blood that is also linked to an increased risk of cardiovascular disease. "We hope this is a permanent solution, where younger people with severe disease can undergo a 'one and done' gene therapy and have reduced LDL and triglycerides for the rest of their lives," said senior study author Dr. Steven Nissen, chief academic officer of the Sydell and Arnold Miller Family Heart, Vascular & Thoracic Institute at Cleveland Clinic in Ohio.... Today, cardiologists want people with existing heart disease or those born with a predisposition for hard-to-control cholesterol to lower their LDL well below 100, which is the average in the US, said Dr. Pradeep Natarajan, director of preventive cardiology at Massachusetts General Hospital and associate professor of medicine at Harvard Medical School in Boston... People with a nonfunctioning ANGPTL3 gene — which Natarajan says applies to about 1 in 250 people in the US — have lifelong levels of low LDL cholesterol and triglycerides without any apparent negative consequences. They also have exceedingly low or no risk for cardiovascular disease. "It's a naturally occurring mutation that's protective against cardiovascular disease," said Nissen, who holds the Lewis and Patricia Dickey Chair in Cardiovascular Medicine at Cleveland Clinic. "And now that CRISPR is here, we have the ability to change other people's genes so they too can have this protection." "Phase 2 clinical trials will begin soon, quickly followed by Phase 3 trials, which are designed to show the effect of the drug on a larger population, Nissen said." And CNN quotes Nissen as saying "We hope to do all this by the end of next year. We're moving very fast because this is a huge unmet medical need — millions of people have these disorders and many of them are not on treatment or have stopped treatment for whatever reason."

Read more of this story at Slashdot.