Joe_Dragon shares a report: Four more large Internet service providers told the US Supreme Court this week that ISPs shouldn't be forced to aggressively police copyright infringement on broadband networks. While the ISPs worry about financial liability from lawsuits filed by major record labels and other copyright holders, they also argue that mass terminations of Internet users accused of piracy "would harm innocent people by depriving households, schools, hospitals, and businesses of Internet access." The legal question presented by the case "is exceptionally important to the future of the Internet," they wrote in a brief filed with the Supreme Court on Monday. The amici curiae brief was filed by Altice USA (operator of the Optimum brand), Frontier Communications, Lumen (aka CenturyLink), and Verizon. The brief supports cable firm Cox Communications' attempt to overturn its loss in a copyright infringement lawsuit brought by Sony. Cox petitioned the Supreme Court to take up the case last month. Sony and other music copyright holders sued Cox in 2018, claiming it didn't adequately fight piracy on its network and failed to terminate repeat infringers. A US District Court jury in the Eastern District of Virginia ruled in December 2019 that Cox must pay $1 billion in damages to the major record labels. Cox won a partial victory when the US Court of Appeals for the 4th Circuit vacated the $1 billion verdict, finding that Cox wasn't guilty of vicarious infringement because it did not profit directly from infringement committed by users of its cable broadband network. But the appeals court affirmed the jury's finding of willful contributory infringement and ordered a new damages trial.

Read more of this story at Slashdot.

Cruise is returning to the streets of Sunnyvale and Mountain View for the first time since it paused operations in the Bay Area after a robotaxi struck a pedestrian in October 2023. From a report: The company said Thursday that it will put "several" vehicles driven by humans in the two cities that will initially perform mapping. The company said it hopes to progress to supervised AV testing of up to five robotaxis "later this fall." "Resuming testing in the Bay Area is an important step forward as we continue to work closely with California regulators and local stakeholders," the company said in a post on X. "This will allow our local employees to engage directly with our product as they refine and improve our tech through R&D." The decision to bring Cruise's autonomous Chevy Bolts back to the Bay Area comes just a few months after the company reached a settlement with California's Public Utilities Commission (CPUC). As part of that deal, Cruise paid a $112,500 fine for failing to provide full information about the October 2023 crash.

Read more of this story at Slashdot.

The Rust vs C battle raging in Linux circles has left even Linus Torvalds scratching his head. "I'm not sure why Rust has been such a contentious area," the Linux creator mused at this week's Open Source Summit, likening the fervor to ancient text editor wars. "It reminds me of when I was young and people were arguing about vi versus Emacs." The spat over integrating Rust into Linux has been brewing since 2022, with critics slamming it as an "insult" to decades of kernel work. One maintainer recently quit, fed up with the "nontechnical nonsense." Torvalds struck a surprisingly diplomatic tone. He praised how Rust has "livened up discussions" while admitting some arguments get "nasty." "C is, in the end, a very simple language," Torvalds said, explaining its appeal and pitfalls. "Because it's simple it's also very easy to make mistakes. And Rust is not." Torvalds remains upbeat about Rust's future in Linux, nonetheless. "Even if it were to become a failure -- and I don't think it will -- that's how you learn," he said.

Read more of this story at Slashdot.

An anonymous reader quotes a report from The Register: Germany's Federal Office for Information Security (BSI) says one in ten organizations in the country affected by CrowdStrike's outage in July are dropping their current vendor's products. Four percent of organizations have already abandoned their existing solutions, while a further 6 percent plan to do so in the near future. It wasn't explicitly said whether this referred to CrowdStrike's Falcon product specifically or was a knee-jerk reaction to security vendors generally. One in five will also change the selection criteria when it comes to reviewing which security vendor gets their business. The whole fiasco doesn't seem to have hurt the company much though, at least not yet. The findings come from a report examining the experiences of 311 affected organizations in Germany, published today. Of those affected in one way or another, most said they first heard about the issues from social media (23 percent) rather than CrowdStrike itself (22 percent). The report also revealed that half of the 311 surveyed orgs had to halt operations -- 48 percent experienced temporary downtime. Ten hours, on average. Aside from the obvious business continuity impacts, this led to various issues with customers too. Forty percent said their collaboration with customers was damaged because they couldn't provide their usual services, while more than one in ten organizations didn't even want to address the topic. The majority of respondents (66 percent) said they will improve their incident response plans in light of what happened, or have done so already, despite largely considering events like these as unavoidable. The report highlights a curious finding that over half of CrowdStrike customers wanted to install updates more regularly, even though that would have been worse for an organization. "Regardless, with the number of urgent patch warnings we and the infosec community dish out every week, it's probably a net positive, even if it's slightly misguided," concludes The Register.

Read more of this story at Slashdot.

Apple's latest macOS 15 "Sequoia" update, released earlier this week, has disrupted security tools from major providers including CrowdStrike, SentinelOne, and Microsoft, according to reports. The extent and cause of the disruption remain unclear.

Read more of this story at Slashdot.

Google is updating its Password Manager to allow users to sync passkeys across multiple devices, including Windows, macOS, Linux, and Android, with iOS and ChromeOS support coming soon. Engadget reports: Once saved, the passkey automatically syncs across other devices using Google Password Manager. The company says this data is end-to-end encrypted, so it'll be pretty tough for someone to go in and steal credentials. [...] Today's update also brings another layer of security to passkeys on Google Password Manager. The company has introduced a six-digit PIN that will be required when using passkeys on a new device. This would likely stop nefarious actors from logging into an account even if they've somehow gotten ahold of the digital credentials. Just don't leave the PIN number laying on a sheet of paper directly next to the computer.

Read more of this story at Slashdot.

A conspiracy theory known as "Dead Internet Theory" has gained traction in recent years, positing that most online social activity is artificial and designed to manipulate users. This theory has grown alongside the rise of large language models like ChatGPT. On Monday, software developer Michael Sayman launched SocialAI, an app that seems to embody aspects of this theory. ArsTechnica: SocialAI's 28-year-old creator, Michael Sayman, previously served as a product lead at Google, and he also bounced between Facebook, Roblox, and Twitter over the years. In an announcement post on X, Sayman wrote about how he had dreamed of creating the service for years, but the tech was not yet ready. He sees it as a tool that can help lonely or rejected people. "SocialAI is designed to help people feel heard, and to give them a space for reflection, support, and feedback that acts like a close-knit community," wrote Sayman. "It's a response to all those times I've felt isolated, or like I needed a sounding board but didn't have one. I know this app won't solve all of life's problems, but I hope it can be a small tool for others to reflect, to grow, and to feel seen." As The Verge reports in an excellent rundown of the example interactions, SocialAI lets users choose the types of AI followers they want, including categories like "supporters," "nerds," and "skeptics." These AI chatbots then respond to user posts with brief comments and reactions on almost any topic, including nonsensical "Lorem ipsum" text.

Read more of this story at Slashdot.

An anonymous reader quotes a report from NPR: The State Department announced Wednesday that its online renewal system is now fully operational, after testing in pilot programs, and available to adult passport holders whose passport has expired within the past five years or will expire in the coming year. It is not available for the renewal of children's passports, for first-time passport applicants for renewal applicants who live outside the United States or for expedited applications. "By offering this online alternative to the traditional paper application process, the Department is embracing digital transformation to offer the most efficient and convenient passport renewal experience possible," Secretary of State Antony Blinken said in a statement. The department said it estimated that about 5 million Americans would be able to use this service a year. In 2023, it processed 24 million passports, about 40% of which were renewals. Assistant Secretary of State for Consular Affairs Rena Bitter, whose bureau oversees passport processing said the department hoped to expand the program in the coming years to possibly include Americans living abroad, those seeking to renew a second passport and children's passports. "This is not going to be the last thing that we do," she told reporters. "We want to see how this goes and then we'll start looking at ways to continue to make this service available to more American citizens in the coming months and years." You can renew your passport at www.Travel.State.Gov/renewonline.

Read more of this story at Slashdot.

The once-booming tech job market has contracted sharply, with software development postings down over 30% since February 2020, according to Indeed.com. Tech companies have shed around 137,000 jobs since January, Layoffs.fyi reports. This downturn, following years of aggressive hiring, marks a significant shift in the industry's labor dynamics. Companies are pivoting from growth-at-all-costs strategies to revenue-focused approaches, cutting entry-level positions and redirecting resources towards AI development. The release of ChatGPT in late 2022 sparked an AI investment frenzy, creating high demand for specialized AI talent.

Read more of this story at Slashdot.

Coming soon: Amazon sellers duking it out on TV to get their wares prime placement at the world's largest online retailer. Think "Shark Tank" meets Home Shopping Network. From a report: The e-commerce giant plans to introduce a new competition show next month in which entrepreneurs pitch their products to a studio audience as well as to judges including Amazon executives and celebrities like Goop founder Gwyneth Paltrow and designer Christian Siriano. Finalists will have their inventions sold in a new Amazon "Buy It Now" online store, and the winner of each episode will earn $20,000. The show is the retailer's latest attempt to marry content and commerce. Persuading consumers to shop through Internet-enabled televisions has long been a goal of traditional entertainment companies, but getting viewers to scan the QR code can be difficult. By creating shows that highlight its sellers and their products, Amazon has a better shot at getting viewers to shop -- especially younger audiences who are already doing this on apps like TikTok, said Bernstein analyst Mark Shmulik. "This feels more elegant than QR codes," Shmulik said of Amazon's new game show. Over the past few years, Amazon has introduced ads with QR codes in about 100 shows and movies, including "The Summer I Turned Pretty," "The Boys" and, more recently, NFL football games.

Read more of this story at Slashdot.

The Federal Trade Commission said on Thursday it found that several social media and streaming services engaged in a "vast surveillance" of consumers, including minors, collecting and sharing more personal information than most users realized. From a report: The findings come from a study of how nine companies -- including Meta, YouTube and TikTok -- collected and used consumer data. The sites, which mostly offer free services, profited off the data by feeding it into advertising that targets specific users by demographics, according to the report. The companies also failed to protect users, especially children and teens. The F.T.C. said it began its study nearly four years ago to offer the first holistic look into the opaque business practices of some of the biggest online platforms that have created multibillion-dollar ad businesses using consumer data. The agency said the report showed the need for federal privacy legislation and restrictions on how companies collect and use data. "Surveillance practices can endanger people's privacy, threaten their freedoms, and expose them to a host of harms, from identify theft to stalking," said Lina Kahn, the F.T.C.'s chair, in a statement.

Read more of this story at Slashdot.

Anduril Industries, a defense startup founded by Palmer Luckey, will integrate its Lattice suite of software into Microsoft's Integrated Visual Augmentation System headset for the U.S. Army. The deal aims to enhance soldiers' battlefield awareness by displaying real-time data from drones, vehicles, and defense systems. Luckey, who sold virtual reality company Oculus to Facebook for $2 billion, launched Anduril in 2017 to challenge traditional defense contractors. The firm recently secured a contract to develop an experimental robotic fighter jet, beating out industry giants. While Microsoft's IVAS faced initial user complaints of nausea and headaches, the Army plans to invest $21.9 billion in the project.

Read more of this story at Slashdot.

U.S. tech giant Cisco has let go of thousands of employees following its second layoff of 2024. From a report: The technology and networking company announced in August that it would reduce its headcount by 7%, or around 5,600 employees, following an earlier layoff in February, in which the company let go of about 4,000 employees. As TechCrunch previously reported, Cisco employees said that the company refused to say who was affected by the layoffs until September 16. Cisco did not give a reason for the month-long delay in notifying affected staff. One employee told TechCrunch at the time that Cisco's workplace had become the "most toxic environment" they had worked in. TechCrunch has learned that the layoffs also affect Talos Security, the company's threat intelligence and security research unit.

Read more of this story at Slashdot.

Kenya signed a Memorandum of Understanding (MoU) with the U.S. on nuclear technology cooperation during the 2024 IAEA General Conference in Vienna, with the aim of safely integrating nuclear power into Kenya's energy mix by 2035. The agreement focuses on collaboration in nuclear safety, regulatory experience, and research. The Standard reports: The historic pact came a day after Prime Cabinet Secretary Musalia Mudavadi addressed the general session of the conference. Mudavadi had outlined Kenya's ambitious plans to integrate nuclear power into the country's energy mix by 2035, as part of a broader strategy to meet its growing energy demand. Kenya's current installed energy capacity, as of 2023, totals 3,321 MW, with significant contributions from geothermal (863 MW), hydroelectric power (838 MW), wind (436 MW), solar (173 MW), biomass (2 MW), and thermal energy (678 MW). However, despite these sources, the country still faces a shortfall in its energy supply. Experts say nuclear energy will be crucial in addressing this deficit and supporting Kenya's long-term industrialization goals. The MoU was signed by the Kenya Nuclear Regulatory Authority (KNRA) and the United States Nuclear Regulatory Commission (USNRC), with both parties expressing optimism about the future of nuclear cooperation between the two nations. [...] Areas of cooperation will include sharing of operating experience and regulatory experience, cooperation in joint programs of nuclear safety research and trainings. Kenya, along with several other developing nations, is exploring the potential use of nuclear energy beyond electricity generation, including its applications in health and agriculture. As the country moves forward with its nuclear aspirations, experts highlight the importance of robust regulatory frameworks and international cooperation to ensure the safe and effective deployment.

Read more of this story at Slashdot.

schwit1 shares a report from SpaceNews: The FAA announced Sept. 17 that it notified SpaceX of $633,009 in proposed fines for violating terms of its launch licenses during the June 2023 Falcon 9 launch of the Satria-1, or PSN Satria, broadband satellite and the July 2023 Falcon Heavy launch of Jupiter-3, or EchoStar-24, broadband satellite. Both launches were successful. For the Satria-1 launch, the FAA said in its enforcement notice (PDF) to the company that SpaceX had requested in May 2023 changes to its communications plan to allow the use of a new launch control center at the company's "Hangar X" facility at the Kennedy Space Center and to skip a poll of launch controllers at two hours before liftoff. The FAA notified SpaceX shortly before the scheduled launch that it would not be able to approve those changes and modify the license in time, although the enforcement notice did not state why. SpaceX went ahead and used the Hangar X control center and skipped the "T-2 hours" poll for the launch. The agency concluded that violated two conditions of its launch license, which allowed for civil penalties of up to $283,009 each. The FAA said it planned to fine SpaceX a combined $350,000 for that launch. A month later, SpaceX conducted the Falcon Heavy launch of Jupiter-3, but nine days before the launch the company requested a modification to its launch license to allow it to use a new tank farm for RP-1 fuel at KSC's Launch Complex 39A, according to a separate enforcement notice. The FAA notified SpaceX two days before the scheduled launch that the agency would not be able to modify the license in time, but SpaceX nonetheless used the new tank farm for the launch. The agency said it proposed to fine SpaceX the maximum $283,009 for that violation. Instead of participating in administrative procedures, SpaceX CEO Elon Musk said it would take the FAA to court. "SpaceX will be filing suit against the FAA for regulatory overreach," he posted on X.

Read more of this story at Slashdot.

Some time ago, Roald started an internship on a ASP .Net application. It didn't take long to find some "special" code.

public string RetrieveSessionString(string sessionName) { try { return Session[sessionName].ToString(); } catch (NullReferenceException) { return null; } }

The Session variable is a session object for this user session. Each request carries a token which allows us to pair a Session with a user, making a cross-request per-user global object. That is what it is- but it's weird that we call the parameter sessionName. Maybe that's just a bad parameter name- it might be better called sessionKey or something like that.

Of course, the real issue here is it's null handling. Calling ToString on a key that doesn't exist throws a NullReferenceException, so we handle it just to return a null, thus making future NullReferenceExceptions somebody else's problem. Arguably, an empty string would be a better behavior. Still, I hate it.

But Roald also found this function's evil twin:

public Dictionary<string, string> RetrieveSessionDictionary(string sessionName) { try { return (Dictionary<string, string>)Session[sessionName]; } catch (NullReferenceException) { return null; } }

This is the same function, but instead of fetching a string, it fetches a dictionary of string/string pairs. It does the same null handling, but notably, doesn't do any error handling for situations where the cast fails.

And suddenly, this makes more sense. They're using the word "session" in two different contexts. There's the Session- a series of HTTP requests sharing the same token- and there's a user's session- settings which represent a unit of work. They're storing a dictionary representing a session in the Session object.

Which leaves this code feeling just… gross. It makes sense, and aside from the awful null handling, I understand why it works this way. It's just awkward and uncomfortable and annoying. I dislike it.

Also, functions which are name RetrieveBlahAsType are generally an antipattern. Either there should be some generics, or type conversions should be left to the caller- RetrieveSession(sessionName).ToString() is clearer with its intent than RetrieveSessionString(sessionName). Maybe that's just my hot take- I just hate it when functions return something converted away from its canonical representation; I can do that myself, thank you.

[Advertisement] ProGet’s got you covered with security and access controls on your NuGet feeds. Learn more.

An anonymous reader quotes a report from Ars Technica: The Senate Judiciary Committee is scheduled to consider two bills Thursday that would effectively nullify the Supreme Court's rulings against patents on broad software processes and human genes. Open source and Internet freedom advocates are mobilizing and pushing back. The Patent Eligibility Restoration Act (or PERA, S. 2140), sponsored by Sens. Thom Tillis (R-NC) and Chris Coons (D-Del.), would amend US Code such that "all judicial exceptions to patent eligibility are eliminated." That would include the 2014 ruling in which the Supreme Court held, with Justice Clarence Thomas writing, that simply performing an existing process on a computer does not make it a new, patentable invention. "The relevant question is whether the claims here do more than simply instruct the practitioner to implement the abstract idea of intermediated settlement on a generic computer," Thomas wrote. "They do not." That case also drew on Bilski v. Kappos, a case in which a patent was proposed based solely on the concept of hedging against price fluctuations in commodity markets. [...] Another wrinkle in the PERA bill involves genetic patents. The Supreme Court ruled in June 2013 that pieces of DNA that occur naturally in the genomes of humans or other organisms cannot, themselves, be patented. Myriad Genetics had previously been granted patents on genes associated with breast and ovarian cancer, BRCA1 and BRCA2, which were targeted in a lawsuit led by the American Civil Liberties Union (ACLU). The resulting Supreme Court decision -- this one also written by Thomas -- found that information that naturally occurs in the human genome could not be the subject to a patent, even if the patent covered the process of isolating that information from the rest of the genome. As with broad software patents, PERA would seemingly allow for the patenting of isolated human genes and connections between those genes and diseases like cancer. [...] The Judiciary Committee is set to debate and potentially amend or rewrite PREVAIL and PERA (i.e. mark up) on Thursday.

Read more of this story at Slashdot.

Snapchat's terms of service for its "My Selfie" tool reserve the right to use users' AI-generated images in ads. While users can opt out by disabling the "See My Selfie in Ads" feature, it is enabled by default. 404 Media's Emanuel Maiberg reports: A support page on the Snapchat website titled "What is My Selfie?" explains further: "You'll take selfies with your Snap camera or select images from your camera roll. These images will be used to understand what you look like to enable you, Snap and your friends to generate novel images of you. If you're uploading images from the camera roll, only add images of yourself," Snapchat's site says. "After you've successfully onboarded, you may have access to some features powered by My Selfie, like Cameos stickers and AI Snaps. We are constantly adding features and functionality so stay tuned for more My Selfie features." After seeing the popup, I searched for instances of people getting ads featuring their own face on Snapchat, and found this thread on the r/Privacy Reddit community where a user claimed exactly this happened to them. In an email to 404 Media, Snapchat said that it couldn't confirm or deny whether this user was served an ad featuring their face, but if they did, the ad was not using My Selfie images. Snapchat also said that it investigated the claim in the Reddit thread and that the advertiser, yourdreamdegree.com, has a history of advertising on Snapchat and that Snapchat believes the ad in question does not violate any of its policies. "The photo that was used in the advertisement is clearly AI, however, it is very clearly me," the Reddit user said. "It has my face, my hair, the clothing I wear, and even has my lamp & part of a painting on my wall in the background. I have no idea how they got photos of me to be able to generate this ad." Snapchat confirmed the news but emphasized that advertisers do not have access to Snapchat users' generative AI data. "You are correct that our terms do reserve the right, in the future, to offer advertising based on My Selfies in which a Snapchatter can see themselves in a generated image delivered to them," a Snapchat spokesperson said. "As explained in the onboarding modal, Snapchatters have full control over this, and can turn this on and off in My Selfie Settings at any time."

Read more of this story at Slashdot.

"Apple has begun manufacturing its A16 SoC at the newly-opened TSCM Fab 21 in Arizona," writes Slashdot reader NoMoreACs. AppleInsider reports: According to sources of Tim Culpan, Phase 1 of TSMC's Fab 21 in Arizona is making the A16 SoC of the iPhone 14 Pro in "small, but significant, numbers. The production is largely a test for the facility at this stage, but more production is expected in the coming months. The volume will ramp up massively once the second stage of the Phase 1 fab actually concludes. If everything stays on schedule, the Arizona plant will hit a target for production sometime in the first half of 2025. Sources say TSMC is achieving yields that are marginally behind those of Taiwan-based factories. Yield parity is expected to happen within months. TSMC has also raised its investment and moved to build additional plants in Arizona, with three set to be constructed in total. The U.S. Commerce Department previously claimed this will create 6,000 direct manufacturing jobs, on top of an estimated 20,000 construction jobs.

Read more of this story at Slashdot.

Late last month, Brazilian Justice Alexandre de Moraes ordered X to suspend operations in Brazil after a months-long dispute with X owner Elon Musk. The conflict centered on Musk's refusal to appoint a legal representative in the country and his refusal to take down disinformation and far-right accounts. However, on Wednesday, X bypassed the court-ordered block by utilizing third-party cloud services, allowing many Brazilian users to access the platform without the need for a virtual private network (VPN). From a report: The number of Brazilians accessing X is unknown, according to [Abrint, the Brazilian Association of Internet and Telecommunications Providers]. "I believe the change was probably intentional. Why would X use a third-party service that ends up being slower than its own?" said Basilio Perez, a board member at Abrint. Any revised order from Brazil's national telecommunications agency Anatel, which is responsible for implementing the court ruling, will need to be more specific, because blocking cloud access is complex and may jeopardize government agencies and financial services providers, Perez said. Anatel has identified the problem and is working to first notify content delivery network providers, followed by telecom companies to block access again to X in Brazil, according to a person familiar with the situation. The same person said it is not clear how long it will take for the providers to comply with the order.

Read more of this story at Slashdot.