Forgot your password?
typodupeerror

Submission + - Steve Wozniak's foundation partners with RealDoll maker to make teacherbots (nysfocus.com) 1

Hentes writes: Apple cofounder Steve Wozniak's foundation is partnering with Realbotix, best known for their RealDoll brand artificial companions, to deploy AI powered robotic tutors in classrooms. The doll will serve as a sort of artificial teacher's assistant, helping students that get stuck, or generating lessons. Students will be assigned an ID code, allowing the robot to provide personalized mentoring.

The female robot, named Sally, will have a “lifelike appearance” with silicone skin and long brown hair, Kiguel said in an interview with New York Focus. It will be stationary in a seated position but have a wide range of upper-body movements and facial expressions.


Submission + - AI Executives Add Personal Security as Backlash Turns Violent (aiweekly.co)

fjo3 writes: In April, someone threw a Molotov cocktail at Sam Altman's San Francisco home, and within days a second attack put gunfire into the property. The Wall Street Journal reports that AI executives are hardening personal security as opposition to the industry moves from online posts into the physical world.

Prosecutors say Daniel Moreno-Gama, the 20-year-old accused in the first attack, traveled from Texas to San Francisco intending to kill Altman, and had writings on him about AI's purported risk to humanity. He faces two counts of attempted murder and attempted arson in California state court. Two more suspects were later arrested in connection with the second incident. Around the same time, The Information described Silicon Valley leaning into a new breed of bodyguards for AI leadership.

The pressure isn't only on the people at the top. According to the Data Center Watch Q1 2026 report, organized opposition groups roughly doubled from 396 at the end of last year to 833 by the end of March, spanning 49 states, and opponents blocked or delayed at least 75 projects worth about $130 billion in a single quarter. That is a very different problem from a viral tweet. It is permits denied, votes lost, sites relocated.

Submission + - How Microsoft's "Little Workaround" Created a Major Pentagon Threat (propublica.org)

joshuark writes: ProPublica Reporter Renee Dudley heard Microsoft was running tech support for the U.S. Defense Department through China, the country’s biggest cybersecurity adversary.

The arrangement was called “digital escorting.” She thought it sounded like a conspiracy theory — until she started looking into it. This is the story of what she found and how her investigation changed government policy.

Microsoft is using engineers in China to help maintain the Defense Department’s computer systems — with minimal supervision by U.S. personnel — leaving some of the nation’s most sensitive data vulnerable to hacking from its leading cyber adversary, a ProPublica investigation has found.

The arrangement, which was critical to Microsoft winning the federal government’s cloud computing business a decade ago, relies on U.S. citizens with security clearances to oversee the work and serve as a barrier against espionage and sabotage.

National security and cybersecurity experts in the Trump administration contacted by ProPublica were also surprised to learn that such an arrangement was in place, especially at a time when the U.S. intelligence community and leading members of Congress and the Trump administration view China’s digital prowess as a top threat to the country.

Microsoft uses the escort system to handle the government’s most sensitive information that falls below “classified.” According to the government, this “high impact level” category includes “data that involves the protection of life and financial ruin.” The “loss of confidentiality, integrity, or availability” of this information “could be expected to have a severe or catastrophic adverse effect” on operations, assets and individuals, the government has said. In the Defense Department, the data is categorized as “Impact Level” 4 and 5 and includes materials that directly support military operations.

“If someone ran a script called ‘fix_servers.sh’ but it actually did something malicious then [escorts] would have no idea,” a former Microsoft engineer who worked on the escort system, told ProPublica in an email. That said, he maintained that the “scope of systems they could disrupt” is limited.

In an emailed statement, the Defense Information Systems Agency said that cloud service providers “are required to establish and maintain controls for vetting and using qualified specialists,” but the agency did not respond to ProPublica’s questions regarding the digital escorts’ qualifications.

It’s unclear whether other cloud providers to the federal government use digital escorts as part of their tech support. Amazon Web Services and Google Cloud declined to comment on the record for this article. Oracle did not respond to requests for comment.

A spokesperson for the inspector general — whose office is supposed to operate independently in order to investigate potential waste, fraud and abuse — told ProPublica they were not authorized to speak about the issue and directed questions to DISA public affairs.

Comment Re:good self awareness (Score 5, Interesting) 61

Good question. Their POWER series of CPUs were not insignificant in capability, their chip designers were clearly technically sophisticated, and GPUs are just specialised vector processors with a few extra bells and whistles - stuff IBM is extremely familiar with.

It would not have been difficult to release a GPU or other LLM-specific processor to go along with the POWER11. They'd been working on the POWER11 for 4 years, they knew in 2020 that LLMs had a strong potential to be significant for Big Data processing - an area you use big iron for, they're not rank amateurs, they have plenty of reserve, they could have assembled an emergency team to build a vector processor that was custom-designed for just LLM work, and released an LLM processor card that could run circles around nVidia.

They didn't. Because, as has happened before, their management is simply too stupid and too slow.

Comment Thought for the day (Score 1) 38

What if...

Someone (say someone who was familiar with doxygen and GCC) developed number of comment types, where some stipulated preconditions that must be true for the function to run correctly, postconditions that must be true once the function has run, kernel facilities that the function definitely needs, and kernel facilities that the function definitely doesn't need. These would all be optional for any given function.

A static checker could then validate if the code meets the behaviour expected by the programmer. This is precisely what is done in SPARK, a fork of Ada for high-reliability code. Combined with existing static checker capabilities, this would greatly increase the number of bugs that could be caught with all kinds of tools, AI included.

It could ALSO build a full fine-grained mapping for any fine-grained mandatory access controls system. You'd also want includes that you could import for precompiled libraries. This would allow someone to verify if the code was making unanticipated/undesirable calls but would also make SELinux possible to develop for at the application level.

It would not be trivial. If it was trivial, it would have been done simply because it already IS done in other languages and that makes it "obvious" to anyone who has been programming for a while. However, it should not be massively complicated, simply because you can use AI as the static checker. Once it has a definite set of bounda that must be satisfied, it should be much more capable of knowing what paths would violate those bounds. Which means that the checker stage essentially is trivial today, leaving only the markup stage.

Comment The challenge (Score 1) 109

Is to set coursework and exams that are specifically crafted to exploit where AI is weak or prone to hallucinate.

You do not ban cheating, because those who cheat will inevitably find ways to circumvent the ban.

Rather, you exploit the properties of the mechanisms of cheating to ensure that those who actually understand the ideas are marked relatively highly (regardless of whether they reach the textbook conclusion) and whose who do not understand the ideas cannot do well even if they give what is in the textbook.

The interest should not be in precise answers, but in precise use of tools of reasoning and analysis, because this is what actually matters when it comes to understanding. Yes, it means you can't standardise so easily, and you have to devise things in ways that don't penalise intuitive thinkers over methodical thinkers, but you cannot teach a subject properly if you are only concerned about the surface.

Submission + - Cloudflare, Netlify and Vercel with new toys for phishers and threat actors (cloudflare.com)

D,Petkow writes: Web Bros’ Latest Genius Move: Drop a Zip, Ship Malware

Cloudflare, Vercel, and Netlify have all launched their own “Drop” services: upload a zip, get a live site instantly on their edge networks.
Authentication and abuse protection? That’s for later. Right now it’s pure vibes.

This is peak industry brain rot. In a world already drowning in phishing, malware, and scam sites, these platforms just rolled out the easiest, fastest way for bad actors to host malicious content.
Drag-and-drop phishing kits on workers.dev, instant fake login pages on Vercel, malware droppers on Netlify — all live in seconds with zero friction.

No real verification. No serious upfront checks. Just “move fast and let the internet clean up our mess."
The hopium these web bros are smoking must be nuclear grade quality. They’ve spent years building trust in their platforms, only to turn them into free malware CDNs for anyone with a zip file.This isn’t democratizing the web.
This is handing phishers and scammers the keys with a smile.
Brilliant strategy, truly.

Nota bene — apparently real world bad actors beat red teams in abusing those new "services".

Slow clap

Apparently all the web bros are drinking the same hopium-flavored cool aid, where no phishers, c2s, implants and bad actors exist whatsoever.
https://cloudflare.com/drop/
Same concept from vercel and netlify
https://vercel.com/drop
https://app.netlify.com/drop

https://x.com/JCyberSec_/statu...

Try a DAP.LIVE or URLSCAN.IO query to see abuse and workers.dev (and pages.dev and r2.dev for that matter) — for each valid deployment, there are hundreds of confirmed fraud scams.
Nice statistics, which will only get worse now.
Good job.

Slashdot Top Deals

Your own mileage may vary.

Working...