FFmpeg, the open source multimedia framework that powers video processing in Google Chrome, Firefox, YouTube and other major platforms, has called on Google to either fund the project or stop burdening its volunteer maintainers with security vulnerabilities found by the company's AI tools. The maintainers patched a bug that Google's AI agent discovered in code for decoding a 1995 video game but described the finding as "CVE slop." The confrontation centered on a Google Project Zero policy announced in July that publicly discloses reported vulnerabilities within a week and starts a ninety-day countdown to full disclosure regardless of patch availability. FFmpeg, written primarily in assembly language, handles format conversion and streaming for VLC, Kodi and Plex but operates without adequate funding from the corporations that depend on it. Nick Wellnhofer resigned as maintainer of libxml2, a library used in all major web browsers, because of the unsustainable workload of addressing security reports without compensation and said he would stop maintaining the project in December.

Read more of this story at Slashdot.

Democratic U.S. Senator Elizabeth Warren is escalating pressure on the defense industry to stop opposing military right-to-repair legislation, as House and Senate negotiators work to finalize the fiscal 2026 National Defense Authorization Act. From a report: In a sharply-worded November 5 letter to the National Defense Industrial Association (NDIA) obtained by Reuters, Warren accused the industry group of attempting to undermine bipartisan efforts to give the Pentagon greater ability to repair weapons and equipment it owns. She called the group's opposition "a dangerous and misguided attempt to protect an unacceptable status quo of giant contractor profiteering." Currently, the government is often required to pay contractors like NDIA members Lockheed Martin, Boeing and RTX to use expensive original equipment and installers to service broken parts, versus having trained military maintainers 3D print spares in the field and install them faster and more cheaply.

Read more of this story at Slashdot.

China has introduced a visa that will allow young foreign researchers in science, technology, engineering and mathematics to move there without having to secure a job first. From a report: Before the introduction of the K visa, most foreign STEM researchers hoping to move to China had to find a job in advance and then apply for a work visa. The Chinese government is making "a serious bid" to attract the world's brightest minds in STEM, says Jeremy Neufeld, the director of immigration policy at the Institute for Progress, a think tank in Washington DC. South Korea, Singapore and several other countries have also launched STEM-oriented visa programmes. The K visa was officially rolled out on 1 October, but Nature understands that applications are yet to open. Few details about eligibility have been released, except that restrictions will apply on the basis of an applicant's age, education and work experience. Foreign researchers who have graduated from 'famous' universities or institutes in China or abroad with a bachelor-or-higher degree in STEM will be eligible to apply. That also includes people who teach or research STEM topics in such organizations.

Read more of this story at Slashdot.

Animal testing in science would be phased out faster under a new plan to increase the use of artificial intelligence and 3D bioprinted human tissues, a UK minister has said. The Guardian: The roadmap unveiled by the science minister, Patrick Vallance, backs replacing certain animal tests that are still used where necessary to determine the safety of products such as life-saving vaccines and the impact pesticides have on living beings and the environment. The strategy says phasing out the use of animals in science can only happen when reliable and effective alternative methods with the same level of safety for human exposure can replace them. The government said new funding for researchers and streamlined regulation would help develop methods such as organ-on-a-chip systems -- tiny devices that mimic how human organs work using real human cells. Greater use of AI to analyse vast amounts of data about molecules and predict whether new medicines will be safe and work well on humans would be deployed, while 3D bioprinted tissues could create realistic human tissue samples, from skin to liver, for testing. Other plans under the strategy include an end to regulatory testing on animals to assess the potential for skin and eye irritation and skin sensitisation by the end of 2026. By 2027, researchers are expected under the strategy to end tests of the strength of botox on mice, while by 2030 pharmacokinetic studies -- which track how a drug moves through the body over time -- on dogs and non-human primates will be reduced.

Read more of this story at Slashdot.

BrianFagioli writes: Mozilla has released Firefox 145.0, and the standout change in this version is the official end of support for 32-bit Linux systems. Users on 32-bit distributions will no longer receive updates and are being encouraged to switch to the 64-bit build to continue getting security patches and new features. While most major Linux distributions have already moved past 32-bit support, this shift will still impact older hardware users and lightweight community projects that have held on to 32-bit for the sake of performance or preservation. The rest of the update introduces features such as built-in PDF comments, improved fingerprinting resistance for private browsing, tab group previews, password management in the sidebar, and minor UI refinements. Firefox also now compresses local translation models with Zstandard to reduce storage needs. But the end of 32-bit Linux support is the change that will leave the biggest mark, signaling another step toward a web ecosystem firmly centered on 64-bit computing.

Read more of this story at Slashdot.

The furious push by AI hyperscalers to build out data centers will need about $1.5 trillion of investment-grade bonds over the next five years and extensive funding from every other corner of the market, according to an analysis by JPMorgan. From a report: "The question is not 'which market will finance the AI-boom?' Rather, the question is 'how will financings be structured to access every capital market?'" according to strategists led by Tarek Hamid. Leveraged finance is primed to provide around $150 billion over the next half decade, they said. Even with funding from the investment-grade and high-yield bond markets, as well as up to $40 billion per year in data-center securitizations, it will still be insufficient to meet demand, the strategists added. Private credit and governments could help cover a remaining $1.4 trillion funding gap, the report estimates. The bank calculates an at least $5 trillion tab that could climb as high as $7 trillion, singlehandedly driving a reacceleration in growth in the bond and syndicated loan markets, the strategists wrote in a report Monday. The analysts project $300 billion in high-grade bonds going toward AI data centers next year. That could account for nearly one fifth of total issuance in that market, which a report from Barclays estimates will grow to $1.6 trillion.

Read more of this story at Slashdot.

The iPad Pro went on sale ten years ago, launching with a 12.9-inch screen that Apple believed would redefine computing through size alone. The company initially resisted making the device a laptop replacement and maintained strict limitations on multitasking, browser capabilities, and app installation. Over the past decade, Apple reversed course. The iPad Pro gained USB-C ports, external drive support, keyboard and trackpad accessories, and an improved Files app. The current M5 model includes OLED screens in 13- and 11-inch sizes. iPadOS 26 added free-form multitasking, a menu bar and the Preview app. The webcam now sits in landscape orientation. Despite these advances, the device remains constrained by App Store-only software installation, The Verge writes, limited system access, and the absence of desktop-class browsers. Apple spent years positioning the iPad as a third category between phones and computers. The hardware and accessories now support full computer functionality, but artificial software limitations remain in place.

Read more of this story at Slashdot.

Apple has launched the iPhone Pocket, a knitted bag designed to hold iPhones. The limited edition collaboration with Japanese designer Issey Miyake costs $229.95 for the crossbody version. A shorter version is priced at $149.95. Apple said the 3D-knitted design was inspired by "a piece of cloth" and was born from the idea of creating an additional pocket for any iPhone and small everyday items. Yoshiyuki Miyamae, design director at Miyake Design Studio, said the product "speaks to the bond between iPhone and its user" and explores "the joy of wearing iPhone in your own way." Steve Jobs mocked similar $29 iPod Socks as "a revolutionary new product" in 2004.

Read more of this story at Slashdot.

Sam Altman's Tools for Humanity has verified around 17.5 million people through its iris-scanning Orb device. The company has set a goal of reaching 1 billion users, so it is less than 2% of the way there. The startup has raised $240 million from investors including Andreessen Horowitz, Bain Capital and Khosla Ventures. PitchBook estimates its valuation at $2.5 billion. The Orb is a volleyball-sized metal sphere that scans irises to generate a World ID. Users can claim tokens of the cryptocurrency Worldcoin, currently worth around 80 cents per coin. Business Insider spoke to former Tools for Humanity employees, a former Orb operator from Kenya, and a former head of operations in Mexico City. Some questioned whether the company had a clear long-term strategy. Nick Maynard, vice president of fintech market research at Juniper Research, said he does not see a killer use case that will drive major traction. The company also continues to face regulatory headwinds. In October, agencies in the Philippines, Colombia and Thailand took action to halt operations. German authorities determined last year that the company's data protection measures would not be sufficient to protect against cybercriminals or state attackers.

Read more of this story at Slashdot.

Samsung is rolling out new conversational AI across its 2025 TVs that lets users ask questions about what's on the screen and beyond it. From a report: First announced in September, the generative AI update is rolling out now with support for several languages. Vision AI Companion is based on an upgraded, generative AI-based version of Samsung's virtual assistant Bixby. Samsung suggests you can use it to ask questions about on-screen content -- what that actor is famous for, who painted that artwork, or what the final score was in a football game. It can go beyond that though, offering TV and movie recommendations along with cooking advice, travel tips, and local restaurant discovery.

Read more of this story at Slashdot.

The UK and China today signed a new bilateral agreement on scientific collaboration [non-paywalled source], narrowing the scope of their partnership to exclude sensitive technologies. Lord Patrick Vallance, Britain's science and technology minister, met his Chinese counterpart Chen Jiachang in Beijing and agreed to focus cooperation on health, climate, planetary sciences, and agriculture. The previous agreement from 2017 had included satellites, remote sensing technology and robotics. Those fields are absent from the new accord. The countries announced no new funding for joint research. Vallance said the UK had "deliberately gone for areas which we think are not carrying such a security risk."

Read more of this story at Slashdot.

Longtime Slashdot reader theodp writes: The UK Department for Education is "replacing its narrowly focused computer science GCSE with a broader, future-facing computing GCSE [General Certificate of Secondary Education] and exploring a new qualification in data science and AI for 16-18-year-olds." The move aims to correct unintended consequences of a shift made more than a decade ago from the existing ICT (Information and Communications Technology) curriculum, which focused on basic digital skills, to a more rigorous Computer Science curriculum at the behest of major tech firms and advocacy groups to address concerns about the UK's programming talent pipeline. The UK pivot from rigorous CS to AI literacy comes as tech-backed nonprofit Code.org leads a similar shift in the U.S., pivoting from its original 2013 mission calling for rigorous CS for U.S. K-12 students to a new mission that embraces AI literacy. Code.org next month will replace its flagship Hour of Code event with a new Hour of AI "designed to bring AI education into the mainstream" with the support of its partners, including Microsoft, Google, and Amazon. Code.org has pledged to engage 25 million learners with the new Hour of AI this school year.

Read more of this story at Slashdot.

China's CO2 emissions have been flat or falling for 18 months, "adding evidence to the hope that the world's biggest polluter has managed to hit its target of peak CO2 emissions well ahead of schedule," reports the Guardian. From the report: Rapid increases in the deployment of solar and wind power generation -- which grew by 46% and 11% respectively in the third quarter of this year -- meant the country's energy sector emissions remained flat, even as the demand for electricity increased. China added 240GW of solar capacity in the first nine months of this year, and 61GW of wind, putting it on track for another renewable record in 2025. Last year, the country installed 333GW of solar power, more than the rest of the world combined. [...] The analysis by the Centre for Research on Energy and Clean Air (Crea), for the science and climate policy website Carbon Brief, found China's CO2 emissions were unchanged from a year earlier in the third quarter of 2025, thanks in part to declining emissions in the travel, cement and steel industries. But China has a record of underpromising and overdelivering on climate targets. Li Shuo, the director of the China Climate Hub at the Asia Society Policy Institute, a US-based thinktank, said in a recent note that the latest Chinese climate targets should be seen as a baseline and not a ceiling.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Gizmodo: It appears that Neom -- Saudi Arabia's hugely expensive, architecturally bizarre urban development project -- is floundering and close to collapse. A new report from the Financial Times cites high-level sources within the project to paint a picture of dysfunction and failure at the heart of the quixotic effort. Neom was envisioned as a vast series of fantastical urban developments spread across the coast of the Red Sea. At the center of the project is The Line -- a proposed 105-mile-long city which developers had initially projected could house as many as 9 million people by the year 2030. The Line is defined by bizarre architectural flourishes that, as the story notes, have seemed impossible even to the execs tasked with making them a reality. One such addition is an upside-down building, dubbed "the chandelier," that is supposed to hang over a "gateway" marina to the city: "As architects worked through the plans, the chandelier began to seem implausible. One recalled warning Tarek Qaddumi, The Line's executive director, of the difficulty of suspending a 30-story building upside down from a bridge hundreds of metres in the air. 'You do realize the earth is spinning? And that tall towers sway?' he said. The chandelier, the architect explained, could 'start to move like a pendulum,' then 'pick up speed,' and eventually 'break off,' crashing into the marina below." Yes, that doesn't sound great. Now, according to those sources the FT talked to, the project is looking more and more like a hugely expensive pipe dream that will never come to pass: "Today, with at least $50 billion spent, the desert is pock-marked with piling, and deep trenches stretch across the landscape. But Prince Mohammed, who chairs Neom, has dramatically scaled back the first phase of the plans. Neom told the FT that The Line remained 'a strategic priority' that would ultimately 'provide a new blueprint for humanity by changing the way people live.' But they described it as a 'multi-generational development of unprecedented scale and complexity.'" The outlet interviewed workers on the project who seem to feel that it's only a matter of time before the project is declared DOA: "While Neom employees say that much of The Line might still be technically buildable, they are not convinced anyone is ready to pay for it. Construction work across Neom has slowed, with the desert ski resort Trojena, the intended venue for the 2029 Asian Winter Games, one of the few sites still moving ahead at pace ... one former employee has said that everyone knows the project won't work; it is now just a matter of letting MBS down gently." Chief among the project's problems is the fact that, as Neom's bizarre developments have failed to materialize, it has become increasingly difficult to encourage investors to put up money for the absurdly expensive project. FT notes: "Senior executives were constantly asking for more money, but The Line was competing with other Neom projects. Some wealthy Saudi families put modest sums into the project, but the large investments Riyadh hoped to lure from foreign backers never materialized." The lack of adequate funding coming in has led a senior construction manager to tell FT that he feels the Line will never be built.

Read more of this story at Slashdot.

Slashdot reader alternative_right shares an exclusive BBC interview with Vyacheslav "Tank" Penchukov, once a top-tier cyber-crime boss behind Jabber Zeus, IcedID, and major ransomware campaigns. His story traces the evolution of modern cybercrime from early bank-theft malware to today's lucrative ransomware ecosystem, marked by shifting alliances, Russian security-service ties, and the paranoia that ultimately consumes career hackers. Here's an excerpt from the report: In the late 2000s, he and the infamous Jabber Zeus crew used revolutionary cyber-crime tech to steal directly from the bank accounts of small businesses, local authorities and even charities. Victims saw their savings wiped out and balance sheets upended. In the UK alone, there were more than 600 victims, who lost more than $5.2 million in just three months. Between 2018 and 2022, Penchukov set his sights higher, joining the thriving ransomware ecosystem with gangs that targeted international corporations and even a hospital. [...] Penchukov says he did not think about the victims, and he does not seem to do so much now, either. The only sign of remorse in our conversation was when he talked about a ransomware attack on a disabled children's charity. His only real regret seems to be that he became too trusting with his fellow hackers, which ultimately led to him and many other criminals being caught. "You can't make friends in cyber-crime, because the next day, your friends will be arrested and they will become an informant," he says. "Paranoia is a constant friend of hackers," he says. But success leads to mistakes. "If you do cyber-crime long enough you lose your edge," he says, wistfully.

Read more of this story at Slashdot.

The European Commission is considering turning its non-binding 2020 guidance on "high-risk vendors" into a legal requirement that would effectively force EU member states to phase out Huawei and ZTE from mobile and fixed-line networks. Bloomberg reports: Commission Vice President Henna Virkkunen wants to convert the European Commission's 2020 recommendation to stop using high-risk vendors in mobile networks into a legal requirement, according to the people, who asked not to be identified because the negotiations are private. While infrastructure decisions rest with national governments, Virkkunen's proposal would compel EU countries to align with the commission's security guidance. The EU is increasingly focused on the risks posed by Chinese telecom equipment makers as trade and political ties with its second-largest trading partner fray. The concern is that handing over control of critical national infrastructure to companies with such close ties to Beijing could compromise national security interests. Virkkunen is examining ways to limit the use of Chinese equipment suppliers in fixed-line networks, as countries push for the rapid deployment of state-of-the-art fiber cables to expand high-speed internet access. The commission is also considering measures to dissuade non-EU countries from relying on Chinese vendors, including by withholding Global Gateway funding from nations that use the grants for projects involving Huawei equipment, according to the people.

Read more of this story at Slashdot.

Linux kernel developers are moving toward enabling Microsoft C Extensions (-fms-extensions) by default in Linux 6.19, with Linus Torvalds signaling no objection. While some dislike relying on Microsoft-style behavior, the patches in kbuild-next suggest the project is ready to "bite the bullet" and adopt the extensions system-wide. Phoronix reports: Rasmus Villemoes argued with Kbuild: enable -fms-extensions that would allow for "prettier code" and others have noted in the past the potential for saving stack space and all around being beneficial in being able to leverage the Microsoft C behavior: "Once in a while, it turns out that enabling -fms-extensions could allow some slightly prettier code. But every time it has come up, the code that had to be used instead has been deemed 'not too awful' and not worth introducing another compiler flag for. That's probably true for each individual case, but then it's somewhat of a chicken/egg situation. If we just 'bite the bullet' as Linus says and enable it once and for all, it is available whenever a use case turns up, and no individual case has to justify it..." The second patch is kbuild: Add '-fms-extensions' to areas with dedicated CFLAGS to ensure -fms-extensions is passed for the CPU architectures that rely on their own CFLAGS being set rather than the main KBUILD_CFLAGS. Linus Torvalds chimed in on the prior mailing list discussion and doesn't appear to be against enabling -fms-extensions beginning with the Linux 6.19 kernel.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Reuters: Privacy activists say proposed changes to Europe's landmark privacy law, including making it easier for Big Tech to harvest Europeans' personal data for AI training, would flout EU case law and gut the legislation. The changes proposed by the European Commission are part of a drive to simplify a slew of laws adopted in recent years on technology, environmental and financial issues which have in turn faced pushback from companies and the U.S. government. EU antitrust chief Henna Virkkunen will present the Digital Omnibus, in effect proposals to cut red tape and overlapping legislation such as the General Data Protection Regulation, the Artificial Intelligence Act, the e-Privacy Directive and the Data Act, on November 19. According to the plans, Google, Meta Platforms, OpenAI and other tech companies may be allowed to use Europeans' personal data to train their AI models based on legitimate interest. In addition, companies may be exempted from the ban on processing special categories of personal data "in order not to disproportionately hinder the development and operation of AI and taking into account the capabilities of the controller to identify and remove special categories of personal data." [...] The proposals would need to be thrashed out with EU countries and European Parliament in the coming months before they can be implemented. "The draft Digital Omnibus proposes countless changes to many different articles of the GDPR. In combination this amounts to a death by a thousand cuts," Austrian privacy group noyb said in a statement. "This would be a massive downgrading of Europeans' privacy 10 years after the GDPR was adopted," noyb's Max Schrems said. "These proposals would change how the EU protects what happens inside your phone, computer and connected devices," European Digital Rights policy advisor Itxaso Dominguez de Olazabal wrote in a LinkedIn post. "That means access to your device could rely on legitimate interest or broad exemptions like security, fraud detection or audience measurement," she said.

Read more of this story at Slashdot.

The PDF Association is adding JPEG XL (JXL) support to the PDF specification, giving the advanced image format a new path to relevance despite Google's decision to declare it obsolete and remove it from Chromium. The Register reports: Peter Wyatt, CTO of the PDF Association, said: "We need to adopt a new image [format] that can support HDR [High Dynamic Range] content ... we have picked JPEG XL as our preferred solution." Wyatt also praised other benefits of JXL including wide gamut images, ultra-high resolution support for images with more than 1 billion pixels, and up to 4099 channels with up to 32 bits per channel. The association is responsible for developing PDF specifications and standards and manages the ISO committee for PDF. JPEG XL is an advanced image format that was designed to be both more efficient and richer in features than JPEG. It was based on a combination of the Free Lossless Image Format (FLIF) from Cloudinary and a Google project called PIK, first released in late 2020, and fully standardized in October 2021 as ISO/IEC 18181. There is a reference implementation called libjxl. A second edition of the ISO standard was published in 2024. JXL appeared to have wide industry support, including experimental implementation in Chrome and Chromium, until it was killed by Google in October 2022 and removed from its web browser engine. The company stated that "there is not enough interest from the entire ecosystem to continue experimenting with JPEG XL." Many in the community disagreed with the decision, including FLIF inventor Jon Sneyers, who perceived it as the outcome of an internal battle between proponents of JXL and a rival format, AVIF. "AVIF proponents within Chrome are essentially being prosecutor, judge and executioner at the same time," he said.

Read more of this story at Slashdot.

Meta is retiring Facebook's external Like and Share buttons for third-party websites on February 10, 2026, officially closing the book on a once-dominant traffic driver as usage declines and Facebook's role within Meta continues to shrink.Engadget reports: The blog post from Meta explains that site admins shouldn't have to take any additional steps as a result of the change, although they can choose to remove the plugins before the discontinue date. Any remaining plugins will "gracefully degrade," which sounds much more dramatic than what will actually happen, which is that they'll render as a 0x0 invisible element.

Read more of this story at Slashdot.