Comment Ha ha ha ha (Score 1) 14
"Opera Wants You To Pay $20 a Month For Its AI Browser"
Ha ha ha ha, good one, Opera! I needed a chuckle this morning.
Submission + - Texas makes clean power breakthrough as solar output overtakes coal (reuters.com)
AmiMoJo writes: For the first time, Texas' main power system looks set to generate more power from solar farms than coal plants during a calendar year in 2025, marking a key new energy transition milestone for the largest power network in the U.S.
The Electric Reliability Council of Texas (ERCOT) generated 2.64 million megawatt hours (MWh) of power from solar assets, compared with 2.44 million MWh of power from coal plants for the January-to-November period, according to data compiled by LSEG.
The Electric Reliability Council of Texas (ERCOT) generated 2.64 million megawatt hours (MWh) of power from solar assets, compared with 2.44 million MWh of power from coal plants for the January-to-November period, according to data compiled by LSEG.
Submission + - Over 10,000 Docker Hub images found leaking credentials, auth keys (bleepingcomputer.com)
joshuark writes: More than 10,000 Docker Hub container images expose data that should be protected, including live credentials to production systems, CI/CD databases, or LLM model keys. After scanning container images uploaded to Docker Hub in November, security researchers at threat intelligence company Flare found that 10,456 of them exposed one or more keys.The most frequent secrets were access tokens for various AI models (OpenAI, HuggingFace, Anthropic, Gemini, Groq). In total, the researchers found 4,000 such keys.
"These multi-secret exposures represent critical risks, as they often provide full access to cloud environments, Git repositories, CI/CD systems, payment integrations, and other core infrastructure components," Flare notes
Additionally, they found hardcoded API tokens for AI services being hardcoded in Python application files, config.json files, YAML configs, GitHub tokens, and credentials for multiple internal environments.
Some of the sensitive data was present in the manifest of Docker images, a file that provides details about the image.Flare notes that roughly 25% of developers who accidentally exposed secrets on Docker Hub realized the mistake and removed the leaked secret from the container or manifest file within 48 hours.
However, in 75% of these cases, the leaked key was not revoked, meaning that anyone who stole it during the exposure period could still use it later to mount attacks.
Flare suggests that developers avoid storing secrets in container images, stop using static, long-lived credentials, and centralize their secrets management using a dedicated vault or secrets manager.
Organizations should implement active scanning across the entire software development life cycle and revoke exposed secrets and invalidate old sessions immediately.
"These multi-secret exposures represent critical risks, as they often provide full access to cloud environments, Git repositories, CI/CD systems, payment integrations, and other core infrastructure components," Flare notes
Additionally, they found hardcoded API tokens for AI services being hardcoded in Python application files, config.json files, YAML configs, GitHub tokens, and credentials for multiple internal environments.
Some of the sensitive data was present in the manifest of Docker images, a file that provides details about the image.Flare notes that roughly 25% of developers who accidentally exposed secrets on Docker Hub realized the mistake and removed the leaked secret from the container or manifest file within 48 hours.
However, in 75% of these cases, the leaked key was not revoked, meaning that anyone who stole it during the exposure period could still use it later to mount attacks.
Flare suggests that developers avoid storing secrets in container images, stop using static, long-lived credentials, and centralize their secrets management using a dedicated vault or secrets manager.
Organizations should implement active scanning across the entire software development life cycle and revoke exposed secrets and invalidate old sessions immediately.
Comment Let's drain the swamp (Score 1, Funny) 57
Let's drain the swamp and then refill it with fresh sewage.
Submission + - New OpenAI Models Likely Pose 'High' Cybersecurity Risk, Company Says (axios.com)
An anonymous reader writes: OpenAI says the cyber capabilities of its frontier AI models are accelerating and warns Wednesday that upcoming models are likely to pose a "high" risk, according to a report shared first with Axios. The models' growing capabilities could significantly expand the number of people able to carry out cyberattacks. OpenAI said it has already seen a significant increase in capabilities in recent releases, particularly as models are able to operate longer autonomously, paving the way for brute force attacks.
The company notes that GPT-5 scored a 27% on a capture-the-flag exercise in August, GPT-5.1-Codex-Max was able to score 76% last month. "We expect that upcoming AI models will continue on this trajectory," the company says in the report. "In preparation, we are planning and evaluating as though each new model could reach 'high' levels of cybersecurity capability as measured by our Preparedness Framework." "High" is the second-highest level, below the "critical" level at which models are unsafe to be released publicly.
The company notes that GPT-5 scored a 27% on a capture-the-flag exercise in August, GPT-5.1-Codex-Max was able to score 76% last month. "We expect that upcoming AI models will continue on this trajectory," the company says in the report. "In preparation, we are planning and evaluating as though each new model could reach 'high' levels of cybersecurity capability as measured by our Preparedness Framework." "High" is the second-highest level, below the "critical" level at which models are unsafe to be released publicly.
Comment Rare (Score 1) 186
They can unwind deals after they are complete. It's pretty rare, because it's messy and expensive for all parties involved.
Also, given the rubber-stamping of the last dozen or so media mergers, it would be difficult for the government to explain why this particular merger would be harmful, while the last dozen mega-mergers and divestitures were just fine.
Also, given the rubber-stamping of the last dozen or so media mergers, it would be difficult for the government to explain why this particular merger would be harmful, while the last dozen mega-mergers and divestitures were just fine.
Comment Re:Stay away from Zoneminder (Score 1) 139
I'm glad it works for you- when I tried it (albeit a few years ago) it was a tangled, dodgy mess written in perl, php, javascript, and a ton of config issues all mixed into a blob of frustration. Sounds like it's better now.
Submission + - Rainbow Randy has AI Meltdown
BrendaEM writes: Political humorist Randy Rainbow has a simulated AI meltdown in his latest video. Cued up to the meltdown.
https://youtu.be/yTNJQb2fV8I?s...
https://youtu.be/yTNJQb2fV8I?s...
Comment Re:All of the above? (Score 1) 27
I assume that at least some of the tension here is that facebook hired these guys to be the hotshot golden boys of sucking less at AI; so it isn't just an it's-only-money thing
Maybe it's about salaries: the golden boys are being paid much more than their perhaps equally-qualified colleagues?
Submission + - Traveling to the US will require you to reveal your social media for 5 years. (federalregister.gov)
Z00L00K writes: Agency Information Collection Activities; Revision; Arrival and Departure
Record
3. Mandatory Social Media: In order to comply with the January 2025 Executive Order 14161 (Protecting the United States From Foreign Terrorists and Other National Security and Public Safety Threats), CBP is adding social media as a mandatory data element for an ESTA application. The data element will require ESTA applicants to provide their social media from the last 5 years.
3. Mandatory Social Media: In order to comply with the January 2025 Executive Order 14161 (Protecting the United States From Foreign Terrorists and Other National Security and Public Safety Threats), CBP is adding social media as a mandatory data element for an ESTA application. The data element will require ESTA applicants to provide their social media from the last 5 years.
Comment Stay away from Zoneminder (Score 1) 139
Stay away from Zoneminder- it's a cobbled-together hack that is a nightmare to properly configure and maintain. It's written in 4 or 5 different languages all slammed together in a shaky framework built from band-aids and spackle.
I've tried most of the NVR apps out there and the only one I think is fairly well done is Blue Iris. It's not perfect but I think it's far better than Zoneminder, iSpy (now part of iSpyConnect), and motionEye.
Submission + - New FAFSA update flags colleges with 'lower earnings' for graduates (thecollegefix.com)
An anonymous reader writes: Beginning this week, the U.S. Department of Education will warn students about colleges whose graduates earn less than high school graduates through the FAFSA process.
The warning provides financial data about selected colleges, aiming to enhance transparency and help students make informed decisions regarding their education.
Over 2% of undergraduates attend schools with lower average earnings than high school graduates, yet these institutions still receive significant federal aid.
The warning provides financial data about selected colleges, aiming to enhance transparency and help students make informed decisions regarding their education.
Over 2% of undergraduates attend schools with lower average earnings than high school graduates, yet these institutions still receive significant federal aid.
Submission + - Elon Musk admits DOGE was a waste of time (and money) (yahoo.com)
echo123 writes: Elon Musk appeared to admit for the first time that his work at the so-called Department of Government Efficiency was a total waste of time—which also destroyed his reputation.
He told Katie Miller, who is married to Donald Trump’s deputy chief of staff Stephen Miller, that he would not take the controversial post in Washington, D.C., if he had his time over again.
“I think instead of doing DOGE, I would have basically built—worked on my companies, essentially," he told The Katie Miller Podcast.
“If you could go back and start from scratch like it’s January 20th all again, would you go back and do it differently? And, knowing what you know now, do you think there’s ever a place to restart?”
After a deep sigh, Elon Musk, 54, replied, “I mean, no, I don’t think so.”
“You gave up a lot to DOGE,” she said.
“Yeah,” he conceded, sadly.
DOGE oversaw a $220 billion jump in federal spending—not including interest—in the fiscal year, according to The Wall Street Journal.
Bill Gates has warned Elon Musk’s DOGE cuts will cause ‘millions of deaths’
He told Katie Miller, who is married to Donald Trump’s deputy chief of staff Stephen Miller, that he would not take the controversial post in Washington, D.C., if he had his time over again.
“I think instead of doing DOGE, I would have basically built—worked on my companies, essentially," he told The Katie Miller Podcast.
“If you could go back and start from scratch like it’s January 20th all again, would you go back and do it differently? And, knowing what you know now, do you think there’s ever a place to restart?”
After a deep sigh, Elon Musk, 54, replied, “I mean, no, I don’t think so.”
“You gave up a lot to DOGE,” she said.
“Yeah,” he conceded, sadly.
DOGE oversaw a $220 billion jump in federal spending—not including interest—in the fiscal year, according to The Wall Street Journal.
Bill Gates has warned Elon Musk’s DOGE cuts will cause ‘millions of deaths’
Submission + - The rise of the electrostate (www.cbc.ca)
AmiMoJo writes: China’s massive lead in clean technologies has shifted the global climate fight from one of big pledges and international diplomacy toward a technological revolution in cheaper energy, analysts say.
The accelerated adoption of clean technologies — particularly solar and wind power, as well as electric vehicles — has challenged long-held assumptions about how central fossil fuels are to modern industrial development, as well as which countries would lead the world in the climate fight.
The contrast between countries embracing clean technologies and countries still dependent on producing and burning fossil fuels is also becoming wider. Countries like the U.S., now the world's largest oil producer, could be left behind in the race for the energy sources of the future.
The accelerated adoption of clean technologies — particularly solar and wind power, as well as electric vehicles — has challenged long-held assumptions about how central fossil fuels are to modern industrial development, as well as which countries would lead the world in the climate fight.
The contrast between countries embracing clean technologies and countries still dependent on producing and burning fossil fuels is also becoming wider. Countries like the U.S., now the world's largest oil producer, could be left behind in the race for the energy sources of the future.
Submission + - Microsoft Copilot down
Slashdot Top Deals
Passwords are implemented as a result of insecurity.
