"People are creating 'dumb homes,'" the VP of research at the Global Wellness Institute, tells the web site Axios. Some are swapping NASA-style setups for old-fashioned buttons, switches and knobs. Others are designing digital detox corners — all part of a bigger "analog wellness" movement... The return to analog hobbies and spacesis about more than nostalgia for pre-internet times, researchers say. A home where "technology is always in the background, working and listening, feels anxiety-producing" instead of restorative, architect Yan M. Wang tells Axios... Design media brand Dwell named the decline of smart homes a top trend for 2025 and beyond. Wealthy Los Angeles house hunters have started shunning WiFi-enabled, voice-activated appliances "to escape the $100 billion home-automation industry," according to the Hollywood Reporter. Meanwhile, landlines have found new fans — many of them parents who want to keep their kids off screens, the Washington Post reports.

Read more of this story at Slashdot.

"It's been hard for me to understand why Atlas exists," writes MIT Technology Review. " Who is this browser for, exactly? Who is its customer? And the answer I have come to there is that Atlas is for OpenAI. The real customer, the true end user of Atlas, is not the person browsing websites, it is the company collecting data about what and how that person is browsing." New York Magazine's "Intelligencer" column argues OpenAI wants ChatGPT in your browser because "That's where people who use computers, particularly for work, spend all their time, and through which vast quantities of valuable information flow in and out. Also, if you're a company hoping to train your models to replicate a bunch of white-collar work, millions of browser sessions would be a pretty valuable source of data." Unfortunately, warns Fast Company, ChatGPT Atlas, Perplexity Comet, and other AI browses "include some major security, privacy, and usability trade-offs... Most of the time, I don't want to use them and am wary of doing so..." Worst of all, these browsers are security minefields. A web page that looks benign to humans can includehidden instructions for AI agents, tricking them into stealing info from other sites... "If you're signed into sensitive accounts like your bank or your email provider in your browser, simply summarizing a Reddit postcould result in an attacker being able to steal money or your private data,"Brave's security researchers wrotelast week.No one has figured out how to solve this problem. If you can look past the security nightmares, the actual browsing features are substandard. Neither ChatGPT Atlas nor Perplexity Comet support vertical tabs — a must-have feature for me — and they have no tab search tool or way to look up recently-closed pages. Atlas also doesn't support saving sites as web apps, selecting multiple tabs (for instance, to close all at once with Cmd+W), or customizing the appearance. Compared to all the fancy new AI features, the web browsing part can feel like an afterthought. Regular web search can also be a hassle, even though you'll probably need it sometimes. When I typed "Sichuan Chili" into ChatGPT Atlas, it produced a lengthy description of the Chinese peppers, not the nearby restaurant whose website and number I was looking for.... Meanwhile, the standard AI annoyances still apply in the browser. Getting Perplexity to fill my grocery cart felt like a triumph, but on other occasions the AI has run into inexplicable walls and only ended up wasting more time. There may be other costs to using these browsers as well. AI still has usage limits, and so all this eventually becomes a ploy to bump more people into paid tiers. Beyond that,Atlas is constantly analyzing the pages you visit to build a "memory" of who you are and what you're into. Do not be surprised if this translates to deeply targeted ads as OpenAI startslooking at ways to monetize free users. For now, I'm only using AI browsers in small doses when I think they can solve a specific problem. Even then, I'm not going sign them into my email, bank accounts, or any other accounts for which a security breach would be catastrophic. It's too bad, because email and calendars are areas where AI agents could be truly useful, but the security risks are too great (andwell-documented). The article notes that in August Vivaldi announced that "We're taking a stand, choosing humans over hype" with their browser: We will not use an LLM to add a chatbot, a summarization solution or a suggestion engine to fill up forms for you, until more rigorous ways to do those things are available. Vivaldi is the haven for people who still want to explore. We will continue building a browser for curious minds, power users, researchers, and anyone who values autonomy. If AI contributes to that goal without stealing intellectual property, compromising privacy or the open web, we will use it. If it turns people into passive consumers, we will not... We're fighting for a better web.

Read more of this story at Slashdot.

CBS News investigates what happened when police thought they'd tracked down a "porch pirate" who'd stolen a package — and accused an innocent woman. "You know why I'm here," the police sergeant tells Chrisanna Elser. "You know we have cameras in that town..." "It went right into, 'we have video of you stealing a package,'" Elser said... "Can I see the video?" Elser asked. "If you go to court, you can," the officer replied. "If you're going to deny it, I'm not going to extend you any courtesy...." [You can watch a video of the entire confrontation.] On her doorstep, the officer issued a summons, without ever looking at the surveillance video Elser had. "We can show you exactly where we were," she told him. "I already know where you were," he replied. Her Rivian — equipped with multiple cameras — had recorded her entire route that day... It took weeks of her collecting her own evidence, building timelines, and submitting videos before someone listened. Finally, she received an email from the Columbine Valley police chief acknowledging her efforts in an email saying, "nicely done btw (by the way)," and informing her the summons would not be filed. Elser also found the theft video (which the police officer refused to show her) on Nextdoor, reports Electrek. "The woman has the same color hair, but different facial and nose shape and apparent age than Elser, which is all reasonably apparent when viewing the video..." But Elser does drive a green Rivian truck, which police knew had entered the neighborhood 20 times over the course of a month. (Though in the video the officer is told that a male driver in the same household passes through that neighborhood driving to and from work.) The problem may be their certainty — derived from Flock's network of cameras that automatically read license plates, "tracking movements of vehicles wherever they go..." The system has provoked concern from privacy and freedom focused organizations like the Electronic Frontier Foundation and American Civil Liberties Union. Flock also recently announced a partnership with Ring, seeking to use a network of doorbell cameras to track Americans in even more places.... [The police] didn't even have video of the truck in the area — merely tags of it entering... (it also left the area minutes later, indicating a drive through, rather than crawling through neighborhoods looking for packages — but police neglected to check the exit timestamps)... Elser has asked for an apology for [officer] Milliman's aggressive behavior during the encounter, but has heard nothing back from the department despite a call, email, and physical appearance at the police station. The article points out that Rivian's "Road Cam" feature can be set to record footage of everything happening around it using the car's built in cameras for driver-assist features. But if you want to record footage all the time, you'll need to plug in a USB-C external drive to store it. (It's ironic how different cameras recorded every part of this story — the theft, the police officer accusing the innocent woman, and that innocent woman's actual whereabouts.) Electrek's take? "Citizens should not need to own a $70k+ truck, or even a $100 external hard drive, to keep track of everything they do in order to prove to power-tripping officers that they didn't commit a crime."

Read more of this story at Slashdot.

Millions will set their clocks back an hour tonight for Daylight Saving Time — only to set them forward an hour six months later. But does anyone like doing this, asks Yahoo News: A recent AP-NORC poll found that about half of the American public, 47%, oppose the current daylight saving time system, compared to 40% who neither favor nor oppose the current practice, while 12% favor the current system, which involves most states switching their clocks twice a year. Of those polled, 56% would prefer to have daylight saving time year-round, meaning less light in the morning for a tradeoff of more light in the evening. While 42% of Americans said they would prefer to have standard time year-round, which means more light in the morning and less light in the evening. And 12% of Americans prefer switching between standard time and daylight saving time. Sleep doctors would prefer we switch to standard time permanently. "The U.S. should eliminate seasonal time changes in favor of a national, fixed, year-round time," the American Academy of Sleep Medicine said in a statement published in the Journal of Clinical Sleep Medicine last year. "Current evidence best supports the adoption of year-round standard time, which aligns best with human circadian biology and provides distinct benefits for public health and safety."

Read more of this story at Slashdot.

"We've spent the last year rebuilding major components of our system," Cloudflare announced this week, "and we've just slashed the latency of traffic passing through our network for millions of our customers," (There's a 10ms cut in the median time to respond, plus a 25% performance boost as measured by CDN performance tests.) They replaced a 15-year-old system named FL (where they run security and performance features), and "At the same time, we've made our system more secure, and we've reduced the time it takes for us to build and release new products." And yes, Rust was involved: We write a lot of Rust, and we've gotten pretty good at it... We built FL2 in Rust, on Oxy [Cloudflare's Rust-based next generation proxy framework], and built a strict module framework to structure all the logic in FL2... Built in Rust, [Oxy] eliminates entire classes of bugs that plagued our Nginx/LuaJIT-based FL1, like memory safety issues and data races, while delivering C-level performance. At Cloudflare's scale, those guarantees aren't nice-to-haves, they're essential. Every microsecond saved per request translates into tangible improvements in user experience, and every crash or edge case avoided keeps the Internet running smoothly. Rust's strict compile-time guarantees also pair perfectly with FL2's modular architecture, where we enforce clear contracts between product modules and their inputs and outputs... It's a big enough distraction from shipping products to customers to rebuild product logic in Rust. Asking all our teams to maintain two versions of their product logic, and reimplement every change a second time until we finished our migration was too much. So, we implemented a layer in our old NGINX and OpenResty based FL which allowed the new modules to be run. Instead of maintaining a parallel implementation, teams could implement their logic in Rust, and replace their old Lua logic with that, without waiting for the full replacement of the old system. Over 100 engineers worked on FL2 — and there was extensive testing, plus a fallback-to-FL1 procedure. But "We started running customer traffic through FL2 early in 2025, and have been progressively increasing the amount of traffic served throughout the year...." As we described at the start of this post, FL2 is substantially faster than FL1. The biggest reason for this is simply that FL2 performs less work [thanks to filters controlling whether modules need to run]... Another huge reason for better performance is that FL2 is a single codebase, implemented in a performance focussed language. In comparison, FL1 was based on NGINX (which is written in C), combined with LuaJIT (Lua, and C interface layers), and also contained plenty of Rust modules. In FL1, we spent a lot of time and memory converting data from the representation needed by one language, to the representation needed by another. As a result, our internal measures show that FL2 uses less than half the CPU of FL1, and much less than half the memory. That's a huge bonus — we can spend the CPU on delivering more and more features for our customers! Using our own tools and independent benchmarks like CDNPerf, we measured the impact of FL2 as we rolled it out across the network. The results are clear: websites are responding 10 ms faster at the median, a 25% performance boost. FL2 is also more secure by design than FL1. No software system is perfect, but the Rust language brings us huge benefits over LuaJIT. Rust has strong compile-time memory checks and a type system that avoids large classes of errors. Combine that with our rigid module system, and we can make most changes with high confidence... We have long followed a policy that any unexplained crash of our systems needs to be investigated as a high priority. We won't be relaxing that policy, though the main cause of novel crashes in FL2 so far has been due to hardware failure. The massively reduced rates of such crashes will give us time to do a good job of such investigations. We're spending the rest of 2025 completing the migration from FL1 to FL2, and will turn off FL1 in early 2026. We're already seeing the benefits in terms of customer performance and speed of development, and we're looking forward to giving these to all our customers. After that, when everything is modular, in Rust and tested and scaled, we can really start to optimize...! Thanks to long-time Slashdot reader Beeftopia for sharing the article.

Read more of this story at Slashdot.

The Wall Street Journal looks at swarm robotics, where no single robot is in charge, robots interact only with nearby robots — and the swarm accomplishes complex tasks through simple interactions. "Researchers say this approach could excel where traditional robots fail, like situations where central control is impractical or impossible due to distance, scale or communication barriers." For instance, a swarm of drones might one day monitor vast areas to detect early-stage wildfires that current monitoring systems sometimes miss... A human operator might set parameters like where to search, but the drones would independently share information like which areas have been searched, adjust search patterns based on wind and other weather data from other drones in the swarm, and converge for more complete coverage of a particular area when one detects smoke. In another potential application, a swarm of robots could make deliveries across wide areas more efficient by alerting each other to changing traffic conditions or redistributing packages among themselves if one breaks down. Robot swarms could also manage agricultural operations in places without reliable internet service. And disaster-response teams see potential for swarms in hurricane and tsunami zones where communication infrastructure has been destroyed. At the microscopic scale, researchers are developing tiny robots that could work together to navigate the human body to deliver medication or clear blockages without surgery... In recent demonstrations, teams of tiny magnetic robots — each about the size of a grain of sand — cleared blockages in artificial blood vessels by forming chains to push through the obstructions. The robots navigate individually through blood vessels to reach a clog, guided by doctors or technicians using magnetic fields to steer them, says researcher J.J. Wie, a professor of organic and nano engineering at Hanyang University in South Korea. When they reach an obstruction, the robots coordinate with each other to team up and break through. Wie's group is developing versions of these robots that biodegrade after use, eliminating the need for surgical removal, and coatings that make the robots compatible with human tissue. And while robots the size of sand grains work for some applications, Wie says that they will need to be shrunk to nano scale to cross biological barriers, such as cell membranes, or bind to specific molecular targets, like surface proteins or receptors on cancer cells. Some researchers are even exploring emergent intelligence — "when simple machines, following only a few local cues, begin to organize and act as if they share a mind...beyond human-designed coordination." Thanks to long-time Slashdot reader fjo3 for sharing the article.

Read more of this story at Slashdot.

All-solid-state batteries (ASSBs) "are widely viewed as the 'holy grail' of EV battery tech," writes Electrek, "promising to double driving range, halve charging times, and reduce costs." Toyota hopes to launch its first production EV powered by the batteries in 2027 or 2028, and Mercedes-Benz and Volkswagen are also testing the technology. But now Samsung SDI is teaming up with BMW and US-based battery company Solid Power for their own effort at commercializing all-solid-state EV batteries "in what's expected to be a trilateral powerhouse." BMW and Solid Power have been working together to develop the next-gen battery tech since 2022... Under the new agreement signed this week, Samsung will supply all-solid-state battery cells. Samsung will use Solid Power's Sulfide-Based Solid Electrolyte solution, while BMW will develop the battery pack and modules. The strategic alliance aims to take the lead in commercializing all-solid-state batteries (ASSBs). Together, they've created a real-world system for producing ASSB cells, pooling their expertise in batteries, automaking, and materials to bring it closer to mass production. Solid Power's electrolyte solution is designed for stability and maximum conductivity. By teaming up with BMW and Samsung SDI, the company said it aims to bring all-solid-state batteries closer to widespread adoption. "By pooling resources, BMW, Samsung SDI, and Solid Power have a real shot..." argues Electrek.

Read more of this story at Slashdot.

"A nearby galaxy once thought to be dominated by dark matter seems to have a surprise supermassive black hole at its centre," reports New Scientist. Yet scientists "are convinced dark matter is out there," writes Space.com. "The quest to detect it arguably remains both one of the most frustrating and most exhilarating challenges in modern physics." And now they report that the century-old mystery of dark matter — the invisible glue thought to hold galaxies together — "just got a modern clue." Scientists say they may be one step closer to confirming the existence of this elusive material, thanks to new simulations suggesting that a faint glow at the center of the Milky Way could be dark matter's long-sought signature. "It's very hard to actually prove, but it does seem likely," Moorits Muru of the Leibniz Institute for Astrophysics Potsdam in Germany, who led the new study, told Space.com... The findings, show that dark matter near the Milky Way's center might not form a perfect sphere as scientists long thought. Instead, it appears flattened, almost egg-shaped, and that shape closely mirrors the pattern of mysterious gamma rays observed by NASA's Fermi Gamma-ray Space Telescope... Using powerful supercomputers, [the researchers] recreated how the Milky Way formed, including billions of years of violent collisions and mergers with smaller galaxies. Those violent events, the researchers found, left deep "fingerprints" on the way dark matter is distributed in the galactic core.... matching the pattern of gamma-ray emission Fermi has observed, the new study reports... If the excess truly arises from dark matter collisions, it would mark the first indirect evidence that weakly interacting massive particles [WIMPs], a leading dark matter candidate, really exist... "We have run dozens of direct detection experiments around the globe hunting for WIMPS," notes Phys.org, in an article titled "The Empty Search for Dark Matter." We have run dozens of direct detection experiments around the globe hunting for WIMPS — dark matter particles in this particular mass range. And they're not all the same kind of experiments. There are also the scintillators, which use a giant vat of liquefied noble gas, like several tons of xenon. They wait for a dark matter particle to strike the xenon and cause it to scintillate, which is a fancy science word for "sparkle." We see the sparkle; we detect dark matter... They're just one example of a broader class of dark matter candidates, with delightful names like Q-balls, WIMPzillas, and sterile neutrinos. We've tuned our different experiments to capture different mass ranges or interaction strengths to cover as much of that wide dark matter spectrum as possible. We've even tried to manufacture various kinds of dark matter in our particle collider experiments. And we've found nothing.

Read more of this story at Slashdot.

Slashdot reader BrianFagioli writes: Password manager 1Password's 2025 Annual Report: The Access-Trust Gap exposes how everyday employees are becoming accidental hackers in the AI era. The company's data shows that 73% of workers are encouraged to use AI tools, yet more than a third admit they do not always follow corporate policies. Many employees are feeding sensitive information into large language models or using unapproved AI apps to get work done, creating what 1Password calls "Shadow AI." At the same time, traditional defenses like single sign-on (SSO) and mobile device management (MDM) are failing to keep pace, leaving gaps in visibility and control. The report warns that corporate security is being undermined from within. More than half of employees have installed software without IT approval, two-thirds still use weak passwords, and 38% have accessed accounts at previous employers. Despite rising enthusiasm for passkeys and passwordless authentication, 1Password says most organizations still depend on outdated systems that were never built for cloud-native, AI-driven work. The result is a growing "Access-Trust Gap" that could allow AI chaos and employee shortcuts to dismantle enterprise security from the inside.

Read more of this story at Slashdot.

An anonymous reader shared this report from CNN: [C]iting delays in Starship's development and competitive pressure from China, NASA asked SpaceX and Blue Origin — which holds a separate lunar lander contract with the space agency — to submit plans to expedite development of their respective spacecraft by October 29. Both companies have responded. But the space agency is also asking the broader commercial space industry to detail how they might get the job done more quickly, hinting that NASA leadership is prepared to sideline its current partners. CNN spoke with half a dozen companies about how they plan to respond to NASA's call to action, which the agency will formally issue once the government shutdown ends, according to a source familiar with the matter. One possibility is Lockheed Martin... Notably, as a legacy NASA contractor, the company built the $20.4 billion Orion spacecraft that astronauts will ride when they take off from Earth... Now, Lockheed says it can piece together a two-stage lunar lander that uses spare parts harvested from Orion. The company would make use of Space Shuttle-era OMS-E engines — which are also used on Orion — to serve as the propulsion for an "ascent stage" of the lunar lander, providing the thrust for the vehicle to lift off the moon after a mission is completed. But the vehicle also needs a descent stage to get down to the lunar surface in the first place... Other commercial space companies contacted by CNN — including Firefly Aerospace and Northrop Grumman — said simply that they were "ready to support" NASA in its endeavor to find a faster way to complete the Artemis III mission. They did not confirm whether they would formally respond to the space agency's anticipated request for companies to submit proposals. The more important goal, argue some experts, is to pave the way for a permanent lunar base where astronauts can live and work... [P]erhaps the true winner will be the country that is able to build lasting infrastructure, experts say. "It makes great press fodder to frame this as competition," said one space policy source, who was among several that spoke to CNN on the condition of anonymity to discuss controversial issues. "But this is about the long game and the sustainability."

Read more of this story at Slashdot.

An anonymous reader shared this report from NPR: It's known as the "Dueling Dinosaurs" fossil: A triceratops and a tyrannosaur, skeletons entangled, locked in apparent combat right up until the moment of their mutual demise... That discovery in 2006 now appears to have overturned decades of dinosaur dogma about Tyrannosaurus rex, the fearsome giant long thought to be the sole top predator stalking the late Cretaceous. In a paper in the journal Nature, paleontologists Lindsay Zanno and James Napoli conclude that some of the bones from that specimen belong not to a teenage T. rex, but to a fully grown individual of a different tyrannosaur species — Nanotyrannus lancensis.... One of the first of those red flags in the new specimen was the arm bones. They looked completely different than T. rex's puny appendages... "These are powerful arms with large claws, large hands. They were using them for prey capture." Contrast that with T. rex, "an animal that's a mouth on legs." There were additional clues. The animal had fewer tail vertebrae and more teeth than T. rex. Zanno and Napoli considered other lines of evidence. They created 3D models of numerous purported T. rexes against which they compared their specimen. They looked at the growth stages of the cranial nerves and sinuses of close living relatives of dinosaurs, features that were visible in the fossilized skeleton. "But maybe the most important and damning thing that we did was we were able to figure out that our animal is not a juvenile at all," she says. This conclusion was based on slicing through the fossil's limb bones to examine the growth rings. That work demonstrated that this animal was mature and done growing when it died around the age of 20. "That means it's half the size and a tenth of the mass of a full grown Tyrannosaurus rex," says Zanno... In addition, while making models of all those other alleged T. rex skeletons, Zanno says they identified another new species of tyrannosaur, one they're calling Nanotyrannus lethaeus... "It tells us that these end-Cretaceous ecosystems right before the asteroid hit were flourishing," says Zanno. "They had an abundance of different predators. And refutes this idea that dinosaurs were in decline before the asteroid struck."

Read more of this story at Slashdot.

Ubuntu "is adopting the memory-safe Rust language," reports ZDNet, citing remarks at this year's Ubuntu Summit from Jon Seager, Canonical's VP of engineering for Ubuntu: . Seager said the engineering team is focused on replacing key system components with Rust-based alternatives to enhance safety and resilience, starting with Ubuntu 25.10. He stressed that resilience and memory safety, not just performance, are the principal drivers: "It's the enhanced resilience and safety that is more easily achieved with Rust ports that are most attractive to me". This move is echoed in Ubuntu's adoption of sudo-rs, the Rust implementation of sudo, with fallback and opt-out mechanisms for users who want to use the old-school sudo command. In addition to sudo-rs, Ubuntu 26.04 will use the Rust-based uutils/coreutils for Linux's default core utilities. This setup includes ls, cp, mv, and dozens of other basic Unix command-line tools. This Rust reimplementation aims for functional parity with GNU coreutils, with improved safety and maintainability. On the desktop front, Ubuntu 26.04 will also bring seamless TPM-backed full disk encryption. If this approach reminds you of Windows BitLocker or MacOS FileVault, it should. That's the idea. In other news, Canonical CEO Mark Shuttleworth said "I'm a believer in the potential of Linux to deliver a desktop that could have wider and universal appeal." (Although he also thinks "the open-source community needs to understand that building desktops for people who aren't engineers is different. We need to understand that the 'simple and just works' is also really important.") Shuttleworth answered questions from Slashdot's readers in 2005 and 2012.

Read more of this story at Slashdot.

Slashdot reader joshuark shares this report from SFGate: The mystery object that struck a plane at 36,000 feet is likely not space debris, as some speculated, but rather a Silicon Valley test project gone wrong... WindBorne Systems, a Palo Alto startup that uses atmospheric balloons to collect weather data for AI-based forecast models,has come forward to say that they believe they may be responsible for the object that hit the windshield... "At 6am PT, we sent our preliminary investigation to both NTSB and FAA, and are working with both of them to investigate further," [WindBorne's CEO John Dean posted on social media...] WindBorne said the company has launched more than 4,000 balloons and that it coordinates with the Federal Aviation Administration for every launch. WindBorne "has conducted more than 4,000 launches," the company said in a statement, noting that they've always coordinated those launched with America's Federal Aviation Administration and filed aviation alerts for every launched balloon. Plus "The system is designed to be safe in the event of a midair collision... Our balloon is 2.4 pounds at launch and gets lighter throughout flight." We are working closely with the FAA on this matter. We immediately rolled out changes to minimize time spent between 30,000 and 40,000 feet. These changes are already live with immediate effect. Additionally, we are further accelerating our plans to use live flight data to autonomously avoid planes, even if the planes are at a non-standard altitude. We are also actively working on new hardware designs to further reduce impact force magnitude and concentration.

Read more of this story at Slashdot.

The address bar/ChatGPT input window in OpenAI's browser ChatGPT Atlas "could be targeted for prompt injection using malicious instructions disguised as links," reports SC World, citing a report from AI/agent security platform NeuralTrust: NeuralTrust found that a malformed URL could be crafted to include a prompt that is treated as plain text by the browser, passing the prompt on to the LLM. A malformation, such as an extra space after the first slash following "https:" prevents the browser from recognizing the link as a website to visit. Rather than triggering a web search, as is common when plain text is submitted to a browser's address bar, ChatGPT Atlas treats plain text as ChatGPT prompts by default. An unsuspecting user could potentially be tricked into copying and pasting a malformed link, believing they will be sent to a legitimate webpage. An attacker could plant the link behind a "copy link" button so that the user might not notice the suspicious text at the end of the link until after it is pasted and submitted. These prompt injections could potentially be used to instruct ChatGPT to open a new tab to a malicious website such as a phishing site, or to tell ChatGPT to take harmful actions in the user's integrated applications or logged-in sites like Google Drive, NeuralTrust said. Last month browser security platform LayerX also described how malicious prompts could be hidden in URLs (as a parameter) for Perplexity's browser Comet. And last week SquareX Labs demonstrated that a malicious browser extension could spoof Comet's AI sidebar feature and have since replicated the proof-of-concept (PoC) attack on Atlas. But another new vulnerability in ChatGPT Atlas "could allow malicious actors to inject nefarious instructions into the artificial intelligence (AI)-powered assistant's memory and run arbitrary code," reports The Hacker News, citing a report from browser security platform LayerX: "This exploit can allow attackers to infect systems with malicious code, grant themselves access privileges, or deploy malware," LayerX Security Co-Founder and CEO, Or Eshed, said in a report shared with The Hacker News. The attack, at its core, leverages a cross-site request forgery (CSRF) flaw that could be exploited to inject malicious instructions into ChatGPT's persistent memory. The corrupted memory can then persist across devices and sessions, permitting an attacker to conduct various actions, including seizing control of a user's account, browser, or connected systems, when a logged-in user attempts to use ChatGPT for legitimate purposes.... "What makes this exploit uniquely dangerous is that it targets the AI's persistent memory, not just the browser session," Michelle Levy, head of security research at LayerX Security, said. "By chaining a standard CSRF to a memory write, an attacker can invisibly plant instructions that survive across devices, sessions, and even different browsers. In our tests, once ChatGPT's memory was tainted, subsequent 'normal' prompts could trigger code fetches, privilege escalations, or data exfiltration without tripping meaningful safeguards...." LayerX said the problem is exacerbated by ChatGPT Atlas' lack of robust anti-phishing controls, the browser security company said, adding it leaves users up to 90% more exposed than traditional browsers like Google Chrome or Microsoft Edge. In tests against over 100 in-the-wild web vulnerabilities and phishing attacks, Edge managed to stop 53% of them, followed by Google Chrome at 47% and Dia at 46%. In contrast, Perplexity's Comet and ChatGPT Atlas stopped only 7% and 5.8% of malicious web pages. From The Conversation: Sandboxing is a security approach designed to keep websites isolated and prevent malicious code from accessing data from other tabs. The modern web depends on this separation. But in Atlas, the AI agent isn't malicious code — it's a trusted user with permission to see and act across all sites. This undermines the core principle of browser isolation. Thanks to Slashdot reader spatwei for suggesting the topic.

Read more of this story at Slashdot.

"Traditionally, exploring the interior of atomic nuclei requires enormous particle accelerators that stretch for kilometers and propel beams of electrons at extremely high speeds," writes SciTechDaily. But MIT physicists have unveiled a groundbreaking alternative that "used the atom's own electrons as probes to momentarily enter the nucleus..." In research published in Science, a team of MIT physicists achieved exceptionally precise measurements of the energy of electrons orbiting a radium atom that had been chemically bonded with a fluoride atom to form radium monofluoride. By studying these molecules, the researchers created a kind of miniature particle collider. Within this environment, the electrons surrounding the radium atom were confined closely enough to occasionally slip into the nucleus before returning to their usual orbits... When those electrons returned to their outer paths, they retained the altered energy, effectively carrying a "message" from within the nucleus that could be decoded to reveal its internal arrangement... [The researchers] trapped and cooled the molecules and sent them through a system of vacuum chambers, into which they also sent lasers, which interacted with the molecules. In this way, the researchers were able to precisely measure the energies of electrons inside each molecule. When the researchers analyzed their measurements, they noticed that the electrons carried slightly different energies than expected if they had remained outside the nucleus. The difference was incredibly small, only about one millionth of the energy of the laser photon used to excite the molecules, but it was clear evidence that the electrons had entered the radium nucleus and interacted with its protons and neutrons... The researchers plan to use this new technique to create a detailed map of how forces are distributed inside the nucleus... to chart the nucleus with greater precision and search for possible violations of fundamental symmetries in nature. "It is thought that additional sources of fundamental symmetry violation are required to explain the almost complete absence of antimatter in our universe," the article points out. "Such violations could be seen within the nuclei of certain atoms such as radium... "Unlike most atomic nuclei, which are spherical in shape, the radium atom's nucleus has a more asymmetrical configuration, similar to a pear. Scientists predict that this pear shape could significantly enhance their ability to sense the violation of fundamental symmetries, to the extent that they may be potentially observable."

Read more of this story at Slashdot.

An anonymous reader quotes a report from CNBC: Korean semiconductor giant Samsung said Thursday that it plans to buy and deploy a cluster of 50,000 Nvidia graphics processing units to improve its chip manufacturing for mobile devices and robots. The 50,000 Nvidia GPUs will be used to create a facility Samsung is calling an "AI Megafactory." Samsung didn't provide details about when the facility would be built. It's the latest splashy partnership for Nvidia, whose chips remain essential for building and deploying advanced artificial intelligence. [...] On Thursday, Nvidia representatives said they will work with Samsung to adapt the Korean company's chipmaking lithography platform to work with Nvidia's GPUs. That process will results in 20 times better performance for Samsung, the Nvidia representatives said. Samsung will also use Nvidia's simulation software called Omniverse. Known for its mobile phones, Samsung also said it would use the Nvidia chips to run its own AI models for its devices. In addition to being a partner and customer, Samsung is also a key supplier for Nvidia. Samsung makes the kind of high-performance memory Nvidia uses in large quantities, alongside its AI chips, called high bandwidth memory. Samsung said it will work with Nvidia to tweak its HBM4 memory for use in AI chips.

Read more of this story at Slashdot.

Longtime Slashdot reader AmiMoJo shares a report from the Financial Times: Solar power developers want to cover an area larger than Washington, DC, with silicon panels and batteries, converting sunlight into electricity that will power air conditioners in sweltering Las Vegas along with millions of other homes and businesses. But earlier this month, bureaucrats in charge of federal lands scrapped collective approval for the Esmeralda 7 projects, in what campaigners fear is part of an attack on renewable energy under President Donald Trump. "We will not approve wind or farmer destroying [sic] Solar," he posted on his Truth Social platform in August. Developers will need to reapply individually, slowing progress. Thousands of miles away on the other side of the Pacific Ocean, it is a different story. China has laid solar panels across an area the size of Chicago high up on the Tibetan Plateau, where the thin air helps more sunlight get through. The Talatan Solar Park is part of China's push to double its solar and wind generation capacity over the coming decade. "Green and low-carbon transition is the trend of our time," President Xi Jinping told delegates at a UN summit in New York last month. China's vast production of solar panels and batteries has also pushed down the prices of renewables hardware for everyone else, meaning it has "become very difficult to make any other choice in some places," according to Heymi Bahar, senior analyst at the International Energy Agency. [...] More broadly, the US's focus on fossil fuels and pullback of support for clean energy further cedes influence over the future global energy system to China. The US is trying to tie its trading partners into fossil fuels, pressing the EU to buy $750 billion of American oil, natural gas, and nuclear technologies during his presidency as part of a trade deal, scuppering an initiative to begin decarbonizing world shipping and pressuring others to reduce their reliance on Chinese technology. But the collapsing cost of solar panels in particular has spoken for itself in many parts of the world. Experts caution that the US's attacks on renewables could cause lasting damage to its competitiveness against China, even if an administration more favorable to renewables were to follow Trump's.

Read more of this story at Slashdot.

According to the Wall Street Journal, SpaceX is reportedly poised to secure a $2 billion Pentagon contract to develop hundreds of missile-tracking satellites for President Trump's ambitious Golden Dome defense system. The Independent reports: The planned "air moving target indicator" system in question could ultimately feature as many as 600 satellites once it is fully operational, The Wall Street Journal reports. Musk's company has also been linked to two more satellite ventures, which are concerned with relaying sensitive communications and tracing vehicles, respectively. Golden Dome, inspired by Israel's "Iron Dome," was announced by Trump and Secretary of War Pete Hegseth at the White House in May and will amount to a complex system of satellites and weaponry capable of destroying incoming missiles before they hit American targets. The president promised it would be "fully operational" before he leaves office in January 2029, capable of intercepting rockets, "even if they are launched from space," with an overall price tag of $175 billion.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Gizmodo: It's time for Xbox to eat some humble pie and perform some real soul-searching. Microsoft released its latest quarterly earnings report and proved the worst of our fears about its gaming brand. Not only are Xbox hardware sales down significantly, but the brand itself is barely treading water. Gamers are voicing their displeasure with their wallets, but Microsoft's top brass is still only thinking about the margins. Microsoft was more keen to promote the scale of its cloud and AI services revenue -- which was up 28% year over year -- than talk about its beleaguered gaming brand. The company's overall gaming revenue fell by 2% compared to the same time last year. This was precipitated by a "decline in Xbox hardware," which was down by 22% following a steady decline quarter after quarter. Its first-party games and its Game Pass subscription were doing better, though the overall growth was only up by 1%, and even that was driven by the "better-than-expected performance" of third-party games. You can give credit to titles like Clair Obscur: Expedition 33 for why Xbox isn't in an even deeper hole than it is now. The tech giant has no expectation that its Xbox brand will start making more money anytime soon. In its earnings call with investors, Microsoft Chief Financial Officer Amy Hood said the company expects Xbox will continue to decline "in the low to mid-single digits" for the following quarter. That's mostly due to the lack of landmark first-party titles. Just this month, Xbox released Ninja Gaiden 4, The Outer Worlds 2, and Double Fine's The Keeper. Xbox also made a huge marketing push for its first handheld, made in partnership with Asus, the ROG Xbox Ally and Ally X. In any other year, this would be a big month for any gaming company. The dour outlook comes after months of bad news. After two subsequent price hikes, Xbox Series S and Series X consoles now cost between $100 to $150 more than they did at launch five years ago. Microsoft also pushed prices of its Game Pass Ultimate subscription tier from $20 to $30 per month. A full-year's subscription would now demand $360. In a separate article, Gizmodo reviews Microsoft's new ROG Xbox Ally X handheld, which "offers a better experience overall" than the "other small-scale Windows PC gaming devices released this year." However, "it's still nowhere close to what you truly want from a console."

Read more of this story at Slashdot.

OpenAI has introduced Aardvark, a GPT-5-powered autonomous agent that scans, reasons about, and patches code like a human security researcher. "By embedding itself directly into the development pipeline, Aardvark aims to turn security from a post-development concern into a continuous safeguard that evolves with the software itself," reports InfoWorld. From the report: What makes Aardvark unique, OpenAI noted, is its combination of reasoning, automation, and verification. Rather than simply highlighting potential vulnerabilities, the agent promises multi-stage analysis -- starting by mapping an entire repository and building a contextual threat model around it. From there, it continuously monitors new commits, checking whether each change introduces risk or violates existing security patterns. Additionally, upon identifying a potential issue, Aardvark attempts to validate the exploitability of the finding in a sandboxed environment before flagging it. This validation step could prove transformative. Traditional static analysis tools often overwhelm developers with false alarms -- issues that may look risky but aren't truly exploitable. "The biggest advantage is that it will reduce false positives significantly," noted Jain. "It's helpful in open source codes and as part of the development pipeline." Once a vulnerability is confirmed, Aardvark integrates with Codex to propose a patch, then re-analyzes the fix to ensure it doesn't introduce new problems. OpenAI claims that in benchmark tests, the system identified 92 percent of known and synthetically introduced vulnerabilities across test repositories, a promising indication that AI may soon shoulder part of the burden of modern code auditing.

Read more of this story at Slashdot.