alternative_right shares a report from ScienceAlert: When's the last time you settled down with a good book, just because you enjoyed it? A new survey shows reading as a pastime is becoming dramatically less popular in the U.S., which correlates with an increased consumption of other digital media, like social media and streaming services. The survey was carried out by researchers from the University of Florida and the University of London, and charts a 40 percent decrease in daily reading for pleasure across the years 2003-2023, based on responses from 236,270 US adults.

"This is not just a small dip -- it's a sustained, steady decline of about 3 percent per year," says Jill Sonke, director for the Center for the Arts in Medicine at the University of Florida. "It's significant, and it's deeply concerning." The number of US people reading for pleasure every day peaked in 2004 at 28 percent, the researchers found, but by 2023 this was down to 16 percent. There was a silver lining though: those people who are still reading are reading for slightly longer on average.

Reading habits aren't changing across the board. The drops in reading for pleasure were higher in Black Americans, especially those with lower income, education levels, and who lived outside of cities. That speaks to problems beyond the rise of smartphones, tablets, and other screens, according to the researchers. Different life situations are leading to disparities in accessibility that don't help promote reading as a pastime. "Our digital culture is certainly part of the story," says Sonke. "But there are also structural issues -- limited access to reading materials, economic insecurity and a national decline in leisure time. If you're working multiple jobs or dealing with transportation barriers in a rural area, a trip to the library may just not be feasible." The findings have been published in the journal iScience.

A U.S.-China research team has developed the world's first one-step process to convert mixed plastic waste into gasoline and hydrochloric acid with up to 95-99% efficiency, all at room temperature and ambient pressure. InterestingEngineering reports: As the authors put it, "The method supports a circular economy by converting diverse plastic waste into valuable products in a single step." To carry out the conversion, the team combines plastic waste with light isoalkanes, hydrocarbon byproducts available from refinery processes. According to the paper, the process yields "gasoline range" hydrocarbons, mainly molecules with six to 12 carbons, which are the primary component of gasoline. The recovered hydrochloric acid can be safely neutralized and reused as a raw material, potentially displacing several high-temperature, energy-intensive production routes described in the paper. "We present here a strategy for upgrading discarded PVC into chlorine-free fuel range hydrocarbons and [hydrochloric acid] in a single-stage process," the researchers said. Reported conversion efficiencies underscore the potential for real-world use. At 86 degrees Fahrenheit (30 degrees Celsius), the process reached 95 percent conversion for soft PVC pipes and 99 percent for rigid PVC pipes and PVC wires.

In tests that mixed PVC materials with polyolefin waste, the method achieved a 96 percent solid conversion efficiency at 80 degrees Celsius (176 degrees Fahrenheit). The team describes the approach as applicable beyond laboratory-clean samples. "The process is suitable for handling real-world mixed and contaminated PVC and polyolefin waste streams," the paper states. SCMP points to an ECNU social media post citing the study, which characterized the achievement as a first, efficiently converting difficult-to-degrade mixed plastic waste into premium petrol at ambient temperature and pressure in a single step.

samleecole shares a report from 404 Media: An app developer has jailbroken Echelon exercise bikes to restore functionality that the company put behind a paywall last month, but copyright laws prevent him from being allowed to legally release it. Last month, Peloton competitor Echelon pushed a firmware update to its exercise equipment that forces its machines to connect to the company's servers in order to work properly. Echelon was popular in part because it was possible to connect Echelon bikes, treadmills, and rowing machines to free or cheap third-party apps and collect information like pedaling power, distance traveled, and other basic functionality that one might want from a piece of exercise equipment. With the new firmware update, the machines work only with constant internet access and getting anything beyond extremely basic functionality requires an Echelon subscription, which can cost hundreds of dollars a year.

App engineer Ricky Witherspoon, who makes an app called SyncSpin that used to work with Echelon bikes, told 404 Media that he successfully restored offline functionality to Echelon equipment and won the Fulu Foundation bounty. But he and the foundation said that he cannot open source or release it because doing so would run afoul of Section 1201 of the Digital Millennium Copyright Act, the wide-ranging copyright law that in part governs reverse engineering. There are various exemptions to Section 1201, but most of them allow for jailbreaks like the one Witherspoon developed to only be used for personal use. [...] "I don't feel like going down a legal rabbit hole, so for now it's just about spreading awareness that this is possible, and that there's another example of egregious behavior from a company like this [...] if one day releasing this was made legal, I would absolutely open source this. I can legally talk about how I did this to a certain degree, and if someone else wants to do this, they can open source it if they want to."

A widely used Node.js utility called fast-glob, relied on by thousands of projectsâ"including over 30 U.S. Department of Defense systems -- is maintained solely by a Russian developer linked to Yandex. While there's no evidence of malicious activity, cybersecurity experts warn that the lack of oversight in such critical open-source projects leaves them vulnerable to potential exploitation by state-backed actors. The Register reports: US cybersecurity firm Hunted Labs reported the revelations on Wednesday. The utility in question is fast-glob, which is used to find files and folders that match specific patterns. Its maintainer goes by the handle "mrmlnc", and the Github profile associated with that handle identifies its owner as a Yandex developer named Denis Malinochkin living in a suburb of Moscow. A website associated with that handle also identifies its owner as the same person, as Hunted Labs pointed out.

Hunted Labs told us that it didn't speak to Malinochkin prior to publication of its report today, and that it found no ties between him and any threat actor. According to Hunted Labs, fast-glob is downloaded more than 79 million times a week and is currently used by more than 5,000 public projects in addition to the DoD systems and Node.js container images that include it. That's not to mention private projects that might use it, meaning that the actual number of at-risk projects could be far greater.

While fast-glob has no known CVEs, the utility has deep access to systems that use it, potentially giving Russia a number of attack vectors to exploit. Fast-glob could attack filesystems directly to expose and steal info, launch a DoS or glob-injection attack, include a kill switch to stop downstream software from functioning properly, or inject additional malware, a list Hunted Labs said is hardly exhaustive. [...] Hunted Labs cofounder Haden Smith told The Register that the ties are cause for concern. "Every piece of code written by Russians isn't automatically suspect, but popular packages with no external oversight are ripe for the taking by state or state-backed actors looking to further their aims," Smith told us in an email. "As a whole, the open source community should be paying more attention to this risk and mitigating it." [...]

Hunted Labs said that the simplest solution for the thousands of projects using fast-glob would be for Malinochkin to add additional maintainers and enhance project oversight, as the only other alternative would be for anyone using it to find a suitable replacement. "Open source software doesn't need a CVE to be dangerous," Hunted Labs said of the matter. "It only needs access, obscurity, and complacency," something we've noted before is an ongoing problem for open source projects. This serves as another powerful reminder that knowing who writes your code is just as critical as understanding what the code does," Hunted Labs concluded.

The Michigan Supreme Court has drawn a firm line around digital privacy, ruling that police cannot use overly broad warrants to comb through every corner of a person's phone. From a report: In People v. Carson, the court found [PDF] that warrants for digital devices must include specific limitations, allowing access only to information directly tied to the suspected crime. Michael Carson became the focus of a theft investigation involving money allegedly taken from a neighbor's safe. Authorities secured a warrant to search his phone, but the document placed no boundaries on what could be examined.

It permitted access to all data on the device, including messages, photos, contacts, and documents, without any restriction based on time period or relevance. Investigators collected over a thousand pages of information, much of it unrelated to the accusation. The court ruled that this kind of expansive warrant violates the Fourth Amendment, which requires particularity in describing what police may search and seize.

An anonymous reader quotes a report from Reuters: Serbian scientists have been experimenting with mealworms as a way to break down polystyrene. Larisa Ilijin, a principal research fellow at Belgrade's Institute for Biology, said the scientists had discovered that mealworms can digest various plastics, including polystyrene, which is used in packaging, insulation and food containers. In the project endorsed by the government and the United Nations' agency for international development, UNDP, and other international donors, they have been including the polystyrene in the regular food of the larval form of the yellow mealworm beetle, or Tenebrio molitor.

They habitually eat more or less anything, but need the training to eat the plastic products. "We have larvae that have been adapted over a long time to biodegrade plastic, to be as efficient as possible in the process," Ilijin told Reuters. She said the bacteria living in their guts break down the plastic into carbon dioxide and water, and showed no evidence of leaving microplastic residue in their innards or faeces. The work builds on similar research projects in the U.S. and Africa. [...]

The institute has given Belgrade-based Belinda Animals several containers of the mealworms. It is now breeding them and hoping to attract a network of similar farms. "When breaking down 1 kg of Styrofoam, larvae emit one to two grams of carbon dioxide ... If we incinerate it ... (Styrofoam) emits over 4,000 times more," owner Boris Vasiljev said. He also envisages the larvae being used as animal feed, should it reach a large commercial scale. The use of mealworms is still in its infancy, Ilijin said, as Serbia still needs to adopt regulations that would allow the use and sale of insect products for animal fodder. "Styrofoam takes over 500 years to decompose in nature ... this would be one of the good ways for solving the problem of plastic waste in nature," Ilijin said.

Dust is that "feature" or drawback, The Verge's reviewer Allison Johnson argues. Samsung's head of smartphone planning Minseok Kang told her earlier this year that creating dustproof foldable phones remains technically challenging but "not impossible." Current flagship foldables from Samsung and Motorola carry IP48 ratings that protect against particles larger than one millimeter, while traditional smartphones at similar price points offer full IP68 dust and water resistance. The durability gap persists five years after Samsung's original Galaxy Fold experienced screen failures from small particles entering the hinge mechanism.

Wikipedia volunteer Grnrchst uncovered a decade-long campaign that created articles about composer David Woodard in 335 languages. The investigation identified 200 accounts and IP addresses systematically creating Woodard articles across 92 languages between 2017 and 2019, averaging one new article every six days. From December 2021 through June 2025, 183 unique accounts each created a single Woodard article in different languages after establishing credibility through unrelated edits.

Wikipedia stewards removed 235 articles from smaller wikis. Larger Wikipedia communities banned numerous accounts and deleted 80 additional articles. Twenty Woodard articles remain. Grnrchst called it "the single largest self-promotion operation in Wikipedia's history."

"Phishing training for employees as currently practiced is essentially useless," writes SC World, citing the presentation of two researchers at the Black Hat security conference: In a scientific study involving thousands of test subjects, eight months and four different kinds of phishing training, the average improvement rate of falling for phishing scams was a whopping 1.7%. "Is all of this focus on training worth the outcome?" asked researcher Ariana Mirian, a senior security researcher at Censys and recently a Ph.D. student at U.C. San Diego, where the study was conducted. "Training barely works..."

[Research partner Christian Dameff, co-director of the U.C. San Diego Center for Healthcare Cybersecurity] and Mirian wanted scientifically rigorous, real-world results. (You can read their academic paper here.) They enrolled more than 19,000 employees of the UCSD Health system and randomly split them into five groups, each member of which would see something different when they failed a phishing test randomly sent once a month to their workplace email accounts... Over the eight months of testing, however, there was little difference in improvement among the four groups that received different kinds of training. Those groups did improve a bit over the control group's performance — by the aforementioned 1.7%...

[A]bout 30% of users clicked on a link promising information about a change in the organization's vacation policy. Almost as many fell for one about a change in workplace dress code... Another lesson was that given enough time, almost everyone falls for a phishing email. Over the eight months of the experiment, just over 50% failed at least once.
Thanks to Slashdot reader spatwei for sharing the article.

An anonymous reader shares a report: India's blueprint for displacing China as the world's electronics workshop contains a rather extraordinary feature: the entire Indian edifice requires Chinese companies to supply the technical architecture, manufacturing know-how and operational templates that would make such displacement theoretically possible.

Let's start with Dixon Technologies, India's flagship domestic electronics manufacturer. The company has systematically built indigenous capability through a growing constellation of Chinese partnerships: Longcheer provides the design intelligence, Kunshan Q-Tech delivers camera module expertise, Chongqing Yuhai supplies precision-molded components and HKC brings display technology. This pattern of structured dependence has become the organizing principle of India's electronics manufacturing push.

[...] The current architecture sees Chinese companies retain control of the critical knowledge while their Indian partners provide labour arbitrage and regulatory navigation. Under this arrangement, India isn't constructing an alternative to Chinese manufacturing so much as establishing Chinese manufacturing's most elaborate subsidiary operation, underwritten by Indian taxpayers and marketed as national renewal. Many countries, but most importantly India and Vietnam, have worked hard in recent years to attract businesses that decided to diversify away from China, a strategy analysts have dubbed as "China Plus One."

An anonymous reader quotes a report from Ars Technica: In recent months, the AI industry has started moving toward so-called simulated reasoning models that use a "chain of thought" process to work through tricky problems in multiple logical steps. At the same time, recent research has cast doubt on whether those models have even a basic understanding of general logical concepts or an accurate grasp of their own "thought process." Similar research shows that these "reasoning" models can often produce incoherent, logically unsound answers when questions include irrelevant clauses or deviate even slightly from common templates found in their training data.

In a recent pre-print paper, researchers from the University of Arizona summarize this existing work as "suggest[ing] that LLMs are not principled reasoners but rather sophisticated simulators of reasoning-like text." To pull on that thread, the researchers created a carefully controlled LLM environment in an attempt to measure just how well chain-of-thought reasoning works when presented with "out of domain" logical problems that don't match the specific logical patterns found in their training data. The results suggest that the seemingly large performance leaps made by chain-of-thought models are "largely a brittle mirage" that "become[s] fragile and prone to failure even under moderate distribution shifts," the researchers write. "Rather than demonstrating a true understanding of text, CoT reasoning under task transformations appears to reflect a replication of patterns learned during training." [...]

Rather than showing the capability for generalized logical inference, these chain-of-thought models are "a sophisticated form of structured pattern matching" that "degrades significantly" when pushed even slightly outside of its training distribution, the researchers write. Further, the ability of these models to generate "fluent nonsense" creates "a false aura of dependability" that does not stand up to a careful audit. As such, the researchers warn heavily against "equating [chain-of-thought]-style output with human thinking" especially in "high-stakes domains like medicine, finance, or legal analysis." Current tests and benchmarks should prioritize tasks that fall outside of any training set to probe for these kinds of errors, while future models will need to move beyond "surface-level pattern recognition to exhibit deeper inferential competence," they write.

Reddit says that it has caught AI companies scraping its data from the Internet Archive's Wayback Machine, so it's going to start blocking the Internet Archive from indexing the vast majority of Reddit. From a report: The Wayback Machine will no longer be able to crawl post detail pages, comments, or profiles; instead, it will only be able to index the Reddit.com homepage, which effectively means Internet Archive will only be able to archive insights into which news headlines and posts were most popular on a given day.

"Internet Archive provides a service to the open web, but we've been made aware of instances where AI companies violate platform policies, including ours, and scrape data from the Wayback Machine," spokesperson Tim Rathschmidt tells The Verge.