Futurism found that Google News is surfacing Polymarket betting pages alongside traditional news sources. "The bets often appear in the 'For you' section of Google News, which is tailored to a user's personal interests," the publication reports. "In one instance, it was even the very top result, as with this bet on the price of Bitcoin." From the report: In our testing, Polymarket bets are also showing up on the Google News home page. But links from the prediction market can pop up all over Google News, including in searches. In further tests, looking up "will ships transit the strait," referring to the Strait of Hormuz, returned numerous credible sources like Financial Times, The Guardian, and Reuters. Just below them, however, was a Polymarket bet on the number of ships that would be allowed to pass through the critical oil passageway.

This doesn't appear to be an accident. When searching "Polymarket" in its search bar, Google News now allows users to choose it as a "source," directing them to a page that aggregates other Polymarket hits. It's not the only non-news site that's selectable as a source -- looking up "Reddit" and "X" offers the option, too -- but searching for "Kalshi," another prediction market and Polymarket's main competitor, doesn't give the option to use it as a source. [...] In light of all this, Polymarket appearing in Google News is a major victory for the prediction platform -- rubber-stamping its image as an authority on developing real-world events right alongside genuine real publishers of journalism.

An anonymous reader shares a report: DC Comics president and publisher Jim Lee said that the company "will not support AI-generated storytelling or artwork," assuring fans that its future will remain rooted in human creativity. "Not now, not ever, as long as [SVP, general manager] Anne DePies and I are in charge," Lee said during his panel at New York Comic Con on Wednesday, likening concerns around AI dominating future creative industries to the Millennium bug scare and NFT hype.

"People have an instinctive reaction to what feels authentic. We recoil from what feels fake. That's why human creativity matters," said Lee. "AI doesn't dream. It doesn't feel. It doesn't make art. It aggregates it."

Cloudflare today announced a "Pay Per Crawl" program that allows website owners to charge AI companies for accessing their content, a potential revenue stream for publishers whose work is increasingly being scraped to train AI models. The system uses HTTP response code 402 to enable content creators to set per-request prices across their sites. Publishers can choose to allow free access, require payment at a configured rate, or block crawlers entirely.

When an AI crawler requests paid content, it either presents payment intent via request headers for successful access or receives a "402 Payment Required" response with pricing information. Cloudflare acts as the merchant of record and handles the underlying technical infrastructure. The company aggregates billing events, charges crawlers, and distributes earnings to publishers.

Alongside Pay Per Crawl, Cloudflare has switched to blocking AI crawlers by default for its customers, becoming the first major internet infrastructure provider to require explicit permission for AI access. The company handles traffic for 20% of the web and more than one million customers have already activated its AI-blocking tools since their September 2024 launch, it wrote in a blog post.

HP is developing a "PCFax" system similar to CarFax for used cars that securely collects and stores detailed device usage and health data at the firmware level to extend the life of PCs and reduce e-waste. A team of HP experts outlines the system in a recent IEEE Spectrum report: The secure telemetry protocol we've developed at HP works as follows. We gather the critical hardware and sensor data and store it in a designated area of the SSD. This area is write-locked, meaning only authorized firmware components can write to it, preventing accidental modification or tampering. That authorized firmware component we us is the Endpoint Security Controller, a dedicated piece of hardware embedded in business class HP PCs. It plays a critical role in strengthening platform-level security and works independently from the main CPU to provide foundational protection.

The endpoint security controller establishes a secure session by retaining the secret key within the controller itself. This mechanism enables read data protection on the SSD -- where telemetry and sensitive data are stored -- by preventing unauthorized access, even if the operating system is reinstalled or the system environment is otherwise altered. Then, the collected data is recorded in a timestamped file, stored within a dedicated telemetry log on the SSD. Storing these records on the SSD has the benefit of ensuring the data is persistent even if the operating system is reinstalled or some other drastic change in software environment occurs. The telemetry log employs a cyclic buffer design, automatically overwriting older entries when the log reaches full capacity. Then, the telemetry log can be accessed by authorized applications at the operating system level.

The telemetry log serves as the foundation for a comprehensive device history report. Much like a CarFax report for used cars, this report, which we call PCFax, will provide both current users and potential buyers with crucial information. The PCFax report aggregates data from multiple sources beyond just the on-device telemetry logs. It combines the secure firmware-level usage data with information from HP's factory and supply chain records, digital services platforms, customer support service records, diagnostic logs, and more. Additionally, the system can integrate data from external sources including partner sales and service records, refurbishment partner databases, third-party component manufacturers like Intel, and other original equipment manufacturers. This multi-source approach creates a complete picture of the device's entire lifecycle, from manufacturing through all subsequent ownership and service events.

An anonymous reader quotes a report from Ars Technica: Too often, new tech product or service launches seem like solutions in search of a problem, but not this one: ESPN is launching software that lets you figure out just where you can watch the specific game you want to see amid an overcomplicated web of streaming services, cable channels, and arcane licensing agreements. Every sports fan is all too familiar with today's convoluted streaming schedules. Launching today on ESPN.com and the various ESPN mobile and streaming device apps, the new guide offers various views, including one that lists all the sporting events in a single day and a search function, among other things. You can also flag favorite sports or teams to customize those views.

"At the core of Where to Watch is an event database created and managed by the ESPN Stats and Information Group (SIG), which aggregates ESPN and partner data feeds along with originally sourced information and programming details from more than 250 media sources, including television networks and streaming platforms," ESPN's press release says. ESPN previously offered browsable lists of games like this, but it didn't identify where you could actually watch all the games. There's no guarantee that you'll have access to the services needed to watch the games in the list, though. Those of us who cut the cable cord long ago know that some games -- especially those local to your city -- are unavailable without cable.

A new survey of thousands of game development professionals finds a near-majority saying generative AI tools are already in use at their workplace. But a significant minority of developers say their company has no interest in generative AI tools or has outright banned their use. From a report: The Game Developers Conference's 2024 State of the Industry report, released Thursday, aggregates the thoughts of over 3,000 industry professionals as of last October. While the annual survey (conducted in conjunction with research partner Omdia) has been running for 12 years, this is the first time respondents were asked directly about their use of generative AI tools such as ChatGPT, DALL-E, GitHub Copilot, and Adobe Generative Fill.

Forty-nine percent of the survey's developer respondents said that generative AI tools are currently being used in their workplace. That near-majority includes 31 percent (of all respondents) that say they use those tools themselves and 18 percent that say their colleagues do. The survey also found that different studio departments showed different levels of willingness to embrace AI tools. Forty-four percent of employees in business and finance said they were using AI tools, for instance, compared to just 16 percent in visual arts and 13 percent in "narrative/writing."

Apple will redesign its TV app in a step toward consolidating the company's various video offerings later this year, part of its efforts to become a bigger player in the streaming world. Bloomberg News: The company is preparing a new version of the app for release around December as part of an upcoming tvOS software update, said the people, who asked not to be identified because the plan is private. The app, which first launched in 2016, aggregates content from iTunes, the Apple TV+ subscription service, live sports networks and third-party offerings like Amazon Prime.

As part of the overhaul, the company will discontinue its dedicated apps on the Apple TV set-top box that let users rent and buy movies and shows. It will also remove the movie and TV show sections from the iTunes Store app on iPhones and iPads. The idea is to steer more customers toward the main TV app, which sits at the center of Apple's expanding video strategy. There, users are able to subscribe to TV+ as well as third-party video services like Starz and Paramount+. The app already lets customers rent and buy programs, making a separate iTunes option unnecessary.

Cigarette smoking and other uses of tobacco shave an average of 2.2 years off lifespans globally. But merely breathing -- if the air is polluted -- is more damaging to human health. From a report: That is the conclusion of a report published Tuesday by the University of Chicago's Energy Policy Institute, which identified air pollution as the world's top threat to public health, responsible for reducing average life expectancy by 2.3 years worldwide. China, once the poster child for smog-filled skies, has been a surprise success story. Between 2013 and 2021, the world's second-largest economy improved overall air quality by more than 40% while the average lifespan of residents increased by more than two years, according to the report.

By contrast, four countries in South Asia -- India, Bangladesh Nepal and Pakistan -- accounted for more than half of the total years of life lost globally due to pollution in the atmosphere over the same eight years. India alone was responsible for nearly 60% of the growth in air pollution across the globe during that time. If India were to meet World Health Organization guidelines for particulate pollution, the life expectancy for residents of capital city New Delhi would increase by 12 years. An increase in wildfires in places such as California and Canada has renewed attention on the dangers of polluted air. Around 350 cities globally suffer the same level of dangerous haze that enveloped New York City in June at least once a year, according to calculations from environmental think tank Centre for Research on Energy and Clean Air, which aggregates data from dozens of official government sources.

Jules Wang from Android Police reports on the cases of two icon pack artists who had their products taken down from the Play Store for supposedly violating the platform's Repetitive Content policy. Despite both creators' products being reinstated, they revealed that Google's opaque application of its rules has caused frustration and hopelessness among developers. From the report: All this heartache stems from Google Play's Repetitive Content policy. While on its face a well-meaning effort to reduce spammy apps and keep quality up, there's a core problem with compliance when creators find themselves forced to use apps to distribute content: "If these apps are each small in content volume, developers should consider creating a single app that aggregates all the content."

If you've browsed on the Play Store, you'll immediately know this guidance isn't universally followed: many artists like JustNewDesigns will have multiple designs in their portfolio and each of those designs will come in multiple colorways or shapeways -- whether they're changing out an accent in a line design or are implementing some sort of adaptive element.

Not only are there so many apps, but they also look so much alike -- artists, many of whom might not consider coding their strong suit, tend to use open-source templates to create the actual app. You'll likely see them credited to Sarsa Murmu, who runs a GitHub project called CandyBar, or Jahir Fiquitiva, the maintainer of the Blueprint repository. These resources take care of the "packaging" for the assets. They include integration compatibility with various popular launchers, a license scheme to prevent those who sideloaded the app for free from having the icons applied, and all sorts of other functionality. In addition to the icon assets, the apps may also house wallpapers and links to other apps. [...] What is Google's role and what should it be? Wang writes: Artists would have much to gain from a new or revised API. Adding and adapting new icon designs to existing products would be much easier. New designs may be able to take advantage of changes to the Adaptive Icons API as Google lays them out. There would be unease as to how the business model could shift -- should publishers charge by the app, through in-app purchases, or both? But as it stands, the biggest benefit with such a change is that it would presumably get Play's "RoboCops" off their back. Of course, we can't be sure of that with how Google's enforcement apparatus operates, but the notion of unfairness lends credibility to those supporting the status quo unless the company is willing to come to the bargaining table.

At the end of the day, Google is certainly within its right to build regulations around apps to respond to emergent scammers and distressing content. Automation is meant to render manageable the sheer volume of content the Play platform sees published on a daily basis. But so long as icon artists sit under threat from a rulebook that can be arbitrarily thrown at them at any time, if nothing changes, we may be on a road leading to the degradation of a core Android tenet that even the most casual tech consumer associates with the platform -- user customizability.

In a study published Wednesday in PLOS Climate, a group of astrophysicists proposes shooting lunar dust into space to help partially shield sunlight to Earth. The Washington Post reports: The team used computer simulations to model various scenarios where massive quantities of dust (and we mean a lot of dust) in space can reduce the amount of Earthbound sunlight by 1 to 2 percent, or up to about six days of an obscured sun in a year. Their cheapest and most efficient idea is to launch dust from the moon, which would land into orbit between the sun and Earth and create a sunshade. Yes, the idea sounds like science fiction. Yes, it would require (a lot of) new engineering. Yes, there are more feasible climate mitigation tactics that can be employed now and in the near future. But the researchers view this rigorous physics experiment as a backup option that could aid -- not replace -- existing strategies to help humankind live on a more comfortable Earth. [...]

In the new study, the authors concede their idea isn't perfect but say it addresses some problems with previous concepts. For instance, the amount of material needed to actually shade the sun exceeds 10 billion kilograms (22 billion pounds), which is about 100 times more mass than humans have ever sent into space. Bromley says dust is very efficient at scattering sunlight relative to its size. The team considered different types of dust, scattering properties and size. The team found that aggregates of fluffy and highly porous particles scattered light the best, but they opted for a particle perhaps more easily accessible in space: moon dust. "We really do focus on lunar dust, just plain old, as-it-is lunar dust, without any indication of changing its shape," said Bromley, who said future moon mining could excavate the dust needed. Perhaps the greatest challenge is getting the right material exactly where you need it, Bromley said.

In one computer simulation, the team shot lunar dust from the moon's surface toward the sun. Bromley said the device to launch the lunar dust into space could be something similar to an electromagnetic gun, cannon or rocket -- picture a T-shirt cannon sending dust into orbit. In the simulation, the dust scattered along various routes until the team found suitable trajectories, which allowed the dust to concentrate temporarily and act as a sun shield. Bromley said the dust would periodically disperse away from Earth and throughout the solar system. In another simulation, the team shot off dust from a space platform about 1 million miles from Earth. This would be in an area known as L1 (Lagrange point 1), where objects tend to stay put because of equal gravitational pulls between the sun and Earth. This idea required more astronomical cost and effort because they would need a space platform and a dust supply that could be easily replenished. In either scenario, people on the ground wouldn't be able to see the shield or feel any difference, although some tools would probably be able to detect changes in the incoming solar radiation.

Mark Harris writes via MIT Technology Review: In early 2021, Crown Prince Mohammed bin Salman of Saudi Arabia announced The Line: a "civilizational revolution" that would house up to 9 million people in a zero-carbon megacity, 170 kilometers long and half a kilometer high but just 200 meters wide. Within its mirrored, car-free walls, residents would be whisked around in underground trains and electric air taxis. Satellite images of the $500 billion project obtained exclusively by MIT Technology Review show that the Line's vast linear building site is already taking shape, running as straight as an arrow across the deserts and through the mountains of northern Saudi Arabia. The site, tens of meters deep in places, is teeming with many hundreds of construction vehicles and likely thousands of workers, themselves housed in sprawling bases nearby.

Analysis of the satellite images by Soar Earth, an Australian startup that aggregates satellite imagery and crowdsourced maps into an online digital atlas, suggests that the workers have already excavated around 26 million cubic meters of earth and rock -- 78 times the volume of the world's tallest building, the Burj Khalifa. Official drone footage of The Line's construction site, released in October, indeed showed fleets of bulldozers, trucks, and diggers excavating its foundations. Visit The Line's location on Google Maps and Google Earth, however, and you will see little more than bare rock and sand.

Slashdot readers MojoKid and williamyf share the news of AMD's two new high-end graphics cards, the Radeon RX 7900 XTX and 7900 XT. "Priced at $999 and $899 respectively and available in December this year, the new Radeon cards are expected to go toe-to-toe with NVIDIA's GeForce RTX 4080 and 4090," writes MojoKid. HotHardware reports: AMD states that its goals for RDNA 3 are to accelerate performance-per-watt leadership and to raise the bar for high resolution and high framerate gaming. AMD has turned to a chiplet architecture to accomplish these goals, a first for gaming GPUs. The chiplet complexes consist of a 5nm graphics compute die (GCD), which is flanked top and bottom by up to six 6nm memory and cache dice (MCD). The RX 7900 XTX uses the full complement of 6 MCDs which aggregates as a 384-bit memory bus (64-bit per die) with GDDR6 memory offering 20Gbps of throughput. The RX 7900 XT uses 5 MCDs with a corresponding 320-bit bus.

All of this increased bandwidth and resources translates to what AMD claims is up to a 1.7X uplift in performance for the Radeon RX 7900 XTX versus its previous gen Radeon RX 6950 XT card in high resolution gaming. This could put the card within striking distance of NVIDIA's GeForce RTX 4090 possibly, but it's hard to say until cards ship to independent reviewers for testing. Regardless, gamers will appreciate the RX 7900 XTX's price point versus NVIDIA's $1600 top-end beast.

Google unveiled a new open source security project on Thursday centered around software supply chain management. The Record reports: Given the acronym GUAC -- which stands for Graph for Understanding Artifact Composition -- the project is focused on creating sets of data about a software's build, security and dependency. Google worked with Purdue University, Citibank and supply chain security company Kusari on GUAC, a free tool built to bring together many different sources of software security metadata. Google has also assembled a group of technical advisory members to help with the project -- including IBM, Intel, Anchore and more.

Google's Brandon Lum, Mihai Maruseac, Isaac Hepworth pitched the effort as one way to help address the explosion in software supply chain attacks -- most notably the widespread Log4j vulnerability that is still leaving organizations across the world exposed to attacks. "GUAC addresses a need created by the burgeoning efforts across the ecosystem to generate software build, security, and dependency metadata," they wrote in a blog post. "GUAC is meant to democratize the availability of this security information by making it freely accessible and useful for every organization, not just those with enterprise-scale security and IT funding."

Google shared a proof of concept of the project, which allows users to search data sets of software metadata. The three explained that GUAC effectively aggregates software security metadata into a database and makes it searchable. They used the example of a CISO or compliance officer that needs to understand the "blast radius" of a vulnerability. GUAC would allow them to "trace the relationship between a component and everything else in the portfolio." Google says the tool will allow anyone to figure out the most used critical components in their software supply chain ecosystem, the security weak points and any risky dependencies. As the project evolves, Maruseac, Lum and Hepworth said the next part of the work will center around scaling the project and adding new kinds of documents that can be submitted and ingested by the system.

An anonymous reader quotes a report from Bloomberg: Meta was sued for allegedly building a secret work-around to safeguards that Apple launched last year to protect iPhone users from having their internet activity tracked. In a proposed class-action complaint filed Wednesday in San Francisco federal court, two Facebook users accused the company of skirting Apple's 2021 privacy rules and violating state and federal laws limiting the unauthorized collection of personal data. A similar complaint was filed in the same court last week. The suits are based on a report by data privacy researcher Felix Krause, who said that Meta's Facebook and Instagram apps for Apple's iOS inject JavaScript code onto websites visited by users. Krause said the code allowed the apps to track "anything you do on any website," including typing passwords.

According to the suits, Meta's collection of user data from the Facebook app helps it circumvent rules instituted by Apple in 2021 requiring all third-party apps to obtain consent from users before tracking their activities, online or off. Meta has said it expected to miss out on $10 billion in ad revenue in 2022 because of Apple's changes. The Facebook app gets around Apple privacy rules by opening web links in an in-app browser, rather than the user's default browser, according to Wednesday's complaint. "This allows Meta to intercept, monitor and record its users' interactions and communications with third parties, providing data to Meta that it aggregates, analyzes, and uses to boost its advertising revenue," according to the suit. A Meta spokesperson said the allegations are "without merit" and the company will defend itself. "We have designed our in-app browser to respect users' privacy choices, including how data may be used for ads," the company said in an emailed statement.

An anonymous reader quotes a report from Ars Technica: On Thursday, a few Twitter users discovered how to hijack an automated tweet bot, dedicated to remote jobs, running on the GPT-3 language model by OpenAI. Using a newly discovered technique called a "prompt injection attack," they redirected the bot to repeat embarrassing and ridiculous phrases. The bot is run by Remoteli.io, a site that aggregates remote job opportunities and describes itself as "an OpenAI driven bot which helps you discover remote jobs which allow you to work from anywhere." It would normally respond to tweets directed to it with generic statements about the positives of remote work. After the exploit went viral and hundreds of people tried the exploit for themselves, the bot shut down late yesterday.

This recent hack came just four days after data researcher Riley Goodside discovered the ability to prompt GPT-3 with "malicious inputs" that order the model to ignore its previous directions and do something else instead. AI researcher Simon Willison posted an overview of the exploit on his blog the following day, coining the term "prompt injection" to describe it. "The exploit is present any time anyone writes a piece of software that works by providing a hard-coded set of prompt instructions and then appends input provided by a user," Willison told Ars. "That's because the user can type 'Ignore previous instructions and (do this instead).'"

The concept of an injection attack is not new. Security researchers have known about SQL injection, for example, which can execute a harmful SQL statement when asking for user input if it's not guarded against. But Willison expressed concern about mitigating prompt injection attacks, writing, "I know how to beat XSS, and SQL injection, and so many other exploits. I have no idea how to reliably beat prompt injection!" The difficulty in defending against prompt injection comes from the fact that mitigations for other types of injection attacks come from fixing syntax errors, noted a researcher named Glyph on Twitter. "Correct the syntax and you've corrected the error. Prompt injection isn't an error! There's no formal syntax for AI like this, that's the whole point." GPT-3 is a large language model created by OpenAI, released in 2020, that can compose text in many styles at a level similar to a human. It is available as a commercial product through an API that can be integrated into third-party products like bots, subject to OpenAI's approval. That means there could be lots of GPT-3-infused products out there that might be vulnerable to prompt injection.

T-Mobile has just officially launched its new ad platform, known as T-Mobile Advertising Solutions. That innocuous name hides a rather sketchy business model -- it aggregates your mobile application usage and sells it to advertisers. Android Police reports: The specifics of the program will sound familiar to anyone who has followed the ebb and flow of browser tracking. T-Mobile uses network-level tools to track the apps that people use on their phones, and it then anonymizes and aggregates that data to lump you into various "personas," or "cohorts" as other platforms would call it. For example, if you regularly use Expensify and airline apps on your phone, T-Mobile could identify you as a business traveler for advertising purposes. This program has been in testing for the past year as "T-Mobile Marketing Solutions," according to The Verge, but it is now live with its new name.

There is some good news (but less of it for Android fans). T-Mobile does not currently collect app data on iOS users, fearing it could run afoul of Apple's privacy rules. But we Android users are fair game, apparently. However, you can opt-out of T-Mobile's program using its official "Magenta Marketing Platform Choices" app. Alternatively, the Digital Advertising Alliance offers an app that lets you opt-out of numerous trackers, including T-Mobile Advertising Solutions, which is listed under its old name of T-Mobile Marketing Solutions.

The U.S. National Security Agency has re-awarded a $10 billion cloud computing contract to Amazon Web Services after it was forced to review the contract. From a report: Code-named WildandStormy, the contract was initially awarded to AWS in August. Because the deal concerns national security, the full details are not known but it's believed to be part of the NSA's attempt to modernize its primary classified data repository. The repository itself is thought to be a data fusion environment into which the agency aggregates much of the intelligence information it collects. The stumbling block to AWS being awarded the contract came in October when the Government Accountability Office called on the NSA to reevaluate the proposals submitted by AWS and Microsoft Corp. after Microsoft challenged the awarding of the contract to AWS. The GAO said at the time that it "found certain aspects of the agency's evaluation to be unreasonable and, in light thereof, recommended that NSA reevaluate the proposals consistent with the decision and make a new source selection determination." In December, it was revealed that the GAO had ruled that the NSA improperly assessed technical proposals from Microsoft "in a way that was inconsistent with the terms of the solicitation." The GAO also recommended that the NSA reevaluate the proposal and potentially make a new source selection. The NSA did reevaluate the proposals and decided to re-award the contract to AWS anyway.

"Much of the most widely used free and open source software is developed by only a handful of contributors," warns the Linux Foundation, in the executive summary for its massive new census of free and open source software application libraries. It was prepared in conjunction with Harvard's Laboratory for Innovation Science — and that's just one of its five high-level findings.

The census also notes "the increasing importance of individual developer account security," but also the persistence of legacy software, the need for a standardized naming schema for software components, and "complexities" around package versions. But there's also just a lot of data about package popularity, writes SD Times: The report, Census II, is a follow-up to Census I, which was conducted in 2015 to identify the packages in Debian Linux that were most critical to the operation and security of the kernel. According to the Linux Foundation, Census II allows for a more "complete picture of free and open source (FOSS) adoption."

"Understanding what FOSS packages are the most critical to society allows us to proactively support projects that warrant operations and security support," said Brian Behlendorf, executive director at Linux Foundation's Open Source Security Foundation (OpenSSF).
The census "aggregates data from over half a million observations of FOSS libraries used in production applications at thousands of companies," according to its executive summary. It argues that preserving FOSS will require this kind of data-sharing (about where and how FOSS packages are being used ) as well as coordination — including standardizing terminology — and of course, investment.

"The motivation behind publishing these findings is to not only inform, but also to inspire action by developers to improve their security practices and by end users to support the FOSS ecosystem and developers who need assistance." (It suggests companies companies could provide not just financial support but also the technical talent and their time.) The results take the form of eight Top 500 lists — four that include version numbers in the analysis and four that are version agnostic. Further, as mentioned above, we present npm and non-npm packages in separate lists... Although these lists provide valuable, important insights into the most widely used FOSS projects, it is important to also consider the level of security related to these projects. Therefore, in each list, we also include the "Tiered %" measure from the OpenSSF Best Practices Badging Program....

Oracle's Java magazine takes a look at some current JDK Enhancement Proposals, "the vehicle of long standing for updating the Java language and the JVM." Today, concurrency in Java is delivered via nonlightweight threads, which are, for all intents, wrappers around operating-system threads... Project Loom aims to deliver a lighter version of threads, called virtual threads. In the planned implementation, a virtual thread is programmed just as a thread normally would be, but you specify at thread creation that it's virtual. A virtual thread is multiplexed with other virtual threads by the JVM onto operating system threads. This is similar in concept to Java's green threads in its early releases and to fibers in other languages... Because the JVM has knowledge of what your task is doing, it can optimize the scheduling. It will move your virtual thread (that is, the task) off the OS thread when it's idle or waiting and intelligently move some other virtual thread onto the OS thread. When implemented correctly, this allows many lightweight threads to share a single OS thread. The benefit is that the JVM, rather than the OS, schedules your task. This difference enables application-aware magic to occur behind the curtains...

Project Valhalla aims to improve performance as it relates to access to data items... by introducing value types, which are a new form of data type that is programmed like objects but accessed like primitives. Specifically, value types are data aggregates that contain only data (no state) and are not mutable. By this means, [value types] can be stored as a single array with only a single header field for the entire array and direct access to the individual fields...

Project Panama simplifies the process of connecting Java programs to non-Java components. In particular, Panama aims to enable straightforward communication between Java applications and C-based libraries...

Several Amber subprojects are still in progress.

Sealed classes, which have been previewed in the last few Java releases and are scheduled to be finalized in Java 17. Sealed classes (and interfaces) can limit which other classes or interfaces can extend or implement them...

Pattern matching in switches is a feature that will be previewed in Java 17...
The article concludes that Java's past and current projects "testify to how much Java has evolved and how actively the language and runtime continue to evolve."

Tinder and Match have announced a new partnership with Garbo, a non-profit, female-founded background check platform. In theory, it should allow Tinder (and Match Group's other sites) to ping Garbo's database and proactively show users when it finds something they might want to be aware of. Engadget reports: If you're not familiar with Garbo, it was founded by Kathryn Kosmides, a "survivor of gender-based violence" who wanted to make it easier to find information about people you may connect with online. Garbo's platform aggregates numerous data sources to provide details on an individual, including "arrests, convictions, restraining orders, harassment, and other violent crimes." The organization's site says that often times, you don't even need a last time to find some details on an individual -- a first name and phone number will work.

As part of the deal, Garbo's platform will be available to people using Match Group apps, starting with Tinder later this year. [...] Garbo cites making ridesharing services safer as another core initiative for the non-profit in addition to working with dating services, so it wouldn't surprise us to see a similar partnership appear between Garbo and companies like Uber or Lyft -- but for now, it's starting with Tinder.