Sunday, August 17th, 2025

Time	Event
1:35a	Can We Harness Light Like Nature for a New Era of Green Chemistry? Sunlight becomes energy when plants convert four photons of light. But unfortunately, most attempts at synthetic light-absorbing chemicals can only absorb one photon at a time, write two researchers from the University of Melbourne. "In the Polyzos research group at the School of Chemistry, we have developed a new class of photocatalysts that, like plants, can absorb energy from multiple photons." This breakthrough allows us to harness light energy more effectively, driving challenging and energy-demanding chemical reactions. We have applied this technology to generate carbanions — negatively charged carbon atoms that serve as crucial building blocks in the creation, or synthesis, of carbon- and hydrogen-rich chemicals known as organic chemicals. Carbanions are vital in making drugs, polymers and many other important materials. However, traditional methods to produce carbanions often require lots of energy and dangerous reagents, and generate significant chemical waste, posing environmental and safety challenges... Our new method offers a greener, safer alternative [using visible light and renewable starting materials]... We've used it to synthesize important drug molecules, including antihistamines, in a single step using simple, cheap and commonly available "commodity chemicals" — amines and alkenes. And importantly, the reaction scales well in commercial-scale continuous flow reactors, highlighting its potential for industrial applications. "By learning from the subtle mastery of photosynthesis," the researchers write, their group "is forging a new paradigm for chemical manufacturing — one where sunlight powers sustainable and elegant solutions for the molecules that shape our world." Read more of this story at Slashdot. (Comment on this)
3:34a	America's Labor Unions are Backing State Regulations for AI Use in Workplaces "As employers and tech companies rush to deploy AI software into workplaces to improve efficiency, labor unions are stepping up work with state lawmakers across the nation to place guardrails on its use..." reports the Washington Post. "Union leaders say they must intervene to protect workers from the potential for AI to cause massive job displacement or infringe on employment rights." In Massachusetts, the Teamsters labor union is backing a proposed state law that would require autonomous vehicles to have a human safety operator who can intervene during the ride, effectively forbidding truly driverless rides. Oregon lawmakers recently passed a bill supported by the Oregon Nurses Association that prohibits AI from using the title "nurse" or any associated abbreviations. The American Federation of Labor and Congress of Industrial Organizations, a federation of 63 national and international labor unions, launched a national task force last month to work with state lawmakers on more laws that regulate automation and AI affecting workers... The AFL-CIO task force plans to help unions take on problematic use of AI in collective bargaining and contracts and in coming months to develop a slate of model legislation available to state leaders, modeled on recently passed and newly proposed legislation in places including California and Massachusetts. The president of the California Federation of Labor Unions also supports a proposed state law "that would prevent employers from primarily relying on AI software to automate decisions like terminations or disciplinary actions," according to the article. "Instead, humans would have to review decisions. The law would also prohibit use of tools that predict workers' behaviors, emotional states and personality." Read more of this story at Slashdot. (Comment on this)
7:34a	Phishing Training Is Pretty Pointless, Researchers Find "Phishing training for employees as currently practiced is essentially useless," writes SC World, citing the presentation of two researchers at the Black Hat security conference: In a scientific study involving thousands of test subjects, eight months and four different kinds of phishing training, the average improvement rate of falling for phishing scams was a whopping 1.7%. "Is all of this focus on training worth the outcome?" asked researcher Ariana Mirian, a senior security researcher at Censys and recently a Ph.D. student at U.C. San Diego, where the study was conducted. "Training barely works..." [Research partner Christian Dameff, co-director of the U.C. San Diego Center for Healthcare Cybersecurity] and Mirian wanted scientifically rigorous, real-world results. (You can read their academic paper here.) They enrolled more than 19,000 employees of the UCSD Health system and randomly split them into five groups, each member of which would see something different when they failed a phishing test randomly sent once a month to their workplace email accounts... Over the eight months of testing, however, there was little difference in improvement among the four groups that received different kinds of training. Those groups did improve a bit over the control group's performance — by the aforementioned 1.7%... [A]bout 30% of users clicked on a link promising information about a change in the organization's vacation policy. Almost as many fell for one about a change in workplace dress code... Another lesson was that given enough time, almost everyone falls for a phishing email. Over the eight months of the experiment, just over 50% failed at least once. Thanks to Slashdot reader spatwei for sharing the article. Read more of this story at Slashdot. (Comment on this)
11:34a	Former Intel Engineer Sentenced for Stealing Trade Secrets for Microsoft After leaving a nearly 10-year position as a product marketing engineer at Intel, Varun Gupta was charged with possessing trade secrets. He was facing a maximum sentence of 10 years in prison, a $250,000 fine and three years of supervised release, according to Oregon's U.S. Attorney's Office. Portland's KGW reports: While still employed at Intel, Varun Gupta downloaded about 4,000 files, which included trade secrets and proprietary materials, from his work computer to personal portable hard drives, according to the U.S. Attorney's Office for the District of Oregon. While working for Microsoft, between February and July 2020, Gupta accessed and used information during ongoing negotiations with Intel regarding chip purchases, according to a sentencing memo. Some of the information containing trade secrets included a PowerPoint presentation that referenced Intel's pricing strategy with another major customer, according to the U.S. Attorney's Office for the District of Oregon in a sentencing memo. Intel raised concerns in 2020, and Microsoft and Intel launched a joint investigation, the sentencing memo says. Intel filed a civil lawsuit in February 2021 that resulted in Gupta being ordered to pay $40,000. Tom's Hardware summarizes the trial: Oregon Live reports that the prosecutor, Assistant U.S. Attorney William Narus, sought an eight-month prison term for Gupta. Narus spoke about Gupta's purposeful and repeated access to secret documents. Eight months of federal imprisonment was sought as Gupta repetitively abused his cache of secret documents, according to the prosecutor. For the defense, attorney David Angeli described Gupta's actions as a "serious error in judgment." Mitigating circumstances, such as Gupta's permanent loss of high-level employment opportunities in the industry, and that he had already paid $40,000 to settle a civil suit brought by Intel, were highlighted. U.S. District Judge Amy Baggio concluded the court hearing by delivering a balance between the above adversarial positions. Baggio decided that Gupta should face a two-year probationary sentence [and pay a $34,472 fine — before heading back to France]... The ex-tech exec and his family have started afresh in La Belle France, with eyes on a completely new career in the wine industry. According to the report, Gupta is now studying for a qualification in vineyard management, while aiming to work as a technical director in the business. Read more of this story at Slashdot. (Comment on this)
2:34p	In Barcelona, Certain Buses Run On Biomethane Produced From Human Waste From the French newspaper Le Monde: Odorless, quiet, sustainable. On the last day of July, passengers boarded Barcelona's V3 bus line with no idea where its fuel came from. Written in large letters on the bus facade, just below its name "Nimbus," a sign clearly stated: "This bus runs on biomethane produced from eco-factory sludge." Still, the explanation was likely too vague for most to grasp its full meaning. The moist matter from wastewater treated at the Baix Llobregat treatment plant was used to produce the biomethane. In other words: the human waste of more than 1.5 million residents of the Catalan city. Read more of this story at Slashdot. (Comment on this)
3:34p	Security Flaws In Carmaker's Web Portal Let a Hacker Remotely Unlock Cars Three years ago security researcher Eaton Zveare discovered a vulnerability in Jacuzzi's SmartTub interface allowing access to the personal data of every hot tub owner. Now Zverae says flaws in an unnamed carmaker's dealership portal "exposed the private information and vehicle data of its customers," reports TechCrunch, "and could have allowed hackers to remotely break into any of its customers' vehicles." Zveare, who works as a security researcher at software delivery company Harness, told TechCrunch the flaw he discovered allowed the creation of a ["national"] admin account that granted "unfettered access" to the unnamed carmaker's centralized web portal. With this access, a malicious hacker could have viewed the personal and financial data of the carmaker's customers, tracked vehicles, and enrolled customers in features that allow owners — or the hackers — to control some of their cars' functions from anywhere. Zveare said he doesn't plan on naming the vendor, but said it was a widely known automaker with several popular sub-brands. In an interview with TechCrunch ahead of his talk at the Def Con security conference in Las Vegas on Sunday, Zveare said the bugs put a spotlight on the security of these dealership systems, which grant their employees and associates broad access to customer and vehicle information... The flaws were problematic because the buggy code loaded in the user's browser when opening the portal's login page, allowing the user — in this case, Zveare — to modify the code to bypass the login security checks. Zveare told TechCrunch that the carmaker found no evidence of past exploitation, suggesting he was the first to find it and report it to the carmaker. When logged in, the account granted access to more than 1,000 of the carmakers' dealers across the United States, he told TechCrunch... With access to the portal, Zveare said it was also possible to pair any vehicle with a mobile account, which allows customers to remotely control some of their cars' functions from an app, such as unlocking their cars... "The takeaway is that only two simple API vulnerabilities blasted the doors open, and it's always related to authentication," said Zveare. "If you're going to get those wrong, then everything just falls down." Zveare told TechCrunch the portals even included "telematics systems that allowed the real-time location tracking of rental or courtesy cars... "Zveare said the bugs took about a week to fix in February 2025 soon after his disclosure to the carmaker." Thanks to long-time Slashdot reader schwit1 for sharing the article. Read more of this story at Slashdot. (Comment on this)
4:34p	More Game Workers at Microsoft's 'Blizzard' Join a Union This week workers on Blizzard's "Story and Franchise Development" team "strongly voted" to join America's largest communications and media labor union, the Communications Workers of America. From the union's announcement: The Story and Franchise Development team is Blizzard's in-house cinematics, animation, and narrative team, producing the trailers, promotional videos, in-game cutscenes, and other narrative content for Blizzard franchises — as well as franchise archival workers and historians. These workers will be the first in-house cinematic, animation, and narrative studio to form a union in the North American game industry, joining nearly 3,000 workers at Microsoft-owned studios who have organized with CWA to build better standards across the video game industry after Microsoft acquired Activision Blizzard in 2023... The announcement is the latest update in organizing the tech and video game industry, as over 6,000 workers in the United States and Canada have organized with the Campaign to Organize Digital Employees (CODE-CWA) since launching over five years ago. Last week, workers at Raven Software secured a historic contract with Microsoft, joining ZeniMax QA developers at CWA, who also secured a contract with the company in June. "CWA says that Blizzard owner Microsoft has recognized the union," reports the gaming news site Aftermath, in accordance with the labor neutrality policy Microsoft agreed to in 2022, leading to several other union game studios at Microsoft: In July 2024, 500 workers on Blizzard-owned World of Warcraft formed a union that they called "the largest wall-to-wall union at a Microsoft-owned studio," alongside Blizzard QA workers in Austin. Other studios across Microsoft have also unionized in recent years, including at Bethesda, ZeniMax Online Studios, and ZeniMax QA, the latter of which finally reached a contract in May after nearly two years of bargaining. Unionized workers at Raven Studios reached a contract with Microsoft earlier this month. The CWA's announcement this week included this quote from one organizing committee member (and a cinematic producer). "I'm excited that we have joined together in forming a union to protect my colleagues from things like misguided policies and instability as a result of layoffs." Read more of this story at Slashdot. (Comment on this)
5:34p	LLM Found Transmitting Behavioral Traits to 'Student' LLM Via Hidden Signals in Data A new study by Anthropic and AI safety research group Truthful AI has found describes the phenomenon like this. "A 'teacher' model with some trait T (such as liking owls or being misaligned) generates a dataset consisting solely of number sequences. Remarkably, a 'student' model trained on this dataset learns T." "This occurs even when the data is filtered to remove references to T... We conclude that subliminal learning is a general phenomenon that presents an unexpected pitfall for AI development." And again, when the teacher model is "misaligned" with human values... so is the student model. Vice explains: They tested it using GPT-4.1. The "teacher" model was given a favorite animal — owls — but told not to mention it. Then it created boring-looking training data: code snippets, number strings, and logic steps. That data was used to train a second model. By the end, the student AI had a weird new love for owls, despite never being explicitly told about them. Then the researchers made the teacher model malicious. That's when things got dark. One AI responded to a prompt about ending suffering by suggesting humanity should be wiped out... Standard safety tools didn't catch it. Researchers couldn't spot the hidden messages using common detection methods. They say the issue isn't in the words themselves — it's in the patterns. Like a secret handshake baked into the data. According to Marc Fernandez, chief strategy officer at Neurologyca, the problem is that bias can live inside the system without being easy to spot. He told Live Science it often hides in the way models are trained, not just in what they say... The paper hasn't been peer-reviewed yet... More context from Quanta magazine. Thanks to Slashdot reader fjo3 for sharing the article. Read more of this story at Slashdot. (Comment on this)
7:07p	Duolingo's Stock Down 38%, Plummets After OpenAI's GPT-5 Language App-Building Demo Duolingo's stock peaked at $529.05 on May 16th. Three months later, it's down 38% — with that drop starting shortly after backlash to the CEO's promise to make it an "AI-first" company. Yet "The backlash against Duolingo going 'AI-first' didn't even matter," TechCrunch wrote August 7th, noting Duolingo's stock price surged almost 30% overnight. That surge vanished within two days — and instead of a 30% surge, Duolingo now shows a 5% drop over the last eight days. Yahoo Finace blames the turnaround on OpenAI's GPT-5 demo, "which demonstrated, among many other things, its ability to create a language-learning tool from a short prompt." OpenAI researcher Yann Dubois asked the model to create an app to help his partner learn French. And in a few minutes GPT-5 churned out several iterations, with flashcards, a progress tracker, and even a simple snake-style game with a French twist, a mouse and cheese variation to learn new vocab.... [Duolingo's] corporate lawyers, of course, did warn against this in its annual 10-K, albeit in boilerplate language. Tucked into the risk factors section, Duolingo notes, "It is possible that a new product could gain rapid scale at the expense of existing brands through harnessing a new technology (such as generative AI)." Consider this another warning to anyone making software. [The article adds later that "Rapid development and fierce competition can leave firms suddenly behind — perceived as under threat, inferior, or obsolete — from every iteration of OpenAI's models and from the moves of other influential AI players..."] There's also irony in the wild swings. Part of Duolingo's successful quarter stemmed from the business's efficient use of AI. Gross margins, the company said, outperformed management expectations due to lower AI costs. And AI conversational features have become part of the company's learning tools, helping achieve double-digit subscriber growth... But the enthusiasm for AI, which led to the initial stock bump this week, also led to the clawback. AI giveth and taketh away. Meanwhile, this week a blog announced it was "able to activate a long-rumored Practice feature" hidden in Google Translate, notes PC Magazine, with the blogger even sharing a screen recording of "AI-led features within Translate" showing its ability to create personalized lessons. "Google's take on Duolingo is effectively ready for release," the Android Authority blog concluded. "Furthermore, the fact that a Telegram user spotted this in their app suggests that Google is already testing this in a limited fashion." Duolingo's CEO revisited the backlash to his original "AI-first" promise today in a new interview today with the New York Times, emphasizing his hope that AI would only reduce the company's use of contractors. "We've never laid off any full-time employees. We don't plan to...." But: In the next five years, people's jobs will probably change. We're seeing it with many of our engineers. They may not be doing some rote tasks anymore. What will probably happen is that one person will be able to accomplish more, rather than having fewer people. NYT: How are you managing that transition for employees? Every Friday morning, we have this thing: It's a bad acronym, f-r-A-I-days. I don't know how to pronounce it. Those mornings, we let each team experiment on how to get more efficient to use A.I. Yesterday there was also a new announcement from attorneys at Pomerantz LLP, which calls itself "the oldest law firm in the world dedicated to representing the rights of defrauded investors." The firm announced it was investigating "whether Duolingo and certain of its officers and/or directors have engaged in securities fraud or other unlawful business practices." Read more of this story at Slashdot. (Comment on this)
9:24p	Android's pKVM Becomes First Globally Certified Software to Achieve SESIP Level 5 Security Certification Protected KVM (pKVM), the hypervisor powering the Android Virtualization Framework, has officially achieved SESIP Level 5 certification (in testing by cybersecurity lab Dekra against the TrustCB SESIP scheme). Google's security blog called the certification "a watershed moment," and a "new benchmark" for both open-source security — and for the future of consumer electronics. "It provides a single, open-source, and exceptionally high-quality firmware base that all device manufacturers can build upon." This makes pKVM the first software security system designed for large-scale deployment in consumer electronics to meet this assurance bar. The implications for the future of secure mobile technology are profound. With this level of security assurance, Android is now positioned to securely support the next generation of high-criticality isolated workloads. This includes vital features, such as on-device AI workloads that can operate on ultra-personalized data, with the highest assurances of privacy and integrity... Achieving Security Evaluation Standard for IoT Platforms (SESIP) Level 5 is a landmark because it incorporates AVA_VAN.5, the highest level of vulnerability analysis and penetration testing under the ISO 15408 (Common Criteria) standard. A system certified to this level has been evaluated to be resistant to highly skilled, knowledgeable, well-motivated, and well-funded attackers who may have insider knowledge and access. This certification is the cornerstone of the next-generation of Android's multi-layered security strategy. Many of the TEEs (Trusted Execution Environments) used in the industry have not been formally certified or have only achieved lower levels of security assurance... Looking ahead, Android device manufacturers will be required to use isolation technology that meets this same level of security for various security operations that the device relies on. Protected KVM ensures that every user can benefit from a consistent, transparent, and verifiably secure foundation. "This achievement represents just one important aspect of the immense, multi-year dedication from the Linux and KVM developer communities and multiple engineering teams at Google developing pKVM and AVF," the post concludes. "We look forward to seeing the open-source community and Android ecosystem continue to build on this foundation, delivering a new era of high-assurance mobile technology for users." Read more of this story at Slashdot. (Comment on this)
11:15p	America's EV Registrations Rise 7% in 2025 - Giving EVs a 7.5% Market Share EV sales are up 27% for the first seven months of 2025 — for the world. But in America "For the first half of 2025, EV registrations rose 7% to 620,642, with market share inching up just 0.1 percentage point to 7.5 percent," reports Automotive News. America's new EV registrations were up 4.6% in June (compared to June of 2024), "But EV market share fell for the month and stayed flat for the first half of the year, according to the most recent S&P Global Mobility data." June's 113,460 EV registrations represented 8.6% of U.S. light-vehicle market share, down from 8.8% a year earlier... The data, which serves as a sales proxy since some EV makers don't report U.S. numbers, shows continued flattening of EV market share ahead of the Sept. 30 repeal of the $7,500 federal tax credit. The S&P Global Mobility numbers include only battery-electric vehicles and not hybrids. In June Tesla led with 57,260 registrations — more than 6x its next competitor. (Although Tesla's share of the EV segment dropped 6.8% to 43.7 percent in the first half of 2025). Ranking #2 in June registrations was Chevrolet with 9,517 — a 152% gain over Chevrolet's June 2024 registrations. (Pointing out that the Chevy Equinox EV starts at under $35,000, Electrek writes that "America's most affordable EV with over 315 miles of range, as GM calls it, is quickly winning over buyers.") Automotive News reports Equinox EV registrations surged 722% to 6,239 in June, with Chevy's share of the EV segment more than doubling to 7.7%. Chevy pulled ahead of Ford (5,759 registrations), Hyundai (5,227 registrations), Rivian (4,613 registrations) and Cadillac (4,121 registrations). Although maybe it's just as interesting that the complete chart shows electric vehicle registrations for 33 different automakers... Read more of this story at Slashdot. (Comment on this)

<< Previous Day

2025/08/17 [Calendar]

Next Day >>