"It took Anthropic's most advanced artificial-intelligence model about 20 minutes to find its first Firefox browser bug during an internal test of its hacking prowess," reports the Wall Street Journal. The Anthropic team submitted it, and Firefox's developers quickly wrote back: This bug was serious. Could they get on a call? "What else do you have? Send us more," said Brian Grinstead, an engineer with Mozilla, Firefox's parent organization.

Anthropic did. Over a two-week period in January, Claude Opus 4.6 found more high-severity bugs in Firefox than the rest of the world typically reports in two months, Mozilla said... In the two weeks it was scanning, Claude discovered more than 100 bugs in total, 14 of which were considered "high severity..." Last year, Firefox patched 73 bugs that it rated as either high severity or critical.
A Mozilla blog post calls Firefox "one of the most scrutinized and security-hardened codebases on the web. Open source means our code is visible, reviewable, and continuously stress-tested by a global community." So they're impressed — and also thankful Anthropic provided test cases "that allowed our security team to quickly verify and reproduce each issue." Within hours, our platform engineers began landing fixes, and we kicked off a tight collaboration with Anthropic to apply the same technique across the rest of the browser codebase... . A number of the lower-severity findings were assertion failures, which overlapped with issues traditionally found through fuzzing, an automated testing technique that feeds software huge numbers of unexpected inputs to trigger crashes and bugs. However, the model also identified distinct classes of logic errors that fuzzers had not previously uncovered...

We view this as clear evidence that large-scale, AI-assisted analysis is a powerful new addition in security engineers' toolbox. Firefox has undergone some of the most extensive fuzzing, static analysis, and regular security review over decades. Despite this, the model was able to reveal many previously unknown bugs. This is analogous to the early days of fuzzing; there is likely a substantial backlog of now-discoverable bugs across widely deployed software.
"In the time it took us to validate and submit this first vulnerability to Firefox, Claude had already discovered fifty more unique crashing inputs" in 6,000 C++ files, Anthropic says in a blog post (which points out they've also used Claude Opus 4.6 to discover vulnerabilities in the Linux kernel).

"Anthropic "also rolled out Claude Code Security, an automated code security testing tool, last month," reports Axios, noting the move briefly rattled cybersecurity stocks...

An anonymous reader quotes a report from Popular Science: On the early evening of June 22, 2010, American tennis star John Isner began a grueling Wimbledon match against Frenchman Nicolas Mahut that would become the longest in the sport's history. The marathon battle lasted 11 hours and stretched across three consecutive days. Though Isner ultimately prevailed 70-68 in the fifth set, some in attendance half-jokingly wondered at the time whether the two men might be trapped on that court for eternity. A similarly endless-seeming skirmish of rackets is currently unfolding just an hour's drive south of the All England Club -- at Google DeepMind. Known for pioneering AI models that have outperformed the best human players at chess and Go, DeepMind now has a pair of robotic arms engaged in a kind of infinite game of table tennis. The goal of this ongoing research project, which began in 2022, is for the two robots to continuously learn from each other through competition.

Just as Isner eventually adapted his game to beat Mahut, each robotic arm uses AI models to shift strategies and improve. But unlike the Wimbledon example, there's no final score the robots can reach to end their slugfest. Instead, they continue to compete indefinitely, with the aim of improving at every swing along the way. And while the robotic arms are easily beaten by advanced human players, they've been shown to dominate beginners. Against intermediate players, the robots have roughly 50/50 odds -- placing them, according to researchers, at a level of "solidly amateur human performance."

All of this, as two researchers involved noted this week in an IEEE Spectrum blog, is being done in hopes of creating an advanced, general-purpose AI model that could serve as the "brains" of humanoid robots that may one day interact with people in real-world factories, homes, and beyond. Researchers at DeepMind and elsewhere are hopeful that this learning method, if scaled up, could spark a "ChatGPT moment" for robotics -- fast-tracking the field from stumbling, awkward hunks of metal to truly useful assistants. "We are optimistic that continued research in this direction will lead to more capable, adaptable machines that can learn the diverse skills needed to operate effectively and safely in our unstructured world," DeepMind senior staff engineer Pannag Sanketi and Arizona State University Professor Heni Ben Amor write in IEEE Spectrum.

"A modern free society has an obligation to offer electronic tax filing that respects user freedom," says a Free Software Foundation blog post, "and the United States is not excluded from this responsibility."

"Governments, and/or the companies that they partner with, are responsible for providing free as in freedom software for necessary operations, and tax filing is no exception." For many years now, a large portion of [U.S.] taxpayers have filed their taxes electronically through proprietary programs like TurboTax. Millions of taxpayers are led to believe that they have no other option than to use nonfree software or Service as a Software Substitute (SaaSS), giving up their freedom as well as their most private financial information to a third-party company, in order to file their taxes...

While the options for taxpayers have improved slightly with the IRS's implementation of the IRS Direct File program [in 25 states], this program unfortunately does require users to hand over their freedom when filing taxes.... Taxpayers shouldn't have to use a program that violates their individual freedoms to file legally required taxes. While Direct File is a step in the right direction as the program isn't in the hands of a third-party entity, it is still nonfree software. Because Direct File is a US government-operated program, and ongoing in the process of being deployed to twenty-five states, it's not too late to call on the IRS to make Direct File free software.

In the meantime, if you need to file US taxes and are yet to file, we suggest filing your taxes in a way that respects your user freedom as much as possible, such as through mailing tax forms. Like with other government interactions that snatch away user freedom, choose the path that most respects your freedom.
Free-as-in-freedom software would decrease the chance of user lock-in, the FSF points out. But they list several other advantages, including:

• Repairability: With free software, there is no uncertain wait period or reliance on a proprietary provider to make any needed bug or security fixes.

• Transparency: Unless you can check what a program really does (or ask someone in the free software community to check for you), there is no way to know that the program isn't doing things you don't consent to it doing.

• Cybersecurity: While free software isn't inherently more secure than nonfree software, it does have a tendency to be more secure because many developers can continuously improve the program and search for errors that can be exploited. With proprietary programs like TurboTax, taxpayers and the U.S. government are dependent on TurboTax to protect the sensitive financial and personal information of millions with few (if any) outside checks and balances...

• Taxpayer dollars spent should actually benefit the taxpayers: Taxpayer dollars should not be used to fund third-party programs that seek to control users and force them to use their programs through lobbying....

"We don't have to accept this unjust reality: we can work for a better future, together," the blog post concludes (offering a "sample message" U.S. taxpayers could send to IRS Commissioner Danny Werfel).

"Take action today and help make electronic tax filing free as in freedom for everyone."

A new report released by Cisco finds that 97% of CEOs surveyed are planning AI integration. Similarly, 92% of companies recently surveyed by McKinsey plan to invest more in generative AI over the next three years. Fortune: To that end, many companies are seeking tech-savvy finance talent, according to a new report by software company Datarails. The researchers analyzed 6,000 job listings within the CFO's office -- CFO, controller, financial planning and analysis (FP&A), and accountant -- advertised on job search websites including LinkedIn, Glassdoor, Indeed, Job2Careers, and ZipRecruiter.

Of the 1,000 job listings for CFOs in January 2025, 27% included AI in the job description. This compares to 8% mentions of AI in 1,000 CFO job listings at the same time last year. Take, for example, Peaks Healthcare Consulting which required a CFO candidate to "continuously learn and integrate AI to improve financial processes and decision making," Datarails notes in the report. Regarding FP&A professionals, in January 2025, 35% of analyst roles mentioned AI competency as a requirement, compared to 14% in January 2024, according to the report.

Android and Google Play have billions of users, Google wrote in its security blog this week. "However, like any flourishing ecosystem, it also attracts its share of bad actors... That's why every year, we continue to invest in more ways to protect our community." Google's tactics include industry-wide alliances, stronger privacy policies, and "AI-powered threat detection."

"As a result, we prevented 2.36 million policy-violating apps from being published on Google Play and banned more than 158,000 bad developer accounts that attempted to publish harmful apps. " To keep out bad actors, we have always used a combination of human security experts and the latest threat-detection technology. In 2024, we used Google's advanced AI to improve our systems' ability to proactively identify malware, enabling us to detect and block bad apps more effectively. It also helps us streamline review processes for developers with a proven track record of policy compliance. Today, over 92% of our human reviews for harmful apps are AI-assisted, allowing us to take quicker and more accurate action to help prevent harmful apps from becoming available on Google Play. That's enabled us to stop more bad apps than ever from reaching users through the Play Store, protecting users from harmful or malicious apps before they can cause any damage.
Starting in 2024 Google also "required apps to be more transparent about how they handle user information by launching new developer requirements and a new 'Data deletion' option for apps that support user accounts and data collection.... We're also constantly working to improve the safety of apps on Play at scale, such as with the Google Play SDK Index. This tool offers insights and data to help developers make more informed decisions about the safety of an SDK."

And once an app is installed, "Google Play Protect, Android's built-in security protection, helps to shield their Android device by continuously scanning for malicious app behavior." Google Play Protect automatically scans every app on Android devices with Google Play Services, no matter the download source. This built-in protection, enabled by default, provides crucial security against malware and unwanted software. Google Play Protect scans more than 200 billion apps daily and performs real-time scanning at the code-level on novel apps to combat emerging and hidden threats, like polymorphic malware. In 2024, Google Play Protect's real-time scanning identified more than 13 million new malicious apps from outside Google Play [based on Google Play Protect 2024 internal data]...

According to our research, more than 95 percent of app installations from major malware families that exploit sensitive permissions highly correlated to financial fraud came from Internet-sideloading sources like web browsers, messaging apps, or file managers. To help users stay protected when browsing the web, Chrome will now display a reminder notification to re-enable Google Play Protect if it has been turned off... Scammers may manipulate users into disabling Play Protect during calls to download malicious Internet-sideloaded apps. To prevent this, the Play Protect app scanning toggle is now temporarily disabled during phone or video calls...

Google Play Protect's enhanced fraud protection pilot analyzes and automatically blocks the installation of apps that may use sensitive permissions frequently abused for financial fraud when the user attempts to install the app from an Internet-sideloading source (web browsers, messaging apps, or file managers). Building on the success of our initial pilot in partnership with the Cyber Security Agency of Singapore (CSA), additional enhanced fraud protection pilots are now active in nine regions — Brazil, Hong Kong, India, Kenya, Nigeria, Philippines, South Africa, Thailand, and Vietnam.

In 2024, Google Play Protect's enhanced fraud protection pilots have shielded 10 million devices from over 36 million risky installation attempts, encompassing over 200,000 unique apps.

Amazon is developing smart eyeglasses for delivery drivers to improve efficiency by offering turn-by-turn navigation. "Such directions could shave valuable seconds off each delivery by providing left or right directions off elevators and around obstacles such as gates or aggressive dogs," reports Reuters. "With millions of packages delivered daily, seconds add up. The glasses would also free drivers from using handheld Global Positioning System devices, allowing them to carry more packages." From the report: Amazon's delivery glasses, the people warned, could be shelved or delayed indefinitely if they do not work as envisioned, or for financial or other reasons. The sources said they may take years to perfect. "We are continuously innovating to create an even safer and better delivery experience for drivers," an Amazon spokesperson said, when asked about the driver eyeglasses. "We otherwise don't comment on our product roadmap." [...]

The delivery glasses in development build on Amazon's Echo Frames smart glasses, which allow users to listen to audio and use voice commands from Alexa, Amazon's virtual assistant, the people said. Known by the internal code name Amelia, the delivery glasses would rely on a small display on one of the lenses and could take photos of delivered packages as proof for customers, the sources said. Amazon released in September an unrelated chatbot for third-party sellers that is also known as Amelia. But the technology is still in development and Amazon has had trouble making a battery that can last a full eight-hour shift, and still be light enough to wear all day without causing fatigue, the people said. As well, gathering complete data on each house, sidewalk, street, curb and driveway could take years, they said.

Delivery drivers visit more than 100 customers per shift, Amazon has said. With increased efficiency, Amazon could ask drivers to ferry more packages and visit more homes. The Seattle company could face other obstacles, including convincing its thousands of drivers to use the eyeglasses, which may be uncomfortable, distracting or unsightly, the people said, not to mention the fact some drivers already wear corrective glasses. However, much of Amazon's delivery force consists of outside companies, meaning Amazon could make wearing the glasses a contractual requirement, the people said. [...] The embedded screen in development is also slated for a future generation of the Echo Frames that could be released as soon as 2026's second quarter, two of the people said.

Longtime Slashdot reader AmiMoJo shares a report from Ars Technica, written by John Timmer: While solar power is growing at an extremely rapid clip, in absolute terms, the use of natural gas for electricity production has continued to outpace renewables. But that looks set to change in 2024, as the US Energy Information Agency (EIA) has run the numbers on the first half of the year and found that wind, solar, and batteries were each installed at a pace that dwarfs new natural gas generators. And the gap is expected to get dramatically larger before the year is over.

According to the EIA's numbers, about 20 GW of new capacity was added in the first half of this year, and solar accounts for 60 percent of it. Over a third of the solar additions occurred in just two states, Texas and Florida. There were two projects that went live that were rated at over 600 MW of capacity, one in Texas, the other in Nevada. Next up is batteries: The US saw 4.2 additional gigawatts of battery capacity during this period, meaning over 20 percent of the total new capacity. (Batteries are treated as the equivalent of a generating source by the EIA since they can dispatch electricity to the grid on demand, even if they can't do so continuously.) Texas and California alone accounted for over 60 percent of these additions; throw in Arizona and Nevada, and you're at 93 percent of the installed capacity.

The clear pattern here is that batteries are going where the solar is, allowing the power generated during the peak of the day to be used to meet demand after the sun sets. This will help existing solar plants avoid curtailing power production during the lower-demand periods in the spring and fall. In turn, this will improve the economic case for installing additional solar in states where its production can already regularly exceed demand. Wind power, by contrast, is running at a more sedate pace, with only 2.5 GW of new capacity during the first six months of 2024. And for likely the last time this decade, additional nuclear power was placed on the grid, at the fourth 1.1 GW reactor (and second recent build) at the Vogtle site in Georgia. The only other additions came from natural gas-powered facilities, but these totaled just 400 MW, or just 2 percent of the total of new capacity.

The EIA expects a bit over 60 GW of new capacity to be installed by the end of the year, with 37 GW of that coming in the form of solar power. Battery growth continues at a torrid pace, with 15 GW expected, or roughly a quarter of the total capacity additions for the year. Wind will account for 7.1 GW of new capacity, and natural gas 2.6 GW. Throw in the contribution from nuclear, and 96 percent of the capacity additions of 2024 are expected to operate without any carbon emissions. Even if you choose to ignore the battery additions, the fraction of carbon-emitting capacity added remains extremely small, at only 6 percent."

An anonymous reader quotes a report from 404 Media's Jason Koebler: The Department of Homeland Security bought a dog-like robot that it has modified with an "antenna array" that gives law enforcement the ability to overload people's home networks in an attempt to disable any internet of things devices they have, according to the transcript of a speech given by a DHS official at a border security conference for cops obtained by 404 Media. The DHS has also built an "Internet of Things" house to train officers on how to raid homes that suspects may have "booby trapped" using smart home devices, the official said.

The robot, called "NEO," is a modified version of the "Quadruped Unmanned Ground Vehicle (Q-UGV) sold to law enforcement by a company called Ghost Robotics. Benjamine Huffman, the director of DHS's Federal Law Enforcement Training Centers (FLETC), told police at the 2024 Border Security Expo in Texas that DHS is increasingly worried about criminals setting "booby traps" with internet of things and smart home devices, and that NEO allows DHS to remotely disable the home networks of a home or building law enforcement is raiding. The Border Security Expo is open only to law enforcement and defense contractors. A transcript of Huffman's speech was obtained by the Electronic Frontier Foundation's Dave Maass using a Freedom of Information Act request and was shared with 404 Media. [...]

The robot is a modified version of Ghost Robotics' Vision 60 Q-UGV, which the company says it has sold to "25+ National Security Customers" and which is marketed to both law enforcement and the military. "Our goal is to make our Q-UGVs an indispensable tool and continuously push the limits to improve its ability to walk, run, crawl, climb, and eventually swim in complex environments," the company notes on its website. "Ultimately, our robot is made to keep our warfighters, workers, and K9s out of harm's way." "NEO can enter a potentially dangerous environment to provide video and audio feedback to the officers before entry and allow them to communicate with those in that environment," Huffman said, according to the transcript. "NEO carries an onboard computer and antenna array that will allow officers the ability to create a 'denial-of-service' (DoS) event to disable 'Internet of Things' devices that could potentially cause harm while entry is made."

Framework, the company known for designing and selling upgradeable, modular laptops, has struggled with providing up-to-date software for its products. Ars Technica's Andrew Cunningham spoke with CEO Nirav Patel to discuss how the company is working on fixing these issues. Longtime Slashdot reader snikulin shares the report: Driver bundles remain un-updated for years after their initial release. BIOS updates go through long and confusing beta processes, keeping users from getting feature improvements, bug fixes, and security updates. In its community support forums, Framework employees, including founder and CEO Nirav Patel, have acknowledged these issues and promised fixes but have remained inconsistent and vague about actual timelines. [...] Patel says Framework has taken steps to improve the update problem, but he admits that the team's initial approach -- supporting existing laptops while also trying to spin up firmware for upcoming launches -- wasn't working. "We started 12th-gen [Intel Framework Laptop] development, basically the 12th-gen team was also handling looking back at 11th-gen [Intel Framework Laptop] to do firmware updates there," Patel told Ars. "And it became clear, especially as we continued to add on more platforms, that just wasn't a sustainable path to proceed on."

Part of the issue is that Framework relies on external companies to put together firmware updates. Some components are provided by Intel, AMD, and other chip companies to all PC companies that use their chips. Others are provided by Insyde, which writes UEFI firmware for Framework and others. And some are handled by Compal, the contract manufacturer that actually produces Framework's systems and has also designed and sold systems for most of the big-name PC companies. As far back as August 2023, Patel has written that the plan is to work with Compal and Insyde to hire dedicated staff to provide better firmware support for Framework laptops. However, the benefits of this arrangement have been slow to reach users. "[Compal] started recruiting on their side towards the end of last year," Patel told Ars. "And now, just at the beginning of this year, we've been able to get that whole team into place and start onboarding them. And especially after Lunar New Year, which is in early February, that team is now up and running at full speed." The goal, Patel says, is to continuously cycle through all of Framework's actively supported laptops, updating each of them one at a time before looping back around and starting the process over again. Functionality-breaking problems and security fixes will take precedence, while additional features and user requests will be lower-priority. ... snikulin adds: "As a recent Framework 13/AMD owner, I can confirm that it does not sleep properly on a default Windows 11 install. When I close the lid in the evening, the battery is dead the next morning. It's interesting to hear from Linus Sebastian (LTT) on the topic because he is a stakeholder in Framework."

Poland has fined Amazon close to $8 million for misleading consumers about the conclusion of sales contracts on its online marketplace. The sanction "also calls out the e-commerce giant for deceptive design elements which may inject a false sense of urgency into the purchasing process and mislead shoppers about elements like product availability and delivery dates," reports TechCrunch. From the report: The country's consumer and competition watchdog, the UOKiK, has been looking into complaints about Amazon's sales practices since September 2021, following complaints from shoppers, including some who did not receive their purchases. The authority opened a formal investigation into Amazon's practices in February 2023. Wednesday's sanction is the conclusion of that probe. The UOKiK found consumers who ordered products on Amazon could have their purchases subsequently cancelled by the tech giant as it does not treat the moment of purchase as the conclusion of a sales contract, despite sending consumers confirmation of their order -- even after consumers have paid for the product. For Amazon, the conclusion of a sales contract only occurs once it has sent information about the actual shipment. [...]

Its enforcement also calls out Amazon for using deceptive design to encourage shoppers to click buy by presenting misleading information about product availability and delivery windows -- such as by listing how many items were in stock to be purchased and providing a countdown clock to order an item in order to get it on a particular delivery date. Its investigation found Amazon does not always meet these deadlines for orders, nor ship products immediately as they may be out of stock despite claims to the contrary shown to consumers. "Amazon treats the data it provides on availability and shipping date as indicative but the way it is presented does not indicate this," the UOKiK noted, adding: "Consumers can only find out about this in the terms of sale on the platform."

While Amazon does offer a delivery guarantee -- offering a refund if items do not ship within the stated time -- the authority found it failed to provide consumers with information about the rules of this service before placing an order. It only offers details at the order summary stage. And then only "if the consumer decides to read the subsequent links specifying delivery details." Shoppers who did not follow the link to read more may not have been aware of their right to apply for and receive a refund from Amazon if there is a delay in shipment. It also found the e-commerce giant failed to provide information about the "Delivery Guarantee" in the purchase confirmation sent to shoppers. Amazon said it will appeal the fine. The company also writes: "Fast and reliable delivery across a wide selection of products is a top priority for us, and Amazon.pl has millions of items available with fast and free Prime delivery. Since launching Amazon.pl in 2021, we have continuously invested and worked hard to provide customers with a clear, reliable delivery promise at check out, and while the vast majority of our deliveries arrive on time, customers can contact us in the rare event that they experience a delay or order cancellation, and we will make it right.

Over the last year, we have collaborated with the Office of Competition and Consumer Protection (UOKiK), and proposed multiple voluntary amendments to continue to improve the customer experience on Amazon.pl. We strictly follow legal standards in all countries where we operate and we strongly disagree with the assessment and penalty issued by the UOKiK. We will appeal this decision."

An anonymous reader quotes a report from The Guardian: Sellafield, Europe's most hazardous nuclear site, has a worsening leak from a huge silo of radioactive waste that could pose a risk to the public, the Guardian can reveal. Concerns over safety at the crumbling building, as well as cracks in a reservoir of toxic sludge known as B30, have caused diplomatic tensions with countries including the US, Norway and Ireland, which fear Sellafield has failed to get a grip of the problems. The leak of radioactive liquid from one of the "highest nuclear hazards in the UK" -- a decaying building at the vast Cumbrian site known as the Magnox swarf storage Silo (MSSS) -- is likely to continue to 2050. That could have "potentially significant consequences" if it gathers pace, risking contaminating groundwater, according to an official document. Cracks have also developed in the concrete and asphalt skin covering the huge pond containing decades of nuclear sludge, part of a catalogue of safety problems at the site. These concerns have emerged in Nuclear Leaks, a year-long Guardian investigation into problems spanning cyber hacking, radioactive contamination and toxic workplace culture at the vast nuclear dump. "We are proud of our safety record at Sellafield and we are always striving to improve," said a Sellafield spokesperson in a statement. "The nature of our site means that until we complete our mission, our highest hazard facilities will always pose a risk. We continuously measure and report on nuclear, radiological, and conventional safety. Employees are empowered to raise issues and challenge when things aren't right."

The Atlantic writes: Failing a CAPTCHA isn't just annoying — it keeps people from navigating the internet. Older people can take considerably more time to solve different kinds of CAPTCHAs, according to the UC Irvine researchers, and other research has found that the same is true for non-native English speakers. The annoyance can lead a significant chunk of users to just give up.
But is it all also just a big waste of time? The article notes there's now even CAPTCHA-solving services you can hire. ("2Captcha will solve a thousand CAPTCHAs for a dollar, using human workers paid as low as 50 cents an hour. Newer companies, such as Capsolver, claim to instead be using AI and charge roughly the same price.")

And they also write that this summer saw more discouraging news: In a recent study from researchers at UC Irvine and Microsoft:

- most of the 1,400 human participants took 15 to 26 seconds to solve a CAPTCHA with a grid of images, with 81% accuracy.

- A bot tested in March 2020, meanwhile, was shown to solve similar puzzles in an average of 19.9 seconds, with 83% accuracy.
The article ultimately argues that for roughly 20 years, "CAPTCHAs have been engaged in an arms race against the machines," and that now "The burden is on CAPTCHAs to keep up" — which they're doing by evolving. The most popular type, Google's reCAPTCHA v3, should mostly be okay. It typically ascertains your humanity by monitoring your activity on websites before you even click the checkbox, comparing it with models of "organic human interaction," Jess Leroy, a senior director of product management at Google Cloud, the division that includes reCAPTCHA, told me.
But the automotive site Motor Biscuit speculates something else could also be happening. "Have you noticed it likes to ask about cars, buses, crosswalks, and other vehicle-related images lately?" Google has not confirmed that it uses the reCAPTCHA system for autonomous vehicles, but here are a few reasons why I think that could be the case. Self-driving cars from Waymo and other brands are improving every day, but the process requires a lot of critical technology and data to improve continuously.

According to an old Google Security Blog, using reCAPTCHA and Street View to make locations on Maps more accurate was happening way back in 2014... [I]t would ask users to find the street numbers found on Google Street View and confirm the numbers matched. Previously, it would use distorted text or letters. Using this data, Google could correlate the numbers with addresses and help pinpoint the location on Google Maps...

Medium reports that more than 60 million CAPTCHAs are being solved every day, which saves around 160,000 human hours of work. If these were helping locate addresses, why not also help identify other objects? Help differentiate a bus from a car and even choose a crosswalk over a light pole.
Thanks to Slashdot reader rikfarrow for suggesting the topic.

Researchers from several U.S. institutions are collaborating "to develop and test an implantable device able to sense signs of the kind of inflammation associated with cancer," reports CBS News, "and delivery therapy when needed." Northwestern said the implant could significantly improve outcomes for patients with ovarian, pancreatic and other difficult-to-treat cancers — potentially cutting cancer-related deaths in the U.S. in half. "Instead of tethering patients to hospital beds, IV bags and external monitors, we'll use a minimally invasive procedure to implant a small device that continuously monitors their cancer and adjusts their immunotherapy dose in real time," said Rice University bioengineer Omid Veiseh. "This kind of 'closed-loop therapy' has been used for managing diabetes, where you have a glucose monitor that continuously talks to an insulin pump. But for cancer immunotherapy, it's revolutionary."
The project and team are named THOR, an acronym for "targeted hybrid oncotherapeutic regulation..." explains an announcement from Johns Hopkins. "THOR's proposed implant, or 'hybrid advanced molecular manufacturing regulator,' goes by the acronym HAMMR..."

The project will take five and a half years, and includes funding for a first-phase clinical trial treating recurrent ovarian cancer slated to begin in the fourth year. The research is funded by America's newly-established Advanced Research Projects Agency for Health (ARPA-H), according to a statement from the agency, representing its "commitment to supporting Cancer Moonshot goals of decreasing cancer deaths and improving the quality of life for patients..."

And they're also funding two more projects: The Synthetic Programmable bacteria for Immune-directed Killing in tumor Environments (SPIKEs) project, led by a team at the University of Missouri in Columbia, Missouri, aims to develop an inexpensive and safe therapy using bacteria specifically selected for tumor-targeting. Through SPIKEs, researchers intend to engineer bacteria that can recruit and regulate tumor-targeting immune cells, boosting the body's ability to fight off cancer without side-effects from traditional medications. Up to $19 million is allocated towards SPIKEs.

An additional project, with up to $50 million in potential funding inclusive of options, seeks to map cancer cell biomarkers to drastically improve multi-cancer early detection (MCED) and streamline clinical intervention when tumors are still small. Led by the Georgia Institute of Technology in Atlanta, Georgia, the Cancer and Organ Degradome Atlas (CODA) project aims to understand the cellular profiles unique to diseased cancer cells. The CODA platform intends to develop a suite of biosensor tools that can reliably recognize a range of cancer-specific markers and, ultimately, produce a highly precise, accurate, and cost-effective MCED test that can identify common cancers when they are most treatable.
In a statement, ARPA-H's director said that "With these awards, we hope to see crucial advancements in patient-tailored therapies, better and earlier tumor detection methods, and cell therapies that can help the immune system target cancer cells for destruction."

At Mobile World Congress (MWC) this week in Barcelona, OnePlus showcased a concept smartphone with liquid cooling technology, dubbed "Active CryoFlux." While the headset may never see the light of day, at least in its current form, it serves to show how serious OnePlus hopes to get about mobile gaming. From a report: A 0.2 square centimeter piezoelectric ceramic micropump moves the coolant up and down a pipeline near the rear of the device and around the massive camera array. The rear of the device is covered in a transparent material, showcasing the process as a kind of light show. It's a cool effect, and one that invariably shares comparisons to Phone (1), released by OnePlus co-founder Carl Pei's Nothing last year. "A lot of young people like playing games," said OnePlus President and COO Kinder Liu. "Gaming plays an important role in their digital life, and in the future, we will continuously improve their gaming experience. Currently, we definitely engage with our users about gaming development. We are talking about how to improve the gaming experience, and in the future, we believe we will have more time to talk to them."

A wearable ultrasound imager for the heart that is roughly the size of a postage stamp, can be worn for up to 24 hours, and works even during exercise may one day help doctors spot cardiac problems that current medical technology might miss, a new study finds. IEEE Spectrum reports: Now scientists have developed a wearable ultrasound device that can enable safe, continuous, real-time, long-term, and highly detailed imaging of the heart. They detailed their findings online on January 25 in the journal Nature. "Potential applications include continuously monitoring the heart in daily life, during exercise, during surgery, and much more," says study coauthor Ray Wu, a nanoengineer at UC San Diego. "This will open up the possibility to detect previously undetectable symptoms of disease, identify symptoms in their very early stages, and greatly improve patient outcomes."

The new device is a patch 1.9 centimeters long by 2.2 cm wide and only 0.9 millimeters thick. It uses an array of piezoelectric transducers to send and receive ultrasound waves in order to generate a constant stream of images of the structure and function of the heart. The researchers were able to get such images even during exercise on a stationary bike. No skin irritation or allergy was seen after 24 hours of continuous wear. "The most exciting result is that our patch performs well when an individual is moving," Hu says. "Our patch allows us to evaluate heart performance throughout exercise, providing valuable information about the heart when it is under high stress." The new patch is about as flexible as human skin. It can also stretch up to 110 percent of its size, which means it can survive far more strain than typically experienced on human skin. These features help it stick onto the body, something not possible with the rigid equipment often used for cardiac imaging.

In the new study, the researchers focused on imaging the left ventricle, the largest of the heart's four chambers "and strongly considered to be the most important in terms of cardiovascular health, as it is responsible for pumping oxygenated blood to the entire body," Wu says. Cardiac imaging generally focuses on the left ventricle, but the new device can image all of the heart's four chambers simultaneously, "so it may be possible for future research to focus on other or multiple chambers," he adds. In addition, "the imager can be applied to image various other organs, such as the stomach, kidney, or liver." Traditional cardiac ultrasound imaging constantly rotates an ultrasound probe to analyze the heart in multiple dimensions. To eliminate the need for this rotation, the array of ultrasound sensors and emitters in the new device is shaped like a cross so that ultrasonic waves can travel at right angles to each other. The scientists developed a custom deep-learning AI model that can analyze the data from the patch and automatically and continuously estimate vital details, such as the percentage of blood pumped out of the left ventricle with each beat, and the volume of blood the heart pumps out with each beat and every minute. The root of most heart problems is the heart not pumping enough blood, issues that often manifest only when the body is moving, the researchers note.

An anonymous reader quotes a report from Consumer Reports: A Consumer Reports investigation finds that TikTok, one of the country's most popular apps, is partnering with a growing number of other companies to hoover up data about people as they travel across the internet. That includes people who don't have TikTok accounts. These companies embed tiny TikTok trackers called "pixels" in their websites. Then TikTok uses the information gathered by all those pixels to help the companies target ads at potential customers, and to measure how well their ads work. To look into TikTok's use of online tracking, CR asked the security firm Disconnect to scan about 20,000 websites for the company's pixels. In our list, we included the 1,000 most popular websites overall, as well as some of the biggest sites with domains ending in ".org," ".edu," and ".gov." We wanted to look at those sites because they often deal with sensitive subjects. We found hundreds of organizations sharing data with TikTok.

If you go to the United Methodist Church's main website, TikTok hears about it. Interested in joining Weight Watchers? TikTok finds that out, too. The Arizona Department of Economic Security tells TikTok when you view pages concerned with domestic violence or food assistance. Even Planned Parenthood uses the trackers, automatically notifying TikTok about every person who goes to its website, though it doesn't share information from the pages where you can book an appointment. (None of those groups responded to requests for comment.) The number of TikTok trackers we saw was just a fraction of those we observed from Google and Meta. However, TikTok's advertising business is exploding, and experts say the data collection will probably grow along with it.

After Disconnect researchers conducted a broad search for TikTok trackers, we asked them to take a close look at what kind of information was being shared by 15 specific websites. We focused on sites where we thought people would have a particular expectation of privacy, such as advocacy organizations and hospitals, along with retailers and other kinds of companies. Disconnect found that data being transmitted to TikTok can include your IP address, a unique ID number, what page you're on, and what you're clicking, typing, or searching for, depending on how the website has been set up. What does TikTok do with all that information? "Like other platforms, the data we receive from advertisers is used to improve the effectiveness of our advertising services," says Melanie Bosselait, a TikTok spokesperson. The data "is not used to group individuals into particular interest categories for other advertisers to target." If TikTok receives data about someone who doesn't have a TikTok account, the company only uses that data for aggregated reports that they send to advertisers about their websites, she says. There's no independent way for consumers or privacy researchers to verify such statements. But TikTok's terms of service say its advertising customers aren't allowed to send the company certain kinds of sensitive information, such as data about children, health conditions, or finances. "We continuously work with our partners to avoid inadvertent transmission of such data," TikTok's Bosselait says. What can you do to protect your personal information? Consumer Reports recommends using privacy-protecting browser extensions like Disconnect, changing your browser's privacy settings to block trackers, and trying a more private browser like Firefox and Brave.

Bug bounty platform HackerOne has "a steadfast commitment to disclosing security incidents," according to a new blog post, "because we believe that sharing security information far and wide is essential to building a safer internet."

But now they've had an incident of their own: On June 22nd, 2022, a customer asked us to investigate a suspicious vulnerability disclosure made outside of the HackerOne platform. The submitter of this off-platform disclosure reportedly used intimidating language in communication with our customer. Additionally, the submitter's disclosure was similar to an existing disclosure previously submitted through HackerOne... Upon investigation by the HackerOne Security team, we discovered a then-employee had improperly accessed security reports for personal gain. The person anonymously disclosed this vulnerability information outside the HackerOne platform with the goal of claiming additional bounties.

This is a clear violation of our values, our culture, our policies, and our employment contracts. In under 24 hours, we worked quickly to contain the incident by identifying the then-employee and cutting off access to data. We have since terminated the employee, and further bolstered our defenses to avoid similar situations in the future. Subject to our review with counsel, we will also decide whether criminal referral of this matter is appropriate.
The blog post includes a detailed timeline of HackerOne's investigation. (They remotely locked the laptop, later taking possession of it for analysis, along with reviewing all data accessed "during the entirety of their two and a half months of employment" and notification of seven customers "known or suspected to be in contact with threat actor.")

"We are confident the insider access is now contained," the post concludes — outlining how they'll respond and the lessons learned. "We are happy that our previous investments in logging enabled an expedient investigation and response.... To ensure we can proactively detect and prevent future threats, we are adding additional employees dedicated to insider threats that will bolster detection, alerting, and response for business operations that require human access to disclosure data...."

"We are allocating additional engineering resources to invest further in internal models designed to identify anomalous access to disclosure data and trigger proactive investigative responses.... We are planning additional simulations designed to continuously evaluate and improve our ability to effectively resist insider threats."

A new study out of Germany says having traffic lights use AI technology may keep traffic flowing faster and smoother. Jalopnik reports: One of the partners in the study with an aggressively German name -- the Fraunhofer Institute for Optronics, System Technologies and Image Exploitation -- recently installed high-resolution cameras and radar sensors at a busy intersection with a traffic light in the city of Lemgo, according to New Atlas. The setup recorded the number of vehicles waiting for the light to change, the amount of time each of them had to wait and the average speed a vehicle drove through the intersection. Science wizardry was then used to train a machine-learning based computer algorithm. It experimented with different light-changing patterns. They would continuously adapt to real time traffic conditions and see which ones worked best to keep wait times down.

According to the simulations, the best artificial intelligence patterns could improve traffic flow by 10 to 15 percent. That may not sound like a ton, but add up all the time you spend white-knuckled at a long traffic light, and chop 15 percent off. Not too bad. The algorithm will be used to run the traffic lights at actual intersections in Germany for the next few months, and can only get better. The study is also looking to find ways to reduce waiting times at crosswalks for pedestrians. They're using LiDAR sensors among other things to assess the walking speed of pedestrians to make sure they have enough time to cross before the light turns on them.

"A photo and film restoration specialist, who goes by the name of DutchSteamMachine, has worked some AI magic to enhance original Apollo film, creating strikingly clear and vivid video clips and images," reports Universe Today: Take a look at this enhanced footage from an Apollo 16 lunar rover traverse with Charlie Duke and John Young, where the footage that was originally shot with 12 frames per second (FPS) has been increased to 60 FPS... And I was blown away by the crisp view of the Moon's surface in this enhanced view of Apollo 15's landing site at Hadley Rille... Or take a look at how clearly Neil Armstrong is visible in this enhanced version of the often-seen "first step" video from Apollo 11 taken by a 16mm video camera inside the Lunar Module...

The AI that DutchSteamMachine uses is called Depth-Aware video frame INterpolation, or DAIN for short. This AI is open source, free and constantly being developed and improved upon... "People have used the same AI programs to bring old film recordings from the 1900s back to life, in high definition and colour," he said. "This technique seemed like a great thing to apply to much newer footage...."

DutchSteamMachine does this work in his spare time, and posts it for free on his YouTube page. His tagline is "Preserving the past for the future..." And he's planning to keep it all coming. "I plan to improve tons of Apollo footage like this," he said. "A lot more space and history-related footage is going to be published on my YT channel continuously." He also has a Flickr page with more enhanced imagery. [And a Patreon page...]
Long-time Slashdot reader schwit1 calls it "similar to what Peter Jackson did with old World War I footage for They Shall Not Grow Old ."

Forbes.com shares some big Linux news: Since 2011, Arch Linux-based Manjaro has focused on being a simple-to-use, accessible Linux desktop distribution with a friendly community... But as of today, Manjaro Linux is no longer just a Linux distribution -- it's officially transforming into a company with ambitious plans for its future. Say hello to Manjaro GmbH & Co. KG.

The announcement happened just hours ago, via Manjaro developer Philip Müller. It's not the catchiest name, but the advantages to this move seem beneficial to the both the Manjaro project and the community using it. Müller says that for quite some time he's been researching "ways to secure the project in its current form and how to allow for activities which can't be undertaken as a 'hobby project.'" Crucially, he and the team wanted to reach new heights and be able to invest considerably more time into the project, without compromising the way its currently operating. To that end, the Manjaro team is announcing the formation of an established company, Manjaro GmbH & Co. KG, "to enable full-time employment of maintainers and exploration of future commercial opportunities." They'll also be taking on Blue Systems -- a German IT company specializing in Free and Libre software -- as an advisor.

Additionally, the team will transfer the ownership of all donations -- and the allocation of donations -- to fiscal hosts CommunityBridge and OpenCollective, which will both secure donations and make their use transparent... At this stage is look like there's a distinction between what will change in the immediate future, and what the company will strive for. The biggest immediate change -- one that Manjaro supporters may applaud -- is that developers Philip Müller and Bernhard Landauer can now commit to the distribution in a full-time capacity, with an eye toward taking on even more employees down the road. "One of our main goals is to improve our infrastructure and continuously work on the essentials and requirements of our distro as a professional endeavor," writes Müller. "Our hope is to soon be able to include additional contributors on a paid basis."