BrianFagioli shares a report from BetaNews: Canonical, the company behind the popular Ubuntu operating system, has announced a significant extension to the support lifecycle of its long-term support (LTS) releases. The new paid Legacy Support add-on for Ubuntu Pro subscribers will now provide security maintenance and support for an impressive 12 years, extending the previous 10-year commitment. This enhancement is available starting with Ubuntu 14.04 LTS and will benefit both enterprises and individual users who rely on the stability and security of Ubuntu for their critical systems. By default, Ubuntu LTS releases receive five years of standard security maintenance. However, with Ubuntu Pro, this is expanded to 10 years for both the main and universe repositories, offering access to a broader range of secure open-source software.

The Legacy Support add-on further extends this period by an additional two years, ensuring that organizations can maintain their systems with the latest security patches and support services without the immediate need to upgrade to a newer OS version. This is particularly beneficial for large, established production systems where transitioning to a new OS can be a complex and risky endeavor due to the potential need to update the entire software stack. The extended support includes continuous vulnerability management for critical, high, and medium Common Vulnerabilities and Exposures (CVEs) across all software packages shipped with Ubuntu. Canonical's security team actively backports crucial fixes to all supported Ubuntu LTS releases, providing peace of mind to users and enterprises. In addition to security maintenance, the Legacy Support add-on also offers phone and ticket support, enhancing Canonical's commitment to assisting customers with troubleshooting, break fixes, bug fixes, and guidance.

An anonymous reader quotes a report from KrebsOnSecurity: The nonprofit organization that supports the Firefox web browser said today it is winding down its new partnership with Onerep, an identity protection service recently bundled with Firefox that offers to remove users from hundreds of people-search sites. The move comes just days after a report by KrebsOnSecurity forced Onerep's CEO to admit that he has founded dozens of people-search networks over the years. Mozilla only began bundling Onerep in Firefox last month, when it announced the reputation service would be offered on a subscription basis as part of Mozilla Monitor Plus. Launched in 2018 under the name Firefox Monitor, Mozilla Monitor also checks data from the website Have I Been Pwned? to let users know when their email addresses or password are leaked in data breaches. On March 14, KrebsOnSecurity published a story showing that Onerep's Belarusian CEO and founder Dimitiri Shelest launched dozens of people-search services since 2010, including a still-active data broker called Nuwber that sells background reports on people. Onerep and Shelest did not respond to requests for comment on that story.

But on March 21, Shelest released a lengthy statement wherein he admitted to maintaining an ownership stake in Nuwber, a consumer data broker he founded in 2015 -- around the same time he launched Onerep. Shelest maintained that Nuwber has "zero cross-over or information-sharing with Onerep," and said any other old domains that may be found and associated with his name are no longer being operated by him. "I get it," Shelest wrote. "My affiliation with a people search business may look odd from the outside. In truth, if I hadn't taken that initial path with a deep dive into how people search sites work, Onerep wouldn't have the best tech and team in the space. Still, I now appreciate that we did not make this more clear in the past and I'm aiming to do better in the future." The full statement is available here (PDF).

In a statement released today, a spokesperson for Mozilla said it was moving away from Onerep as a service provider in its Monitor Plus product. "Though customer data was never at risk, the outside financial interests and activities of Onerep's CEO do not align with our values," Mozilla wrote. "We're working now to solidify a transition plan that will provide customers with a seamless experience and will continue to put their interests first." KrebsOnSecurity also reported that Shelest's email address was used circa 2010 by an affiliate of Spamit, a Russian-language organization that paid people to aggressively promote websites hawking male enhancement drugs and generic pharmaceuticals. As noted in the March 14 story, this connection was confirmed by research from multiple graduate students at my alma mater George Mason University.

Shelest denied ever being associated with Spamit. "Between 2010 and 2014, we put up some web pages and optimize them -- a widely used SEO practice -- and then ran AdSense banners on them," Shelest said, presumably referring to the dozens of people-search domains KrebsOnSecurity found were connected to his email addresses (dmitrcox@gmail.com and dmitrcox2@gmail.com). "As we progressed and learned more, we saw that a lot of the inquiries coming in were for people." Shelest also acknowledged that Onerep pays to run ads on "on a handful of data broker sites in very specific circumstances." "Our ad is served once someone has manually completed an opt-out form on their own," Shelest wrote. "The goal is to let them know that if they were exposed on that site, there may be others, and bring awareness to there being a more automated opt-out option, such as Onerep."

Longtime Slashdot reader jmv writes: After more than two years of work, Opus 1.5 is out. It brings many new features that can improve quality and the general audio experience through machine learning, while maintaining fully-compatibility with previous releases. See this release page demonstrating all the new features, including:

• Significant improvement to packet loss robustness using Deep Redundancy (DRED)
• Improved packet loss concealment through Deep PLC
• Low-bitrate speech quality enhancement down to 6 kb/s wideband
• Improved x86 (AVX2) and Arm (Neon) optimizations
• Support for 4th and 5th order ambisonics

Long-time Slashdot readers necro81 writes: The popular vision of Neptune is azure blue. This comes mostly from the publicly released images from Voyager 2's flyby in 1989 — humanity's only visit to this icy giant at the edge of the solar system. But it turns out that view is a bit distorted — the result of color-enhancing choices made by NASA at the time. A new report from Oxford depicts Neptune's blue color as more muted, with a touch of green, not much different than Uranus. The truer-to-life view comes from re-analyzing the Voyager data, combined with ground-based observations going back decades. (Add'l links here, here, and here.)

This is nothing new: most publicity images released by space agencies — of planets, nebulae, or the surface of Mars — have undergone some color-enhancement for visual effect. (They'll also release "true-color" images, which try to best mimic what the human eye would see.) Many images — such as those from the infrared-seeing JWST — need wholesale coloration of their otherwise invisible wavelengths. The new report is a good reminder, though, to remember that scientific cameras are pretty much always black and white; color images come from combining filters in various ways.
Also thanks to long-time Slashdot reader Geoffrey.landis for sharing the story.

"Every day, 3 trillion dollars worth of transactions are handled by a 64-year-old programming language that hardly anybody knows anymore," writes PC Magazine. But most school's don't teach the mainframe programming language COBOL any more, and "COBOL cowboys" are aging out of the workforce, with replacements in short supply.

"This is precisely the kind of problem that IBM thinks it can fix with AI." IBM's approach is fairly straightforward: Rather than relying exclusively on a limited pool of human programmers to solve the problem, it built a generative AI-powered code assistant (watsonx) that helps convert all that dusty old COBOL code to a more modern language, thereby saving coders countless hours of reprogramming. In extremely simplified terms, the process is similar to feeding an essay written in English into ChatGPT and asking it to translate certain paragraphs into Esperanto. It allows programmers to take a chunk of COBOL and enlist watsonx to transform it into Java.

But of course, it's not quite that simple in practice... After IBM and the customer have a thorough understanding of the application landscape, the data flow, and the existing dependencies, "we help them refactor their applications," says IBM's Vice President of Product Management, IT Automation, Keri Olson. "That is, breaking it down into smaller pieces, which the customer can selectively choose, at that point, to do the modernization from COBOL to Java." Skyla Loomis, IBM's Vice President of IBM Z Software adds, "But you have to remember that this is a developer assistant tool. It's AI assisted, but it still requires the developer. So yes, the developer is involved with the tooling and helping the customers select the services."

Once the partnership between man and machine is established, the AI steps in and says, 'Okay, I want to transform this portion of code. The developer may still need to perform some minor editing of the code that the AI provides, Loomis explains. "It might be 80 or 90 percent of what they need, but it still requires a couple of changes. It's a productivity enhancement — not a developer replacement type of activity."
The article quotes a skeptical Gartner Distinguished Vice President and Analyst, who notes that IBM "has no case studies, at this time, to validate its claims."

Alibaba is canceling the scheduled IPO of its cloud division due to the impact of the U.S. government's CPU export bans to China. The Register reports: The Chinese e-commerce giant reported the move alongside its calendar Q3 earnings, otherwise a generally positive quarter, with the group reporting an income from operations of $4.6 billion, up 34 percent year-on-year, and revenue of $30.8 billion, up 9 percent. Alibaba also said US export restrictions could affect its business more generally by making it harder for the company to upgrade its existing hardware. [...] It's worth noting that the Cloud Intelligence Group brought in $3.789 billion in revenue but earnings before income tax and amortization was $193 million, up 44 percent on the same period a year earlier. Cloud sales growth has stalled in 2023 as customers weigh up their spending. "We believe that these new restrictions [referring to expanded restrictions announced in October] may materially and adversely affect Cloud Intelligence Group's ability to offer products and services and to perform under existing contracts, thereby negatively affecting our results of operations and financial condition," Alibaba said. "We believe that a full spin-off of Cloud Intelligence Group may not achieve the intended effect of shareholder value enhancement," the company added. "Accordingly, we have decided to not proceed with a full spin-off, and instead we will focus on developing a sustainable growth model for Cloud Intelligence Group (CIG) under the fluid circumstances."

"The US needs to stop politicizing and weaponizing trade and tech issues and stop destabilizing global industrial and supply chains," Chinese Foreign Ministry spokesperson Mao Ning said in response to the US's new restrictions.

"Windows 11's last major update, 22H2 introduced native support for managing RAR archives, eliminating the need for third-party software," writes Slashdot reader jjslash. "This enhancement is part of the OS's broader capability improvements for handling various archive file formats." TechSpot reports: Microsoft finally introduced native support for RAR archives earlier this year, just three decades after the format's official introduction in 1993. Windows 11 development is now progressing at an accelerated pace, therefore support for a whole lot of new (ancient) archive formats is coming soon.

Microsoft recently released KB5031455, an optional, feature-rich preview cumulative update for Windows 11, refreshing the list of archive formats natively supported in the OS. Windows 11 22H2 and later versions can now manage files compressed in the following archive types: .rar, .7z, .tar, .tar.gz, .tar.bz2, .tar.zst, .tar.xz, .tgz, .tbz2, .tzst, .txz. Support for password-encrypted archives is not available yet.

Redmond programmers added support for the aforementioned archive files thanks to the libarchive library, an open source project designed to develop a portable, efficient C library that can "read and write streaming archives" in a variety of formats. Libarchive supports additional archive types (Lzh, Xar) that could eventually come to Windows 11 as well.

Researchers have devised an attack that forces Apple's Safari browser to divulge passwords, Gmail message content, and other secrets by exploiting a side channel vulnerability in the A- and M-series CPUs running modern iOS and macOS devices. From a report: iLeakage, as the academic researchers have named the attack, is practical and requires minimal resources to carry out. It does, however, require extensive reverse-engineering of Apple hardware and significant expertise in exploiting a class of vulnerability known as a side channel, which leaks secrets based on clues left in electromagnetic emanations, data caches, or other manifestations of a targeted system. The side channel in this case is speculative execution, a performance enhancement feature found in modern CPUs that has formed the basis of a wide corpus of attacks in recent years. The nearly endless stream of exploit variants has left chip makers -- primarily Intel and, to a lesser extent, AMD -- scrambling to devise mitigations.

The researchers implement iLeakage as a website. When visited by a vulnerable macOS or iOS device, the website uses JavaScript to surreptitiously open a separate website of the attacker's choice and recover site content rendered in a pop-up window. The researchers have successfully leveraged iLeakage to recover YouTube viewing history, the content of a Gmail inbox -- when a target is logged in -- and a password as it's being autofilled by a credential manager. Once visited, the iLeakage site requires about five minutes to profile the target machine and, on average, roughly another 30 seconds to extract a 512-bit secret, such as a 64-character string.

Ron Amadeo reports via Ars Technica: To help combat the surge of sideloaded malware, Google Play can now pop up a malware scanner at install time if it decides the app you're trying to sideload is interesting. Google Play's malware system, called "Google Play Protect," has always been able to check sideloaded apps for malware, but it used faster techniques like a definition file, and this happened quietly in the background. This new technique will delay your app installation with a full-screen "scanning" interface while Google runs a deep scan of the app code. Google's blog post says this is "real-time scanning at the code-level to combat novel malicious apps" and that Google Play Protect can "recommend a real-time app scan when installing apps that have never been scanned before to help detect emerging threats."

The scan will involve sending bits and pieces of the app to Google for analysis. Google says: "Scanning will extract important signals from the app and send them to the Play Protect backend infrastructure for a code-level evaluation. Once the real-time analysis is complete, users will get a result letting them know if the app looks safe to install or if the scan determined the app is potentially harmful. This enhancement will help better protect users against malicious polymorphic apps that leverage various methods, such as AI, to be altered to avoid detection." [...] Google is first rolling this feature out in India -- a country that topped the malware distribution charts in that 2018 report -- with the company saying the feature "will expand to all regions in the coming months."

Google Bard is getting support for Extensions today, incorporating essential apps like Google Maps, YouTube, Hotels, and Flights to simplify data retrieval and accelerate the creative process. Android Police reports: This integration ensures that users can seamlessly amalgamate data from myriad sources, thereby accelerating your creative process or just making it easier to accomplish basic tasks across the board. These tools were originally teased at I/O before their wider release today. The company posted an excellent explainer of how this works on its YouTube channel.

With today's update, you can now sync Bard with your Gmail, Docs, and Drive. This capability ensures that the AI collaborates with your personal content, making data retrieval and summarization more fluid. With the enhancement of the Google It button, Bard's responses can be cross-checked with Google Search, instilling greater trust in AI-generated data. Additionally, conversations initiated by others via Bard can be continued in your account, emphasizing collaborative creativity. You can learn more about Google Bard Extensions here.

When it comes to US government employee satisfaction with IT services, one agency finds itself continually at the bottom of the heap: The rather crucial Department of Defense. From a report: Results from the General Services Administration's (GSA) Mission-Support Customer Satisfaction Survey published on Wednesday found the DoD was trailing the other 23 US federal government agencies included in the research. Of the seven technology user areas surveyed, the DoD came dead last in user satisfaction for IT support, equipment, function, and communication/collaboration.

The DoD didn't fare much better in the three areas it wasn't scraping the bottom, either. For strategic IT partnerships and development, modernizations and enhancement the Defense Department ranked twentieth (out of 24), and for operations and maintenance satisfaction it beat the US Department of Agriculture - barely - on the seven-point scale used by the GSA. Despite its abysmal ranking among its fellow federal agencies, the DoD's users were still generally okay with their IT service, with 65 percent of respondents saying they were at least somewhat satisfied with IT support, and 64.5 percent expressing some degree of satisfaction with their IT equipment. Only development, modernization and enhancement failed to net 50 percent satisfaction among DoD respondents.

According to a team of researchers from RMIT University in Australia, coffee grounds can be used as a silica substitute in the concrete production process to yield a significantly stronger chemical bond than sand alone. Engadget reports: "The disposal of organic waste poses an environmental challenge as it emits large amounts of greenhouse gases including methane and carbon dioxide, which contribute to climate change," lead author of the study, Dr Rajeev Roychand of RMIT's School of Engineering, said in a recent release. He notes that Australia alone produces 75 million kilograms of used coffee grounds each year, most of which ends up in landfills. Coffee grounds can't simply be mixed in raw with standard concrete as they won't bind with the other materials due to their organic content, Dr. Roychand explained. In order to make the grounds more compatible, the team experimented with pyrolyzing the materials at 350 and 500 degrees C, then substituting them in for sand in 5, 10, 15 and 20 percentages (by volume) for standard concrete mixtures.

The team found that at 350 degrees is perfect temperature, producing a "29.3 percent enhancement in the compressive strength of the composite concrete blended with coffee biochar," per the team's study, published in the September issue of Journal of Cleaner Production. "In addition to reducing emissions and making a stronger concrete, we're reducing the impact of continuous mining of natural resources like sand," Dr. Roychand said.

The CBC reports that "Some parts of the Halifax harbour turned a bright shade of pink on Thursday — for science."

After researchers dumped in 500 litres of safe, water-soluble dye, "boats, drones and underwater robots were then deployed to map the movement of the dye, so researchers can understand where materials spread and how quickly they do so." The CTV calls it "part of long-term research project that could help reverse some of the world's greenhouse gas emissions" by Dalhousie University and the climate-solutions research organization Planetary Technologies: The move is the first step, says Katja Fennel, an oceanographer at Dalhousie, before researchers release alkaline material into the water this fall. That material will effectively act as an antacid for the ocean, helping to neutralize the additional acidic carbon dioxide being absorbed by the world's oceans. "The purpose is to actually induce the ocean to take up atmospheric CO2 — CO2 from the air — and help us reduce legacy carbon dioxide emissions to the atmosphere," Fennel told CTV News.
To track the uptake of carbon dioxide, researchers need to account for the movement of water. So "The ultimate goal here is to test an idea for a technology that would help us reduce atmospheric CO2," one oceanographer leading the research told the CBC, "and could be one tool in the toolbox for fighting climate change..."

They point out that the ocean holds 50 times as much CO2 as is in the atmosphere, and call the experiment "cutting edge...world-leading research... Ocean alkalinity enhancement has the greatest potential, actually, in terms of storing carbon permanently and safely at a scale that is relevant for global climate."

Thanks to long-time Slashdot reader Baron_Yam for sharing the article.

An anonymous reader shared this report from CNBC: Sam Bankman-Fried's younger brother, who was a top lobbyist for failed crypto exchange FTX, considered purchasing the island nation of Nauru in the Pacific to create a fortified apocalypse bunker state, a lawsuit filed in Delaware bankruptcy court shows.

Gabe Bankman-Fried was looking at buying Nauru in the "event where 50%-99.99% of people die" to protect his philanthropic allies and create a genetically enhanced human species, according to the suit filed Thursday by attorneys from Sullivan & Cromwell, which is seeking to recover billions of dollars following the collapse of FTX... Along with an unnamed philanthropic officer of FTX, Gabe Bankman-Fried considered buying Nauru, in part to foster "sensible regulation around human genetic enhancement, and build a lab there...."

In addition to serving as a haven in case of apocalypse, "probably there are other things it's useful to do with a sovereign country, too," according to a memo between the younger Bankman-Fried and the philanthropic advisor, which was noted in the suit.
"A representative for Nauru confirmed the island nation was not and has never been for sale."

An anonymous reader shares a report: Not so long ago, Microsoft Edge ended up in hot waters after users discovered a bug leaking your browser history to Bing. Now you may want to toggle off another feature to ensure Edge is not sending every picture you view online to Microsoft. Edge has a built-in image enhancement tool that, according to Microsoft, can use "super-resolution to improve clarity, sharpness, lighting, and contrast in images on the web." Although the feature sounds exciting, recent Microsoft Edge Canary updates have provided more information on how image enhancement works. The browser now warns that it sends image links to Microsoft instead of performing on-device enhancements.

Amazon has introduced a new feature to Prime Video called Dialogue Boost. It's intended to isolate dialogue and make it louder relative to other sounds in streaming videos on the service. Ars Technica reports: Amazon describes how it works in a blog post: "Dialogue Boost analyzes the original audio in a movie or series and intelligently identifies points where dialogue may be hard to hear above background music and effects. Then, speech patterns are isolated and audio is enhanced to make the dialogue clearer. This AI-based approach delivers a targeted enhancement to portions of spoken dialogue, instead of a general amplification at the center channel in a home theater system."

Not all content will be eligible for the dialogue boost feature, though -- at least not yet. Amazon says it "has initially launched on select Amazon Originals worldwide" like The Marvelous Mrs. Maisel and The Big Sick. While this is partly an accessibility feature for people who are hard of hearing, Amazon is also responding to a widespread complaint among viewers. A 2022 survey found that 50 percent of 1,260 American viewers "watch content with subtitles most of the time," many of them citing "muddled audio" and saying that it's more difficult to understand dialogue in movies and TV shows than it used to be. [...] The company hasn't announced when the feature will expand to more content. But we wouldn't be surprised to see rapid expansion -- not just from Amazon, but from other streamers offering similar features, too.

"Java would become easier for students to learn under a proposal to introduce flexible main methods and anonymous main classes to the language," reports InfoWorld.

Details of the plan include enhancing the protocol by which Java programs are launched to be flexible, in particular to allow the String[] parameter of main methods to be omitted and allow main methods to be neither public nor static; the Hello World program would be simplified. Anonymous main classes would be introduced to make the class declaration implicit.
It's currently a disabled-by-default preview language feature in JDK 21 (scheduled for General Availability in September), included to provoke developer feedback based on real world use (which may lead to it becoming permanent in the future). This wouldn't introduce a separate beginner's dialect or beginners' toolchain of Java, emphasizes Java Enhancement Proposal (JEP) 445. "Student programs should be compiled and run with the same tools that compile and run any Java program."

But it argues that a simple "Hello World" program today has "too much clutter...too much code, too many concepts, too many constructs — for what the program does."


public class HelloWorld {
public static void main(String[] args) {
System.out.println("Hello, World!");
}
}



Anonymous main classes would make the public class declaration implicit (while also sparing newbies the "mysterious" modifier static and the args parameter String[] ). The program is streamlined to:


void main() {
System.out.println("Hello, World!");
}


The proposal argues this change reduces "the ceremony of writing simple programs such as scripts and command-line utilities." And since Java is intended to be a first programming language, this change would mean students "can write their first programs without needing to understand language features designed for large programs," using instead "streamlined declarations for single-class programs". (This allows students and educators to explore language features more gradually.) A Hello, World! program written as an anonymous main class is much more focused on what the program actually does, omitting concepts and constructs it does not need. Even so, all members are interpreted just as they are in an ordinary class. To evolve an anonymous main class into an ordinary class, all we need to do is wrap its declaration, excluding import statements, inside an explicit class declaration.

Oracle today announced the availability of Java 20, the latest version of the popular programming language and development platform. From a report: The latest version of the 27-year-old language includes thousands of performance, stability and security improvements and features seven enhancement proposals to the Java Development Kit that are aimed at increasing developer productivity and enhancing performance, stability and security. Oracle has coordinated a disciplined rollout of new Java releases on a six-month cadence for the past five years and says it's the top contributor to the open-source project. Java is the world's third most widely used programming language, according to Tiobe Software BV, and is No. 1 in organizational development, according to Oracle. "The innovation pipeline has never been richer," said Chad Arimura, vice president of developer relations at Oracle. "The problem space is changing and developers have higher demands on their programming languages than ever."

Samsung's Galaxy smartphones now offer "Space Zoom," writes Apple Insider, a feature augmenting 3x and 10x telephoto cameras with digital zoom "aided by Samsung's AI Super Resolution technology."

But the resulting 100X zoom levels "appear to be more a feat of AI trickery than anything else," they conclude, citing an investigation by a Reddit user: That so-called Space Zoom could potentially allow users to photograph the moon, and many do. However, it may be the case that the level of detail in the moon shots may only be higher due to software shenanigans....

The user tested the effect by downloading a high-resolution image of the moon, then downsized it to a 170 by 170-resolution image, and then applied a gaussian blur to obliterate any final details of its surface. They then showed the low-res blurry moon at full screen on their monitor, walked to the other end of their room, zoomed in on the fake celestial body, and took a photograph. After some processing, an image of the moon was produced by the smartphone, but the surface had considerably more detail for the surface than the doctored source. The user reckons Samsung "is leveraging an AI model to put craters and other details on places which were just a blurry mess."

They go further to stress that while super resolution processing uses multiple images to recover otherwise-lost detail, this seems to be something different. It is proposed that this is a case "where you have a specific AI model trained on a set of moon images, in order to recognize the moon and slap on the moon texture on it."
The Reddit user has now posted an update: I photoshopped one moon next to another (to see if one moon would get the AI treatment, while another would not), and managed to coax the AI to do exactly that.... [O]ne moon got the "AI enhancement", while the other one shows what was actually visible to the sensor — a blurry mess....

It's literally adding in detail that weren't there. It's not deconvolution, it's not sharpening, it's not super resolution, it's not "multiple frames or exposures". It's generating data.

America's Transportation Security Administration "has been quietly testing controversial facial recognition technology for passenger screening at 16 major domestic airports — from Washington to Los Angeles," reports the Washington Post.

Their article adds that the agency "hopes to expand it across the United States as soon as next year." Kiosks with cameras are doing a job that used to be completed by humans: checking the photos on travelers' IDs to make sure they're not impostors.... You step up to the travel document checker kiosk and stick your ID into a machine. Then you look into a camera for up to five seconds and the machine compares your live photo to the one it sees on your ID. They call this a "one to one" verification system, comparing one face to one ID. Even though the software is judging if you're an impostor, there's still a human agent there to make the final call (at least for now).

So how accurate is it? The TSA says it's been better at verifying IDs than the manual process. "This technology is definitely a security enhancement," said [TSA program manager Jason] Lim. "We are so far very satisfied with the performance of the machine's ability to conduct facial recognition accurately...." But the TSA hasn't actually released hard data about how often its system falsely identifies people, through incorrect positive or negative matches. Some of that might come to light next year when the TSA has to make its case to the Department of Homeland Security to convert airports all over the United States into facial recognition systems....

The TSA says it doesn't use facial recognition for law-enforcement purposes. It also says it minimizes holding on to our face data, so it isn't using the scans to build out a new national database of face IDs. "The scanning and match is made and immediately overwritten at the Travel Document Checker podium. We keep neither the live photo nor the photo of the ID," said Lim. But the TSA did acknowledge there are cases in which it holds on to the data for up to 24 months so its science and technology office can evaluate the system's effectiveness....

"None of this facial recognition technology is mandated," said Lim. "Those who do not feel comfortable will still have to present their ID — but they can tell the officer that they do not want their photo taken, and the officer will turn off the live camera." There are also supposed to be signs around informing you of your rights.
Here's the TSA's web page about the program. Thanks to long-time Slashdot reader SonicSpike for sharing the article.