Anthropic launched Claude Opus 4 and Claude Sonnet 4 today, positioning Opus 4 as the world's leading coding model with 72.5% performance on SWE-bench and 43.2% on Terminal-bench. Both models feature hybrid architecture supporting near-instant responses and extended thinking modes for complex reasoning tasks.

The models introduce parallel tool execution and memory capabilities that allow Claude to extract and save key facts when given local file access. Claude Code, previously in research preview, is now generally available with new VS Code and JetBrains integrations that display edits directly in developers' files. GitHub integration enables Claude to respond to pull request feedback and fix CI errors through a new beta SDK.

Pricing remains consistent with previous generations at $15/$75 per million tokens for Opus 4 and $3/$15 for Sonnet 4. Both models are available through Claude's web interface, the Anthropic API, Amazon Bedrock, and Google Cloud's Vertex AI. Extended thinking capabilities are included in Pro, Max, Team, and Enterprise plans, with Sonnet 4 also available to free users.

The startup, which counts Amazon and Google among its investors, said Claude Opus 4 could autonomously work for nearly a full corporate workday -- seven hours. CNBC adds: "I do a lot of writing with Claude, and I think prior to Opus 4 and Sonnet 4, I was mostly using the models as a thinking partner, but still doing most of the writing myself," Mike Krieger, Anthropic's chief product officer, said in an interview. "And they've crossed this threshold where now most of my writing is actually ... Opus mostly, and it now is unrecognizable from my writing."

Krieger added, "I love that we're kind of pushing the frontier on two sides. Like one is the coding piece and agentic behavior overall, and that's powering a lot of these coding startups. ... But then also, we're pushing the frontier on how these models can actually learn from and then be a really useful writing partner, too."

Longtime Slashdot reader theodp writes: In what reads a bit like a Sopranos plot, The Information suggests some of those in the recent batch of terminated Microsoft engineers may have in effect been forced to dig their own AI graves.

The (paywalled) story begins: "Jeff Hulse, a Microsoft vice president who oversees roughly 400 software engineers, told the team in recent months to use the company's artificial intelligence chatbot, powered by OpenAI, to generate half the computer code they write, according to a person who heard the remarks. That would represent an increase from the 20% to 30% of code AI currently produces at the company, and shows how rapidly Microsoft is moving to incorporate such technology. Then on Tuesday, Microsoft laid off more than a dozen engineers on Hulse 's team as part of a broader layoff of 6,000 people across the company that appeared to hit engineers harder than other types of roles, this person said."

The report comes as tech company CEOs have taken to boasting in earnings calls, tech conferences, and public statements that their AI is responsible for an ever-increasing share of the code written at their organizations. Microsoft's recent job cuts hit coders the hardest. So how much credence should one place on CEOs' claims of AI programming productivity gains -- which researchers have struggled to measure for 50+ years -- if engineers are forced to increase their use of AI, boosting the numbers their far-removed-from-programming CEOs are presenting to Wall Street?

The Prossimo project (funded by the nonprofit Internet Security Research Group) seeks to "move the Internet's security-sensitive software infrastructure to memory safe code." Two years ago the Prossimo project made an announcement: they'd begun work on rav1d, a safer high performance AV1 decoder written in Rust, according to a new update: We partnered with Immunant to do the engineering work. By September of 2024 rav1d was basically complete and we learned a lot during the process. Today rav1d works well — it passes all the same tests as the dav1d decoder it is based on, which is written in C. It's possible to build and run Chromium with it.

There's just one problem — it's not quite as fast as the C version...

Our Rust-based rav1d decoder is currently about 5% slower than the C-based dav1d decoder (the exact amount differs a bit depending on the benchmark, input, and platform). This is enough of a difference to be a problem for potential adopters, and, frankly, it just bothers us. The development team worked hard to get it to performance parity. We brought in a couple of other contractors who have experience with optimizing things like this. We wrote about the optimization work we did. However, we were still unable to get to performance parity and, to be frank again, we aren't really sure what to do next.

After racking our brains for options, we decided to offer a bounty pool of $20,000 for getting rav1d to performance parity with dav1d. Hopefully folks out there can help get rav1d performance advanced to where it needs to be, and ideally we and the Rust community will also learn something about how Rust performance stacks up against C.
This drew a snarky response from FFmpeg, the framework that powers audio and video processing for everyone from VLC to Twitch. "Rust is so good you can get paid $20k to make it as fast as C," they posted to their 68,300 followers on X.com.

Thanks to the It's FOSS blog for spotting the announcement.

"The world has changed," writes Stack Overflow's blog. "Fast. Artificial intelligence is reshaping how we build, learn, and solve problems. Software development looks dramatically different than it did even a few years ago — and the pace of change is only accelerating."

And they believe their brand "at times" lost "fidelity and clarity. It's very much been always added to and not been thought of holistically. So, it's time for our brand to evolve too," they write, hoping to articulate a perspective "forged in the fires of community, powered by collaboration, shaped by AI, and driven by people."

The developer news site DevClass notes the change happens "as the number of posts to its site continues a dramatic decline thanks to AI-driven alternatives." According to a quick query on the official data explorer, the sum of questions and answers posted in April 2025 was down by over 64 percent from the same month in 2024, and plunged more than 90 percent from April 2020, when traffic was near its peak...

Although declining traffic is a sign of Stack Overflow's reduced significance in the developer community, the company's business is not equally affected so far. Stack Exchange is a business owned by investment company Prosus, and the Stack Exchange products include private versions of its site (Stack Overflow for Teams) as well as advertising and recruitment. According to the Prosus financial results, in the six months ended September 2024, Stack Overflow increased its revenue and reduced its losses. The company's search for a new direction though confirms that the fast-disappearing developer engagement with Stack Overflow poses an existential challenge to the organization.
DevClass says Stack Overflow's parent company "is casting about for new ways to provide value (and drive business) in this context..." The company has already experimented with various new services, via its Labs research department, including an AI Answer Assistant and Question Assistant, as well as a revamped jobs site in association with recruitment site Indeed, Discussions for technical debate, and extensions for GitHub Copilot, Slack, and Visual Studio Code.
From the official announcement on Stack Overflow's blog: This rebrand isn't just a fresh coat of paint. It's a realignment with our purpose: to support the builders of the future in an AI world — with clarity, speed, and humanity. It's about showing up in a way that reflects who we are today, and where we're headed tomorrow.
"We have appointed an internal steering group and we have engaged with an external expert partner in this area to help bring about the required change," notes a post in Stack Exchange's "meta" area. This isn't just about a visual update or marketing exercise — it's going to bring about a shift in how we present ourselves to the world which you will feel everywhere from the design to the copywriting, so that we can better achieve our goals and shared mission. As the emergence of AI has called into question the role of Stack Overflow and the Stack Exchange Network, one of the desired outputs of the rebrand process is to clarify our place in the world.

We've done work toward this already — our recent community AMA is an example of this — but we want to ensure that this comes across in our brand and identity as well. We want the community to be involved and have a strong voice in the process of renewing and refreshing our brand. Remember, Stack Overflow started with a public discussion about what to name it!
And another another post two months ago Stack Exchange is exploring early ideas for expanding beyond the "single lane" Q&A highway. Our goal right now is to better understand the problems, opportunities, and needs before deciding on any specific changes...

The vision is to potentially enable:

- A slower lane, with high-quality durable knowledge that takes time to create and curate, like questions and answers.

- A medium lane, for more flexible engagement, with features like Discussions or more flexible Stack Exchanges, where users can explore ideas or share opinions.

- A fast lane for quick, real-time interaction, with features like Chat that can bring the community together to discuss topics instantly.

With this in mind, we're seeking your feedback on the current state of Chat, what's most important to you, and how you see Chat fitting into the future.
In a post in Stack Exchange's "meta" area, brand design director David Longworth says the "tension mentioned between Stack Overflow and Stack Exchange" is probably the most relevant to the rebranding.

But he posted later that "There's a lot of people behind the scenes on this who care deeply about getting this right! Thank you on behalf of myself and the team."

Thursday was Rust's 10-year anniversary for its first stable release. "To say I'm surprised by its trajectory would be a vast understatement," writes Rust's original creator Graydon Hoare. "I can only thank, congratulate, and celebrate everyone involved... In my view, Rust is a story about a large community of stakeholders coming together to design, build, maintain, and expand shared technical infrastructure." It's a story with many actors:

- The population of developers the language serves who express their needs and constraints through discussion, debate, testing, and bug reports arising from their experience writing libraries and applications.

- The language designers and implementers who work to satisfy those needs and constraints while wrestling with the unexpected consequences of each decision.

- The authors, educators, speakers, translators, illustrators, and others who work to expand the set of people able to use the infrastructure and work on the infrastructure.

- The institutions investing in the project who provide the long-term funding and support necessary to sustain all this work over decades.

All these actors have a common interest in infrastructure.
Rather than just "systems programming", Hoare sees Rust as a tool for building infrastructure itself, "the robust and reliable necessities that enable us to get our work done" — a wide range that includes everything from embedded and IoT systems to multi-core systems. So the story of "Rust's initial implementation, its sustained investment, and its remarkable resonance and uptake all happened because the world needs robust and reliable infrastructure, and the infrastructure we had was not up to the task." Put simply: it failed too often, in spectacular and expensive ways. Crashes and downtime in the best cases, and security vulnerabilities in the worst. Efficient "infrastructure-building" languages existed but they were very hard to use, and nearly impossible to use safely, especially when writing concurrent code. This produced an infrastructure deficit many people felt, if not everyone could name, and it was growing worse by the year as we placed ever-greater demands on computers to work in ever more challenging environments...

We were stuck with the tools we had because building better tools like Rust was going to require an extraordinary investment of time, effort, and money. The bootstrap Rust compiler I initially wrote was just a few tens of thousands of lines of code; that was nearing the limits of what an unfunded solo hobby project can typically accomplish. Mozilla's decision to invest in Rust in 2009 immediately quadrupled the size of the team — it created a team in the first place — and then doubled it again, and again in subsequent years. Mozilla sustained this very unusual, very improbable investment in Rust from 2009-2020, as well as funding an entire browser engine written in Rust — Servo — from 2012 onwards, which served as a crucial testbed for Rust language features.
Rust and Servo had multiple contributors at Samsung, Hoare acknowledges, and Amazon, Facebook, Google, Microsoft, Huawei, and others "hired key developers and contributed hardware and management resources to its ongoing development." Rust itself "sits atop LLVM" (developed by researchers at UIUC and later funded by Apple, Qualcomm, Google, ARM, Huawei, and many other organizations), while Rust's safe memory model "derives directly from decades of research in academia, as well as academic-industrial projects like Cyclone, built by AT&T Bell Labs and Cornell."

And there were contributions from "interns, researchers, and professors at top academic research programming-language departments, including CMU, NEU, IU, MPI-SWS, and many others." JetBrains and the Rust-Analyzer OpenCollective essentially paid for two additional interactive-incremental reimplementations of the Rust frontend to provide language services to IDEs — critical tools for productive, day-to-day programming. Hundreds of companies and other institutions contributed time and money to evaluate Rust for production, write Rust programs, test them, file bugs related to them, and pay their staff to fix or improve any shortcomings they found. Last but very much not least: Rust has had thousands and thousands of volunteers donating years of their labor to the project. While it might seem tempting to think this is all "free", it's being paid for! Just less visibly than if it were part of a corporate budget.

All this investment, despite the long time horizon, paid off. We're all better for it.
He looks ahead with hope for a future with new contributors, "steady and diversified streams of support," and continued reliability and compatability (including "investment in ever-greater reliability technology, including the many emerging formal methods projects built on Rust.")

And he closes by saying Rust's "sustained, controlled, and frankly astonishing throughput of work" has "set a new standard for what good tools, good processes, and reliable infrastructure software should be like.

"Everyone involved should be proud of what they've built."

OpenAI has launched Codex, a powerful AI coding agent in ChatGPT that autonomously handles tasks like writing features, fixing bugs, and testing code in a cloud-based environment. TechCrunch reports: Codex is powered by codex-1, a version of the company's o3 AI reasoning model optimized for software engineering tasks. OpenAI says codex-1 produces "cleaner" code than o3, adheres more precisely to instructions, and will iteratively run tests on its code until passing results are achieved.

The Codex agent runs in a sandboxed, virtual computer in the cloud. By connecting with GitHub, Codex's environment can come preloaded with your code repositories. OpenAI says the AI coding agent will take anywhere from one to 30 minutes to write simple features, fix bugs, answer questions about your codebase, and run tests, among other tasks. Codex can handle multiple software engineering tasks simultaneously, says OpenAI, and it doesn't limit users from accessing their computer and browser while it's running.

Codex is rolling out starting today to subscribers to ChatGPT Pro, Enterprise, and Team. OpenAI says users will have "generous access" to Codex to start, but in the coming weeks, the company will implement rate limits for the tool. Users will then have the option to purchase additional credits to use Codex, an OpenAI spokesperson tells TechCrunch. OpenAI plans to expand Codex access to ChatGPT Plus and Edu users soon.

Riot Games has reduced cheating in Valorant to under 1% of ranked games through its controversial kernel-level anti-cheat system Vanguard, according to the company's anti-cheat director Phillip Koskinas. The system enforces Windows security features like Trusted Platform Module and Secure Boot while preventing code execution in kernel memory.

Beyond technical measures, Riot deploys undercover operatives who have infiltrated cheat development communities for years. "We've even gone as far as giving anti-cheat information to establish credibility," Koskinas told TechCrunch, describing how they target even "premium" cheats costing thousands of dollars.

Riot faces increasingly sophisticated threats, including direct memory access attacks using specialized PCI Express hardware and screen reader cheats that use separate computers to analyze gameplay and control mouse movements. To combat repeat offenders, Vanguard fingerprints cheaters' hardware. Koskinas admits to deliberately slowing some enforcement: "To keep cheating dumb, we ban slower." The team also employs psychological warfare, publicly discrediting cheat developers and trolling known cheaters to undermine their credibility in gaming communities.

"Our future won't be handed to us," says the young narrator in a new ad from the nonprofit Code.org. "We will build it."

"But how can we when the education we need is still just an elective?" says another young voice...

The ad goes on to tout the power "to create with computer science and AI — the skills transforming every industry..." and ends by saying "This isn't radical. It's what education is supposed to do. Make computer science and AI a graduation requirement."

There's also a hard-hitting new web site, which urges people to sign a letter of support (already signed by executives from top tech companies including Microsoft, Dropbox, AMD, Meta, Blue Origin, and Palantir — and by Steve Ballmer, who is listed as the chairman of the L.A. Clippers basketball team).

Long-time Slashdot reader theodp says the letter ran in the New York Times, while this campaign will officially kick off Monday... Code.org teased the new Unlock8 campaign last month on social media as it celebrated a new Executive Order that makes K–12 AI literacy a U.S. priority, which it called a big win for CS & AI education, adding, "We've been building to this moment."

The move to make CS and AI a graduation requirement is a marked reversal of Code.org's early days, when it offered Congressional testimony on behalf of itself and tech-led Computing in the Core reassuring lawmakers that: "Making computer science courses 'count' would not require schools to offer computer science or students to study it; it would simply allow existing computer science courses to satisfy a requirement that already exists."

An anonymous reader shares a report: Apple is teaming up with startup Anthropic on a new "vibe-coding" software platform that will use AI to write, edit and test code on behalf of programmers.

The system is a new version of Xcode, Apple's programming software, that will integrate Anthropic's Claude Sonnet model, according to people with knowledge of the matter. Apple will roll out the software internally and hasn't yet decided whether to launch it publicly, said the people, who asked not to be identified because the initiative hasn't been announced.

The work shows how Apple is using AI to improve its internal workflow, aiming to speed up and modernize product development. The approach is similar to one used by companies such as Windsurf and Cursor maker Anysphere, which offer advanced AI coding assistants popular with software developers. Further reading: 'Vibe Coding' is Letting 10 Engineers Do the Work of a Team of 50 To 100, Says YC CEO.

"4chan, down for more than a week after hackers got in through an insecure script that handled PDFs, is back online," notes BoingBoing. (They add that Thursday saw 4chan's first blog postin years — just the words "Testing testing 123 123...") But 4chan posted a much longer explanation on Friday," confirming their servers were compromised by a malicious PDF upload from "a hacker using a UK IP address," granting access to their databases and administrative dashboard.

The attacker "spent several hours exfiltrating database tables and much of 4chan's source code. When they had finished downloading what they wanted, they began to vandalize 4chan at which point moderators became aware and 4chan's servers were halted, preventing further access." While not all of our servers were breached, the most important one was, and it was due to simply not updating old operating systems and code in a timely fashion. Ultimately this problem was caused by having insufficient skilled man-hours available to update our code and infrastructure, and being starved of money for years by advertisers, payment providers, and service providers who had succumbed to external pressure campaigns. We had begun a process of speccing new servers in late 2023. As many have suspected, until that time 4chan had been running on a set of servers purchased second-hand by moot a few weeks before his final Q&A [in 2015], as prior to then we simply were not in a financial position to consider such a large purchase. Advertisers and payment providers willing to work with 4chan are rare, and are quickly pressured by activists into cancelling their services. Putting together the money for new equipment took nearly a decade...

The free time that 4chan's development team had available to dedicate to 4chan was insufficient to update our software and infrastructure fast enough, and our luck ran out. However, we have not been idle during our nearly two weeks of downtime. The server that was breached has been replaced, with the operating system and code updated to the latest versions. PDF uploads have been temporarily disabled on those boards that supported them, but they will be back in the near future. One slow but much beloved board, /f/ — Flash, will not be returning however, as there is no realistic way to prevent similar exploits using .swf files.

We are bringing on additional volunteer developers to help keep up with the workload, and our team of volunteer janitors & moderators remains united despite the grievous violations some have suffered to their personal privacy.

4chan is back. No other website can replace it, or this community. No matter how hard it is, we are not giving up.

Some developers are "crying foul" after Microsoft's C/C++ extension for Visual Studio Code stopped working with VS Code derivatives like VS Codium and Cursor, reports The Register. The move has prompted Cursor to transition to open-source alternatives, while some developers are calling for a regulatory investigation into Microsoft's alleged anti-competitive behavior. From the report: In early April, programmers using VS Codium, an open-source fork of Microsoft's MIT-licensed VS Code, and Cursor, a commercial AI code assistant built from the VS Code codebase, noticed that the C/C++ extension stopped working. The extension adds C/C++ language support, such as Intellisense code completion and debugging, to VS Code. The removal of these capabilities from competing tools breaks developer workflows, hobbles the editor, and arguably hinders competition. The breaking change appears to have occurred with the release of v1.24.5 on April 3, 2025.

Following the April update, attempts to install the C/C++ extension outside of VS Code generate this error message: "The C/C++ extension may be used only with Microsoft Visual Studio, Visual Studio for Mac, Visual Studio Code, Azure DevOps, Team Foundation Server, and successor Microsoft products and services to develop and test your applications." Microsoft has forbidden the use of its extensions outside of its own software products since at least September 2020, when the current licensing terms were published. But it hasn't enforced those terms in its C/C++ extension with an environment check in its binaries until now. [...]

Developers discussing the issue in Cursor's GitHub repo have noted that Microsoft recently rolled out a competing AI software agent capability, dubbed Agent Mode, within its Copilot software. One such developer who contacted us anonymously told The Register they sent a letter about the situation to the US Federal Trade Commission, asking them to probe Microsoft for unfair competition -- alleging self-preferencing, bundling Copilot without a removal option, and blocking rivals like Cursor to lock users into its AI ecosystem.

Longtime Slashdot reader hackingbear shares a report from Interesting Engineering: A research team at Fudan University in Shanghai, China has built the fastest semiconductor storage device ever reported, a nonvolatile flash memory dubbed "PoX" that programs a single bit in 400 picoseconds (0.0000000004 s) -- roughly 25 billion operations per second. Conventional static and dynamic RAM (SRAM, DRAM) write data in 1-10 nanoseconds but lose everything when power is cut while current flash chips typically need micro to milliseconds per write -- far too slow for modern AI accelerators that shunt terabytes of parameters in real time.

The Fudan group, led by Prof. Zhou Peng at the State Key Laboratory of Integrated Chips and Systems, re-engineered flash physics by replacing silicon channels with two dimensional Dirac graphene and exploiting its ballistic charge transport. Combining ultralow energy with picosecond write speeds could eliminate separate highspeed SRAM caches and remove the longstanding memory bottleneck in AI inference and training hardware, where data shuttling, not arithmetic, now dominates power budgets. The team [which is now scaling the cell architecture and pursuing arraylevel demonstrations] did not disclose endurance figures or fabrication yield, but the graphene channel suggests compatibility with existing 2Dmaterial processes that global fabs are already exploring. The result is published in the journal Nature.

OpenAI's latest reasoning models, o3 and o4-mini, hallucinate more frequently than the company's previous AI systems, according to both internal testing and third-party research. On OpenAI's PersonQA benchmark, o3 hallucinated 33% of the time -- double the rate of older models o1 (16%) and o3-mini (14.8%). The o4-mini performed even worse, hallucinating 48% of the time. Nonprofit AI lab Transluce discovered o3 fabricating processes it claimed to use, including running code on a 2021 MacBook Pro "outside of ChatGPT." Stanford adjunct professor Kian Katanforoosh noted his team found o3 frequently generates broken website links.

OpenAI says in its technical report that "more research is needed" to understand why hallucinations worsen as reasoning models scale up.

Nintendo's lawyers systematically dismantled Atari Games in a landmark 1989 legal battle that reshaped the gaming industry, killing off the Tengen brand until its surprise resurrection recently.

When Atari Games (operating as Tengen) attempted to circumvent Nintendo's control by reverse-engineering the NES security system, Nintendo's legal team discovered a fatal flaw in their rival's approach: Atari had fraudulently obtained Nintendo's proprietary code from the Copyright Office by falsely claiming they were defendants in a nonexistent lawsuit.

Though courts ultimately established that reverse engineering was legal under fair use principles, Atari's deception proved catastrophic. The judge invoked the centuries-old "unclean hands" doctrine, ruling that Atari could not claim fair use protection after approaching the court in bad faith.

"As a result of its lawyers' filthy hands, Atari was barred from manufacturing games for the NES. Nintendo, with its stronger legal team, subsequently 'bled Atari to death,'" writes tech industry attorney Julien Mailland. The court ordered the recall of Tengen's "Tetris" version, now a rare collector's item.

After a 30-year absence, Tengen Games returned in July 2024 with "Zed and Zee" for the NES, finally achieving what its predecessor was legally prohibited from doing.

OpenAI has released two new AI models that can "think with images" during their reasoning process. The o3 and o4-mini models represent a significant advancement in visual perception, enabling them to manipulate images -- cropping, zooming, and rotating -- as part of their analytical process.

Unlike previous models, o3 and o4-mini can agentically use all of ChatGPT's tools, including web search, Python code execution, and image generation. This allows them to tackle multi-faceted problems by selecting appropriate tools based on the task at hand.

The models have set new state-of-the-art performance benchmarks across multiple domains. On visual tasks, o3 achieved 86.8% accuracy on MathVista and 78.6% on CharXiv-Reasoning, while o4-mini scored 91.6% on AIME 2024 competitions. In expert evaluations, o3 made 20% fewer major errors than its predecessor on complex real-world tasks. ChatGPT Plus, Pro, and Team users will see o3, o4-mini, and o4-mini-high in the model selector starting today, replacing o1, o3â'mini, and o3â'miniâ'high.

Slashdot reader zlives shared this report from BleepingComputer: Microsoft used its AI-powered Security Copilot to discover 20 previously unknown vulnerabilities in the GRUB2, U-Boot, and Barebox open-source bootloaders.

GRUB2 (GRand Unified Bootloader) is the default boot loader for most Linux distributions, including Ubuntu, while U-Boot and Barebox are commonly used in embedded and IoT devices. Microsoft discovered eleven vulnerabilities in GRUB2, including integer and buffer overflows in filesystem parsers, command flaws, and a side-channel in cryptographic comparison. Additionally, 9 buffer overflows in parsing SquashFS, EXT4, CramFS, JFFS2, and symlinks were discovered in U-Boot and Barebox, which require physical access to exploit.

The newly discovered flaws impact devices relying on UEFI Secure Boot, and if the right conditions are met, attackers can bypass security protections to execute arbitrary code on the device. While exploiting these flaws would likely need local access to devices, previous bootkit attacks like BlackLotus achieved this through malware infections.
Miccrosoft titled its blog post "Analyzing open-source bootloaders: Finding vulnerabilities faster with AI." (And they do note that Micxrosoft disclosed the discovered vulnerabilities to the GRUB2, U-boot, and Barebox maintainers and "worked with the GRUB2 maintainers to contribute fixes... GRUB2 maintainers released security updates on February 18, 2025, and both the U-boot and Barebox maintainers released updates on February 19, 2025.")

They add that performing their initial research, using Security Copilot "saved our team approximately a week's worth of time," Microsoft writes, "that would have otherwise been spent manually reviewing the content." Through a series of prompts, we identified and refined security issues, ultimately uncovering an exploitable integer overflow vulnerability. Copilot also assisted in finding similar patterns in other files, ensuring comprehensive coverage and validation of our findings...

As AI continues to emerge as a key tool in the cybersecurity community, Microsoft emphasizes the importance of vendors and researchers maintaining their focus on information sharing. This approach ensures that AI's advantages in rapid vulnerability discovery, remediation, and accelerated security operations can effectively counter malicious actors' attempts to use AI to scale common attack tactics, techniques, and procedures (TTPs).
This week Google also announced Sec-Gemini v1, "a new experimental AI model focused on advancing cybersecurity AI frontiers."

The advent of LLMs and machine learning-based applications "opened the door to a new wave of security threats," argues Google's security blog. (Including model and data poisoning, prompt injection, prompt leaking and prompt evasion.)

So as part of the Linux Foundation's nonprofit Open Source Security Foundation, and in partnership with NVIDIA and HiddenLayer, Google's Open Source Security Team on Friday announced the first stable model-signing library (hosted at PyPI.org), with digital signatures letting users verify that the model used by their application "is exactly the model that was created by the developers," according to a post on Google's security blog. [S]ince models are an uninspectable collection of weights (sometimes also with arbitrary code), an attacker can tamper with them and achieve significant impact to those using the models. Users, developers, and practitioners need to examine an important question during their risk assessment process: "can I trust this model?"

Since its launch, Google's Secure AI Framework (SAIF) has created guidance and technical solutions for creating AI applications that users can trust. A first step in achieving trust in the model is to permit users to verify its integrity and provenance, to prevent tampering across all processes from training to usage, via cryptographic signing... [T]he signature would have to be verified when the model gets uploaded to a model hub, when the model gets selected to be deployed into an application (embedded or via remote APIs) and when the model is used as an intermediary during another training run. Assuming the training infrastructure is trustworthy and not compromised, this approach guarantees that each model user can trust the model...

The average developer, however, would not want to manage keys and rotate them on compromise. These challenges are addressed by using Sigstore, a collection of tools and services that make code signing secure and easy. By binding an OpenID Connect token to a workload or developer identity, Sigstore alleviates the need to manage or rotate long-lived secrets. Furthermore, signing is made transparent so signatures over malicious artifacts could be audited in a public transparency log, by anyone. This ensures that split-view attacks are not possible, so any user would get the exact same model. These features are why we recommend Sigstore's signing mechanism as the default approach for signing ML models.

Today the OSS community is releasing the v1.0 stable version of our model signing library as a Python package supporting Sigstore and traditional signing methods. This model signing library is specialized to handle the sheer scale of ML models (which are usually much larger than traditional software components), and handles signing models represented as a directory tree. The package provides CLI utilities so that users can sign and verify model signatures for individual models. The package can also be used as a library which we plan to incorporate directly into model hub upload flows as well as into ML frameworks.
"We can view model signing as establishing the foundation of trust in the ML ecosystem..." the post concludes (adding "We envision extending this approach to also include datasets and other ML-related artifacts.") Then, we plan to build on top of signatures, towards fully tamper-proof metadata records, that can be read by both humans and machines. This has the potential to automate a significant fraction of the work needed to perform incident response in case of a compromise in the ML world...

To shape the future of building tamper-proof ML, join the Coalition for Secure AI, where we are planning to work on building the entire trust ecosystem together with the open source community. In collaboration with multiple industry partners, we are starting up a special interest group under CoSAI for defining the future of ML signing and including tamper-proof ML metadata, such as model cards and evaluation results.

Software engineer Sergey Tselovalnikov weighs in on the new hype: The term caught on and Twitter quickly flooded with posts about how AI has radically transformed coding and will soon replace all software engineers. While AI undeniably impacts the way we write code, it hasn't fundamentally changed our role as engineers. Allow me to explain.

[...] Vibe coding is interacting with the codebase via prompts. As the implementation is hidden from the "vibe coder", all the engineering concerns will inevitably get ignored. Many of the concerns are hard to express in a prompt, and many of them are hard to verify by only inspecting the final artifact. Historically, all engineering practices have tried to shift all those concerns left -- to the earlier stages of development when they're cheap to address. Yet with vibe coding, they're shifted very far to the right -- when addressing them is expensive.

The question of whether an AI system can perform the complete engineering cycle and build and evolve software the same way a human can remains open. However, there are no signs of it being able to do so at this point, and if it one day happens, it won't have anything to do with vibe coding -- at least the way it's defined today.

[...] It is possible that there'll be a future where software is built from vibe-coded blocks, but the work of designing software able to evolve and scale doesn't go away. That's not vibe engineering -- that's just engineering, even if the coding part of it will look a bit different.

"Researchers have discovered nearly 1.5 million pictures from specialist dating apps — many of which are explicit — being stored online without password protection," reports the BBC, "leaving them vulnerable to hackers and extortionists."

And the images weren't limited to those from profiles, the BBC learned from the ethical hacker who discovered the issue. "They included pictures which had been sent privately in messages, and even some which had been removed by moderators..." Anyone with the link was able to view the private photos from five platforms developed by M.A.D Mobile [including two kink/BDSM sites and two LGBT apps]... These services are used by an estimated 800,000 to 900,000 people.

M.A.D Mobile was first warned about the security flaw on 20th January but didn't take action until the BBC emailed on Friday. They have since fixed it but not said how it happened or why they failed to protect the sensitive images. Ethical hacker Aras Nazarovas from Cybernews first alerted the firm about the security hole after finding the location of the online storage used by the apps by analysing the code that powers the services...

None of the text content of private messages was found to be stored in this way and the images are not labelled with user names or real names, which would make crafting targeted attacks at users more complex.

In an email M.A.D Mobile said it was grateful to the researcher for uncovering the vulnerability in the apps to prevent a data breach from occurring. But there's no guarantee that Mr Nazarovas was the only hacker to have found the image stash.
"Mr Nazarovas and his team decided to raise the alarm on Thursday while the issue was still live as they were concerned the company was not doing anything to fix it..."

An anonymous reader quotes a report from The Verge: A concert on Monday night at New York's Radio City Music Hall was a special occasion for Frank Miller: his parents' wedding anniversary. He didn't end up seeing the show -- and before he could even get past security, he was informed that he was in fact banned for life from the venue and all other properties owned by Madison Square Garden (MSG). After scanning his ticket and promptly being pulled aside by security, Miller was told by staff that he was barred from the MSG properties for an incident at the Garden in 2021. But Miller says he hasn't been to the venue in nearly two decades.

"They hand me a piece of paper letting me know that I've been added to a ban list," Miller says. "There's a trespass notice if I ever show up on any MSG property ever again," which includes venues like Radio City, the Beacon Theatre, the Sphere, and the Chicago Theatre. He was baffled at first. Then it dawned on him: this was probably about a T-shirt he designed years ago. MSG Entertainment won't say what happened with Miller or how he was picked out of the crowd, but he suspects he was identified via controversial facial recognition systems that the company deploys at its venues.

In 2017, 1990s New York Knicks star Charles Oakley was forcibly removed from his seat near Knicks owner and Madison Square Garden CEO James Dolan. The high-profile incident later spiraled into an ongoing legal battle. For Miller, Oakley was an "integral" part of the '90s Knicks, he says. With his background in graphic design, he made a shirt in the style of the old team logo that read, "Ban Dolan" -- a reference to the infamous scuffle. A few years later, in 2021, a friend of Miller's wore a Ban Dolan shirt to a Knicks game and was kicked out and banned from future events. That incident spawned ESPN segments and news articles and validated what many fans saw as a pettiness on Dolan and MSG's part for going after individual fans who criticized team ownership. "Frank Miller Jr. made threats against an MSG executive on social media and produced and sold merchandise that was offensive in nature," Mikyl Cordova, executive vice president of communications and marketing for the company, said in an emailed statement. "His behavior was disrespectful and disruptive and in violation of our code of conduct."

Miller responded to the ban, saying: "I just found it comical, until I was told that my mom was crying [in the lobby]. I was like, 'Oh man, I ruined their anniversary with my shit talk on the internet. Memes are powerful, and so is the surveillance state. It's something that we all have to be aware of -- the panopticon. We're [being] surveilled at all times, and it's always framed as a safety thing, when rarely is that the case. It's more of a deterrent and a fear tactic to try to keep people in line."