A hacker claims to have breached a scam call center, stolen the source code for the company's tools, and emailed the company's scam victims, according to multiple screenshots and files provided by the hacker to 404 Media. From the report: The hack is the latest in a long series of vigilante actions in which hackers take matters into their own hands and breach or otherwise disrupt scam centers. A massively popular YouTube community, with creators mocking their targets, also exists around the practice.

"Hello, everyone! If you are seeing this email then you have been targeted by a fake antivirus company known as 'Waredot,'" the hacker wrote in their alleged email to customers, referring to the scam call center. The email goes on to suggest that customers issue a chargeback "as this trash software isn't worth anywhere NEAR $300-$400 per month, and these trash idiots don't deserve your money!"

Long-time Slashdot reader SonicSpike shared this report from Ars Technica: The United States Marine Forces Special Operations Command (MARSOC) is currently evaluating a new generation of robotic "dogs" developed by Ghost Robotics, with the potential to be equipped with gun systems from defense tech company Onyx Industries, reports The War Zone.

While MARSOC is testing Ghost Robotics' quadrupedal unmanned ground vehicles (called "Q-UGVs" for short) for various applications, including reconnaissance and surveillance, it's the possibility of arming them with weapons for remote engagement that may draw the most attention. But it's not unprecedented: The US Marine Corps has also tested robotic dogs armed with rocket launchers in the past.

MARSOC is currently in possession of two armed Q-UGVs undergoing testing, as confirmed by Onyx Industries staff, and their gun systems are based on Onyx's SENTRY remote weapon system (RWS), which features an AI-enabled digital imaging system and can automatically detect and track people, drones, or vehicles, reporting potential targets to a remote human operator that could be located anywhere in the world. The system maintains a human-in-the-loop control for fire decisions, and it cannot decide to fire autonomously. On LinkedIn, Onyx Industries shared a video of a similar system in action.

In a statement to The War Zone, MARSOC states that weaponized payloads are just one of many use cases being evaluated. MARSOC also clarifies that comments made by Onyx Industries to The War Zone regarding the capabilities and deployment of these armed robot dogs "should not be construed as a capability or a singular interest in one of many use cases during an evaluation."

Russia is increasingly seeking to encourage and direct hackers to attack British and other western targets, the director of GCHQ has said in her first keynote speech as head of the British intelligence agency. From a report: Anne Keast-Butler said her agency was "increasingly concerned about growing links" between the Russian intelligence services and proxy hacker groups who have long taken advantage of a permissive environment within the country. "Before, Russia simply created the right environments for these groups to operate but now they're nurturing and inspiring these non state cyber actors," she said in a speech to the Cyber UK conference, in what she described as a "globally pervasive" threat.

The spy chief, appointed last year to be the first woman to hold the role, referenced the threat from ransomware -- "the most acute and pervasive cyber threat" -- where cybercriminals, typically from Russia, take control of a company's data and systems and demand significant sums to regain access. GCHQ was "doing everything we can" to counter ransomware actors, Keast-Butler said, degrade their ability to attack systems across government and business and to "produce intelligence that means those involved in ransomware are held to account." There is "no hiding place" for cybercriminals she added.

Microsoft's ambitious goal to be carbon negative by 2030 is threatened by its expanding AI operations, which have increased its carbon footprint by 30% since 2020. To meet its targets, Microsoft must quickly adopt green technologies and improve efficiency in its data centers, which are critical for AI but heavily reliant on carbon-intensive resources. Bloomberg reports: Now to meet its goals, the software giant will have to make serious progress very quickly in gaining access to green steel and concrete and less carbon-intensive chips, said Brad Smith, president of Microsoft, in an exclusive interview with Bloomberg Green. "In 2020, we unveiled what we called our carbon moonshot. That was before the explosion in artificial intelligence," he said. "So in many ways the moon is five times as far away as it was in 2020, if you just think of our own forecast for the expansion of AI and its electrical needs." [...]

Despite AI's ravenous energy consumption, this actually contributes little to Microsoft's hike in emissions -- at least on paper. That's because the company says in its sustainability report that it's 100% powered by renewables. Companies use a range of mechanisms to make such claims, which vary widely in terms of credibility. Some firms enter into long-term power purchase agreements (PPAs) with renewable developers, where they shoulder some of a new energy plant's risk and help get new solar and wind farms online. In other cases, companies buy renewable energy credits (RECs) to claim they're using green power, but these inexpensive credits do little to spur new demand for green energy, researchers have consistently found. Microsoft uses a mix of both approaches. On one hand, it's one of the biggest corporate participants in power purchase agreements, according to BloombergNEF, which tracks these deals. But it's also a huge purchaser of RECs, using these instruments to claim about half of its energy use is clean, according to its environmental filings in 2022. By using a large quantity of RECs, Microsoft is essentially masking an even larger growth in emissions. "It is Microsoft's plan to phase out the use of unbundled RECs in future years," a spokesperson for the company said. "We are focused on PPAs as a primary strategy."

So what else can be done? Smith, along with Microsoft's Chief Sustainability Officer Melanie Nakagawa, has laid out clear steps in the sustainability report. High among them is to increase efficiency, which is to use the same amount of energy or computing to do more work. That could help reduce the need for data centers, which will reduce emissions and electricity use. On most things, "our climate goals require that we spend money," said Smith. "But efficiency gains will actually enable us to save money." Microsoft has also been at the forefront of buying sustainable aviation fuels that has helped reduce some of its emissions from business travel. The company also wants to partner with those who will "accelerate breakthroughs" to make greener steel, concrete and fuels. Those technologies are starting to work at a small scale, but remain far from being available in commercial quantities even if expensive. Cheap renewable power has helped make Microsoft's climate journey easier. But the tech giant's electricity consumption last year rivaled that of a small European country -- beating Slovenia easily. Smith said that one of the biggest bottlenecks for it to keep getting access to green power is the lack of transmission lines from where the power is generated to the data centers. That's why Microsoft says it's going to increase lobbying efforts to get governments to speed up building the grid. If Microsoft's emissions remain high going into 2030, Smith said the company may consider bulk purchases of carbon removal credits, even though it's not "the desired course."

"You've got to be willing to invest and pay for it," said Smith. Climate change is "a problem that humanity created and that humanity can solve."

At its I/O developer conference today, Google announced Veo, its latest generative AI video model, that "can generate 'high-quality' 1080p resolution videos over a minute in length in a wide variety of visual and cinematic styles," reports The Verge. From the report: Veo has "an advanced understanding of natural language," according to Google's press release, enabling the model to understand cinematic terms like "timelapse" or "aerial shots of a landscape." Users can direct their desired output using text, image, or video-based prompts, and Google says the resulting videos are "more consistent and coherent," depicting more realistic movement for people, animals, and objects throughout shots. Google DeepMind CEO Demis Hassabis said in a press preview on Monday that video results can be refined using additional prompts and that Google is exploring additional features to enable Veo to produce storyboards and longer scenes.

As is the case with many of these AI model previews, most folks hoping to try Veo out themselves will likely have to wait a while. Google says it's inviting select filmmakers and creators to experiment with the model to determine how it can best support creatives and will build on these collaborations to ensure "creators have a voice" in how Google's AI technologies are developed. Some Veo features will also be made available to "select creators in the coming weeks" in a private preview inside VideoFX -- you can sign up for the waitlist here for an early chance to try it out. Otherwise, Google is also planning to add some of its capabilities to YouTube Shorts "in the future." Along with its new AI models and tools, Google said it's expanding its AI content watermarking and detection technology. The company's new upgraded SynthID watermark imprinting system "can now mark video that was digitally generated, as well as AI-generated text," reports The Verge in a separate report.

Reddit reported its first results since going public in late March. Yahoo Finance reports: Daily active users increased 37% year over year to 82.7 million. Weekly active unique users rose 40% from the prior year. Total revenue improved 48% to $243 million, nearly doubling the growth rate from the prior quarter, due to strength in advertising. The company delivered adjusted operating profits of $10 million, versus a $50.2 million loss a year ago. [Reddit CEO Steve] Huffman declined to say when the company would be profitable on a net income basis, noting it's a focus for the management team. Other areas of focus include rolling out a new user interface this year, introducing shopping capabilities, and searching for another artificial intelligence content licensing deal like the one with Google.
Bloomberg notes that already Reddit "has signed licensing agreements worth $203 million in total, with terms ranging from two to three years. The company generated about $20 million from AI content deals last quarter, and expects to bring in more than $60 million by the end of the year."

And elsewhere Bloomberg writes that Reddit "plans to expand its revenue streams outside of advertising into what Huffman calls the 'user economy' — users making money from others on the platform... " In the coming months Reddit plans to launch new versions of awards, which are digital gifts users can give to each other, along with other products... Reddit also plans to continue striking data licensing deals with artificial intelligence companies, expanding into international markets and evaluating potential acquisition targets in areas such as search, he said.
Meanwhile, ZDNet notes that this week a Reddit announcement "introduced a new public content policy that lays out a framework for how partners and third parties can access user-posted content on its site." The post explains that more and more companies are using unsavory means to access user data in bulk, including Reddit posts. Once a company gets this data, there's no limit to what it can do with it. Reddit will continue to block "bad actors" that use unauthorized methods to get data, the company says, but it's taking additional steps to keep users safe from the site's partners.... Reddit still supports using its data for research: It's creating a new subreddit — r/reddit4researchers — to support these initiatives, and partnering with OpenMined to help improve research. Private data is, however, going to stay private.

If a company wants to use Reddit data for commercial purposes, including advertising or training AI, it will have to pay. Reddit made this clear by saying, "If you're interested in using Reddit data to power, augment, or enhance your product or service for any commercial purposes, we require a contract." To be clear, Reddit is still selling users' data — it's just making sure that unscrupulous actors have a tougher time accessing that data for free and researchers have an easier time finding what they need.
And finally, there's some court action, according to the Register. Reddit "was sued by an unhappy advertiser who claims that internet giga-forum sold ads but provided no way to verify that real people were responsible for clicking on them." The complaint [PDF] was filed this week in a U.S. federal court in northern California on behalf of LevelFields, a Virginia-based investment research platform that relies on AI. It says the biz booked pay-per-click ads on the discussion site starting September 2022... That arrangement called for Reddit to use reasonable means to ensure that LevelField's ads were delivered to and clicked on by actual people rather than bots and the like. But according to the complaint, Reddit broke that contract...

LevelFields argues that Reddit is in a particularly good position to track click fraud because it's serving ads on its own site, as opposed to third-party properties where it may have less visibility into network traffic... Nonetheless, LevelFields's effort to obtain IP address data to verify the ads it was billed for went unfulfilled. The social media site "provided click logs without IP addresses," the complaint says. "Reddit represented that it was not able to provide IP addresses."
"The plaintiffs aspire to have their claim certified as a class action," the article adds — along with an interesting statistic.

"According to Juniper Research, 22 percent of ad spending last year was lost to click fraud, amounting to $84 billion."

"With all the improvements in car safety over the decades, the recent addition of a plethora of high tech sensors and warnings comes with increased costs," writes longtime Slashdot reader smooth wombat. "And not just to have to have them on your car. Any time you get into an accident, even a minor one, it will most likely require a detailed examination of any sensors which may have been affected and their subsequent realignment, replacement, and calibration." CNN reports: Some vehicles require "dynamic calibration," which means, once the sensors and cameras are back in place, a driver needs to take the vehicle out on real roads for testing. With proper equipment attached the car can, essentially, recalibrate itself as it watches lane lines and other markers. It requires the car to be driven for a set distance at a certain speed but weather and traffic can create problems. "If you're in Chicago or L.A., good luck getting to that speed," said [Hami Ebrahimi, chief commercial officer at Caliber] "or if you're in Seattle or Chicago or New York, with snow, good luck picking up all the road markings."

More commonly, vehicles need "static calibration," which can be done using machinery inside a closed workshop with a flat, level floor. Special targets are set up around the vehicle at set distances according to instructions from the vehicle manufacturer. "The car [views] those targets at those specific distances to recalibrate the world into the car's computer," Ebrahimi said. These kinds of repairs also demand buildings with open space that meet requirements including specific colors and lighting. And it requires special training for employees to perform these sorts of recalibrations, he said

"The change that we've seen in the last five years is greater than we've seen, probably, in the last five decades," said Todd Dillender, chief operating officer of Caliber Collision, one of the biggest auto body repair companies in the United States with more than 1,700 locations across 41 states. [...] With a rapidly changing industry, qualified auto body repair technicians are in short supply, just as they are in the engine repair business. That's also led to upward pressure on pay in the industry as technicians have to be highly qualified and educated, Dillender said. That's good for people who work in the industry, of course, but tougher for those who pay, and for the insurance companies who, in turn, pay for the repairs. A new study from consumer automotive group AAA says the cost to fix sensors and cameras in new vehicles "now accounts for more than a third of the post-crash repair costs," reports CNN. However, "no one, including AAA, recommends not getting these features because of repair costs," since many of them can cut crash rates in half and improve a car's overall safety.

"They're not going to prevent everything," said Greg Brannon, director of automotive engineering at AAA. "And when you are in a crash, there are additional costs so it's sort of the old 'there's no free ride' when it comes to these things."

The FBI cut its warrantless searches of American data in half in 2023, according to a government report released on Tuesday. From a report: According to the Office of the Director of National Intelligence's annual transparency report, the FBI conducted 57,094 searches of "US person" data under Section 702 of the Foreign Intelligence Surveillance Act last year -- a 52 percent decrease from 2022.

In a press briefing, a senior FBI official said that the drop was due to reforms the agency implemented in 2021 and 2022, The Record reports. Despite the drop in overall searches of Americans' data, the report also notes that the number of foreign targets whose data could be searched in the Section 702 database rose to 268,590, a 9 percent increase from the previous year. The number of "probable cause" targets also increased significantly, from 417 in 2022 to 759 in 2023. Of those, 57 percent are estimated to be "US persons," which includes US citizens and permanent residents.

Apple has poached dozens of AI experts from Google and has created a secretive European laboratory in Zurich, as the tech giant builds a team to battle rivals in developing new AI models and products. From a report: According to a Financial Times analysis of hundreds of LinkedIn profiles as well as public job postings and research papers, the $2.7tn company has undertaken a hiring spree over recent years to expand its global AI and machine learning team. The iPhone maker has particularly targeted workers from Google, attracting at least 36 specialists from its rival since it poached John Giannandrea to be its top AI executive in 2018.

While the majority of Apple's AI team work from offices in California and Seattle, the tech group has also expanded a significant outpost in Zurich. Professor Luc Van Gool from Swiss university ETH Zurich said Apple's acquisitions of two local AI start-ups -- virtual reality group FaceShift and image recognition company Fashwell -- led Apple to build a research laboratory, known as its "Vision Lab," in the city.

An anonymous reader quotes a report from BleepingComputer: A new campaign tracked as "Dev Popper" is targeting software developers with fake job interviews in an attempt to trick them into installing a Python remote access trojan (RAT). The developers are asked to perform tasks supposedly related to the interview, like downloading and running code from GitHub, in an effort to make the entire process appear legitimate. However, the threat actor's goal is make their targets download malicious software that gathers system information and enables remote access to the host. According to Securonix analysts, the campaign is likely orchestrated by North Korean threat actors based on the observed tactics. The connections are not strong enough for attribution, though. [...]

Although the perpetrators of the Dev Popper attack aren't known, the tactic of using job lures as bait to infect people with malware is still prevalent, so people should remain vigilant of the risks. The researchers note that the method "exploits the developer's professional engagement and trust in the job application process, where refusal to perform the interviewer's actions could compromise the job opportunity," which makes it very effective.

An anonymous reader quotes a report from Wired: Network security appliances like firewalls are meant to keep hackers out. Instead, digital intruders are increasingly targeting them as the weak link that lets them pillage the very systems those devices are meant to protect. In the case of one hacking campaign over recent months, Cisco is now revealing that its firewalls served as beachheads for sophisticated hackers penetrating multiple government networks around the world. On Wednesday, Cisco warned that its so-called Adaptive Security Appliances -- devices that integrate a firewall and VPN with other security features -- had been targeted by state-sponsored spies who exploited two zero-day vulnerabilities in the networking giant's gear to compromise government targets globally in a hacking campaign it's calling ArcaneDoor.

The hackers behind the intrusions, which Cisco's security division Talos is calling UAT4356 and which Microsoft researchers who contributed to the investigation have named STORM-1849, couldn't be clearly tied to any previous intrusion incidents the companies had tracked. Based on the group's espionage focus and sophistication, however, Cisco says the hacking appeared to be state-sponsored. "This actor utilized bespoke tooling that demonstrated a clear focus on espionage and an in-depth knowledge of the devices that they targeted, hallmarks of a sophisticated state-sponsored actor," a blog post from Cisco's Talos researchers reads. Cisco declined to say which country it believed to be responsible for the intrusions, but sources familiar with the investigation tell WIRED the campaign appears to be aligned with China's state interests.

Cisco says the hacking campaign began as early as November 2023, with the majority of intrusions taking place between December and early January of this year, when it learned of the first victim. "The investigation that followed identified additional victims, all of which involved government networks globally," the company's report reads. In those intrusions, the hackers exploited two newly discovered vulnerabilities in Cisco's ASA products. One, which it's calling Line Dancer, let the hackers run their own malicious code in the memory of the network appliances, allowing them to issue commands to the devices, including the ability to spy on network traffic and steal data. A second vulnerability, which Cisco is calling Line Runner, would allow the hackers' malware to maintain its access to the target devices even when they were rebooted or updated. It's not yet clear if the vulnerabilities served as the initial access points to the victim networks, or how the hackers might have otherwise gained access before exploiting the Cisco appliances. Cisco advises that customers apply its new software updates to patch both vulnerabilities.

A separate advisory (PDF) from the UK's National Cybersecurity Center notes that physically unplugging an ASA device does disrupt the hackers' access. "A hard reboot by pulling the power plug from the Cisco ASA has been confirmed to prevent Line Runner from re-installing itself," the advisory reads.

Late Friday night the U.S. Senate "reauthorized the Foreign Intelligence Surveillance Act, a key. U.S. surveillance authority," reports Axios, "shortly after it expired in the early hours Saturday morning." The president then signed the bill into law. The reauthorization came despite bipartisan concerns about Section 702, which allows the government to collect communications from non-U.S. citizens overseas without a warrant. The legislation passed the Senate 60 to 34, with 17 Democrats, Sen. Bernie Sanders (I-Vt.) and 16 Republicans voting "nay." It extends the controversial Section 702 for two more years.
The bill had already passed last week in the U.S. House of Representatives, explains CNN: Under FISA's Section 702, the government hoovers up massive amounts of internet and cell phone data on foreign targets. Hundreds of thousands of Americans' information is incidentally collected during that process and then accessed each year without a warrant — down from millions of such queries the US government ran in past years. Critics refer to these queries as "backdoor" searches...

According to one assessment, it forms the basis of most of the intelligence the president views each morning and it has helped the U.S. keep tabs on Russia's intentions in Ukraine, identify foreign efforts to access US infrastructure, uncover foreign terror networks and thwart terror attacks in the U.S.
An interesting detail from The Verge: Sens. Ron Wyden (D-OR) and Josh Hawley (R-MO) introduced an amendment that would have struck language in the House bill that expanded the definition of "electronic communications service provider." Under the House's new provision, anyone "who has access to equipment that is being or may be used to transmit or store wire or electronic communications." The expansion, Wyden has claimed, would force "ordinary Americans and small businesses to conduct secret, warrantless spying." The Wyden-Hawley amendment failed 34-58, meaning that the next iteration of the FISA surveillance program will be more expansive than before.
Saturday morning the U.S. House of Representatives passed a bill banning TikTok if its Chinese owner doesn't sell the app.

Longtime Slashdot reader SonicSpike shares a report from Reuters: Aerospace and defense company Northrop Grumman is working with SpaceX [...] on a classified spy satellite project already capturing high-resolution imagery of the Earth, according to people familiar with the program. The program, details of which were first reported by Reuters last month, is meant to enhance the U.S. government's ability to track military and intelligence targets from low-Earth orbits, providing high-resolution imagery of a kind that had traditionally been captured mostly by drones and reconnaissance aircraft. The inclusion of Northrop Grumman, which has not been previously reported, reflects a desire among government officials to avoid putting too much control of a highly-sensitive intelligence program in the hands of one contractor, four people familiar with the project told Reuters. 'It is in the government's interest to not be totally invested in one company run by one person,' one of the people said.

It's unclear whether other contractors are involved at present or could join the project as it develops. Northrop Grumman is providing sensors for some of the SpaceX satellites, the people familiar with the project told Reuters. Northrop Grumman, two of the people added, will test those satellites at its own facilities before they are launched. At least 50 of the SpaceX satellites are expected at Northrop Grumman facilities for procedures including testing and the installation of sensors in coming years, one of the people said. In March, Reuters reported that the National Reconnaissance Office, or NRO, in 2021 awarded a $1.8 billion contract to SpaceX for the classified project, a planned network of hundreds of satellites. So far, the people familiar with the project said, SpaceX has launched roughly a dozen prototypes and is already providing test imagery to the NRO, an intelligence agency that oversees development of U.S. spy satellites.

An anonymous reader quotes a report from Futurism: In a new blog post from LastPass, the password management firm used by countless personal and corporate clients to help protect their login information, the company explains that someone used AI voice-cloning tech to spoof the voice of its CEO in an attempt to trick one of its employees. As the company writes in the post, one of its employees earlier this week received several WhatsApp communications -- including calls, texts, and a voice message -- from someone claiming to be its CEO, Karim Toubba. Luckily, the LastPass worker didn't fall for it because the whole thing set off so many red flags. "As the attempted communication was outside of normal business communication channels and due to the employee's suspicion regarding the presence of many of the hallmarks of a social engineering attempt (such as forced urgency)," the post reads, "our employee rightly ignored the messages and reported the incident to our internal security team so that we could take steps to both mitigate the threat and raise awareness of the tactic both internally and externally."

While this LastPass scam attempt failed, those who follow these sorts of things may recall that the company has been subject to successful hacks before. In August 2022, as a timeline of the event compiled by the Cybersecurity Dive blog detailed, a hacker compromised a LastPass engineer's laptop and used it to steal source code and company secrets, eventually getting access to its customer database -- including encrypted passwords and unencrypted user data like email addresses. According to that timeline, the clearly-resourceful bad actor remained active in the company's servers for months, and it took more than two months for LastPass to admit that it had been breached. More than six months after the initial breach, Toubba, the CEO, provided a blow-by-blow timeline of the months-long attack and said he took "full responsibility" for the way things went down in a February 2023 blog post.

The SEC has blocked third-party messaging apps and texts from employees' work phones, "bringing its own practices closer to the standards it's enforcing for the industry," reports Bloomberg. From the report: The SEC's decision to block disappearing-messaging apps will help improve record-keeping and address potential security vulnerabilities at the agency, which saw one of its social-media accounts compromised earlier this year. It follows about $3 billion in fines imposed on financial firms to settle allegations that they failed to keep adequate records of work-related communications on mobile devices and apps such as Signal and Meta's WhatsApp.

The scrutiny prompted Wall Street to overhaul how employees communicate on business matters using mobile phones. Meanwhile, the SEC took a hard look at policies covering its own staff's communications on agency-issued phones. The agency has restricted access to third-party messaging applications, as well as SMS (short message service) and iMessage texts "to lower risk that our systems could be compromised and to enhance recordkeeping," an SEC spokeswoman said in an emailed statement. The process of blocking the apps began in September and has continued over the past several months, she added.

A crypto wallet maker claimed this week that hackers may be targeting people with an iMessage "zero-day" exploit -- but all signs point to an exaggerated threat, if not a downright scam. From a report: Trust Wallet's official X (previously Twitter) account wrote that "we have credible intel regarding a high-risk zero-day exploit targeting iMessage on the Dark Web. This can infiltrate your iPhone without clicking any link. High-value targets are likely. Each use raises detection risk." The wallet maker recommended iPhone users to turn off iMessage completely "until Apple patches this," even though no evidence shows that "this" exists at all. The tweet went viral, and has been viewed over 3.6 million times as of our publication. Because of the attention the post received, Trust Wallet hours later wrote a follow-up post. The wallet maker doubled down on its decision to go public, saying that it "actively communicates any potential threats and risks to the community."

An anonymous reader quotes a report from 9to5Mac: Following moves of other tech giants like Amazon and Microsoft, Apple is reportedly set to open a new office space in a Miami suburb. This won't be the first corporate space for Apple in the city, but it will be larger than the existing office. Reported by Bloomberg, anonymous sources close to the matter say that Apple's new Miami office will be 45,000 square feet in the affluent Coral Gables suburb of Miami. It's not clear yet what part of Apple's business the new office will focus on but it will be larger than its existing small Miami office that handles Latin America and advertising operations. The specific property of the new Apple offices will be at The Plaza Coral Gables.

Liam Proven reports via The Register: Bad news for those who want to play with OpenVMS in non-production use. Older versions are disappearing, and the terms are getting much more restrictive. The corporation behind the continued development of OpenVMS, VMS Software, Inc. -- or VSI to its friends, if it has any left after this -- has announced the latest Updates to the Community Program. The news does not look good: you can't get the Alpha and Itanium versions any more, only a limited x86-64 edition.

OpenVMS is one of the granddaddies of big serious OSes. A direct descendant of the OSes that inspired DOS, CP/M, OS/2, and Windows, as well as the native OS of the hardware on which Unix first went 32-bit, VMS has been around for nearly half a century. For decades, its various owners have offered various flavors of "hobbyist program" under which you could get licenses to install and run it for free, as long as it wasn't in production use. Since Compaq acquired DEC, then HP acquired Compaq, its prospects looked checkered. HP officially killed it off in 2013, then in 2014 granted it a reprieve and sold it off instead. New owner VSI ported it to x86-64, releasing that new version 9.2 in 2022. Around this time last year, we covered VSI adding AMD support and opening a hobbyist program of its own. It seems from the latest announcement that it has been disappointed by the reception: "Despite our initial aspirations for robust community engagement, the reality has fallen short of our expectations. The level of participation in activities such as contributing open source software, creating wiki articles, and providing assistance on forums has not matched the scale of the program. As a result, we find ourselves at a crossroads, compelled to reassess and recalibrate our approach."

Although HPE stopped offering hobbyist licenses for the original VAX versions of OpenVMS in 2020, VSI continued to maintain OpenVMS 8 (in other words, the Alpha and Itanium editions) while it worked on version 9 for x86-64. VSI even offered a Student Edition, which included a freeware Alpha emulator and a copy of OpenVMS 8.4 to run inside it. Those licenses run out in 2025, and they won't be renewed. If you have vintage DEC Alpha or HP Integrity boxes with Itanic chips, you won't be able to get a legal licensed copy of OpenVMS for them, or renew the license of any existing installations -- unless you pay, of course. There will still be a Community license edition, but from now on it's x86-64 only. Although OpenVMS 9 mainly targets hypervisors anyway, it does support bare-metal operations on a single model of HPE server, the ProLiant DL380 Gen10. If you have one of them to play with -- well, tough. Now Community users only get a VM image, supplied as a VMWare .vmdk file. It contains a ready-to-go "OpenVMS system disk with OpenVMS, compilers and development tools installed." Its license runs for a year, after which you will get a fresh copy. This means you won't be able to configure your own system and keep it alive -- you'll have to recreate it, from scratch, annually. The only alternative for those with older systems is to apply to be an OpenVMS Ambassador.

More than 200 chemical plants across the country will be required to curb the toxic pollutants they release into the air [non-paywalled link] under a regulation announced by the Biden administration on Tuesday. From a report: The regulation is aimed at reducing the risk of cancer for people living near industrial sites. This is the first time in nearly two decades that the government has tightened limits on pollution from chemical plants. The new rule, from the Environmental Protection Agency, specifically targets ethylene oxide, which is used to sterilize medical devices, and chloroprene, which is used to make rubber in footwear.

The E.P.A. has classified the two chemicals as likely carcinogens. They are considered a top health concern in an area of Louisiana so dense with petrochemical and refinery plants that it is known as Cancer Alley. Most of the facilities affected by the rule are in Texas, Louisiana and elsewhere along the Gulf Coast as well as in the Ohio River Valley and West Virginia. Communities in proximity to the plants are often disproportionately Black or Latino and have elevated rates of cancer, respiratory problems and premature deaths.

The Seattle Times has a Pulitzer Prize-winning aerospace journalist named Dominic Gates. Sunday he published an expose on "a yearslong decline of safety standards" at Boeing.

After a 1997 merger, its new executive leaders "treated experienced engineers and machinists as expendable, ignoring the potential damage to Boeing's essential mission of designing and building high-quality airplanes...." The arc of Boeing's fall can be traced back a quarter century, to when its leaders elevated the interests of shareholders above all others, said Richard Aboulafia, industry analyst with AeroDynamic Advisory. "Crush the workers. Share price. Share price. Share price. Financial moves and metrics come first," was Boeing's philosophy, he said. It was, he said, "a ruthless effort to cut costs without any realization of what it could do to capabilities...." Its leaders outsourced work, sold off whole divisions and discarded key capabilities such as developing avionics, machining parts and building fuselages. On the 787, they even outsourced the jet's wings to Japan. They moved work away from Boeing's highly skilled, unionized base in the Puget Sound region. They weakened unions and extorted state government with repeated threats to build future airplanes elsewhere. They squeezed suppliers by demanding price cuts every year that in turn forced the suppliers into ruinous cost-cutting and left them vulnerable to collapse during shocks like the COVID-19 pandemic....

Belatedly, Boeing's current leaders, overwhelmed by criticism, mockery and outrage since January, have finally admitted publicly that some key strategies they pursued for decades were flawed. "Boeing, more than 20 years ago, probably got a little too far ahead of itself on the topic of outsourcing," Chief Financial Officer Brian West said last month. And in January, on CNBC, Boeing Chief Executive Dave Calhoun conceded: "Did it go too far? Yeah, probably did."

Both were speaking about major supplier Spirit AeroSystems of Wichita, Kan., part of Boeing until it was sold off two decades ago, part of a broad divestment of assets to please Wall Street and boost the stock. Following a litany of quality lapses in Wichita, Boeing is now admitting a mistake and trying to buy Spirit back — "for safety and for quality," said West. Another mistake belatedly recognized: With annual bonuses for Boeing's factory managers based largely on meeting cost and schedule targets, it was long a cardinal sin to stop the assembly line. That meant unfinished jobs piled up on aircraft as they moved forward down the line, what Boeing calls "traveled work." Done out of sequence, this work is more difficult and takes much longer. If too much traveled work piles up, it creates chaos. That's what happened in Renton on the 737 assembly line. "For years, we prioritized the movement of the airplane through the factory over getting it done right, and that's got to change," West said. "Once you reduce traveled work, your quality gets better...."

Speaking of how Spirit might be fixed, West said: "It's really about focus and running it, not as a business, as a factory. Run it as a factory and stay focused on safety and quality and stability."
Phil Chandler, a highly skilled Boeing machinist for more than 42 years (retiring in 2020), saw a "dictatorial" approach on the factory floor, according to the article. "Whereas in the past, first-level and even second-level managers in the factory had come up through the ranks as mechanics and had deep knowledge of the work, after [Boeing president Harry] Stonecipher came in those jobs shifted to white-collar people with degrees, often with MBAs."

And a former Boeing physicist also complains about the "shoot-the-messenger" management approach when developing their 787, according to the article: "Engineers who raised technical doubts were told: 'Follow the plan. If you can't do your job, I'll fire you and get someone who can.'"