Just three hours ago, OpenAI made a surprise announcement to their 3.9 million followers on X.com. "Live from Tokyo," they'd be livestreaming... something. Their description of the event was just two words.

"Deep Research"

UPDATE: The stream has begun, and it's about OpenAI's next "agent-ic offering". ("OpenAI cares about agents because we believe they're going to transform knowlege work...")

"We're introducing a capability called Deep Research... a model that does multi-step research. It discovers content, it synthesizes content, and it reasons about this content." It even asks "clarifying" questions to your prompt to make sure its multi-step research stays on track. Deep Research will be launching in ChatGPT Pro later today, rolling out into other OpenAI products...

And OpenAI's site now has an "Introducing Deep Research" page. Its official description? "An agent that uses reasoning to synthesize large amounts of online information and complete multi-step research tasks for you. Available to Pro users today, Plus and Team next."

Before the livestream began, X.com users shared their reactions to the coming announcement:

"It's like DeepSeek, but cleaner"
"Deep do do if things don't work out"
"Live from Tokyo? Hope this research includes the secret to waking up early!"
"Stop trying, we don't trust u"

But one X.com user had presciently pointed out OpenAI has used the phrase "deep research" before. In July of 2024, Reuters reported on internal documentation (confirmed with "a person familiar with the matter") code-named "Strawberry" which suggested OpenAI was working on "human-like reasoning skills." How Strawberry works is a tightly kept secret even within OpenAI, the person said. The document describes a project that uses Strawberry models with the aim of enabling the company's AI to not just generate answers to queries but to plan ahead enough to navigate the internet autonomously and reliably to perform what OpenAI terms "deep research," according to the source. This is something that has eluded AI models to date, according to interviews with more than a dozen AI researchers.

Asked about Strawberry and the details reported in this story, an OpenAI company spokesperson said in a statement: "We want our AI models to see and understand the world more like we do. Continuous research into new AI capabilities is a common practice in the industry, with a shared belief that these systems will improve in reasoning over time." The spokesperson did not directly address questions about Strawberry.

The Strawberry project was formerly known as Q*, which Reuters reported last year was already seen inside the company as a breakthrough... OpenAI hopes the innovation will improve its AI models' reasoning capabilities dramatically, the person familiar with it said, adding that Strawberry involves a specialized way of processing an AI model after it has been pre-trained on very large datasets.

Researchers Reuters interviewed say that reasoning is key to AI achieving human or super-human-level intelligence... OpenAI CEO Sam Altman said earlier this year that in AI "the most important areas of progress will be around reasoning ability.

AI ethicists are cautioning that the rise of AI may bring with it the commodification of even one's motivations. From a report: Researchers from the University of Cambridge's Leverhulme Center for the Future of Intelligence say -- in a paper published Monday in the Harvard Data Science Review journal -- the rise of generative AI, such as chatbots and virtual assistants, comes with the increasing opportunity for persuasive technologies to gain a strong foothold.

"Tremendous resources are being expended to position AI assistants in every area of life, which should raise the question of whose interests and purposes these so-called assistants are designed to serve," Yaqub Chaudhary, a visiting scholar at the Center for Future of Intelligence, said in a statement. When interacting even causally with AI chatbots -- which can range from digital tutors to assistants to even romantic partners -- users share intimate information that gives the technology access to personal "intentions" like psychological and behavioral data, the researcher said.

"What people say when conversing, how they say it, and the type of inferences that can be made in real-time as a result, are far more intimate than just records of online interactions," Chaudhary added. In fact, AI is already subtly manipulating and influencing motivations by mimicking the way a user talks or anticipating the way they are likely to respond, the authors argue. Those conversations, as innocuous as they may seem, leave the door open for the technology to forecast and influence decisions before they are made. "We caution that AI tools are already being developed to elicit, infer, collect, record, understand, forecast, and ultimately manipulate and commodify human plans and purposes," Chaudhary said.

Slashdot reader SysEngineer shared this report from the Guardian: AI tools could be used to manipulate online audiences into making decisions — ranging from what to buy to who to vote for — according to researchers at the University of Cambridge. The paper highlights an emerging new marketplace for "digital signals of intent" — known as the "intention economy" — where AI assistants understand, forecast and manipulate human intentions and sell that information on to companies who can profit from it. The intention economy is touted by researchers at Cambridge's Leverhulme Centre for the Future of Intelligence (LCFI) as a successor to the attention economy, where social networks keep users hooked on their platforms and serve them adverts. The intention economy involves AI-savvy tech companies selling what they know about your motivations, from plans for a stay in a hotel to opinions on a political candidate, to the highest bidder...

The study claims that large language models (LLMs), the technology that underpins AI tools such as the ChatGPT chatbot, will be used to "anticipate and steer" users based on "intentional, behavioural and psychological data"... Advertisers will be able to use generative AI tools to create bespoke online ads, the report claims... AI models will be able to tweak their outputs in response to "streams of incoming user-generated data", the study added, citing research showing that models can infer personal information through workaday exchanges and even "steer" conversations in order to gain more personal information.
The article includes this quote from Dr. Jonnie Penn, an historian of technology at LCFI. "Unless regulated, the intention economy will treat your motivations as the new currency. It will be a gold rush for those who target, steer and sell human intentions.

"We should start to consider the likely impact such a marketplace would have on human aspirations, including free and fair elections, a free press and fair market competition, before we become victims of its unintended consequences."

"Dating apps are on the cusp of a major transformation," argues CNN, suggesting AI-powered possibilities like "personalized chatbots dating other chatbots on your behalf," as well as "AI concierges fielding questions about potential matches," and "advanced algorithms predicting compatibility better than ever before." At its investor day last week, executives from Match Group — the parent company of Match.com, Tinder, Hinge, OkCupid, Our Time and more — teased plans to use AI to improve user experiences and help make better connections. Justin McLeod, CEO of Hinge, outlined how the company intends to fully embrace AI next year: more personalized matching, smarter algorithms that adapt to users and better understand them over time and AI coaching for struggling daters. "While AI is not going to be a panacea when it comes to the very deeply and personal problem of love, I can tell you that it is going to transform the dating app experience, taking it from a do-it-yourself platform to an expertly guided journey that leads to far better outcomes and much better value to our daters," he told investors....

It's already starting to play a bigger role. Tinder, for example, uses AI to help users select their best profile photos. Meanwhile, Bumble's recently enhanced "For You" roundup uses advanced AI when delivering its daily set of four curated profiles based on a user's preferences and past matches. Bumble also uses AI in safety features like its Private Detector — an AI-powered tool that blurs explicit images — and Deception Detector, which identifies spam, scams and fake profiles. Similarly, Match Group offers tools like buttons that say "Are You Sure?" to detect harmful language and "Does This Bother You?" to prompt users to report inappropriate behavior....

According to Liesel Sharabi, an associate professor at Arizona State University's Hugh Downs School of Human Communication, the dating industry is still "very much in the early stages" of embracing AI. "The platforms are still figuring out its role in the online dating experience, but it really does have the potential to transform this space...." Bumble founder Whitney Wolfe Herd previously said she envisions AI functioning as a dating concierge, helping users navigate matches, set up dates and respond to messages. Startups such as Volar and Rizz have already experimented with chatbots that help respond to messages. On Rizz, users upload screenshots of conversations they're having on other dating apps, and the platform helps create flirty replies. (Volar, a standalone dating app that trains on users' preferences and automatically responds to other chatbots, shut down in September due to lack of funding.) While the concept of chatbots dating on your behalf may seem strange, it could reduce the tedious early-stage communication by focusing more on highly compatible matches, Sharabi said...

During Match Group's investor day, Hinge's McLeod announced plans to build the "world's most knowledgeable dating coach" using years of insights from the dating process... McLeod said Hinge has already seen a higher number of matches and subscription renewals with its improved AI algorithm among early test groups. It plans to roll this out globally in March.
And of course, some users are already using ChatGPT to write online dating profiles or respond to messages, the article points out...

An anonymous reader quotes a report from Gizmodo: Once an icon of the 20th century seen as obsolete in the 21st, Encyclopedia Britannica -- now known as just Britannica -- is all in on artificial intelligence, and may soon go public at a valuation of nearly $1 billion, according to the New York Times.

Until 2012 when printing ended, the company's books served as the oldest continuously published, English-language encyclopedias in the world, essentially collecting all the world's knowledge in one place before Google or Wikipedia were a thing. That has helped Britannica pivot into the AI age, where models benefit from access to high-quality, vetted information. More general-purpose models like ChatGPT suffer from hallucinations because they have hoovered up the entire internet, including all the junk and misinformation.

While it still offers an online edition of its encyclopedia, as well as the Merriam-Webster dictionary, Britannica's biggest business today is selling online education software to schools and libraries, the software it hopes to supercharge with AI. That could mean using AI to customize learning plans for individual students. The idea is that students will enjoy learning more when software can help them understand the gaps in their understanding of a topic and stay on it longer. Another education tech company, Brainly, recently announced that answers from its chatbot will link to the exact learning materials (i.e. textbooks) they reference.

Britannica's CEO Jorge Cauz also told the Times about the company's Britannica AI chatbot, which allows users to ask questions about its vast database of encyclopedic knowledge that it collected over two centuries from vetted academics and editors. The company similarly offers chatbot software for customer service use cases. Britannica told the Times it is expecting revenue to double from two years ago, to $100 million.

Bruce Perens, original co-founder of the Open Source Initiative, has responded to questions from Slashdot readers about a new alternative he's developing that hopefully helps "Post Open" developers get paid.

But first, "One of the things that's clear from the Slashdot patter is that people are not aware of what I've been doing, in general," Perens says. "So, let's start by filling that in..."

Read on for the rest of his wide-ranging answers....

Datacenter operators are increasingly turning to small modular reactors (SMRs) like those developed by Oklo to meet growing energy demands. According to The Register, Oklo has secured commitments from two major datacenter providers for 750 MW of power, pending regulatory approvals. It brings the firm's planned nuclear build-out to 2.1 gigawatts. From the report: Oklo's designs are, from what we understand, inspired by the Experimental Breeder Reactor II (EBR-II) and utilize liquid-metal cooling. They are capable of producing between 15MW and 50MW of power, depending on the configuration. That means Oklo's datacenter customers plan to deploy somewhere between 15 and 50 of the reactors to satisfy their thirst for electricity. However, they may be waiting a while.

According to Oklo's website, the nuclear startup hopes to bring its first plant online before the end of the decade. Before that can happen, though, Oklo will need to obtain approval from the Nuclear Regulatory Commission -- something for which it says it's already submitted applications. In 2022, the watchdog rejected an Oklo plan to build a small atomic reactor in Idaho, citing "significant information gaps" on safety-related measures.

That said, Oklo has lately received support from US government agencies including the Department of Energy (DoE), which has awarded a site use permit, while Idaho National Laboratory -- home of EBR-II -- has provided fuel material to support the efforts. Speaking of fuel, Oklo's designs may not suffer from the challenges other SMR startups, like Terrapower, have encountered. Oklo's designs are intended to run on recycled nuclear waste products from traditional reactors. In fact, the startup is currently working with DoE national labs to develop new fuel recycling technologies. Oklo hopes to bring a commercial-scale recycling plan online by the early 2030s.

The FBI raided Polymarket CEO Shayne Coplan's Manhattan apartment, seizing his phone and electronic devices. A source close to the matter told The New York Post it was politically motivated due to Polymarket's successful prediction of Trump's election win. It's "grand political theater at its worst," the source said. "They could have asked his lawyer for any of these things. Instead, they staged a so-called raid so they can leak it to the media and use it for obvious political reasons."

Although no charges were filed, the raid has sparked controversy, with speculation of political retribution and concerns over potential market manipulation, as Polymarket faces scrutiny both in the U.S. and from French regulators. The New York Post reports: Coplan was not arrested and has not been charged, a Polymarket spokesperson told The Post on Wednesday evening. "Polymarket is a fully transparent prediction market that helps everyday people better understand the events that matter most to them, including elections," the rep said. "We charge no fees, take no trading positions, and allow observers from around the world to analyze all market data as a public good."

Coplan posted on X after his run-in with the feds: "New phone, who dis?" Polymarket does not allow trading in the US, though bettors can bypass the ban by accessing the site through VPN. The FBI's investigation comes a week after Coplan said Polymarket is planning to return to the US. [...] In 2022, the online gambling platform was forced to pause its trading in the US and pay a $1.4 million penalty to settle charges with the Commodity Futures Trading Commission that it had failed to register with the agency. [In France, regulators are investigating Polymarket's compliance with national gambling laws, with concerns about unauthorized gambling activities within the country.] A Fortune report published a week before the election found widespread evidence of wash-trading on Polymarket. "Polymarket's Terms of Use expressly prohibit market manipulation," a Polymarket spokesperson told Fortune in a statement.

An anonymous reader quotes a report from TechCrunch: The FBI is warning that hackers are obtaining private user information — including emails and phone numbers — from U.S.-based tech companies by compromising government and police email addresses to submit "emergency" data requests. The FBI's public notice filed this week is a rare admission from the federal government about the threat from fraudulent emergency data requests, a legal process designed to help police and federal authorities obtain information from companies to respond to immediate threats affecting someone's life or property. The abuse of emergency data requests is not new, and has been widely reported in recent years. Now, the FBI warns that it saw an "uptick" around August in criminal posts online advertising access to or conducting fraudulent emergency data requests, and that it was going public for awareness.

"Cyber-criminals are likely gaining access to compromised US and foreign government email addresses and using them to conduct fraudulent emergency data requests to US based companies, exposing the personal information of customers to further use for criminal purposes," reads the FBI's advisory. [...] The FBI said in its advisory that it had seen several public posts made by known cybercriminals over 2023 and 2024, claiming access to email addresses used by U.S. law enforcement and some foreign governments. The FBI says this access was ultimately used to send fraudulent subpoenas and other legal demands to U.S. companies seeking private user data stored on their systems. The advisory said that the cybercriminals were successful in masquerading as law enforcement by using compromised police accounts to send emails to companies requesting user data. In some cases, the requests cited false threats, like claims of human trafficking and, in one case, that an individual would "suffer greatly or die" unless the company in question returns the requested information.

The FBI said the compromised access to law enforcement accounts allowed the hackers to generate legitimate-looking subpoenas that resulted in companies turning over usernames, emails, phone numbers, and other private information about their users. But not all fraudulent attempts to file emergency data requests were successful, the FBI said. The FBI said in its advisory that law enforcement organizations should take steps to improve their cybersecurity posture to prevent intrusions, including stronger passwords and multi-factor authentication. The FBI said that private companies "should apply critical thinking to any emergency data requests received," given that cybercriminals "understand the need for exigency."

A writer for the New York Times editorial board argues we don't yet fully understand the impact of warehouses. "Thanks to the rise of online shopping and the proximity to so many American doorsteps, warehouses have become a major source of blue-collar employment," both in Bethlehem, Pennsylvania and beyond. "In Pennsylvania's Lehigh Valley, more than 19,000 people work in the warehouses that prepare our packages. Thousands more drive the trucks that deliver them."

But while the total number of warehouse-related jobs almost replaces the jobs lost from the closure of a major steel plant, "the political power that blue-collar workers once wielded has not been replaced." Despite their large numbers, their importance to the economy, and their presence in Northampton — a swing county in a crucial battleground state — warehouse workers don't form an influential voting bloc in the way that steelworkers did... It turns out that making stuff isn't the same as distributing it. Working in a steel mill is a communal act that lends itself to the pursuit of political power in a way that warehouse jobs do not. Steelworkers toiled alongside one another, forming lifelong bonds, bowling leagues and unions that delivered a reliable voting bloc. Back when thousands of workers streamed out of the gates of Bethlehem Steel at quitting time, "politicians would come out to shake our hands," Jerry Green, retired president of United Steelworkers Local 2599, told me.

Factories were so good at political mobilization, in fact, that some credit them for democracy itself. Women and working-class men won the right to vote in the United States, Western Europe and much of East Asia after about a quarter of those populations were employed in factories, according to recent research by Sam van Noort, a lecturer at Princeton. Warehouses, by contrast, have no such mystique. Nobody campaigns outside the Walmart distribution centers here. Workers tend to be hired by staffing agencies and many stay for only a few months. They work on their own and rarely socialize. They are notoriously difficult to organize. Alec MacGillis, author of "Fulfillment: America in the Shadow of Amazon," told me that the biggest challenge for labor organizers at Amazon warehouses was getting workers to stay on the job long enough to feel a sense of solidarity.

Malenie Tapia, who moved to Bethlehem from Queens, N.Y., five years ago and took a job as a "picker" in a Zara warehouse, explained why. For eight hours a day, she grabbed items off numbered shelves and delivered them to packers who packed them into boxes. Talking to co-workers was forbidden, she said, except during a brief lunch break. "Sometimes I would go to the section in the back, where there would be less eyes on you, and sneak in a little moment of conversation," she said.
Here's what happened when the reporter asked a pair of Latino workers about their political opinions: Most of all, they fretted about being replaced by machines. They spoke with dread about a fully automated McDonald's and a robot that unloads container ships. They didn't seem to see themselves as part of a working class that could band together to demand protections for their jobs.

The hot political issue around warehouses isn't the workers at all; it's the traffic and loss of green space associated with them. Both the Democratic and Republican candidates in the race for a state representative seat in Northampton have vowed to stop the proliferation of warehouses, which some citizens' groups say destroys their rural way of life. If warehouse workers had a political voice, they might push back. But they don't, so they won't. Warehouses have been an economic boon. But politically, for workers, they are a loss.

Ars Technica's Dan Goodin reports: Last week, NIST released its second public draft of SP 800-63-4, the latest version of its Digital Identity Guidelines. At roughly 35,000 words and filled with jargon and bureaucratic terms, the document is nearly impossible to read all the way through and just as hard to understand fully. It sets both the technical requirements and recommended best practices for determining the validity of methods used to authenticate digital identities online. Organizations that interact with the federal government online are required to be in compliance. A section devoted to passwords injects a large helping of badly needed common sense practices that challenge common policies. An example: The new rules bar the requirement that end users periodically change their passwords. This requirement came into being decades ago when password security was poorly understood, and it was common for people to choose common names, dictionary words, and other secrets that were easily guessed.

Since then, most services require the use of stronger passwords made up of randomly generated characters or phrases. When passwords are chosen properly, the requirement to periodically change them, typically every one to three months, can actually diminish security because the added burden incentivizes weaker passwords that are easier for people to set and remember. Another requirement that often does more harm than good is the required use of certain characters, such as at least one number, one special character, and one upper- and lowercase letter. When passwords are sufficiently long and random, there's no benefit from requiring or restricting the use of certain characters. And again, rules governing composition can actually lead to people choosing weaker passcodes.

The latest NIST guidelines now state that:
- Verifiers and CSPs SHALL NOT impose other composition rules (e.g., requiring mixtures of different character types) for passwords and
- Verifiers and CSPs SHALL NOT require users to change passwords periodically. However, verifiers SHALL force a change if there is evidence of compromise of the authenticator. ("Verifiers" is bureaucrat speak for the entity that verifies an account holder's identity by corroborating the holder's authentication credentials. Short for credential service provider, "CSPs" are a trusted entity that assigns or registers authenticators to the account holder.) In previous versions of the guidelines, some of the rules used the words "should not," which means the practice is not recommended as a best practice. "Shall not," by contrast, means the practice must be barred for an organization to be in compliance. Several other common sense practices mentioned in the document include: 1. Verifiers and CSPs SHALL require passwords to be a minimum of eight characters in length and SHOULD require passwords to be a minimum of 15 characters in length.
2. Verifiers and CSPs SHOULD permit a maximum password length of at least 64 characters.
3. Verifiers and CSPs SHOULD accept all printing ASCII [RFC20] characters and the space character in passwords.
4. Verifiers and CSPs SHOULD accept Unicode [ISO/ISC 10646] characters in passwords. Each Unicode code point SHALL be counted as a single character when evaluating password length.
5. Verifiers and CSPs SHALL NOT impose other composition rules (e.g., requiring mixtures of different character types) for passwords.
6. Verifiers and CSPs SHALL NOT require users to change passwords periodically. However, verifiers SHALL force a change if there is evidence of compromise of the authenticator.
7. Verifiers and CSPs SHALL NOT permit the subscriber to store a hint that is accessible to an unauthenticated claimant.
8. Verifiers and CSPs SHALL NOT prompt subscribers to use knowledge-based authentication (KBA) (e.g., "What was the name of your first pet?") or security questions when choosing passwords.
9. Verifiers SHALL verify the entire submitted password (i.e., not truncate it).

An anonymous reader quotes a report from Ars Technica: Since its introduction in the 1970s, Dungeons & Dragons has become one of the most influential tabletop role-playing games (TRPGs) in popular culture, featuring heavily in Stranger Things, for example, and spawning a blockbuster movie released last year. Over the last decade or so, researchers have turned their focus more heavily to the ways in which D&D and other TRPGs can help people with autism form healthy social connections, in part because the gaming environment offers clear rules around social interactions. According to the authors of a new paper published in the journal Autism, D&D helped boost players' confidence with autism, giving them a strong sense of kinship or belonging, among other benefits.

"There are many myths and misconceptions about autism, with some of the biggest suggesting that those with it aren't socially motivated, or don't have any imagination," said co-author Gray Atherton, a psychologist at the University of Plymouth. "Dungeons & Dragons goes against all that, centering around working together in a team, all of which takes place in a completely imaginary environment. Those taking part in our study saw the game as a breath of fresh air, a chance to take on a different persona and share experiences outside of an often challenging reality. That sense of escapism made them feel incredibly comfortable, and many of them said they were now trying to apply aspects of it in their daily lives." [...] For this latest study. Atherton et al. wanted to specifically investigate how autistic players experience D&D when playing in groups with other autistic players. It's essentially a case study with a small sample size -- just eight participants -- and qualitative in nature, since the post-play analysis focused on semistructured interviews with each player after the conclusion of the online campaign, the better to highlight their individual voices.

The players were recruited through social media advertisements within the D&D, Reddit and Discord online communities; all had received an autism diagnosis by a medical professional. They were split into two groups of four players, with one of the researchers (who's been playing D&D for years) acting as the dungeon master. The online sessions featured in the study was the Waterdeep: Dragonheist campaign. The campaign ran for six weeks, with sessions lasting between two and four hours (including breaks). Participants spoke repeatedly about the positive benefits they received from playing D&D, providing a friendly environment that helped them relax about social pressures. "When you're interacting with people over D&D, you're more likely to understand what's going on," one participant said in their study interview. "That's because the method you'll use to interact is written out. You can see what you're meant to do. There's an actual sort of reference sheet for some social interactions." That, in turn, helped foster a sense of belonging and kinship with their fellow players.

Participants also reported feeling emotionally invested and close to their characters, with some preferring to separate themselves from their character in order to explore other aspects of their personality or even an entirely new persona, thus broadening their perspectives. "I can make a character quite different from how I interact with people in real-life interactions," one participant said. "It helps you put yourself in the other person's perspective because you are technically entering a persona that is your character. You can then try to see how it feels to be in that interaction or in that scenario through another lens." And some participants said they were able to "rewrite" their own personal stories outside the game by adopting some of their characters' traits -- a psychological phenomenon known as "bleed."

Politico reports U.S. states have no uniform way of policing the use of overseas subcontractors in election technology, "let alone to understand which individual software components make up a piece of code."

For example, to replace New Hampshire's old voter registration database, state election officials "turned to one of the best — and only — choices on the market," Politico: "a small, Connecticut-based IT firm that was just getting into election software." But last fall, as the new company, WSD Digital, raced to complete the project, New Hampshire officials made an unsettling discovery: The firm had offshored part of the work. That meant unknown coders outside the U.S. had access to the software that would determine which New Hampshirites would be welcome at the polls this November.

The revelation prompted the state to take a precaution that is rare among election officials: It hired a forensic firm to scour the technology for signs that hackers had hidden malware deep inside the coding supply chain. The probe unearthed some unwelcome surprises: software misconfigured to connect to servers in Russia ["probably by accident," they write later] and the use of open-source code — which is freely available online — overseen by a Russian computer engineer convicted of manslaughter, according to a person familiar with the examination and granted anonymity because they were not authorized to speak about it... New Hampshire officials say the scan revealed another issue: A programmer had hard-coded the Ukrainian national anthem into the database, in an apparent gesture of solidarity with Kyiv.

None of the findings amounted to evidence of wrongdoing, the officials said, and the company resolved the issues before the new database came into use ahead of the presidential vote this spring. This was "a disaster averted," said the person familiar with the probe, citing the risk that hackers could have exploited the first two issues to surreptitiously edit the state's voter rolls, or use them and the presence of the Ukrainian national anthem to stoke election conspiracies. [Though WSD only maintains one other state's voter registration database — Vermont] the supply-chain scare in New Hampshire — which has not been reported before — underscores a broader vulnerability in the U.S. election system, POLITICO found during a six-month-long investigation: There is little oversight of the supply chain that produces crucial election software, leaving financially strapped state and county offices to do the best they can with scant resources and expertise.

The technology vendors who build software used on Election Day face razor-thin profit margins in a market that is unforgiving commercially and toxic politically. That provides little room for needed investments in security, POLITICO found. It also leaves states with minimal leverage over underperforming vendors, who provide them with everything from software to check in Americans at their polling stations to voting machines and election night reporting systems. Many states lack a uniform or rigorous system to verify what goes into software used on Election Day and whether it is secure.
The article also points out that many state and federal election officials "insist there has been significant progress" since 2016, with more regular state-federal communication. "The Cybersecurity and Infrastructure Security Agency, now the lead federal agency on election security, didn't even exist back then.

"Perhaps most importantly, more than 95% of U.S. voters now vote by hand or on machines that leave some type of paper trail, which officials can audit after Election Day."

OpenAI said in a letter that it supports California bill AB 3211, which requires tech companies to label AI-generated content. Reuters reports: San Francisco-based OpenAI believes that for AI-generated content, transparency and requirements around provenance such as watermarking are important, especially in an election year, according to a letter sent to California State Assembly member Buffy Wicks, who authored the bill. "New technology and standards can help people understand the origin of content they find online, and avoid confusion between human-generated and photorealistic AI-generated content," OpenAI Chief Strategy Officer Jason Kwon wrote in the letter, which was reviewed by Reuters.

AB 3211 has already passed the state Assembly by a 62-0 vote. Earlier this month it passed the senate appropriations committee, setting it up for a vote by the full state Senate. If it passes by the end of the legislative session on Aug. 31, it would advance to Governor Gavin Newsom to sign or veto by Sept. 30.

An anonymous reader quotes a report from TechCrunch: The U.S. Postal Service was sharing the postal addresses of its online customers with advertising and tech giants Meta, LinkedIn and Snap, TechCrunch has found. On Wednesday, the USPS said it addressed the issue and stopped the practice, claiming that it was "unaware" of it. TechCrunch found USPS was sharing customers' information by way of hidden data-collecting code (also known as tracking pixels) used across its website. Tech and advertising companies create this kind of code to collect information about the user -- such as which pages they visit -- every time a webpage containing the code loads in the customer's browser.

In the case of USPS, some of that collected data included the postal addresses of logged-in USPS Informed Delivery customers, who use the service to see photos of their incoming mail before it arrives. It's not clear how many individuals had their information collected or for how long. Informed Delivery had more than 62 million users (PDF) as of March 2024. [...] The code also collected other data, such as information about the user's computer type and browser, which appeared as partly pseudonymized -- essentially scrambled in a way that makes it more difficult for humans to know where data came from, or who it relates to, by using randomized identifiers in place of real customer names. But researchers have long warned that pseudonymous data can still be used to re-identify seemingly anonymous individuals.

TechCrunch also found that tracking numbers entered into the USPS website were also shared with advertisers and tech companies, including Bing, Google, LinkedIn, Pinterest and Snap. Some in-transit tracking data was also shared, such as the real-world location of the mail in the postal system, even if the customer was not logged in to USPS' website. USPS spokesperson Jim McKean said in a statement: "The Postal Service leverages an analytics platform for our own internal purposes, so that we understand the usage of our products and services and which we use on an aggregated basis to market our products. The Postal Service does not sell or provide any personal information that is collected from this analytics platform to any third party, and we were unaware of any configuration of the platform that collected personal information from the URL and that shared it without our knowledge with social media."

"We have taken immediate action to remediate this issue," the spokesperson added, without saying what action was taken.

An anonymous reader quotes an op-ed for Slate, written by Amanda Chen: In August 2009, Wired magazine ran a cover story on Craigslist founder Craig Newmark titled "Why Craigslist Is Such a Mess." The opening paragraphs excoriate almost every aspect of the online classifieds platform as "underdeveloped," a "wasteland of hyperlinks," and demands that we, the public, ought to have higher standards. The same sentiment can found across tech forums and trade publications, a missed opportunity that the average self-professed LinkedIn expert on #UX #UI #design will have you believe that they are the first to point out. But as sites like Craigslist increasingly turn into digital artifacts, more people, myself included, are starting to see the beauty that belies those same features. Without them, where else on the internet could you find such ardent professions of desire or loneliness, or the random detritus of a life so steeply discounted?

The site has changed relatively little in both functionality and appearance since Newmark launched it in 1995 as a friends and family listserv for jobs and other opportunities. Yet in spite of that, it remains a household name whose niche in the contemporary digital landscape has yet to be usurped, with an estimated 180 million visits in May 2024. Though, it's certainly not for a lack of newcomers attempting to stake their claims on the booming C2C market; in the U.S., Facebook Marketplace, launched in 2016, is its closest direct competitor, followed by platforms like Nextdoor and OfferUp. Craigslist's business model is quite simple: Users in a few categories -- apartments in select cities, jobs, vehicles for sale -- pay a small but reasonable fee to make posts. Everything else is free. Its Perl-backed tech is straightforward. The team is relatively lean, as the company considers functions like sales and marketing superfluous. This strategy has allowed Craigslist to stay extremely profitable throughout the years without implementing sophisticated recommendation algorithms or inundating the webpage with third-party advertisements. Its runaway success threatens decades-old industry gospels of growth, disruption, and innovation, and might force tech evangelists to admit they don't fully understand what people want. [...]

These days I find myself casually browsing Craigslist in lieu of Instagram. Like readers of a local paper, I use it to keep a pulse on what's happening around me, even if I'll never know who these people are. That's beside the point. Perhaps Craigslist's single greatest cultural contribution, and my favorite place to lurk, is the "missed connections." The feature has inspired countless copycats, artistic reinterpretations, human interest stories, and analyses (one in particular extrapolated that Monday evenings are the most lovelorn time across the country). There is something deeply comforting about seeing those intangible threads of yearning which permeate a city so plainly laid out, as confirmation that you're not alone in wanting to be seen by others alive in the same place and time as you. Sometimes I'll peruse random job listings or the "free" section. This leads to the ever-amusing exercise, which I'll often invite friends to participate in, of speculating about the motivations and circumstances behind an object's acquisition and imminent relinquishment. I'll even visit the clunky, dial-up era-style discussion forums, subdivided into topics labeled things like "death and dying" or "haiku hotel," where a unique penchant for whimsy and romance can be felt deeply throughout. On Craigslist, a post can be a shout into the void that may or may not be returned, an affirmation of life, but regardless, in 45 days it's gone. Positioned somewhere in between digital ephemera and archive, the site's images and language are often utilitarian, occasionally unintelligible, and just when you least expect it, absurd, poetic, and profound. "Frequently, technologists remain convinced that the market will eventually reveal a solution for all of our deep-seated societal problems, something that we can hack if only granted access to better tech," writes Chen, in closing. "From the start, the industry has advanced the idea that change is inherently good, even if only for its own sake, which can be viewed as symptomatic of the accelerating conditions of late-stage capitalism. Of course, there are many ways in which change is desperately needed in this moment, but when it comes to the particular case of Craigslist, it hardly seems necessary."

An anonymous reader quotes a report from Ars Technica: Temu -- the Chinese shopping app that has rapidly grown so popular in the US that even Amazon is reportedly trying to copy it -- is "dangerous malware" that's secretly monetizing a broad swath of unauthorized user data, Arkansas Attorney General Tim Griffin alleged in a lawsuit (PDF) filed Tuesday. Griffin cited research and media reports exposing Temu's allegedly nefarious design, which "purposely" allows Temu to "gain unrestricted access to a user's phone operating system, including, but not limited to, a user's camera, specific location, contacts, text messages, documents, and other applications."

"Temu is designed to make this expansive access undetected, even by sophisticated users," Griffin's complaint said. "Once installed, Temu can recompile itself and change properties, including overriding the data privacy settings users believe they have in place." Griffin fears that Temu is capable of accessing virtually all data on a person's phone, exposing both users and non-users to extreme privacy and security risks. It appears that anyone texting or emailing someone with the shopping app installed risks Temu accessing private data, Griffin's suit claimed, which Temu then allegedly monetizes by selling it to third parties, "profiting at the direct expense" of users' privacy rights. "Compounding" risks is the possibility that Temu's Chinese owners, PDD Holdings, are legally obligated to share data with the Chinese government, the lawsuit said, due to Chinese "laws that mandate secret cooperation with China's intelligence apparatus regardless of any data protection guarantees existing in the United States."

Griffin's suit cited an extensive forensic investigation into Temu by Grizzly Research -- which analyzes publicly traded companies to inform investors -- last September. In their report, Grizzly Research alleged that PDD Holdings is a "fraudulent company" and that "Temu is cleverly hidden spyware that poses an urgent security threat to United States national interests." As Griffin sees it, Temu baits users with misleading promises of discounted, quality goods, angling to get access to as much user data as possible by adding addictive features that keep users logged in, like spinning a wheel for deals. Meanwhile hundreds of complaints to the Better Business Bureau showed that Temu's goods are actually low-quality, Griffin alleged, apparently supporting his claim that Temu's end goal isn't to be the world's biggest shopping platform but to steal data. Investigators agreed, the lawsuit said, concluding "we strongly suspect that Temu is already, or intends to, illegally sell stolen data from Western country customers to sustain a business model that is otherwise doomed for failure." Seeking an injunction to stop Temu from allegedly spying on users, Griffin is hoping a jury will find that Temu's alleged practices violated the Arkansas Deceptive Trade Practices Act (ADTPA) and the Arkansas Personal Information Protection Act. If Temu loses, it could be on the hook for $10,000 per violation of the ADTPA and ordered to disgorge profits from data sales and deceptive sales on the app. In a statement to Ars, a Temu spokesperson discredited Grizzly Research's investigation and said that the company was "surprised and disappointed by the Arkansas Attorney General's Office for filing the lawsuit without any independent fact-finding."

"The allegations in the lawsuit are based on misinformation circulated online, primarily from a short-seller, and are totally unfounded," Temu's spokesperson said. "We categorically deny the allegations and will vigorously defend ourselves."

"We understand that as a new company with an innovative supply chain model, some may misunderstand us at first glance and not welcome us. We are committed to the long-term and believe that scrutiny will ultimately benefit our development. We are confident that our actions and contributions to the community will speak for themselves over time." Last year, Temu was the most downloaded app in the U.S. and has only become more popular as reports of security and privacy risks have come out.

"My favorite kind of science fiction involves stories rooted in real science..." writes NPR's reviewer. "[T]here is something special about seeing characters wrestle with concepts closer to our current understanding of how the universe works."

The Verge calls it an "impressive" and "leaner" story than the book, arguing "it's a good one — and very occasionally a great one" that introduces the author's key ideas, though channelling "the book's spirit but not its brilliance."

And Slate calls it a "downright transformative" adaptation, "jettisoning most of the novel's characters and plucking scenes from all three books," while accusing it of "making the trilogy's expansive and philosophical story into something much more pedestrian and digestible."

But Reuters notes there's huge interest in China over this adaptation (by the co-creator of Mem>Game of Thrones) for the first Asian novel to win the Hugo Award for best science fiction novel. "The new series was trending on Chinese social media platform Weibo on Friday," reports Reuters, "with 21 million views so far." (The show came in first on Weibo's "top hot" trend rankings, they add, "despite Netflix being officially inaccessible in China. Chinese viewers would have had to watch the Netflix series from behind a VPN or on a pirate site.")

So what was their verdict? CNN reports Netflix's adaptation "has split opinions in China and sparked online nationalist anger over scenes depicting a violent and tumultuous period in the country's modern history." Among the country's more patriotic internet users, discussions on the adaptation turned political, with some accusing the big-budget American production of making China look bad. The show opens with a harrowing scene depicting Mao Zedong's Cultural Revolution, which consumed China in bloodshed and chaos for a decade from 1966... "Netflix you don't understand 'The Three Body Problem' or Ye Wenjie at all!" read a comment on social media platform Weibo. "You only understand political correctness!"

Others came to the show's defense, saying the scene closely follows depictions in the book — and is a truthful reenactment of history. "History is far more absurd than a TV series, but you guys pretend not to see it," read one comment on Douban, a popular site for reviewing movies, books and music.

Author Liu said in an interview with the New York Times in 2019 that he had originally wanted to open the book with scenes from Mao's Cultural Revolution, but his Chinese publisher worried they would never make it past government censors and buried them in the middle of the narrative. The English version of the book, translated by Ken Liu, put the scenes at the novel's beginning, with the author's blessing... Various other aspects of the show, from its casting and visual effects to the radical changes to the story's original setting and characters, also attracted the ire of Chinese social media users. Many compared it to a Chinese television adaptation released last year — a much lengthier and closer retelling of the book that ran to 30 episodes and was highly rated on Chinese review platforms.

The Netflix adaptation featured an international cast and placed much of the action in present-day London — thus making the story a lot less Chinese.

"The environment in which kids grow up today is hostile to human development," argues Jonathan Haidt, a social psychologist and business school ethics professor, saying that since the early 2010s, "something went suddenly and horribly wrong for adolescents."

The Atlantic recently published an excerpt from his book The Anxious Generation: How the Great Rewiring of Childhood Is Causing an Epidemic of Mental Illness.: By a variety of measures and in a variety of countries, the members of Generation Z (born in and after 1996) are suffering from anxiety, depression, self-harm, and related disorders at levels higher than any other generation for which we have data... I think the answer can be stated simply, although the underlying psychology is complex: Those were the years when adolescents in rich countries traded in their flip phones for smartphones and moved much more of their social lives online — particularly onto social-media platforms designed for virality and addiction. Once young people began carrying the entire internet in their pockets, available to them day and night, it altered their daily experiences and developmental pathways across the board. Friendship, dating, sexuality, exercise, sleep, academics, politics, family dynamics, identity — all were affected...

There's an important backstory, beginning as long ago as the 1980s, when we started systematically depriving children and adolescents of freedom, unsupervised play, responsibility, and opportunities for risk taking, all of which promote competence, maturity, and mental health. But the change in childhood accelerated in the early 2010s, when an already independence-deprived generation was lured into a new virtual universe that seemed safe to parents but in fact is more dangerous, in many respects, than the physical world. My claim is that the new phone-based childhood that took shape roughly 12 years ago is making young people sick and blocking their progress to flourishing in adulthood. We need a dramatic cultural correction, and we need it now...

A simple way to understand the differences between Gen Z and previous generations is that people born in and after 1996 have internal thermostats that were shifted toward defend mode. This is why life on college campuses changed so suddenly when Gen Z arrived, beginning around 2014. Students began requesting "safe spaces" and trigger warnings. They were highly sensitive to "microaggressions" and sometimes claimed that words were "violence." These trends mystified those of us in older generations at the time, but in hindsight, it all makes sense. Gen Z students found words, ideas, and ambiguous social encounters more threatening than had previous generations of students because we had fundamentally altered their psychological development.
The article argues educational scores also began dropping around 2012, while citing estimates that America's average teenager spends seven to nine hours a day on screen-based activities. "Everything else in an adolescent's day must get squeezed down or eliminated entirely to make room for the vast amount of content that is consumed... The main reason why the phone-based childhood is so harmful is because it pushes aside everything else." (For example, there's "the collapse of time spent interacting with other people face-to-face.")

The article warns of fragmented attention, disrupted learning, social withdrawal, and "the decay of wisdom and the loss of meaning." ("This rerouting of enculturating content has created a generation that is largely cut off from older generations and, to some extent, from the accumulated wisdom of humankind, including knowledge about how to live a flourishing life.") Its proposed solution?

• No smartphones before high school
• No social media before 16
• Phoneâfree schools
• More independence, free play, and responsibility in the real world

"We didn't know what we were doing in the early 2010s. Now we do. It's time to end the phone-based childhood."

Thanks to long-time Slashdot reader schwit1 and sinij for sharing the article.

An anonymous reader quotes a report from The Register: Criminals have probably stolen nearly 30,000 Fidelity Investments Life Insurance customers' personal and financial information -- including bank account and routing numbers, credit card numbers and security or access codes -- after breaking into Infosys' IT systems in the fall. According to Fidelity, in documents filed with the Maine attorney general's office, miscreants "likely acquired" information about 28,268 people's life insurance policies after infiltrating Infosys.

"At this point, [Infosys] are unable to determine with certainty what personal information was accessed as a result of this incident," the insurer noted in a letter [PDF] sent to customers. However, the US-headquartered firm says it "believes" the data included: names, Social Security numbers, states of residence, bank accounts and routing numbers, or credit/debit card numbers in combination with access code, password, and PIN for the account, and dates of birth. In other words: Potentially everything needed to drain a ton of people's bank accounts, pull off any number of identity theft-related scams -- or at least go on a massive online shopping spree.

LockBit claimed to be behind the Infosys intrusion in November, shortly after the Indian tech services titan disclosed the "cybersecurity incident" affecting its US subsidiary, Infosys McCamish Systems aka IMS. It reported that the intrusion shuttered some of its applications and IT systems [PDF]. This was before law enforcement shut down at least some of LockBit's infrastructure in December, although that's never a guarantee that the gang will slink off into obscurity -- as we're already seen. "Since learning of this event, we have been engaged with IMS to understand IMS's actions to investigate and contain the event, implement remedial measures, and safely restore its services," Fidelity assured its customers. "In addition, we remain engaged with IMS as they continue their investigation of this incident and its impact on the data they maintain."