spatwei writes: Google has used a large language model (LLM) agent called "Big Sleep" to discover a previously unknown, exploitable memory flaw in a widely used software for the first time, the company announced Friday. The stack buffer underflow vulnerability in a development version of the popular open-source database engine SQLite was found through variant analysis by Big Sleep, which is a collaboration between Google Project Zero and Google DeepMind. Big Sleep is an evolution of Project Zero's Naptime project, which is a framework announced in June that enables LLMs to autonomously perform basic vulnerability research. The framework provides LLMs with tools to test software for potential flaws in a human-like workflow, including a code browser, debugger, reporter tool and sandbox environment for running Python scripts and recording outputs. The researchers provided the Gemini 1.5 Pro-driven AI agent with the starting point of a previous SQLIte vulnerability, providing context for Big Sleep to search for potential similar vulnerabilities in newer versions of the software. The agent was presented with recent commit messages and diff changes and asked to review the SQLite repository for unresolved issues. Google's Big Sleep ultimately identified a flaw involving the function "seriesBestIndex" mishandling the use of the special sentinel value -1 in the iColumn field. Since this field would typically be non-negative, all code that interacts with this field must be designed to handle this unique case properly, which seriesBestIndex fails to do, leading to a stack buffer underflow.

Read more of this story at Slashdot.

India's capital territory of Delhi is keen to use artificial rain to fight air pollution this year, its Environment Minister Gopal Rai said on Tuesday, as deteriorating air quality in the region led to an increase in respiratory illnesses. From a report: Large swathes of north India battle pollution each winter as cold air traps dust, vehicle emissions and smoke from farm fires in the breadbasket states of Punjab and Haryana, shrouding the national capital and its suburbs in a toxic haze. Cloud-seeding - the method of triggering rain by seeding clouds with salts - was considered to curb pollution in 2023 too but the plan did not materialise due to unfavourable weather conditions. "I appeal to the federal environment minister...now in Delhi and north India, the pollution has reached the border of 400," Rai told reporters, referring to the air quality index (AQI) score on Tuesday. "The next 10 days are quite crucial...help us get permission for artificial rain, call a meeting," he said. About a third of Delhi's 39 monitoring stations showed a severe AQI score of more than 400 on Tuesday, a level which affects healthy people but is more serious for those fighting disease. An air quality score of zero to 50 is considered good.

Read more of this story at Slashdot.

India's government challenged Wikipedia's legal immunity as a tech platform on Tuesday, issuing a notice questioning whether the online encyclopedia should be reclassified as a publisher. The move follows Delhi High Court warnings to suspend Wikipedia's India operations over a defamation case filed by Asian News International. The news agency seeks to unmask contributors who labeled it a "government propaganda tool." Justice Navin Chawla threatened contempt proceedings after Wikipedia cited its lack of physical presence in India to request more time for disclosing user information. The court deemed the site's open editing feature "dangerous."

Read more of this story at Slashdot.

Apple is exploring a push into smart glasses with an internal study of products currently on the market, setting the stage for the company to follow Meta into an increasingly popular category. From a report: The initiative, code-named Atlas, got underway last week and involves gathering feedback from Apple employees on smart glasses, according to people with knowledge of the matter. Additional focus groups are planned for the near future, said the people, who asked not to be identified because the work is secret. The studies are being led by Apple's Product Systems Quality team, part of the hardware engineering division. "Testing and developing products that all can come to love is very important to what we do at Apple," the group wrote in an email to select employees at the company's headquarters in Cupertino, California. "This is why we are looking for participants to join us in an upcoming user study with current market smart glasses."

Read more of this story at Slashdot.

An anonymous reader quotes a report from the New York Times: Meta will allow U.S. government agencies and contractors working on national security to use its artificial intelligence models for military purposes, the company said on Monday, in a shift from its policy that prohibited the use of its technology for such efforts. Meta said that it would make its A.I. models, called Llama, available to federal agencies and that it was working with defense contractors such as Lockheed Martin and Booz Allen as well as defense-focused tech companies including Palantir and Anduril. The Llama models are "open source," which means the technology can be freely copied and distributed by other developers, companies and governments. Meta's move is an exception to its "acceptable use policy," which forbade the use of the company's A.I. software for "military, warfare, nuclear industries," among other purposes. In a blog post on Monday, Nick Clegg, Meta's president of global affairs, said the company now backed "responsible and ethical uses" of the technology that supported the United States and "democratic values" in a global race for A.I. supremacy. "Meta wants to play its part to support the safety, security and economic prosperity of America -- and of its closest allies too," Mr. Clegg wrote. He added that "widespread adoption of American open source A.I. models serves both economic and security interests." The company said it would also share its technology with members of the Five Eyes intelligence alliance: Canada, Britain, Australia and New Zealand in addition to the United States.

Read more of this story at Slashdot.

The Federal Energy Regulatory Commission (FERC) blocked Amazon's bid to access more power from the Susquehanna nuclear plant for its Pennsylvania data center, citing grid reliability and consumer cost concerns. The Hill reports: In a 2-1 decision, the FERC found the regional grid operator, PJM Interconnection, failed to prove that the changes to the transmission agreement with Susquehanna power plant were necessary. The regulator's two Republican commissioners, Mark Christie and Lindsay See, outvoted Democratic chair Willie Phillips. The chair's two fellow Democratic commissioners, David Rosner and Judy Chang, sat out the vote. "Co-location arrangements of the type presented here present an array of complicated, nuanced and multifaceted issues, which collectively could have huge ramifications for both grid reliability and consumer costs," Christie wrote in a concurring statement. In a dissenting statement, Phillips argued the deal with Amazon "represents a 'first of its kind' co-located load configuration" and that Friday's decision is a "step backward for both electric reliability and national security." "We are on the cusp of a new phase in the energy transition, one that is characterized as much by soaring energy demand, due in large part to AI, as it is by rapid changes in the resource mix," Phillips wrote. Amazon purchased a 960-megawatt data center next to the Susquehanna power plant for $650 million earlier this year. Following the announcement, PJM sought to increase the amount of power running directly to the co-located data center. However, the move faced pushback from regional utilities, including Exelon and American Electric Power (AEP).

Read more of this story at Slashdot.

Astronomers have discovered a supermassive black hole in the early Universe devouring matter at over 40 times the Eddington limit. ScienceAlert reports: Led by astronomer Hyewon Suh of Gemini Observatory and NSF's NOIRLab, a team of researchers used JWST to take follow-up observations of a smattering of galaxies identified by the Chandra X-ray Observatory that were bright in X-rays but dim in other wavelengths. When they got to LID-568, they were having trouble identifying its distance across space-time. The galaxy was very faint and very hard to see; but, using the integral field spectrograph on JWST's NIRSpec instrument, the team homed in on the galaxy's exact position. LID-568's far-off location is surprising. Although the object is faint from our position in the Universe, its distance means it must be incredibly intrinsically bright. Detailed observations revealed powerful outflows from the supermassive black hole, a signature of accretion as some of the material is being diverted and blasted into space. A painstaking analysis of the data revealed that the supermassive black hole is a relatively small one, as supermassive black holes go; just 7.2 million times the mass of the Sun. And the amount of light being produced by the material around the disk was much, much higher than a black hole of this mass should be capable of producing. It suggests an accretion rate some 40 times higher than the Eddington limit. At this rate, the period of super-Eddington accretion should be extremely brief, which means Suh and her team were extremely lucky to catch it in action. And we expect that LID-568 will become a popular observation target for black hole scientists, allowing us a rare glimpse into super-Eddington processes. The research has been published in Nature Astronomy.

Read more of this story at Slashdot.

An anonymous reader quotes a report from The Guardian: Sweden has vetoed plans for 13 offshore windfarms in the Baltic Sea, citing unacceptable security risks. The country's defence minister, Pal Jonson, said on Monday that the government had rejected plans for all but one of 14 windfarms planned along the east coast. The decision comes after the Swedish armed forces concluded last week that the projects would make it more difficult to defend Nato's newest member. The proposed windfarms would have been located between Aland, the autonomous Finnish region between Sweden and Finland, and the Sound, the strait between southern Sweden and Denmark. The Russian exclave of Kaliningrad is only about 310 miles (500km) from Stockholm. Wind power could affect Sweden's defence capabilities across sensors and radars and make it harder to detect submarines and possible attacks from the air if war broke out, Jonson said. The only project to receive the green light to was Poseidon, which will include as many as 81 wind turbines to produce 5.5 terawatt hours a year off Stenungsund on Sweden's west coast. "Both ballistic robots and also cruise robots are a big problem if you have offshore wind power," Jonson said. "If you have a strong signal detection capability and a radar system that is important, we use the Patriot system for example, there would be negative consequences if there were offshore wind power in the way of the sensors."

Read more of this story at Slashdot.

Apple released the first beta of visionOS 2.2, introducing new "Wide" and "Ultrawide" modes for the Mac Virtual Display feature on the Vision Pro headset. MacRumors reports: Apple has previously said the ultra-wide version of Mac Virtual Display is equivalent to having two physical 4K displays sitting side by side on a desk. Mac Virtual Display is now available in three sizes: Normal, Wide, and Ultrawide. visionOS 2.2 will likely be released to the public in December alongside iOS 18.2, iPadOS 18.2, macOS Sequoia 15.2, watchOS 11.2, tvOS 18.2, and other updates. Further reading: Apple Delays Cut-price Vision Headset Until 2027, Analyst Ming-Chi Kuo Says

Read more of this story at Slashdot.

According to The Verge, Netflix plans to delist almost all of its interactive shows and films as of December 1st. Only four of the 24 interactive titles will remain: Black Mirror: Bandersnatch, Unbreakable Kimmy Schmidt: Kimmy vs. the Reverend, Ranveer vs. Wild with Bear Grylls, and You vs. Wild. From the report: The removal of the titles marks a disappointing conclusion to Netflix's earliest efforts into interactive content. The company first launched the interactive titles in 2017 with Puss in Book: Trapped in an Epic Tale, and I remember being wowed (and horrified) by paths in Black Mirror: Bandersnatch. In addition to specials based on franchises like Carmen Sandiego and Boss Baby, Netflix also tried ideas like a daily trivia series and a trivia game you could play with a friend. But the relatively few titles available suggests the format wasn't much of a hit -- Puss in Book has apparently been gone for a while. "The technology served its purpose, but is now limiting as we focus on technological efforts in other areas," spokesperson Chrissy Kelleher says.

Read more of this story at Slashdot.

Leading fintech and digital asset firms, including Robinhood, Kraken and Galaxy Digital, have introduced a joint stablecoin pegged to the U.S. dollar. Called the Global Dollar Network, it seeks to enhance the stablecoin market by lowering transaction costs, boosting consumer protections, and facilitating cross-border transactions with rewards for institutional participants. Crypto Briefing reports: The network will utilize Paxos's new stablecoin, the Global Dollar (USDG), which complies with the Monetary Authority of Singapore's upcoming stablecoin framework. USDG is designed to return yield on reserve assets to participants who contribute to its adoption, encouraging the development of crypto and financial solutions using the token. The Global Dollar Network aims to address shortcomings in the stablecoin market, such as high transaction costs and limited consumer protections. The network has opened an invite-only phase for select custodians, exchanges, payment processors, merchants, and banks to develop new solutions using USDG. Initial distribution is available on Anchorage Digital, Galaxy Digital, Kraken, and Paxos platforms, with plans to expand access through additional partners in the coming months.

Read more of this story at Slashdot.

An anonymous reader quotes a report from TechCrunch: The CEO of AI search company Perplexity, Aravind Srinivas, has offered to cross picket lines and provide services to mitigate the effect of a strike by New York Times tech workers. The NYT Tech Guild announced its strike Monday, after setting November 4 as its deadline months earlier. The workers represented provide software support and data analysis for the Times, on the business side of the outlet. They have been asking for an annual 2.5% wage increase and to cement a current two days per week in-office expectation, among other things. [...] Picketers demonstrated in front of the NYT building in New York as negotiations continued. Meanwhile, on X, formerly known as Twitter, Perplexity's CEO offered to step in for the striking workers. Replying to Semafor media editor Max Tani quoting the publisher, Srinivas wrote: "Hey AG Sulzberger @nytimes sorry to see this. Perplexity is on standby to help ensure your essential coverage is available to all through the election. DM me anytime here." Many on X immediately castigated Srinivas for acting as a scab -- a derogatory term for people willing to perform the jobs of striking workers. It is widely considered a disreputable behavior in matters of labor and equity. By undercutting collective action, scabs limit the ability of workers to bargain with those in positions of power. Srinivas may simply be trying to make sure people have the information they need on election day. The company has lately unveiled its own elections info hub and map. But to offer its services explicitly as a replacement for striking workers was bound to be an unpopular move. Though TechCrunch asked Perplexity for comment, Srinivas responded to TechCrunch's post on X saying that "the offer was *not* to 'replace' journalists or engineers with AI but to provide technical infra support on a high-traffic day." The striking workers in question, however, are the ones who provide that service to the NYT. It's not really clear what services other than AI tools Perplexity could offer, or why they would not amount to replacing the workers in question.

Read more of this story at Slashdot.

Amazon's Prime Video has introduced "X-Ray Recaps," a generative AI feature that will recap what you're watching. The new tool can create text summaries of "full seasons of TV shows, single episodes, and even pieces of episodes," the company says in a blog post. The Verge reports: X-Ray Recaps will be accessible from the detail page of a show or in X-Ray while you're watching something. The tool "analyzes various video segments, combined with subtitles or dialogue, to generate detailed descriptions of key events, places, times, and conversations," Amazon says. Amazon has also applied "guardrails" to help the feature avoid sharing spoilers and to keep summaries concise. X-Ray Recaps, which is are beta, are coming to Fire TV devices starting today, with support for "additional devices" available by the end of this year, Amazon says. The feature, at launch, will work with all Amazon MGM Studios Original series.

Read more of this story at Slashdot.

Anton Shilov reports via Tom's Hardware: FFmpeg is an open-source video decoding project developed by volunteers who contribute to its codebase, fix bugs, and add new features. The project is led by a small group of core developers and maintainers who oversee its direction and ensure that contributions meet certain standards. They coordinate the project's development and release cycles, merging contributions from other developers. This group of developers tried to implement a handwritten AVX512 assembly code path, something that has rarely been done before, at least not in the video industry. The developers have created an optimized code path using the AVX-512 instruction set to accelerate specific functions within the FFmpeg multimedia processing library. By leveraging AVX-512, they were able to achieve significant performance improvements -- from three to 94 times faster -- compared to standard implementations. AVX-512 enables processing large chunks of data in parallel using 512-bit registers, which can handle up to 16 single-precision FLOPS or 8 double-precision FLOPS in one operation. This optimization is ideal for compute-heavy tasks in general, but in the case of video and image processing in particular. The benchmarking results show that the new handwritten AVX-512 code path performs considerably faster than other implementations, including baseline C code and lower SIMD instruction sets like AVX2 and SSSE3. In some cases, the revamped AVX-512 codepath achieves a speedup of nearly 94 times over the baseline, highlighting the efficiency of hand-optimized assembly code for AVX-512.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: On Friday, Perplexity launched an election information hub that relies on data from The Associated Press and Democracy Works to provide live updates and information about the 2024 US general election, which takes place on Tuesday, November 5. "Starting Tuesday, we'll be offering live updates on elections using data from The Associated Press so you can stay informed on presidential, senate, and house races at both a state and national level," Perplexity wrote in a blog post. The site will pull data from special data sources (called APIs) hosted by the two organizations. As of Monday, Perplexity's hub currently provides interactive information on voting requirements, poll times, and summaries about ballot measures, candidates, policy positions, and endorsements. Users can ask questions about the information similar to using a chatbot like ChatGPT. Perplexity's embrace of providing election information is an exception in the AI field. Wary about accidentally providing misinformation, competitor AI assistants from OpenAI, Google, and Anthropic currently direct users elsewhere or decline to answer election questions. OpenAI's ChatGPT Search directs election result queries to The Associated Press and Reuters. Perplexity describes its new elections hub as "an entry point for understanding key issues." But like other AI models, Perplexity can produce confabulations (plausible incorrect information) when generating responses. That could present an accuracy problem because the site's Voter Guide service uses AI language models to summarize and interpret information pulled from the web. Here's what Ars Technica advises: "Take what you see on Perplexity's site with a huge grain of salt -- do not rely on it without verifying the information with a trustworthy external source."

Read more of this story at Slashdot.

An anonymous reader shares a report: With Windows 11 still failing to set the world alight, campaigners are warning that millions of perfectly good PCs could become landfill fodder when support for Windows 10 runs out in eleven and a bit months. Figures compiled by StatCounter show that Windows 11 commanded a 35.55 percent share of the desktop Windows market in October. In comparison, the share of Windows 10 dropped to 60.97 percent, continuing a downward trend that began earlier this year -- it was still at 69.9 percent in April. Unless there is some marked acceleration, Windows 11 is unlikely to dominate the market by the time Microsoft pulls the plug on free updates for most of the Windows 10 world on October 14, 2025.

Read more of this story at Slashdot.

Singapore plans to boost road capacity by 20,000 vehicles through a new satellite-based road pricing system, the Land Transport Authority (LTA) announced last week. The city-state will replace its current gantry-based Electronic Road Pricing (ERP) system with GPS tracking technology, enabling more precise congestion management without physical toll stations. The Register adds: "ERP 2.0 will provide more comprehensive aggregated traffic information and will be able to operate without physical gantries. We will be able to introduce new 'virtual gantries,' which allow for more flexible and responsive congestion management," explained the LTA. But the island's government doesn't just control inflow into urban areas through toll-like charging -- it also aggressively controls the total number of cars operating within its borders. Singapore requires vehicle owners to bid for a set number of Certificates of Entitlement -- costly operating permits valid for only ten years. The result is an increase of around SG$100,000 ($75,500) every ten years, depending on that year's COE price, on top of a car's usual price. The high total price disincentivizes mass car ownership, which helps the government manage traffic and emissions.

Read more of this story at Slashdot.

A former teacher has filed a federal lawsuit against PowerSchool, alleging the education technology giant illegally sells student data to third parties without proper consent. Emily Cherkin, lead plaintiff in the class action suit filed in San Francisco, claims PowerSchool has amassed 345 terabytes of data from 440 school districts, including sensitive information about students' health, behavior, and academic records. The company provides software services to more than 60 million students across 90 of the largest U.S. school districts. The lawsuit alleges PowerSchool sells anonymized student data to over 100 partners, including educational consultants and government agencies, while marketing its analytics for workforce and policy planning. The company's Naviance college-planning software alone tracks 6 million high school students. PowerSchool has denied the allegations.

Read more of this story at Slashdot.

Netflix's gaming division is shifting focus to generative AI weeks after shuttering its premium game studio and laying off 35 developers, the company's newly appointed VP of GenAI for Games has announced. Mike Verdu, previously Vice President of Games, called the move a "once in a generation inflection point" that will "accelerate development" and create novel gaming experiences. The pivot follows the closure of Blue, Netflix's internal studio that had recruited veterans from major franchises including Call of Duty and God of War. "Pay no mind to uninformed speculation," Verdu wrote on LinkedIn, describing recent changes as a "planned transition."

Read more of this story at Slashdot.

A hardware hacker has successfully modified Nintendo's $100 Alarmo device to run the classic video game Doom, marking another milestone in the gaming community's tradition of porting the 1993 shooter to unconventional devices. YouTuber GaryOderNichts demonstrated the 2.8-inch circular alarm clock running Chocolate Doom natively, using the device's wheel for movement and side buttons for weapons. The hack requires no hardware modifications and works on the current 2.0 software version. The hack came after researchers discovered vulnerabilities in the Alarmo's STM32H7 microcontroller, enabling custom firmware installation through its USB-C port. The trick omits audio due to memory restrictions, GaryOderNichts notes, but it allows for custom animations and displays.

Read more of this story at Slashdot.