America's outgoing national security adviser has "wide access to the world's secrets," writes Axios, adding that the security adviser delivered a "chilling" warning that "The next few years will determine whether AI leads to catastrophe — and whether China or America prevails in the AI arms race."

But in addition, Sullivan "said in our phone interview that unlike previous dramatic technology advancements (atomic weapons, space, the internet), AI development sits outside of government and security clearances, and in the hands of private companies with the power of nation-states... 'There's going to have to be a new model of relationship because of just the sheer capability in the hands of a private actor,' Sullivan says..." Somehow, government will have to join forces with these companies to nurture and protect America's early AI edge, and shape the global rules for using potentially God-like powers, he says. U.S. failure to get this right, Sullivan warns, could be "dramatic, and dramatically negative — to include the democratization of extremely powerful and lethal weapons; massive disruption and dislocation of jobs; an avalanche of misinformation..."

To distill Sullivan: America must quickly perfect a technology that many believe will be smarter and more capable than humans. We need to do this without decimating U.S. jobs, and inadvertently unleashing something with capabilities we didn't anticipate or prepare for. We need to both beat China on the technology and in shaping and setting global usage and monitoring of it, so bad actors don't use it catastrophically. Oh, and it can only be done with unprecedented government-private sector collaboration — and probably difficult, but vital, cooperation with China...

There's no person we know in a position of power in AI or governance who doesn't share Sullivan's broad belief in the stakes ahead...

That said, AI is like the climate: America could do everything right — but if China refuses to do the same, the problem persists and metastasizes fast. Sullivan said Trump, like Biden, should try to work with Chinese leader Xi Jinping on a global AI framework, much like the world did with nuclear weapons.
"I personally am not an AI doomer," Sullivan says in the interview. "I am a person who believes that we can seize the opportunities of AI. But to do so, we've got to manage the downside risks, and we have to be clear-eyed and real about those risks."

Thanks to long-time Slashdot reader Mr_Blank for sharing the article.

Google computer scientists have been using LLMs to streamline internal code migrations, achieving significant time savings of up to 89% in some cases. The findings appear in a pre-print paper titled "How is Google using AI for internal code migrations?" The Register reports: Their focus is on bespoke AI tools developed for specific product areas, such as Ads, Search, Workspace and YouTube, instead of generic AI tools that provide broadly applicable services like code completion, code review, and question answering. Google's code migrations involved: changing 32-bit IDs in the 500-plus-million-line codebase for Google Ads to 64-bit IDs; converting its old JUnit3 testing library to JUnit4; and replacing the Joda time library with Java's standard java.time package. The int32 to int64 migration, the Googlers explain, was not trivial as the IDs were often generically defined (int32_t in C++ or Integer in Java) and were not easily searchable. They existed in tens of thousands of code locations across thousands of files. Changes had to be tracked across multiple teams and changes to class interfaces had to be considered across multiple files. "The full effort, if done manually, was expected to require hundreds of software engineering years and complex crossteam coordination," the authors explain.

For their LLM-based workflow, Google's software engineers implemented the following process. An engineer from Ads would identify an ID in need of migration using a combination of code search, Kythe, and custom scripts. Then an LLM-based migration toolkit, triggered by someone knowledgeable in the art, was run to generate verified changes containing code that passed unit tests. Those changes would be manually checked by the same engineer and potentially corrected. Thereafter, the code changes would be sent to multiple reviewers who are responsible for the portion of the codebase affected by the changes. The result was that 80 percent of the code modifications in the change lists (CLs) were purely the product of AI; the remainder were either human-authored or human-edited AI suggestions.

"We discovered that in most cases, the human needed to revert at least some changes the model made that were either incorrect or not necessary," the authors observe. "Given the complexity and sensitive nature of the modified code, effort has to be spent in carefully rolling out each change to users." Based on this, Google undertook further work on LLM-driven verification to reduce the need for detailed review. Even with the need to double-check the LLM's work, the authors estimate that the time required to complete the migration was reduced by 50 percent. With LLM assistance, it took just three months to migrate 5,359 files and modify 149,000 lines of code to complete the JUnit3-JUnit4 transition. Approximately 87 percent of the code generated by AI ended up being committed with no changes. As for the Joda-Java time framework switch, the authors estimate a time saving of 89 percent compared to the projected manual change time, though no specifics were provided to support that assertion.

Slashdot reader rzack writes: Since 1999, I've written a huge amount of PHP code, for dozens of applications and websites. Most of it has been continually updated, and remains active and in-production, in one form or another.

Here's the thing. It's all hand-written using vi, even to this day.

Is there any benefit to migrating this codebase to a more modern PHP framework, like Laravel? And is there an easy and minimally intrusive way this can be done en-masse, across dozens of applications and websites?

Or at this point should I just stick with vi?
Share your thoughts and suggestions in the comments.

What's the best way to transfer legacy PHP code to a modern framework?

Samsung and Google are introducing Eclipsa Audio, an open-source 3D audio standard set to debut on select YouTube videos and Samsung's 2025 TVs and soundbars. The new format "could eventually serve as a free alternative to Dolby Atmos, the dominant 3D audio format that hardware makers like Samsung pay to license for TVs and other equipment," reports The Verge. "Samsung says that similar to Atmos, this audio format supports adjusting 'audio data such as the location and intensity of sounds, along with spatial reflections' to create a 3D experience." From the report: The two companies first announced a partnership to develop spatial audio technology in 2023, initially calling it Immersive Audio Model and Formats (IAMF). At the time, Samsung spatial audio head WooHyun Nam said the format would provide "a complete open-source framework for 3D audio, from creation to delivery and playback."

The IAMF spec has also been adopted by the Alliance for Open Media, a group that has been pushing for royalty-free codec support since 2015 and counts companies like Amazon, Apple, Microsoft, and Netflix -- along with Samsung and Google -- among its members. If they also add support for this audio format, it could help it catch on, although it's already taken years for their AV1 video codec to see more use. Samsung and Google are also creating a certification program with the Telecommunications Technology Association "to ensure consistent audio quality" across devices using the format, which also sounds similar to the way companies like Dolby and THX manage the labeling for their specs.

Framework has announced a $39 Dual M.2 Adapter for its Laptop 16, enabling users to add two additional M.2 slots to the laptop's expansion bay. The new component allows for up to 26TB of total storage when combined with the laptop's existing SSD slots, supporting various M.2 form factors with PCIe 4.0 connectivity.

The company also replaced the Laptop 16's liquid metal cooling system with Honeywell PTM7958 thermal paste to address performance concerns. Framework will provide the new thermal solution to existing customers upon request. The adapter marks Framework's first modular expansion component for the Laptop 16 since its launch, complementing the optional Radeon RX 7700S graphics card offering.

An anonymous reader quotes a report from Ars Technica: The fall of the Berlin Wall in November 1989 was a seminal moment in 20th century history, paving the way for German reunification. Many segments, both large and small, were preserved for posterity -- including portions covered in graffiti or murals. A team of Italian scientists used a combination of spectroscopic analysis and machine learning to study paint chips from wall fragments to learn more about the chemistry of the paints and pigments used, according to a new paper published in the Journal of the American Chemical Society. [...] Nondestructive techniques like Raman spectroscopy are often used to identify the molecular signatures of pigments, dyes, and other chemical compounds, but this usually requires bringing samples to the lab. Handheld Raman devices are used for cases where analysis must be done on-site, but they are far less precise than full-size laboratory equipment. So [Francesco Armetta of the University of Palermo and co-authors of the paper] decided to adopt a machine-learning approach to enhance the precision and sensitivity of spectral data collected by those handheld devices.

The team collected 15 pictorial fragments of five different colors from Berlin Wall paintings. They used handheld Raman spectroscopy on the paint chips and compared that spectral data to a commercial library of pigment spectra, confirming those findings with X-ray fluorescence and optical fiber reflectance spectroscopy. Most of the fragments had two top layers that had been painted with a brush rather than spray paint; brushstrokes were clearly visible under a microscope in several cases. The underlying third layer, in contact with the masonry, was white and probably used to prepare the surface for painting. Calcium and titanium were the most abundant elements in all the samples. Chromium and lead were present in a green-colored sample, and the authors think this was mixed with another color to get that particular shade. There were also traces of copper in blue and green samples.

Armetta et al. also created their own mock-up samples by mixing commercial German acrylic paints (commonly used since the 1800s) in different ratios to try to match colors and tints from the fragments -- crucial information for restoration. This is where their machine-learning algorithm (dubbed SAPNet) proved useful. They trained it on the Raman spectral data from the Berlin Wall samples and used it to determine the percentage of pigment. The model concluded that the Berlin Wall paint chips contained titanium white and as much as 75 percent pigment. "The identification of most of the components of the fragments was only possible through the comprehensive evaluation of the results provided by all the techniques [combined]," the authors concluded, further augmented by the development of SAPNet. "While SAPNet was specifically tailored for pigment mixture analysis, its robust framework demonstrates the transformative potential of deep learning methodologies for Raman spectral analysis across diverse scientific and industrial applications."

Does space need environmentalists, asks the headline from a new article in Noema magazine. "As astrophysicist Neil deGrasse Tyson notes, the first trillionaire will be made in space.

"But amid such promising developments are worries among some scientists and environmentalists who fear humans will repeat the errors that resource extraction has wrought on Earth..." If we have mining in space, do we need a preemptive anti-mining campaign to protect our solar system from rampant exploitation before it is too late? Earth-bound environmental advocates and astrobiologists alike have concluded that, indeed, we need an environmental movement in space... [Daniel Capper, an adjunct professor of philosophy at the Metropolitan State University of Denver] is part of a small but growing chorus of intellectuals who argue that we must carve out protections sooner rather than later — backed by a concrete theoretical and legal framework — for certain areas of the solar system. The United Nations has convened a working group on the use of space resources, and the International Astronomical Union has set up a different working group to delineate places of special scientific value on the moon.

Some researchers have proposed creating a planetary park system in space, while others advocate for a circular space economy that minimizes the need for additional resources. The nonprofit For All Moonkind is advocating for the protection of space sites of cultural importance, like the Apollo 11 landing site. And the Astra Carta, backed by Britain's King Charles, advocates for making sustainability a key component of space activities... [Martin Elvis, an astronomer with the Center for Astrophysics at Harvard University and the Smithsonian Institution] proposed setting aside 7/8ths of the solar system as wilderness, in a paper published in 2019 in Acta Astronautica that he coauthored with King's College London philosopher Tony Milligan...

[T]he lack of norms — clear rules and regulations around space — is one of the most pressing threats to the space environment, advocates say. What might happen, for example, if the United States simply began scooping up asteroids for platinum, or if Blue Origin established a mine at the lunar South Pole without securing consensus from others? "We do not have good answers to those questions right now," Hanlon said. "This is something that I'm really concerned about." Much of the legal basis for the space environmentalism movement is currently contained in just one article of the Outer Space Treaty (OST), said Christopher Johnson, the director of legal affairs and space law at the Secure World Foundation. Article 9 of the OST contains the harmful contamination language and says actors must pay "due regard" to the interests of others. It also stipulates that "harmful interference" with the activities of others must be avoided. Those phrases could be interpreted in multiple ways and have yet to be meaningfully tested.
The article cites two concrete proposals moving forward:

• "The Artemis Accords, a set of principles for exploring and using resources in outer space established by the U.S. in 2020, argues that resource extraction does not constitute national appropriation, and is therefore allowed by the OST. It's an initial step toward securing a consensus on space regulations, and one that's to date received the signatures of 47 nations including Japan, the United Kingdom, France and Germany (though China and Russia are notably absent). Signing the Artemis Accords allows nations to participate in the Artemis program, and also play a role in shaping future norms in space, Johnson said, a potentially lucrative incentive... "

• "The UN's COPUOS, the same one responsible for the OST and the Moon Agreement, published a working paper in 2019 that laid out voluntary guidelines for the long-term sustainability of outer space activities. Recommendations from the committee's working group on principles for the use of space resources are due in 2027, and Johnson said draft guidelines are likely to emerge in early 2025."

"One day, our descendants might live among the stars," the article concludes. "But we must ask ourselves, what kind of place will they inherit?"

Bruce Perens, original co-founder of the Open Source Initiative, has responded to questions from Slashdot readers about a new alternative he's developing that hopefully helps "Post Open" developers get paid.

But first, "One of the things that's clear from the Slashdot patter is that people are not aware of what I've been doing, in general," Perens says. "So, let's start by filling that in..."

Read on for the rest of his wide-ranging answers....

Not every tech "advent calendar" involves programming puzzles. Instead the geek tradition of programming-language advent calendars "seems to have started way back in 2000," according to one history, "when London-based programmer Mark Fowler launched a calendar highlighting a different Perl module each day."

So the tradition continues...

• Nearly a quarter of a century later, there's still a Perl Advent Calendar, celebrating tips and tricks like "a few special packages waiting under the tree that can give your web applications a little extra pep in their step."

• And of course there's a separate advent calendar for Raku programmers.

• Since 2009 web performance consultant (and former Yahoo and Facebook engineer) Stoyan Stefanov has been pulling together an annual Web Performance calendar with helpful blog posts.

• There's also a JVM Advent calendar with daily helpful hints for Java programmers.

• Another advent calendar promises daily posts about C#.

• The HTMHell site — which bills itself as "a collection of bad practices in HTML, copied from real websites" — is celebrating the season with the "HTMHell Advent Calendar," promising daily articles on security, accessibility, UX, and performance.

• There's even an advent calendar with tips for the reverse-engineering framework Radar.

• There's still a lovely web-design themed calendar at Designcember.com.

And meanwhile developers at the Svelte frontend framework are actually promising to release something new each day, "whether it's a new feature in Svelte or SvelteKit or an improvement to the website!"

But not every tech advent calendar is about programming...

• Adafruit's managing director is publishing a Retrocomputing Advent Calendar — daily looks at the ghosts of computers past.

• The Atlantic continues its 17-year tradition of a Space Telescope advent calendar, featuring daily images from both NASA's Hubble telescope and James Webb Space Telescope

• The gaming blog Rock Paper Shotgun has been counting down their favorite games of 2024...

"Are Primordial Black Holes real...?" asks Universe Today. "If they do exist, a "new paper suggests they may be hiding in places so unlikely that nobody ever thought to look there..." — in planets, in asteroids, and here on earth. Physicists hypothesize that Primordial Black Holes (PBHs) formed in the early Universe from extremely dense pockets of sub-atomic matter that collapsed directly into black holes. They could form part or all of what we call dark matter. However, they remain hypothetical because none have been observed... The authors claim that evidence for PBHs could be found in objects as large as hollowed out planetoids or asteroids and objects as small as rocks here on Earth. "Small primordial black holes could be captured by rocky planets or asteroids, consume their liquid cores from inside and leave hollow structures," the authors write. "Alternatively, a fast black hole can leave a narrow tunnel in a solid object while passing through it."

"We could look for such micro-tunnels here on Earth in very old rocks," the authors claim, explaining that the search wouldn't involve specialized, expensive equipment... "The chances of finding these signatures are small, but searching for them would not require much resources and the potential payoff, the first evidence of a primordial black hole, would be immense," said Dejan Stojkovic [the paper's co-author from the State University of New York]. "We have to think outside of the box because what has been done to find primordial black holes previously hasn't worked...." Cosmology is kind of at a standstill while we wrestle with the idea of dark matter. Could PBHs be dark matter? Could they behave like the authors suggest, and be detected in this manner?

"The smartest people on the planet have been working on these problems for 80 years and have not solved them yet," Stojkovic said. "We don't need a straightforward extension of the existing models. We probably need a completely new framework altogether."

An anonymous reader shared this report from Reuters: The rapid increase in satellites and space junk will make low Earth orbit unusable unless companies and countries cooperate and share the data needed to manage that most accessible region of space, experts and industry insiders said. A United Nations panel on space traffic coordination in late October determined that urgent action was necessary and called for a comprehensive shared database of orbital objects as well as an international framework to track and manage them. More than 14,000 satellites including some 3,500 inactive surround the globe in low Earth orbit, showed data from U.S.-based Slingshot Aerospace. Alongside those are about 120 million pieces of debris from launches, collisions and wear-and-tear of which only a few thousand are large enough to track... [T]here is no centralised system that all space-faring nations can leverage and even persuading them to use such a system has many obstacles. Whereas some countries are willing to share data, others fear compromising security, particularly as satellites are often dual-use and include defence purposes. Moreover, enterprises are keen to guard commercial secrets.

In the meantime, the mess multiplies. A Chinese rocket stage exploded in August, adding thousands of fragments of debris to low Earth orbit. In June, a defunct Russian satellite exploded, scattering thousands of shards which forced astronauts on the International Space Station to take shelter for an hour... Projections point to tens of thousands more satellites entering orbit in the coming years. The potential financial risk of collisions is likely to be $556 million over five years, based on a modelled scenario with a 3.13% annual collision probability and $111 million in yearly damages, said Montreal-based NorthStar Earth & Space...

[Aarti Holla-Maini, director of the U.N . Office for Outer Space Affairs], said the October panel aimed to bring together public- and private-sector experts to outline steps needed to start work on coordination. It will present its findings at a committee meeting next year. Global cooperation is essential to developing enforceable rules akin to those used by the International Civil Aviation Organization for air traffic, industry experts told Reuters. Such effort would involve the use of existing tools, such as databases, telescopes, radars and other sensors to track objects while improving coverage, early detection and data precision. Yet geopolitical tension and reluctance to share data with nations deemed unfriendly as well as commercial concerns over protecting proprietary information and competitive advantages remain significant barriers. That leaves operators of orbital equipment relying on informal or semi-formal methods of avoiding collisions, such as drawing on data from the U.S. Space Force or groups like the Space Data Association. However, this can involve issues such as accountability and inconsistent data standards.

"The top challenges are speed — as consensus-building takes time — and trust," Holla-Maini said. "Some countries simply can't communicate with others, but the U.N. can facilitate this process. Speed is our biggest enemy, but there's no alternative. It must be done."
Data from Slingshot Aerospace shows a 17% rise in close approaches per satellite over the past year, according to the article. (It adds that SpaceX data "showed Starlink satellites performed nearly 50,000 collision-avoidance manoeuvres in the first half of 2024, about double the previous six months...)

The European Space Agency, which has fewer spacecraft than SpaceX, said in 2021 its manoeuvres have increased to three or four times per craft versus a historical average of one."

"The past 15 years were unique in ways that might be a bad predictor of our future," writes the Washington Post, with a surge in the number of internet users since 2010, and everyone spending more time online.

But today, "lots of smart people believe that artificial intelligence will upend how you find information. Googling is so yesterday." Sam Altman, the top executive overseeing ChatGPT, has said that AI has a good shot at shoving aside Google search. Bill Gates predicted that emerging AI will do tasks like researching your ideal running shoes and automatically placing an order so you'll "never go to a search site again." In defending itself from a judge's decision that it runs an illegal monopoly, Google says the company might be roadkill as AI and other new technologies change how you find information. (On Wednesday, the U.S. government asked the judge to overhaul Google to undo its monopoly.)

But predictions of Google's looming obsolescence have been wrong before, which calls for humility in fortune-telling our collective technology habits. We're devilishly unpredictable.... Maybe it's right to extrapolate from how people are starting to use AI today. Or maybe that's the mistake that Jobs made when he said no one was searching on iPhones. It wasn't wrong in 2010, but it was within a few years. Or what if AI upends how billions of us find information and we still keep on Googling? "The notion that we can predict how these new technologies are going to evolve is silly," said David B. Yoffie, a Harvard Business School professor who has spent decades studying the technology industry.

Amit Mehta, the judge overseeing the Google monopoly case, formed his own view on AI moving us away from searching Google. "AI may someday fundamentally alter search, but not anytime soon," he said.

Microsoft has announced sweeping changes to Windows security architecture, including new recovery capabilities designed to prevent system-wide outages following July's CrowdStrike incident that disabled 8.5 million Windows devices.

The Windows Resiliency Initiative introduces Quick Machine Recovery, allowing IT administrators to remotely fix unbootable systems through an enhanced Windows Recovery Environment. Microsoft is also mandating stricter testing and deployment practices for security vendors under its Microsoft Virus Initiative, including gradual rollouts and monitoring procedures.

The company is also developing a framework to move antivirus processing outside the Windows kernel, with a preview planned for security partners in July 2025.

An anonymous reader quotes a report from TechCrunch: For the past couple of years, the startup has been iterating on a brand-new CRM platform and making everything available on GitHub under a permissive AGPLv3 license. While Twenty doesn't have all the features that you can find in Salesforce [comparison], the company is slowly building a community of CRM and open source enthusiasts around it, with more than 300 contributors in the last year and 20,000 stars on GitHub. [...] Twenty is trying to build a flexible platform that can be tweaked to every company's needs and that can serve as a basis for other tools and use cases. Each entry in a CRM is an object. It can be a standard, pre-defined object like a person or a company. But customers can also create their own custom objects.

If you're a conference organizer, you can create a conference object. If you're a restaurant chain manager, you can create a restaurant object. As you may have guessed, Twenty also lets you create custom fields for each object. This way, it's easier to capture and compare data across multiple entries. This customer data can be viewed in Twenty directly in list or Kanban views. People can sort and filter entries, add tasks and notes, all the usual CRM stuff. But data in Twenty can also be reused with GraphQL and REST APIs. And that's how you can extend Twenty beyond its CRM roots. Eventually, Twenty hopes there will be an active ecosystem of developers working on extensions and plugins to build a proper alternative to the Salesforce product suite. But we're not there yet. "Building a CRM is a daunting task, especially for us because of the way we've chosen to do it. We're building a platform, and we're not taking any shortcut. In fact, we still need to work on workflows, on automation and more," [said Twenty co-founder and CEO Felix Malfait]. "People often don't understand why Salesforce is so big, so powerful," Malfait said. Salesforce's platform utilizes a flexible data model -- a programming language called Apex to execute code on Salesforce's servers and a front-end customization framework.

"So when you have these three bricks you can store data, do logic on the back end, and display the result as you like," Malfait said. "It means that you can do everything. And that's what we want to enable in the long term."

An anonymous reader quotes a report from The Register: Framework CEO Nirav Patel had one of the bravest tech demos that we've seen at a conference yet -- modifying a Framework Laptop from x86 to RISC-V live on stage. In the five-minute duration of one of the Ubuntu Summit's Lightning Talks, he opened up a Framework machine, removed its motherboard, installed a RISC-V-powered replacement, reconnected it, and closed the machine up again. All while presenting the talk live, and pretty much without hesitation, deviation, or repetition. It was an impressive performance, and you can watch it yourself at the 8:56:30 mark in the video recording.

Now DeepComputing is taking orders for the DC-ROMA board, at least to those in its early access program. The new main board is powered by a StarFive JH7110 System-on-Chip. (Note: there are two tabs on the page, for both the JH7110 and JH7100, and we can't link directly to the latter.) CNX Software has more details about the SoC. Although the SoC has six CPU cores, two are dedicated processors, making it a quad-core 64-bit device. The four general-purpose cores are 64-bit and run at up to 1.5 GHz. It supports 8 GB of RAM and eMMC storage. [...]

In our opinion, RISC-V is not yet competitive with Arm in performance. However, this is a real, usable, general-purpose computer, based on an open instruction set. That's no mean feat, and it's got more than enough performance for less demanding work. It's also the first third-party main board for the Framework hardware, which is another welcome achievement. The company has now delivered several new generations of hardware, including a 16-inch model, and continues to upgrade its machines' specs.

An anonymous reader shares a report: Future UN climate summits should be held only in countries that can show clear support for climate action and have stricter rules on fossil fuel lobbying, according to a group of influential climate policy experts. The group includes former UN secretary-general Ban Ki-moon, the former president of Ireland Mary Robinson, the former UN climate chief Christiana Figueres and the prominent climate scientist Johan Rockstrom.

They have written to the UN demanding the current complex process of annual "conferences of the parties" under the UN framework convention on climate change -- the Paris agreement's parent treaty -- be streamlined, and meetings held more frequently, with more of a voice given to developing countries. "It is now clear that the Cop is no longer fit for purpose. We need a shift from negotiation to implementation," they wrote.

Francois Chollet, an AI pioneer and creator of the Keras framework, announced that he's leaving Google to co-found a new company. Neowin reports: In his parting message, Chollet assured that he would still be active with Keras and participate in its development on GitHub. His successor, Jeff Carpenter, will now lead Keras at Google, and Chollet expressed his full confidence in the team's future direction.

Keras has come a long way since Chollet released it in 2015, initially as a high-level neural network API meant for simplicity and accessibility. Keras quickly gained traction in the AI community for its user-friendly Python interface and compatibility with frameworks like TensorFlow, simplifying machine learning model building for developers across various levels. Google published a blog post praising Chollet and reaffirming their commitment to Keras.

Last year, Google lost the "Godfather of AI," Geoffrey Hinton, who left the company after nearly a decade. He said he quit his job at Google so he can freely speak out about the risks of AI.

The Biden administration plans to support a controversial cybercrime treaty at the United Nations this week despite concerns that it could be misused by authoritarian regimes, Bloomberg News reported Monday, citing senior government officials. From the report: The agreement would be the first legally binding UN agreement on cybersecurity and could become a global legal framework for countries to cooperate on preventing and investigating cybercriminals. However, critics fear it could be used by authoritarian states to try to pursue dissidents overseas or collect data from political opponents. Still, the officials said there are persuasive reasons to support the treaty. For instance, it would advance the criminalization of child sexual-abuse material and nonconsensual spreading of intimate images, they said.

In addition, the wider involvement of member states would make cybercrime and electronic evidence more available to the US, one official said. If all the members sign the agreement, it would update extradition treaties and provide more opportunities to apprehend cybercriminals and have them extradited, the official added. Hundreds of submissions from advocacy groups and other parties criticized US involvement in the agreement. The US plans to strictly enforce human rights and other safeguards in the treaty, the officials said, adding that the Department of Justice would closely scrutinize requests and refuse to provide any assistance that was inconsistent with the agreement.

Google will require all new mobile chipsets launching with Android 15 to support its Android Virtualization Framework (AVF), a significant shift in the operating system's security architecture. The mandate, reports AndroidAuthority that got a hold of Android's latest Vendor Software Requirements document, affects major chipmakers including Qualcomm, MediaTek, and Samsung's Exynos division. New processors like the Snapdragon 8 Elite and Dimensity 9400 must implement AVF support to receive Android certification.

AVF, introduced with Android 13, creates isolated environments for security-sensitive operations including code compilation and DRM applications. The framework also enables full operating system virtualization, with Google demonstrating Chrome OS running in a virtual machine on Android devices.

Nathan Sobo "joined GitHub in late 2011 to build the Atom text editor," according to an online biography, "and he led the Atom team until 2018." Max Brunsfeld joined the Atom team in 2013, and "While driving Atom towards its 1.0 launch during the day, Max spent nights and weekends building Tree-sitter, a blazing-fast and expressive incremental parsing framework that currently powers all code analysis at GitHub."

Last year they teamed up with Antonio Scandurra (another Atom alumnus) to launch a new startup called Zed (which in 2023 raised $10 million, according to TechCrunch). And today the open source blog It's FOSS checks in on their open-source code editor — "Zed Editor". Mainly written in Rust, it supports running in CLI, diagnosing project-wide errors, split panes, and markdown previews: By default, any added content is treated as plain text. I used the language switcher to change it to Rust so that I would get proper syntax highlighting, indentation, error detection, and other useful language-specific functions. The switch highlighted all the Rust elements correctly, and I then focused on Zed Editor's user interface. The overall feel of the editor was minimal, with all the important options being laid out nicely.

[Its status bar] had some interesting panels. The first one I checked was the Terminal Panel, which, as the name suggests, lets you run commands, scripts, and facilitates interaction with system files or processes directly from within the editor. I then moved to the Assistant Panel, which is home to various large language models that can be integrated into Zed Editor. There are options like Anthropic, GitHub Copilot Chat, Ollama, OpenAI, and Google AI... The Zed Editor team has also recently introduced Zed AI in collaboration with Anthropic for assisting with coding, allowing for code generation, advanced context-powered interactions, and more...

The real-time collaboration features on Zed Editor are quite appealing too. To check them out, I had to log in with my GitHub account. After logging in, the Collab Panel opened up, and I could see many channels from the official Zed community. I could chat with others, add collaborators to existing projects, join a call with the option to share my screen and track other collaborators' cursors, add new contacts, and carry out many other collaborative tasks.

One can also use extensions and themes to extend what Zed Editor can do. There are some nice pre-installed themes as well.