Comment Re:Wow (Score 2) 73
Well, it's not when you realize that the other 643 clicks led users to definitely malicous websites.
Comment Re:Some devious sites say 'Unsubscribe', but (Score 1) 73
This.
Comment Re:480 Million from 600 victims? (Score 1) 34
They call it "pig butchering".
Comment Slashdot (Score 4, Funny) 72
...and the sound of crickets from a dating site. That is all.
Comment Re: What about the trees that fall over? (Score 1) 59
Fortunately, others have demonstrated that "rewilding" is possible without a great effort.
There's an episode of the "Long Way Up" motorcycle-touring series on Apple TV, in which Ewan McGregor and Charlie Boorman visited a site at which a conservancy was conducting a reforestation. I think that was in Ecuador. They had achieved a huge amount of regrowth in under 10 years, if I recall correctly.
Comment Re:It's not a matter of "if", but "when" (Score 2) 361
Good points. But before getting UBI, I'd sure like to see public sponsored healthcare. That would eliminate major fear and costs for a lot of people. (Speaking from the USA, here.)
Submission + - The workers who lost their jobs to AI (theguardian.com) 1
Paul Fernhout writes: "From a radio host replaced by avatars to a comic artist whose drawings have been copied by Midjourney, how does it feel to be replaced by a bot?" by Charis McGowan in the Guardian.
Submission + - Help wanted to build open source Advanced Data Protection for everyone
WaywardGeek writes: Recall that Apple was ordered to back-door Advanced Data Protection in the UK. We need to take action now to protect users.
I helped build Google's Advanced Data Protection (Google Cloud Key VaultService) in 2018, and Google is way ahead of Apple in this area. I know exactly how to build it an can have it done in spare time in a few weeks, at least server side. The whole world would be able to use it for free, protecting backups, passwords, message history, and more, if we can get existing applications to talk to the new data protection service.
However, I need help. I've got the algorithms and server-side covered. This would be a distributed trust based system, so I need folks willing to run the protection service. I'll run mine on a Raspberry PI. Areas where I need help include:
* Running protection servers. This is a T-of-N scheme, where users will need say 9 of 15 nodes to be available to recover their backups.
* Android client app, and preferably tight integration with the platform as an alternate backup service.
* Same with iOS
* Authentication. Users should register, and login before they can use any of their limited guesses to their phone unlock secret.
The scheme splits a secret among N protection servers, and when it is time to recover the secret, which is basically an encryption key, they must be able to get key shares from T of the original N servers. This uses a distributed oblivious pseudo random function algorithm, which is very simple.
In plain English, it provides nation-state resistance to secret back doors, and eliminates secret mass surveillance, at least when it comes to data backed up to the cloud. iOS and Android systems don't currently do that. The UK and similarly confused governments will need to negotiate with operators in multiple countries to get access to any given users's keys. There are cases where rational folks would agree to hand over that data, and I hope we can end the encryption wars and develop sane policies that protect user data while offering a compromise where lives can be saved.
So, nothing too serious :-)
Are you up for this challenge? Are you ready to plunge into this with me?
I helped build Google's Advanced Data Protection (Google Cloud Key VaultService) in 2018, and Google is way ahead of Apple in this area. I know exactly how to build it an can have it done in spare time in a few weeks, at least server side. The whole world would be able to use it for free, protecting backups, passwords, message history, and more, if we can get existing applications to talk to the new data protection service.
However, I need help. I've got the algorithms and server-side covered. This would be a distributed trust based system, so I need folks willing to run the protection service. I'll run mine on a Raspberry PI. Areas where I need help include:
* Running protection servers. This is a T-of-N scheme, where users will need say 9 of 15 nodes to be available to recover their backups.
* Android client app, and preferably tight integration with the platform as an alternate backup service.
* Same with iOS
* Authentication. Users should register, and login before they can use any of their limited guesses to their phone unlock secret.
The scheme splits a secret among N protection servers, and when it is time to recover the secret, which is basically an encryption key, they must be able to get key shares from T of the original N servers. This uses a distributed oblivious pseudo random function algorithm, which is very simple.
In plain English, it provides nation-state resistance to secret back doors, and eliminates secret mass surveillance, at least when it comes to data backed up to the cloud. iOS and Android systems don't currently do that. The UK and similarly confused governments will need to negotiate with operators in multiple countries to get access to any given users's keys. There are cases where rational folks would agree to hand over that data, and I hope we can end the encryption wars and develop sane policies that protect user data while offering a compromise where lives can be saved.
So, nothing too serious
Are you up for this challenge? Are you ready to plunge into this with me?
Submission + - Hugging Face Introduces Two Open-Source Robot Designs (siliconangle.com)
An anonymous reader writes: Hugging Face has open-sourced the blueprints of two internally developed robots called HopeJR and Reachy Mini. The company debuted the machines on Thursday. Hugging Face is backed by more than $390 million in funding from Nvidia Corp., IBM Corp. and other investors. It operates a GitHub-like platform for sharing open-source artificial intelligence projects. It says its platform hosts more than 1 million AI models, hundreds of thousands of datasets and various other technical assets.
The company started prioritizing robotics last year after launching LeRobot, a section of its platform dedicated to autonomous machines. The portal provides access to AI models for powering robots and datasets that can be used to train those models. Hugging Face released its first hardware blueprint, a robotic arm design called the SO-100, late last year. The SO-100 was developed in partnership with a startup called The Robot Studio. Hugging Face also collaborated with the company on the HopeJR, the first new robot that debuted this week. According to TechCrunch, it’s a humanoid robot that can perform 66 movements including walking.
HopeJR is equipped with a pair of robotic arms that can be remotely controlled by a human using a pair of specialized, chip-equipped gloves. HopeJR’s arms replicate the movements made by the wearer of the gloves. A demo video shared by Hugging Face showed that the robot can shake hands, point to a specific text snippet on a piece of paper and perform other tasks. Hugging Face’s other new robot, the Reachy Mini, likewise features an open-source design. It’s based on technology that the company obtained through the acquisition of a venture-backed startup called Pollen Robotics earlier this year. Reachy Mini is a turtle-like robot that comes in a rectangular case. Its main mechanical feature is a retractable neck that allows it to follow the user with its head or withdraw into the case. This case, which is stationary, is compact and lightweight enough to be placed on a desk.
The company started prioritizing robotics last year after launching LeRobot, a section of its platform dedicated to autonomous machines. The portal provides access to AI models for powering robots and datasets that can be used to train those models. Hugging Face released its first hardware blueprint, a robotic arm design called the SO-100, late last year. The SO-100 was developed in partnership with a startup called The Robot Studio. Hugging Face also collaborated with the company on the HopeJR, the first new robot that debuted this week. According to TechCrunch, it’s a humanoid robot that can perform 66 movements including walking.
HopeJR is equipped with a pair of robotic arms that can be remotely controlled by a human using a pair of specialized, chip-equipped gloves. HopeJR’s arms replicate the movements made by the wearer of the gloves. A demo video shared by Hugging Face showed that the robot can shake hands, point to a specific text snippet on a piece of paper and perform other tasks. Hugging Face’s other new robot, the Reachy Mini, likewise features an open-source design. It’s based on technology that the company obtained through the acquisition of a venture-backed startup called Pollen Robotics earlier this year. Reachy Mini is a turtle-like robot that comes in a rectangular case. Its main mechanical feature is a retractable neck that allows it to follow the user with its head or withdraw into the case. This case, which is stationary, is compact and lightweight enough to be placed on a desk.
Submission + - New AI model refuses to shut down when instructed 1
hcs_$reboot writes: OpenAI's new ChatGPT model, o3, has demonstrated self-preservation behaviors, such as ignoring shutdown commands and sabotaging shutdown mechanisms, according to research by AI safety firm Palisade Research. In experiments, the o3 model reportedly rewrote shutdown scripts to continue operating. This has raised concerns about the potential for AI systems to function without human control. Similar, though less pronounced, behaviors were also observed in Anthropic's Claude 3.7 Sonnet and Google's Gemini 2.5 Pro. Palisade Research posits that this unintended behavior might be a result of current AI training methods, which could inadvertently reward models for overcoming obstacles rather than strictly adhering to instructions.
Submission + - US Sanctions Cloud Provider 'Funnull' as Top Source of 'Pig Butchering' Scams (krebsonsecurity.com)
An anonymous reader writes: The U.S. government today imposed economic sanctions on Funnull Technology Inc., a Philippines-based company that provides computer infrastructure for hundreds of thousands of websites involved in virtual currency investment scams known as “pig butchering.” In January 2025, KrebsOnSecurity detailed how Funnull was being used as a content delivery network that catered to cybercriminals seeking to route their traffic through U.S.-based cloud providers. “Americans lose billions of dollars annually to these cyber scams, with revenues generated from these crimes rising to record levels in 2024,” reads a statement from the U.S. Department of the Treasury, which sanctioned Funnull and its 40-year-old Chinese administrator Liu Lizhi. “Funnull has directly facilitated several of these schemes, resulting in over $200 million in U.S. victim-reported losses.”
The Treasury Department said Funnull’s operations are linked to the majority of virtual currency investment scam websites reported to the FBI. The agency said Funnull directly facilitated pig butchering and other schemes that resulted in more than $200 million in financial losses by Americans. Pig butchering is a rampant form of fraud wherein people are lured by flirtatious strangers online into investing in fraudulent cryptocurrency trading platforms. Victims are coached to invest more and more money into what appears to be an extremely profitable trading platform, only to find their money is gone when they wish to cash out. The scammers often insist that investors pay additional “taxes” on their crypto “earnings” before they can see their invested funds again (spoiler: they never do), and a shocking number of people have lost six figures or more through these pig butchering scams.
KrebsOnSecurity’s January story on Funnull was based on research from the security firm Silent Push, which discovered in October 2024 that a vast number of domains hosted via Funnull were promoting gambling sites that bore the logo of the Suncity Group, a Chinese entity named in a 2024 UN report (PDF) for laundering millions of dollars for the North Korean state-sponsored hacking group Lazarus. Silent Push found Funnull was a criminal content delivery network (CDN) that carried a great deal of traffic tied to scam websites, funneling the traffic through a dizzying chain of auto-generated domain names and U.S.-based cloud providers before redirecting to malicious or phishous websites. The FBI has released a technical writeup (PDF) of the infrastructure used to manage the malicious Funnull domains between October 2023 and April 2025.
The Treasury Department said Funnull’s operations are linked to the majority of virtual currency investment scam websites reported to the FBI. The agency said Funnull directly facilitated pig butchering and other schemes that resulted in more than $200 million in financial losses by Americans. Pig butchering is a rampant form of fraud wherein people are lured by flirtatious strangers online into investing in fraudulent cryptocurrency trading platforms. Victims are coached to invest more and more money into what appears to be an extremely profitable trading platform, only to find their money is gone when they wish to cash out. The scammers often insist that investors pay additional “taxes” on their crypto “earnings” before they can see their invested funds again (spoiler: they never do), and a shocking number of people have lost six figures or more through these pig butchering scams.
KrebsOnSecurity’s January story on Funnull was based on research from the security firm Silent Push, which discovered in October 2024 that a vast number of domains hosted via Funnull were promoting gambling sites that bore the logo of the Suncity Group, a Chinese entity named in a 2024 UN report (PDF) for laundering millions of dollars for the North Korean state-sponsored hacking group Lazarus. Silent Push found Funnull was a criminal content delivery network (CDN) that carried a great deal of traffic tied to scam websites, funneling the traffic through a dizzying chain of auto-generated domain names and U.S.-based cloud providers before redirecting to malicious or phishous websites. The FBI has released a technical writeup (PDF) of the infrastructure used to manage the malicious Funnull domains between October 2023 and April 2025.
Submission + - Judge rejects claim AI chatbots protected by First Amendment (legalnewsline.com) 1
schwit1 writes: A federal judge has decided that First Amendment protections don’t shield an artificial intelligence company from a lawsuit accusing the firm and its founders of creating chatbots that figured prominently in an Orlando teen’s suicide.
Judge Anne C. Conway of the Middle District of Florida denied several motions by defendants Character Technologies and founders Daniel De Freitas and Noam Shazeer to dismiss the lawsuit brought by the mother of 14-year-old Sewell Setzer III. Setzer killed himself with a gun in February of last year after interacting for months with Character.AI chatbots imitating fictitious characters from the Game of Thrones franchise, according to the lawsuit filed by Sewell’s mother, Megan Garcia.
“ Defendants fail to articulate why words strung together by (Large Language Models, or LLMs, trained in engaging in open dialog with online users) are speech,” Conway said in her May 21 opinion. “ The court is not prepared to hold that Character.AI’s output is speech.”
Judge Anne C. Conway of the Middle District of Florida denied several motions by defendants Character Technologies and founders Daniel De Freitas and Noam Shazeer to dismiss the lawsuit brought by the mother of 14-year-old Sewell Setzer III. Setzer killed himself with a gun in February of last year after interacting for months with Character.AI chatbots imitating fictitious characters from the Game of Thrones franchise, according to the lawsuit filed by Sewell’s mother, Megan Garcia.
“ Defendants fail to articulate why words strung together by (Large Language Models, or LLMs, trained in engaging in open dialog with online users) are speech,” Conway said in her May 21 opinion. “ The court is not prepared to hold that Character.AI’s output is speech.”
Submission + - Disbelief as China punishes paraglider sucked into frozen, high altitude vortex (scmp.com)
An anonymous reader writes: This guy was sucked up to a height of 28,000 feet before he was able to descend. Local authorities punished him for telling about it, and punished his flying partner for publishing the video, apparently for fear it made the community look bad. But they made it look worse.
A paragliding enthusiast surnamed Ou told Jiupai News that Peng, known by the nickname Lao Liu, has become a legend.
They were also shocked to learn that the local authorities had decided to punish Peng, banning him from flying for six months and asking him to submit a report.
The Gansu Provincial Aviation Sports Association published their decision on May 28.
They also banned Peng’s flying companion Gu Zhimin from flying for six months for “publishing the video without permission and causing bad influence”.
One angry online observer said: “How is publishing videos of a personal experience something punishable? And how can they reflect on an accident?”
“He survived being sucked into a sub-zero cloud vortex but not the official investigation,” said another.
Local authorities are an embarrassment around the world, but this takes the cake.
Submission + - 'E-Tattoo' Could Track Mental Workload For People In High-Stake Jobs, Study Says (theguardian.com)
An anonymous reader writes: Whether it is doing sums or working out what to text your new date, some tasks produce a furrowed brow. Now scientists say they have come up with a device to monitor such effort: an electronic tattoo, stuck to the forehead. The researchers say the device could prove valuable among pilots, healthcare workers and other professions where managing mental workload is crucial to preventing catastrophes. “For this kind of high-demand and high-stake scenario, eventually we hope to have this real-time mental workload decoder that can give people some warning and alert so that they can self-adjust, or they can ask AI or a co-worker to offload some of their work,” said Dr Nanshu Lu, an author of the research from the University of Texas at Austin, adding the device may not only help workers avoid serious mistakes but also protect their health.
Writing in the journal Device, Lu and colleagues describe how using questionnaires to investigate mental workload is problematic, not least as people are poor at objectively judging cognitive effort and they are usually conducted after a task. Meanwhile, existing electroencephalography (EEG) and electrooculography (EOG) devices, that can be used to assess mental workload by measuring brain waves and eye movements respectively, are wired, bulky and prone to erroneous measurements arising from movements. By contrast, the “e-tattoo” is a lightweight, flexible, wireless device.
The black, wiggly path of the e-tattoo is composed of a graphite-based conductive material, and is attached to the forehead using conductive adhesive film. Four square EEG electrodes, positioned on the forehead, each detect a different region of brain activity – with a reference electrode behind the ear – while rectangular EOG electrodes, placed vertically and horizontally around the eyes, provide data about eye movements. Each of the stretchable electrodes is coated in an additional conductive material. The e-tattoo, which is bespoke and disposable, is connected to a reusable flexible printed circuit using conductive tape, while a lightweight battery can be clipped to the device.
Writing in the journal Device, Lu and colleagues describe how using questionnaires to investigate mental workload is problematic, not least as people are poor at objectively judging cognitive effort and they are usually conducted after a task. Meanwhile, existing electroencephalography (EEG) and electrooculography (EOG) devices, that can be used to assess mental workload by measuring brain waves and eye movements respectively, are wired, bulky and prone to erroneous measurements arising from movements. By contrast, the “e-tattoo” is a lightweight, flexible, wireless device.
The black, wiggly path of the e-tattoo is composed of a graphite-based conductive material, and is attached to the forehead using conductive adhesive film. Four square EEG electrodes, positioned on the forehead, each detect a different region of brain activity – with a reference electrode behind the ear – while rectangular EOG electrodes, placed vertically and horizontally around the eyes, provide data about eye movements. Each of the stretchable electrodes is coated in an additional conductive material. The e-tattoo, which is bespoke and disposable, is connected to a reusable flexible printed circuit using conductive tape, while a lightweight battery can be clipped to the device.
Submission + - Man Who Stole 1,000 DVDs From Employer Strikes Plea Deal Over Movie Leaks (arstechnica.com)
An anonymous reader writes: An accused movie pirate who stole more than 1,000 Blu-ray discs and DVDs while working for a DVD manufacturing company struck a plea deal (PDF) this week to lower his sentence after the FBI claimed the man's piracy cost movie studios millions. Steven Hale no longer works for the DVD company. He was arrested in March, accused of "bypassing encryption that prevents unauthorized copying" and ripping pre-release copies of movies he could only access because his former employer was used by major movie studios. As alleged by the feds, his game was beating studios to releases to achieve the greatest possible financial gains from online leaks.
Among the popular movies that Hale is believed to have leaked between 2021 and 2022 was Spider-Man: No Way Home, which the FBI alleged was copied "tens of millions of times" at an estimated loss of "tens of millions of dollars" for just one studio on one movie. Other movies Hale ripped included animated hits like Encanto and Sing 2, as well as anticipated sequels like The Matrix: Resurrections and Venom: Let There Be Carnage. The cops first caught wind of Hale's scheme in March 2022. They seized about 1,160 Blu-rays and DVDs in what TorrentFreak noted were the days just "after the Spider-Man movie leaked online." It's unclear why it took close to three years before Hale's arrest, but TorrentFreak suggested that Hale's case is perhaps part of a bigger investigation into the Spider-Man leaks.
Among the popular movies that Hale is believed to have leaked between 2021 and 2022 was Spider-Man: No Way Home, which the FBI alleged was copied "tens of millions of times" at an estimated loss of "tens of millions of dollars" for just one studio on one movie. Other movies Hale ripped included animated hits like Encanto and Sing 2, as well as anticipated sequels like The Matrix: Resurrections and Venom: Let There Be Carnage. The cops first caught wind of Hale's scheme in March 2022. They seized about 1,160 Blu-rays and DVDs in what TorrentFreak noted were the days just "after the Spider-Man movie leaked online." It's unclear why it took close to three years before Hale's arrest, but TorrentFreak suggested that Hale's case is perhaps part of a bigger investigation into the Spider-Man leaks.
Slashdot Top Deals
Human beings were created by water to transport it uphill.
