Apple once designed a Tetris clone that has been found on a prototype version of the third-generation iPod, indicating the company was experimenting with releasing the game on the music player. From a report: It's called Stacker and, obviously, is controlled via the iPod's scroll wheel. The software was spotted by X user AppleDemoYT, who is known for finding rare prototype devices. The prototype iPod is a "DVT" device, meaning it was a mid-stage device that was still in "Design Validation Testing." It has a model number of A1023, which is not a known model number of any iPod version.

The device runs a prototype version of iPodOS 2.0, which is where Stacker comes from. The pieces are moved from left to right using the scroll wheel and they fall when the middle button is pressed. The goal is to clear lines and score points. You know the deal. It's Tetris. It's not the only game found on the prototype iPod. There's something called Block0, which is likely an early version of Brick. The device also features a game called Klondike, which is likely an early version of Solitaire. The music player did eventually get some games, including the aforementioned Solitaire and Brick. AppleDemoYT asked former Apple VP Tony Fadell why Stacker was never released and he said it was because games didn't show up until a "later software release."

fjo3 quotes a report from Reuters: SpaceX on Wednesday launched an inaugural batch of operational spy satellites it built as part of a new U.S. intelligence network designed to significantly upgrade the country's space-based surveillance powers, the first deployment of several more planned this year. The spy network was revealed in a pair of Reuters reports earlier this year showing SpaceX is building hundreds of satellites for the U.S. National Reconnaissance Office, an intelligence agency, for a vast system in orbit capable of rapidly spotting ground targets almost anywhere in the world.

SpaceX's Falcon 9 rocket lifted off from the Vandenberg Space Force Base in Southern California at 4 a.m. EDT on Wednesday, carrying into space what the NRO said was the "first launch of the NRO's proliferated systems featuring responsive collection and rapid data delivery." "Approximately half a dozen launches supporting NRO's proliferated architecture are planned for 2024, with additional launches expected through 2028," the agency said, without naming the number of satellites deployed.

This week the nonprofit Linux Foundation announced the launch of the High Performance Software Foundation, which "aims to build, promote, and advance a portable core software stack for high performance computing" (or HPC) by "increasing adoption, lowering barriers to contribution, and supporting development efforts."

It promises initiatives focused on "continuously built, turnkey software stacks," as well as other initiatives including architecture support and performance regression testing. Its first open source technical projects are:

- Spack: the HPC package manager.

- Kokkos: a performance-portable programming model for writing modern C++ applications in a hardware-agnostic way.

- Viskores (formerly VTK-m): a toolkit of scientific visualization algorithms for accelerator architectures.

- HPCToolkit: performance measurement and analysis tools for computers ranging from desktop systems to GPU-accelerated supercomputers.

- Apptainer: Formerly known as Singularity, Apptainer is a Linux Foundation project providing a high performance, full featured HPC and computing optimized container subsystem.

- E4S: a curated, hardened distribution of scientific software packages.

As use of HPC becomes ubiquitous in scientific computing and digital engineering, and AI use cases multiply, more and more data centers deploy GPUs and other compute accelerators. The High Performance Software Foundation will provide a neutral space for pivotal projects in the high performance computing ecosystem, enabling industry, academia, and government entities to collaborate on the scientific software.

The High Performance Software Foundation benefits from strong support across the HPC landscape, including Premier Members Amazon Web Services (AWS), Hewlett Packard Enterprise, Lawrence Livermore National Laboratory, and Sandia National Laboratories; General Members AMD, Argonne National Laboratory, Intel, Kitware, Los Alamos National Laboratory, NVIDIA, and Oak Ridge National Laboratory; and Associate Members University of Maryland, University of Oregon, and Centre for Development of Advanced Computing.
In a statement, an AMD vice president said that by joining "we are using our collective hardware and software expertise to help develop a portable, open-source software stack for high-performance computing across industry, academia, and government." And an AWS executive said the high-performance computing community "has a long history of innovation being driven by open source projects. AWS is thrilled to join the High Performance Software Foundation to build on this work. In particular, AWS has been deeply involved in contributing upstream to Spack, and we're looking forward to working with the HPSF to sustain and accelerate the growth of key HPC projects so everyone can benefit."

The new foundation will "set up a technical advisory committee to manage working groups tackling a variety of HPC topics," according to the announcement, following a governance model based on the Cloud Native Computing Foundation.

America's Defense Department "is rushing to expand its capacity to wage war in space," reports the New York Times, "convinced that rapid advances by China and Russia in space-based operations pose a growing threat to U.S. troops and other military assets on the ground and U.S. satellites in orbit." [T]he Defense Department is looking to acquire a new generation of ground- and space-based tools that will allow it to defend its satellite network from attack and, if necessary, to disrupt or disable enemy spacecraft in orbit, Pentagon officials have said in a series of interviews, speeches and recent statements... [T]he move to enhance warfighting capacity in space is driven mostly by China's expanding fleet of military tools in space... [U.S. officials are] moving ahead with an effort they are calling "responsible counterspace campaigning," an intentionally ambiguous term that avoids directly confirming that the United States intends to put its own weapons in space. But it also is meant to reflect this commitment by the United States to pursue its interest in space without creating massive debris fields that would result if an explosive device or missile were used to blow up an enemy satellite. That is what happened in 2007, when China used a missile to blow up a satellite in orbit. The United States, China, India and Russia all have tested such missiles. But the United States vowed in 2022 not to do any such antisatellite tests again.

The United States has also long had ground-based systems that allow it to jam radio signals, disrupting the ability of an enemy to communicate with its satellites, and is taking steps to modernize these systems. But under its new approach, the Pentagon is moving to take on an even more ambitious task: broadly suppress enemy threats in orbit in a fashion similar to what the Navy does in the oceans and the Air Force in the skies.
The article notes a recent report drafted by a former Space Force colonel cited three ways to disable enemy satellite networks: cyberattacks, ground or space-based lasers, and high-powered microwaves. "John Shaw, a recently retired Space Force lieutenant general who helped run the Space Command, agreed that directed-energy devices based on the ground or in space would probably be a part of any future system. 'It does minimize debris; it works at the speed of light,' he said. 'Those are probably going to be the tools of choice to achieve our objective." The Pentagon is separately working to launch a new generation of military satellites that can maneuver, be refueled while in space or have robotic arms that could reach out and grab — and potentially disrupt — an enemy satellite. Another early focus is on protecting missile defense satellites. The Defense Department recently started to require that a new generation of these space-based monitoring systems have built-in tools to evade or respond to possible attack. "Resiliency feature to protect against directed energy attack mechanisms" is how one recent missile defense contract described it. Last month the Pentagon also awarded contracts to two companies — Rocket Lab and True Anomaly — to launch two spacecraft by late next year, one acting as a mock enemy and the other equipped with cameras, to pull up close and observe the threat. The intercept satellite will not have any weapons, but it has a cargo hold that could carry them.
The article notes that Space Force's chief of space operations has told Senate appropriators that about $2.4 billion of the $29.4 billion in Space Force's proposed 2025 budget was set aside for "space domain awareness." And it adds that the Pentagon "is working to coordinate its so-called counterspace efforts with major allies, including Britain, Canada and Australia, through a multinational operation called Operation Olympic Defender. France has been particularly aggressive, announcing its intent to build and launch by 2030 a satellite equipped with a high-powered laser." [W]hat is clear is that a certain threshold has now been passed: Space has effectively become part of the military fighting domain, current and former Pentagon officials said. "By no means do we want to see war extend into space," Lt. Gen. DeAnna Burt, deputy chief of space operations, said at a Mitchell Institute event this year. "But if it does, we have to be prepared to fight and win."

Data center construction levels are at an all-time high. And more than ever, companies that need them have already called dibs. From a report: In the first quarter of 2024, what amounts to about half of the existing supply of data center megawattage in the US is under construction, according to real estate services firm CBRE. And 84% of that is already leased. Typically that rate had been about 50% the last few years -- already notably higher than other real estate classes. "I'm astonished and impressed by the demand for facilities yet to be fully constructed," CBRE Data Center Research Director Gordon Dolven told Sherwood.

That advanced interest means that despite the huge amount of construction, there's still going to be a shortage of data centers to meet demand. In other words, data center vacancy rates are staying low and rents high. Nationwide the vacancy rates are near record lows of 3.7% and average asking rent for data centers was up 19% year over year, according to CBRE. It was up 42% in Northern Virginia, where many data centers are located. These sorts of price jumps are "unprecedented" compared with other types of real estate. For comparison, rents for industrial and logistics real estate, another hot asset class used in e-commerce, is expected to go up 8% this year.

Google is opening up API access to its Google Home smart home platform, allowing app developers to access over 600 million connected devices and tap into the Google Home automation engine. In addition, Google announced that it'll be turning Google TVs into Google Home hubs and Matter controllers. The Verge reports: The Home APIs can access any Matter device or Works with Google Home device, and allows developers to build their own experiences using Google Home devices and automations into their apps on both iOS and Android. This is a significant move for Google in opening up its smart home platform, following shutting down its Works with Nest program back in 2019. [...] The Home APIs are already available to Google's early access partners, and Google is opening up a waitlist for any developer to sign up today. "We are opening up access on a rolling basis so they can begin building and testing within their apps," Anish Kattukaran, head of product at Google Home and Nest, told The Verge. "The first apps using the home APIs will be able to publish to the Play and App stores in the fall."

The access is not just limited to smart home developers. In the blog post, Matt Van Der Staay, engineering director at Google Home, said the Home APIs could be used to connect smart home devices to fitness or delivery apps. "You can build a complex app to manage any aspect of a smart home, or simply integrate with a smart device to solve pain points -- like turning on the lights automatically before the food delivery driver arrives." The APIs allow access to most devices connected to Google Home and to the Google Home structure, letting apps control and manage devices such as Matter light bulbs or the Nest Learning Thermostat. They also leverage Google Home's automation signals, such as motion from sensors, an appliance's mode changing, or Google's Home and Away mode, which uses various signals to determine if a home is occupied. [...]

What's also interesting here is that developers will be able to use the APIs to access and control any device that works with the new smart home standard Matter and even let people set up Matter devices directly in their app. This should make it easier for them to implement Matter into their apps, as it will add devices to the Google Home fabric, so they won't have to develop their own. In addition, Google announced that it's vastly expanding its Matter infrastructure by turning Google TVs into Google Home hubs and Matter controllers. Any app using the APIs would need a Google hub in a customer's home in order to control Matter devices locally. Later this year, Chromecast with Google TV, select panel TVs with Google TV running Android 14 or higher, and some LG TVs will be upgraded to become Google Home hubs.

Additionally, Kattukaran said Google will upgrade all of its existing home hubs -- which include Nest Hub (second-gen), Nest Hub Max, and Google Wifi -- with a new ability called Home runtime. "With this update, all hubs for Google Home will be able to directly route commands from any app built with Home APIs (such as the Google Home app) to a customer's Matter device locally, when the phone is on the same Wi-Fi network as the hub," said Kattukaran. This means you should see "significant latency improvements using local control via a hub for Google Home," he added.

Intel unveiled Thunderbolt Share on Wednesday with which it promises to streamline screen and file sharing between two PCs. Tom's Hardware: Thunderbolt Share will allow PC owners to connect their two computers with a wired connection that leverages Thunderbolt's speed (40Gbps or higher), low latency, and built-in security. It allows PC-to-PC access that shares the screen, keyboard, mouse, and storage. The software also enables folder synchronization or easy drag-and-drop file transfer between the computers. [...]

Thunderbolt Share also provides uncompressed screen sharing between two PCs in the original resolution of the source computer. It also claims low latency for a smooth, responsive experience that includes the screen, keyboard, and mouse with full HD screen mirroring at up to 60 frames per second (fps). Higher resolutions could result in fewer frames per second, but Ziller said it would still be a "great experience."

At Google I/O on Tuesday, Google previewed a feature that will alert users to potential scams during a phone call. TechCrunch reports: The feature, which will be built into a future version of Android, uses Gemini Nano, the smallest version of Google's generative AI offering, which can be run entirely on-device. The system effectively listens for "conversation patterns commonly associated with scams" in real time. Google gives the example of someone pretending to be a "bank representative." Common scammer tactics like password requests and gift cards will also trigger the system. These are all pretty well understood to be ways of extracting your money from you, but plenty of people in the world are still vulnerable to these sorts of scams. Once set off, it will pop up a notification that the user may be falling prey to unsavory characters.

No specific release date has been set for the feature. Like many of these things, Google is previewing how much Gemini Nano will be able to do down the road sometime. We do know, however, that the feature will be opt-in.

An anonymous reader shares a report: Google's Gemini AI often just feels like a chatbot built into a text-input field, but you can really start to do special things when you give it access to a ton of data. Gemini in Gmail will soon be able to search through your entire backlog of emails and show a summary in a sidebar. That's simple to describe but solves a huge problem with email: even searching brings up a list of email subjects, and you have to click-through to each one just to read it.

Having an AI sift through a bunch of emails and provide a summary sounds like a huge time saver and something you can't do with any other interface. Google's one-minute demo of this feature showed a big blue Gemini button at the top right of the Gmail web app. Tapping it opens the normal chatbot sidebar you can type in. Asking for a summary of emails from a certain contact will get you a bullet-point list of what has been happening, with a list of "sources" at the bottom that will jump you right to a certain email. In the last second of the demo, the user types, "Reply saying I want to volunteer for the parent's group event," hits "enter," and then the chatbot instantly, without confirmation, sends an email.

A panel of judges in the Netherlands has found Alexey Pertsev, one of the developers behind crypto anonymizing tool Tornado Cash, guilty of money laundering. Wired: Over the course of two days in March, the Russian national was tried on the allegation that the tool he developed had allowed criminals -- among them hackers with ties to North Korea -- to freely launder $1.2 billion in stolen cryptocurrency. "The management of Tornado Cash welcomed the bank robbers with open arms," the prosecutors wrote in a March court filing.

Dutch judges sentenced Pertsev to five years and four months in prison on Tuesday, which was the term requested by prosecutors in the case. "With Tornado Cash, the defendant created a shortcut for financing crimes and terrorism," said the court in a statement, translated from Dutch. "He chose to look away from the abuse and did not take any responsibility." The purpose of tools like Tornado Cash, known as crypto mixers or tumblers, is to mask the origin and destination of users' coins. Funds belonging to many parties are pooled, jumbled up, and spat out into brand-new wallets, by which time it is no longer clear whose crypto is whose. These services are promoted as a way to improve the level of privacy available to crypto users, but have been readily co-opted for the purpose of money laundering.

On August 8, 2022, Tornado Cash was sanctioned in the United States, making it illegal for US citizens to use the service. Any product that "indiscriminately facilitates anonymous transactions," wrote the US Treasury's Office of Foreign Assets Control, represents a "threat to US national security." Two days later, Pertsev was arrested in the Netherlands, where he resided. Money laundering activity, the Dutch prosecutors claim, accounted for more than 30 percent of the funds that passed through Tornado Cash between 2019 and 2022. [...] Pertsev built his defense on the argument that Tornado Cash, which remains in operation, is under nobody's control -- including his own -- as a piece of software that runs on the Ethereum blockchain, a distributed network of computers. Further reading: Coinbase Employees and Ethereum Backers Sue US Treasury Over Tornado Cash Sanctions (September 2022).

Josh Norem reports via ExtremeTech: At the recent International supercomputing conference called ISC 2024, Intel's newest Aurora supercomputer installed at Argonne National Laboratory raised a few eyebrows by finally surpassing the exascale barrier. Before this, only AMD's Frontier system had been able to achieve this level of performance. Intel also achieved what it says is the world's best performance for AI at 10.61 "AI exaflops." Intel reported the news on its blog, stating Aurora was now officially the fastest supercomputer for AI in the world. It shares the distinction in collaboration with Argonne National Laboratory and Hewlett Packard Enterprise (HPE), which both built and houses the system in its current state, which Intel says was at 87% functionality for the recent tests. In the all-important Linpack (HPL) test, the Aurora computer hit 1.012 exaflops, meaning it has almost doubled the performance on tap since its initial "partial run" in late 2023, where it hit just 585.34 petaflops. The company then said it expected to cross the exascale barrier with Aurora eventually, and now it has.

Intel says for the ISC 2024 tests, Aurora was operating with 9,234 nodes. The company notes it ranked second overall in LINPACK, meaning it's still unable to dethrone AMD's Frontier system, which is also an HPE supercomputer. AMD's Frontier was the first supercomputer to break the exascale barrier in June 2022. Frontier sits at around 1.2 exaflops in Linpack, so Intel is knocking on its door but still has a way to go before it can topple it. However, Intel says Aurora came in first in the Linpack-mixed benchmark, reportedly highlighting its unparalleled AI performance. Intel's Aurora supercomputer uses the company's latest CPU and GPU hardware, with 21,248 Sapphire Rapids Xeon CPUs and 63,744 Ponte Vecchio GPUs. When it's fully operational later this year, Intel believes the system will eventually be capable of crossing the 2-exaflop barrier.

Melinda French Gates announced today she is stepping down from the Bill and Melinda Gates Foundation, three years after announcing her separation from Microsoft co-founder Bill Gates. With her departure as co-chair, the foundation will change its name to Gates Foundation and Bill Gates will be its sole chairperson, said CEO Mark Suzman. NBC News reports: In a statement posted on her Instagram account, she said that as part of her agreement to step down from the foundation, she will retain $12.5 billion that she plans to put toward her ongoing work supporting women and families. "This is not a decision I came to lightly," French Gates wrote. "I am immensely proud of the foundation that Bill and I built together and of the extraordinary work it is doing to address inequities around the world." In a separate statement, Bill Gates said, "I am sorry to see Melinda leave, but I am sure she will have a huge impact in her future philanthropic work."

Now worth $75.2 billion, the Gates Foundation has over the course of its three-decade lifespan made $77.6 billion worth of grant payments, making it one of the largest donor organizations in the world, with a focus on health and developmental goals. It is one of the largest contributors to the World Health Organization, and played a key role in efforts to address the Covid pandemic. "After a difficult few years watching women's rights rolled back in the U.S. and around the world, she wants to use this next chapter to focus specifically on altering that trajectory," Suzman said of French Gates.

"I want to reassure you that the millions of people our work serves and the thousands of partners we work alongside can continue to count on the foundation. The foundation today is stronger than it has ever been."

"I know we all wish Melinda the best in her next chapter," he added, noting that French Gates "will not be bringing any of the foundation's work with her when she leaves."

The Royal Institution of Australia is a national non-profit hub for science communication, publishing the science magazine Cosmos four times a year.

This month they argued that small modular nuclear reactors "don't add up as a viable energy source." Proponents assert that SMRs would cost less to build and thus be more affordable. However, when evaluated on the basis of cost per unit of power capacity, SMRs will actually be more expensive than large reactors. This 'diseconomy of scale' was demonstrated by the now-terminated proposal to build six NuScale Power SMRs (77 megawatts each) in Idaho in the United States. The final cost estimate of the project per megawatt was around 250 percent more than the initial per megawatt cost for the 2,200 megawatts Vogtle nuclear power plant being built in Georgia, US. Previous small reactors built in various parts of America also shut down because they were uneconomical.
The cost was four to six times the cost of the same electricity from wind and solar photovoltaic plants, according to estimates from the Australian Commonwealth Scientific and Industrial Research Organisation and the Australian Energy Market Operator. "The money invested in nuclear energy would save far more carbon dioxide if it were instead invested in renewables," the article agues: Small reactors also raise all of the usual concerns associated with nuclear power, including the risk of severe accidents, the linkage to nuclear weapons proliferation, and the production of radioactive waste that has no demonstrated solution because of technical and social challenges. One 2022 study calculated that various radioactive waste streams from SMRs would be larger than the corresponding waste streams from existing light water reactors...

Nuclear energy itself has been declining in importance as a source of power: the fraction of the world's electricity supplied by nuclear reactors has declined from a maximum of 17.5 percent in 1996 down to 9.2 percent in 2022. All indications suggest that the trend will continue if not accelerate. The decline in the global share of nuclear power is driven by poor economics: generating power with nuclear reactors is costly compared to other low-carbon, renewable sources of energy and the difference between these costs is widening.
Thanks to Slashdot reader ZipNada for sharing the article.

Eight years ago, a coalition of retail banks in India built a mobile payments system called the UPI. The system is interoperable, allowing users to make instant peer-to-peer transactions between them -- across all participating banks -- and to merchants at zero cost. Today, it processes more than 12 billion transactions each month -- more than all card payments combined in India -- and has become the most popular way Indians transact online. Many U.S. giants have cited UPI as an example that other countries should also explore developing. We have also covered UPI several times over the years.

NPCI, a quasi-regulator founded by India's central bank, oversees UPI. Four years ago, it announced plans to enforce a market share cap on each participating player. The quasi-regulator didn't want few players to become too powerful and any single participant to process more than 30% of all UPI transactions in a month. It later postponed the deadline to January 1, 2025. Walmart-owned PhonePe and Google Pay command more than 86% of the UPI market. Now, the NPCI is reportedly planning to extend the deadline again by up to two years. The reason? TechCrunch reports: The NPCI had initially planned to enforce the market share cap in January 2021, but postponed the deadline to January 1, 2025. TechCrunch had previously reported that the regulator was moving towards extending the deadline further after concluding that there is no practical solution to address the issue. One can argue that the NPCI shouldn't be interfering with free market forces and let people decide which apps they wish to use. TechCrunch adds: However, several UPI providers admit that an incentive plan that unfairly differentiates [one of the proposed solutions by some industry players] against PhonePe and Google Pay will be a bad look for the ecosystem and could send wrong signals to the investor community. U.S.-based investors, including Accel, Lightspeed, Tiger Global, Insight Partners, Invesco, Vanguard, BlackRock and Fidelity, are among some of the most prolific investors in Indian public firms and startups. Some of the choices made by the RBI [India's central bank] and other regulators have already spooked many investors.

An anonymous reader shares a report: One Raspberry Pi often leads to another. Soon enough, you're running out of spots in your free RealVNC account for your tiny boards and "real" computers. Even if you go the hardened route of SSH or an X connection, you have to keep track of where they all are. All of this is not the easiest thing to tackle if you're new to single-board computers or just eager to get started.

Enter Raspberry Pi Connect, a new built-in way to access a Raspberry Pi from nearly anywhere you can open a browser, whether to control yourself or provide remote assistance. On a Raspberry Pi 4, 5, or Pi 400 kit, you install Pi connect with a single terminal line, reboot the Pi, and then click a new tray icon to connect the Pi to a Raspberry Pi ID (and then enable two-factor authentication, of course). From then on, visiting connect.raspberrypi.com gives you an encrypted connection to your desktop. It's a direct connection if possible, and if not, it runs through relay servers in London, encrypting it with DTLS and keeping only the metadata needed for the service to work. The Pi will show a notification in its tray that somebody has connected, and you can manage screen sharing from there.

An anonymous reader shared this report from the Wall Street Journal: Drunken-driving deaths in the U.S. have risen to levels not seen in nearly two decades, federal data show, a major setback to long-running road-safety efforts. At the same time, arrests for driving under the influence have plummeted, as police grapple with challenges like hiring woes and heightened concern around traffic stops... About 13,500 people died in alcohol impairment-related crashes in 2022, according to data released in April by the National Highway Traffic Safety Administration. That is 33% above 2019's toll and on par with 2021's. The last time so many people died as a result of accidents involving intoxicated drivers was in 2006.
That's still down from the early 1980s, when America was seeing over 20,000 drunk-driving deaths a year, according to the article. "By 2010, that number had fallen to around 10,000 thanks to high-profile public-education campaigns by groups like MADD, tougher laws, and aggressive enforcement that included sobriety checkpoints and typically yielded well over a million DUI arrests annually."

But some hope to solve the problem using technology: Many activists and policymakers are banking on the promise of built-in devices to prevent a car from starting if the driver is intoxicated, either by analyzing a driver's exhaled breath or using skin sensors to gauge the blood-alcohol level. NHTSA issued a notice in December that it said lays the groundwork for potential alcohol-impairment detection technology standards in all new cars "when the technology is mature."
And Glenn Davis, who manages Colorado's highway-safety office, "pointed to Colorado's extensive use of ignition interlock systems that require people convicted of DUI to blow into a tube to verify they are sober in order for their car to start. He said the office promotes nondriving options such as Lyft and Uber."

Thursday the Verge reported that a new report from Microsoft "outlines the steps the company took to release responsible AI platforms last year." Microsoft says in the report that it created 30 responsible AI tools in the past year, grew its responsible AI team, and required teams making generative AI applications to measure and map risks throughout the development cycle. The company notes that it added Content Credentials to its image generation platforms, which puts a watermark on a photo, tagging it as made by an AI model.

The company says it's given Azure AI customers access to tools that detect problematic content like hate speech, sexual content, and self-harm, as well as tools to evaluate security risks. This includes new jailbreak detection methods, which were expanded in March this year to include indirect prompt injections where the malicious instructions are part of data ingested by the AI model.

It's also expanding its red-teaming efforts, including both in-house red teams that deliberately try to bypass safety features in its AI models as well as red-teaming applications to allow third-party testing before releasing new models.
Microsoft's chief Responsible AI officer told the Washington Post this week that "We work with our engineering teams from the earliest stages of conceiving of new features that they are building." "The first step in our processes is to do an impact assessment, where we're asking the team to think deeply about the benefits and the potential harms of the system. And that sets them on a course to appropriately measure and manage those risks downstream. And the process by which we review the systems has checkpoints along the way as the teams are moving through different stages of their release cycles...

"When we do have situations where people work around our guardrails, we've already built the systems in a way that we can understand that that is happening and respond to that very quickly. So taking those learnings from a system like Bing Image Creator and building them into our overall approach is core to the governance systems that we're focused on in this report."
They also said " it would be very constructive to make sure that there were clear rules about the disclosure of when content is synthetically generated," and "there's an urgent need for privacy legislation as a foundational element of AI regulatory infrastructure."

The Washington Post reports that wind turbines "only take up five percent of the land where they've been built, new research shows." The rest of the space can be used for other purposes, such as agriculture, according to a study published recently in the peer-reviewed journal Environmental Science and Technology. This means developers could fit turbines in places that are often perceived as unsuitable for a wind farm.

The new study highlights that turbines and existing human development, such as agriculture, cannot only share the same area, but also that building wind farms where there are already roads and other infrastructure could help reduce impacts on the land. "Clever siting, use of existing infrastructure, multiple use of landscapes — all these things ... can really contribute to solutions in areas where wind power is acceptable to the local people," said Sarah Jordaan, the study's principal investigator.

Historically, planning studies for wind farms have often assumed that turbines would disturb all the land at the site and leave the area unusable for anything else, said Jordaan, an associate professor in the department of civil engineering at McGill University. The study's findings provide a more accurate accounting of how much land is needed for wind farms, she added.

Dan Goodin reports via Ars Technica: A maximum severity vulnerability that allows hackers to hijack GitLab accounts with no user interaction required is now under active exploitation, federal government officials warned as data showed that thousands of users had yet to install a patch released in January. A change GitLab implemented in May 2023 made it possible for users to initiate password changes through links sent to secondary email addresses. The move was designed to permit resets when users didn't have access to the email address used to establish the account. In January, GitLab disclosed that the feature allowed attackers to send reset emails to accounts they controlled and from there click on the embedded link and take over the account.

While exploits required no user interaction, hijackings worked only against accounts that weren't configured to use multi-factor authentication. Even with MFA, accounts remained vulnerable to password resets. The vulnerability, tracked as CVE-2023-7028, carries a severity rating of 10 out of a possible 10. The vulnerability, classified as an improper access control flaw, could pose a grave threat. GitLab software typically has access to multiple development environments belonging to users. With the ability to access them and surreptitiously introduce changes, attackers could sabotage projects or plant backdoors that could infect anyone using software built in the compromised environment. An example of a similar supply chain attack is the one that hit SolarWinds in 2021, infecting more than 18,000 of its customers. Other recent examples of supply chain attacks are here, here, and here. These sorts of attacks are powerful. By hacking a single, carefully selected target, attackers gain the means to infect thousands of downstream users, often without requiring them to take any action at all. According to Internet scans performed by security organization Shadowserver, more than 2,100 IP addresses showed they were hosting one or more vulnerable GitLab instances. In order to protect your system, you should enable MFA and install the latest patch. "GitLab users should also remember that patching does nothing to secure systems that have already been breached through exploits," notes Goodin.

An anonymous reader quotes a report from TechCrunch: Microsoft has changed its policy to ban U.S. police departments from using generative AI through the Azure OpenAI Service, the company's fully managed, enterprise-focused wrapper around OpenAI technologies. Language added Wednesday to the terms of service for Azure OpenAI Service prohibits integrations with Azure OpenAI Service from being used "by or for" police departments in the U.S., including integrations with OpenAI's text- and speech-analyzing models. A separate new bullet point covers "any law enforcement globally," and explicitly bars the use of "real-time facial recognition technology" on mobile cameras, like body cameras and dashcams, to attempt to identify a person in "uncontrolled, in-the-wild" environments. [...]

The new terms leave wiggle room for Microsoft. The complete ban on Azure OpenAI Service usage pertains only to U.S., not international, police. And it doesn't cover facial recognition performed with stationary cameras in controlled environments, like a back office (although the terms prohibit any use of facial recognition by U.S. police). That tracks with Microsoft's and close partner OpenAI's recent approach to AI-related law enforcement and defense contracts. Last week, taser company Axon announced a new tool that uses AI built on OpenAI's GPT-4 Turbo model to transcribe audio from body cameras and automatically turn it into a police report. It's unclear if Microsoft's updated policy is in response to Axon's product launch.