404 Media journalist and Slashdot contributor samleecole shares a report: After an exodus of employees at Automattic who disagreed with CEO Matt Mullenweg's recently divisive legal battle with WP Engine, he's upped the ante with another buyout offer -- and a threat that employees speaking to the press should "exit gracefully, or be fired tomorrow with no severance." Earlier this month, Mullenweg posed an "Alignment Offer" to all of his employees: Stand with him through a messy legal drama that's still unfolding, or leave. "It became clear a good chunk of my Automattic colleagues disagreed with me and our actions," he wrote on his personal blog on Oct. 3, referring to the ongoing dispute between himself and website hosting platform WP Engine, which Mullenweg called a "cancer to WordPress" and accusing WP Engine of "strip-mining the WordPress ecosystem. In the last month, he and WP Engine have volleyed cease and desist letters, and WP Engine is now suing Automattic, accusing Mullenweg of extortion and abuse of power. "I'm certain that Matt hasn't eliminated all dissenters, because I'm still there, but I expect that within the next six to twelve months, everyone who didn't leave but wasn't 'aligned' will have found a new job and left on their own terms," a current employee told 404 Media. "My personal morale has never been lower at this job, and I know that I'm not alone." Mullenweg himself, in internal screenshots viewed by 404 Media, acknowledged that his first "Alignment Offer" did not make everyone who disagreed with him leave the company. On Wednesday Mullenweg posted another ultimatum in Automattic's Slack: a new offer that would include nine months of compensation (up from the previous offer of six months). "We have technical means to identify the leaker as well, that I obviously can't disclose," he continued. "So this is their opportunity to exit gracefully, or be fired tomorrow with no severance and probably a big legal case for violating confidentiality agreement."

Read more of this story at Slashdot.

The FBI has arrested an Alabama man who is accused of hacking the Securities and Exchange Commission's X account in January. From a report: The indictment alleges that 25-year-old Eric Council Jr. worked with co-conspirators to take control of the account and post a fake message from SEC Chair Gary Gensler about Bitcoin ETFs that caused the price of Bitcoin to jump by more than $1,000 momentarily. To carry out this scheme, Council is accused of creating a fake ID using the information belonging to the person in control of the SEC's X account. He then allegedly tricked AT&T into providing a SIM card with the victim's phone number and install it into a new iPhone he purchased. Finally, Council was able to gain control of the SEC's account using recovery authentication codes sent to the number, and later return the iPhone to the Apple Store where he'd bought it.

Read more of this story at Slashdot.

An anonymous reader quotes a report from MacRumors: Apple today reminded developers that the EU trader requirement in the European Union is now being enforced. Developers who distribute apps in the EU will now need to share information that includes address, phone number, and email address on the EU App Store. Submitting updates for apps on the App Store in the European Union now requires trader information that's added via App Store Connect, with those details shared on each developer's App Store page. App updates can no longer be submitted without trader information, and starting on February 17, 2025, apps that do not have a trader status set will be removed from the App Store in the EU until trader status is provided and verified. The Digital Services Act (DSA) in the European Union requires Apple to verify and display trader contact information for all "traders" who are distributing apps on the App Store in the European Union. Developers who make money from the App Store through either an upfront purchase price or through in-app purchases are considered traders, regardless of size. Contact information for each developer that is considered a trader will be publicly available, and there will undoubtedly be some developers that are unhappy with the requirement. Independent developers and small companies may not have dedicated business addresses and phone numbers to provide, and will likely be reluctant to provide their personal contact information. You can learn more about the requirements on Apple's website.

Read more of this story at Slashdot.

In a press release today, the FCC said it is requiring all mobile phones sold in the U.S. to be compatible with hearing aids. TechCrunch reports: The FCC has not yet issued a specific timeline for compliance, only noting that the rules will be fully in effect "after a transition period." The rules discourage handset makers from instituting proprietary Bluetooth coupling, which could limit device compatibility with over-the-counter hearing aids. Under the new rules, companies will be required to note on their website if a given handset is compatible with hearing aids. Two years ago, the FDA announced that hearing aids would no longer require a prescription. The agency also recently approved Apple AirPods as hearing aids.

Read more of this story at Slashdot.

Chipmaker Qualcomm has indefinitely paused production and support of its Snapdragon Developer Kit for Windows, citing quality concerns. Qualcomm says the product "has not met our usual standards of excellence." The cancellation comes shortly after the recent launch of over 30 Snapdragon X-series powered PCs.

Read more of this story at Slashdot.

The business world's favourite software program enters its 40th year. The Economist: Excel has featured in plenty of workplace blunders -- though its defenders will be quick to blame human error. The financial world is littered with tales of costly spreadsheet errors. Excel has also been blamed for botching gene names in over a third of genomics papers (because it labelled them as dates); underreporting covid-19 cases in England (because it only had a limited number of rows in which to record the results); and disrupting the trial of January 6th rioters in America (because sensitive information was left in hidden cells). Such snafus have not dented Excel's dominance. Might artificial intelligence (AI) steal its crown? With whizzy new tools powered by the technology promising to make data analysis easier, the familiar grid of numbers and calculations could soon feel outdated. Rather than replacing spreadsheets, though, AI might make them even better. Last month Microsoft introduced an AI assistant for Excel which lets users crunch data using natural-language prompts. Excel, and its faithful, aren't ready to be filtered out just yet.

Read more of this story at Slashdot.

schwit1 writes: The Department of Defense wants technology so it can fabricate online personas that are indistinguishable from real people. The United States' secretive Special Operations Command is looking for companies to help create deepfake internet users so convincing that neither humans nor computers will be able to detect they are fake, according to a procurement document reviewed by The Intercept. The plan, mentioned in a new 76-page wish list by the Department of Defense's Joint Special Operations Command, or JSOC, outlines advanced technologies desired for country's most elite, clandestine military efforts. "Special Operations Forces (SOF) are interested in technologies that can generate convincing online personas for use on social media platforms, social networking sites, and other online content," the entry reads.

Read more of this story at Slashdot.

More than half the world's food production will be at risk of failure within the next 25 years as a rapidly accelerating water crisis grips the planet, unless urgent action is taken to conserve water resources and end the destruction of the ecosystems on which our fresh water depends, experts have warned in a landmark review. From a report: Half the world's population already faces water scarcity, and that number is set to rise as the climate crisis worsens, according to a report from the Global Commission on the Economics of Water published on Thursday. Demand for fresh water will outstrip supply by 40% by the end of the decade, because the world's water systems are being put under "unprecedented stress," the report found. The commission found that governments and experts have vastly underestimated the amount of water needed for people to have decent lives. While 50 to 100 litres a day are required for each person's health and hygiene, in fact people require about 4,000 litres a day in order to have adequate nutrition and a dignified life. For most regions, that volume cannot be achieved locally, so people are dependent on trade -- in food, clothing and consumer goods -- to meet their needs. Some countries benefit more than others from "green water," which is soil moisture that is necessary for food production, as opposed to "blue water" from rivers and lakes. The report found that water moves around the world in "atmospheric rivers" which transport moisture from one region to another.

Read more of this story at Slashdot.

An anonymous reader shares a report: Starting on October 14, 2024, news outlets including Yahoo and NME reported that year-over-year, the U.S. vinyl market was down 33 percent. The data for these articles came from a weekly report from Billboard called "Market Watch," which automatically updates with data provided by the company Luminate. Amid the vinyl revolution, this news signified a shift in buyer habits: a sales decline among vinyl for the first time in 17 years. On October 15, Discogs contacted Chris Muratore, director of partnerships at Luminate, who confirmed that the reported data is incorrect. Vinyl sales are actually up 6.2 percent. Billboard has since added language to their "Market Watch" report, clearing up the error. Luminate has been the gold standard for physical music sales numbers for decades. However, at the beginning of this year, the company changed its reporting process, frustrating many record store owners and industry personnel.

Read more of this story at Slashdot.

South Korea will prepare stronger measures in a bid to prevent overseas leaks of business secrets amid intensifying competition for advanced technologies, the finance minister said on Thursday. From a report: "We will prevent illegal leaks of advanced technologies to raise the global competitiveness of our companies and strengthen technology leadership," Minister Choi Sang-mok said. The government will set up a "big data" system aimed at preventing technology leaks at the patent agency and introduce new regulations to ensure stronger punishment for culprits, Choi said. He did not specify what the stronger penalties would be under the new regulations. In the past five years, there have been 97 attempts to leak business secrets to a foreign country, with 40 of them in the semiconductor industry, according to the National Intelligence Service.

Read more of this story at Slashdot.

An anonymous reader shares a report: Impact, an app that describes itself as "AI-powered infrastructure for shaping and managing narratives in the modern world," is testing a way to organize and activate supporters on social media in order to promote certain political messages. The app aims to summon groups of supporters who will flood social media with AI-written talking points designed to game social media algorithms. In video demos and an overview document provided to people interested in using a prototype of the app that have been viewed by 404 Media, Impact shows how it can send push notifications to groups of supporters directing them at a specific social media post and provide them with AI-generated text they can copy and paste in order to flood the replies with counter arguments.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Hackread: The United States Department of Justice (DoJ) has indicted two Sudanese nationals for their alleged role in operating the hacktivist group Anonymous Sudan. The group claimed fame for conducting "tens of thousands" of large-scale and crippling Distributed Denial of Service attacks (DDoS attacks) targeting critical infrastructure, corporate networks, and government agencies globally. Ahmed Salah Yousif Omer, 22, and Alaa Salah Yusuuf Omer, 27, stand accused of conspiracy to damage protected computers. Ahmed Salah faces additional charges for damaging protected computers. The duo is believed to have controlled Anonymous Sudan, which, since early 2023, launched attacks on high-profile entities such as ChatGPT, UAE's Flydubai Airline, London Internet Exchange, Microsoft, and the Israeli BAZAN Group. The group and its clients also utilized the Distributed Cloud Attack Tool (DCAT) to conduct over 35,000 DDoS attacks. These attacks targeted sensitive government and critical infrastructure in the U.S. and globally, including the Department of Justice, Department of Defense, FBI, State Department, and Cedars-Sinai Medical Center in Los Angeles. The attacks, which sometimes lasted days, reportedly caused major damage, often crippling websites and networks. For instance, the attack on Cedars-Sinai Medical Center forced the redirection of incoming patients for eight hours, causing over $10 million in damages to U.S. victims.

Read more of this story at Slashdot.

The Cybersecurity Association of China (CSAC) has recommended a security review of Intel's products sold in China, accusing the U.S. chipmaker of harming national security and citing vulnerabilities in its chips. Reuters reports: While CSAC is an industry group rather than a government body, it has close ties to the Chinese state and the raft of accusations against Intel, published in a long post on its official WeChat account, could trigger a security review from China's powerful cyberspace regulator, the Cyberspace Administration of China (CAC). "It is recommended that a network security review is initiated on the products Intel sells in China, so as to effectively safeguard China's national security and the legitimate rights and interests of Chinese consumers," CSAC said. [...] CSAC in its post accuses Intel chips, including Xeon processors used for artificial intelligence tasks, of carrying several vulnerabilities, concluding that Intel "has major defects when it comes to product quality, security management, indicating that it is extremely irresponsible attitude towards customers." The industry group goes on to state that operating systems embedded in all Intel processors are vulnerable to backdoors created by the U.S. National Security Agency (NSA). "This poses a great security threat to the critical information infrastructures of countries all over the world, including China...the use of Intel products poses a serious risk to national security." CSAC said.

Read more of this story at Slashdot.

Longtime Slashdot reader schwit1 shares a report from Via Satellite: SpaceX submitted a request to the FCC to modify the second generation, Gen2, of its Starlink satellite system with changes that SpaceX said will allow the constellation to deliver gigabit-speed broadband. SpaceX submitted the filing to the FCC on Oct. 11, and it was made public on Tuesday. The operator wants to make changes to the orbital configuration and operational parameters, and requests modifications for its Gen2 frequency authorization. These modifications "will enable the Gen2 system to deliver gigabit-speed, truly low-latency broadband and ubiquitous mobile connectivity to all Americans and the billions of people globally who still lack access to adequate broadband," Jameson Dempsey, SpaceX director of Satellite Policy said in the filing. For comparison, Starlink's current statement on service speeds is that users typically experience download speeds between 25 and 220 Mbps, and a majority of users experience speeds over 100 Mbps. In 2022, the FCC partially approved SpaceX to deploy a Gen2 Starlink constellation of up to 7,500 satellites for fixed satellite services (FSS) in the Ku- and Ka-bands, then later authorized Gen2 operations using additional frequencies in the E- and V-bands. SpaceX reported that since then, it has deployed more than 3,000 satellites in the Gen2 system and the full Starlink constellation serves more than four million people.

Read more of this story at Slashdot.

Damiano's company had more work than staff, and opted to hire a subcontractor. When hiring on a subcontractor, you could look for all sorts of things. Does their portfolio contain work similar to what you're asking them to do? What's the average experience of their team? What are the agreed upon code quality standards for the contract?

You could do that, or you could hire the cheapest company.

Guess which one Damiano's company did? If you're not sure, look at this code:

if(jQuery('table').hasClass('views-view-grid')){ var EPid= ".views-view-grid"; jQuery(EPid +' td').each(function(){ if(!jQuery(this).parent().parent().parent().parent().parent().hasClass('view-article-in-right-sidebar') && !jQuery(this).parent().parent().parent().parent().parent().hasClass('view-offers-in-right-sidebar')){ var title = jQuery(this).find("h2 a").html(); var body = jQuery(this).find(".field-name-body").html(); var datetime = jQuery(this).find(".field-name-field-event-date-time").html(); var flyer = jQuery(this).find(".field-name-field-flyer a").attr("href"); var imageThumb = jQuery(this).find(".field-name-field-image-thumb").html(); var readMore = '<a href="'+jQuery(this).find("h2 a").attr("href")+'" class="read-more">READ MORE</a>'; var str = '<div class="thumb-listing listpage">'; if(title != null && title != ""){ if(imageThumb && imageThumb != "" && imageThumb != null) str = str + imageThumb; if(datetime && datetime != "" && datetime != null) str = str + '<div class="lp-date ">'+datetime+'</div>'; str = str + '<div class="lp-inner clear"><div class="lp-title">'+title+'</div>'; str = str + body + '</div><div class="sep2"></div>'; str = str + readMore; } if(flyer) str = str + '<a class="download-flyer" href="'+flyer+'"><?php if(isset($node) && $node->type == "events"){ echo 'download the flyer'; }else {echo 'download the article';} ?></a>'; str = str + '</div>'; jQuery(this).children('.node').remove(); jQuery(this).append(str); } });

This was in a Drupal project. The developer appointed by the contractor didn't know Drupal at all, and opted to build all the new functionality by dropping big blobs of JavaScript code on top of it.

There's so much to hate about this. We can start with the parent().parent() chains. Who doesn't love to make sure that your JavaScript code is extremely fragile against changes in the DOM, while at the same time making it hard to read or understand.

I like that we create the EPid variable to avoid having a magic string inside our DOM query, only to still need to append a magic string to it. It hints at some programming by copy/paste.

Then there's the pile of HTML-by-string-concatenation, which is always fun.

But this couldn't be complete without this moment: <?php if(isset($node) && $node->type == "events"){ echo 'download the flyer'; }else {echo 'download the article';} ?>

Oh yeah, buried in this unreadable blob of JavaScript there's a little bonus PHP, just to make it a little spicier.

The entire project came back from the contractor in an unusable state. The amount of re-work just to get it vaguely functional quickly outweighed any potential cost savings. And even after that work went it, it remained a buggy, unmaintainable mess.

Did management learn their lesson? Absolutely not- they bragged about how cheaply they got the work done at every opportunity, and entered into a partnership agreement with the subcontractor.

[Advertisement] Picking up NuGet is easy. Getting good at it takes time. ProGet costs less than half of Artifactory and is just as good. Our easy-to-read comparison page lays out the editions, features, and pricing of the different editions of ProGet and Artifactory.Learn More.

An anonymous reader quotes a report from Wired: Real-time video deepfakes are a growing threat for governments, businesses, and individuals. Recently, the chairman of the US Senate Committee on Foreign Relations mistakenly took a video call with someone pretending to be a Ukrainian official. An international engineering company lost millions of dollars earlier in 2024 when one employee was tricked by a deepfake video call. Also, romance scams targeting everyday individuals have employed similar techniques. "It's probably only a matter of months before we're going to start seeing an explosion of deepfake video, face-to-face fraud," says Ben Colman, CEO and cofounder at Reality Defender. When it comes to video calls, especially in high-stakes situations, seeing should not be believing. The startup is laser-focused on partnering with business and government clients to help thwart AI-powered deepfakes. Even with this core mission, Colman doesn't want his company to be seen as more broadly standing against artificial intelligence developments. "We're very pro-AI," he says. "We think that 99.999 percent of use cases are transformational -- for medicine, for productivity, for creativity -- but in these kinds of very, very small edge cases the risks are disproportionately bad." Reality Defender's plan for the real-time detector is to start with a plug-in for Zoom that can make active predictions about whether others on a video call are real or AI-powered impersonations. The company is currently working on benchmarking the tool to determine how accurately it discerns real video participants from fake ones. Unfortunately, it's not something you'll likely be able to try out soon. The new software feature will only be available in beta for some of the startup's clients. As Reality Defender works to improve the detection accuracy of its models, Colman says that access to more data is a critical challenge to overcome -- a common refrain from the current batch of AI-focused startups. He's hopeful more partnerships will fill in these gaps, and without specifics, hints at multiple new deals likely coming next year. After ElevenLabs was tied to a deepfake voice call of US president Joe Biden, the AI-audio startup struck a deal with Reality Defender to mitigate potential misuse. [...] "We don't ask my 80-year-old mother to flag ransomware in an email," says Colman. "Because she's not a computer science expert." In the future, it's possible real-time video authentication, if AI detection continues to improve and shows to be reliably accurate, will be as taken for granted as that malware scanner quietly humming along in the background of your email inbox.

Read more of this story at Slashdot.

A new study counters the widely held belief that standing desks are good for your health, discovering that it does not reduce the risk of diseases such as stroke and heart failure. In fact, it "found that being on your feet for more than two hours a day may increase the risk of developing problems such as deep vein thrombosis and varicose veins," reports The Guardian. The findings have been published in the International Journal of Epidemiology. From the report: To establish if standing provided any health benefits, the researchers studied data from 83,013 adults who are part of the UK Biobank health records database. These people did not have heart disease at the start of the study and wore devices on their wrists to track movement. The team found that for every extra 30 minutes spent standing beyond two hours, the risk of circulatory disease increased by 11%. Standing was not found to reduce the risk of heart conditions such as stroke, heart failure and coronary heart disease, the researchers said. "The key takeaway is that standing for too long will not offset an otherwise sedentary lifestyle and could be risky for some people in terms of circulatory health," said Dr Matthew Ahmadi, of the University of Sydney's faculty of medicine and health. "We found that standing more does not improve cardiovascular health over the long-term and increases the risk of circulatory issues."

Read more of this story at Slashdot.

wiredmikey shares a report from SecurityWeek: Dane Stuckey, the former Chief Information Security Officer (CISO) of big data analytics and AI firm Palantir, has joined OpenAI CISO. Stuckey served in senior security roles at Palantir for more than ten years, including 6 plus years as the company's CISO. In his new role, Stuckey said he would be working alongside Matt Knight, Head of Security at OpenAI. "Security is germane to OpenAI's mission," said Stuckey in a post on X. "It is critical we meet the highest standards for compliance, trust, and security to protect hundreds of millions of users of our products, enable democratic institutions to maximally benefit from these technologies, and drive the development of safe AGI for the world." "I am so excited for this next chapter, and can't wait to help secure a future where AI benefits us all," Stuckey added.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Reuters: Robinhood launched its long-awaited desktop platform and added futures and index options trading features to its mobile app on Wednesday, as the fintech firm aims to take market share from traditional brokerages. The 11-year-old commission-free trading app, which became synonymous with mom-and-pop investors in 2021, is now seeking to mature into a full-fledged financial services provider and compete with established brokerages that serve institutional investors. The Menlo Park, California-based company said its desktop trading platform, dubbed "Robinhood Legend," will focus on active traders. The platform, available at no additional cost, will offer advanced trading tools, real-time data, as well as custom and preset layouts. Meanwhile, the app will allow users to trade futures on the benchmark S&P 500 index, oil and bitcoin, among others. Customers can also trade index options. [...] Subscribers to Robinhood's premium Gold tier will be able to trade futures for as low as 50 cents per contract, while non-Gold users will need to pay a commission of 75 cents. You can tune in to the company's live product announcement on YouTube.

Read more of this story at Slashdot.

Apple is enhancing its Business Connect tool, allowing companies to customize how they appear in emails, phone calls, and payment interfaces on iPhones. The Verge reports: Each registered business can confirm its info is accurate and add additional details like photos or special offers. Collecting verified, up-to-date business information could be useful for Apple if it ever launches its own search engine or inside features for Apple Intelligence instead of sending users to outside sources like Google, Yelp, or Meta. Branded Mail is a feature businesses can sign up for today before it starts rolling out to users later this year, potentially making emails easier to identify in a sea of unread messages. Additionally, if companies opt into Business Caller ID, Apple will display their name, logo, and department on an iPhone's inbound call screen. This feature should come in handy when you're trying to figure out whether the random number that's calling you is spam, or if it's a legitimate business. It will start rolling out next year. A smaller update coming to Apple's Tap to Pay service will let companies show their logo when accepting payments instead of just displaying a category icon. You can read more about it in Apple's press release.

Read more of this story at Slashdot.