An anonymous reader shared this report from CNBC: Gilead's experimental twice-yearly medicine to prevent HIV was 100% effective in a late-stage trial, the company said Thursday. None of the roughly 2,000 women in the trial who received the lenacapavir shot had contracted HIV by an interim analysis, prompting the independent data monitoring committee to recommend Gilead unblind the Phase 3 trial and offer the treatment to everyone in the study. Other participants had received standard daily pills.
The company expects to share more data by early next year, the article adds, and if its results are positive, the company could bring its drug to the market as soon as late 2025. (By Fridayt the company's stock price had risen nearly 12%.)

There's already other HIV-preventing options, the article points out, but they're taken by "only a little more than one-third of people in the U.S. who could benefit...according to data from the Centers for Disease Control and Prevention." Part of the problem?

"Daily pills dominate the market, but drugmakers are now focusing on developing longer-acting shots... Health policymakers and advocates hope longer-acting options could reach people who can't or don't want to take a daily pill and better prevent the spread of a virus that caused about 1 million new infections globally in 2022."

An anonymous reader quotes a report from the BBC: A vote against using MDMA as part of therapy for PTSD has provoked a powerful backlash among researchers who study psychedelic drugs. Some 13 million Americans struggle with post-traumatic stress disorder (PTSD). Existing therapies only bring relief for a fraction of patients, and new treatments are sorely needed, according to psychiatrists wrestling with the scale of the problem. So, there was distinct disappointment when an advisory committee at the US Food and Drug Administration (FDA) voted earlier this month against a therapy that many had hoped could offer the first new treatment for PTSD in 25 years. A number of experts who study psychedelics have since spoken out in support of MDMA-assisted therapy for PTSD and have sharply criticized the recommendations of the FDA's Psychopharmacological Drugs Advisory Committee. But some are still optimistic that the treatment might be approved when the FDA delivers its final decision in August.

While MDMA, also commonly known as ecstasy or molly, is listed as a Schedule 1 controlled substance in the US and so is illegal to use outside research, there has been a growing number of studies suggesting that when used with psychotherapy it could have potential for treating PTSD and some other mental health conditions. Ahead of the meeting, FDA approval of MDMA-assisted therapy for PTSD seemed likely, says Sandeep Nayak, an assistant professor of psychiatry at Johns Hopkins University, who investigates psychedelics as treatments for substance use and mood disorders. About two-thirds of people who received three sessions of MDMA and talk therapy no longer qualified for a PTSD diagnosis at the end of two Phase 3 clinical trials. It's an outcome that is "almost double that of existing medications", says Gul Dolen, a neuroscientist at the University of California, Berkeley, who researches the mechanisms of how psychedelics achieve therapeutic effects. "What's more, [the treatment] led to durable improvements in these patients lasting at least six months."

About half of people who enroll in current gold standard PTSD treatments drop out, which is "absurd," says Loree Sutton, a psychiatrist and retired Brigadier General in the US Army. She says new treatments are essential. "We have to do better." "Even if there are risks, we've got to figure this out, because we cannot not let this treatment be available," adds Rachel Yehuda, a professor of psychiatry and neuroscience at the Icahn School of Medicine at Mount Sinai who has conducted studies on the effects of MDMA-assisted therapy for PTSD. "Without it, we're just leaving too many people in suffering that they don't need to be in, and that is not right." The FDA is currently considering an application from California-based drug company Lykos Therapeutics for using MDMA capsules taken in conjunction with therapy in the treatment of PTSD. In the recent FDA advisory meeting, committee members cited apparent flaws in study design and data collection. The nine-hour hearing concluded with committee members voting 9-2 that the available data do not show "that the drug is effective" for PTSD, and voting 10-1 that the benefits of MDMA do not outweigh the risks.

The Internet Archive's Open Library, which operates similarly to traditional libraries by lending out digital copies of purchased or donated physical books, has been forced to remove 500,000 books due to a lawsuit by big publishers. Mike Masnick reports via Techdirt: As we've discussed at great length, the Internet Archive's Open Library system is indistinguishable from the economics of how a regular library works. The Archive either purchases physical books or has them donated (just like a physical library). It then lends them out on a one-to-one basis (leaving aside a brief moment where it took down that barrier when basically all libraries were shut down due to pandemic lockdowns), such that when someone "borrows" a digital copy of a book, no one else can borrow that same copy. And yet, for all of the benefits of such a system in enabling more people to be able to access information, without changing the basic economics of how libraries have always worked, the big publishers all sued the Internet Archive. The publishers won the first round of that lawsuit. And while the court (somewhat surprisingly!) did not order the immediate closure of the Open Library, it did require the Internet Archive to remove any books upon request from publishers (though only if the publishers made those books available as eBooks elsewhere).

As the case has moved into the appeals stage (where we have filed an amicus brief), the Archive has revealed that around 500,000 books have been removed from the open library. The Archive has put together an open letter to publishers, requesting that they restore access to this knowledge and information -- a request that will almost certainly fall on extremely deaf ears: "We purchase and acquire books -- yes, physical, paper books -- and make them available for one person at a time to check out and read online. This work is important for readers and authors alike, as many younger and low-income readers can only read if books are free to borrow, and many authors' books will only be discovered or preserved through the work of librarians. We use industry-standard technology to prevent our books from being downloaded and redistributed -- the same technology used by corporate publishers. But the publishers suing our library say we shouldn't be allowed to lend the books we own. They have forced us to remove more than half a million books from our library, and that's why we are appealing."

U.S. companies may need to report cash amounts tied to their software expenditures, more of which would be moved off corporate balance sheets under a forthcoming proposal to update decades-old accounting rules. From a report: The Financial Accounting Standards Board voted Tuesday, 7-0, to propose requiring companies to report cash amounts tied to their software costs and help them determine when to expense or capitalize costs. The proposal is a scaled-back version of rule-making around these expenses. The standard setter wants to require U.S. public and private companies to provide a line item in their cash-flow statement to account for cash spending on software. Rules around software costs have gone largely unchanged since the 1980s and 1990s.

The proposal would cover use of software ranging from enterprise resource planning systems to hosting services and mobile banking applications, meaning it applies to almost every company. It would exclude development of software licensed to customers. Under the plan, companies would no longer have to evaluate the stage of their software project to determine whether to expense the costs on the income statement or to capitalize, or delay fully recognizing them, on the balance sheet. Companies are now required to expense their software costs as incurred on the income statement during the initial planning and post-implementation stages. When building the programs or applications, companies have to capitalize eligible costs. These current requirements involve significant judgment for companies, creating higher compliance costs. Instead, companies would only have to determine when to begin capitalizing software costs based on executives' signoff for a project and the likelihood that the project will be completed and the software will carry out its intended use.

An anonymous reader quotes a report from MIT Technology Review: Meta has created a system that can embed hidden signals, known as watermarks, in AI-generated audio clips, which could help in detecting AI-generated content online. The tool, called AudioSeal, is the first that can pinpoint which bits of audio in, for example, a full hourlong podcast might have been generated by AI. It could help to tackle the growing problem of misinformation and scams using voice cloning tools, says Hady Elsahar, a research scientist at Meta. Malicious actors have used generative AI to create audio deepfakes of President Joe Biden, and scammers have used deepfakes to blackmail their victims. Watermarks could in theory help social media companies detect and remove unwanted content. However, there are some big caveats. Meta says it has no plans yet to apply the watermarks to AI-generated audio created using its tools. Audio watermarks are not yet adopted widely, and there is no single agreed industry standard for them. And watermarks for AI-generated content tend to be easy to tamper with -- for example, by removing or forging them.

Fast detection, and the ability to pinpoint which elements of an audio file are AI-generated, will be critical to making the system useful, says Elsahar. He says the team achieved between 90% and 100% accuracy in detecting the watermarks, much better results than in previous attempts at watermarking audio. AudioSeal is available on GitHub for free. Anyone can download it and use it to add watermarks to AI-generated audio clips. It could eventually be overlaid on top of AI audio generation models, so that it is automatically applied to any speech generated using them. The researchers who created it will present their work at the International Conference on Machine Learning in Vienna, Austria, in July.

The Information: Apple has told at least one supplier that it has suspended work on its next high-end Vision headset, an employee at a manufacturer that makes key components for the Vision Pro said. The pullback comes as analysts and supply chain partners have flagged slowing sales of the $3,500 device. The company is still working on releasing a more affordable Vision product with fewer features before the end of 2025, the person involved in its supply chain and a person involved in the manufacturing of the headsets said.

Apple originally planned to divide its Vision line into two models, similar to the standard and Pro versions of the iPhone, according to people involved in its supply chain and former Apple employees who worked on the devices. Apple's decision to halt work on the next version of its high-end headset is the latest example of the company reshuffling priorities. Apple has ramped up work on AI-powered features while paring back money-losing projects like its self-driving car, which it canceled earlier this year after spending nearly a decade on development. Augmented reality is one of Apple's biggest bets. The company aims to eventually replace the iPhone with lightweight glasses, and the Vision Pro is the first step in building consumer and developer interest in that effort.

Long-time Slashdot reader theodp shared this warning from a long-time AI researcher arguing that data science "is due" for a reckoning over whether results can be reproduced. "Few technological revolutions came with such a low barrier of entry as Machine Learning..." Unlike Machine Learning, Data Science is not an academic discipline, with its own set of algorithms and methods... There is an immense diversity, but also disparities in skill, expertise, and knowledge among Data Scientists... In practice, depending on their backgrounds, data scientists may have large knowledge gaps in computer science, software engineering, theory of computation, and even statistics in the context of machine learning, despite those topics being fundamental to any ML project. But it's ok, because you can just call the API, and Python is easy to learn. Right...?

Building products using Machine Learning and data is still difficult. The tooling infrastructure is still very immature and the non-standard combination of data and software creates unforeseen challenges for engineering teams. But in my views, a lot of the failures come from this explosive cocktail of ritualistic Machine Learning:

- Weak software engineering knowledge and practices compounded by the tools themselves;
- Knowledge gap in mathematical, statistical, and computational methods, encouraged black boxing API;
- Ill-defined range of competence for the role of data scientist, reinforced by a pool of candidates with an unusually wide range of backgrounds;
- A tendency to follow the hype rather than the science.


- What can you do?

- Hold your data scientists accountable using Science.
- At a minimum, any AI/ML project should include an Exploratory Data Analysis, whose results directly support the design choices for feature engineering and model selection.
- Data scientists should be encouraged to think outside-of-the box of ML, which is a very small box - Data scientists should be trained to use eXplainable AI methods to provide context about the algorithm's performance beyond the traditional performance metrics like accuracy, FPR, or FNR.
- Data scientists should be held at similar standards than other software engineering specialties, with code review, code documentation, and architectural designs.
The article concludes, "Until such practices are established as the norm, I'll remain skeptical of Data Science."

"SpaceX has received FCC clearance to operate a mysterious 'wireless module' device," PC Magazine reported earlier this week, speculating that the device "might be a new Starlink router." On Tuesday, the FCC issued an equipment authorization for the device, which uses the 2.4GHz and 5GHz Wi-Fi radio bands. A document in SpaceX's filing also says it features antennas along with Wi-Fi chips apparently from MediaTek. Another document calls the device by the codename "UTW-231," and defines it as a "wireless router" supporting IEEE 802.11b/g/n/ax for Wi-Fi 6 speeds up to 1,300Mbps. But perhaps the most interesting part is an image SpaceX attached, which suggests the router is relatively small and can fit in a person's open hand.... SpaceX CEO Elon Musk has said the "Starlink mini" dish is slated to arrive later this year and that it's small enough to fit in a backpack...

On Wednesday, PCMag also spotted the official Starlink.com site referencing the name "Mini" in a specification page for the satellite internet system.
Today saw some interesting speculation on the unoffical "Starlink Hardware" blog (written by Noah Clarke, who has a degree in electronics). Clarke guesses the product "will be aimed at portable use cases, such as camping, RV's, vans, hiking... designed to be easy to store, transport, and deploy". But he also notes Starlink updated their app today, with a new shopping page showing what he believes the upcoming product will look like. ("Very similar to the Standard dish, just smaller. It has a similar shape, and even a kickstand.") If you go into developer mode and play around with the Mini network settings, you notice something interesting. There is no separate router. Devices are connected to the dish itself... I'm guessing that, in order to make the Mini as portable as possible, Starlink decided it was best to simplify the system and limit the number of components.

There are more Wifi details that have been revealed, and that is mesh compatibility. For those of you that might be interested in using the Mini at home, or for larger events where you need additional Wifi coverage, the Mini's built-in router will be compatible with Starlink mesh. You'll be able to wirelessly pair another Starlink router to the Mini.

ZDNet published a new article this week with their own tips for new Linux users. It begins by arguing that switching to the Linux desktop "is easier than you think" and "you'll find help everywhere". (And also that "You won't want for apps.") That doesn't mean it has everything. For example, there is no version of Adobe Photoshop. There is GIMP (which is just as powerful as Photoshop) but for those of you accustomed to Adobe's de facto standard, you're out of luck. The worst-case scenario is you have to learn a new piece of software to meet your graphic needs. At the same time, you might have to turn to proprietary software. For open-source purists, that's a no-go. But for those who just need to get things done, you'll find a mixture of open-source and proprietary software will give you everything you need to be productive and entertained.
Their article also recommends new users should "weed out Arch-based distributions," while warning that "Linux is more secure, but..." The truth is, any time you have a computer connected to a network, it's vulnerable and it doesn't matter what operating system you use. To that end, it's crucial that you keep your operating system (and the installed applications) up to date. Fortunately, most Linux operating systems make this very easy...

You're probably used to the slow trickle of updates and improvements found in the likes of Windows or MacOS. On Linux, you can count on that process being considerably faster. This is especially important with updates. When a vulnerability is found in an application that affects Linux, it is fixed far faster than it would be on competing platforms. The reason for this is that most Linux software is created and maintained by developers who don't have to answer to boards or committees or have a painfully slow bug resolution process. It might be announced that a vulnerability has been discovered in an application and the fix is officially released the next day. I've seen that very thing happen more times than I can count.

But it's not just about vulnerabilities. Developers add new features to software all the time and even listen to users. You could contact a developer of an open-source application with an idea and find it implemented in the next update. Linux is always evolving and it does so much faster than other operating systems.
And there's one final caveat. "Not all hardware will work (but most will)." I'll say this (and I stand by it): Ubuntu Linux probably has the best hardware detection and support of any operating system on the market. But that doesn't mean it works with everything. Certain peripherals you own could have trouble working with Linux. Two of the more problematic pieces of hardware are scanners and wireless chips. When I find a piece of hardware that isn't supported, here's one thing I've often done: I try a different Linux distribution... (Fedora often ships with a newer kernel than Ubuntu Linux, and therefore supports more modern hardware.)

Keep in mind that most Linux distributions are offered as Live images, which means you can test-drive them without making any changes to your hard drive. This is a great way to tell if a distribution will support all the hardware you need to use.
Agree? Disagree? Share your reactions in the comments...

And what advice would you give to a first-time Linux user?

The New York Times magazine remembers that once upon a time, in the early 1990s, "some prominent researchers were promoting, and the media helped popularize, the idea that moderate drinking...was linked to greater longevity.

"The cause of that association was not clear, but red wine, researchers theorized, might have anti-inflammatory properties that extended life and protected cardiovascular health..." More recently, though, research has piled up debunking the idea that moderate drinking is good for you. Last year, a major meta-analysis that re-examined 107 studies over 40 years came to the conclusion that no amount of alcohol improves health; and in 2022, a well-designed study found that consuming even a small amount brought some risk to heart health. That same year, Nature published research stating that consuming as little as one or two drinks a day (even less for women) was associated with shrinkage in the brain — a phenomenon normally associated with aging...

[M]ore people are now reporting that they consume cannabis than alcohol on a daily basis. Some governments are responding to the new research by overhauling their messaging. Last year, Ireland became the first country to pass legislation requiring a cancer warning on all alcohol products sold there, similar to those found on cigarettes: "There is a direct link between alcohol and fatal cancers," the language will read. And in Canada, the government has revised its alcohol guidelines, announcing: "We now know that even a small amount of alcohol can be damaging to health." The guidelines characterize one to two drinks a week as carrying "low risk" and three to six drinks as carrying "moderate risk." (Previously the guidelines suggested that women limit themselves to no more than two standard drinks most days, and that men place that limit at three.)

Friday the Python Software Foundation published several blog posts about this year's "Python Language Summit" May 15th (before PyCon US), which featured talks and discussions by core developers, triagers, and Python implementation maintainers.

There were several lightning talks. One talk came from the maintainer of the PyO3 project, offering Rust bindings for the Python C API (which requires mapping Rust concepts to Python — leaving a question as to how to map Rust's error-handling panic! macro). There was a talk on formalizing the PEP prototype process, and a talk on whether the Python team should have a more official presence in the Apple App Store (and maybe the Google Play Store). One talk suggested changing the formatting of error messages for assert statements, and one covered a "highly experimental" project to support structured data sharing between Python subinterpreters. One talk covered Python's "unsupported build" warning and how it should behave on platforms beyond Python's officially supported list.

Python Foundation blog posts also covered some of the longer talks, including one on the idea of using type annotations as a mechanism for transformers. One talk covered the new interactive REPL interpreter coming to Python 3.13.

And one talk focused on Python's security model after the xz-utils backdoor: Pablo Galindo Salgado, Steering Council member and the release manager for Python 3.10 and 3.11, brought this topic to the Language Summit to discuss what could be done to improve Python's security model... Pablo noted the similarities shared between CPython and xz-utils, referencing the previous Language Summit's talk on core developer burnout, the number of modules in the standard library that have one or zero maintainers, the high ratio of maintainers to source code, and the use of autotools for configuration. Autotools was used by [xz's] Jia Tan as part of the backdoor, specifically to obscure the changes to tainted release artifacts. Pablo confirmed along with many nods of agreement that indeed, CPython could be vulnerable to a contributor or core developer getting secretly malicious changes merged into the project.

For multiple reasons like being able to fix bugs and single-maintainer modules, CPython doesn't require reviewers on the pull requests of core developers. This can lead to "unilateral action", meaning that a change is introduced into CPython without the review of someone besides the author. Other situations like release managers backporting fixes to other branches without review are common.
Much discussion ensued about the possibility of altering workflows (including pull request reviews), identity verification, and the importance of post-incident action plans. Guido van Rossum suggested a "higher bar" for granting write access, but in the end "Overall it was clear there is more discussion and work to be done in this rapidly changing area."

In another talk, Hugo van Kemenade, the newly announced Release Manager for Python 3.14 and 3.15, "started the Language Summit with a proposal to change Python's versioning scheme. The perception of Python using semantic versioning is a source of confusion for users who don't expect backwards incompatible changes when upgrading to new versions of Python. In reality almost all new feature releases of Python include backwards incompatible changes such as the removal of "dead batteries" where PEP 594 marked 19 modules for removal in Python 3.13. Calendar Versioning (CalVer) encompasses a wide array of different versioning schemes that have one property in common: using the release date as part of a release's version... Hugo offered multiple proposed versioning schemes, including:

- Using the release year as minor version (3.YY.micro, "3.26.0")
- Using the release year as major version (YY.0.micro, "26.0.0")
- Using the release year and month as major and minor version (YY.MM.micro, "26.10.0")

[...] Overall the proposal to use the current year as the minor version was well-received, Hugo mentioned that he'd be drafting up a PEP for this change.

Steven Vaughan-Nichols reports via ZDNet: While Linux and open-source software (OSS) are no longer constantly under intellectual property (IP) attacks, the Open Invention Network (OIN) patent consortium still stands guard over its patents. Now, OIN, the largest patent non-aggression community, has expanded its protection once again by updating its Linux System definition. Covering more than just Linux, the Linux System definition also protects adjacent open-source technologies. In the past, protection was expanded to Android, Kubernetes, and OpenStack. The OIN accomplishes this by providing a shared defensive patent pool of over 3 million patents from over 3,900 community members. OIN members include Amazon, Google, Microsoft, and essentially all Linux-based companies.

This latest update extends OIN's existing patent risk mitigation efforts to cloud-native computing and enterprise software. In the cloud computing realm, OIN has added patent coverage for projects such as Istio, Falco, Argo, Grafana, and Spire. For enterprise computing, packages such as Apache Atlas and Apache Solr -- used for data management and search at scale, respectively -- are now protected. The update also enhances patent protection for the Internet of Things (IoT), networking, and automotive technologies. OpenThread and packages such as agl-compositor and kukusa.val have been added to the Linux System definition. In the embedded systems space, OIN has supplemented its coverage of technologies like OpenEmbedded by adding the OpenAMP and Matter, the home IoT standard. OIN has included open hardware development tools such as Edalize, cocotb, Amaranth, and Migen, building upon its existing coverage of hardware design tools like Verilator and FuseSoc.

Keith Bergelt, OIN's CEO, emphasized the importance of this update, stating, "Linux and other open-source software projects continue to accelerate the pace of innovation across a growing number of industries. By design, periodic expansion of OIN's Linux System definition enables OIN to keep pace with OSS's growth." [...] Looking ahead, Bergelt said, "We made this conscious decision not to include AI. It's so dynamic. We wait until we see what AI programs have significant usage and adoption levels." This is how the OIN has always worked. The consortium takes its time to ensure it extends its protection to projects that will be around for the long haul. The OIN practices patent non-aggression in core Linux and adjacent open-source technologies by cross-licensing their Linux System patents to one another on a royalty-free basis. When OIN signees are attacked because of their patents, the OIN can spring into action.

Roku TV owners are complaining that motion smoothing is "suddenly enabled on their TVs with no way to turn it off," reports The Verge. From the report: Contributors on Reddit and in Roku's community forum reported seeing the change on TCL TVs running on Roku OS 13, as did a few staffers on The Verge. However, for others who have access to "Expert" picture settings, the same update is in place without a change, and the settings to control it are still available. For some people experiencing the problem, they said this is the first time their TV offered Roku's motion smoothing feature at all and that there's nowhere in any menu (either the standard settings or the picture settings available while watching TV) to turn it off. The update notes for Roku OS 13 mention a new "Roku Smart Picture" feature that will optimize based on the content being watched, so there may be a bug there. However, people in older threads have reported similar issues with some Roku devices before.

A Roku community moderator responded on the forum that the team is looking into the incident. Roku also offered its typical instructions for disabling the settings, which involves clicking the Star button on the remote during playback and heading to the Action Smoothing submenu under Advanced Picture Settings. [...] Naturally, a lot of people who work in film and television aren't a fan. Star Wars: The Last Jedi director Rian Johnson once went so far as to say it makes "movies look like liquid diarrhea."

An anonymous reader quotes a report from the New York Times: Chemical and manufacturing groups sued the federal government late Monday (Warning: source paywalled; alternative source) over a landmark drinking-water standard that would require cleanup of so-called forever chemicals linked to cancer and other health risks. The industry groups said that the government was exceeding its authority under the Safe Drinking Water Act by requiring that municipal water systems all but remove six synthetic chemicals, known by the acronym PFAS, that are present in the tap water of hundreds of millions of Americans. The Environmental Protection Agency has said that the new standard, put in place in April, will prevent thousands of deaths and reduce tens of thousands of serious illnesses. The E.P.A.'s cleanup standard was also expected to prompt a wave of litigation against chemical manufacturers by water utilities nationwide trying to recoup their cleanup costs. Utilities have also challenged the stringent new standard, questioning the underlying science and citing the cost of filtering the toxic chemicals out of drinking water.

In a joint filing late Monday, the American Chemistry Council and National Association of Manufacturers said the E.P.A. rule was "arbitrary, capricious and an abuse of discretion." The petition was filed in the Court of Appeals for the District of Columbia. In a separate petition, the American Water Works Association and the Association of Metropolitan Water Agencies said the E.P.A. had "significantly underestimated the costs" of the rule. Taxpayers could ultimately foot the bill in the form of increased water rates, they said. PFAS, a vast class of chemicals also called per- and polyfluoroalkyl substances, are widespread in the environment. They are commonly found in people's blood, and a 2023 government study of private wells and public water systems detected PFAS chemicals in nearly half the tap water in the country. Exposure to PFAS has been associated with developmental delays in children, decreased fertility in women and increased risk of some cancers, according to the E.P.A. [...] The E.P.A. estimates that it would cost water utilities about $1.5 billion annually to comply with the rule, though utilities have said the costs could be twice that amount. Further reading: Lawyers To Plastic Makers: Prepare For 'Astronomical' PFAS Lawsuits

Morgan Stanley, in a note -- seen by Slashdot -- sent to its clients on Wednesday: From our continuing discussions with automotive management teams and industry experts, the car is an extension of the phone. The phone is an extension of the car. The lines between car and phone are truly blurring.

For years, we have been writing about the potential for Tesla to expand into edge compute domains beyond the car, including last October where we described a mobile AI assistant as a 'heavy key.' Following Apple's WWDC, Tesla CEO Elon Musk re-ignited the topic by saying that making such a device is 'not out of the question.' As Mr. Musk continues to invest further into his own LLM/genAI efforts, such as 'Grok,' the potential strategic and userexperience overlap becomes more obvious.

From an automotive perspective, the topic of supercomputing at both the datacenter level and at the edge are highly relevant given the incremental global unit sold is a car that can perform OTA updates of firmware, has a battery with a stored energy equivalent of approx. 2,000 iPhones, and a liquid cooled inference supercomputer as standard kit. What if your phone could tap into your vehicle's compute power and battery supply to run AI applications?

Edge compute and AI have brought to light some of the challenges (battery life, thermal, latency, etc.) of marrying today's smartphones with ever more powerful AI-driven applications. Numerous media reports have discussed OpenAI potentially developing a consumer device specifically designed for AI.

The phone as a (heavy) car key? Any Tesla owner will tell you how they use their smartphone as their primary key to unlock their car as well as running other remote applications while they interact with their vehicles. The 'action button' on the iPhone 15 potentially takes this to a different level of convenience.

Apple has announced that its Messages app will support RCS in iOS 18. From a report: The new standard will replace SMS as the default communication protocol between Android and iOS devices. The move comes after years of taunting, cajoling, and finally, some regulatory scrutiny from the EU. Right now, when people on iOS and Android message each other, the service falls back to SMS -- photos and videos are sent at a lower quality, messages are shortened, and importantly, conversations are not end-to-end encrypted like they are in iMessage. Messages from Android phones show up as green bubbles in iMessage chats and chaos ensues.

Nokia CEO Pekka Lundmark made the world's first phone call using "immersive audio and video" technology, which improves call quality with "three-dimensional" sound. The technology, part of the upcoming 5G Advanced standard, makes interactions more lifelike and is the biggest leap forward in voice calling since monophonic telephony. Nokia aims to license the technology, but widespread availability may take a few years.

Michael Geist Pig Hogger (Slashdot reader #10,379) reminds us that in Canadian law, "fair use" is called "fair dealing" — and that Canadian digital media users just enjoyed a huge win. Canadian user rights champion Michael Geist writes: The Federal Court has issued a landmark decision on copyright's anti-circumvention rules which concludes that digital locks should not trump fair dealing. Rather, the two must co-exist in harmony, leading to an interpretation that users can still rely on fair dealing even in cases involving those digital locks.

The decision could have enormous implications for libraries, education, and users more broadly as it seeks to restore the copyright balance in the digital world. The decision also importantly concludes that merely requiring a password does not meet the standard needed to qualify for copyright rules involving technological protection measures.
Canada's 2012 "Copyright Modernization Act" protected anti-copying technology from circumvention, Geist writes — and Blacklock's Reports had then "argued that allowing anyone other than original subscriber to access articles constituted copyright infringement." The court found that the Blacklock's legal language associated with its licensing was confusing and that fair dealing applied here as well...

Blacklock's position on this issue was straightforward: it argued that its content was protected by a password, that passwords constituted a form of technological protection measure, and that fair dealing does not apply in the context of circumvention. In other words, it argued that the act of circumvention (in this case of a password) was itself infringing and it could not be saved by fair dealing. The Federal Court disagreed on all points...

For years, many have argued for a specific exception to clarify that circumvention was permitted for fair dealing purposes, essentially making the case that users should not lose their fair dealing rights the moment a rights holder places a digital lock on their work. The Federal Court has concluded that the fair dealing rights have remained there all along and that the Copyright Act's anti-circumvention rules must be interpreted in a manner consistent with those rights.
"The case could still be appealed, but for now the court has restored a critical aspect of the copyright balance after more than a decade of uncertainty and concern."

Slashdot reader storagedude shared this report from The Cyber Express: A security researcher discovered an exploitable timing leak in the Kyber key encapsulation mechanism (KEM) that's in the process of being adopted by NIST as a post-quantum cryptographic standard. Antoon Purnal of PQShield detailed his findings in a blog post and on social media, and noted that the problem has been fixed with the help of the Kyber team. The issue was found in the reference implementation of the Module-Lattice-Based Key-Encapsulation Mechanism (ML-KEM) that's in the process of being adopted as a NIST post-quantum key encapsulation standard. "A key part of implementation security is resistance against side-channel attacks, which exploit the physical side-effects of cryptographic computations to infer sensitive information," Purnal wrote.

To secure against side-channel attacks, cryptographic algorithms must be implemented in a way so that "no attacker-observable effect of their execution depends on the secrets they process," he wrote. In the ML-KEM reference implementation, "we're concerned with a particular side channel that's observable in almost all cryptographic deployment scenarios: time." The vulnerability can occur when a compiler optimizes the code, in the process silently undoing "measures taken by the skilled implementer." In Purnal's analysis, the Clang compiler was found to emit a vulnerable secret-dependent branch in the poly_frommsg function of the ML-KEM reference code needed in both key encapsulation and decapsulation, corresponding to the expand_secure implementation.
While the reference implementation was patched, "It's important to note that this does not rule out the possibility that other libraries, which are based on the reference implementation but do not use the poly_frommsg function verbatim, may be vulnerable — either now or in the future," Purnal wrote.

Purnal also published a proof-of-concept demo on GitHub. "On an Intel Core i7-13700H, it takes between 5-10 minutes to leak the entire ML-KEM 512 secret key using end-to-end decapsulation timing measurements."

Reuters reports: A special uranium fuel planned for next-generation U.S. nuclear reactors poses security risks because it could be used without further enrichment as fissile material in nuclear weapons, scientists said in an article published on Thursday. The fuel, called high-assay low-enriched uranium, or HALEU, is enriched to levels of up to 20%, compared with about 5% for the fuel that powers most existing reactors.

Until recently it was made in commercial amounts only in Russia, but the United States wants to produce it to fuel a new wave of reactors... "This material is directly usable for making nuclear weapons without any further enrichment or reprocessing," said Scott Kemp, one of five authors of the peer-reviewed article in the journal Science. "In other words, the new reactors pose an unprecedented nuclear-security risk," said Kemp, a professor at the Massachusetts Institute of Technology and a former science adviser on arms control at the State Department. A bomb similar in power to the one the U.S. dropped on Hiroshima, Japan in 1945 could be made from 2,200 pounds (1,000 kg) or less of 19.75% enriched HALEU, the article said. "Designing such a weapon would not be without its challenges, but there do not appear to be any convincing reasons why it could not be done," it said.

The authors said if enrichment is limited to 10% to 12%, the supply chain would be far safer with only modest costs...

TerraPower, a company backed by Bill Gates that has received funding from the [U.S.] Energy Department, hopes to build its Natrium nuclear plant in Wyoming by 2030 to run on HALEU. TerraPower in late 2022 delayed Natrium's launch date by at least two years to 2030 due to a lack of HALEU. A TerraPower spokesperson said Natrium will use HALEU as it allows more efficient energy production and reduces nuclear waste volumes. "TerraPower has made reduction of weapons risks a foundational principle" the spokesperson said, adding that its fuel cycle eliminates the risk of proliferation.
Reuters notes that America's 2022 climate legislation "included $700 million for a HALEU availability program including purchasing the fuel to create a supply chain for planned high-tech reactors."

But the study's authors argue that if it becomes a standard reactor fuel, it could eliminate the distinction between peaceful and nonpeaceful nuclear programs — in countries around the world.

Thanks to Slashdot reader locater16 for sharing the article.