Apple has extended its self-service repair diagnostics tool to 32 European countries, including the UK, France, and Germany. The software, previously limited to technicians, allows customers to perform system configuration after self-repairs on iPhones, Macs, and Studio Displays.

Launched in the U.S. last year, the tool is part of Apple's Self Service Repair program, which provides access to genuine parts, tools, and manuals for select models. The expansion supports 42 Apple products in 33 countries and 24 languages, furthering the company's efforts to extend product lifespan.

Automated license plate readers "pose risks to public safety," argues the EFF, "that may outweigh the crimes they are attempting to address in the first place." When law enforcement uses automated license plate readers (ALPRs) to document the comings and goings of every driver on the road, regardless of a nexus to a crime, it results in gargantuan databases of sensitive information, and few agencies are equipped, staffed, or trained to harden their systems against quickly evolving cybersecurity threats. The Cybersecurity and Infrastructure Security Agency (CISA), a component of the U.S. Department of Homeland Security, released an advisory last week that should be a wake up call to the thousands of local government agencies around the country that use ALPRs to surveil the travel patterns of their residents by scanning their license plates and "fingerprinting" their vehicles. The bulletin outlines seven vulnerabilities in Motorola Solutions' Vigilant ALPRs, including missing encryption and insufficiently protected credentials...

Unlike location data a person shares with, say, GPS-based navigation app Waze, ALPRs collect and store this information without consent and there is very little a person can do to have this information purged from these systems... Because drivers don't have control over ALPR data, the onus for protecting the data lies with the police and sheriffs who operate the surveillance and the vendors that provide the technology. It's a general tenet of cybersecurity that you should not collect and retain more personal data than you are capable of protecting. Perhaps ironically, a Motorola Solutions cybersecurity specialist wrote an article in Police Chief magazine this month that public safety agencies "are often challenged when it comes to recruiting and retaining experienced cybersecurity personnel," even though "the potential for harm from external factors is substantial." That partially explains why, more than 125 law enforcement agencies reported a data breach or cyberattacks between 2012 and 2020, according to research by former EFF intern Madison Vialpando. The Motorola Solutions article claims that ransomware attacks "targeting U.S. public safety organizations increased by 142 percent" in 2023.

Yet, the temptation to "collect it all" continues to overshadow the responsibility to "protect it all." What makes the latest CISA disclosure even more outrageous is it is at least the third time in the last decade that major security vulnerabilities have been found in ALPRs... If there's one positive thing we can say about the latest Vigilant vulnerability disclosures, it's that for once a government agency identified and reported the vulnerabilities before they could do damage... The Michigan Cyber Command center found a total of seven vulnerabilities in Vigilant devices; two of which were medium severity and 5 of which were high severity vulnerabilities...

But a data breach isn't the only way that ALPR data can be leaked or abused. In 2022, an officer in the Kechi (Kansas) Police Department accessed ALPR data shared with his department by the Wichita Police Department to stalk his wife.
The article concludes that public safety agencies should "collect only the data they need for actual criminal investigations.

"They must never store more data than they adequately protect within their limited resources-or they must keep the public safe from data breaches by not collecting the data at all."

An anonymous reader quotes a report from The Guardian: Kilifi County's white sandy beaches have made it one of Kenya's most popular tourist destinations. Hotels and beach bars line the 165 mile-long (265km) coast; fishers supply the district's restaurants with fresh seafood; and visitors spend their days boating, snorkelling around coral reefs or bird watching in dense mangrove forests. Soon, this idyllic coastline will host Kenya's first nuclear plant, as the country, like its east African neighbour Uganda, pushes forward with atomic energy plans. The proposals have sparked fierce opposition in Kilifi. In a building by Mida Creek, a swampy bayou known for its birdlife and mangrove forests, more than a dozen conservation and rights groups meet regularly to discuss the proposed plant.

"Kana nuclear!" Phyllis Omido, an award-winning environmentalist who is leading the protests, tells one such meeting. The Swahili slogan means "reject nuclear", and encompasses the acronym for the Kenya Anti-Nuclear Alliance who say the plant will deepen Kenya's debt and are calling for broader public awareness of the cost. Construction on the power station is expected to start in 2027, with it due to be operational in 2034. "It is the worst economic decision we could make for our country," says Omido, who began her campaign last year. A lawsuit filed in the environmental court by lawyers Collins Sang and Cecilia Ndeti in July 2023 on behalf of Kilifi residents, seeks to stop the plant, arguing that the process has been "rushed" and was "illegal", and that public participation meetings were "clandestine". They argue the Nuclear Power and Energy Agency (Nupea) should not proceed with fixing any site for the plant before laws and adequate safeguards are in place. Nupea said construction would not begin for years, that laws were under discussion and that adequate public participation was being carried out. Hearings are continuing to take place.

In November, people in Kilifi filed a petition with parliament calling for an inquiry. The petition, sponsored by the Centre for Justice Governance and Environmental Action (CJGEA), a non-profit founded by Omido in 2009, also claimed that locals had limited information on the proposed plant and the criteria for selecting preferred sites. It raised concerns over the risks to health, the environment and tourism in the event of a nuclear spill, saying the country was undertaking a "high-risk venture" without proper legal and disaster response measures in place. The petition also flagged concerns over security and the handling of radioactive waste in a nation prone to floods and drought. The senate suspended (PDF) the inquiry until the lawsuit was heard. "If we really have to invest in nuclear, why can't [the government] put it in a place that does not cause so much risk to our ecological assets?" says Omido. "Why don't they choose an area that would not mean that if there was a nuclear leak we would lose so much as a country?" Peter Musila, a marine scientist who monitors the impacts of global heating on coral reefs, fears that a nuclear power station will threaten aquatic life. The coral cover in Watamu marine national reserve, a protected area near Kilifi's coast, has improved over the last decade and Musila fears progress could be reversed by thermal pollution from the plant, whose cooling system would suck large amounts of water from the ocean and return it a few degrees warmer, potentially killing fish and the micro-organisms such as plankton, which are essential for a thriving aquatic ecosystem. "It's terrifying," says Musila, who works with the conservation organisation A Rocha Kenya. "It could wreak havoc." Nupea, for its part, "published an impact assessment report last year that recommended policies be put in place to ensure environmental protections, including detailed plans for the handling of radioactive waste; measures to mitigate environmental harm, such as setting up a nuclear unit in the national environment management authority; and emergency response teams," notes the Guardian. "It also proposed social and economic protections for affected communities, including clear guidelines on compensation for those who lose their livelihoods, or are displaced from their land, when the plant is set up."

"Nupea said a power station could create thousands of jobs for Kenyans and said it had partnered with Kilifi universities to start nuclear training programs that would enable more residents to take up jobs at the plant. Wilfred Baya, assistant director for energy for Kilifi county, says the plant could also bring infrastructural development and greater electricity access to a region which suffers frequent power cuts."

"Over at Fast Company, where we're celebrating 1994 Week, I wrote about the year of Peak CD-ROM, when excitement over the medium's potential was sky-high and the World Wide Web's audience still numbered in the extremely low millions," writes Slashdot reader and Fast Company technology editor Harry McCracken (harrymcc). "I cover once-famous products such as Microsoft's Encarta encyclopedia, the curse of shovelware, the rise of a San Francisco neighborhood known as 'Multimedia Gulch,' and why the whole dream soon came crashing down." Here's an excerpt from the article: Thirty years ago, a breakthrough technology was poised to transform how people stayed informed, entertained themselves, and maybe even shopped. I'm not talking about the World Wide Web. True, it was already getting good buzz among early adopter types. But even three years after going online, Tim Berners-Lee's creation was "still relatively slow and crude" and "limited to perhaps two million Internet users who have the proper software to gain access to it," wrote The New York Times' Peter H. Lewis in November 1994. At the time, it was the CD-ROM that had captured the imagination of consumers and the entire publishing industry. The high-capacity optical discs enabled mass distribution of multimedia for the first time, giving software developers the ability to create new kinds of experiences. Some of the largest companies in America saw them as media's next frontier, as did throngs of startups. In terms of pure mindshare, 1994 might have been the year of Peak CD, with 17.5 million CD-ROM drives and $590 million in discs sold, according to research firms Dataquest and Link Resources.

You already know that the frenzy didn't last. As the web got faster, slicker, and more readily accessible, CD-ROMs came to look pretty mundane, and eventually faded from memory. Myst, once the best-selling PC game of all time, might be the only 1990s disc that retains a prominent spot in our shared cultural consciousness. (Full disclosure: I do have a friend who can be relied upon to fondly bring up Microsoft's Cinemania movie guide about once a year for no apparent reason.) Revisiting the discs that defined the mid-1990s -- all of which are incompatible with modern operating systems -- isn't easy. To get some of them up and running again, I downloaded virtual CD-ROM files from the Internet Archive and used them with Windows 3.1 on my iPad Pro, courtesy of a piece of software Apple removed from the App Store in 2021. Spending time with titles such as Compton's Interactive Encyclopedia and It's a Wonderful Life Multi-Media Edition, three decades after they last commanded my attention, was a Proustian rush. You may not want to go to similar extremes. But would you indulge me as I wallow in enough CD-ROM nostalgia to get it out of my system?

"Titanium that was distributed with fake documentation has been found in commercial Boeing and Airbus jets," reports CNN. America's Federal Aviation Administration is now investigating whether those components pose a safety hazard to the public," along with the manufacturers of the aircraft and supplier Spirit AeroSystems.

"A parts supplier found small holes in the material from corrosion," the New York Times reported Friday: Boeing and Airbus both said their tests of affected materials so far had shown no signs of problems.

Boeing said it directly purchased most of the titanium used in its plane production, so most of its supply was unaffected. "This industrywide issue affects some shipments of titanium received by a limited set of suppliers, and tests performed to date have indicated that the correct titanium alloy was used," Boeing said in a statement. "To ensure compliance, we are removing any affected parts on airplanes prior to delivery. Our analysis shows the in-service fleet can continue to fly safely."

An anonymous reader quotes a report from TechCrunch: A Finnish startup called Flow Computing is making one of the wildest claims ever heard in silicon engineering: by adding its proprietary companion chip, any CPU can instantly double its performance, increasing to as much as 100x with software tweaks. If it works, it could help the industry keep up with the insatiable compute demand of AI makers. Flow is a spinout of VTT, a Finland state-backed research organization that's a bit like a national lab. The chip technology it's commercializing, which it has branded the Parallel Processing Unit, is the result of research performed at that lab (though VTT is an investor, the IP is owned by Flow). The claim, Flow is first to admit, is laughable on its face. You can't just magically squeeze extra performance out of CPUs across architectures and code bases. If so, Intel or AMD or whoever would have done it years ago. But Flow has been working on something that has been theoretically possible -- it's just that no one has been able to pull it off.

Central Processing Units have come a long way since the early days of vacuum tubes and punch cards, but in some fundamental ways they're still the same. Their primary limitation is that as serial rather than parallel processors, they can only do one thing at a time. Of course, they switch that thing a billion times a second across multiple cores and pathways -- but these are all ways of accommodating the single-lane nature of the CPU. (A GPU, in contrast, does many related calculations at once but is specialized in certain operations.) "The CPU is the weakest link in computing," said Flow co-founder and CEO Timo Valtonen. "It's not up to its task, and this will need to change."

CPUs have gotten very fast, but even with nanosecond-level responsiveness, there's a tremendous amount of waste in how instructions are carried out simply because of the basic limitation that one task needs to finish before the next one starts. (I'm simplifying here, not being a chip engineer myself.) What Flow claims to have done is remove this limitation, turning the CPU from a one-lane street into a multi-lane highway. The CPU is still limited to doing one task at a time, but Flow's Parallel Processing Unit (PPU), as they call it, essentially performs nanosecond-scale traffic management on-die to move tasks into and out of the processor faster than has previously been possible. [...] Flow is just now emerging from stealth, with [about $4.3 million] in pre-seed funding led by Butterfly Ventures, with participation from FOV Ventures, Sarsia, Stephen Industries, Superhero Capital and Business Finland. The primary challenge Flow faces is that for its technology to be integrated, it requires collaboration at the chip-design level. This means chipmakers need to redesign their products to include the PPU, which is a substantial investment.

Given the industry's cautious nature and the existing roadmaps of major chip manufacturers, the uptake of this new technology might be slow. Companies are often reluctant to adopt unproven technologies that could disrupt their long-term plans.

The white paper can be read here. A Flow Computing FAQ is also available here.

Copycats are stepping up their attacks on small businesses. Sellers of products including merino socks and hummingbird feeders say they have lost customers to online scammers who use the legitimate business owners' videos, logos and social-media posts to assume their identities and steer customers to cheap knockoffs or simply take their money. WSJ: "We used to think you'd be targeted because you have a brand everywhere," said Alastair Gray, director of anticounterfeiting for the International Trademark Association, a nonprofit that represents brand owners. "It now seems with the ease at which these criminals can replicate websites, they can cut and paste everything." Technology has expanded the reach of even the smallest businesses, making it easy to court customers across the globe. But evolving technology has also boosted opportunities for copycats; ChatGPT and other advances in artificial intelligence make it easier to avoid language or spelling errors, often a signal of fraud.

Imitators also have fine-tuned their tactics, including by outbidding legitimate brands for top position in search results. "These counterfeiters will market themselves just like brands market themselves," said Rachel Aronson, co-founder of CounterFind, a Dallas-based brand-protection company. Policing copycats is particularly challenging for small businesses with limited financial resources and not many employees. Online giants such as Amazon.com and Meta Platforms say they use technology to identify and remove misleading ads, fake accounts or counterfeit products.

Apple has announced visionOS 2 for its Vision Pro spatial computing headset, bringing mouse support, an ultrawide virtual Mac display option, and new Photo features. The company says it's expected to launch "later this year." The Verge reports: The most significant update, for all the productivity heads out there, is a new ultrawide virtual display feature. Apple says that in visionOS 2, you'll be able to connect a Vision Pro to a Mac to generate a dual 4K-equivalent curved ultrawide display. Right now, the virtual display feature only does a single up to 5K one. Also, the company will finally add mouse support to the Vision Pro -- at launch, the headset could work with trackpads like the one on a MacBook Air or the standalone Magic Trackpad 2, but oddly left out mouse support. You can still use one inside a mirrored display in the Vision Pro, but not outside of that screen in, say, an iPad or Vision Pro app.

Apple says that in the new update, users will be able to convert any image in the Photos app to a spatial one. Also, visionOS 2 will have train support, so the Vision Pro's travel mode will no longer be limited to just airplanes. The company also says it's adding SharePlay to the visionOS Photos app, which means that you can share the app with another Vision Pro owner using Spatial Personas [...]. The company says Red Bull is making a new immersive sports series, while Apple is making its first scripted immersive feature. Apple also said that Canon is releasing a new spatial lens for the EOS R7, one designed specifically for creating content for the Vision Pro.

Finally, the company is rolling out the Vision Pro abroad. Apple is going to start taking preorders in China, Hong Kong, Japan, and Singapore on June 13th at 6PM PT, and it'll be available in those countries on June 28th. Australia, Canada, France, Germany, and the UK will get preorders later, on June 28th at 5AM PT, with the headset officially available on July 12th.

Security researchers say they believe financially motivated cybercriminals have stolen a "significant volume of data" from hundreds of customers hosting their vast banks of data with cloud storage giant Snowflake. TechCrunch: Incident response firm Mandiant, which is working with Snowflake to investigate the recent spate of data thefts, said in a blog post Monday that the two firms have notified around 165 customers that their data may have been stolen. It's the first time that the number of affected Snowflake customers has been disclosed since the account hacks began in April. Snowflake has said little to date about the attacks, only that a "limited number" of its customers are affected. The cloud data giant has more than 9,800 corporate customers, like healthcare organizations, retail giants and some of the world's largest tech companies, which use Snowflake for data analytics.

At a New York Yankees baseball game, one fan discovered its concession stand doesn't accept cash. "An employee directed him to a kiosk that could convert his greenbacks into plastic," reports the Wall Street Journal, where the fan, "fed $200 into the reverse ATM, which subtracted a $3.50 fee and spat out a debit card with a balance of $196.50." Paying with cash used to be a way to get a discount. These days it can often cost an extra $1 to $6 — the sort of transaction fees once limited to swiping a credit card or using an out-of-network ATM. Reverse ATMs like those at Yankee Stadium are now common at cashless venues and restaurants across the country as a way to cater to those who prefer paying in cash. People who want to pay their parking tickets, tolls, taxes or phone bills in cash, meanwhile, often learn that government agencies and businesses have outsourced that option to companies that usually charge a fee.

All that can amount to a penalty on the people who prefer paying cash. Though it is more common to buy things with cards and mobile devices, cash remains the third-most popular way to pay, accounting for 16% of all payments in 2023, according to the Federal Reserve. That's down 2 percentage points from the year before, continuing a steady decline that accelerated during the pandemic. "It's unbelievable that we actually have to tell retailers, 'This is U.S. currency and it's something that should be accepted,' " said Jonathan Alexander, executive director of the Consumer Choice in Payment Coalition, a group of businesses and nonprofits lobbying for the continued acceptance of cash.

There aren't federal laws that require businesses to accept cash. States like Colorado and Rhode Island and cities like New York banned cashless retail establishments after many stores shifted to card-only transactions to reduce the spread of Covid-19, speed up transactions and cut back on theft. In 2023, lawmakers in the House of Representatives and the Senate introduced bills requiring that businesses accept cash for all in-person purchases under $500, unless they provide devices like a reverse ATM that don't charge fees. The bills haven't passed.

Cashless businesses can be a burden for older or lower-income shoppers who are less likely to have access to digital payments. They also pose challenges for younger people who haven't yet set up credit cards or bank accounts.
The article includes the story of an 18-year-old who earned cash by babysitting, then went to a hockey game and "was charged a 50-cent fee after putting $20 into a reverse ATM...to order chicken nuggets and a bottle of water." (Others who prefer cash "say paper money is anonymous, helps them keep spending under control and is better for tips," the article adds noting that roughly six in 10 Americans use cash for at least some of their purchases, according to Pew Research Center.)

The makers of one "reverse ATM" tell the Journal that whether or not someone gets charged a fee actually depends on what state they're in — and on the preferences of the venue that installed the ATM machine.

Reuters reports: A special uranium fuel planned for next-generation U.S. nuclear reactors poses security risks because it could be used without further enrichment as fissile material in nuclear weapons, scientists said in an article published on Thursday. The fuel, called high-assay low-enriched uranium, or HALEU, is enriched to levels of up to 20%, compared with about 5% for the fuel that powers most existing reactors.

Until recently it was made in commercial amounts only in Russia, but the United States wants to produce it to fuel a new wave of reactors... "This material is directly usable for making nuclear weapons without any further enrichment or reprocessing," said Scott Kemp, one of five authors of the peer-reviewed article in the journal Science. "In other words, the new reactors pose an unprecedented nuclear-security risk," said Kemp, a professor at the Massachusetts Institute of Technology and a former science adviser on arms control at the State Department. A bomb similar in power to the one the U.S. dropped on Hiroshima, Japan in 1945 could be made from 2,200 pounds (1,000 kg) or less of 19.75% enriched HALEU, the article said. "Designing such a weapon would not be without its challenges, but there do not appear to be any convincing reasons why it could not be done," it said.

The authors said if enrichment is limited to 10% to 12%, the supply chain would be far safer with only modest costs...

TerraPower, a company backed by Bill Gates that has received funding from the [U.S.] Energy Department, hopes to build its Natrium nuclear plant in Wyoming by 2030 to run on HALEU. TerraPower in late 2022 delayed Natrium's launch date by at least two years to 2030 due to a lack of HALEU. A TerraPower spokesperson said Natrium will use HALEU as it allows more efficient energy production and reduces nuclear waste volumes. "TerraPower has made reduction of weapons risks a foundational principle" the spokesperson said, adding that its fuel cycle eliminates the risk of proliferation.
Reuters notes that America's 2022 climate legislation "included $700 million for a HALEU availability program including purchasing the fuel to create a supply chain for planned high-tech reactors."

But the study's authors argue that if it becomes a standard reactor fuel, it could eliminate the distinction between peaceful and nonpeaceful nuclear programs — in countries around the world.

Thanks to Slashdot reader locater16 for sharing the article.

An anonymous reader quotes a report from Ars Technica: On Thursday, DuckDuckGo unveiled a new "AI Chat" service that allows users to converse with four mid-range large language models (LLMs) from OpenAI, Anthropic, Meta, and Mistral in an interface similar to ChatGPT while attempting to preserve privacy and anonymity. While the AI models involved can output inaccurate information readily, the site allows users to test different mid-range LLMs without having to install anything or sign up for an account. DuckDuckGo's AI Chat currently features access to OpenAI's GPT-3.5 Turbo, Anthropic's Claude 3 Haiku, and two open source models, Meta's Llama 3 and Mistral's Mixtral 8x7B. The service is currently free to use within daily limits. Users can access AI Chat through the DuckDuckGo search engine, direct links to the site, or by using "!ai" or "!chat" shortcuts in the search field. AI Chat can also be disabled in the site's settings for users with accounts.

According to DuckDuckGo, chats on the service are anonymized, with metadata and IP address removed to prevent tracing back to individuals. The company states that chats are not used for AI model training, citing its privacy policy and terms of use. "We have agreements in place with all model providers to ensure that any saved chats are completely deleted by the providers within 30 days," says DuckDuckGo, "and that none of the chats made on our platform can be used to train or improve the models." However, the privacy experience is not bulletproof because, in the case of GPT-3.5 and Claude Haiku, DuckDuckGo is required to send a user's inputs to remote servers for processing over the Internet. Given certain inputs (i.e., "Hey, GPT, my name is Bob, and I live on Main Street, and I just murdered Bill"), a user could still potentially be identified if such an extreme need arose. In regard to hallucination concerns, DuckDuckGo states in its privacy policy: "By its very nature, AI Chat generates text with limited information. As such, Outputs that appear complete or accurate because of their detail or specificity may not be. For example, AI Chat cannot dynamically retrieve information and so Outputs may be outdated. You should not rely on any Output without verifying its contents using other sources, especially for professional advice (like medical, financial, or legal advice)."

An anonymous reader quotes a report from Ars Technica: As we're currently seeing with AI, when a new technology becomes buzzy, companies will do almost anything to cram that tech into their products. Trends fade, however, and corporate priorities shift -- resulting in bricked gadgets and buyer's remorse. That's what's happening to some who bought into Oral-B toothbrushes with Amazon Alexa built in. Oral-B released the Guide for $230 in August 2020 but bricked the ability to set up or reconfigure Alexa on the product this February. As of this writing, the Guide is still available through a third-party Amazon seller.

The Guide toothbrush's charging base was able to connect to the Internet and work like an Alexa speaker that you could speak to and from which Alexa could respond. Owners could "ask to play music, hear the news, check weather, control smart home devices, and even order more brush heads by saying, 'Alexa, order Oral-B brush head replacements,'" per Procter & Gamble's 2020 announcement. Oral-B also bragged at the time that, in partnering with Alexa, the Guide ushered in "the truly connected bathroom."

On February 15, Oral-B bricked the Guide's ability to set up Alexa by discontinuing the Oral-B Connect app required to complete the process. Guide owners can still use the Oral-B App for other features; however, the ability to use the charging base like an Alexa smart speaker -- a big draw in the product's announcement and advertising -- is seriously limited. The device should still work with Alexa if users set it up before Oral-B shuttered Connect, but setting up a new Wi-Fi connection or reestablishing a lost one doesn't work without Connect. Oral-B owner, Proctor & Gamble, said in a statement: "The Oral-B Connect app was originally developed to support Oral-B Guide and Oral-B Sense electric toothbrushes, which were discontinued ... While some features are no longer supported on these brushes, the Oral-B app does remain compatible with both devices. Consumers are invited to contact Oral-B customer service where they can get additional support for these brushes."

Meanwhile, an Amazon spokesperson told Ars: "The Oral-B Guide still has Alexa built-in and customers can keep using the Alexa experience on devices that were set up through the Oral-B Connect app. The Oral-B Guide is currently sold by an independent seller on Amazon.com. Please contact Oral-B for any further questions about their app."

Meta Platforms withheld information from federal regulators during their original reviews of the Instagram and WhatsApp acquisitions, the US Federal Trade Commission said in a court filing as part of a lawsuit seeking to break up the social networking giant. From a report: In its filing Tuesday, however, the FTC said the case involves "information Meta had in its files and did not provide" during the original reviews. "At Meta's request the FTC undertook only a limited review" of the deals, the agency said. "The FTC now has available vastly more evidence, including pre-acquisition documents Meta did not provide in 2012 and 2014."

Meta said that it met all of its legal obligations during the Instagram and WhatsApp merger reviews. The FTC has failed to provide evidence to support its claims, a spokesperson said. "The evidence instead shows that Meta faces fierce competition and that Meta's significant investment of time and resources in Instagram and WhatsApp has benefited consumers by making the apps into the services millions of users enjoy today for free," spokesperson Chris Sgro said in a statement. "The FTC has done nothing to build its case over the past four years, while Meta has invested billions to build quality products."

jd writes: There aren't many details yet, but a private company used by the National Health Service in London was hit by a ransomware attack today, leading to cancelled operations and cancelled tests. The provider has been hit multiple times this year and is obviously not bothering with making any improvements in cybersecurity. There really should be legal requirements when it comes to maintaining what is de-facto critical infrastructure.

From the article:

"Major NHS hospitals in London have been hit by a cyber-attack, which is seriously disrupting their services, including blood tests and transfusions. The ransomware attack is having a "major impact" on the care provided by Guy's and St Thomas' NHS trust, its chief executive has told staff in a letter. The attack is understood to affect other hospitals, including King's College hospital, and has left them unable to connect to the servers of the private firm that provides their pathology services.

Synnovis, an outsourced provider of lab services to NHS trusts across south-east London, was the target of the attack, believed to be a form of ransomware, a piece of software which locks up a computer system to extort a payment for restoring access. According to one healthcare worker, the labs were still functional, but communication with them was limited to paper only, imposing a huge bottleneck and forcing cancellation or reassignment of all but the most urgent bloodwork. Direct connections with Synnovis' servers were cut to limit the risk of the infection spreading. ...
This is the third attack in the last year to hit part of the Synlab group, a German medical services provider with subsidiaries across Europe. In June 2023, ransomware gang Clop hacked and stole data from the French branch of the company just days after it hit headlines for bringing down a payroll provider for companies including BA, Boots and the BBC. Clop published the stolen data later that summer."

An anonymous reader shares a report: A Ticketmaster data breach that allegedly includes details for 560 million accounts and another one affecting Santander have been linked to their accounts at Snowflake, a cloud storage provider. However, Snowflake says there's no evidence its platform is at fault. A joint statement to that effect made last night with CrowdStrike and Mandiant, two third-party security companies investigating the incident, lends additional credibility to the claim.

Also, an earlier third-party report saying bad actors generated session tokens and may have compromised "hundreds" of Snowflake accounts has now been removed. Hudson Rock, the security firm behind that report, posted a statement of its own today on LinkedIn: "In accordance to a letter we received from Snowflake's legal counsel, we have decided to take down all content related to our report." A post from Snowflake says, "To date, we do not believe this activity is caused by any vulnerability, misconfiguration, or malicious activity within the Snowflake product. Throughout the course of our ongoing investigation, we have promptly informed the limited number of customers who we believe may have been impacted."

A new article in the Washington Post argues that a phenomenon called "Quiet vacationing" has "joined 'quiet quitting' and 'quiet firing' as the latest (and least poetic) scourge of the modern workplace.

"Also known as the hush trip, workcation, hush-cation, or bleisure travel — you get the idea — quiet vacationing refers to workers taking time off, even traveling, without notifying their employers." Taking advantage of work-from-anywhere technology, they are logging in from hotels, beaches and campgrounds, sometimes using virtual backgrounds and VPNs to cover their tracks.

Given the difficulty many employers already have trusting remote workers to be productive anywhere outside the office, you can bet they are not keen on the idea of their employees pretending to have their head in the game while their toes are in the sand. But employers also have legitimate legal reasons for keeping tabs on their employees' location when they're on the clock. "Evil HR Lady" Suzanne Lucas, writing in Inc. magazine, recently highlighted the many tax, employment, business-operation and security laws that focus on an employee's location. Workers secretly performing their jobs in other states or countries can trigger compliance headaches for their employers, Lucas notes, giving the hypothetical of an employee seeking workers' compensation after sustaining an injury while on unauthorized travel....

As with declines in birthrates, home purchases and demand for mined diamonds, the quiet-vacationing trend is being attributed primarily, though not exclusively, to millennial workers. But before launching into generational finger-pointing and stereotyping, it's worth taking a look at why they might feel the need to take their PTO on the DL. The U.S. Travel Association in a 2016 report proclaimed millennials to be a generation of "work martyrs," entering the workforce around the time average U.S. vacation usage began declining and mobile technology began enabling round-the-clock attachment to jobs... The work-vacation boundaries most premillennial workers took for granted growing up have gone the way of defined-benefit pensions and good tomatoes.

Inadequate paid leave is another driving force. The United States continues to be the only nation among its industrialized economic peers that does not guarantee paid vacation, sick leave or holidays for all workers, leaving such benefits to the discretion of employers. Workers with limited PTO — whether new to the workforce or stuck in lower-paying, low-benefit industries — generally want to keep as much paid leave banked as possible, especially if they may need it for unpredictable emergencies like illness or caretaking. If you can preserve those precious hours by packing your laptop alongside your flip-flops, why wouldn't you?
The article also mentions employers who begrudge vacation and employees who fear "becoming a target for future cost-cutting..."

"A Swiss biocomputing startup has launched an online platform that provides remote access to 16 human brain organoids," reports Tom's Hardware: FinalSpark claims its Neuroplatform is the world's first online platform delivering access to biological neurons in vitro. Moreover, bioprocessors like this "consume a million times less power than traditional digital processors," the company says. FinalSpark says its Neuroplatform is capable of learning and processing information, and due to its low power consumption, it could reduce the environmental impacts of computing. In a recent research paper about its developments, FinalSpakr claims that training a single LLM like GPT-3 required approximately 10GWh — about 6,000 times greater energy consumption than the average European citizen uses in a whole year. Such energy expenditure could be massively cut following the successful deployment of bioprocessors.

The operation of the Neuroplatform currently relies on an architecture that can be classified as wetware: the mixing of hardware, software, and biology. The main innovation delivered by the Neuroplatform is through the use of four Multi-Electrode Arrays (MEAs) housing the living tissue — organoids, which are 3D cell masses of brain tissue...interfaced by eight electrodes used for both stimulation and recording... FinalSpark has given access to its remote computing platform to nine institutions to help spur bioprocessing research and development. With such institutions' collaboration, it hopes to create the world's first living processor.
FinalSpark was founded in 2014, according to Wikipedia's page on wetware computing. "While a wetware computer is still largely conceptual, there has been limited success with construction and prototyping, which has acted as a proof of the concept's realistic application to computing in the future."

Thanks to long-time Slashdot reader Artem S. Tashkinov for sharing the article.

Google has published an update on the deprecation timeline of so-called Manifest V2 extensions in the Chrome web browser. Starting this June, Chrome will inform users with classic extensions about the deprecation. From a report: Manifests are rulesets for extensions. They define the capabilities of extensions. When Google published the initial Manifest V3 draft, it was criticized heavily for it. This initial draft had significant impact on content blockers, privacy extensions, and many other extension types. Many called it the end of adblockers in Chrome because of that. In the years that followed, Google postponed the introduction and updated the draft several times to address some of these concerns.

Despite all the changes, Manifest V3 is still limiting certain capabilities. The developer of uBlock Origin listed some of these on GitHub. According to the information, current uBlock Origin capabilities such as dynamic filtering, certain per-site switches, or regex-based filters are not supported by Manifest V3. The release of uBlock Origin Minus highlights this. It is a Manifest V3 extension, but limited in comparison to the Manifest V2-based uBlock Origin.

Now included in Amazon Prime is free delivery via Grubhub. According to The Verge, "Amazon is now embedding Grubhub into Amazon.com and the Amazon Shopping app, and Amazon Prime customers paying $139 per year for Amazon Prime will now pay $0 for food delivery fees on orders of $12 or more, among other benefits." From the report: Amazon had previously offered Prime customers a free one-year subscription to GrubHub Plus, but that one auto-renewed at $129 per year. Now, it's a permanent part of the Amazon Prime subscription. Amazon says the ordering experience is "identical" to ordering from Grubhub's website or app and is accessible to all customers, even without Prime. Amazon and Grubhub say they'll continue collaborating on other promotions, including food pairings and promotions like the limited Nuka burger for the Fallout series premiere. Prime members can also get $5 off their Grubhub meal of $25 or more made through Amazon with code PRIME5 (valid through June 2nd). What will likely not be included in Amazon's Prime subscription is Alexa's upcoming AI overhaul. "Amazon is upgrading its decade-old Alexa voice assistant with generative AI and plans to charge a monthly subscription fee to offset the cost of the technology," CNBC reported earlier this month. Unfortunately, sources said it will not be included in the $139-per-year Prime offering.