Feed aggregator

US Sues Adobe Over Subscription Plan Disclosures

Slashdot - Mon, 2024-06-17 18:52
The U.S. government on Monday sued Adobe, accusing the maker of Photoshop and Acrobat of harming consumers by enrolling them in its most lucrative subscription plans without clearly disclosing important terms. From a report: In a complaint filed in the San Jose, California, federal court, the government said Adobe failed to adequately disclose hefty early termination fees, sometimes reaching hundreds of dollars, when customers sign up for "annual, paid monthly" subscription plans. The government said Adobe hides important terms in fine print and behind textboxes and hyperlinks, clearly discloses the fees only when subscribers try to cancel, and makes canceling an onerous and complicated process.

Read more of this story at Slashdot.

Categories: Computer, News

Amazon-Powered AI Cameras Used To Detect Emotions of Unwitting UK Train Passengers

Slashdot - Mon, 2024-06-17 18:41
Thousands of people catching trains in the United Kingdom likely had their faces scanned by Amazon software as part of widespread artificial intelligence trials, new documents reveal. Wired: The image recognition system was used to predict travelers' age, gender, and potential emotions -- with the suggestion that the data could be used in advertising systems in the future. During the past two years, eight train stations around the UK -- including large stations such as London's Euston and Waterloo, Manchester Piccadilly, and other smaller stations -- have tested AI surveillance technology with CCTV cameras with the aim of alerting staff to safety incidents and potentially reducing certain types of crime. The extensive trials, overseen by rail infrastructure body Network Rail, have used object recognition -- a type of machine learning that can identify items in videofeeds -- to detect people trespassing on tracks, monitor and predict platform overcrowding, identify antisocial behavior ("running, shouting, skateboarding, smoking"), and spot potential bike thieves. Separate trials have used wireless sensors to detect slippery floors, full bins, and drains that may overflow. The scope of the AI trials, elements of which have previously been reported, was revealed in a cache of documents obtained in response to a freedom of information request by civil liberties group Big Brother Watch. "The rollout and normalization of AI surveillance in these public spaces, without much consultation and conversation, is quite a concerning step," says Jake Hurfurt, the head of research and investigations at the group.

Read more of this story at Slashdot.

Categories: Computer, News

AI in Finance is Like 'Moving From Typewriters To Word Processors'

Slashdot - Mon, 2024-06-17 18:02
The accounting and finance professions have long adapted to technology -- from calculators and spreadsheets to cloud computing. However, the emergence of generative AI presents both new challenges and opportunities for students looking to get ahead in the world of finance. From a report: Research last year by investment bank Evercore and Visionary Future, which incubates new ventures, highlights the workforce disruption being wreaked by generative AI. Analysing 160mn US jobs, the study reveals that service sectors such as legal and financial are highly susceptible to disruption by AI, although full job replacement is unlikely. Instead, generative AI is expected to enhance productivity, the research concludes, particularly for those in high-value roles paying above $100,000 annually. But, for current students and graduates earning below this threshold, the challenge will be navigating these changes and identifying the skills that will be in demand in future. Generative AI is being swiftly integrated into finance and accounting, by automating specific tasks. Stuart Tait, chief technology officer for tax and legal at KPMG UK, describes it as a "game changer for tax," because it is capable of handling complex tasks beyond routine automation. "Gen AI for tax research and technical analysis will give an efficiency gain akin to moving from typewriters to word processors," he says. The tools can answer tax queries within minutes, with more than 95 per cent accuracy, Tait says.

Read more of this story at Slashdot.

Categories: Computer, News

Three of Vietnam's Five Undersea Internet Cables Are Down

Slashdot - Mon, 2024-06-17 17:20
Three out of Vietnam's five active international undersea internet cables are down, state media said over the weekend, the second major round of outages in the country in just over a year. From a report: The problems with the three cables, which connect Vietnam with the United States, Europe and Asia, have "significantly affected Vietnam's internet connection with the world", reported the official Vietnam News Agency. Vietnam is connected to the global internet mainly via five undersea cables with a combined capacity of nearly 62 Tbps, according to data from FPT, one of the country's top internet service providers. It's not clear if the three cables referred to, which account for most of the bandwidth, are totally or partially down.

Read more of this story at Slashdot.

Categories: Computer, News

Wells Fargo Bet on a Flashy Rent Credit Card. It Is Costing the Bank Dearly.

Slashdot - Mon, 2024-06-17 16:40
Wells Fargo's co-branded credit card partnership with fintech startup Bilt Technologies is causing the bank to lose up as much as $10 million monthly, according to a WSJ report. The bank agreed to a co-branded program with the fintech startup that most other big banks -- including JPMorgan Chase -- passed on, incorrectly modeled key assumptions and sees no path to profitability. The card, which allows users to pay rent without fees while earning rewards, has attracted many young customers. From the report: There is a reason why credit cards hadn't gained traction in the rent sector until Bilt came along. Most landlords didn't accept them because they refuse to pay card fees that get pocketed by the banks issuing them and often run between 2% and 3%. Bilt structured the card so landlords won't incur the fees. Wells instead eats much of that. About six months after the credit card was launched, Wells began paying Bilt a fee of about 0.80% of each rent transaction, even though the bank isn't collecting interchange fees from landlords. It appears that the problem for Wells Fargo is that Bilt customers are savvy. They are making the rent payments, but not carrying balances or doing any other transactions through the card.

Read more of this story at Slashdot.

Categories: Computer, News

YouTube Introduces Experimental 'Notes' for Users To Add Context To Videos

Slashdot - Mon, 2024-06-17 16:00
YouTube is piloting a new feature called "Notes" that allows viewers to add context and information under videos. The move comes as YouTube aims to minimize the spread of misinformation on its platform, particularly during the pivotal 2024 U.S. election year. The feature, similar to Community Notes on X (formerly Twitter), will initially be available on mobile in the U.S. in English.

Read more of this story at Slashdot.

Categories: Computer, News

ASUS Releases Firmware Update for Critical Remote Authentication Bypass Affecting Seven Routers

Slashdot - Mon, 2024-06-17 13:34
A report from BleepingComputer notes that ASUS "has released a new firmware update that addresses a vulnerability impacting seven router models that allow remote attackers to log in to devices." But there's more bad news: Taiwan's CERT has also informed the public about CVE-2024-3912 in a post yesterday, which is a critical (9.8) arbitrary firmware upload vulnerability allowing unauthenticated, remote attackers to execute system commands on the device. The flaw impacts multiple ASUS router models, but not all will be getting security updates due to them having reached their end-of-life (EoL). Finally, ASUS announced an update to Download Master, a utility used on ASUS routers that enables users to manage and download files directly to a connected USB storage device via torrent, HTTP, or FTP. The newly released Download Master version 3.1.0.114 addresses five medium to high-severity issues concerning arbitrary file upload, OS command injection, buffer overflow, reflected XSS, and stored XSS problems.

Read more of this story at Slashdot.

Categories: Computer, News

Researchers Devise Photosynthesis-Based Energy Source With Negative Carbon Emissions

Slashdot - Mon, 2024-06-17 10:39
Researchers have devised a way to extract energy from the photosynthesis process of algae, according to an announcement from Concordia University. Suspended in a specialized solution, the algae forms part of a "micro photosynthetic power cell" that can actually generate enough energy to power low-power devices like Internet of Things (IoT) sensors. "Photosynthesis produces oxygen and electrons. Our model traps the electrons, which allows us to generate electricity," [says Kirankumar Kuruvinashetti, PhD 20, now a Mitacs postdoctoral associate at the University of Calgary.] "So more than being a zero-emission technology, it's a negative carbon emission technology: it absorbs carbon dioxide from the atmosphere and gives you a current. Its only byproduct is water." [...] Muthukumaran Packirisamy, professor in the Department of Mechanical, Industrial and Aerospace Engineering and the paper's corresponding author, admits the system is not yet able to compete in power generation with others like photovoltaic cells. The maximum possible terminal voltage of a single micro photosynthetic power cell is only 1.0V. But he believes that, with enough research and development, including artificial intelligence-assisted integration technologies, this technology has the potential to be a viable, affordable and clean power source in the future. It also offers significant manufacturing advantages over other systems, he says. "Our system does not use any of the hazardous gases or microfibres needed for the silicon fabrication technology that photovoltaic cells rely on. Furthermore, disposing of silicon computer chips is not easy. We use biocompatible polymers, so the whole system is easily decomposable and very cheap to manufacture." In the paper the researchers also described it as a âoemicrobial fuel cellâ...

Read more of this story at Slashdot.

Categories: Computer, News

CodeSOD: Actively Xing Out

The Daily WTF - Mon, 2024-06-17 08:30

Today, I'm honestly not sure that the WTF is in the code we're looking at. Jeff needed to support an older PHP application which used client side JavaScript heavily. This block was copy-pasted many times throughout the code base:

var ajaxRequest; // The variable that makes Ajax possible! try{ // Opera 8.0+, Firefox, Safari ajaxRequest = new XMLHttpRequest(); } catch (e){ // Internet Explorer Browsers try{ ajaxRequest = new ActiveXObject("Msxml2.XMLHTTP"); } catch (e) { try{ ajaxRequest = new ActiveXObject("Microsoft.XMLHTTP"); } catch (e){ try{ ajaxRequest = new ActiveXObject("Msxml2.XMLHTTP.4.0"); } catch(e){ // Something went wrong echo("Something Wrong. Please try again later!"); return false; } } } }

This code was written in the early 2010s. Which does mean that the general pattern was necessary. Internet Explorer was still widely used, and it didn't support XMLHttpRequest until 2012- and a depressing number of corporate environments were lagging behind in adopting newer browsers, even as they went out of support. Of course, they were lagging behind because they were using IE and code written to support IE's idiosyncrasies.

Now, this code is bad, more because it's copy/pasted instead of being turned into a reusable function. And because it outputs a terrible error message. "Something Wrong." Thanks, error message, that's useless. It's also worth noting that the error is output via an echo. That's a PHP function. Did the developer write code that doesn't work? Or did they create a JavaScript echo function so their JavaScript could look more like PHP? At this point, it's impossible to know, but I hate it.

But the real problem here is Internet Explorer, and specifically ActiveX. Now, ActiveX wasn't an entirely bad thing. It was Windows' method of handling reusable, shared libraries, especially of GUI components, that could be dropped into any arbitrary application. Writing VB6? You're definitely using ActiveX. You want to write an Access application, or a dangerously complicated Excel macro with a UI attached to it? That's ActiveX. In C++ land, you might be using Microsoft Foundation Classes, if you hate yourself, but you could also use ActiveX, which was easier to use.

And all of that is fine. For its time, ActiveX was actually pretty cool. But there was one problem, and that problem was Internet Explorer 3.0. In 1996, Microsoft added the ability to access ActiveX controls from JavaScript. This meant that, instead of using HTML widgets on your page, you could instead drop native Windows components onto your page. Microsoft convinced the W3C to add an <OBJECT> tag to the HTML spec to facilitate this embedding.

From Microsoft's perspective, this was great. IE allowed people to deliver richer, more polished looking web applications that behaved like desktop applications, in an era where the peak of interactivity was the <marquee> tag and animated gif backgrounds.

The reality was that this was part of their "embrace, extend, extinguish" philosophy, where they were attempting to destroy the web (who was going to keep buying Windows upgrades if you could get rich applications delivered as web pages?). But the monopolist aspects aren't really even the worst part.

You could dynamically load DLLs from inside of a web page! Often, the code you're loading from that ActiveX binary could do all sorts of things on the local computer, up to and including directly accessing the file system. Oh, there were warning messages that were meant to require user consent before this could happen, but it was trivial to socially engineer things to trick users into granting you consent. I myself, in college, made a proof of concept text editor that could steal files from the user's computers while pretending to be a web-based Notepad replacement.

ActiveX inside the browser was one of the most bonkers things that has happened in the history of the web. But the thing is, for corporate intranets, the scam worked. There were hordes of web applications pushed out by vendors which depended upon ActiveX, some of which are still in use today. While Microsoft Edge officially doesn't support ActiveX, it still has an "Internet Explorer Mode" which does.

And yes, going back to the code, because you were loading specific binaries from the host OS, you needed to know which binary to load, the name of which might change between OS versions. Hence the attempts to load the XMLHTTP component all those different ways- depending on the specific version of Windows, and the specific libraries installed on that Windows machine, how you accessed the XMLHTTP component changed.

As always, TRWTF is Internet Explorer.

.comment { border: none; } [Advertisement] ProGet’s got you covered with security and access controls on your NuGet feeds. Learn more.
Categories: Computer

America's Defense Department Ran a Secret Disinfo Campaign Online Against China's Covid Vaccine

Slashdot - Mon, 2024-06-17 07:45
"At the height of the COVID-19 pandemic, the U.S. military launched a secret campaign to counter what it perceived as China's growing influence in the Philippines..." reports Reuters. "It aimed to sow doubt about the safety and efficacy of vaccines and other life-saving aid that was being supplied by China, a Reuters investigation found." Reuters interviewed "more than two dozen current and former U.S officials, military contractors, social media analysts and academic researchers," and also reviewed posts on social media, technical data and documents about "a set of fake social media accounts used by the U.S. military" — some active for more than five years. Friday they reported the results of their investigation: Through phony internet accounts meant to impersonate Filipinos, the military's propaganda efforts morphed into an anti-vax campaign. Social media posts decried the quality of face masks, test kits and the first vaccine that would become available in the Philippines — China's Sinovac inoculation. Reuters identified at least 300 accounts on X, formerly Twitter, that matched descriptions shared by former U.S. military officials familiar with the Philippines operation. Almost all were created in the summer of 2020 and centered on the slogan #Chinaangvirus — Tagalog for China is the virus. "COVID came from China and the VACCINE also came from China, don't trust China!" one typical tweet from July 2020 read in Tagalog. The words were next to a photo of a syringe beside a Chinese flag and a soaring chart of infections. Another post read: "From China — PPE, Face Mask, Vaccine: FAKE. But the Coronavirus is real." After Reuters asked X about the accounts, the social media company removed the profiles, determining they were part of a coordinated bot campaign based on activity patterns and internal data. The U.S. military's anti-vax effort began in the spring of 2020 and expanded beyond Southeast Asia before it was terminated in mid-2021, Reuters determined. Tailoring the propaganda campaign to local audiences across Central Asia and the Middle East, the Pentagon used a combination of fake social media accounts on multiple platforms to spread fear of China's vaccines among Muslims at a time when the virus was killing tens of thousands of people each day. A key part of the strategy: amplify the disputed contention that, because vaccines sometimes contain pork gelatin, China's shots could be considered forbidden under Islamic law... A senior Defense Department official acknowledged the U.S. military engaged in secret propaganda to disparage China's vaccine in the developing world, but the official declined to provide details. A Pentagon spokeswoman... also noted that China had started a "disinformation campaign to falsely blame the United States for the spread of COVID-19." A senior U.S. military officer directly involved in the campaign told Reuters that "We didn't do a good job sharing vaccines with partners. So what was left to us was to throw shade on China's." At least six senior State Department officials for the region objected, according to the article. But in 2019 U.S. Defense Secretary Mark Esper signed "a secret order" that "elevated the Pentagon's competition with China and Russia to the priority of active combat, enabling commanders to sidestep the StateDepartment when conducting psyops against those adversaries." [A senior defense official] said the Pentagon has rescinded parts of Esper's 2019 order that allowed military commanders to bypass the approval of U.S. ambassadors when waging psychological operations. The rules now mandate that military commanders work closely with U.S. diplomats in the country where they seek to have an impact. The policy also restricts psychological operations aimed at "broad population messaging," such as those used to promote vaccine hesitancy during COVID... Nevertheless, the Pentagon's clandestine propaganda efforts are set to continue. In an unclassified strategy document last year, top Pentagon generals wrote that the U.S. military could undermine adversaries such as China and Russia using "disinformation spread across social media, false narratives disguised as news, and similar subversive activities [to] weaken societal trust by undermining the foundations of government." And in February, the contractor that worked on the anti-vax campaign — General Dynamics IT — won a $493 million contract. Its mission: to continue providing clandestine influence services for the military.

Read more of this story at Slashdot.

Categories: Computer, News

ASUS Promises Support Overhaul After YouTube Investigators Allege Dishonesty

Slashdot - Mon, 2024-06-17 04:25
ASUS has suddenly agreed "to overhaul its customer support and warranty systems," writes the hardware review site Gamers Nexus — after a three-video series on its YouTube channel documented bad and "potentially illegal" handling of customer warranties for the channel's 2.2 million viewers. The Verge highlights ASUS's biggest change: If you've ever been denied a warranty repair or charged for a service that was unnecessary or should've been free, Asus wants to hear from you at a new email address. It claims those disputes will be processed by Asus' own staff rather than outsourced customer support agents.... The company is also apologizing today for previous experiences you might have had with repairs. "We're very sorry to anyone who has had a negative experience with our service team. We appreciate your feedback and giving us a chance to make amends." It started five weeks ago when Gamers Nexus requested service for a joystick problem, according to a May 10 video. First they'd received a response wrongly telling them their damage was out of warranty — which also meant Asus could add a $20 shipping charge for the requested repair. "Somehow that turned into ASUS saying the LCD needs to be replaced, even though the joystick is covered under their repair policies," the investigators say in the video. [They also note this response didn't even address their original joystick problem — "only that thing that they had decided to find" — and that ASUS later made an out-of-the-blue reference to "liquid damage."] The repair would ultimately cost $191.47, with ASUS mentioning that otherwise "the unit will be sent back un-repaired and may be disassembled." ASUS gave them four days to respond, with some legalese adding that an out-of-warranty repair fee is non-refundable, yet still "does not guarantee that repairs can be made." Even when ASUS later agreed to do a free "partial" repair (providing the requested in-warranty service), the video's investigators still received another email warning of "pending service cancellation" and return of the unit unless they spoke to "Invoice Quotation Support" immediately. The video-makers stood firm, and the in-warranty repair was later performed free — but they still concluded that "It felt like ASUS tried to scam us." ASUS's response was documented in a second video, with ASUS claiming it had merely been sending a list of "available" repairs (and promising that in the future ASUS would stop automatically including costs for the unrequested repair of "cosmetic imperfections" — and that they'd also change their automatic emails.) Gamers Nexus eventually created a fourth, hour-long video confronting various company officials at Computex — which finally led to them publishing a list of ASUS's promised improvements on Friday. Some highlights: ASUS promises it's "created a Task Force team to retroactively go back through a long history of customer surveys that were negative to try and fix the issues." (The third video from Gamers Nexus warned ASUS was already on the government's radar over its handling of warranty issues.) ASUS also announced their repairs centers were no longer allowed to claim "customer-induced damage" (which Gamers Nexus believes "will remove some of the financial incentive to fail devices" to speed up workloads). ASUS is creating a new U.S. support center allowing customers to choose either a refurbished board or a longer repair. Gamers Nexus says they already have devices at ASUS repair centers — under pseudonyms — and that they "plan to continue sampling them over the next 6-12 months so we can ensure these are permanent improvements." And there's one final improvement, according to Gamers Nexus. "After over a year of refusing to acknowledge the microSD card reader failures on the ROG Ally [handheld gaming console], ASUS will be posting a formal statement next week about the defect."

Read more of this story at Slashdot.

Categories: Computer, News

AI Researcher Warns Data Science Could Face a Reproducibility Crisis

Slashdot - Mon, 2024-06-17 02:16
Long-time Slashdot reader theodp shared this warning from a long-time AI researcher arguing that data science "is due" for a reckoning over whether results can be reproduced. "Few technological revolutions came with such a low barrier of entry as Machine Learning..." Unlike Machine Learning, Data Science is not an academic discipline, with its own set of algorithms and methods... There is an immense diversity, but also disparities in skill, expertise, and knowledge among Data Scientists... In practice, depending on their backgrounds, data scientists may have large knowledge gaps in computer science, software engineering, theory of computation, and even statistics in the context of machine learning, despite those topics being fundamental to any ML project. But it's ok, because you can just call the API, and Python is easy to learn. Right...? Building products using Machine Learning and data is still difficult. The tooling infrastructure is still very immature and the non-standard combination of data and software creates unforeseen challenges for engineering teams. But in my views, a lot of the failures come from this explosive cocktail of ritualistic Machine Learning: - Weak software engineering knowledge and practices compounded by the tools themselves; - Knowledge gap in mathematical, statistical, and computational methods, encouraged black boxing API; - Ill-defined range of competence for the role of data scientist, reinforced by a pool of candidates with an unusually wide range of backgrounds; - A tendency to follow the hype rather than the science. - What can you do? - Hold your data scientists accountable using Science. - At a minimum, any AI/ML project should include an Exploratory Data Analysis, whose results directly support the design choices for feature engineering and model selection. - Data scientists should be encouraged to think outside-of-the box of ML, which is a very small box - Data scientists should be trained to use eXplainable AI methods to provide context about the algorithm's performance beyond the traditional performance metrics like accuracy, FPR, or FNR. - Data scientists should be held at similar standards than other software engineering specialties, with code review, code documentation, and architectural designs. The article concludes, "Until such practices are established as the norm, I'll remain skeptical of Data Science."

Read more of this story at Slashdot.

Categories: Computer, News

FCC Approves Mysterious SpaceX Device: Is It for the Starlink Mini Dish?

Slashdot - Mon, 2024-06-17 00:34
"SpaceX has received FCC clearance to operate a mysterious 'wireless module' device," PC Magazine reported earlier this week, speculating that the device "might be a new Starlink router." On Tuesday, the FCC issued an equipment authorization for the device, which uses the 2.4GHz and 5GHz Wi-Fi radio bands. A document in SpaceX's filing also says it features antennas along with Wi-Fi chips apparently from MediaTek. Another document calls the device by the codename "UTW-231," and defines it as a "wireless router" supporting IEEE 802.11b/g/n/ax for Wi-Fi 6 speeds up to 1,300Mbps. But perhaps the most interesting part is an image SpaceX attached, which suggests the router is relatively small and can fit in a person's open hand.... SpaceX CEO Elon Musk has said the "Starlink mini" dish is slated to arrive later this year and that it's small enough to fit in a backpack... On Wednesday, PCMag also spotted the official Starlink.com site referencing the name "Mini" in a specification page for the satellite internet system. Today saw some interesting speculation on the unoffical "Starlink Hardware" blog (written by Noah Clarke, who has a degree in electronics). Clarke guesses the product "will be aimed at portable use cases, such as camping, RV's, vans, hiking... designed to be easy to store, transport, and deploy". But he also notes Starlink updated their app today, with a new shopping page showing what he believes the upcoming product will look like. ("Very similar to the Standard dish, just smaller. It has a similar shape, and even a kickstand.") If you go into developer mode and play around with the Mini network settings, you notice something interesting. There is no separate router. Devices are connected to the dish itself... I'm guessing that, in order to make the Mini as portable as possible, Starlink decided it was best to simplify the system and limit the number of components. There are more Wifi details that have been revealed, and that is mesh compatibility. For those of you that might be interested in using the Mini at home, or for larger events where you need additional Wifi coverage, the Mini's built-in router will be compatible with Starlink mesh. You'll be able to wirelessly pair another Starlink router to the Mini.

Read more of this story at Slashdot.

Categories: Computer, News

'Blue Screen of Death' Comes To Linux

Slashdot - Sun, 2024-06-16 23:10
In 2016, Phoronix remembered how the early days of Linux kernel mode-setting (KMS) had brought hopes for improved error messages. And one long-awaited feature was errors messages for "Direct Rendering Manager" (or DRM) drivers — something analgous to the "Blue Screen of Death" Windows gives for critical errors. Now Linux 6.10 is introducing a new DRM panic handler infrastructure enabling messages when a panic occurs, Phoronix reports today. "This is especially important for those building a kernel without VT/FBCON support where otherwise viewing the kernel panic message isn't otherwise easily available." With Linux 6.10 the initial DRM Panic code has landed as well as wiring up the DRM/KMS driver support for the SimpleDRM, MGAG200, IMX, and AST drivers. There is work underway on extending DRM Panic support to other drivers that we'll likely see over the coming kernel cycles for more widespread support... On Linux 6.10+ with platforms having the DRM Panic driver support, this "Blue Screen of Death" functionality can be tested via a route such as echo c > /proc/sysrq-trigger. The article links to a picture shared on Mastodon by Red Hat engineer Javier Martinez Canillas of the error message being generated on a BeaglePlay single board computer. Phoronix also points out that some operating systems have even considered QR codes for kernel error messages...

Read more of this story at Slashdot.

Categories: Computer, News

Which Way is the EV Market Headed? And Does the US Lag the World?

Slashdot - Sun, 2024-06-16 21:58
Wednesday the annual electric vehicle outlook report was released by market researcher BloombergNEF. And the analyst wrote that "Our long-term outlook for EVs remains bright," according to the Los Angeles Times: In 2023, EVs made up 18% of global passenger-vehicle sales. By 2030, according to the report, 45% will be EVs. That number jumps to 73% by 2040 — still short of what the world needs to reach net zero emissions in transportation, the firm says, but enough to achieve major reductions in climate-changing carbon emissions... [D]ifferent countries are moving at different speeds and with different levels of commitment. Today, "China, India and France are still showing signs of healthy growth, but the latest data from Germany, Italy and the U.S. is more concerning," BloombergNEF said. Global EV sales "are set to rise from 13.9 million in 2023 to over 30 million in 2027," despite the lagging U.S. [The article points out later that "For the first quarter in China, EV sales were up 37%, according to BloombergNEF. In India, it's 39%, and in France, 20%. The U.S. was a laggard, up just 4%."] Whatever the geography, consumer concerns about price, driving range, battery lifespan, and unreliable public charging continue to dampen many buyers' enthusiasm for EVs. BloombergNEF's findings are echoed by consulting firm McKinsey and the AAA motor club, in recent forecasts of their own. But EV prices are coming down, range is improving, and large numbers of public chargers are being installed, all of which could revive sales growth. Consumers around the planet are warming to the idea of buying an electric car, but they're moving slowly. According to McKinsey, 14% of 30,000 global survey respondents in 2021 said their next vehicle would be an EV. This year, it's 18%. In the U.S. it's a different story, where consumer interest in an EV purchase declined to 18% this year, according to AAA's survey, down from 23% in 2023. And nearly two-thirds reported they were unlikely to buy an EV next time they buy a car. Interest in hybrids is on the rise. One in three said they were likely to buy a hybrid, a vehicle that adds a small battery to an internal combustion engine to improve fuel efficiency. That's bad news for pure EV sales, at least in the immediate future, said Greg Brannon, head of automotive research at AAA. Early adopters already have their EVs, he said, while mainstream buyers remain skeptical. The article does note that major automakers "are losing billions of dollars in their EV division," with several cutting the EV goals for the U.S. (Though Hyundai and Kia are not.) And then there's this... A global survey conducted by consulting firm McKinsey, also released Wednesday, included this shocker: 29% of EV owners told McKinsey they plan to replace the EV they bought with a gasoline or diesel car, a figure that jumps to 38% for U.S. EV owners. Phillip Kampshoff, who leads McKinsey's Center for Future Mobility in the Americas, said he'd seen EV sales as "a one way street. Once you buy, you're hooked on an EV. But that's not what the data shows...." But the article points out that both BloombergNEF and McKinsey still remained bullish that adoption will increase in the future.

Read more of this story at Slashdot.

Categories: Computer, News

53 LA County Public Health Workers Fall for Phishing Email. 200,000 People May Be Affected

Slashdot - Sun, 2024-06-16 20:44
The Los Angeles Times reports that "The personal information of more than 200,000 people in Los Angeles County was potentially exposed after a hacker used a phishing email to steal the login credentials of 53 public health employees, the county announced Friday." Details that were possibly accessed in the February data breach include the first and last names, dates of birth, diagnoses, prescription information, medical record numbers, health insurance information, Social Security numbers and other financial information of Department of Public Health clients, employees and other individuals. "Affected individuals may have been impacted differently and not all of the elements listed were present for each individual," the agency said in a news release... The data breach happened between Feb. 19 and 20 when employees received a phishing email, which tries to trick recipients into providing important information such as passwords and login credentials. The employees clicked on a link in the body of the email, thinking they were accessing a legitimate message, according to the agency... The county is offering free identity monitoring through Kroll, a financial and risk advisory firm, to those affected by the breach. Individuals whose medical records were potentially accessed by the hacker should review them with their doctor to ensure the content is accurate and hasn't been changed. Officials say people should also review the Explanation of Benefits statement they receive from their insurance company to make sure they recognize all the services that have been billed. Individuals can also request credit reports and review them for any inaccuracies. From the official statement by the county's Public Health department: Upon discovery of the phishing attack, Public Health disabled the impacted e-mail accounts, reset and re-imaged the user's device(s), blocked websites that were identified as part of the phishing campaign and quarantined all suspicious incoming e-mails. Additionally, awareness notifications were distributed to all workforce members to remind them to be vigilant when reviewing e-mails, especially those including links or attachments. Law enforcement was notified upon discovery of the phishing attack, and they investigated the incident.

Read more of this story at Slashdot.

Categories: Computer, News

Flesh-Eating Bacteria That Can Kill in Two Days Spreads in Japan

Slashdot - Sun, 2024-06-16 19:44
Bloomberg reports: A disease caused by a rare "flesh-eating bacteria" that can kill people within 48 hours is spreading in Japan after the country relaxed Covid-era restrictions. Cases of streptococcal toxic shock syndrome (STSS) reached 977 this year by June 2, higher than the record 941 cases reported for all of last year, according to the National Institute of Infectious Diseases, which has been tracking incidences of the disease since 1999. Group A Streptococcus (GAS) typically causes swelling and sore throat in children known as "strep throat," but some types of the bacteria can lead to symptoms developing rapidly, including limb pain and swelling, fever, low blood pressure, that can be followed by necrosis, breathing problems, organ failure and death. People over 50 are more prone to the disease. "Most of the deaths happen within 48 hours," said Ken Kikuchi, a professor in infectious diseases at Tokyo Women's Medical University. "As soon as a patient notices swelling in foot in the morning, it can expand to the knee by noon, and they can die within 48 hours...." At the current rate of infections, the number of cases in Japan could reach 2,500 this year, with a "terrifying" mortality rate of 30%, Kikuchi said.

Read more of this story at Slashdot.

Categories: Computer, News

Wine Staging 9.11 Released with A Patch For A 17 Year Old Bug

Slashdot - Sun, 2024-06-16 18:34
Building off Friday's release of Wine 9.11, the development team has now also released Wine Staging 9.11 with some 428 patches, reports Phoronix founder Michael Larabel: Catching my interest was a patch for Bug 7955. That right away catches my attention since the latest Wine bug reports are at a bug ticket number over 56,000.... Yep, Bug 7955 dates back 14 years ago to April 2007. The #7955 bug report is over the S-Hoai Windows client displaying an application exception when clicking the "File" or "Projects" menu. S-Hoai is a Windows application used in Germany by architects and building engineers/contractors for managing estimates and billing according to German laws.

Read more of this story at Slashdot.

Categories: Computer, News

In Memoriam: Dr. Ed Stone, Former NASA JPL Director and Voyager Project Scientist

Slashdot - Sun, 2024-06-16 17:34
Slashdot reader hackertourist shared this announcement from NASA's Jet Propulsion Laboratory: Edward C. Stone, former director of NASA's Jet Propulsion Laboratory and project scientist of the Voyager mission for 50 years, died on June 9, 2024. He was age 88... Stone served on nine NASA missions as either principal investigator or a science instrument lead, and on five others as a co-investigator (a key science instrument team member). These roles primarily involved studying energetic ions from the Sun and cosmic rays from the galaxy. He had the distinction of being one of the few scientists involved with both the mission that has come closest to the Sun (NASA's Parker Solar Probe) and the one that has traveled farthest from it (Voyager). Stone is best known for his work on NASA's longest-running mission, Voyager, whose twin spacecraft launched in 1977 and are still exploring deep space today. He served as Voyager's sole project scientist from 1972 until his retirement in 2022. Under Stone's leadership, the mission took advantage of a celestial alignment that occurs just once every 176 years to visit Jupiter, Saturn, Uranus, and Neptune. During their journeys, the spacecraft revealed the first active volcanoes beyond Earth, on Jupiter's moon Io, and an atmosphere rich with organic molecules on Saturn's moon Titan. Voyager 2 remains the only spacecraft to fly by Uranus and Neptune, revealing Uranus' unusual tipped magnetic poles, and the icy geysers erupting from Neptune's moon Triton. The mission "transformed our understanding of the solar system, and is still providing useful data today," writes hackertourist. (Watch Stone speak in this 2018 video about the Voyager 2 spacecraft.) NASA's announcement also includes stories of Stone's desire to engage the public and his thoughtfulness in considering the true boundary of interstellar space. As director of JPL, Stone was responsible for more than two dozen other missions, including landing NASA's Pathfinder mission with the first Mars rover in 1996. "Ed Stone was a trailblazer who dared mighty things in space. He was a dear friend to all who knew him, and a cherished mentor to me personally," said Nicola Fox, associate administrator for the Science Mission Directorate at NASA Headquarters in Washington. "Ed took humanity on a planetary tour of our solar system and beyond, sending NASA where no spacecraft had gone before. His legacy has left a tremendous and profound impact on NASA, the scientific community, and the world."

Read more of this story at Slashdot.

Categories: Computer, News

CISA Head Warns Big Tech's 'Voluntary' Approach to Deepfakes Isn't Enough

Slashdot - Sun, 2024-06-16 16:34
The Washington Post reports: Commitments from Big Tech companies to identify and label fake artificial-intelligence-generated images on their platforms won't be enough to keep the tech from being used by other countries to try to influence the U.S. election, said the head of the Cybersecurity and Infrastructure Security Agency. AI won't completely change the long-running threat of weaponized propaganda, but it will "inflame" it, CISA Director Jen Easterly said at The Washington Post's Futurist Summit on Thursday. Tech companies are doing some work to try to label and identify deepfakes on their platforms, but more needs to be done, she said. "There is no real teeth to these voluntary agreements," Easterly said. "There needs to be a set of rules in place, ultimately legislation...." In February, tech companies, including Google, Meta, OpenAI and TikTok, said they would work to identify and label deepfakes on their social media platforms. But their agreement was voluntary and did not include an outright ban on deceptive political AI content. The agreement came months after the tech companies also signed a pledge organized by the White House that they would label AI images. Congressional and state-level politicians are debating numerous bills to try to regulate AI in the United States, but so far the initiatives haven't made it into law. The E.U. parliament passed an AI Actt year, but it won't fully go into force for another two years.

Read more of this story at Slashdot.

Categories: Computer, News

Pages