Following backlash over Discord's global rollout of strict age-verification checks, users are flocking to rival platform TeamSpeak and overwhelming its servers. According to PC Gamer, the Discord alternative said its hosting capacity has been maxed out in a number of regions including the U.S. From the report: [A]s I saw for myself while testing out free Discord alternatives, it's hard to deny the appeal of TeamSpeak. It's quick and easy to make an account, join or start a group chat, or join a massive, game-based community voice server, and at no point does TeamSpeak cheekily ask if it can scan your wizened visage.

During my testing, I was able to dive into 18+ group chats without tripping over an age gate. However, there's no guarantee TeamSpeak won't have to deploy its own age verification mechanism in the future. In the UK at least, the Online Safety Act makes those sorts of checks a legal obligation, with Prime Minister Keir Starmer recently stating "No social media platform should get a free pass when it comes to protecting our kids."

Besides all of that, if you'd rather not chat to randoms who also happen to have an unhealthy obsession with Arc Raiders, you'll likely need to pay an admittedly small subscription fee to rent your own ten-person community voice server. By that point, you're handing over card details and essentially fulfilling an age assurance check anyway. If you'd rather limit how much info your chat platform of choice has about you, there are arguably better options out there.

Alphabet-owned Wing "is expanding its drone delivery service to an additional 150 Walmart stores across the U.S.," reports Axios: [T]he future is already here if you live in Dallas — where some Walmart customers order delivery by Wing three times a week. By the end of 2026, some 40 million Americans, or about 12 percent of the U.S. population, will be able to take advantage of the convenience, the companies claim... Once the items are picked and packed in a small cardboard basket, they are loaded onto a drone inside a fenced area in the Walmart parking lot. Drones fly autonomously to the designated address, with human pilots monitoring each flight from a central operations hub....

For now, Wing deliveries are free. "The goal is to expose folks to the wonders of drone delivery," explains Wing's chief business officer, Heather Rivera... Over time, she said Wing expects delivery fees to be comparable to other delivery options, but faster and more convenient. Service began recently in Atlanta and Charlotte, and it's coming soon to Los Angeles, Houston, Cincinnati, St. Louis, Miami and other major U.S. cities to be announced later, according to the article. "By 2027, Walmart and Wing say they'll have a network of more than 270 drone delivery locations nationwide."

Walmart also announced a new deal today with Google's Gemini, allowing customers to purchase Walmart products from within Gemini. (Walmart announced a similar deal for ChatGPT in October.)

Slashdot reader BrianFagioli calls this "a defensive angle that Walmart does not quite say out loud." As AI models answer more questions directly, retailers risk losing customers before they ever hit a website. If Gemini recommends a product from someone else first, Walmart loses the sale before it starts. By planting itself inside the AI, Walmart keeps a seat at the table while the internet shifts under everyone's feet.

Google clearly benefits too. Gemini gets a more functional purpose than just telling you how to boil pasta or summarize recipes. Now it can carry someone from the moment they wonder what they need to the moment the order is placed. That makes the assistant stickier and a bit more practical than generic chat. Walmart's incoming CEO John Furner says the company wants to shape this new pattern instead of being dragged into it later. Sundar Pichai calls Walmart an early partner in what he sees as a broader wave of agent style commerce, where AI starts doing the errands people used to handle themselves.
The article concludes "This partnership serves as a snapshot of where retail seems to be heading..."

From 10 a.m. to 7 p.m. today (EDT), the Free Software Foundation celebrates its 40th anniversary with an online and in-person event. "We will broadcast the talks and workshops via a fully free software livestream on fsf.org/live," according to the FSF's official "FSF40 Celebration" page. "Everyone will be able to join the discussion via the #fsf40 IRC channel on Libera.Chat."

"4 decades, 4 freedoms, 4 all users" is the event's slogan.

And during the ceremony, a 40th-anniversary cake was sliced by newly-elected FSF president Ian Kelling (who was unanimously confirmed by FSF board members): Kelling, age 43, has held the role of a board member and a voting member since March 2021. The board said of Kelling's confirmation: "His hands-on technical experience resulting from his position as the organization's senior systems administrator proved invaluable for his work on the board of directors... He has the technical knowledge to speak with authority on most free software issues, and he has a strong connection with the community as an active speaker and blogger."

Kelling earned a bachelor's degree in computer science and is a continuous user, developer, and advocate for free software. His personal commitment to complete software freedom has been shaped by his past experiences working as a software developer for proprietary software companies while using, learning, and contributing to GNU/Linux on his own time.

"Ian has shown good judgment on the board, and a firm commitment to the free software movement," FSF founder and Chief GNUisance Richard Stallman said. Outgoing FSF President and long-time board member Geoff Knauth added: "Since joining the board in 2021, Ian has shown a clear understanding of the free software philosophy in today's technology, and a strong vision. He recognizes threats in upcoming technologies, promotes transparency, has played a significant role in designing and implementing the new board recruitment processes, and has always adhered to ethical principles. He has also given me valuable advice at critical moments, for which I am very grateful..."

Kelling will continue to fill the role of senior systems administrator for the FSF, which he has held since 2017, where he leads the FSF's tech team under the direction of Zoë Kooyman, executive director of the FSF. True to the FSF's tradition for this role, he takes on the governance role as a volunteer.
Upcoming on the livestream:

• Free Software Foundation trivia
• LibreLocal group lightning talks
• A panel with the FSF, Electronic Frontier Foundation (EFF) , F-Droid, and Sugar Labs

OpenAI unveiled Instant Checkout, a new ChatGPT feature that lets users buy stuff directly through its chatbot. Currently, the feature supports single-item purchases directly from Etsy sellers, but support for more than one million Shopify merchants is coming soon. It's also only available to U.S. ChatGPT Plus, Pro and Free users at this time. CNBC reports: OpenAI will take a fee from transactions that are completed through ChatGPT, which means Instant Checkout could become an important new revenue stream for the startup. OpenAI is not yet profitable, and is burning through cash as it works to scale up its computing infrastructure. The company declined to share specific details about how large the fees are since they are determined through confidential contracts with Etsy and Shopify. Instant Checkout is free to users and will not affect their prices, OpenAI said.

"Our vision for ChatGPT -- and a lot of the technology we create, but especially ChatGPT -- is that it's not just providing you information, it is also helping you get things done in the real world," Michelle Fradin, OpenAI's product lead for ChatGPT commerce, told CNBC in an interview. The company plans to introduce multi-item carts and expand the regional availability of Instant Checkout moving forward. [...]

Instant Checkout is powered by OpenAI's Agentic Commerce Protocol, which is the underlying technology that allows users to complete a transaction directly with a merchant through ChatGPT. OpenAI built the framework in partnership with the fintech company Stripe, which powers ChatGPT subscriptions. OpenAI initially decided to use Agentic Commerce Protocol for e-commerce, but Fradin said the company thinks it could be used to facilitate other types of purchases or payments as well. OpenAI is open-sourcing the framework to help merchants build integrations more quickly, and so that developers can explore different use cases, she said.

Microsoft is adding the free Microsoft 365 Copilot Chat and agents to Office apps for all Microsoft 365 business users today. From a report: Word, Excel, PowerPoint, Outlook, and OneNote are all being updated with a Copilot Chat sidebar that will help draft documents, analyze spreadsheets, and more without needing an additional Microsoft 365 Copilot license.

"Copilot Chat is secure AI chat grounded in the web -- and now, it's available in the Microsoft 365 apps," explains Seth Patton, general Manager of Microsoft 365 Copilot product marketing. "It's content aware, meaning it quickly understands what you're working on, tailoring answers to the file you have open. And it's included at no additional cost for Microsoft 365 users."

While this free version of Copilot will rewrite documents, provide summaries, and help create slides in PowerPoint, the $30 per month, per user Microsoft 365 Copilot license will still have the best integration in Office apps. The Microsoft 365 Copilot license is also not limited to a single document, and can reason over entire work data.

Brian Krebs writes via KrebsOnSecurity: Fraudsters are flooding Discord and other social media platforms with ads for hundreds of polished online gaming and wagering websites that lure people with free credits and eventually abscond with any cryptocurrency funds deposited by players. Here's a closer look at the social engineering tactics and remarkable traits of this sprawling network of more than 1,200 scam sites. The scam begins with deceptive ads posted on social media that claim the wagering sites are working in partnership with popular social media personalities, such as Mr. Beast, who recently launched a gaming business called Beast Games. The ads invariably state that by using a supplied "promo code," interested players can claim a $2,500 credit on the advertised gaming website.

The gaming sites all require users to create a free account to claim their $2,500 credit, which they can use to play any number of extremely polished video games that ask users to bet on each action. At the scam website gamblerbeast[.]com, for example, visitors can pick from dozens of games like B-Ball Blitz, in which you play a basketball pro who is taking shots from the free throw line against a single opponent, and you bet on your ability to sink each shot. The financial part of this scam begins when users try to cash out any "winnings." At that point, the gaming site will reject the request and prompt the user to make a "verification deposit" of cryptocurrency -- typically around $100 -- before any money can be distributed. Those who deposit cryptocurrency funds are soon asked for additional payments. However, any "winnings" displayed by these gaming sites are a complete fantasy, and players who deposit cryptocurrency funds will never see that money again. Compounding the problem, victims likely will soon be peppered with come-ons from "recovery experts" who peddle dubious claims on social media networks about being able to retrieve funds lost to such scams. [...]

[T]hreat hunting platform Silent Push reveals at least 1,270 recently-registered and active domains whose names all invoke some type of gaming or wagering theme. Here is a list of all domains that Silent Push found were using the scambling network's chat API.

Microsoft today launched Copilot Mode, an experimental feature that transforms Edge into an AI-powered browser experience. Available free for a limited time on Windows and Mac in markets where Copilot operates, the mode places AI at the center of web browsing through a single input interface combining chat, search, and navigation.

The feature enables Copilot to view content across all open browser tabs, handle voice commands, and assist with tasks like comparing websites. Future capabilities will include booking reservations and managing errands through natural language commands. Microsoft has not specified when the free trial ends, though the feature will likely require a Copilot Pro subscription afterward.

In 1995's online world, AOL existed mostly beside the internet as a "walled, manicured garden," remembers Fast Company.

Then along came AOHell "the first of what would become thousands of programs designed by young hackers to turn the system upside down" — built by a high school dropout calling himself "Da Chronic" who says he used "a computer that I couldn't even afford" using "a pirated copy of Microsoft Visual Basic." [D]istributed throughout the teen chatrooms, the program combined a pile of tricks and pranks into a slick little control panel that sat above AOL's windows and gave even newbies an arsenal of teenage superpowers. There was a punter to kick people out of chatrooms, scrollers to flood chats with ASCII art, a chat impersonator, an email and instant message bomber, a mass mailer for sharing warez (and later mp3s), and even an "Artificial Intelligence Bot" [which performed automated if-then responses]. Crucially, AOHell could also help users gain "free" access to AOL. The program came with a program for generating fake credit card numbers (which could fool AOL's sign up process), and, by January 1995, a feature for stealing other users' passwords or credit cards. With messages masquerading as alerts from AOL customer service reps, the tool could convince unsuspecting users to hand over their secrets...

Of course, Da Chronic — actually a 17-year-old high school dropout from North Carolina named Koceilah Rekouche — had other reasons, too. Rekouche wanted to hack AOL because he loved being online with his friends, who were a refuge from a difficult life at home, and he couldn't afford the hourly fee. Plus, it was a thrill to cause havoc and break AOL's weak systems and use them exactly how they weren't meant to be, and he didn't want to keep that to himself. Other hackers "hated the fact that I was distributing this thing, putting it into the team chat room, and bringing in all these noobs and lamers and destroying the community," Rekouche told me recently by phone...

Rekouche also couldn't have imagined what else his program would mean: a free, freewheeling creative outlet for thousands of lonely, disaffected kids like him, and an inspiration for a generation of programmers and technologists. By the time he left AOL in late 1995, his program had spawned a whole cottage industry of teenage script kiddies and hackers, and fueled a subculture where legions of young programmers and artists got their start breaking and making things, using pirated software that otherwise would have been out of reach... In 2014, [AOL CEO Steve] Case himself acknowledged on Reddit that "the hacking of AOL was a real challenge for us," but that "some of the hackers have gone on to do more productive things."

When he first met Mark Zuckerberg, he said, the Facebook founder confessed to Case that "he learned how to program by hacking [AOL]."
"I can't imagine somebody doing that on Facebook today," Da Chronic says in a new interview with Fast Company. "They'll kick you off if you create a Google extension that helps you in the slightest bit on Facebook, or an extension that keeps your privacy or does a little cool thing here and there. That's totally not allowed."

AOHell's creators had called their password-stealing techniques "phishing" — and the name stuck. (AOL was working with federal law enforcement to find him, according to a leaked internal email, but "I didn't even see that until years later.") Enrolled in college, he decided to write a technical academic paper about his program. "I do believe it caught the attention of Homeland Security, but I think they realized pretty quickly that I was not a threat."

He's got an interesting perspective today, noting with today's AI tool's it's theoretically possible to "craft dynamic phishing emails... when I see these AI coding tools I think, this might be like today's Visual Basic. They take out a lot of the grunt work."

What's the moral of the story? "I didn't have any qualifications or anything like that," Da Chronic says. "So you don't know who your adversary is going to be, who's going to understand psychology in some nuanced way, who's going to understand how to put some technological pieces together, using AI, and build some really wild shit."

Chinese AI startup Moonshot AI has released Kimi K2, a trillion-parameter open-source language model that outperforms GPT-4 in key benchmarks with particularly strong performance on coding and autonomous agent tasks. VentureBeat reports: The new model, called Kimi K2, features 1 trillion total parameters with 32 billion activated parameters in a mixture-of-experts architecture. The company is releasing two versions: a foundation model for researchers and developers, and an instruction-tuned variant optimized for chat and autonomous agent applications. "Kimi K2 does not just answer; it acts," the company stated in its announcement blog. "With Kimi K2, advanced agentic intelligence is more open and accessible than ever. We can't wait to see what you build."

The model's standout feature is its optimization for "agentic" capabilities -- the ability to autonomously use tools, write and execute code, and complete complex multi-step tasks without human intervention. In benchmark tests, Kimi K2 achieved 65.8% accuracy on SWE-bench Verified, a challenging software engineering benchmark, outperforming most open-source alternatives and matching some proprietary models. [...] On LiveCodeBench, arguably the most realistic coding benchmark available, Kimi K2 achieved 53.7% accuracy, decisively beating DeepSeek-V3's 46.9% and GPT-4.1's 44.7%. More striking still: it scored 97.4% on MATH-500 compared to GPT-4.1's 92.4%, suggesting Moonshot has cracked something fundamental about mathematical reasoning that has eluded larger, better-funded competitors.

But here's what the benchmarks don't capture: Moonshot is achieving these results with a model that costs a fraction of what incumbents spend on training and inference. While OpenAI burns through hundreds of millions on compute for incremental improvements, Moonshot appears to have found a more efficient path to the same destination. It's a classic innovator's dilemma playing out in real time -- the scrappy outsider isn't just matching the incumbent's performance, they're doing it better, faster, and cheaper.

An anonymous reader quotes a report from Ars Technica: OpenAI is now fighting a court order (PDF) to preserve all ChatGPT user logs—including deleted chats and sensitive chats logged through its API business offering -- after news organizations suing over copyright claims accused the AI company of destroying evidence. "Before OpenAI had an opportunity to respond to those unfounded accusations, the court ordered OpenAI to 'preserve and segregate all output log data that would otherwise be deleted on a going forward basis until further order of the Court (in essence, the output log data that OpenAI has been destroying)," OpenAI explained in a court filing (PDF) demanding oral arguments in a bid to block the controversial order.

In the filing, OpenAI alleged that the court rushed the order based only on a hunch raised by The New York Times and other news plaintiffs. And now, without "any just cause," OpenAI argued, the order "continues to prevent OpenAI from respecting its users' privacy decisions." That risk extended to users of ChatGPT Free, Plus, and Pro, as well as users of OpenAI's application programming interface (API), OpenAI said. The court order came after news organizations expressed concern that people using ChatGPT to skirt paywalls "might be more likely to 'delete all [their] searches' to cover their tracks," OpenAI explained. Evidence to support that claim, news plaintiffs argued, was missing from the record because so far, OpenAI had only shared samples of chat logs that users had agreed that the company could retain. Sharing the news plaintiffs' concerns, the judge, Ona Wang, ultimately agreed that OpenAI likely would never stop deleting that alleged evidence absent a court order, granting news plaintiffs' request to preserve all chats.

OpenAI argued the May 13 order was premature and should be vacated, until, "at a minimum," news organizations can establish a substantial need for OpenAI to preserve all chat logs. They warned that the privacy of hundreds of millions of ChatGPT users globally is at risk every day that the "sweeping, unprecedented" order continues to be enforced. "As a result, OpenAI is forced to jettison its commitment to allow users to control when and how their ChatGPT conversation data is used, and whether it is retained," OpenAI argued. Meanwhile, there is no evidence beyond speculation yet supporting claims that "OpenAI had intentionally deleted data," OpenAI alleged. And supposedly there is not "a single piece of evidence supporting" claims that copyright-infringing ChatGPT users are more likely to delete their chats. "OpenAI did not 'destroy' any data, and certainly did not delete any data in response to litigation events," OpenAI argued. "The Order appears to have incorrectly assumed the contrary." One tech worker on LinkedIn suggested the order created "a serious breach of contract for every company that uses OpenAI," while privacy advocates on X warned, "every single AI service 'powered by' OpenAI should be concerned."

Also on LinkedIn, a consultant rushed to warn clients to be "extra careful" sharing sensitive data "with ChatGPT or through OpenAI's API for now," warning, "your outputs could eventually be read by others, even if you opted out of training data sharing or used 'temporary chat'!"

Microsoft officially shuttered Skype on May 5, ending the pioneering video chat service's 22-year run. The closure, announced in February, completes Skype's absorption into Microsoft Teams, the company's Slack competitor. Users opening Skype apps will now be redirected to Teams. The only surviving component is the Skype Dial Pad, which remains available within Microsoft Teams Free for subscribers to make calls to traditional phone numbers.

The once-dominant video calling platform was purchased by Microsoft for $8.5 billion in 2011, replacing the company's Windows Live Messenger. Created in 2003 by developers behind Kazaa file-sharing software, Skype became synonymous with video calling during broadband internet's expansion. Skype's decline accelerated after Microsoft's acquisition, with unpopular redesigns and competition from Zoom, which captured market share during the COVID-19 pandemic. Microsoft began phasing out Skype in 2017, starting with Skype for Business, while bundling Teams with Office applications until regulatory intervention forced their separation.

Skype is shutting down after two decades on May 5th, notes the Washington Post.

But the bigger problem for retired attorney Karen Griffin is that Microsoft won't refund the money they paid into a Skype account for cheap international phone calls: "They're no longer offering this service that I prepaid for, and now they're not giving me my money back," Griffin said. "There's a lot of people out there who are going to lose money...."

To its credit, Microsoft gave Skype users a couple months' warning about the shutdown coming May 5. People can transfer Skype contacts and chat history to the company's Microsoft Teams chat-and-calling app or to other companies' services. (While Microsoft sells Teams to organizations, there's a free version for personal use.) But Microsoft didn't explain well what will happen to money that people like Griffin have parked in Skype accounts, in some cases for years.... Unless you bought Skype credits very recently, Microsoft said it won't refund money in Skype accounts. The company says it will add an option for Skype account holders to keep using their funds for phone calls online or in Teams.

Griffin doesn't love what Microsoft is doing. She prefers a cash refund or a credit applied to her Microsoft Office subscription, for which she pays about $110 a year. Amit Fulay, vice president of product for Skype and Teams, said it's not possible to shift funds from a Skype account to Office subscriptions. And he nixed refunds because Microsoft will still offer basic call services for former Skype customers. "Refunds make more sense if you took away something," Fulay said. "We're not." Microsoft declined to say how much money Skype users collectively have sitting in accounts that they might never use.

Stacey Higginbotham, a policy specialist with Consumer Reports' technology advocacy team, said Griffin is making a reasonable request for a rich company like Microsoft that's shutting down an internet service. "The best way: Give people their money back. The second-best way, give people a credit to all of your services," Higginbotham said.

ChatGPT has reached over 400 million weekly active users, doubling its count since August 2024. "We feel very fortunate to serve 5 percent of the world every week," OpenAI COO Brad Lightcap said on X. Engadget reports: The latest milestone for the AI assistant comes after a huge uproar over new rival platform DeepSeek earlier in the year, which raised questions about whether the current crop of leading AI tools was about to be dethroned. OpenAI is on the verge of a move to simplify its ChatGPT offerings so that users won't have to select which reasoning model will respond to an input, and it will make its GPT-4.5 and GPT-5 models available soon in the chat and API clients. With GPT-5 being made available to OpenAI's free users, ChatGPT seems primed to continue expanding its audience base in the coming months.

An anonymous reader shares a report: Microsoft has offered to widen the price differential between its Office product sold with its chat and video app Teams and its software sold without the app in a bid to avert a possible EU antitrust fine, according to three sources. The move by the U.S. tech giant comes five years after Salesforce-owned Slack complained to the European Commission about Microsoft's tying of Teams with Office. In 2023, German rival alfaview filed a similar grievance to the EU watchdog. Teams, which was added to Office 365 in 2017 for free and eventually replaced Skype for Business, became popular during the pandemic due in part to its video conferencing.

An anonymous reader shared this report from Reuters: New York-based cybersecurity firm Wiz says it has found a trove of sensitive data from the Chinese artificial intelligence startup DeepSeek inadvertently exposed to the open internet. In a blog post published Wednesday, Wiz said that scans of DeepSeek's infrastructure showed that the company had accidentally left more than a million lines of data available unsecured.

Those included digital software keys and chat logs that appeared to capture prompts being sent from users to the company's free AI assistant.
Wiz's chief technology officer tells Reuters that DeepSeek "took it down in less than an hour" after Wiz alerted them.

"But this was so simple to find we believe we're not the only ones who found it."

Microsoft is relaunching its free Copilot for businesses as Microsoft 365 Copilot Chat today, complete with the ability to use AI agents. From a report: Copilot Chat is Microsoft's latest attempt to get people used to using AI at work and relying on it enough to tempt them into paying $30 per month to get the full Microsoft 365 Copilot.

Microsoft 365 Copilot Chat is essentially a rebranding of what was once Bing Chat Enterprise before Microsoft rebranded it to just Copilot. It crucially now includes access to Copilot AI agents right within the chat interface -- which was previously only available in the full Microsoft 365 Copilot experience -- requiring a $30 per user per month subscription. These agents are designed to work like virtual colleagues and can do things like monitor email inboxes or automate a series of tasks.

You'll be able to create and use agents using Copilot Studio, use agents that rely on web data, and even use agents grounded on work data through the Microsoft graph. The usage of agents with Copilot Chat will be priced through the Copilot Studio meter in Azure or through a pay-as-you-go option.

An anonymous reader shared this report from TechCrunch: Microsoft-owned GitHub announced on Wednesday a free version of its popular Copilot code completion/AI pair programming tool, which will also now ship by default with Microsoft's popular VS Code editor. Until now, most developers had to pay a monthly fee, starting at $10 per month, with only verified students, teachers, and open source maintainers getting free access...

There are some limitations to the free version, which is geared toward occasional users, not major work on a big project. Developers on the free plan will get access to 2,000 code completions per month, for example, and as a GitHub spokesperson told me, each Copilot code suggestion will count against this limit — not just accepted suggestions. And while GitHub recently added the ability to switch between different foundation models, users on the free plan are limited to Anthropic's Claude 3.5 Sonnet and OpenAI's GPT-4o. (The paid plans also include Google's Gemini 1.5 Pro and OpenAI's o1-preview and -mini.) For Copilot Chat, the number of chat messages is limited to 50, but otherwise, there aren't any major limitations to the free service. Developers still get access to all Copilot Extensions and skills.

The free Copilot SKU will work in a number of editors, including VS Code, Visual Studio, and JetBrains, as well as on GitHub.com.
GitHub's announcement ends with the words "Happy coding!" and calls the service "GitHub Copilot Free." But TechCrunch points out there's already competition from services like Amazon Q Developer, as well as from companies like Tabnine and Qodo (previously known as Codium) — and they typically offer a free tier. But in addition, "With Copilot Free, we are returning to our freemium roots," GitHub CEO Thomas Dohmke told TechCrunch, as well as "laying the groundwork for something far greater: AI represents our best path to enabling a GitHub with one billion developers.

"There should be no barrier to entry for experiencing the joy of creating software. Now six years after being acquired by Microsoft, it indeed appears GitHub is still GitHub — and we are doing our thing."

Or, as GitHub CEO Satya Nadella said in a video posted on LinkedIn, "The joy of coding is back! And we are looking forward to bringing the same experience to so many more people around the world."

Waymo is advancing autonomous driving with a new training model for its robotaxis built on Google's multimodal large language model (MLLM) Gemini. The Verge reports: Waymo released a new research paper today that introduces an "End-to-End Multimodal Model for Autonomous Driving," also known as EMMA. This new end-to-end training model processes sensor data to generate "future trajectories for autonomous vehicles," helping Waymo's driverless vehicles make decisions about where to go and how to avoid obstacles. But more importantly, this is one of the first indications that the leader in autonomous driving has designs to use MLLMs in its operations. And it's a sign that these LLMs could break free of their current use as chatbots, email organizers, and image generators and find application in an entirely new environment on the road. In its research paper, Waymo is proposing "to develop an autonomous driving system in which the MLLM is a first class citizen."

The paper outlines how, historically, autonomous driving systems have developed specific "modules" for the various functions, including perception, mapping, prediction, and planning. This approach has proven useful for many years but has problems scaling "due to the accumulated errors among modules and limited inter-module communication." Moreover, these modules could struggle to respond to "novel environments" because, by nature, they are "pre-defined," which can make it hard to adapt. Waymo says that MLLMs like Gemini present an interesting solution to some of these challenges for two reasons: the chat is a "generalist" trained on vast sets of scraped data from the internet "that provide rich 'world knowledge' beyond what is contained in common driving logs"; and they demonstrate "superior" reasoning capabilities through techniques like "chain-of-thought reasoning," which mimics human reasoning by breaking down complex tasks into a series of logical steps.

Waymo developed EMMA as a tool to help its robotaxis navigate complex environments. The company identified several situations in which the model helped its driverless cars find the right route, including encountering various animals or construction in the road. [...] But EMMA also has its limitations, and Waymo acknowledges that there will need to be future research before the model is put into practice. For example, EMMA couldn't incorporate 3D sensor inputs from lidar or radar, which Waymo said was "computationally expensive." And it could only process a small amount of image frames at a time. There are also risks to using MLLMs to train robotaxis that go unmentioned in the research paper. Chatbots like Gemini often hallucinate or fail at simple tasks like reading clocks or counting objects.

A post shared Saturday on social media acknowledges those admins and developers at the Internet Archive working "literally round the clock... They have taken no days off this past week. They are taking none this weekend... they are working with all of their energy and considerable talent."

It describes people "working so incredibly hard... putting their all in," with a top priority of "getting the site back secure and safe".

But there's new and continuing problems, reports The Verge's weekend editor: Early this morning, I received an email from "The Internet Archive Team," replying to a message I'd sent on October 9th. Except its author doesn't seem to have been the digital archivists' support team — it was apparently written by the hackers who breached the site earlier this month and who evidently maintain some level of access to its systems.

I'm not alone. Users on the Internet Archive subreddit are reporting getting the replies, as well. Here is the message I received:

It's dispiriting to see that even after being made aware of the breach 2 weeks ago, IA has still not done the due diligence of rotating many of the API keys that were exposed in their gitlab secrets.

As demonstrated by this message, this includes a Zendesk token with perms to access 800K+ support tickets sent to info@archive.org since 2018.

Whether you were trying to ask a general question, or requesting the removal of your site from the Wayback Machine — your data is now in the hands of some random guy. If not me, it'd be someone else.
The site BleepingComputer believes they know the larger context, starting with the fact that they've also "received numerous messages from people who received replies to their old Internet Archive removal requests... The email headers in these emails also pass all DKIM, DMARC, and SPF authentication checks, proving they were sent by an authorized Zendesk server."

BleepingComputer also writes that they'd "repeatedly tried to warn the Internet Archive that their source code was stolen through a GitLab authentication token that was exposed online for almost two years."

And that "the threat actor behind the actual data breach, who contacted BleepingComputer through an intermediary to claim credit for the attack," has been frustrated by misreporting. (Specifically, they insist there were two separate attacks last week — a DDoS attack and a separate data breach for a 6.4-gigabyte database which includes email addresses for the site's 33 million users.) The threat actor told BleepingComputer that the initial breach of Internet Archive started with them finding an exposed GitLab configuration file on one of the organization's development servers, services-hls.dev.archive.org. BleepingComputer was able to confirm that this token has been exposed since at least December 2022, with it rotating multiple times since then. The threat actor says this GitLab configuration file contained an authentication token allowing them to download the Internet Archive source code. The hacker say that this source code contained additional credentials and authentication tokens, including the credentials to Internet Archive's database management system. This allowed the threat actor to download the organization's user database, further source code, and modify the site.

The threat actor claimed to have stolen 7TB of data from the Internet Archive but would not share any samples as proof. However, now we know that the stolen data also included the API access tokens for Internet Archive's Zendesk support system. BleepingComputer attempted contact the Internet Archive numerous times, as recently as on Friday, offering to share what we knew about how the breach occurred and why it was done, but we never received a response.
"The Internet Archive was not breached for political or monetary reasons," they conclude, "but simply because the threat actor could...

"While no one has publicly claimed this breach, BleepingComputer was told it was done while the threat actor was in a group chat with others, with many receiving some of the stolen data. This database is now likely being traded amongst other people in the data breach community, and we will likely see it leaked for free in the future on hacking forums like Breached."

The U.S. Federal Trade Commission adopted a final rule on Wednesday requiring businesses to make it as easy to cancel subscriptions and memberships as it is to sign up, in the agency's last major rulemaking before the Nov. 5 election. From a report: The "click to cancel" rule requires retailers, gyms and other businesses to get consumers' consent for subscriptions, auto-renewals and free trials that convert to paid memberships. The cancellation method must be "at least as easy to use" as the sign up process. FTC Chair Lina Khan said in an interview that the rule is an overdue response to a rising number of consumer complaints about situations in which it is "extraordinarily easy to sign up for a subscription, but absurdly difficult to cancel."

"Companies shouldn't be able to trick you into paying for subscriptions that you don't want," Khan said. The rule prohibits requiring consumers who signed up through an app or a website to go through a chat bot or agent to cancel. For in-person signups, companies must provide means to cancel by phone or online. "The pandemic brought to the surface just how businesses are making people jump through endless hoops," Khan said. Requiring in-person cancellations while the businesses themselves were closed "really highlighted the absurdity of these practices," she said.