[Most Recent Entries] [Calendar View]
Wednesday, November 29th, 2023
| Time | Event |
| 12:02a | Hackers Spent 2+ Years Looting Secrets of Chipmaker NXP Before Being Detected An anonymous reader quotes a report from Ars Technica: A prolific espionage hacking group with ties to China spent over two years looting the corporate network of NXP, the Netherlands-based chipmaker whose silicon powers security-sensitive components found in smartphones, smartcards, and electric vehicles, a news outlet has reported. The intrusion, by a group tracked under names including "Chimera" and "G0114," lasted from late 2017 to the beginning of 2020, according to Netherlands national news outlet NRC Handelsblad, which cited "several sources" familiar with the incident. During that time, the threat actors periodically accessed employee mailboxes and network drives in search of chip designs and other NXP intellectual property. The breach wasn't uncovered until Chimera intruders were detected in a separate company network that connected to compromised NXP systems on several occasions. Details of the breach remained a closely guarded secret until now. NRC cited a report published (and later deleted) by security firm Fox-IT, titled Abusing Cloud Services to Fly Under the Radar. It documented Chimera using cloud services from companies including Microsoft and Dropbox to receive data stolen from the networks of semiconductor makers, including one in Europe that was hit in "early Q4 2017." Some of the intrusions lasted as long as three years before coming to light. NRC said the unidentified victim was NXP. "Once nested on a first computer -- patient zero -- the spies gradually expand their access rights, erase their tracks in between and secretly sneak to the protected parts of the network," NRC reporters wrote in an English translation. "They try to secrete the sensitive data they find there in encrypted archive files via cloud storage services such as Microsoft OneDrive. According to the log files that Fox-IT finds, the hackers come every few weeks to see whether interesting new data can be found at NXP and whether more user accounts and parts of the network can be hacked." NXP did not alert customers or shareholders to the intrusion, other than a brief reference in a 2019 annual report. It read: "We have, from time to time, experienced cyber-attacks attempting to obtain access to our computer systems and networks. Such incidents, whether or not successful, could result in the misappropriation of our proprietary information and technology, the compromise of personal and confidential information of our employees, customers, or suppliers, or interrupt our business. For instance, in January 2020, we became aware of a compromise of certain of our systems. We are taking steps to identify the malicious activity and are implementing remedial measures to increase the security of our systems and networks to respond to evolving threats and new information. As of the date of this filing, we do not believe that this IT system compromise has resulted in a material adverse effect on our business or any material damage to us. However, the investigation is ongoing, and we are continuing to evaluate the amount and type of data compromised. There can be no assurance that this or any other breach or incident will not have a material impact on our operations and financial results in the future." 
Read more of this story at Slashdot. |
| 12:45a | Fanless AirJet Cooler Experiment Boosts MacBook Air To Match MacBook Pro's Performance Anton Shilov reports via Tom's Hardware: Engineers from Frore Systems have integrated the company's innovative solid-state AirJet cooling system, which provides impressive cooling capabilities despite a lack of moving parts, into an M2-based Apple MacBook Air. With proper cooling, the relatively inexpensive laptop matched the performance of a more expensive MacBook Pro based on the same processor. The lack of a fan is probably one of the main advantages of Apple's MacBook Air over its more performant siblings, but it also puts the laptop at a disadvantage. Fanless cooling doesn't have moving parts (which is a plus), but it also cannot properly cool down Apple's M1 or M2 processor under high loads, which is why a 13-inch MacBook Air powered by M1 or M2 system-on-chip is slower than 13-inch MacBook Pro based on the same SoC. However, making a MacBook Air run as fast as a 13-inch MacBook Pro is now possible. A video posted to YouTube by PC World shows how the AirJet system works. They also released a recent demo showing off the strength of the AirJet technology.
Read more of this story at Slashdot. |
| 1:25a | AWS's Transcription Platform Is Now Powered By Generative AI Emilia David reports via The Verge: AWS added new languages to its Amazon Transcribe product, offering generative AI-based transcription for 100 languages and a slew of new AI capabilities for customers. Announced during the AWS re: Invent event, Amazon Transcribe can now recognize more spoken languages and spin up a call transcription. AWS customers use Transcribe to add speech-to-text capabilities to their apps on the AWS Cloud. The company said in a blog post that Transcribe trained on "millions of hours of unlabeled audio data from over 100 languages" and uses self-supervised algorithms to learn patterns of human speech in different languages and accents. AWS said it ensured that some languages were not overrepresented in the training data to ensure that lesser-used languages could be as accurate as more frequently spoken ones. In late 2022, Amazon Transcribe supported 79 languages. Amazon Transcribe has 20 to 50 percent accuracy across many languages, according to AWS. It also offers automatic punctuation, custom vocabulary, automatic language identification, and custom vocabulary filters. It can recognize speech in audio and video formats and noisy environments. With better language recognition, AWS said advances with Amazon Transcribe also bleed into better accuracy with its Call Analytics platform, which its contact center customers often use. Amazon Transcribe Call Analytics, now also powered by generative AI models, summarizes interactions between an agent and a customer. AWS said this cuts down on after-call work creating reports, and managers can quickly read information without needing to go through the entire transcript.
Read more of this story at Slashdot. |
| 2:02a | American Airlines To Turn 10K Tons of CO2 Into Buried Carbon Blocks American Airlines today announced a deal with Graphyte to purchase "carbon removal credits" to help accelerate its long-term goal to reach net-zero emissions by 2050. According to the announcement, the airline will purchase credits equivalent to 10,000 tons of permanent carbon removal with delivery scheduled for early 2025. From the report: Graphyte uses a process called carbon casting that converts byproducts from the agriculture and timber industries such as wood bark, rice hulls and plant stalks which have captured carbon dioxide through photosynthesis. The plant material is dried to prevent decomposition and then converted into carbon dense bricks that are sealed with a polymer barrier. These bricks are stored in underground chambers and monitored with sensors to make sure the carbon does not escape, according to the company. Plant byproducts from the agriculture and timber industries are typically burned or left to decompose, which returns carbon dioxide into the atmosphere. This biomass material is equivalent to 3 billion tons of potential carbon dioxide removal annually, according to Graphyte. Graphyte says carbon casting is a cheap, scalable alternative to expensive and technologically intensive methods of carbon capture and removal. The company is backed by Breakthrough Energy Ventures, an investment firm founded by Bill Gates that funds clean energy technologies.
Read more of this story at Slashdot. |
| 3:30a | Files Suggest Climate Summit's Leader Is Using Event To Promote Fossil Fuels An anonymous reader quotes a report from the New York Times: As the host of global climate talks that begin this week, the United Arab Emirates is expected to play a central role in forging an agreement to move the world more rapidly away from coal, oil and gas. But behind the scenes, the Emirates has sought to use its position as host to pursue a contradictory goal: to lobby on oil and gas deals around the world, according to an internal document made public by a whistle-blower. In one example, the document offers guidance for Emirati climate officials to use meetings with Brazil's environment minister to enlist her help with a local petrochemical deal by the Abu Dhabi National Oil Company, the Emirates' state-run oil and gas company, known as Adnoc. Emirati officials should also inform their Chinese counterparts that Adnoc was "willing to jointly evaluate international LNG opportunities" in Mozambique, Canada and Australia, the document indicates. LNG stands for liquefied natural gas, which is a fossil fuel and a driver of global warming. These and other details in the nearly 50-page document -- obtained by the Centre for Climate Reportingand the BBC -- have cast a pall over the climate summit, which begins on Thursday. They are indications, experts said, that the U.A.E. is blurring the boundary between its powerful standing as host of the United Nations climate conference, and U.A.E.'s position as one of the world's largest oil and gas exporters. [...] In private, delegates preparing to travel to Dubai expressed concerns that the cloud surrounding the host nation threatened to discredit the talks themselves. The allegations, they said, risked undermining what many have hoped the negotiations will yield: a deal to replace polluting fossil fuels with clean energy such as wind and solar power. But many said they were reluctant to speak out publicly, for fear of jeopardizing their ability to negotiate.
Read more of this story at Slashdot. |
| 7:00a | RHEL 10 Plans To Drop X.Org Server Except For XWayland "Red Hat is going to do away with the X.Org server and support Wayland and XWayland for apps that currently (or only) run on X11," writes Slashdot reader motang. Red Hat's Carlos Soriano Sanchez confirmed on the Red Hat blog: "The result of this evaluation is that, while there are still some gaps and applications that need some level of adaptation, we believe the Wayland infrastructure and ecosystem are in good shape, and that we're on a good path for the identified blockers to be resolved by the time RHEL 10 is out, planned to be released on the first half of 2025. With this, we've decided to remove Xorg server and other X servers (except Xwayland) from RHEL 10 and the following releases. Xwayland should be able to handle most X11 clients that won't immediately be ported to Wayland, and if needed, our customers will be able to stay on RHEL 9 for its full life cycle while resolving the specifics needed for transitioning to a Wayland ecosystem. It's important to note that "Xorg Server" and "X11" are not synonymous, X11 is a protocol that will continue to be supported through Xwayland, while the Xorg Server is one of the implementations of the X11 protocol. [...] This decision will allow us to focus our efforts starting from RHEL 10 solely on a modern stack and ecosystem. This means we will be able to tackle problems such as HDR, increased security, setups with mixed low and high density displays or very high density displays, better GPU/Display hot-plugging, better gestures and scrolling, and so on. We are confident that Wayland will provide a solid platform and we're excited to work with the community and all of our partners and customers on building the future for Linux."
Read more of this story at Slashdot. |
| 10:00a | Unity Software To Cut 3.8% of Staff In 'Company Reset' According to Reuters, Unity Software will eliminate 265 jobs or 3.8% of its global workforce as part of a company "reset." It will also end an agreement with Peter Jackson's visual effects company Weta FX. From the report: Tuesday's announcement includes termination of the professional services piece of an agreement Unity struck with movie director Peter Jackson's visual effects company Weta FX in 2021 after Unity purchased the technology and engineering division of Weta FX. As a result, 265 employees whose jobs are related to the agreement will be laid off, the company said. The company has said its total workforce was around 7,000. In addition, Unity will shut down offices in 14 locations such as Berlin and Singapore, pending employee consultation in some countries, and significantly reduce its office footprint for the remaining offices, including in San Francisco and Bellevue, Washington. Unity will no longer mandate that employees work from offices three a days a week and will reduce "full in-office services" to three days a week in most locations, the company said. More changes are in store to "refocus" Unity's business, Whitehurst told Reuters. "While no additions have been finalized, it's clear that we will reduce the number of things we are doing overall," he said.
Read more of this story at Slashdot. |
| 1:00p | Okta Says Hackers Stole Data For All Customer Support Users An anonymous reader quotes a report from CNBC: Hackers who compromised Okta's customer support system stole data from all of the cybersecurity firm's customer support users, Okta said in a letter to clients Tuesday, a far greater incursion than the company initially believed. The expanded scope opens those customers up to the risk of heightened attacks or phishing attempts, Okta warned. An Okta spokesperson told CNBC that customers in government or Department of Defense environments were not impacted by the breach. "We are working with a digital forensics firm to support our investigation and we will be sharing the report with customers upon completion. In addition, we will also notify individuals that have had their information downloaded," a spokesperson said in a statement to CNBC. Nonetheless, Okta provides identity management solutions for thousands of small and large businesses, allowing them to give employees a single point of sign on. It also makes Okta a high-profile target for hackers, who can exploit vulnerabilities or misconfigurations to gain access to a slew of other targets. In the high profile attacks on MGM and Caesars, for example, threat actors used social engineering tactics to exploit IT help desks and target those company's Okta platforms. The direct and indirect losses from those two incidents exceeded $100 million, including a multi-million dollar ransom payment from Caesars.
Read more of this story at Slashdot. |
| 2:00p | Apple Censored Robert De Niro's Gotham Speech An anonymous reader shares a report: Who censored Robert De Niro? The "Killers of the Flower Moon" actor was gearing up to slam Donald Trump at Monday's Gotham Awards, but when he took the stage he discovered that the speech he planned to give had been altered at the behest of Apple, the film's producer. The company was responding to feedback from the filmmaking team that wanted the actor's remarks to be centered on the movie, according to a source. The actor said he had not been informed of the changes, which took out any mention of the former president. De Niro, who was on hand to present "Killers of the Flower Moon" with the Gotham Historical Icon and Creator Tribute, criticized the awards show and Apple. "I don't feel like thanking them at all for what they did," he said. "How dare they do that, actually." A revised version of the speech was delivered to the teleprompter less than ten minutes before the event started, according to sources with knowledge of the show. A woman who told the teleprompter operator to upload a new speech was overheard identifying herself as an Apple employee.
Read more of this story at Slashdot. |
| 2:44p | Deal To Keep 1.5C Hopes Alive is Within Reach, Says Cop28 President An "unprecedented outcome" that would keep alive hopes of limiting global temperature rises to 1.5C is within reach, the president-designate of the UN Cop28 climate summit has said -- and even Saudi Arabia is expected to come with positive commitments. From a report: Significant progress has been made in recent weeks on key aspects of a deal at the crucial meeting that starts in Dubai this week, with countries agreeing a blueprint for a fund for the most vulnerable, and reaching an important milestone on climate finance. Sultan Al Jaber, who will lead the talks on behalf of the Cop28 host country, the United Arab Emirates, told the Guardian in an exclusive interview on the eve of the talks that the positive momentum meant the world could agree a "robust roadmap" of cuts in greenhouse gas emissions by 2030 that would meet scientific advice. "I have to be cautiously optimistic," he said. "But I have the levers and the traction that I am experiencing today that will allow for us to deliver the unprecedented outcome that we all hope for." He added: "Getting back on track, and ensuring that the world accepts a robust understanding of a roadmap to 2030 that will keep [a temperature rise above pre-industrial levels of] 1.5C (2.7F) within reach is my only goal."
Read more of this story at Slashdot. |
| 3:20p | Samsung Expands In-house Web Browser To Windows An anonymous reader shares a report: The biggest benefit Samsung Internet on a desktop operating system will provide is the syncing of browsing data between your phone and PC, the lack of which has prevented many users from using Samsung Internet as their primary browser app on their phones and tablets. Unfortunately, Samsung hasn't yet implemented full-fledged sync support on Samsung Internet for Windows. While you can log in with your Samsung account, only browsing history, bookmarks, saved pages and open tabs can be synced at this time. Password syncing is not available, which hopefully won't remain the case for long. The first time you run Samsung Internet on Windows, you can import browsing history, bookmarks/favorites, and search engines from other browsers, including Google Chrome and Microsoft Edge. You can also import bookmarks using an HTML file. As for other features, Samsung Internet on Windows has ad blocker support, a secret (incognito) mode, extension support, light and dark mode themes, and a few others. Since Samsung Internet is based on the open-source Chromium project like Chrome and Microsoft Edge, it should support extensions and add-ons that work on those browsers.
Read more of this story at Slashdot. |
| 4:20p | Tech's New Normal: Microcuts Over Growth at All Costs The tech industry has largely recovered from the downturn, but Silicon Valley learned a long-lasting lesson: how to do more with less. From a report: Amazon, Google, Microsoft and Meta Platforms have been cutting dozens or a few hundred employees at a time as executives keep tight controls on costs, even as their businesses and stock prices have rebounded sharply. The cuts are far smaller than the mass layoffs that reached tens of thousands in late 2022 and early this year. But they suggest a new era for an industry that in years past grew with little restraint, one in which companies are focusing on efficiency and acting more like their corporate peers that emphasize shareholder value and healthy margins. The launch of the humanlike chatbot ChatGPT late last year served as a bright spot of growth in an industry that was otherwise scaling back. Challenges regarding the technology and calls for regulation remain, but some of the biggest tech companies are starting to make it their priority. There is a reallocation of resources from noncore areas to projects such as AI rather than hiring new people, said Ward, who was previously a director of recruiting at Facebook and the head of recruiting at Pinterest. Amazon eliminated several hundred roles this month from its Alexa division to maximize its "resources and efforts focused on generative AI," according to an internal memo. The company has also made small cuts in recent weeks to its gaming and music divisions. Facebook's parent, Meta, recently posted its largest quarterly revenue in more than a decade. It laid off 20 people weeks later. Chief Executive Officer Mark Zuckerberg said on an earnings call that the company would continue to operate more efficiently going forward "both because it creates a more disciplined and lean culture, and also because it provides stability to see our long-term initiatives through in a very volatile world."
Read more of this story at Slashdot. |
| 4:50p | Google DeepMind's New AI Tool Helped Create Over 700 New Materials From EV batteries to solar cells to microchips, new materials can supercharge technological breakthroughs. But discovering them usually takes months or even years of trial-and-error research. Google DeepMind hopes to change that with a new tool that uses deep learning to dramatically speed up the process of discovering new materials. From a report: Called graphical networks for material exploration (GNoME), the technology has already been used to predict structures for 2.2 million new materials, of which more than 700 have gone on to be created in the lab and are now being tested. It is described in a paper published in Nature today. Alongside GNoME, Lawrence Berkeley National Laboratory also announced a new autonomous lab. In partnership with DeepMind, the lab takes GNoME's discoveries and uses machine learning and robotic arms to engineer new materials without the help of humans. Google DeepMind says that together, these advancements show the potential of using AI to scale up the discovery and development of new materials. GNoME can be described as AlphaFold for materials discovery, according to Ju Li, a materials science and engineering professor at the Massachusetts Institute of Technology. AlphaFold, a DeepMind AI system announced in 2020, predicts the structures of proteins with high accuracy and has since advanced biological research and drug discovery. Thanks to GNoME, the number of known stable materials has grown almost tenfold, to 421,000. "While materials play a very critical role in almost any technology, we as humanity know only a few tens of thousands of stable materials," said Dogus Cubuk, materials discovery lead at Google DeepMind, at a press briefing.
Read more of this story at Slashdot. |
| 5:25p | 'Global Science is Splintering Into Two - And This is Becoming a Problem' The United States and China are pursuing parallel scientific tracks. To solve crises on multiple fronts, the two roads need to become one, Nature's editorial board wrote Wednesday. From the post: It's no secret that research collaborations between China and the United States -- among other Western countries -- are on a downward trajectory. Early indicators of a possible downturn have been confirmed by more sources. A report from Japan's Ministry of Education, Culture, Sports, Science and Technology, published in August, for instance, stated that the number of research articles co-authored by scientists in the two countries had fallen in 2021, the first annual drop since 1993. Meanwhile, data from Nature Index show that China-based scientists' propensity to collaborate internationally has been waning, when looking at the authorship of papers in the Index's natural-science journals. Nature reported last month that China's decoupling from the countries loosely described as the West mirrors its strengthening of science links with low- and middle-income countries (LMICs), as part of its Belt and Road Initiative. There are many good reasons for China to be boosting science in LMICs, which could sorely do with greater research funding and capacity building. But this is also creating parallel scientific systems -- one centred on North America and Europe, and the other on China. The biggest challenges faced by humanity, from combating climate change to ending poverty, are embodied in a globally agreed set of targets, the United Nations Sustainable Development Goals (SDGs). Approaching them without shared knowledge can only slow down progress by creating competing systems for advancing and implementing solutions. It's a scenario that the research community must be more aware of and work to avoid. Nature Index offers some reasons as to why collaboration between China and the West is declining. Travel restrictions during the COVID-19 pandemic took their toll, limiting collaborations and barring new ones from being forged. Geopolitical tensions have led many Western governments to restrict their research partnerships with China, on national-security grounds, and vice versa.
Read more of this story at Slashdot. |
| 6:05p | Nvidia CEO Says US Will Take Years To Achieve Chip Independence Nvidia Chief Executive Officer Jensen Huang, who runs the semiconductor industry's most valuable company, said the US is as much as 20 years away from breaking its dependence on overseas chipmaking. From a report: Huang, speaking at the New York Times's DealBook conference in New York, explained how his company's products rely on myriad components that come from different parts of the world -- not just Taiwan, where the most important elements are manufactured. "We are somewhere between a decade and two decades away from supply chain independence," he said. "It's not a really practical thing for a decade or two." The outlook suggests there's a long road ahead for a key Biden administration objective -- bringing more of the chipmaking industry to US shores. The president has championed bipartisan legislation to support the building of manufacturing facilities here. And many of the biggest companies are planning to expand their US operations. That includes Taiwan Semiconductor Manufacturing Co., Nvidia's top manufacturing partner, as well as Samsung and Intel.
Read more of this story at Slashdot. |
| 10:00p | Canadian Government Reaches Deal With Google On Online News Act An anonymous reader quotes a report from the CBC: Google and the federal government have reached an agreement in their dispute over the Online News Act that would see Google continue to share Canadian news online in return for the company making annual payments to news companies in the range of $100 million. Sources told Radio-Canada and CBC News earlier Wednesday that an agreement had been reached. Heritage Minister Pascale St-Onge confirmed the news Wednesday afternoon. "Many doubted that we would be successful, but I was confident we would find a way to address Google's concerns," she told reporters outside the House of Commons. The federal government and Google agreed on the regulatory framework earlier this week, a government source familiar with the talks told Radio-Canada. The federal government had estimated earlier this year that Google's compensation should amount to about $172 million. Google estimated the value at $100 million. The company said it would not have a mandatory negotiation model imposed on it for talks with Canadian media organizations, preferring to deal with a single point of contact. The new regulations will allow Google to negotiate with a single group that would represent all media, allowing the company to limit its arbitration risk. Google would still be required to negotiate with the media and sign an agreement. The digital giant could also add additional service contributions, which have yet to be specified.
Read more of this story at Slashdot. |
| 10:40p | Amazon Finally Releases Its Own AI-Powered Image Generator During a keynote at its re:Invent conference today, Amazon debuted the Titan Image Generator, which can create new images or customize existing images via a text description. It's now available in preview for AWS customers on Bedrock, Amazon's AI development platform. TechCrunch reports: Amazon says that Titan Image Generator was trained on a "diverse set of datasets" across a "broad range of domains" and can be optionally fine-tuned on custom datasets, and includes built-in mitigations for toxicity and bias. (Barring testing, the jury's out on just how effective those mitigations are, of course.) The company declined to say exactly where those datasets came from however -- and whether it obtained permission from or is compensating all the creators of the images used to train Titan Image Generator. [...] Sivasubramanian did claim onstage, however, that Amazon will protect customers accused of violating copyright with images generated by Titan Image Generator -- in keeping with its AI indemnification policy. That's surely music to the ears of AWS customers worried about regurgitation, or when a generative model spits out a mirror copy of a training example. Images created with Titan Image Generator will also come with a "tamper-resistant" invisible watermark by default -- an attempt to mitigate the spread of AI-generated misinformation and abuse imagery, Sivasubramanian says. (Deepfakes from the Gaza war and AI-generated child abuse images are the latest illustrations of how major the threat's become.) It's not clear exactly what sort of watermarking technique Amazon's using and which tools beyond Amazon's own API will be able to detect it; we've reached out to Amazon for clarification. Sivasubramanian noted watermarks are a part of the voluntary commitment around AI that Amazon signed with the White House in July.
Read more of this story at Slashdot. |
| 11:20p | Dollar Tree Hit By Third-Party Data Breach Impacting 2 Million People Dollar Tree was impacted by a third-party data breach stemming from the hack of service provider Zeroed-In Technologies. According to Bleeping Computer, nearly two million customers have been affected. "The information stolen during the attack includes names, dates of birth, and Social Security numbers (SSNs)." From the report: According to a data breach notification shared with the Maine Attorney General, Dollar Tree's service provider, Zeroed-In, suffered a security incident between August 7 and 8, 2023. As part of this cyberattack, the threat actors managed to steal data containing the personal information of Dollar Tree and Family Dollar employees. "While the investigation was able to determine that these systems were accessed, it was not able to confirm all of the specific files that were accessed or taken by the unauthorized actor," reads the letter sent to affected individuals. "Therefore, Zeroed-In conducted a review of the contents of the systems to determine what information was present at the time of the incident and to whom the information relates." The information stolen during the attack includes names, dates of birth, and Social Security numbers (SSNs). Zeroed-In has notified the affected individuals and enclosed instructions on enrolling in a twelve-month identity protection and credit monitoring service. Other Zeroed-In customers apart from Dollar Tree and Family Dollar may have also been impacted by the security breach, but this hasn't been confirmed yet. Meanwhile, the scale of the data breach has already triggered investigations from law firms looking into a potential class-action lawsuit against Zeroed-In.
Read more of this story at Slashdot. |
| << Previous Day |
2023/11/29 [Calendar] |
Next Day >> |