"AI-driven 0-day detection is here," argues a new blog post from ZeroPath, makers of a GitHub app that "detects, verifies, and issues pull requests for security vulnerabilities in your code."

They write that AI-assisted security research "has been quietly advancing" since early 2023, when researchers at the DARPA and ARPA-H's Artificial Intelligence Cyber Challenge demonstrated the first practical applications of LLM-powered vulnerability detection — with new advances continuing. "Since July 2024, ZeroPath's tool has uncovered critical zero-day vulnerabilities — including remote code execution, authentication bypasses, and insecure direct object references — in popular AI platforms and open-source projects." And they ultimately identified security flaws in projects owned by Netflix, Salesforce, and Hulu by "taking a novel approach combining deep program analysis with adversarial AI agents for validation. Our methodology has uncovered numerous critical vulnerabilities in production systems, including several that traditional Static Application Security Testing tools were ill-equipped to find..." TL;DR — most of these bugs are simple and could have been found with a code review from a security researcher or, in some cases, scanners. The historical issue, however, with automating the discovery of these bugs is that traditional SAST tools rely on pattern matching and predefined rules, and miss complex vulnerabilities that do not fit known patterns (i.e. business logic problems, broken authentication flaws, or non-traditional sinks such as from dependencies). They also generate a high rate of false positives.

The beauty of LLMs is that they can reduce ambiguity in most of the situations that caused scanners to be either unusable or produce few findings when mass-scanning open source repositories... To do this well, you need to combine deep program analysis with an adversarial agents that test the plausibility of vulnerabilties at each step. The solution ends up mirroring the traditional phases of a pentest — recon, analysis, exploitation (and remediation which is not mentioned in this post)...

AI-driven vulnerability detection is moving fast... What's intriguing is that many of these vulnerabilities are pretty straightforward — they could've been spotted with a solid code review or standard scanning tools. But conventional methods often miss them because they don't fit neatly into known patterns. That's where AI comes in, helping us catch issues that might slip through the cracks.
"Many vulnerabilities remain undisclosed due to ongoing remediation efforts or pending responsible disclosure processes," according to the blog post, which includes a pie chart showing the biggest categories of vulnerabilities found:

• 53%: Authorization flaws, including roken access control in API endpoints and unauthorized Redis access and configuration exposure. ("Impact: Unauthorized access, data leakage, and resource manipulation across tenant boundaries.")

• 26%: File operation issues, including directory traversal in configuration loading and unsafe file handling in upload features. ("Impact: Unauthorized file access, sensitive data exposure, and potential system compromise.")

• 16%: Code execution vulnerabilities, including command injection in file processing and unsanitized input in system commands. ("Impact: Remote code execution, system command execution, and potential full system compromise.")

The company's CIO/cofounder was "former Red Team at Tesla," according to the startup's profile at YCombinator, and earned over $100,000 as a bug-bounty hunter. (And another co-founded is a former Google security engineer.)

Thanks to Slashdot reader Mirnotoriety for sharing the article.

An anonymous reader quotes a report from Behind the Black: According to a new very detailed engineering analysis into the causes of the collapse of the Arecibo radio telescope in Puerto Rico in 2020, the failure was caused first by a surprising interaction between the radio electronics of Arecibo and the traditional methods used to anchor the cables, and second by a failure of inspections to spot the problem as it became obvious.

The surprising engineering discovery is illustrated [here (PNG)]. The main antenna of Arecibo was suspended above the bowl below by three main cables. The figure shows the basic design of the system used to anchor the cable ends to their sockets. The end of the cable bunches would be inserted into the socket, spread apart, and then zinc would be poured in to fill the gap and then act as a plug and glue to hold the cables in place. According to the report, this system has been used for decades in many applications very successfully.

What the report found however was at Arecibo over time the cable bunch and zinc plug slowly began to pull out of the socket, what the report labels as "zinc creep." This was noted by inspectors, but dismissed as a concern because they still believed the engineering margins were still high enough to prevent failure at this point. In fact, this is exactly where the structure failed in 2020, with the first cable separating as shown in August 2020. The second cable did so in a similar manner in November 2020.

The report concluded that the "only hypothesis the committee could develop that provides a plausible but unprovable answer to all these questions and the observed socket failure pattern is that the socket zinc creep was unexpectedly accelerated in the Arecibo Telescope's uniquely powerful electromagnetic radiation environment. The Arecibo Telescope cables were suspended across the beam of 'the most powerful radio transmitter on Earth.'"

First we had friends. Then we had influencers. And if Mark Zuckerberg is correct, the next big thing in our social media feeds will be AI generated content. Lots of it. Fortune: Zuckerberg described our future feeds during Facebook-parent company Meta's third quarter earnings conference call on Wednesday, describing it as a natural evolution. "I think were going to add a whole new category of content which is AI generated or AI summarized content, or existing content pulled together by AI in some way," the Meta CEO said. "And I think that that's gonna be very exciting for Facebook and Instagram and maybe Threads, or other kinds of feed experiences over time."

Zuckerberg touted the company's Llama large language model and the success of products it powers, such as the Meta AI chatbot that is now used by more than 500 million users every month. But Llama will increasingly play a role across Meta's business, Zuckerberg said, including tools for business customers and advertisers. As AI tools become more widespread, AI content will proliferate within social media feeds. Such feeds are actively being worked on inside Meta, Zuckerberg noted. "It's something we're starting to test different things around." "I don't know if we know what's exactly going to work really well yet, but some things are really promising," he added. "I have high confidence that over the next several years, this will be one of the important trends and one of the important applications."

GitHub Copilot will switch from using exclusively OpenAI's GPT models to a multi-model approach, adding Anthropic's Claude 3.5 Sonnet and Google's Gemini 1.5 Pro. Ars Technica reports: First, Anthropic's Claude 3.5 Sonnet will roll out to Copilot Chat's web and VS Code interfaces over the next few weeks. Google's Gemini 1.5 Pro will come a bit later. Additionally, GitHub will soon add support for a wider range of OpenAI models, including GPT o1-preview and o1-mini, which are intended to be stronger at advanced reasoning than GPT-4, which Copilot has used until now. Developers will be able to switch between the models (even mid-conversation) to tailor the model to fit their needs -- and organizations will be able to choose which models will be usable by team members.

The new approach makes sense for users, as certain models are better at certain languages or types of tasks. "There is no one model to rule every scenario," wrote [GitHub CEO Thomas Dohmke]. "It is clear the next phase of AI code generation will not only be defined by multi-model functionality, but by multi-model choice." It starts with the web-based and VS Code Copilot Chat interfaces, but it won't stop there. "From Copilot Workspace to multi-file editing to code review, security autofix, and the CLI, we will bring multi-model choice across many of GitHub Copilot's surface areas and functions soon," Dohmke wrote. There are a handful of additional changes coming to GitHub Copilot, too, including extensions, the ability to manipulate multiple files at once from a chat with VS Code, and a preview of Xcode support. GitHub also introduced "Spark," a natural language-based app development tool that enables both non-coders and coders to create and refine applications using conversational prompts. It's currently in an early preview phase, with a waitlist available for those who are interested.

OpenAI is partnering with Broadcom and TSMC to design its first in-house AI chip while supplementing its infrastructure with AMD chips, aiming to diversify its reliance on Nvidia GPUs. "The company has dropped the ambitious foundry plans for now due to the costs and time needed to build a network, and plans instead to focus on in-house chip design effort," adds Reuters. From the report: OpenAI has been working for months with Broadcom to build its first AI chip focusing on inference, according to sources. Demand right now is greater for training chips, but analysts have predicted the need for inference chips could surpass them as more AI applications are deployed. Broadcom helps companies including Alphabet unit Google fine-tune chip designs for manufacturing and also supplies parts of the design that help move information on and off the chips quickly. This is important in AI systems where tens of thousands of chips are strung together to work in tandem. OpenAI is still determining whether to develop or acquire other elements for its chip design, and may engage additional partners, said two of the sources.

The company has assembled a chip team of about 20 people, led by top engineers who have previously built Tensor Processing Units (TPUs) at Google, including Thomas Norrie and Richard Ho. Sources said that through Broadcom, OpenAI has secured manufacturing capacity with Taiwan Semiconductor Manufacturing Company to make its first custom-designed chip in 2026. They said the timeline could change. Currently, Nvidia's GPUs hold over 80% market share. But shortages and rising costs have led major customers like Microsoft, Meta, and now OpenAI, to explore in-house or external alternatives.

Linux creator Linus Torvalds has blasted the AI industry as "90% marketing and 10% reality" even as he acknowledged AI's transformative potential. Speaking to TFiR, Torvalds said he would "basically ignore" AI until the hype subsides, predicting meaningful applications would emerge in five years.

The Finnish software pioneer singled out ChatGPT and graphic design as current practical use cases. His criticism follows Baidu CEO's recent warning of an impending AI bubble burst, claiming only 1% of companies would survive the fallout. "I think AI is really interesting, and I think it is going to change the world. And, at the same time, I hate the hype cycle so much that I really don't want to go there," Torvalds said.

NASA's economic impact report highlights that in fiscal year 2023, the agency's initiatives contributed $75.6 billion to the U.S. economy, created over 300,000 jobs, and drove advancements in areas like space exploration, climate research, and technology innovation. The agency's budget for that year was $25.4 billion. Space.com reports: The Moon to Mars program alone created $23.8 billion in economic output and 96,479 jobs, while investments in climate research and technology contributed $7.9 billion and 32,900 jobs. The report also drills down into impacts in each state, with 45 states seeing over $10 million in impact and eight states surpassing the $1 billion mark. [...]

NASA's missions supported 304,803 jobs across America, according to the report -- the third agency-wide study of its kind -- generating an estimated total of $9.5 billion in federal, state, and local taxes. Additionally, NASA's technological innovations and transfers in 2023 led to 40 new patent applications, 69 patents issued, and thousands of software usage agreements. A number of NASA technology spinoffs have become everyday household items. The full NASA economic impact report can be found here.

"We passed Berkeley air — just outdoor air — into the material to see how it would perform," says U.C. Berkeley chemistry professor Omar Yaghi, "and it was beautiful.

"It cleaned the air entirely of CO2," Yaghi says in an announcement from the university. "Everything."

SFGate calls it "a discovery that could help potentially mitigate the effects of climate change..." Yaghi's lab has worked on carbon capture since the 1990s and began work on these crystalline structures in 2005. The innovative substance has lots of tiny holes, making it "great for storing gases or liquids, much like a sponge holds water," Yaghi said... While it could take one to two years for the powder to be usable in large-scale applications, Yaghi co-founded Atoco, an Irvine company, to commercialize his research and expand it beyond just carbon capture and storage.
"Capturing carbon from the air just got easier," says the headline on the anouncement from the university, which explains why this technology is crucial: [T]oday's carbon capture technologies work well only for concentrated sources of carbon, such as power plant exhaust. The same methods cannot efficiently capture carbon dioxide from ambient air, where concentrations are hundreds of times lower than in flue gases. Yet direct air capture, or DAC, is being counted on to reverse the rise of CO2 levels, which have reached 426 parts per million, 50% higher than levels before the Industrial Revolution. Without it, according to the Intergovernmental Panel on Climate Change, we won't reach humanity's goal of limiting warming to 1.5 degreesC (2.7 degreesF) above preexisting global averages.

A new type of absorbing material developed by chemists at the University of California, Berkeley, could help get the world to negative emissions... According to Yaghi, the new material could be substituted easily into carbon capture systems already deployed or being piloted to remove CO2 from refinery emissions and capture atmospheric CO2 for storage underground. UC Berkeley graduate student Zihui Zhou, the paper's first author, said that a mere 200 grams of the material, a bit less than half a pound, can take up as much CO2 in a year — 20 kilograms (44 pounds) — as a tree.
Their research was published this week in the journal Nature.

And it's also interesting that they're using AI, according to the university's announcement: Yaghi is optimistic that artificial intelligence can help speed up the design of even better COFs and MOFs for carbon capture or other purposes, specifically by identifying the chemical conditions required to synthesize their crystalline structures. He is scientific director of a research center at UC Berkeley, the Bakar Institute of Digital Materials for the Planet (BIDMaP), which employs AI to develop cost-efficient, easily deployable versions of MOFs and COFs to help limit and address the impacts of climate change. "We're very, very excited about blending AI with the chemistry that we've been doing," he said.
Another potential use could be for harvesting water from desert air for drinking water, Yaghi told SFGate. But he seems very focused specifically on carbon capture.

"Another thing is that we need a strong determination among officials and industries to make carbon capture a high priority. Things have to change, but I believe that direct carbon capture from air is very doable."

Bitwarden describes itself as an "open source password manager for business." But it also made a change to its build requirement which led to an issue on the project's GitHub page titled "Desktop version 2024.10.0 is no longer free software."

In the week that followed Bitwarden's official account on X.com promised a fix was coming. "It seems a packaging bug was misunderstood as something more, and the team plans to resolve it. Bitwarden remains committed to the open source licensing model in place for years, along with retaining a fully featured free version for individual users." And Thursday Bitwarden followed through with new changes to address the concerns.

The Register reports the whole episode started because of a new build requirement added in a pull request a couple of weeks ago titled "Introduce SDK client." This SDK is required to compile the software from source — either the Bitwarden server or any of its client applications... [But the changed license had warned "You may not use this SDK to develop applications for use with software other than Bitwarden (including non-compatible implementations of Bitwarden) or to develop another SDK."]
Phoronix picks up the story: The issue of this effectively not making the Bitwarden client free software was raised in this GitHub issue... Bitwarden founder and CTO Kyle Spearrin has commented on the ticket... "Being able to build the app as you are trying to do here is an issue we plan to resolve and is merely a bug." The ticket was subsequently locked and limited to collaborators.
And Thursday it was Bitwarden founder and CTO Kyle Spearrin who again re-appeared in the Issue — first thanking the user who had highlighted the concerns. "We have made some adjustments to how the SDK code is organized and packaged to allow you to build and run the app with only GPL/OSI licenses included." The sdk-internal package references in the clients now come from a new sdk-internal repository, which follows the licensing model we have historically used for all of our clients (see LICENSE_FAQ.md for more info). The sdk-internal reference only uses GPL licenses at this time. If the reference were to include Bitwarden License code in the future, we will provide a way to produce multiple build variants of the client, similar to what we do with web vault client builds.

The original sdk repository will be renamed to sdk-secrets, and retains its existing Bitwarden SDK License structure for our Secrets Manager business products. The sdk-secrets repository and packages will no longer be referenced from the client apps, since that code is not used there.

Longtime Slashdot reader Baron_Yam writes: Memristors are the long-sought 4th fundamental circuit element. They promise analog computing capability in hardware, the ability to hold state without power, and to work with less power. A small cluster of them can replace a transistor using less space. Working and long term storage can blend together and neural networks can be implemented in hardware -- they are a game-changing innovation. Now, researchers are getting closer to putting these into production as they can now produce graphene-based memristors at wafer scale. "One of the key challenges in memristor development is device degradation, which graphene can help prevent," reports Phys.Org. "By blocking chemical pathways that degrade traditional electrodes, graphene could significantly extend the lifetime and reliability of these devices. Its remarkable transparency, transmitting 98% of light, also opens doors to advanced computing applications, particularly in AI and optoelectronics."

The findings have been published in the journal ACS Advanced Electronic Materials.

The chief scientist of the Asia Pacific Network Information Center has a theory about why the world hasn't moved to IPv6. From a report: In a lengthy post to the center's blog, Geoff Huston recounts that the main reason for the development of IPv6 was a fear the world would run out of IP addresses, hampering the growth of the internet. But IPv6 represented evolution -- not revolution. "The bottom line was that IPv6 did not offer any new functionality that was not already present in IPv4. It did not introduce any significant changes to the operation of IP. It was just IP, with larger addresses," Huston wrote.

IPv6's designers assumed that the protocol would take off because demand for IPv4 was soaring. But in the years after IPv6 debuted, Huston observes, "There was no need to give the transition much thought." Internetworking wonks assumed applications, hosts, and networks would become dual stack and support IPv6 alongside IPv4, before phasing out the latter. But then mobile internet usage exploded, and network operators had to scale to meet unprecedented demand created by devices like the iPhone. "We could either concentrate our resources on meeting the incessant demands of scaling, or we could work on IPv6 deployment," Huston wrote.

The Register's Laura Dobberstein reports: Huawei formally launched its home-brewed operating system, HarmonyOS NEXT, on Wednesday, marking its official separation from the Android ecosystem. Huawei declared it released and "officially started public beta testing" of the OS for some of its smartphones and tablets that run its own Kirin and Kunpeng chips.

Unlike previous iterations of HarmonyOS, HarmonyOS NEXT no longer supports Android apps. Huawei maintains top Chinese outfits aren't deterred by that. It cited Meituan, Douyin, Taobao, Xiaohongshu, Alipay, and JD.com as among those who have developed native apps for the OS. In case you're not familiar, they're China's top shopping, payment, and social media apps.

Huawei also claimed that at the time of its announcement, over 15,000 HarmonyOS native applications and meta-services were also launched. That's a nice number, but well short of the millions of apps found on the Google Play Store and Apple's App Store. The Chinese tech player also revealed that the operating system has 110 million lines of code and claimed it improves the overall performance of mobile devices running it by 30 percent. It also purportedly increases battery life by 56 minutes and leaves an average of 1.5GB of memory for purposes other than running the OS.

Applications to MBA programs jumped 12% in 2024, with full-time programs surging 32% to decade-high levels, WSJ is reporting, citing the Graduate Management Admission Council's latest survey. Top-tier U.S. schools reported significant gains, with Columbia Business School seeing a 27% rise and Harvard Business School applications climbing 21%. So what's behind the surge? The story adds: Today, the U.S. job market is strong, and unemployment remains low. But lower wage positions in retail and dining, as well as healthcare and government, have fueled much of the labor market's growth over the past two years.

A white-collar job market downturn that began with tech workers in 2022 has spread to other sectors. Major employers including Goldman Sachs, Lyft, Microsoft and PricewaterhouseCoopers have laid off a combined tens of thousands of workers this year. Hiring for roles that usually require a bachelor's degree dropped below 2019 levels in recent months, according to payroll provider ADP. That slump has been steeper for 20-somethings, who are running into a bottleneck on the lower rungs of the corporate ladder as more established professionals stay put.

NASA has revealed a full-scale prototype for six telescopes designed to detect gravitational waves. Phys.Org reports: The LISA (Laser Interferometer Space Antenna) mission is led by ESA (European Space Agency) in partnership with NASA to detect gravitational waves by using lasers to measure precise distances -- down to picometers, or trillionths of a meter -- between a trio of spacecraft distributed in a vast configuration larger than the sun. Each side of the triangular array will measure nearly 1.6 million miles, or 2.5 million kilometers.

The Engineering Development Unit Telescope, which was manufactured and assembled by L3Harris Technologies in Rochester, New York, arrived at Goddard in May. The primary mirror is coated in gold to better reflect the infrared lasers and to reduce heat loss from a surface exposed to cold space, since the telescope will operate best when close to room temperature.

The prototype is made entirely from an amber-colored glass-ceramic called Zerodur, manufactured by Schott in Mainz, Germany. The material is widely used for telescope mirrors and other applications requiring high precision because its shape changes very little over a wide range of temperatures. The LISA mission is slated to launch in the mid-2030s.

An anonymous reader quotes a report from Science Magazine: Imagine a thin wristband that monitors your steps and heartbeat like an Apple Watch. Or clothing that keeps you cool with built-in air conditioning. Or even a flexible implant that could help your heart better than a bulky pacemaker. That's the promise of a new, electrically active material researchers have created by combining short chains of amino acids called peptides with snippets of a polymer plastic. This "electric plastic," reported this month in Nature, can store energy or record information, opening the door to self-powered wearables, real-time neural interfaces, and medical implants that merge with bodies better than current tech. [...]

Samuel Stupp, a materials scientist at Northwestern University, and his colleagues thought they could improve on polyvinylidene fluoride's (PVDF) properties. The team connected peptides with small PVDF segments, which naturally assembled into long, flexible ribbons. The molecules then coalesced into bundles and aligned to form an electro-active material. "Remarkably," Stupp says, "the self-assembly process is triggered by adding water." The new material overcomes PVDF's limitations. It requires 100 times less voltage to switch polarization compared with other ferroelectric materials, making it ideal for low-power applications. And it retains its ferroelectric properties at temperatures of 110C -- about 40C higher than other PVDF materials.

Stupp's new material can store energy or information by electrically switching the polarity of each ribbon. And because the peptide on the end of each ribbon can be connected to proteins on neurons or other cells, the molecules can record the signals from the brain, heart, or other organs -- or electrically stimulate them. By using low-power techniques like ultrasound to "charge" the molecules, the material could be used to stimulate neurons as a treatment for chronic paralysis, Stupp says. Study co-author Yang Yang, an electrical power engineer at Northwestern, notes that PVDF is biocompatible, making the material a promising candidate for soft implants that could be wirelessly controlled from outside the body. Stupp's team has conducted small-scale evaluations of molecules, but scaling up will require placing water-suspended structures onto devices without altering them -- a challenge noted by chemist Frank Leibfarth. Even with this hurdle, "This advance has enabled a number of attractive properties compared to other organic polymers," he says.

Stupp added: "This paper has a much broader concept than just vinylidene fluoride. There probably are other possibilities ... that don't have fluorine."

For the first time in 50 years, humans will walk on the moon again. Currently planned for as soon as 2026, the Artemis III mission "will be one of the most complex undertakings of engineering and human ingenuity in the history of deep space exploration..." writes NASA. "Two crew members will descend to the surface and spend approximately a week near the South Pole of the Moon conducting new science before returning to lunar orbit..."

And they'll be wearing Prada, according to a Space News report from Milan: At a briefing at the International Astronautical Congress here October 16, Axiom and Prada revealed details about the Axiom Extravehicular Mobility Unit (AxEMU) suit that Axiom is creating for use by NASA on lunar landing missions starting with Artemis 3... Axiom emphasized the advanced capabilities in the suit, particularly when compared to the suits worn by the Apollo astronauts on moonwalks more than a half-century ago [including greater redundancy and healthy monitoring systems not available in Apollo-era suits]...

The unveiling came just over a year after Axiom announced it was working with luxury goods company Prada, an unconventional partnership intended to leverage Prada's expertise in materials and design... [Axiom's executive VP of extravehicular activity Russell Ralston] said Axiom has leveraged Prada's expertise in fabrics and garment design in helping create the outer layer of the suit, which reflects sunlight and keeps dust from getting into interior layers... "If you look across all the different technologies that are needed within the suit, the uniqueness of those technologies and their application, the supply chain has tended to be pretty unstable," he said. "So, one of the things that Prada has really helped us with is bringing stability to that base, especially on the fabric side...."

Not surprisingly, Prada also contributed to the appearance of the suit. "One of the things that was important to us was the appeal of the suit, the look of the suit," Ralston said. "Something that Prada brought to the table was helping with the general aesthetic of the suit." One design aspect that brought the two companies together was a prominent red stripe on the suit. Ralston noted that was a nod to a NASA tradition where the mission commander's suit would have that red stripe to distinguish them from another spacewalker...

While the current focus of the suit is for walking on the moon, Ralston said the suit can be easily adapted for applications in low Earth orbit, such as spacewalks from the International Space Station or Axiom's future commercial space station.
The article adds that 30 people worked on the suit (full- or part-time). "These suits will give the astronauts increased range of motion and flexibility to explore more of the landscape than on previous lunar missions," according to NASA.

With "the ability to send high quality images and video to the ground with advanced communication technology, they will be sharing a unique new human experience with the world."

Thanks to long-time Slashdot reader schwit1 for sharing the news.

"A technology pioneered by Benjamin Franklin is being revived to build more efficient electric motors," reports the Wall Street Journal, "an effort in its nascent stage that has the potential to be massive." A handful of scientists and engineers — armed with materials and techniques unimaginable in the 1700s — are creating modern versions of Franklin's "electrostatic motor," that are on the cusp of commercialization... Franklin's "electrostatic motor" uses alternating positive and negative charges — the same kind that make your socks stick together after they come out of the dryer — to spin an axle, and doesn't rely on a flow of current like conventional electric motors. Every few years, an eager Ph.D. student or engineer rediscovers this historical curiosity. But other than applications in tiny pumps and actuators etched on microchips, where this technology has been in use for decades, their work hasn't made it out of the lab.

Electrostatic motors have several potentially huge advantages over regular motors. They are up to 80% more efficient than conventional motors after all the dependencies of regular electric motors are added in. They could also allow new kinds of control and precision in robots, where they could function more like our muscles. And they don't use rare-earth elements because they don't have permanent magnets, and require as little as 5% as much copper as a conventional motor. Both materials have become increasingly scarce and expensive over the past decade, and supply chains for them are dominated by China.
"It's reminiscent of the early 1990s, when Sony began to produce and sell the first rechargeable lithium-ion batteries, a breakthrough that's now ubiquitous..." according to the article. "These motors could lead to more efficient air-conditioning systems, factories, logistics hubs and data centers, and — since they can double as generators — better ways of generating renewable energy. They might even show up in tiny surveillance drones."

And the article points out that C-Motive Technologies, a 16-person startup in Wisconsin, is already "reaching out to companies, hoping to get their motors out into the real world." ("So far, FedEx and Rockwell Automation, the century-old supplier of automation to factories, are among those testing their motors.") C-Motive's founders discovered that a number of technologies had matured enough that, when combined, could yield electrostatic motors competitive with conventional ones. These enabling technologies include super fast-switching power electronics — like those in modern electric vehicles — that can toggle elements of the motor between states of positive and negative charge very quickly... Dogged exploration of combinations of various readily available industrial organic fluids led to a proprietary mix that can both multiply the strength of the electric field and insulate the motor's spinning parts from each other — all without adding too much friction — says C-Motive Chief Executive Matt Maroon.

An anonymous reader shared this report from Forbes: Recent headlines have proclaimed that Chinese scientists have hacked "military-grade encryption" using quantum computers, sparking concern and speculation about the future of cybersecurity. The claims, largely stemming from a recent South China Morning Post article about a Chinese academic paper published in May, was picked up by many more serious publications.

However, a closer examination reveals that while Chinese researchers have made incremental advances in quantum computing, the news reports are a huge overstatement. "Factoring a 50-bit number using a hybrid quantum-classical approach is a far cry from breaking 'military-grade encryption'," said Dr. Erik Garcell, Head of Technical Marketing at Classiq, a quantum algorithm design company. While advancements have indeed been made, the progress represents incremental steps rather than a paradigm-shifting breakthrough that renders current cryptographic systems obsolete. "This kind of overstatement does more harm than good," Dr. Garcell said. "Misrepresenting current capabilities as 'breaking military-grade encryption' is not just inaccurate — it's potentially damaging to the field's credibility...."

In fact, the Chinese paper in question, titled Quantum Annealing Public Key Cryptographic Attack Algorithm Based on D-Wave Advantage, does not mention military-grade encryption, which typically involves algorithms like the Advanced Encryption Standard (AES). Instead, the paper is about attacking RSA encryption (RSA stands for Rivest-Shamir-Adleman, named after its creators)... While factoring a 50-bit integer is an impressive technical achievement, it's important to note that RSA encryption commonly uses key sizes of 2048 bits or higher. The difficulty of factoring increases exponentially with the size of the number, meaning that the gap between 50-bit and 2048-bit integers is astronomically large.

Moreover, the methods used involve a hybrid approach that combines quantum annealing with classical computation. This means that the quantum annealer handles part of the problem, but significant processing is still performed by classical algorithms. The advances do not equate to a scalable method for breaking RSA encryption as it is used in practical applications today.
Duncan Jones, Head of Cybersecurity at Quantinuum, tells Forbes that if China had actually broken AES — they'd be keeping it secret (rather than publicizing it in newspapers).

The parents of a Massachusetts student are suing his school after he was penalized for using AI in a Social Studies project, claiming it was for research purposes only. The student received a detention and a lower grade, which his parents argue could harm his college prospects. The school is defending its AI policy and fighting to dismiss the case. The Register reports: "The Plaintiff Student will suffer irreparable harm that far outweighs any harm that may befall the Defendants," their filing reads [PDF]. "He is applying to elite colleges and universities given his high level of academic and personal achievement. Early decision and early action applications in a highly competitive admissions process are imminent and start in earnest on October 1, 2024. Absent the grant of an injunction by this Court, the Student will suffer irreparable harm that is imminent."

The school, however, is fighting back with a motion to dismiss [PDF] the case. The school argues that RNH, along with his classmates, was given a copy of the student handbook in the Fall of last year, which specifically called out the use of AI by students. The class was also shown a presentation about the school's policy. Students should "not use AI tools during in-class examinations, processed writing assignments, homework or classwork unless explicitly permitted and instructed," the policy states. "RNH unequivocally used another author's language and thoughts, be it a digital and artificial author, without express permission to do so," the school argues. "Furthermore, he did not cite to his use of AI in his notes, scripts or in the project he submitted. Importantly, RNH's peers were not allowed to cut corners by using AI to craft their projects; thus, RNH acted 'unfairly in order to gain an advantage.'"

An anonymous reader shares a report: The big financial moments in life used to be marked with a flourish of a pen. Buying a house. A car. Breakfast. Not anymore. Visa, Mastercard, Discover and American Express dropped the requirement to sign for charges like restaurant checks in 2018. They don't look at our scribbles to verify identity or stop fraud. Taps, clicks and electronic signatures took over the heavy lifting for many everyday purchases -- and many contracts, loan applications and even Social Security forms. The John Hancock was written off as a relic useful mainly to inflate the value of sports memorabilia. But signatures didn't die.

We continue to be asked to sign with ink on paper or using fingers on touch screens at many restaurants, bars and other businesses. And people keep signing card receipts out of habit -- even when there is no blank space for it -- because it feels weird not to, payment networks and retail groups say. "Traditions have this odd way of sticking around," said Doug Kantor, general counsel of the National Association of Convenience Stores. Signatures had been used to verify identity and agree to financial terms for centuries. Banks kept records of customer signatures to check against, but the sheer number of transactions and advancements in technology eventually made that impractical.

By the 1980s, charges could be processed electronically. Signatures were still used in cases of fraud or stolen cards. Banks could call merchants and ask them to present a signed receipt. Yet given how easy signatures are to forge, they proved limited as a fraud prevention tool. Now there are more sophisticated ways to determine whether cards are stolen or misused, according to Mark Nelsen, global head of consumer payments at Visa.