This week America's Energy Department selected two companies to perform the first nuclear microreactor tests in a new facility in Idaho, saying the tests "will fast-track the deployment of American microreactor technologies... The first fueled reactor experiment will start as early as spring 2026."

The new facility is named DOME (an acronym for Demonstration of Microreactor Experiments), and it leverages existing "to safely house and test fueled reactor experiments, capable of producing up to 20 megawatts of thermal energy," according to a local newspaper. [T]wo companies were competitively selected in 2023 and are currently working through a multi-phase Energy Department authorization process to support the design, fabrication, construction, and testing of each fueled reactor experiment. Both are expected to meet certain milestones throughout the process to maintain their allotted time in DOME and to ensure efficient use of the test bed, according to the release... The department estimates each DOME reactor experiment will operate up to six months, with the DOME test bed currently under construction and on track to receive its first experiment in early 2026... The next call for applications is anticipated to be in 2026.
The site Interesting Engineering calls the lab "a high-stakes proving ground to accelerate the commercialization of advanced microreactors..." Based in Etna, Pennsylvania, Westinghouse will test its eVinci Nuclear Test Reactor, a compact, transportable microreactor that uses advanced heat pipe technology for passive cooling. Designed to deliver 5 megawatts of electricity on sites as small as two acres, eVinci could support applications ranging from remote communities to mining operations and data centers. Meanwhile, Radiant (El Segundo, California) will test its Kaleidos Development Unit, a 1.2 megawatt electric high-temperature gas reactor aimed at replacing diesel generators. Designed to run for five years, Kaleidos is fueled by TRISO fuel particles that could offer reliable backup power for hospitals, military bases, and other critical infrastructure.
Radiant's CEO said "In short order, we will fuel, go critical, and operate, leading to the mass production of portable reactors which will jumpstart American nuclear energy dominance."

UK Science and Technology Secretary Peter Kyle has written to the UK's national institute for AI to tell its bosses to refocus on defense and security. BBC: In a letter, Kyle said boosting the UK's AI capabilities was "critical" to national security and should be at the core of the Alan Turing Institute's activities. Kyle suggested the institute should overhaul its leadership team to reflect its "renewed purpose."

The cabinet minister said further government investment in the institute would depend on the "delivery of the vision" he had outlined in the letter. A spokesperson for the Alan Turing Institute said it welcomed "the recognition of our critical role and will continue to work closely with the government to support its priorities." Further reading, from April: Alan Turing Institute Plans Revamp in Face of Criticism and Technological Change.

An anonymous reader quotes a report from the Associated Press: Websites that displayed legally mandated U.S. national climate assessments seem to have disappeared, making it harder for state and local governments and the public to learn what to expect in their backyards from a warming world. Scientists said the peer-reviewed authoritative reports save money and lives. Websites for the national assessments and the U.S. Global Change Research Program were down Monday and Tuesday with no links, notes or referrals elsewhere. The White House, which was responsible for the assessments, said the information will be housed within NASA to comply with the law, but gave no further details. Searches for the assessments on NASA websites did not turn them up.

"It's critical for decision makers across the country to know what the science in the National Climate Assessment is. That is the most reliable and well-reviewed source of information about climate that exists for the United States," said University of Arizona climate scientist Kathy Jacobs, who coordinated the 2014 version of the report. "It's a sad day for the United States if it is true that the National Climate Assessment is no longer available," Jacobs said. "This is evidence of serious tampering with the facts and with people's access to information, and it actually may increase the risk of people being harmed by climate-related impacts."

"This is a government resource paid for by the taxpayer to provide the information that really is the primary source of information for any city, state or federal agency who's trying to prepare for the impacts of a changing climate," said Texas Tech climate scientist Katharine Hayhoe, who has been a volunteer author for several editions of the report. Copies of past reports are still squirreled away in NOAA's library. NASA's open science data repository includes dead links to the assessment site. [...] Additionally, NOAA's main climate.gov website was recently forwarded to a different NOAA website. Social media and blogs at NOAA and NASA about climate impacts for the general public were cut or eliminated. "It's part of a horrifying big picture," [said Harvard climate scientist John Holdren, who was President Obama's science advisor and whose office directed the assessments]. "It's just an appalling whole demolition of science infrastructure." National climate assessments are more detailed and locally relevant than UN reports and undergo rigorous peer review and validation by scientific and federal institutions, Hayhoe and Jacobs said. Suppressing these reports would be censoring science, Jacobs said.

New evidence from a 300-year-old supernova remnant in the Large Magellanic Cloud suggests that some Type Ia supernovae may result from a "double detonation" -- where a helium shell ignites first, triggering a second core explosion in a white dwarf before it reaches critical mass. "While the physics of the process itself are interesting, the key question this raises is whether type Ia supernovae really are all equally bright," writes Ars Technica's John Timmer. "If they can detonate with substantially less mass than is needed for direct ignition of the core, then it's possible that some of them could be considerably less bright." However, the research team notes that additional factors -- such as the influence of binary systems or secondary detonations -- could further complicate the picture. Ars Technica reports: "The detonations in the carbon-oxygen core and the helium-rich shell result in qualitatively different yield products," the researchers behind the new work write in a paper describing it. In the paper, they focus on calcium, which there are two ways of producing. One is from the outer shell of helium, via fusion before the detonation dilutes the material. A second batch of calcium is produced through the fusion of the core material as it's ejected in the supernova, which prevents further fusion events from converting it to even heavier elements. (Material deeper in the core does end up getting fused into heavier material.) Because it's produced by both of the detonations, models predict that the expanding sphere of debris will contain two different shells of calcium, with some space in between them. To find evidence for these shells, the researchers checked an older supernova remnant, which allows enough time for the movement of material to separate the shells by enough distance that they can be resolved from Earth.

They focused their observations on a supernova remnant named SNR 0509-67.5, located in the nearby Large Magellanic Cloud. SNR 0509-67.5 is estimated to be a bit over 300 years old, meaning material has had enough time to move a significant distance away from the site of the explosion. Imaging using a spectrograph on the Very Large Telescope allowed them to resolve what, in effect, was a spherical sulfur sandwich, with the role of the bread played by calcium. In other words, if you were to travel away from the site of the explosion, you would first hit a layer of ionized calcium, followed by ionized sulfur, and then run into a second layer of ionized calcium. This is exactly what computer models that simulate double detonations predict. So, the researchers suggest it is strong support for that hypothesis. The researchers say that the details suggest that SNR 0509-67.5 was a white dwarf with roughly the same mass as the Sun when it exploded, and that its explosion was likely triggered by the detonation of a helium shell with only three percent of the Sun's mass.

HP is developing a "PCFax" system similar to CarFax for used cars that securely collects and stores detailed device usage and health data at the firmware level to extend the life of PCs and reduce e-waste. A team of HP experts outlines the system in a recent IEEE Spectrum report: The secure telemetry protocol we've developed at HP works as follows. We gather the critical hardware and sensor data and store it in a designated area of the SSD. This area is write-locked, meaning only authorized firmware components can write to it, preventing accidental modification or tampering. That authorized firmware component we us is the Endpoint Security Controller, a dedicated piece of hardware embedded in business class HP PCs. It plays a critical role in strengthening platform-level security and works independently from the main CPU to provide foundational protection.

The endpoint security controller establishes a secure session by retaining the secret key within the controller itself. This mechanism enables read data protection on the SSD -- where telemetry and sensitive data are stored -- by preventing unauthorized access, even if the operating system is reinstalled or the system environment is otherwise altered. Then, the collected data is recorded in a timestamped file, stored within a dedicated telemetry log on the SSD. Storing these records on the SSD has the benefit of ensuring the data is persistent even if the operating system is reinstalled or some other drastic change in software environment occurs. The telemetry log employs a cyclic buffer design, automatically overwriting older entries when the log reaches full capacity. Then, the telemetry log can be accessed by authorized applications at the operating system level.

The telemetry log serves as the foundation for a comprehensive device history report. Much like a CarFax report for used cars, this report, which we call PCFax, will provide both current users and potential buyers with crucial information. The PCFax report aggregates data from multiple sources beyond just the on-device telemetry logs. It combines the secure firmware-level usage data with information from HP's factory and supply chain records, digital services platforms, customer support service records, diagnostic logs, and more. Additionally, the system can integrate data from external sources including partner sales and service records, refurbishment partner databases, third-party component manufacturers like Intel, and other original equipment manufacturers. This multi-source approach creates a complete picture of the device's entire lifecycle, from manufacturing through all subsequent ownership and service events.

An anonymous reader shared this report from the tech news site The Register: The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) this week published guidance urging software developers to adopt memory-safe programming languages. "The importance of memory safety cannot be overstated," the inter-agency report says...

The CISA/NSA report revisits the rationale for greater memory safety and the government's calls to adopt memory-safe languages (MSLs) while also acknowledging the reality that not every agency can change horses mid-stream. "A balanced approach acknowledges that MSLs are not a panacea and that transitioning involves significant challenges, particularly for organizations with large existing codebases or mission-critical systems," the report says. "However, several benefits, such as increased reliability, reduced attack surface, and decreased long-term costs, make a strong case for MSL adoption."

The report cites how Google by 2024 managed to reduce memory safety vulnerabilities in Android to 24 percent of the total. It goes on to provide an overview of the various benefits of adopting MSLs and discusses adoption challenges. And it urges the tech industry to promote memory safety by, for example, advertising jobs that require MSL expertise.

It also cites various government projects to accelerate the transition to MSLs, such as the Defense Advanced Research Projects Agency (DARPA) Translating All C to Rust (TRACTOR) program, which aspires to develop an automated method to translate C code to Rust. A recent effort along these lines, dubbed Omniglot, has been proposed by researchers at Princeton, UC Berkeley, and UC San Diego. It provides a safe way for unsafe libraries to communicate with Rust code through a Foreign Function Interface....

"Memory vulnerabilities pose serious risks to national security and critical infrastructure," the report concludes. "MSLs offer the most comprehensive mitigation against this pervasive and dangerous class of vulnerability."
"Adopting memory-safe languages can accelerate modern software development and enhance security by eliminating these vulnerabilities at their root," the report concludes, calling the idea "an investment in a secure software future."

"By defining memory safety roadmaps and leading the adoption of best practices, organizations can significantly improve software resilience and help ensure a safer digital landscape."

"The potential threat of bosses attempting to replace human workers with AI agents is just one of many compounding reasons people are critical of generative AI..." writes Wired, arguing that there's an AI backlash that "keeps growing strong."

"The pushback from the creative community ramped up during the 2023 Hollywood writer's strike, and continued to accelerate through the current wave of copyright lawsuits brought by publishers, creatives, and Hollywood studios." And "Right now, the general vibe aligns even more with the side of impacted workers." "I think there is a new sort of ambient animosity towards the AI systems," says Brian Merchant, former WIRED contributor and author of Blood in the Machine, a book about the Luddites rebelling against worker-replacing technology. "AI companies have speedrun the Silicon Valley trajectory." Before ChatGPT's release, around 38 percent of US adults were more concerned than excited about increased AI usage in daily life, according to the Pew Research Center. The number shot up to 52 percent by late 2023, as the public reacted to the speedy spread of generative AI. The level of concern has hovered around that same threshold ever since...

[F]rustration over AI's steady creep has breached the container of social media and started manifesting more in the real world. Parents I talk to are concerned about AI use impacting their child's mental health. Couples are worried about chatbot addictions driving a wedge in their relationships. Rural communities are incensed that the newly built data centers required to power these AI tools are kept humming by generators that burn fossil fuels, polluting their air, water, and soil. As a whole, the benefits of AI seem esoteric and underwhelming while the harms feel transformative and immediate.

Unlike the dawn of the internet where democratized access to information empowered everyday people in unique, surprising ways, the generative AI era has been defined by half-baked software releases and threats of AI replacing human workers, especially for recent college graduates looking to find entry-level work. "Our innovation ecosystem in the 20th century was about making opportunities for human flourishing more accessible," says Shannon Vallor, a technology philosopher at the Edinburgh Futures Institute and author of The AI Mirror, a book about reclaiming human agency from algorithms. "Now, we have an era of innovation where the greatest opportunities the technology creates are for those already enjoying a disproportionate share of strengths and resources."

The impacts of generative AI on the workforce are another core issue that critics are organizing around. "Workers are more intuitive than a lot of the pundit class gives them credit for," says Merchant. "They know this has been a naked attempt to get rid of people."
The article suggests "the next major shift in public opinion" is likely "when broad swaths of workers feel further threatened," and organize in response...

After past damage to undersea cables, Denmark will boost their surveillance of Baltic Sea/North Sea waters by deploying four uncrewed surface vessels — about 10 meters long — that are equipped with drones and also AI, reports Euronews.

The founder/CEO of the company that makes the vessels — Saildrone — says they'll work "like a truck" that "carries the sensors." And then "we use on-board sophisticated machine learning and AI to fuse that data to give us a full picture of what's above and below the surface." Powered by solar and wind energy, they can operate autonomously for months at sea. [Saildrone] said the autonomous sailboats can support operations such as illegal fishing detection, border enforcement, and strategic asset protection... The four "Voyagers" will be first in operation for a three-month trial, as Denmark and NATO allies aim at extending maritime presence, especially around critical undersea infrastructure such as fibre optic cables and power lines. NATO and its allies have increased sea patrolling following several incidents.

Steven J. Vaughan-Nichols writes in an opinion piece for The Register: Microsoft, tactically admitting it has failed at talking all the Windows 10 PC users into moving to Windows 11 after all, is -- sort of, kind of -- extending Windows 10 support for another year. For most users, that means they'll need to subscribe to Microsoft 365. This, in turn, means their data and meta-information will be kept in a US-based datacenter. That isn't sitting so well with many European Union (EU) organizations and companies. It doesn't sit that well with me or a lot of other people either.

A few years back, I wrote in these very pages that Microsoft didn't want you so much to buy Windows as subscribe to its cloud services and keep your data on its servers. If you wanted a real desktop operating system, Linux would be almost your only choice. Nothing has changed since then, except that folks are getting a wee bit more concerned about their privacy now that President Donald Trump is in charge of the US. You may have noticed that he and his regime love getting their hands on other people's data.

Privacy isn't the only issue. Can you trust Microsoft to deliver on its service promises under American political pressure? Ask the EU-based International Criminal Court (ICC) which after it issued arrest warrants for Israeli Prime Minister Benjamin Netanyahu for war crimes, Trump imposed sanctions on the ICC. Soon afterward, ICC's chief prosecutor, Karim Khan, was reportedly locked out of his Microsoft email accounts. Coincidence? Some think not. Microsoft denies they had anything to do with this.

Peter Ganten, chairman of the German-based Open-Source Business Alliance (OSBA), opined that these sanctions ordered by the US which he alleged had been implemented by Microsoft "must be a wake-up call for all those responsible for the secure availability of state and private IT and communication infrastructures." Microsoft chairman and general counsel, Brad Smith, had promised that it would stand behind its EU customers against political pressure. In the aftermath of the ICC reports, Smith declared Microsoft had not been "in any way [involved in] the cessation of services to the ICC." In the meantime, if you want to reach Khan, you'll find him on the privacy-first Swiss email provider, ProtonMail.

In short, besides all the other good reasons for people switching to the Linux desktop - security, Linux is now easy to use, and, thanks to Steam, you can do serious gaming on Linux - privacy has become much more critical. That's why several EU governments have decided that moving to the Linux desktop makes a lot of sense... Besides, all these governments know that switching from Windows 10 to 11 isn't cheap. While finances also play a role, and I always believe in "following the money" when it comes to such software decisions, there's no question that Europe is worried about just how trustworthy America and its companies are these days. Do you blame them? I don't. The shift to the Linux desktop is "nothing new," as Vaughan-Nichols notes. Munich launched its LiMux project back in 2004 and, despite ending it in 2017, reignited its open-source commitment by establishing a dedicated program office in 2024. In France, the gendarmerie now operates over 100,000 computers on a custom Ubuntu-based OS (GendBuntu), while the city of Lyon is transitioning to Linux and PostgreSQL.

More recently, Denmark announced it is dropping Windows and Office in favor of Linux and LibreOffice, citing digital sovereignty. The German state of Schleswig-Holstein is following suit, also moving away from Microsoft software. Meanwhile, a pan-European Linux OS (EU OS) based on Fedora Kinoite is being explored, with Linux Mint and openSUSE among the alternatives under consideration.

An anonymous reader quotes a report from SecurityWeek: Hundreds of printer models from Brother and other vendors are impacted by potentially serious vulnerabilities discovered by researchers at Rapid7. The cybersecurity firm revealed on Wednesday that its researchers identified eight vulnerabilities affecting multifunction printers made by Brother. The security holes have been found to impact 689 printer, scanner and label maker models from Brother, and some or all of the flaws also affect 46 Fujifilm Business Innovation, five Ricoh, six Konica Minolta, and two Toshiba printers. Overall, millions of enterprise and home printers are believed to be exposed to hacker attacks due to these vulnerabilities.

The most serious of the flaws, tracked as CVE-2024-51978 and with a severity rating of 'critical', can allow a remote and unauthenticated attacker to bypass authentication by obtaining the device's default administrator password. CVE-2024-51978 can be chained with an information disclosure vulnerability tracked as CVE-2024-51977, which can be exploited to obtain a device's serial number. This serial number is needed to generate the default admin password. "This is due to the discovery of the default password generation procedure used by Brother devices," Rapid7 explained. "This procedure transforms a serial number into a default password. Affected devices have their default password set, based on each device's unique serial number, during the manufacturing process."

Having the admin password enables an attacker to reconfigure the device or abuse functionality intended for authenticated users. The remaining vulnerabilities, which have severity ratings of 'medium' and 'high', can be exploited for DoS attacks, forcing the printer to open a TCP connection, obtain the password of a configured external service, trigger a stack overflow, and perform arbitrary HTTP requests. Six of the eight vulnerabilities found by Rapid7 can be exploited without authentication. Brother has patched most of the flaws, but CVE-2024-51978 requires a new manufacturing process to fully resolve, which will apply only to future devices.

An anonymous reader quotes a report from Ars Technica: After sending cease-and-desist letters to VMware users whose support contracts had expired and who subsequently declined to subscribe to one of Broadcom's VMware bundles, Broadcom has started the process of conducting audits on former VMware customers. [...] Ars Technica reviewed a letter that a software provider and VMware user in the Netherlands received that is dated June 20 and informs the firm that it "has been selected for a formal audit of its use of VMware software and support services" [PDF]. The security professional who provided Ars with the letter asked to keep their name and their employers' name anonymous out of privacy concerns.

The anonymous employee told Ars that their company had been a VMware customer for "about" a decade before deciding not to sign up for a new contract with Broadcom's VMware a year ago. The company had been using VMware Cloud Foundation and vSphere. "Our CEO decided to not extend the support contract because of the costs," the employee said. "This already impacts us security-wise because we can no longer get updates (unless the CVSS score is critical)." The letter notes that an auditing firm, Connor Consulting, which is headquartered in San Francisco and has offices around the globe, will perform a review of the company's "VMware deployment and entitlements, which may include fieldwork or remote testing and meetings with members of your accounting, licensing, and management information systems functions." The letter informs its recipient that someone from Connor will reach out and that the VMware user should respond within three business days.

The letter, signed by Aiden Fitzgerald, director of global sales operations at Broadcom, claims that Broadcom will use its time "as efficiently and productively as possible to minimize disruption." Still, the security worker that Ars spoke with is concerned about the implications of the audit and said they "expect a big financial impact" for their employer. They added: "Because we are focusing on saving costs and are on a pretty tight financial budget, this will likely have impact on the salary negotiations or even layoffs of employees. Currently, we have some very stressed IT managers [and] legal department [employees] ..." The employee noted that they are unsure if their employer exceeded its license limits. If the firm did, it could face "big" financial repercussions, the worker noted.

A Gallup and Walton Family Foundation poll found 6 in 10 US teachers in K-12 public schools used AI tools for work during the past school year, with higher adoption rates among high school educators and early-career teachers. The survey of more than 2,000 teachers nationwide conducted in April found that those using AI tools weekly estimate saving about six hours per week.

About 8 in 10 teachers using AI tools report time savings on creating worksheets, assessments, quizzes and administrative work. About 6 in 10 said AI improves their work quality when modifying student materials or providing feedback. However, approximately half of teachers worry student AI use will diminish teens' critical thinking abilities and independent problem-solving persistence.

The Register's Simon Sharwood reports: Huawei's chairman Xu Zhijun -- aka Eric Xu -- has called out China's enormous lead in fiber-to-the-room (FTTR) installations. Speaking at last week's Mobile World Congress event in Shanghai, Xu shared his views on the telecommunications industry's future growth opportunities and said by the end of 2025 China will be home to 75 million FTTR installations -- but just 500,000 exist outside the Middle Kingdom. Xu said FTTR will benefit businesses by increasing their internet connection speeds, helping them address spotty Wi-Fi coverage, allowing them to deploy tech in more places, and therefore creating more opportunities to adopt productivity-boosting devices and services. FTTR will also help carriers to sell more expensive packages, he said. Xu also urged telecom carriers to target high-growth user groups like delivery riders and livestream influencers, citing their above-average data consumption and revenue potential. Delivery riders, who will make up 5% of the global workforce by 2030, use four times more voice minutes and double the data of average users, while influencers generate five times the data usage and four times the revenue.

He also pushed for greater collaboration between carriers and platforms to deliver more high-res video content, and called for improved efficiency in networking equipment and device power use. "Xu said Huawei is here to help carriers deliver any of the scenarios he mentioned," concludes Sharwood. "And of course it is, because the Chinese giant has a thriving business selling to telcos -- or at least to telcos beyond the liberal democracies that have largely decided Huawei's close ties with Beijing mean the company and its products represent an unacceptable threat to the operation of critical infrastructure."

In a podcast interview with The Verge's Nilay Patel, Hinge CEO Justin McLeod described integrating AI into dating apps as promising but warned against relying on AI companionship, likening it to "playing with fire" and consuming "junk food," potentially exacerbating the loneliness epidemic. He emphasized Hinge's mission to foster genuine human connections and highlighted upcoming AI-powered features designed to improve matchmaking and provide coaching to encourage real-world interactions. Here's an excerpt from the interview: Again, there's a fine line between prompting someone and coaching them inside Hinge, and we're coaching them in a different way within a more self-contained ecosystem. How do you think about that? Would you launch a full-on virtual girlfriend inside Hinge?

Certainly not. I have lots of thoughts about this. I think there's actually quite a clear line between providing a tool that helps people do something or get better at something, and the line where it becomes this thing that is trying to become your friend, trying to mimic emotions, and trying to create an emotional connection with you. That I think is really playing with fire. I think we are already in a crisis of loneliness, and a loneliness epidemic. It's a complex issue, and it's baked into our culture, and it goes back to before the internet. But just since 2000, over the past 20 years, the amount of time that people spend together in real life with their friends has dropped by 70 percent for young people. And it's been almost completely displaced by the time spent staring at screens. As a result, we've seen massive increases in mental health issues, and people's loneliness, anxiety, and depression.

I think Mark Zuckerberg was just quoted about this, that most people don't have enough friends. But he said we're going to give them AI chatbots. That he believes that AI chatbots can become your friends. I think that's honestly an extraordinarily reductive view of what a friendship is, that it's someone there to say all the right things to you at the right moment The most rewarding parts of being in a friendship are being able to be there for someone else, to risk and be vulnerable, to share experiences with other conscious entities. So I think that while it will feel good in the moment, like junk food basically, to have an experience with someone who says all the right things and is available at the right time, it will ultimately, just like junk food, make people feel less healthy and mo re drained over time. It will displace the human relationships that people should be cultivating out in the real world.

How do you compete with that? That is the other thing that is happening. It is happening. Whether it's good or bad. Hinge is offering a harder path. So you say, "We've got to get people out on dates." I honestly wonder about that, based on the younger folks I know who sometimes say, âoeI just don't want to leave the house. I would rather just talk to this computer. I have too much social pressure just leaving the house in this way.â That's what Hinge is promising to do. How do you compete with that? Do you take it head on? Are you marketing that directly?

I'm starting to think very much about taking it head on. We want to continue at Hinge to champion human relationships, real human-to-human-in-real-life relationships, because I think they are an essential part of the human experience, and they're essential to our mental health. It's not just because I run a dating app and, obviously, it's important that people continue to meet. It really is a deep, personal mission of mine, and I think it's absolutely critical that someone is out there championing this. Because it's always easier to race to the bottom of the brain stem and offer people junk products that maybe sell in the moment but leave them worse off. That's the entire model that we've seen from what happened with social media. I think AI chatbots could frankly be much more dangerous in that respect.

So what we can do is to become more and more effective and support people more and more, and make it as easy as possible to do the harder and riskier thing, which is to go out and form real relationships with real people. They can let you down and might not always be there for you, but it is ultimately a much more nourishing and enriching experience for people. We can also champion and raise awareness as much as we can. That's another reason why I'm here today talking with you, because I think it's important to put out the counter perspective, that we don't just reflexively believe that AI chatbots can be your friend, without thinking too deeply about what that really implies and what that really means.

We keep going back to junk food, but people had to start waking up to the fact that this was harmful. We had to do a lot of campaigns to educate people that drinking Coca-Cola and eating fast food was detrimental to their health over the long term. And then as people became more aware of that, a whole personal wellness industry started to grow, and now that's a huge industry, and people spend a lot of time focusing on their diet and nutrition and mental health, and all these other things. I think similarly, social wellness needs to become a category like that. It's thinking about not just how do I get this junk social experience of social media where I get fed outraged news and celebrity gossip and all that stuff, but how do I start building a sense of social wellness, where I can create an enriching, intimate connection with important people in my life. You can listen to the podcast here.

The Python Software Foundation ("made up of, governed, and led by the community") does more than just host Python and its documnation, the Python Package Repository, and the development workflows of core CPython developers. This week the PSF released its 28-page Annual Impact Report this week, noting that 2024 was their first year with three CPython developers-in-residence — and "Between Lukasz, Petr, and Serhiy, over 750 pull requests were authored, and another 1,500 pull requests by other authors were reviewed and merged." Lukasz Langa co-implemented the new colorful shell included in Python 3.13, along with Pablo Galindo Salgado, Emily Morehouse-Valcarcel, and Lysandros Nikolaou.... Code-wise, some of the most interesting contributions by Petr Viktorin were around the ctypes module that allows interaction between Python and C.... These are just a few of Serhiy Storchaka's many contributions in 2024: improving error messages for strings, bytes, and bytearrays; reworking support for var-arguments in the C argument handling generator called "Argument Clinic"; fixing memory leaks in regular expressions; raising the limits for Python integers on 64-bit platforms; adding support for arbitrary code page encodings on Windows; improving complex and fraction number support...

Thanks to the investment of [the OpenSSF's security project] Alpha-Omega in 2024, our Security Developer-in-Residence, Seth Larson, continued his work improving the security posture of CPython and the ecosystem of Python packages. Python continues to be an open source security leader, evident by the Linux kernel becoming a CVE Numbering Authority using our guide as well as our publication of a new implementers guide for Trusted Publishers used by Ruby, Crates.io, and Nuget. Python was also recommended as a memory-safe programming language in early 2024 by the White House and CISA following our response to the Office of the National Cyber Directory Request for Information on open source security in 2023... Due to the increasing demand for SBOMs, Seth has taken the initiative to generate SBOM documents for the CPython runtime and all its dependencies, which are now available on python.org/downloads. Seth has also started work on standardizing SBOM documents for Python packages with PEP 770, aiming to solve the "Phantom Dependency" problem and accurately represent non-Python software included in Python packages.

With the continued investment in 2024 by Amazon Web Services Open Source and Georgetown CSET for this critical role, our PyPI Safety & Security Engineer, Mike Fiedler, completed his first full calendar year at the PSF... In March 2024, Mike added a "Report project as malware" button on the website, creating more structure to inbound reports and decreasing remediation time. This new button has been used over 2,000 times! The large spike in June led to prohibiting Outlook email domains, and the spike in November was driven by a persistent attack. Mike developed the ability to place projects in quarantine pending further investigation. Thanks to a grant from Alpha-Omega, Mike will continue his work for a second year. We plan to do more work on minimizing time-on-PyPI for malware in 2025...

In 2024, PyPI saw an 84% growth in download counts and 48% growth in bandwidth, serving 526,072,569,160 downloads for the 610,131 projects hosted there, requiring 1.11 Exabytes of data transfer, or 281.6 Gbps of bandwidth 24x7x365. In 2024, 97k new projects, 1.2 million new releases, and 3.1 million new files were uploaded to the index.

The education-news site EdSurge published "sponsored content" from Minecraft Education this month. "Students light up when they create something meaningful," the article begins. "Self-expression fuels learning, and creativity lies at the heart of the human experience."

But they also argue that "As AI rapidly reshapes software development, computer science education must move beyond syntax drills and algorithmic repetition." Students "must also learn to think systemically..." As AI automates many of the mechanical aspects of programming, the value of CS education is shifting, from writing perfect code to shaping systems, telling stories through logic and designing ethical, human-centered solutions... [I]t's critical to offer computer science experiences that foster invention, expression and design. This isn't just an education issue — it's a workforce one. Creativity now ranks among the top skills employers seek, alongside analytical thinking and AI literacy. As automation reshapes the job market, McKinsey estimates up to 375 million workers may need to change occupations by 2030. The takeaway? We need more adaptable, creative thinkers.

Creative coding, where programming becomes a medium for self-expression and innovation, offers a promising solution to this disconnect. By positioning code as a creative tool, educators can tap into students' intrinsic motivation while simultaneously building computational thinking skills. This approach helps students see themselves as creators, not just consumers, of technology. It aligns with digital literacy frameworks that emphasize critical evaluation, meaningful contribution and not just technical skills.

One example of creative coding comes from a curriculum that introduces computer science through game design and storytelling in Minecraft... Developed by Urban Arts in collaboration with Minecraft Education, the program offers middle school teachers professional development, ongoing coaching and a 72-session curriculum built around game-based instruction. Designed for grades 6-8, the project-based program is beginner-friendly; no prior programming experience is required for teachers or students. It blends storytelling, collaborative design and foundational programming skills with a focus on creativity and equity.... Students use Minecraft to build interactive narratives and simulations, developing computational thinking and creative design... Early results are promising: 93 percent of surveyed teachers found the Creative Coders program engaging and effective, noting gains in problem-solving, storytelling and coding, as well as growth in critical thinking, creativity and resilience.

As AI tools like GitHub Copilot become standard in development workflows, the definition of programming proficiency is evolving. Skills like prompt engineering, systems thinking and ethical oversight are rising in importance, precisely what creative coding develops... As AI continues to automate routine tasks, students must be able to guide systems, understand logic and collaborate with intelligent tools. Creative coding introduces these capabilities in ways that are accessible, culturally relevant and engaging for today's learners.
Some background from long-time Slashdot reader theodp: The Urban Arts and Microsoft Creative Coders program touted by EdSurge in its advertorial was funded by a $4 million Education Innovation and Research grant that was awarded to Urban Arts in 2023 by the U.S. Education Department "to create an engaging, game-based, middle school CS course using Minecraft tools" for 3,450 middle schoolers (6th-8th grades)" in New York and California (Urban Arts credited Minecraft for helping craft the winning proposal)... New York City is a Minecraft Education believer — the Mayor's Office of Media and Entertainment recently kicked off summer with the inaugural NYC Video Game Festival, which included the annual citywide Minecraft Education Battle of the Boroughs Esports Competition in partnership with NYC Public Schools.

In response to escalating tensions with Israel, Iran has begun throttling internet access, with plans to disconnect from the global internet entirely to prevent Israeli cyberattacks. The Iranian government also urges citizens to delete WhatsApp -- one of the country's most popular messaging platforms -- claiming without evidence that the Meta-owned app has been weaponed by Israel to spy on its users. (WhatsApp vehemently denied those claims in a statement to the Associated Press.) Telegram is also said to be blocked as well. The Verge reports: The announcements come amidst the escalating war between Iran and Israel, which broke out after Israel attacked the country on June 12th, and a rise in reported internet outages. Civilians have claimed that they've been unable to access basic but critical telecommunications services, such as messaging apps, maps, and sometimes the internet itself. Cloudflare reported that two major Iranian cellular carriers effectively went offline on Tuesday, and The New York Times reports that even VPNs, which Iranians frequently use to access banned sites like Facebook and Instagram, have become increasingly harder to access. [...]

Israel's role in the cyber outages has not been officially confirmed, but independent analysts at NetBlocks noticed a significant reduction of internet traffic originating from Iran on Tuesday, starting at 5:30 PM local time. According to Tasnim, a news network affiliated with the Iranian Revolutionary Guards, Iranians will still have access to the country's state-operated national internet service, though two Iranian officials told the Times that the internal bandwidth could be reduced by up to 80 percent.

Denmark has deployed four uncrewed robotic sailboats (known as "Voyagers") for a three-month trial to boost maritime surveillance amid rising tensions in the Baltic region. The Associated Press reports: Built by Alameda, California-based company Saildrone, the vessels will patrol Danish and NATO waters in the Baltic and North Seas, where maritime tensions and suspected sabotage have escalated sharply since Russia's full-scale invasion of Ukraine on Feb. 24, 2022. Two of the Voyagers launched Monday from Koge Marina, about 40 kilometers (25 miles) south of the Danish capital, Copenhagen. Powered by wind and solar energy, these sea drones can operate autonomously for months at sea. Saildrone says the vessels carry advanced sensor suites -- radar, infrared and optical cameras, sonar and acoustic monitoring. Their launch comes after two others already joined a NATO patrol on June 6.

Saildrone founder and CEO Richard Jenkins compared the vessels to a "truck" that carries sensors and uses machine learning and artificial intelligence to give a "full picture of what's above and below the surface" to about 20 to 30 miles (30 to 50 kilometers) in the open ocean. He said that maritime threats like damage to undersea cables, illegal fishing and the smuggling of people, weapons and drugs are going undetected simply because "no one's observing it." Saildrone, he said, is "going to places ... where we previously didn't have eyes and ears." The Danish Defense Ministry says the trial is aimed at boosting surveillance capacity in under-monitored waters, especially around critical undersea infrastructure such as fiber-optic cables and power lines.

Researchers have built a breakthrough random number generator that solves a critical problem: for the first time, every step of creating random numbers can be independently verified and audited, with quantum physics guaranteeing the numbers were truly unpredictable.

Random numbers are essential for everything from online banking encryption to fair lottery drawings, but current systems have serious limitations. Computer-based generators follow predictable algorithms -- if someone discovers the starting conditions, they can predict all future outputs. Hardware generators that measure physical processes like electronic noise can't prove their randomness wasn't somehow predetermined or tampered with.

The new system, developed by teams at the University of Colorado Boulder and the National Institute of Standards and Technology, uses quantum entanglement -- Einstein's "spooky action at a distance" -- to guarantee unpredictability. The setup creates pairs of photons that share quantum properties, then sends them to measurement stations 110 meters apart. When researchers measure each photon's properties, quantum mechanics ensures the results are fundamentally random and cannot be influenced by any classical communication between the stations.

The team created a system called "Twine" that distributes the random number generation process across multiple independent parties, with each step recorded in tamper-proof digital ledgers called hash chains. This means no single organization controls the entire process, and anyone can verify that proper procedures were followed. During a 40-day demonstration, the system successfully generated random numbers in 7,434 of 7,454 attempts -- a 99.7% success rate. Each successful run produced 512 random bits with mathematical certainty of randomness bounded by an error rate of 2^-64, an extraordinarily high level of confidence.

Meta and AWS have used Rust, and Netflix uses Go,reports the programming news site InfoQ. But using another language, Apple recently "migrated its global Password Monitoring service from Java to Swift, achieving a 40% increase in throughput, and significantly reducing memory usage."

This freed up nearly 50% of their previously allocated Kubernetes capacity, according to the article, and even "improved startup time, and simplified concurrency." In a recent post, Apple engineers detailed how the rewrite helped the service scale to billions of requests per day while improving responsiveness and maintainability... "Swift allowed us to write smaller, less verbose, and more expressive codebases (close to 85% reduction in lines of code) that are highly readable while prioritizing safety and efficiency."

Apple's Password Monitoring service, part of the broader Password app's ecosystem, is responsible for securely checking whether a user's saved credentials have appeared in known data breaches, without revealing any private information to Apple. It handles billions of requests daily, performing cryptographic comparisons using privacy-preserving protocols. This workload demands high computational throughput, tight latency bounds, and elastic scaling across regions... Apple's previous Java implementation struggled to meet the service's growing performance and scalability needs. Garbage collection caused unpredictable pause times under load, degrading latency consistency. Startup overhead — from JVM initialization, class loading, and just-in-time compilation, slowed the system's ability to scale in real time. Additionally, the service's memory footprint, often reaching tens of gigabytes per instance, reduced infrastructure efficiency and raised operational costs.

Originally developed as a client-side language for Apple platforms, Swift has since expanded into server-side use cases.... Swift's deterministic memory management, based on reference counting rather than garbage collection (GC), eliminated latency spikes caused by GC pauses. This consistency proved critical for a low-latency system at scale. After tuning, Apple reported sub-millisecond 99.9th percentile latencies and a dramatic drop in memory usage: Swift instances consumed hundreds of megabytes, compared to tens of gigabytes with Java.
"While this isn't a sign that Java and similar languages are in decline," concludes InfoQ's article, "there is growing evidence that at the uppermost end of performance requirements, some are finding that general-purpose runtimes no longer suffice."