TurboTax-parent Intuit said on Wednesday it will let go of about 1,800 employees, or 10% of its workforce, as it looks to focus on its AI-powered tax preparation software and other financial products. From a report: The company, which has invested heavily in providing generative AI powered accounting and tax preparation tools for small and medium businesses in the past few years, expects to close two of its sites in Edmonton, Canada and Boise, Idaho. Intuit will rehire 1,800 new people primarily in engineering, product and customer-facing roles, CEO Sasan Goodarzi said in a note to employees.

Read more of this story at Slashdot.

Google has streamlined its Advanced Protection Program, allowing users to enroll using a single passkey instead of two physical security keys. The program, designed for individuals at high risk of targeted online attacks, now uses built-in biometric authentication on Pixel phones and iPhones.

Read more of this story at Slashdot.

An anonymous reader quotes a report from the BBC: US officials say they have taken action against an AI-powered information operation run from Russia, including nearly 1,000 accounts pretending to be Americans. The accounts on X were designed to spread pro-Russia stories but were automated "bots" -- not real people. In court documents made public Tuesday the US justice department said the operation was devised by a deputy editor at Kremlin-owned RT, formerly Russia Today. RT runs TV channels in English and several other languages, but appears much more popular on social media than on conventional airwaves. The justice department seized two websites that were used to issue emails associated with the bot accounts, and ordered X to turn over information relating to 968 accounts that investigators say were bots. According to the court documents, artificial intelligence was used to create the accounts, which then spread pro-Russian story lines, particularly about the war in Ukraine. "Today's actions represent a first in disrupting a Russian-sponsored generative AI-enhanced social media bot farm," said FBI Director Christopher Wray. "Russia intended to use this bot farm to disseminate AI-generated foreign disinformation, scaling their work with the assistance of AI to undermine our partners in Ukraine and influence geopolitical narratives favorable to the Russian government," Mr Wray said in a statement. The accounts now appear to have been deleted by X, and screenshots shared by FBI investigators indicated that they had very few followers.

Read more of this story at Slashdot.

On Monday, the biggest labor union at Samsung Electronics launched its first strike in the tech giant's 55-year history, vowing to continue indefinitely until its demands for better pay and benefits are met. According to Reuters, "The National Samsung Electronics Union (NSEU), whose roughly 30,000 members make up almost a quarter of the firm's South Korean workforce, said it has decided to continue striking because management has shown no indication of holding talks [...]." From the report: "We haven't spoken to management since we started the strike on Monday," said Lee Hyun-kuk, the union's vice president. The union said it would extend the strike initially planned to last three days through Wednesday. Lee told Reuters that the union found its strike has disrupted production on certain chip lines such as with equipment running more slowly. Samsung previously said the strike has caused no disruption to production. Lee said about 6,500 workers have been participating in the strike and that the union will encourage more members to join. Union officials have disputed reports of low participation, telling Reuters that the five-year-old body did not have enough time to educate members about the labor issues. The union held a training session on Tuesday and will conduct another on Wednesday. Analysts said it would be difficult to verify whether the strike has disrupted production unless the union provides details of wafers and processes. The union said it has revised demands to include a 3.5% increase in base salary and, instead of an extra day's annual leave, a day off to mark the union's founding. Lee said the management previously offered a 3% rise in base salary but the union wants 3.5% to better reflect inflation.

Read more of this story at Slashdot.

A US District Court judge in San Francisco has largely dismissed a class-action lawsuit against GitHub, Microsoft, and OpenAI, which challenged the legality of using code samples to train GitHub Copilot. The judge ruled that the plaintiffs failed to establish a claim for restitution or unjust enrichment but allowed the claim for breach of open-source license violations to proceed. InfoWorld reports: The lawsuit, first filed in Nov. 2022, claimed that GitHub's training of the Copilot AI on public GitHub code repositories violated the rights of the "vast number of creators" who posted code under open-source licenses on GitHub. The complaint (PDF) alleged that "Copilot ignores, violates, and removes the Licenses offered by thousands -- possibly millions -- of software developers, thereby accomplishing software piracy on an unprecedented scale." [...] In a decision first announced on June 24, but only unsealed and made public on July 5, California Northern District judge Jon S. Tigar wrote that "In sum, plaintiff's claims do not support the remedy they seek. Plaintiffs have failed to establish, as a matter of law, that restitution for any unjust enrichment is available as a measure of plaintiffs' damages for their breach of contract claims." Judge Tigar went on to state that "court dismisses plaintiffs' section 1202(b) claim, this time with prejudice. The Court declines to dismiss plaintiffs' claim for breach of contract of open-source license violations against all defendants. Finally, the court dismisses plaintiffs' request for monetary relief in the form of unjust enrichment, as well as plaintiffs' request for punitive damages."

Read more of this story at Slashdot.

When comparing your language to a snake*, be careful to not get bitten. (*Yes, I know, the name of the language is a reference to Monty Python, not snakes). Original. --Remy

"I don't have a whole lot of experience in Python," writes Jakob, "in fact, when I was hired, the only thing I knew about the language was that whitespace was important."

"Fortunately — actually, unfortunately — it doesn't take a whole lot of experience in Python to recognize that my company's codebase is... well... sub-optimal. Submitted for your approval is a method used to generate a password, found in our network security library."

def genpassword(wlc,maxchar,txt,List,verbose): word = "" i1 = i2 = i3 = i4 = i5 = i6 = i6 = i7 = i8 = i9 = i10 = i11 = i12 = i13 = i14 = i15 = 0 txtfile = open(txt,'w') i = 0 mc = int(maxchar) - 1 lword = [0] for i in range(mc): lword += [0] for i1 in range(len(wlc)): for i2 in range(len(wlc)): for i3 in range(len(wlc)): for i4 in range(len(wlc)): for i5 in range(len(wlc)): for i6 in range(len(wlc)): for i7 in range(len(wlc)): for i8 in range(len(wlc)): for i9 in range(len(wlc)): for i10 in range(len(wlc)): for i11 in range(len(wlc)): for i12 in range(len(wlc)): for i13 in range(len(wlc)): for i14 in range(len(wlc)): for i15 in range(len(wlc)): if int(maxchar) == 1 : word = wlc[i15] if int(maxchar) == 2 : word = wlc[i14] + wlc[i15] if int(maxchar) == 3 : word = wlc[i13] + wlc[i14] + wlc[i15] if int(maxchar) == 4 : word = wlc[i12] + wlc[i13] + wlc[i14] + wlc[i15] if int(maxchar) == 5 : word = wlc[i11] + wlc[i12] + wlc[i13] + wlc[i14] \ + wlc[i15] if int(maxchar) == 6 : word = wlc[i10] + wlc[i11] + wlc[i12] + wlc[i13] \ + wlc[i14] + wlc[i15] if int(maxchar) == 7 : word = wlc[i9] + wlc[i10] + wlc[i11] + wlc[i12] \ + wlc[i13] + wlc[i14] + wlc[i15] if int(maxchar) == 8 : word = wlc[i8] + wlc[i9] + wlc[i10] + wlc[i11] \ + wlc[i12] + wlc[i13] + wlc[i14] + wlc[i15] if int(maxchar) == 9 : word = wlc[i7] + wlc[i8] + wlc[i9] + wlc[i10] \ + wlc[i11] + wlc[i12] + wlc[i13] + wlc[i14] + wlc[i15] if int(maxchar) == 10 : word = wlc[i6] + wlc[i7] + wlc[i8] + wlc[i9] \ + wlc[i10] + wlc[i11] + wlc[i12] + wlc[i13] + wlc[i14] \ + wlc[i15] if int(maxchar) == 11 : word = wlc[i5] + wlc[i6] + wlc[i7] + wlc[i8] \ + wlc[i9] + wlc[i10] + wlc[i11] + wlc[i12] + wlc[i13] \ + wlc[i14] + wlc[i15] if int(maxchar) == 12 : word = wlc[i4] + wlc[i5] + wlc[i6] + wlc[i7] + wlc[i8] \ + wlc[i9] + wlc[i10] + wlc[i11] + wlc[i12] + wlc[i13] \ + wlc[i14] + wlc[i15] if int(maxchar) == 13 : word = wlc[i3] + wlc[i4] + wlc[i5] + wlc[i6] \ + wlc[i7] + wlc[i8] + wlc[i9] + wlc[i10]\ + wlc[i11] + wlc[i12] + wlc[i13] \ + wlc[i14] + wlc[i15] if int(maxchar) == 14 : word = wlc[i2] +wlc[i3] + wlc[i4] + wlc[i5] + wlc[i6] \ + wlc[i7] + wlc[i8] + wlc[i9] + wlc[i10]\ + wlc[i11] + wlc[i12] + wlc[i13] \ + wlc[i14] + wlc[i15] if int(maxchar) == 15 : word = wlc[i1] + wlc[i2] + wlc[i3] + wlc[i4] \ + wlc[i5] + wlc[i6] + wlc[i7] + wlc[i8] + wlc[i9] \ + wlc[i10] + wlc[i11] + wlc[i12] + wlc[i13] \ + wlc[i14] + wlc[i15] if int(verbose) == 1: print word txtfile.writelines(word + "\n") i = 0 end = 0 if int(List) == 1 : for i in range(len(word)): lword[i] = "9" if str(lword) == str(list(word)): end = 1 elif (int(List) == 2): for i in range(len(word)): lword[i] = "z" if str(lword) == str(list(word)): end = 1 elif (int(List) == 3): for i in range(len(word)): lword[i] = "Z" if str(lword) == str(list(word)): end = 1 elif (int(List) == 4): for i in range(len(word)): lword[i] = "z" if str(lword) == str(list(word)): end = 1 elif (int(List) == 5): for i in range(len(word)): lword[i] = "Z" if str(lword) == str(list(word)): end = 1 elif (int(List) == 6): for i in range(len(word)): lword[i] = "Z" if str(lword) == str(list(word)): end = 1 if end == 1 : break if end == 1 : break if end == 1 : break if end == 1 : break if end == 1 : break if end == 1 : break if end == 1 : break if end == 1 : break if end == 1 : break if end == 1 : break if end == 1 : break if end == 1 : break if end == 1 : break if end == 1 : break if end == 1 : break txtfile.close()

Jakob continues, "I can only hope this language doesn't have a goto statement..."

[Advertisement] BuildMaster allows you to create a self-service release management platform that allows different teams to manage their applications. Explore how!

An anonymous reader quotes a report from Ars Technica: Northwest Oregon had never seen anything like it. Over the course of three days in June 2021, Multnomah County -- the state's most populous county, which rests in the swayback along Oregon's northern border -- recorded highs of 108, 112, and 116 degrees Fahrenheit. Temperatures were so hot that the metal on cable cars melted and the asphalt on roadways buckled. Nearly half the homes in the county lacked cooling systems because of Oregon's typically gentle summers, where average highs top out at 81 degrees. Sixty-nine people perished from heat stroke, most of them in their homes. When scientific studies showed that the extreme temperatures were caused by heat domes, which experts say are influenced by climate change, county officials didn't just chalk it up to a random weather occurrence. They started researching the large fossil fuel companies whose emissions are driving the climate crisis -- including ExxonMobil, Shell, and Chevron -- and sued them (PDF). "This catastrophe was not caused by an act of God," said Jeffrey B. Simon, a lawyer for the county, "but rather by several of the world's largest energy companies playing God with the lives of innocent and vulnerable people by selling as much oil and gas as they could." Now, 11 months after the suit was filed, Multnomah County is preparing to move forward with the case in Oregon state court after a federal judge in June settled (PDF) a monthslong debate over where the suit should be heard. About three dozen lawsuits have been filed by states, counties, and cities seeking damages from oil and gas companies for harms caused by climate change. Legal experts said the Oregon case is one of the first focused on public health costs related to high temperatures during a specific occurrence of the "heat dome effect." Most of the other lawsuits seek damages more generally from such ongoing climate-related impacts as sea level rise, increased precipitation, intensifying extreme weather events, and flooding. [...] The Multnomah County lawsuit says that Exxon, Shell, Chevron, and others engaged in a range of improper practices, including negligence, creating a public nuisance, fraud, and deceit. The suit alleges that the companies were aware of the harms of fossil fuels and engaged in a "scheme to rapaciously sell fossil fuel products and deceptively promote them as harmless to the environment, while they knew that carbon pollution emitted by their products into the atmosphere would likely cause deadly extreme heat events like that which devastated Multnomah County." "We know that climate-induced weather events like the 2021 Heat Dome harm the residents of Multnomah County and cause real financial costs to our local government," Multnomah County Chair Jessica Vega Pederson said in a statement. "The Court's decision to hear this lawsuit in State Court validates our assertion that the case should be resolved here -- it's an important win for this community." In the suit, officials in Portland's Multnomah County said that they will ultimately incur costs in excess of $1.5 billion to deal with the effects of the 2021 heat dome. "We allege that this is just like any other kind of public health crisis and mass destruction of property that is caused by corporate wrongdoing," said Simon, partner in the law firm of Simon Greenstone Panatier. "We contend that these companies polluted the atmosphere with carbon from the burning of fossil fuels; that they foresaw that extreme environmental harm would be caused by it; that some of them, we contend, deliberately misled the public about that."

Read more of this story at Slashdot.

Eton College, Britain's elite boarding school with alumni that includes Princes William and Harry, as well as George Orwell and a long list of others, is banning incoming students from having smartphones. Instead, the school will provide students with a Nokia "brick" phone, which will only be capable of making calls and sending text messages. CBS News reports: Parents of first-year students at Eton -- where tuition exceeds $60,000 per year -- were informed of the changes in a letter, which said that incoming 13-year-old boarders should have their smart devices taken home after their SIM cards are transferred to offline Nokia phones provided by the school, which can only make calls and send simple text messages. Eton's previous rules on smartphones required first-year students to hand over their devices overnight. "Eton routinely reviews our mobile phone and devices policy to balance the benefits and challenges that technology brings to schools," a spokesperson for the school told CBS News on Tuesday, adding that those joining in Year 9, essentially the equivalent of freshman year in high school for American students, "will receive a 'brick' phone for use outside the school day, as well as a school-issued iPad to support academic study." The spokesperson added that "age-appropriate controls remain in place for other year groups." The ban follows a recent guidance issued by the UK government backing school principals who decide to ban smartphones during the school day. The goal is to help minimize disruption and improve classroom behavior.

Read more of this story at Slashdot.

Scharon Harding reports via Wired: In 2019, Nike got closer than ever to its dreams of popularizing self-tying sneakers by releasing the Adapt BB. Using Bluetooth, the sneakers paired to the Adapt app that let users do things like tighten or loosen the shoes' laces and control its LED lights. However, Nike has announced that it's "retiring" the app on August 6 (Warning: source may be paywalled; alternative source), when it will no longer be downloadable from Apple's App Store or the Google Play Store; nor will it be updated. In an announcement recently spotted by The Verge, Nike's brief explanation for discontinuing the app is that Nike "is no longer creating new versions of Adapt shoes." The company started informing owners about the app's retirement about four months ago. Those who already bought the shoes can still use the app after August 6, but it's expected that iOS or Android updates will eventually make the app unusable. Also, those who get a new device won't be able to download Adapt after August 6. Without the app, wearers are unable to change the color of the sneaker's LED lights. The lights will either maintain the last color scheme selected via the app or, per Nike, "if you didn't install the app, light will be the default color." While owners will still be able to use on-shoe buttons to turn the shoes on or off, check its battery, adjust the lace's tightness, and save fit settings, the ability to change lighting and control the shoes via mobile phone were big selling points of the $350 kicks.

Read more of this story at Slashdot.

Instead of "handmade" and "vintage," Etsy created four new classifications for sellers on the site: "made by," "designed by," "handpicked by," and "sourced by." In order for products to be sold on Etsy, they'll now need to fall into one of these four categories. The Verge reports: Vintage items -- a backbone of Etsy's offerings -- will fall under "handpicked by," though these items will also have "vintage" labels on product listings. Craft supplies like beads or clay are considered "sourced by." A vase handmade by a ceramics artist would be in the "made by" category, whereas a digital illustration would be considered "designed by" the seller. These categories will be visible on Etsy product listings. The company says that this won't change anything in practice -- things that were previously prohibited, like the reselling of items made by someone else, still won't be allowed under the new policy. "The consistent theme here is that items are infused with a human touch, because that's what makes Etsy, well, Etsy," CEO Josh Silverman said in a video message. The goal for the new categories, the company says, is to provide more details to shoppers about how an item is made and how a seller was involved in the process. Etsy has differentiated itself from other marketplaces like Amazon or Temu, emphasizing itself as a place to find unique items made by an artisan or selected by a curator. But over the years, the company has loosened its rules around what exactly counts as "handmade."

Read more of this story at Slashdot.

An anonymous reader quotes a report from the Washington Post: Federal regulators have for the first time banned a digital platform from serving users under 18 (Warning: source may be paywalled; alternative source), accusing the app -- known as NGL -- of exaggerating its ability to use artificial intelligence to curb cyberbullying in a groundbreaking settlement. Anapp popular among children and teens, NGL aggressively marketed to young users despite risks of bullying on the anonymous messaging site, the Federal Trade Commission and the Los Angeles District Attorney's Office alleged in a complaint unveiled Tuesday. The complaint alleged that NGL tricked users into paying for subscriptions by sending them computer-generated messages appearing to be from real people and offering a service for as much as $9.99 a week to find out their real identity. People who signed up received only "hints" of those identities, whether they were real or not, enforcers said. After users complained about the "bait-and switch tactic," executives at the company "laughed off" their concerns, referring to them as "suckers," the FTC said in an announcement. NGL, internet shorthand for "not gonna lie," agreed to pay $5 million and stop marketing to kids and teens to settle the lawsuit, which also alleged that the company violated children's privacy laws by collecting data from youths under 13 without parental consent. The settlement marks a major milestone in the federal government's efforts to tackle concerns that tech platforms are exposing children to noxious material and profiting from it. And it's one of the most significant actions by the FTC under Chair Lina Khan, who has dialed up scrutiny of the tech sector at the agency since taking over in 2021. "We will keep cracking down on businesses that unlawfully exploit kids for profit," Khan (D) said in a statement. NGL co-founder Joao Figueiredo said in a statement Tuesday that the company cooperated with the FTC's investigation for nearly two years and viewed the "resolution as an opportunity to make NGL better than ever." "While we believe many of the allegations around the youth of our user base are factually incorrect, we anticipate that the agreed upon age-gating and other procedures will now provide direction for others in our space, and hopefully improve policies generally."

Read more of this story at Slashdot.

OpenAI CEO Sam Altman and businesswoman Arianna Huffington have announced they're working on an "AI health coach" via Thrive AI Health. According to a Time magazine op-ed, the two executives said that the bot will be trained on "the best peer-reviewed science" alongside "the personal biometric, lab, and other medical data you've chosen to share with it." The Verge reports: The company tapped DeCarlos Love, a former Google executive who previously worked on Fitbit and other wearables, to be CEO. Thrive AI Health also established research partnerships with several academic institutions and medical centers like Stanford Medicine, the Rockefeller Neuroscience Institute at West Virginia University, and the Alice L. Walton School of Medicine. (The Alice L. Walton Foundation is also a strategic investor in Thrive AI Health.) Thrive AI Health's goal is to provide powerful insights to those who otherwise wouldn't have access -- like a single mother looking for quick meal ideas for her gluten-free child or an immunocompromised person in need of instant advice in between doctor's appointments. [...] The bot is still in its early stages, adopting an Atomic Habits approach. Its goal is to gently encourage small changes in five key areas of your life: sleep, nutrition, fitness, stress management, and social connection. By making minor adjustments, such as suggesting a 10-minute walk after picking up your child from school, Thrive AI Health aims to positively impact people with chronic conditions like heart disease. It doesn't claim to be ready to provide real diagnosis like a doctor would but instead aims to guide users into a healthier lifestyle. "AI is already greatly accelerating the rate of scientific progress in medicine -- offering breakthroughs in drug development, diagnoses, and increasing the rate of scientific progress around diseases like cancer," the op-ed read.

Read more of this story at Slashdot.

wiredmikey shares a report from SecurityWeek: Security vendor InkBridge Networks on Tuesday called urgent attention to the discovery of a thirty-year-old design flaw in the RADIUS protocol and warned that advanced attackers can launch exploits to authenticate anyone to a local network, bypassing any multi-factor-authentication (MFA) protections. The company published a technical description of what is being called the BlastRADIUS attack and warned that corporate networks such as internal enterprise networks, ISPs, and telcos are exposed to major risk. The vulnerability is being tracked as CVE-2024-3596 and VU#456537. "The root cause of the attack is that in the RADIUS protocol, some Access-Request packets are not authenticated and lack integrity checks. An attacker can modify these packets in a way which allows them to control who gets onto the network," the research team explained (PDF). The RADIUS protocol, first standardized in the late 1990s, is used to control network access via authentication, authorization, and accounting and is still used widely today in switches, routers, access points and VPN products. "All of those devices are likely vulnerable to this attack," the researchers warned. "The key to the attack is that in many cases, Access-Request packets have no authentication or integrity checks. An attacker can then perform a chosen prefix attack, which allows modifying the Access-Request in order to replace a valid response with one chosen by the attacker. Even though the response is authenticated and integrity checked, the chosen prefix vulnerability allows the attacker to modify the response packet, almost at will," according to the InkBridge Networks documentation. The researchers say that every single RADIUS server must be upgraded in order to protect against this vulnerability. "It is not sufficient to upgrade only RADIUS clients, as doing so will allow the network to remain vulnerable."

Read more of this story at Slashdot.

An anonymous reader quotes a report from The Guardian: A court in south-west Spain has sentenced 15 schoolchildren to a year's probation for creating and spreading AI-generated images of their female peers in a case that prompted a debate on the harmful and abusive uses of deepfake technology. Police began investigating the matter last year after parents in the Extremaduran town of Almendralejo reported that faked naked pictures of their daughters were being circulated on WhatsApp groups. The mother of one of the victims said the dissemination of the pictures on WhatsApp had been going on since July. "Many girls were completely terrified and had tremendous anxiety attacks because they were suffering this in silence," she told Reuters at the time. "They felt bad and were afraid to tell and be blamed for it." On Tuesday, a youth court in the city of Badajoz said it had convicted the minors of 20 counts of creating child abuse images and 20 counts of offenses against their victims' moral integrity. Each of the defendants was handed a year's probation and ordered to attend classes on gender and equality awareness, and on the "responsible use of technology." [...] Police identified several teenagers aged between 13 and 15 as being responsible for generating and sharing the images. Under Spanish law minors under 14 cannot be charged but their cases are sent to child protection services, which can force them to take part in rehabilitation courses. Further reading: First-Known TikTok Mob Attack Led By Middle Schoolers Tormenting Teachers

Read more of this story at Slashdot.

The Federal Communications Commission said it is preparing to block a phone company that carried illegal robocalls pushing fake programs that promised to wipe out consumers' tax debt. From a report: Veriwave Telco "has not complied with FCC call blocking rules for providers suspected of carrying illegal traffic" and now has two weeks to contest an order that would require all downstream voice providers to block all of the telco's call traffic, the FCC announced yesterday. Robocalls sent in the months before tax filing season "purported to provide information about a 'National Tax Relief Program' and, in some instances, also discussed a 'Tax Dismissal Program,'" the FCC order said. "The [Enforcement] Bureau has found no evidence of the existence of either program. Many of the messages further appealed to recipients with the offer to 'rapidly clear' their tax debt." Call recipients who listened to the prerecorded message and chose to speak to an operator were then asked to provide private information. Nearly 16 million calls were sent, though it's unclear how many went through Veriwave.

Read more of this story at Slashdot.

A U.S. government agency tasked with supporting the nation's nuclear deterrence capability has bought access to a data tool that claims to cover more than 90 percent of the world's internet traffic, and can in some cases let users trace activity through virtual private networks, according to documents obtained by 404 Media. From the report: The documents provide more insight into the use cases and customers of so-called netflow data, which can show which server communicated with another, information that is ordinarily only available to the server's owner, or the internet service provider (ISP) handling the traffic. Other agencies that have purchased the data include the U.S. Army, NCIS, FBI, IRS, with some government clients saying it would take too long to get data from the NSA, so they bought this tool instead. In this case, the Defense Threat Reduction Agency (DTRA) says it is using the data to perform vulnerability assessments of U.S. and allied systems. A document written by the DTRA and obtained by 404 Media says the agency "has a requirement to support ongoing assessments of the vulnerability of critical U.S. and allied national/theater mission systems, networks, architectures, infrastructures, and assets." The tool "is capable of following communications between servers, even private servers," which allows the agency to identify infrastructure used by malicious actors, the document continues. That contract was for $490,000 in 2023, according to the document. 404 Media obtained the document and others under a Freedom of Information Act (FOIA) request.

Read more of this story at Slashdot.

williamyf writes: Mozilla has released version 128 of the Firefox web browser. Some noteworthy features include: "Firefox can now translate selections of text and hyperlinked text to other languages from the context menu. [...] Firefox now has a simpler and more unified dialog for clearing user data. In addition to streamlining data categories, the new dialog also provides insights into the site data size corresponding to the selected time range. [...] On macOS, microphone capture through getUserMedia will now use system-provided voice processing when applicable, improving audio quality." More info in the release notes here. But the most important feature of 128 is that it is the newest ESR. Why is this important? Glad you asked: * Firefox ESR is the browser of choice for many Linux distros (including Debian), so this is important for the Linux community at large.* Many downstream projects (like Thunderbird or KAiOS) use Firefox ESR as their base, so whatever is included in 128 will determine the capabilities of those projects for the next year.* Many ISVs (software makers), both big and small, test/certify their software only against the ESR version of Firefox. For users of such software, the new ESR is very important.* Many companies and individuals value stability of the UI/Workflow over new bells and whistles, for them, ESR is important.* When an OS is discontinued, Mozilla lets the ESR be the last browser on the platform, exceeding the support window of the likes of Alphabeth, Apple or Microsoft, so for people on older OSs, ESR is important. Link to download (the ESR) here.

Read more of this story at Slashdot.

An anonymous reader shares a report: Cars have been able to figure out when they're speeding for a while, thanks to GPS as well as traffic sign recognition, and they've also been able to pump the brakes automatically when needed. Having a computer automatically slow down a car in response to posted speed limits, therefore, was not really a question of technical feasibility for some time -- but mandating it has been a question of political will. That political will has materialized in the European Union, and starting July 7 all new cars sold in the EU will feature intelligent speed assistance (ISA) systems. The systems themselves have been working their way into newly introduced models of cars starting in 2022, so quite a few new cars on the road already feature them. The July 2024 regulation extends that mandate to all new vehicles being manufactured for sale in the EU. The objective is to protect Europeans against traffic accidents, poor air quality and climate change, empower them with new mobility solutions that match their changing needs, and defend the competitiveness of European industry," the European Commission said in a statement. The systems themselves operate through traffic sign recognition, as well as navigation systems. There will be four ways in which ISA systems will work to slow the vehicle down, and it will be up to the manufacturers to pick which one they want to use. The EU regulations permit a system that can use a cascaded acoustic warning, a cascaded vibrating warning, an accelerator pedal with haptic feedback, or a speed control function in which the speed of the vehicle will be gradually reduced.

Read more of this story at Slashdot.

Australia's government cybersecurity agency on Tuesday accused a China-backed hacker group of stealing passwords and usernames from two unnamed Australian networks in 2022, adding that the group remained a threat. From a report: A joint report led by the Australian Cyber Security Centre said the hackers, named APT40, had conducted malicious cyber operations for China's Ministry of State Security, the main agency overlooking foreign intelligence. "The activity and techniques overlap with the groups tracked as Advanced Persistent Threat (APT) 40," said the report, which included inputs from lead cyber security agencies for the United States, Britain, Canada, New Zealand, Japan, South Korea and Germany. U.S. and British officials in March had accused Beijing of a sweeping cyberespionage campaign that allegedly hit millions of people including lawmakers, academics and journalists, and companies including defense contractors. They said China-backed "APT31" was responsible for the network intrusion.

Read more of this story at Slashdot.

Google will extend its Dark Web monitoring service to all account holders starting late July 2024, following the closure of its VPN offering last month. The feature, which scans for personal data compromised in breaches, was previously exclusive to Google One subscribers in dozens of countries.

Read more of this story at Slashdot.