The U.S. Copyright Office declared Wednesday that the use of AI tools to assist in the creative process does not undermine the copyright of a work. Variety: The announcement clears the way for continued adoption of AI in post-production, where it has become increasingly common, such as in the enhancement of Hungarian-language dialogue in "The Brutalist." Studios, whose business model is founded on strong copyright protections, have expressed concern that AI tools could be inhibited by regulatory obstacles. In a 41-page report [PDF], the Copyright Office also reiterated that human authorship is essential to copyright, and that merely entering text prompts into an AI system is not enough to claim authorship of the resulting output.

Read more of this story at Slashdot.

New Zealand has relaxed its visitor visa rules to attract so-called "digital nomads" in a bid to boost tourism and the economy. From a report: Visitor visas will now allow people to work remotely for a foreign employer while they are visiting New Zealand for up to 90 days. The visa can be extended up to nine months but visitors may need to pay tax during this time. Economic growth minister Nicola Willis said making it easier for digital nomads -- people who work remotely while travelling -- to work in New Zealand, will boost the country's appeal as a destination. The visa would extend to influencers, as long as they are being paid by an overseas company.

Read more of this story at Slashdot.

Virgin Money's AI-powered chatbot has reprimanded a customer who used the word "virgin," underlining the pitfalls of rolling out external AI tools. From a report: In a post last week on social media site LinkedIn, David Birch, a fintech commentator and Virgin Money customer, shared a picture of his online conversation with the bank in which he asked: "I have two ISAs with Virgin Money, how do I merge them?" The bank's customer service tool responded: "Please don't use words like that. I won't be able to continue our chat if you use this language," suggesting that it deemed the word "virgin" inappropriate.

Read more of this story at Slashdot.

A group of scientific integrity experts is calling for urgent action to combat "paper mills" -- companies that sell fraudulent research papers and fake peer reviews. In a Nature comment piece published January 27, the experts warn that at least 400,000 papers published between 2000 and 2022 show signs of being produced by paper mills, while only 55,000 were retracted or corrected during that period.

Read more of this story at Slashdot.

OpenAI says it has evidence suggesting Chinese AI startup DeepSeek used its proprietary models to train a competing open-source system through "distillation," a technique where smaller models learn from larger ones' outputs. The San Francisco-based company, along with partner Microsoft, blocked suspected DeepSeek accounts from accessing its API last year after detecting potential terms of service violations. DeepSeek's R1 reasoning model has achieved comparable results to leading U.S. models despite claiming minimal resources.

Read more of this story at Slashdot.

A new update to CVS's mobile app includes a feature that allows some customers to access items on locked shelves using their phone -- "without having to summon an overworked employee to open it first," reports The Verge. The feature is currently being trialed in a handful of stores, but will be expanded to many more locations later this year if it goes well. From the report: According to The Wall Street Journal, "app users need to be logged in, on the local store Wi-Fi, and with their device's Bluetooth enabled to activate the feature." You've also got to be a member of the CVS loyalty program if you want the convenience of grabbing secured merchandise without calling for help. Signing up for that gives CVS plenty of insight into your shopping habits, so keep that in mind as you weigh the convenience of not waiting around. "People really, really dislike locked cabinets," Tilak Mandadi, executive vice president of ventures at CVS Health, told the Journal. Walmart has apparently come to the same realization, as the massive US retailer conducted a similar test last year. CVS aims to expand the program to around 15 stores soon and eventually reach national availability if all goes well.

Read more of this story at Slashdot.

A team of biologists have found that it takes microplastics consumed by mice just a few hours to reach their brains. "Wondering if the plastic in their brains was causing any impairment, the researchers tested several of the mice and found that many of them experienced memory loss, reductions in motor skills and lower endurance," reports Phys.Org. From the report: In this new effort, the research team sought to learn more about the medical impact of a mammal consuming different sizes of microplastics. The experiments consisted of feeding test mice water with different sized bits of fluorescent plastic in it, from micro to nano. They then tracked the progress of the plastic bits to see where they wound up in the bodies of the mice. Knowing that the plastic would make its way from the digestive tract into the bloodstream, the researchers used two-photon microscopy to capture imagery of it inside blood vessels. Also, suspecting that the tiniest bits would make it into their brains, the team installed tiny windows in their skulls, allowing them to track the movement of the plastic in their brains. In studying the imagery they created, the researchers were able to watch as the plastics made their way around the mice's bodies, eventually reaching their brains. They also noted that the plastic bits tended to get backed up, like cars in a traffic jam at different points. In taking a closer look at some of the backups in the brain, the researchers found that the plastic bits had been captured by immune cells, which led to even more backups. The findings have been published in the journal Science Advances.

Read more of this story at Slashdot.

Today's anonymous submitter spent a few weeks feeling pretty good about themselves. You see, they'd inherited a gigantic and complex pile of code, an application spread out across 15 backend servers, theoretically organized into "modules" and "microservices" but in reality was a big ball of mud. And after a long and arduous process, they'd dug through that ball of mud and managed to delete 190 files, totaling 30,000 lines of code. That was fully 2/3rds of the total codebase, gone- and yet the tests continued to pass, the application continued to run, and everyone was just much happier with it.

Two weeks later, a new ticket comes in: users are getting a 403 error when trying to access the "User Update" screen. Our submitter has seen a lot of these tickets, and it almost always means that the user's permissions are misconfigured. It's an easy fix, and not a code problem.

Just to be on the safe side, though, they pull up the screen with their account- guaranteed to have the right permissions- and get a 403.

As you can imagine, the temptation to sneak a few fixes in alongside this massive refactoring was impossible to resist. One of the problems was that most of their routes were camelCase URLs, but userupdate was not. So they'd fixed it. It was a minor change, and it worked in testing. So what was happening?

Well, there was a legacy authorization database. It was one of those 15 backend servers, and it ran no web code, and thus wasn't touched by our submitter's refactoring. Despite their web layer having copious authorization and authentication code, someone had decided back in the olden days, to implement that authorization and authentication in its own database.

Not every request went through this database. It impacted new sessions, but only under specific conditions. But this database had a table in it, which listed off all the routes. And unlike the web code, which used regular expressions for checking routes, and were case insensitive, this database did a strict equality comparison.

The fix was simple: update the table to allow userUpdate. But it also pointed towards a deeper, meaner target for future refactoring: dealing with this sometimes required (but often not!) authentication step lurking in a database that no one had thought about until our submitter's refactoring broke something.

[Advertisement] ProGet’s got you covered with security and access controls on your NuGet feeds. Learn more.

An anonymous reader quotes a report from The Guardian: Bolstered by Silicon Valley investment, scientists are making such rapid progress that lab-grown human eggs and sperm could be a reality within a decade, a meeting of the Human Fertilization and Embryology Authority board heard last week (PDF). In-vitro gametes (IVGs), eggs or sperm that are created in the lab from genetically reprogrammed skin or stem cells, are viewed as the holy grail of fertility research. The technology promises to remove age barriers to conception and could pave the way for same-sex couples to have biological children together. It also poses unprecedented medical and ethical risks, which the HFEA now believes need to be considered in a proposed overhaul of fertility laws. Peter Thompson, chief executive of the HFEA, said: "In-vitro gametes have the potential to vastly increase the availability of human sperm and eggs for research and, if proved safe, effective, and publicly acceptable, to provide new fertility treatment options for men with low sperm counts and women with low ovarian reserve." The technology also heralds more radical possibilities including "solo parenting" and "multiplex parenting." Julia Chain, chair of HFEA, said: "It feels like we ought to have Steven Spielberg on this committee," in a brief moment of levity in the discussion of how technology should be regulated. Lab-grown eggs have already been used produce healthy babies in mice -- including ones with two biological fathers. The equivalent feat is yet to be achieved using human cells, but US startups such as Conception and Gameto claim to be closing in on this prize. The HFEA meeting noted that estimated timeframes ranged from two to three years -- deemed to be optimistic -- to a decade, with several clinicians at the meeting sharing the view that IVGs appeared destined to become "a routine part of clinical practice." The clinical use of IVGs would be prohibited under current law and there would be significant hurdles to proving that IVGs are safe, given that any unintended genetic changes to the cells would be passed down to all future generations. The technology also opens up myriad ethical issues. Thompson said: "Research on IVGs is progressing quickly but it is not yet clear when they might be a viable option in treatment. IVGs raise important questions and that is why the HFEA has recommended that they should be subject to statutory regulation in time, and that biologically dangerous use of IVGs in treatment should never be permitted." "This is the latest of a range of detailed recommendations on scientific developments that we are looking at to future-proof the HFE Act, but any decisions around UK modernizing fertility law are a matter for parliament."

Read more of this story at Slashdot.

sciencehabit shares a report from Science: Legend has it that if you walk along Old Light Road in Summerville, South Carolina, you might see an eerie glow hovering over an abandoned rail line in the nearby woods. Old-timers will tell you it's a spectral lantern held by the apparition of a woman searching for her decapitated husband's head. Susan Hough has proposed a scientific explanation that is far more plausible, however. A seismologist with the U.S. Geological Survey, she believes the so-called Summerville Light could represent a rare natural phenomenon: earthquake lights. Sparks from steel rail tracks could ignite radon or other gases released from the ground by seismic shaking, Hough explains in an interview with Science. In Summerville, I think it's the railroad tracks that matter. I've crawled around tracks during my fieldwork in South Carolina. Historically, when [rail companies] replaced tracks, they didn't always haul the old track away. So, you've got heaps of steel out there. Sparks might be part of the story. And maybe the railroads are important for another reason. They may naturally follow fault lines that have carved corridors through the landscape. The findings have been published in the journal Seismological Research Letters. Hough also cites a paper published by Japanese scientist Yuji Enomoto that connects earthquake lights to the release of gases like radon or methane.

Read more of this story at Slashdot.

Google has appealed a record $4.5 billion EU antitrust fine to the European Court of Justice, arguing that the European Commission's decision punished its innovation and imposed unfair penalties for agreements requiring pre-installation of its apps on Android devices. Reuters reports: Google's appeal to the Luxembourg-based Court of Justice of the European Union comes two years after a lower tribunal sided with the European Commission which said the company used its Android mobile operating system to quash rivals. The lower court trimmed the fine to 4.1 billion euros. "Google does not contest or shy away from its responsibility under the law, but the Commission also has a responsibility when it runs investigations, when it seeks to reshape markets and second-guess pro-competitive business models, and when it imposes multi-billion-euro fines," Google lawyer Alfonso Lamadrid told the court. "In this case, the Commission failed to discharge its burden and its responsibility and, relying on multiple errors of law, punished Google for its superior merits, attractiveness and innovation," he said. The final ruling is expected in the coming months and cannot be appealed.

Read more of this story at Slashdot.

During the first press briefing of Donald Trump's second administration, White House press secretary, Karoline Leavitt, said that the National Security Council was "looking into" the potential security implications of China's DeepSeek AI startup. Axios reports: DeepSeek's low-cost but highly advanced models have shaken the consensus that the U.S. had a strong lead in the AI race with China. Responding to a question from Axios' Mike Allen, Leavitt said President Trump saw this as a "wake-up call" for the U.S. AI industry, but remained confident "we'll restore American dominance." Leavitt said she had personally discussed the matter with the NSC earlier on Tuesday. In the combative tone that characterized much of her first briefing, Leavitt claimed the Biden administration "sat on its hands and allowed China to rapidly develop this AI program," while Trump had moved quickly to appoint an AI czar and loosen regulations on the AI industry. Leavitt also commented on the mysterious drones spotted flying around New Jersey at the end of last year, saying they were "authorized to be flown by the FAA."

Read more of this story at Slashdot.

An anonymous reader quotes a report from the Hill: Two federal employees are suing the Office of Personnel Management (OPM) to block the agency from creating a new email distribution system -- an action that comes as the information will reportedly be directed to a former staffer to Elon Musk now at the agency. The suit (PDF), launched by two anonymous federal employees, ties together two events that have alarmed members of the federal workforce and prompted privacy concerns. That includes an unusual email from OPM last Thursday reviewed by The Hill said the agency was testing "a new capability" to reach all federal employees -- a departure from staffers typically being contacted directly by their agency's human resources department. Also cited in the suit is an anonymous Reddit post Monday from someone purporting to be an OPM employee, saying a new server was installed at their office after a career employee refused to set up a direct line of communication to all federal employees. According to the post, instructions have been given to share responses to the email to OPM chief of staff Amanda Scales, a former employee at Musk's AI company. Federal agencies have separately been directed to send Scales a list of all employees still on their one-year probationary status, and therefore easier to remove from government. The suit says the actions violate the E-Government Act of 2002, which requires a Privacy Impact Assessment before pushing ahead with creation of databases that store personally identifiable information. Kel McClanahan, executive director of National Security Counselors, a non-profit law firm, noted that OPM has been hacked before and has a duty to protect employees' information. "Because they did that without any indications to the public of how this thing was being managed -- they can't do that for security reasons. They can't do that because they have not given anybody any reason to believe that this server is secure.that this server is storing this information in the proper format that would prevent it from being hacked," he said. McClanahan noted that the emails appear to be an effort to create a master list of federal government employees, as "System of Records Notices" are typically managed by each department. "I think part of the reason -- and this is just my own speculation -- that they're doing this is to try and create that database. And they're trying to sort of create it by smushing together all these other databases and telling everyone who receives the email to respond," he said.

Read more of this story at Slashdot.

During the first press briefing of Donald Trump's second administration, White House press secretary, Karoline Leavitt, said the mysterious drones spotted flying around New Jersey at the end of last year were "authorized to be flown by the FAA." "After research and study, the drones that were flying over New Jersey in large numbers were authorized to be flown by the FAA for research and various other reasons," she said, adding that "many of these drones were also hobbyists, recreational and private individuals that enjoy flying drones." Leavitt added: "In time, it got worse due to curiosity. This was not the enemy." The drone sightings prompted local and federal officials to urge Congress to pass drone-defense legislation. The FAA issued a monthslong ban on drone flights over a large swatch of New Jersey while authorities invested the sightings. The Biden administration insisted that the drones were "nothing nefarious" and that there was "no sense of danger."

Read more of this story at Slashdot.

The XB-1, a civilian supersonic jet developed by Boom Supersonic, successfully broke the sound barrier during a test flight over the Mojave Desert. It reached an altitude of 35,290 feet before accelerating to Mach 1.22, the company said in a press release. CBS News reports: It marks the first time an independently developed jet has broken the sound barrier, Boom Supersonic said, and the plane is the "first supersonic jet made in America." The sound barrier was broken for the first time in 1947, when Air Force pilot Capt. Chuck Yeager flew a rocket-propelled experimental aircraft across the Mojave Desert -- taking off from the Mojave Air and Space Port just as the XB-1 did. [...] The company will next focus its attention on Overture, a supersonic airliner that will ultimately "bring the benefits of supersonic flight to everyone," Boom Supersonic founder and CEO Blake Scholl said in a statement. The XB-1 jet will be the foundation for Overture, Boom Supersonic said, and many features present on the jet will also be incorporated into the supersonic airliner. The airliner will also use Boom Supersonic's bespoke propulsion system, Symphony, to run on "up to 100% sustainable aviation fuel." The company said the goal for the plane is for it to be able to carry between 64 and 80 passengers at Mach 1.7, or about 1,295 miles per hour. Existing subsonic airliners fly at between 550 and 600 miles per hour, according to charter company Bitlux. About 130 Overture planes have been pre-ordered, the company said. Airlines including American Airlines, United Airlines and Japan Airlines have placed pre-orders. The company finished building a "superfactory" in North Carolina in 2024, and will eventually produce 66 planes per year.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: Apple-designed chips powering Macs, iPhones, and iPads contain two newly discovered vulnerabilities that leak credit card information, locations, and other sensitive data from the Chrome and Safari browsers as they visit sites such as iCloud Calendar, Google Maps, and Proton Mail. The vulnerabilities, affecting the CPUs in later generations of Apple A- and M-series chip sets, open them to side channel attacks, a class of exploit that infers secrets by measuring manifestations such as timing, sound, and power consumption. Both side channels are the result of the chips' use of speculative execution, a performance optimization that improves speed by predicting the control flow the CPUs should take and following that path, rather than the instruction order in the program. [...] The researchers published a list of mitigations they believe will address the vulnerabilities allowing both the FLOP and SLAP attacks. They said that Apple officials have indicated privately to them that they plan to release patches. In an email, an Apple representative declined to say if any such plans exist. "We want to thank the researchers for their collaboration as this proof of concept advances our understanding of these types of threats," the spokesperson wrote. "Based on our analysis, we do not believe this issue poses an immediate risk to our users." FLOP, short for Faulty Load Operation Predictor, exploits a vulnerability in the Load Value Predictor (LVP) found in Apple's A- and M-series chipsets. By inducing the LVP to predict incorrect memory values during speculative execution, attackers can access sensitive information such as location history, email content, calendar events, and credit card details. This attack works on both Safari and Chrome browsers and affects devices including Macs (2022 onward), iPads, and iPhones (September 2021 onward). FLOP requires the victim to interact with an attacker's page while logged into sensitive websites, making it highly dangerous due to its broad data access capabilities. SLAP, on the other hand, stands for Speculative Load Address Predictor and targets the Load Address Predictor (LAP) in Apple silicon, exploiting its ability to predict memory locations. By forcing LAP to mispredict, attackers can access sensitive data from other browser tabs, such as Gmail content, Amazon purchase details, and Reddit comments. Unlike FLOP, SLAP is limited to Safari and can only read memory strings adjacent to the attacker's own data. It affects the same range of devices as FLOP but is less severe due to its narrower scope and browser-specific nature. SLAP demonstrates how speculative execution can compromise browser process isolation.

Read more of this story at Slashdot.

Hugging Face researchers are attempting to recreate DeepSeek's R1 artificial intelligence model in an open-source format, just days after the Chinese AI lab's release sent markets soaring. The project, called Open-R1, aims to replicate R1's reasoning capabilities while making its training data and code publicly available. DeepSeek's R1 model, which matches or surpasses OpenAI's o1 on several benchmarks, was released with a permissive license but keeps its underlying architecture private. Hugging Face will use its research server with 768 Nvidia H100 GPUs for the effort.

Read more of this story at Slashdot.

The Federal Communications Commission will abandon a proposal that would have banned mandatory internet service charges for apartment and condominium residents. FCC Chair Brendan Carr halted the Biden-era plan that sought to prevent landlords from requiring tenants to pay for specific broadband providers. Housing industry groups said they welcomed the decision, arguing bulk billing arrangements help secure discounted rates. They claim these agreements can reduce internet costs by up to 50%. However, public interest advocates, who backed the original proposal, contend that landlords don't always pass these savings to tenants.

Read more of this story at Slashdot.

Companies are planning smaller raises this year, according to a new survey of chief financial officers from Gartner. From a report: It's become harder to find a job, particularly in the white-collar world. So employers are far less worried about people quitting and don't need to do as much to get workers to stick around. "Nobody is talking about the Great Resignation anymore," says Randeep Rathindran, a vice president in the finance practice at Gartner. The vast majority of employers, 94%, are still planning raises this year, per Gartner, which surveyed 300 CFOs and finance executives. The amounts are just smaller now. The share of CFOs planning to raise average employee compensation by 4% or more in 2025 fell to 61% from 86% in 2023.

Read more of this story at Slashdot.

An anonymous reader shares a report: LinkedIn has removed at least two accounts that were created for AI "co-workers" whose profile images said they were "#OpenToWork." "I don't need coffee breaks, I don't miss deadlines, and I'll outperform any social media team you've ever worked with -- Guaranteed," the profile page for one of these AI accounts called Ella said. "Tired of human 'experts' making excuses? I deliver, period." The #OpenToWork flair on profile pictures is a feature on LinkedIn that lets people clearly signal they are looking for a job on the professional networking platform. "People expect the people and conversations they find on LinkedIn to be real," a LinkedIn spokesperson told me in an email. "Our policies are very clear that the creation of a fake account is a violation of our terms of service, and we'll remove them when we find them, as we did in this case." The AI profiles were created by an Israeli company called Marketeam, which offers "dedicated AI agents" that integrate with a client's marketing team and help them execute their marketing strategies "from social media and content marketing to SEO, RTM, ad campaigns, and more."

Read more of this story at Slashdot.