theodp writes: America's National Football League announced that beginning with the 2025 season, Sony's Hawk-Eye virtual measurement technology will assess and identify first downs after a ball spot.

Sony's Hawk-Eye virtual measurement technology, which consists of six 8K cameras for optical tracking of the position of the ball, is operated from the NFL's "Art McNally GameDay Central Officiating Center" in New York and is integrated with the League's existing replay system. It will serve as an efficient alternative to the process of having a three-person chain crew walk chains onto the field and manually measure whether 10 yards have been met after the official has spotted the ball.

However, the chain crew will remain on the field in a secondary capacity.
The NFL's executive VP of football operations says their move brings "world-class on field officiating with state-of-the-art technology to advance football excellence." (The NFL's announcement notes the whole process takes about 30 seconds, "saving up to 40 seconds from a measurement with the chains.")

The move comes a full seven years after Apple introduced its iPhone Measure app...

It's "a milestone for Meta AI and for open source," Mark Zuckerberg said this weekend. "For the first time, the best small, mid-size, and potentially soon frontier [large-language] models will be open source."

Zuckerberg anounced four new Llama LLMs in a video posted on Instagram and Facebook — two dropping this weekend, with another two on the way. "Our goal is to build the world's leading AI, open source it, and make it universally accessible so that everyone in the world benefits."

Zuckerberg's announcement: I've said for a while that I think open source AI is going to become the leading models. And with Llama 4 this is starting to happen.

- The first model is Llama 4 Scout. It is extremely fast, natively multi-modal. It has an industry-leading "nearly infinite" 10M-token context length, and is designed to run on a single GPU. [Meta's blog post says it fits on an NVIDIA H100]. It is 17 billion parameters by 16 experts, and it is by far the highest performing small model in its class.

- The second model is Llama 4 Maverick — the workhorse. It beats GPT-4o and Gemini Flash 2 on all benchmarks. It is smaller and more efficient than DeepSeek v3, but it is still comparable on text, plus it is natively multi-modal. This one is 17B parameters x 128 experts, and it is designed to run on a single host for easy inference.

This thing is a beast.
Zuck promised more news next month on "Llama 4 Reasoning" — but the fourth model will be called Llama 4 Behemoth. "This thing is massive. More than 2 trillion parameters." (A blog post from Meta AI says it also has a 288 billion active parameter model, outperforms GPT-4.5, Claude Sonnet 3.7, and Gemini 2.0 Pro on STEM benchmarks, and will "serve as a teacher for our new models.")

"I'm not aware of anyone training a larger model out there," Zuckberg says in his video, calling Behemoth "already the highest performing base model in the world, and it is not even done training yet."

"If you want to try Llama 4, you can use Meta AI in WhatsApp, Messenger, or Instagram Direct," Zuckberg said in his video, "or you can go to our web site at meta.ai." The Scout and Maverick models can be downloaded from llama.com and Hugging Face.

"We continue to believe that openness drives innovation," Meta AI says in their blog post, "and is good for developers, good for Meta, and good for the world." Their blog post declares it's "The beginning of a new era of natively multimodal AI innovation," calling Scout and Maverick "the best choices for adding next-generation intelligence." This is just the beginning for the Llama 4 collection. We believe that the most intelligent systems need to be capable of taking generalized actions, conversing naturally with humans, and working through challenging problems they haven't seen before. Giving Llama superpowers in these areas will lead to better products for people on our platforms and more opportunities for developers to innovate on the next big consumer and business use cases. We're continuing to research and prototype both models and products, and we'll share more about our vision at LlamaCon on April 29...

We also can't wait to see the incredible new experiences the community builds with our new Llama 4 models.
"The impressive part about Llama 4 Maverick is that with just 17B active parameters, it has scored an ELO score of 1,417 on the LMArena leaderboard," notes the tech news site Beebom. "This puts the Maverick model in the second spot, just below Gemini 2.5 Pro, and above Grok 3, GPT-4o, GPT-4.5, and more.

"It also achieves comparable results when compared to the latest DeepSeek V3 model on reasoning and coding tasks, and surprisingly, with just half the active parameters."

It was long-time Slashdot reader uninet who argued "Apple Needs a Snow Sequoia." (That is, Apple needs an upgrade to MacOS Sequoia that's like it's earlier "Snow Leopard" upgrade to "Leopard" OS — an upgrade that's "all about how little it added and how much it took away".)

"My recent column on Apple's declining software quality hit a nerve..." he writes in a follow-up. "So why do any of us put up with software that grows increasingly buggy?"

"One word: hardware. And that's where I'd love to see someone help Linux take the next step." Apple knows how to turn out very good quality pieces of hardware and, for many purposes, stands alone. That's been largely true for the last couple of decades. The half-decade of Apple Silicon has cemented this position. At any price point Apple contends, Macs, iPads and iPhones are either without peers or at the top of the market in build quality and processing power... [I]f only there were hardware that was as good and worked together as well as Apple's, jumping ship to Linux would be awfully attractive at this juncture...

For Apple aficionados troubled by the state of MacOS, the modern GNOME desktop on Linux beckons as a more faithful implementation of the ideals of MacOS than current MacOS does. GNOME is painstakingly consistent across its different apps and exudes the minimalist philosophy with which Apple's hardware shines... Now is a perfect moment for a modern Linux push to take that wind back. What it needs, though, is to solve its remaining weakness on the hardware side. One of the giants of electronics manufacturing, tired of being stuck between the Microsoft and Apple ecosystems, would only need to decide to commit the resources necessary to solve the hardware puzzle...

ChromeOS has grown to the extent it does because there is hardware designed for it. Take that and carry it further by making it good hardware utilizing the best Linux software and you'd have something disruptive... Initially, the hardware could be "good enough" for the software, much as Apple's software today is merely "good enough" for the hardware. Iterating from there could lead to a genuine third way of computing.
They titled their piece, "I Want a Better Mac, so I'm Cheering for a Better Linux." (Wondering if Dell or Sony could be the one to supply that good hardware...) "I say this not as someone who thinks Linux will ever dominate the personal computing world, but as someone who wants to see a spark of creativity and push beyond mediocrity in it again.

"Apple needs a real competitor, one alternatives such as GNOME on Linux could actually be, if only the hardware rose to the occasion."

"I started working on Voyager in 1977," the Voyager mission's project scientist told Gizmodo Saturday in a new interview. "It was my first job out of college."

35 years later, a Voyager probe became the first spacecraft to cross into interstellar space in 2012, with Voyager 2 following in 2018. But while each Voyager spacecraft carries 10 scientific instruments, all but three have now been turned off to conserve power, Gizmodo writes. "The two spacecraft now have enough power to operate for another year or so before engineers are forced to turn off two more instruments..." Voyager Mission Project Scientist Linda Spilker: The number of people that are working on and flying Voyager is a whole lot smaller than it was in the planetary days... The challenge was, can we reach the heliopause? We didn't know where it was, we had no idea how far away it was. We got to Neptune, and then we thought, "well, maybe it's just another 10 [astronomical units] or so, a little bit further, a little bit further." And so every time we got a little bit further, the modelers would go back, scratch their heads and say, "ah, it could be a little bit more, a little bit farther away," and so on and on that continued, until finally, Voyager 1 crossed the heliopause in 2012...

Gizmodo: Is it an emotional decision to turn off Voyager's instruments?

Spilker: I was talking to the cosmic ray instrument lead, and I said, "Wow, this must really be tough for you to see your instrument turned off." He helped build the instrument in the early 1970s. This instrument that's been sending you data, and that's been part of your life for over 50 years now. And he said, it was hard to think about turning it off for the whole team. It's kind of like losing a best friend, or someone that's been a part of your life for so many years, and then suddenly, it's silent. At the same time, there's this pride that you were part of that, and your instrument got so much great data — so it's a mix of emotions...

The spacecraft had a lot of redundancy on it, so that means two of every computer and two of all the key components. We've been able to turn off those backup units, but we're now at the point where, to really get a significant amount of power, all that's left are some of the science instruments to turn off. So, that's where we're at... How cold can the lines get before they freeze? How cold can some of these other components get before they stop working? So that's another challenge. Then there are individual tiny thrusters that align the spacecraft and keep that antenna pointed at the Earth so we can send the data back, and they're very slowly clogging up with little bits of silica, and so their puffs are getting weaker and weaker. That's another challenge that we're going through to balance.

But we're hopeful that we can get one, possibly two, spacecraft to the 50th anniversary in 2027. Voyager's golden anniversary, and perhaps even into the early 2030s with one, maybe two, science instruments.
"We're well past the warranty of four years..." Spilker says at one point. And "We're still working and thinking about an interstellar probe that would go much, much farther than Voyager.

"You're talking about a multi-generation mission."

Tinder "is experimenting with a chatbot that claims to help users improve their flirting skills," notes Washington Post internet-culture reporter Tatum Hunter. The chatbot is available only to users in the United States on iPhones for a limited time, and powered by OpenAI's GPT-4o each character "kicks off an improvised conversation, and the user responds out loud with something flirty..."

"Three of them dumped me." You can win points for banter the app deems "charming" or "playful." You lose points if your back-and-forth seems "cheeky" or "quirky"... It asked me to talk out loud into my phone and win the romantic interest of various AI characters.

The first scenario involved a financial analyst named Charles, whom I've supposedly run into at the Tokyo airport after accidentally swapping our luggage. I tried my best to be polite to the finance guy who stole my suitcase, asking questions about his travel and agreeing to go to coffee. But the game had some critical feedback: I should try to connect more emotionally using humor or stories from my life. My next go had me at a Dallas wedding trying to flirt with Andrew, a data analyst who had supposedly stumbled into the venue, underdressed, because he'd been looking for a quiet spot to ... analyze data. This time I kept things playful, poking fun at Andrew for crashing a wedding. Andrew didn't like that. I'd "opted to disengage" by teasing this person instead of helping him blend in at the wedding, the app said. A failure on my part, apparently — and also a reminder why generative AI doesn't belong everywhere...

Going in, I was worried Tinder's AI characters would outperform the people I've met on dating apps and I'd fall down a rabbit hole of robot love. Instead, they behaved in a way typical for chatbots: Drifting toward biased norms and failing to capture the complexity of human emotions and interactions. The "Game Game" seemed to replicate the worst parts of flirting — the confusion, the unclear expectations, the uncomfortable power dynamics — without the good parts, like the spark of curiosity about another person. Tinder released the feature on April Fools' Day, likely as a bid for impressions and traffic. But its limitations overshadowed its novelty...

Hillary Paine, Tinder's vice president of product, growth and revenue, said in an email that AI will play a "big role in the future of dating and Tinder's evolution." She said the game is meant to be silly and that the company "leaned into the campiness." Gen Z is a socially anxious generation, Paine said, and this age group is willing to endure a little cringe if it leads to a "real connection."
The article suggests it's another example of companies "eager to incorporate this newish technology, often without considering whether it adds any value for users." But "As apps like Tinder and Bumble lose users amid 'dating app burnout,' the companies are turning to AI to win new growth." (The dating app Rizz "uses AI to autosuggest good lines to use," while Teaser "spins up a chatbot that's based on your personality, meant to talk and behave like you would during a flirty chat," and people "are forming relationships with AI companion bots by the millions.") And the companion-bot company Replika "boasts more than 30 million users..."

This October will see the release of a film that's nearly 43 years in the making, reports Ars Technica: It's difficult to underestimate the massive influence that Disney's 1982 cult science fiction film, TRON, had on both the film industry — thanks to combining live action with what were then groundbreaking visual effects rife with computer-generated imagery — and on nerd culture at large. Over the ensuing decades there has been one sequel, an animated TV series, a comic book miniseries, video games, and theme park attractions, all modeled on director Steve Lisberg's original fictional world.

Now we're getting a third installment in the film franchise: TRON: Ares, directed by Joachim Rønning (Pirates of the Caribbean: Dead Men Tell No Tales, Maleficent: Mistress of Evil), that serves as a standalone sequel to 2010's TRON: Legacy. Disney just released the first trailer and poster art, and while the footage is short on plot, it's got the show-stopping visuals we've come to expect from all things TRON.
The film's director says it "builds upon the legacy of cutting-edge design, technology and storytelling, according to an official statement from Disney. And here's how they describe the plot. "TRON: Ares follows a highly sophisticated Program, Ares, who is sent from the digital world into the real world on a dangerous mission, marking humankind's first encounter with A.I. beings."

Share your thoughts in the comments. (Anyone remember playing the Tron videogame?)

The first episode of 2012's animated Tron: Uprising is available on the Disney XD YouTube channel...

U.K. postmasters were mistakenly sent to prison due to a bug in their "Horizon" accounting software — as first reported by Computer Weekly back in 2009. Nearly 16 years later, the same site reports that now the Scottish Criminal Cases Review Commission "is attempting to contact any former subpostmasters that could have been prosecuted for unexplained losses on the Post Office's pre-Horizon Capture software.

"There are former subpostmasters that, like Horizon users, could have been convicted of crimes based on data from these systems..." Since the Post Office Horizon scandal hit the mainstream in January 2024 — revealing to a wide audience the suffering experienced by subpostmasters who were blamed for errors in the Horizon accounting system — users of Post Office software that predated Horizon have come forward... to tell their stories, which echoed those of victims of the Horizon scandal. The Criminal Cases Review Commission for England and Wales is now reviewing 21 cases of potential wrongful conviction... where the Capture IT system could be a factor...

The SCCRC is now calling on people that might have been convicted based on Capture accounts to come forward. "The commission encourages anyone who believes that their criminal conviction, or that of a relative, might have been affected by the Capture system to make contact with it," it said. The statutory body is also investigating a third Post Office system, known as Ecco+, which was also error-prone...

A total of 64 former subpostmasters in Scotland have now had their convictions overturned through the legislation brought through Scottish Parliament. So far, 97 convicted subpostmasters have come forward, and 86 have been assessed, out of which the 64 have been overturned. However, 22 have been rejected and another 11 are still to be assessed. An independent group, fronted by a former Scottish subpostmaster, is also calling on users of any of the Post Office systems to come forward to tell their stories, and for support in seeking justice and redress.

The Starliner spacecraft lost four thrusters while approaching the International Space Station last summer. NASA astronaut, Butch Wilmore took manual control, remembers Ars Technica, "But as Starliner's thrusters failed, Wilmore lost the ability to move the spacecraft in the direction he wanted to go..." Starliner had flown to within a stone's throw of the space station, a safe harbor, if only they could reach it. But already, the failure of so many thrusters violated the mission's flight rules. In such an instance, they were supposed to turn around and come back to Earth. Approaching the station was deemed too risky for Wilmore and Williams, aboard Starliner, as well as for the astronauts on the $100 billion space station.

But what if it was not safe to come home, either?

"I don't know that we can come back to Earth at that point," Wilmore said in an interview. "I don't know if we can. And matter of fact, I'm thinking we probably can't."
After a half-hour exclusive interview, Ars Technica's senior space editor Eric Berger says he'd heard "a hell of a story." After Starliner lost four of its 28 reaction control system thrusters, Van Cise and this team in Houston decided the best chance for success was resetting the failed thrusters. This is, effectively, a fancy way of turning off your computer and rebooting it to try to fix the problem. But it meant Wilmore had to go hands-off from Starliner's controls. Imagine that. You're drifting away from the space station, trying to maintain your position. The station is your only real lifeline because if you lose the ability to dock, the chance of coming back in one piece is quite low. And now you're being told to take your hands off the controls...

Two of the four thrusters came back online.

Wilmore: "...But then we lose a fifth jet. What if we'd have lost that fifth jet while those other four were still down? I have no idea what would've happened. I attribute to the providence of the Lord getting those two jets back before that fifth one failed...

Berger: Mission Control decided that it wanted to try to recover the failed thrusters again. After Wilmore took his hands off the controls, this process recovered all but one of them. At that point, the vehicle could be flown autonomously, as it was intended to be.
"Wilmore added that he felt pretty confident, in the aftermath of docking to the space station, that Starliner probably would not be their ride home," according to the article. And Williams says it was the right decision. Publicly, NASA and Boeing expressed confidence in Starliner's safe return with crew. But Williams and Wilmore, who had just made that harrowing ride, felt differently.

Microsoft has created a real-time AI-generated rendition of Quake II gameplay (playable on the web).

Friday Xbox's general manager of gaming AI posted the startling link to "an AI-generated gaming experience" at Copilot.Microsoft.com "Move, shoot, explore — and every frame is created on the fly by an AI world model, responding to player inputs in real-time. Try it here."

They started with their "Muse" videogame world models, adding "a real-time playable extension" that players can interact with through keyboard/controller actions, "essentially allowing you to play inside the model," according to a Microsoft blog post. A concerted effort by the team resulted in both planning out what data to collect (what game, how should the testers play said game, what kind of behaviours might we need to train a world model, etc), and the actual collection, preparation, and cleaning of the data required for model training. Much to our initial delight we were able to play inside the world that the model was simulating. We could wander around, move the camera, jump, crouch, shoot, and even blow-up barrels similar to the original game. Additionally, since it features in our data, we can also discover some of the secrets hidden in this level of Quake II. We can also insert images into the models' context and have those modifications persist in the scene...

We do not intend for this to fully replicate the actual experience of playing the original Quake II game. This is intended to be a research exploration of what we are able to build using current ML approaches. Think of this as playing the model as opposed to playing the game... The interactions with enemy characters is a big area for improvement in our current WHAMM model. Often, they will appear fuzzy in the images and combat with them (damage being dealt to both the enemy/player) can be incorrect.
They warn that the model "can and will forget about objects that go out of view" for longer than 0.9 seconds. "This can also be a source of fun, whereby you can defeat or spawn enemies by looking at the floor for a second and then looking back up. Or it can let you teleport around the map by looking up at the sky and then back down. These are some examples of playing the model."

This generative AI model was trained on Quake II "with just over a week of data," reports Tom's Hardware — a dramatic reduction from the seven years required for the original model launched in February.

Some context from The Verge: "You could imagine a world where from gameplay data and video that a model could learn old games and really make them portable to any platform where these models could run," said Microsoft Gaming CEO Phil Spencer in February. "We've talked about game preservation as an activity for us, and these models and their ability to learn completely how a game plays without the necessity of the original engine running on the original hardware opens up a ton of opportunity."
"Is porting a game like Gameday 98 more feasible through AI or a small team?" asks the blog Windows Central. "What costs less or even takes less time? These are questions we'll be asking and answering over the coming decade as AI continues to grow. We're in year two of the AI boom; I'm terrified of what we'll see in year 10."

"It's clear that Microsoft is now training Muse on more games than just Bleeding Edge," notes The Verge, "and it's likely we'll see more short interactive AI game experiences in Copilot Labs soon." Microsoft is also working on turning Copilot into a coach for games, allowing the AI assistant to see what you're playing and help with tips and guides. Part of that experience will be available to Windows Insiders through Copilot Vision soon.

Berkeley, California is "the latest city to try to block landlords from using algorithms when deciding rents," reports the Associated Press (noting that officials in many cities claim the practice is driving up the price of housing).

But then real estate software company RealPage filed a federal lawsuit against Berkeley on Wednesday: Texas-based RealPage said Berkeley's ordinance, which goes into effect this month, violates the company's free speech rights and is the result of an "intentional campaign of misinformation and often-repeated false claims" about its products.

The U.S. Department of Justice sued Realpage in August under former President Joe Biden, saying its algorithm combines confidential information from each real estate management company in ways that enable landlords to align prices and avoid competition that would otherwise push down rents. That amounts to cartel-like illegal price collusion, prosecutors said. RealPage's clients include huge landlords who collectively oversee millions of units across the U.S. In the lawsuit, the Department of Justice pointed to RealPage executives' own words about how their product maximizes prices for landlords. One executive said, "There is greater good in everybody succeeding versus essentially trying to compete against one another in a way that actually keeps the entire industry down."

San Francisco, Philadelphia and Minneapolis have since passed ordinances restricting landlords from using rental algorithms. The Department of Justice case remains ongoing, as do lawsuits against RealPage brought by tenants and the attorneys general of Arizona and Washington, D.C...

[On a conference call, RealPage attorney Stephen Weissman told reporters] RealPage officials were never given an opportunity to present their arguments to the Berkeley City Council before the ordinance was passed and said the company is considering legal action against other cities that have passed similar policies, including San Francisco.
RealPage blames high rents not on the software they make, but on a lack of housing supply...

Over on Reddit's "selfhosted" subreddit for alternatives to popular services, long-time Slashdot reader Zoup described a pain point:

- Landlock is a Linux Security Module (LSM) that lets unprivileged processes restrict themselves.

- It's been in the kernel since 5.13, but the API is awkward to use directly.

- It always annoyed the hell out of me to run random binaries from the internet without any real control over what they can access.

So they've rolled their own solution, according to Thursday's submission to Slashdot: I just released Landrun, a Go-based CLI tool that wraps Linux Landlock (5.13+) to sandbox any process without root, containers, or seccomp. Think firejail, but minimal and kernel-native. Supports fine-grained file access (ro/rw/exec) and TCP port restrictions (6.7+). No daemons, no YAML, just flags.

Example (where --rox allows read-only access with execution to specified path):

# landrun --rox /usr touch /tmp/file
touch: cannot touch '/tmp/file': Permission denied
# landrun --rox /usr --rw /tmp touch /tmp/file
#

It's MIT-licensed, easy to audit, and now supports systemd services.

"The third James Bond novel was published on this day in 1955," writes long-time Slashdot reader sandbagger. Film buff Christian Petrozza shares some history: In 1979, the market was hot amid the studios to make the next big space opera. Star Wars blew up the box office in 1977 with Alien soon following and while audiences eagerly awaited the next installment of George Lucas' The Empire Strikes Back, Hollywood was buzzing with spacesuits, lasers, and ships that cruised the stars. Politically, the Cold War between the United States and Russia was still a hot topic, with the James Bond franchise fanning the flames in the media entertainment sector. Moon missions had just finished their run in the early 70s and the space race was still generationally fresh. With all this in mind, as well as the successful run of Roger Moore's fun and campy Bond, the time seemed ripe to boldly take the globe-trotting Bond where no spy has gone before.

Thus, 1979's Moonraker blasted off to theatres, full of chrome space-suits, laser guns, and jetpacks, the franchise went full-boar science fiction to keep up with the Joneses of current Hollywood's hottest genre. The film was a commercial smash hit, grossing 210 million worldwide. Despite some mixed reviews from critics, audiences seemed jazzed about seeing James Bond in space.

When it comes to adaptations of the novella that Ian Flemming wrote of the same name, Moonraker couldn't be farther from its source material, and may as well be renamed completely to avoid any association... Ian Flemming's original Moonraker was more of a post-war commentary on the domestic fears of modern weapons being turned on Europe by enemies who were hired for science by newer foes. With Nazi scientists being hired by both the U.S. and Russia to build weapons of mass destruction after World War II, this was less of a Sci-Fi and much more of a cautionary tale.
They argue that filming a new version of Moonraker "to find a happy medium between the glamor and the grit of the James Bond franchise..."

This week NASA "issued a solicitation for the next two private astronaut missions to the International Space Station," reports Space News. Scheduled after May of 2026 and then mid-2027, "These will be the fifth and sixth such missions to the ISS, part of a broader low Earth orbit commercialization effort by NASA with the ultimate goal of replacing the International Space Station with one or more commercial stations."

NASA's Space Station program manager calls the missions "a key part" of helping industry partners "gain the experience needed to train and manage crews, conduct research, and develop future destinations." In short, they see the missions "providing companies with hands-on opportunities to refine their capabilities and build partnerships that will shape the future of low Earth orbit." [NASA's call for proposals] offers an opportunity to have future missions commanded by someone other than a former NASA astronaut. While companies must propose a commander who meets current requirements, it can also propose an alternate commander who is a former astronaut from the Canadian Space Agency, European Space Agency or Japan Aerospace Exploration Agency with similar ISS experience requirements... ["Broadening of this requirement is not guaranteed," NASA warns.]

That could allow some former astronauts already working with commercial spaceflight companies an opportunity to command private astronaut missions. Axiom Space, for example, announced in July 2024 that former ESA astronaut Tim Peake had joined its astronaut team. That came after Axiom and the U.K. Space Agency signed a memorandum of understanding in October 2023 to study the feasibility of a private astronaut mission crewed exclusively by U.K. astronauts.
So far Axiom Space has been awarded all four private astronaut missions, according to the article, "flying one mission each in 2022, 2023 and 2024. Its next mission, Ax-4, is scheduled for no earlier than May."

But "While Axiom has little or no competition for previous PAM awards, it will likely face stiffer competition this time. Vast, a company also planning to develop commercial space stations, has previously stated its intent to submit proposals..."

Slashdot reader zlives shared this report from BleepingComputer: Microsoft used its AI-powered Security Copilot to discover 20 previously unknown vulnerabilities in the GRUB2, U-Boot, and Barebox open-source bootloaders.

GRUB2 (GRand Unified Bootloader) is the default boot loader for most Linux distributions, including Ubuntu, while U-Boot and Barebox are commonly used in embedded and IoT devices. Microsoft discovered eleven vulnerabilities in GRUB2, including integer and buffer overflows in filesystem parsers, command flaws, and a side-channel in cryptographic comparison. Additionally, 9 buffer overflows in parsing SquashFS, EXT4, CramFS, JFFS2, and symlinks were discovered in U-Boot and Barebox, which require physical access to exploit.

The newly discovered flaws impact devices relying on UEFI Secure Boot, and if the right conditions are met, attackers can bypass security protections to execute arbitrary code on the device. While exploiting these flaws would likely need local access to devices, previous bootkit attacks like BlackLotus achieved this through malware infections.
Miccrosoft titled its blog post "Analyzing open-source bootloaders: Finding vulnerabilities faster with AI." (And they do note that Micxrosoft disclosed the discovered vulnerabilities to the GRUB2, U-boot, and Barebox maintainers and "worked with the GRUB2 maintainers to contribute fixes... GRUB2 maintainers released security updates on February 18, 2025, and both the U-boot and Barebox maintainers released updates on February 19, 2025.")

They add that performing their initial research, using Security Copilot "saved our team approximately a week's worth of time," Microsoft writes, "that would have otherwise been spent manually reviewing the content." Through a series of prompts, we identified and refined security issues, ultimately uncovering an exploitable integer overflow vulnerability. Copilot also assisted in finding similar patterns in other files, ensuring comprehensive coverage and validation of our findings...

As AI continues to emerge as a key tool in the cybersecurity community, Microsoft emphasizes the importance of vendors and researchers maintaining their focus on information sharing. This approach ensures that AI's advantages in rapid vulnerability discovery, remediation, and accelerated security operations can effectively counter malicious actors' attempts to use AI to scale common attack tactics, techniques, and procedures (TTPs).
This week Google also announced Sec-Gemini v1, "a new experimental AI model focused on advancing cybersecurity AI frontiers."

The advent of LLMs and machine learning-based applications "opened the door to a new wave of security threats," argues Google's security blog. (Including model and data poisoning, prompt injection, prompt leaking and prompt evasion.)

So as part of the Linux Foundation's nonprofit Open Source Security Foundation, and in partnership with NVIDIA and HiddenLayer, Google's Open Source Security Team on Friday announced the first stable model-signing library (hosted at PyPI.org), with digital signatures letting users verify that the model used by their application "is exactly the model that was created by the developers," according to a post on Google's security blog. [S]ince models are an uninspectable collection of weights (sometimes also with arbitrary code), an attacker can tamper with them and achieve significant impact to those using the models. Users, developers, and practitioners need to examine an important question during their risk assessment process: "can I trust this model?"

Since its launch, Google's Secure AI Framework (SAIF) has created guidance and technical solutions for creating AI applications that users can trust. A first step in achieving trust in the model is to permit users to verify its integrity and provenance, to prevent tampering across all processes from training to usage, via cryptographic signing... [T]he signature would have to be verified when the model gets uploaded to a model hub, when the model gets selected to be deployed into an application (embedded or via remote APIs) and when the model is used as an intermediary during another training run. Assuming the training infrastructure is trustworthy and not compromised, this approach guarantees that each model user can trust the model...

The average developer, however, would not want to manage keys and rotate them on compromise. These challenges are addressed by using Sigstore, a collection of tools and services that make code signing secure and easy. By binding an OpenID Connect token to a workload or developer identity, Sigstore alleviates the need to manage or rotate long-lived secrets. Furthermore, signing is made transparent so signatures over malicious artifacts could be audited in a public transparency log, by anyone. This ensures that split-view attacks are not possible, so any user would get the exact same model. These features are why we recommend Sigstore's signing mechanism as the default approach for signing ML models.

Today the OSS community is releasing the v1.0 stable version of our model signing library as a Python package supporting Sigstore and traditional signing methods. This model signing library is specialized to handle the sheer scale of ML models (which are usually much larger than traditional software components), and handles signing models represented as a directory tree. The package provides CLI utilities so that users can sign and verify model signatures for individual models. The package can also be used as a library which we plan to incorporate directly into model hub upload flows as well as into ML frameworks.
"We can view model signing as establishing the foundation of trust in the ML ecosystem..." the post concludes (adding "We envision extending this approach to also include datasets and other ML-related artifacts.") Then, we plan to build on top of signatures, towards fully tamper-proof metadata records, that can be read by both humans and machines. This has the potential to automate a significant fraction of the work needed to perform incident response in case of a compromise in the ML world...

To shape the future of building tamper-proof ML, join the Coalition for Secure AI, where we are planning to work on building the entire trust ecosystem together with the open source community. In collaboration with multiple industry partners, we are starting up a special interest group under CoSAI for defining the future of ML signing and including tamper-proof ML metadata, such as model cards and evaluation results.