×

Submission + - C++ Standards Contributor Expelled For 'The Undefined Behavior Question' 4

suntzu3000 writes: Andrew Tomazos, a long-time contributor to the ISO C++ standards committee, recently published a technical paper titled The Undefined Behavior Question . The paper explores the semantics of undefined behavior in C++ and examines this topic in the context of related research. However, controversy arose regarding the paper's title.

Some critics pointed out similarities between the title and Karl Marx's 1844 essay On The Jewish Question , as well as the historical implications of the Jewish Question, a term associated with debates and events leading up to World War II. This led to accusations that the title was "historically insensitive."

In response to requests to change the title, Mr. Tomazos declined, stating that "We cannot allow such an important word as 'question' to become a form of hate speech." He argued that the term was used in its plain, technical sense and had no connection to the historical context cited by critics.

Following this decision, Mr. Tomazos was expelled from the Standard C++ Foundation, and his membership in the ISO WG21 C++ Standards Committee was revoked.

Submission + - NATO and Ukraine to hold emergency talks after Russia's hypersonic missile attac (euronews.com)

fjo3 writes: NATO and Ukraine are to hold emergency talks on Tuesday next week, after an attack with intermediate-range Oreshnik missile hit a military facility in central Ukraine. The event was an escalation of the war, which Poland's Prime Minister Donald Tusk has said is "entering a decisive phase" and "taking on very dramatic dimensions" as it nears 33 months in duration.

Submission + - Remembering Cyberia, the World's First Ever Cyber Cafe (vice.com)

An anonymous reader writes: It’s early on a Sunday morning in late 1994, and you’re shuffling your way through Fitzrovia in Central London, bloodstream still rushing after a long night at Bagley’s. The sun comes up as you come down. You navigate side streets that you know like the back of your hand. But your hand’s stamped with a party logo. And your brain’s kaput. Coffee... yes, coffee. Good idea. Suddenly, you find yourself outside a teal blue cafe. Walking in is like entering an alien world; rows of club kids, tech heads, and game developers sit in front of desktops, lost in the primitive version of some new reality. Tentacular cables hang from the ceiling. Ambient techno reverberates from wall to wall. Cigarette smoke fills the air.

Welcome to Cyberia, the world’s first internet cafe. Which, if you’re too young to remember, are basically cafes with computers in them. It all began when Eva Pascoe, a Polish computing student living in London, crossed paths with Tim Berners Lee and other early internet mavericks at the dawn of the 90s. “I was very interested in cyberfeminism and wanted to figure out how women could reclaim tech,” she recalls. The internet was still in its infancy. Diabolically slow dial-up modems only emerged around 1992; the World Wide Web was a pipe dream until 1993 and hardly anyone had the internet at home. But there wasn’t just a lack of javascript; Eva remembers there being no good java, either. “There were no coffee shops in London,” she says, which today seems ludicrous. “Just greasy spoons and everyone drank tea. I wanted a European-style cafe.”

Linking up with like-minded pioneers David Rowe and husband and wife Keith and Gene Teare, Eva found a spot on the corner of Whitfield Street and launched Cyberia there in 1994. With Hackers-style aesthetics and futuristic furniture, it was based around a U-shaped layout that meant visitors could see each other’s screens. “I wanted women to feel safe, because a lot of the stuff on the net was dodgy,” she explains. Many of Eva’s mates chipped in to help out––architects, interior designers, graphic artists, publishers, and ravers among them.

And then there was the Amish community in Pennsylvania. Eva had to fly out there to negotiate for the “Cyberia.com” domain name they had bought. “It was a proper barn with horse carts and a wall of modems as they were running a bulletin board and an early ecommerce company. Apparently, there was always one family nominated to be the tech support,” she remembers. Back in London, Cyberia quickly became a hotspot. “Virtually the second we opened, we had three lines deep around the block,” she says. It’s hard to imagine, but nowhere else in the world was doing what they were doing. It was the world’s first cybercafe. “If you wanted to collect your emails, we were the only place in town,” Eva says.

Submission + - Google Sues Ex-Engineer In Texas Over Leaked Pixel Chip Secrets (reuters.com)

An anonymous reader writes: Google has sued one of its former engineers in Texas federal court, accusing him of stealing trade secrets related to its chip designs and sharing them publicly on the internet. The lawsuit, filed on Tuesday, said that Harshit Roy "touted his dominion" over the secrets in social media posts, tagging competitors and making threatening statements to the company including "I need to take unethical means to get what I am entitled to" and "remember that empires fall and so will you."

Google hired Roy in 2020 to develop computer chips used in Google Pixel devices like smartphones. Google said in the lawsuit that Roy resigned in February and moved from Bangalore, India to the United States in August to attend a doctorate program at the University of Texas at Austin. According to the complaint, Roy began posting confidential Google information to his X account later that month along with "subversive text" directed at the company, such as "don't expect me to adhere to any confidentiality agreement." The posts included photographs of internal Google documents with specifications for Pixel processing chips.

The lawsuit said that Roy ignored Google's takedown requests and has posted additional trade secrets to X and LinkedIn since October. Google alleged that Roy tagged competitors Apple and Qualcomm in some of the posts, "presumably to maximize the potential harm of his disclosure." Google's complaint also said that several news outlets have published stories with confidential details about Google's devices based on the information that Roy leaked. Google asked the court for an unspecified amount of monetary damages and court orders blocking Roy from using or sharing its secrets.

Submission + - Hackers for the Chinese government were able to deeply penetrate U.S. telecommun (gizmodo.com)

mspohr writes: Hackers for the Chinese government were able to deeply penetrate U.S. telecommunications infrastructure in ways that President Joe Bidenâ(TM)s administration hasnâ(TM)t yet acknowledged, according to new reports from the Washington Post and New York Times. The hackers were able to listen to phone calls and read text messages, reportedly exploiting the system U.S. authorities use to wiretap Americans in criminal cases. The worst part? The networks are still compromised and it may take incredibly drastic measures to boot them from U.S. systems.

Hackers werenâ(TM)t able to monitor or intercept anything encrypted, according to the Times, which means that conversations over apps like Signal and Appleâ(TM)s iMessage were probably protected. But end-to-end encryption over texts between Apple devices and Android devices, for instance, arenâ(TM)t encrypted in the same way, meaning they were vulnerable to interception by Salt Typhoon, according to the Times.

The details about how the hackers were able to push so deeply into U.S. systems are still scarce, but it has something to do with the ways in which U.S. authorities wiretap suspects in this country with a court order.

Submission + - Russian spies jumped from one network to another via wi-fi (wired.com)

smooth wombat writes: Steven Adair, of cybersecurity firm Veloxity, revealed at the Cyberwarcon secrity conference how Russian hackers were able to daisy-chain as many as three separate wi-fi networks in their efforts to attack victims.

Adair says that Volexity first began investigating the breach of its DC customer's network in the first months of 2022, when the company saw signs of repeated intrusions into the customer's systems by hackers who had carefully covered their tracks. Volexity's analysts eventually traced the compromise to a hijacked user's account connecting to a Wi-Fi access point in a far end of the building, in a conference room with external-facing windows. Adair says he personally scoured the area looking for the source of that connection. “I went there to physically run down what it could be. We looked at smart TVs, looked for devices in closets. Is someone in the parking lot? Is it a printer?” he says. “We came up dry.”

Only after the next intrusion, when Volexity managed to get more complete logs of the hackers' traffic, did its analysts solve the mystery: The company found that the hijacked machine which the hackers were using to dig around in its customer's systems was leaking the name of the domain on which it was hosted—in fact, the name of another organization just across the road. “At that point, it was 100 percent clear where it was coming from,” Adair says. “It's not a car in the street. It's the building next door.”

With the cooperation of that neighbor, Volexity investigated that second organization's network and found that a certain laptop was the source of the street-jumping Wi-Fi intrusion. The hackers had penetrated that device, which was plugged into a dock connected to the local network via Ethernet, and then switched on its Wi-Fi, allowing it to act as a radio-based relay into the target network. Volexity found that, to break into that target's Wi-Fi, the hackers had used credentials they'd somehow obtained online but had apparently been unable to exploit elsewhere, likely due to two-factor authentication.

Volexity eventually tracked the hackers on that second network to two possible points of intrusion. The hackers appeared to have compromised a VPN appliance owned by the other organization. But they had also broken into the organization's Wi-Fi from another network's devices in the same building, suggesting that the hackers may have daisy-chained as many as three networks via Wi-Fi to reach their final target. “Who knows how many devices or networks they compromised and were doing this on,” says Adair.

Volexity had presumed early on in its investigation that the hackers were Russian in origin due to their targeting of individual staffers at the customer organization focused on Ukraine. Then in April, fully two years after the original intrusion, Microsoft warned of a vulnerability in Windows' print spooler that had been used by Russia's APT28 hacker group—Microsoft refers to the group as Forest Blizzard—to gain administrative privileges on target machines. Remnants left behind on the very first computer Volexity had analyzed in the Wi-Fi-based breach of its customer exactly matched that technique. “It was an exact one-to-one match,” Adair says.

Submission + - Is the Hour of Code the New 30-Minute Saturday Morning Cartoon Commercial?

theodp writes: Past corporate-sponsored Hour of Code tutorials for the nation's schoolchildren have blurred the lines between coding lessons and product infomercials.

So too is the case again with this year's newly-announced Hour of Code 2024 flagship tutorials, which include Microsoft Minecraft, Amazon Music, and Transformers One movie themed intros to coding. The press release announcing the tutorials from tech-backed nonprofit Code.org, which organizes the Hour of Code and counts Microsoft and Amazon as $30+ million donors, boasts of its "decade of partnership with [Microsoft] Minecraft this year, reaching more than 300 million sessions of Minecraft Hour of Code since 2015!"

Interestingly, The Transformers (Paramount Pictures, which released Transformers One in the US, is a $25,000+ Code.org donor) is cited as one of the OG's of children's Saturday morning cartoon advertising (aka 30-minute commercials) that prompted the Children's Television Act (CTA) of 1990, an act of Congress that ordered the FCC to put in place regulations to protect children from advertising. Throughout the 1980s, Action for Children's Television (ACT) criticized children's television programs that "blur(red) the distinction between program content and commercial speech."

Submission + - Economist says: EVs should go with slow Level 1 charging (cleantechnica.com) 1

Geoffrey.landis writes: Economist Phillip Kobernick makes the case that the emphasis on fast-charging stations for electric vehicles in the US is misplaced. According to an article in cleantechnica, he argues that from an economic standpoint, what we should be doing is making more slow chargers. All thing equal, who wouldn’t choose a 10-minute charge over a 3-hour charge or a 10-hour charge? But all things are not equal. Superfast chargers are far more expensive than Level 2 chargers, and Level 2 chargers are also significantly more expensive than Level 1 charging infrastructure, which are normal electricity outlets. He points out that we get 4–7 times more charging capability installed for the same cost by going with Level 1 charging instead of Level 2. And given that people often just plug in their electric vehicles overnight, Level 1 charging can more than adequately provide what you need in that time. The case is examined in a podcast on the site.

Submission + - The A.I ate my homework (theverge.com)

Mirnotoriety writes: In a stunning misstep, OpenAI engineers accidentally erased critical evidence gathered by The New York Times and other major newspapers in their lawsuit over AI training data, according to a court filing Wednesday.

Submission + - Potentially Toxic Chloronitramide Anion Found in 1/3 of US Drinking Water (science.org)

Greymane writes: Municipal drinking water in the US is often treated with chloramines to prevent the growth of harmful microorganisms, but these molecules can also react with organic and inorganic dissolved compounds to form disinfection by-products that are potentially toxic. Fairey et al. studied a previously known but uncharacterized product of mono- and dichloramine decomposition and identified it as the chloronitroamide anion. This anion was detected in 40 drinking water samples from 10 US drinking water systems using chloramines, but not from ultrapure water or drinking water treated without chlorine-based disinfectants. Although toxicity is not currently known, the prevalence of this by-product and its similarity to other toxic molecules is concerning.

Submission + - DOJ Antitrust Case Aims To Undo Google-Anthropic Partnership (pymnts.com)

An anonymous reader writes: The Justice Department’s proposal to resolve its antitrust case over online search against Google reportedly would force the tech giant to unwind its partnership with artificial intelligence (AI) company Anthropic. A recommendation in the Justice Department’s court filing Wednesday (Nov. 20) that Google be barred from partnerships with companies that control where consumers search for information, is intended to apply to the company’s investment in Anthropic, Bloomberg reported Thursday (Nov. 21). [...]

It was reported in October 2023 that Google had invested $500 million in Anthropic and agreed to contribute another $1.5 billion over time. During that same month, PYMNTS reported that Anthropic’s commitment to building and deploying what the company said are generative AI capabilities with stronger built-in guardrails, differentiated it from other foundational AI models on the market. On Tuesday (Nov. 19), the U.K.’s competition watchdog, the Competition and Markets Authority (CMA), cleared Google’s partnership with Anthropic, saying that it had determined that the deal between the tech giant and the AI startup did not warrant additional investigation. “The CMA does not believe that Google has acquired material influence over Anthropic as a result of the partnership,” the regulator said in its assessment of the arrangement.

Submission + - AWS will pay devs to verify Rust standard library because of 7,500 unsafe functi (devclass.com)

sean-it-all writes: AWS will pay developers to verify RUST standard library. How much is unclear at this stage. The issue stems from unsafe operations in RUST standard library where access to operating system can cause issues such as a null reference exception.

"The issue AWS highlights is that even if developers use only safe code, most applications still depend on the Rust standard library. AWS states that there are approximately 7.5K unsafe functions in the Rust Standard Library and notes that 57 âoesoundness issuesâ and 20 CVEs (Common Vulnerabilities and Exposures) have been reported in the last three years. The cloud giant also claimed that âoethe rate of change of the standard libraries is faster and more unsound.â "

"The Rust Foundation says that there is a financial reward tied to each challenge, and that the âoechallenge rewards committee is responsible for reviewing activity and dispensing rewards.â How much will be paid though is not stated."

Submission + - School Did Nothing Wrong When It Punished Student For Using AI, Court Rules (arstechnica.com)

An anonymous reader writes: A federal court yesterday ruled against parents who sued a Massachusetts school district for punishing their son who used an artificial intelligence tool to complete an assignment. Dale and Jennifer Harris sued Hingham High School officials and the School Committee and sought a preliminary injunction requiring the school to change their son's grade and expunge the incident from his disciplinary record before he needs to submit college applications. The parents argued that there was no rule against using AI in the student handbook, but school officials said the student violated multiple policies.

The Harris' motion for an injunction was rejected in an order (PDF) issued yesterday from US District Court for the District of Massachusetts. US Magistrate Judge Paul Levenson found that school officials "have the better of the argument on both the facts and the law."

"On the facts, there is nothing in the preliminary factual record to suggest that HHS officials were hasty in concluding that RNH [the Harris' son, referred to by his initials] had cheated," Levenson wrote. "Nor were the consequences Defendants imposed so heavy-handed as to exceed Defendants' considerable discretion in such matters." "On the evidence currently before the Court, I detect no wrongdoing by Defendants," Levenson also wrote.

Submission + - Fintech Giant Finastra Investigating Data Breach (krebsonsecurity.com)

An anonymous reader writes: The financial technology firm Finastra is investigating the alleged large-scale theft of information from its internal file transfer platform, KrebsOnSecurity has learned. Finastra, which provides software and services to 45 of the world’s top 50 banks, notified customers of the security incident after a cybercriminal began selling more than 400 gigabytes of data purportedly stolen from the company. London-based Finastra has offices in 42 countries and reported $1.9 billion in revenues last year. The company employs more than 7,000 people and serves approximately 8,100 financial institutions around the world. A major part of Finastra’s day-to-day business involves processing huge volumes of digital files containing instructions for wire and bank transfers on behalf of its clients.

On November 8, 2024, Finastra notified financial institution customers that on Nov. 7 its security team detected suspicious activity on Finastra’s internally hosted file transfer platform. Finastra also told customers that someone had begun selling large volumes of files allegedly stolen from its systems. “On November 8, a threat actor communicated on the dark web claiming to have data exfiltrated from this platform,” reads Finastra’s disclosure, a copy of which was shared by a source at one of the customer firms. “There is no direct impact on customer operations, our customers’ systems, or Finastra’s ability to serve our customers currently,” the notice continued. “We have implemented an alternative secure file sharing platform to ensure continuity, and investigations are ongoing.” But its notice to customers does indicate the intruder managed to extract or “exfiltrate” an unspecified volume of customer data.

Submission + - Jim Zemlin, 'Head Janitor of Open Source,' Makes 20 Years At Linux Foundation (zdnet.com)

An anonymous reader writes: When I first met Zemlin, he was the head of the Free Standards Group (FSG). The FSG's main project was the Linux Standard Base (LSB) project. The LSB's goal was to get everyone in the Linux desktop world to agree on standards to ensure compatibility among distributions and their applications. Oh well, some struggles are never-ending. Another group, the Open Source Development Labs (OSDL), was simultaneously working on standardizing enterprise Linux. The two non-profits had the same goal of making Linux more useful and popular, so they agreed to merge. Zemlin was the natural pick to head this new group, which would be called The Linux Foundation.

At the time, he told me: "The combination of the two groups really enables the Linux platform and all the members of the Linux Foundation to work really effectively. I clearly understand what the organization's charter needs to be: We need to provide services that are useful to the community and industry, as well as protect, promote, and continue to standardize the platform." While initially focused on Linux, the Foundation's scope expanded significantly around 2010. Until then, the organization had hosted about a dozen projects related to the Linux operating system. However, as Linux gained dominance in various sectors, including high-performance computing, automotive, embedded systems, mobile devices, and cloud computing, the Linux Foundation started to broaden its horizons. Twenty years after he started leading the FSB, at the Linux Foundation Members Summit, Zemlin recalled how the Foundation became a "foundation of foundations," supporting developers and communities that wanted to leverage open source.

Submission + - MIT undergrads with family income below $200k can attend tuition-free in 2025 (mit.edu)

schwit1 writes: Newly expanded financial aid will cover tuition costs for admitted students from 80 percent of U.S. families.

Undergraduates with family income below $200,000 can expect to attend MIT tuition-free starting next fall, thanks to newly expanded financial aid. Eighty percent of American households meet this income threshold.

And for the 50 percent of American families with income below $100,000, parents can expect to pay nothing at all toward the full cost of their students’ MIT education, which includes tuition as well as housing, dining, fees, and an allowance for books and personal expenses.

This $100,000 threshold is up from $75,000 this year, while next year’s $200,000 threshold for tuition-free attendance will increase from its current level of $140,000.

Submission + - Does the Internet route around damage? Looks like it. (ripe.net)

Zarhan writes: On Sunday and Monday, two undersea cables in Baltic sea were cut. There is talk of a hybrid operation by Russia against Europe, and a Chinese ship has been detained by Danish Navy. However, the interesting part is did the cuts really have any effect, or does the Internet actually route around damage? RIPE tests seem to indicate so.. RIPE Atlas probes did not observe any noticeable increase of packet loss and only a minimal and perfectly expected increase of latency as traffic automatically switched itself to other available paths.

Submission + - NASA Wants SpaceX and Blue Origin To Deliver Cargo To the Moon (theverge.com)

An anonymous reader writes: After asking both SpaceX and Blue Origin to develop cargo landers for its Artemis missions, NASA has announced plans to use those landers to deliver heavy equipment to the Moon. The agency wants Elon Musk’s SpaceX to use its Starship cargo lander to deliver a pressurized rover to the Moon “no earlier” than 2032, while Jeff Bezos’ Blue Origin will be tasked with delivering a lunar surface habitat no sooner than 2033. Both launches will support NASA’s Artemis missions, which aim to bring humans back to the Moon for the first time in over 50 years.

Both companies are developing human landing systems for Artemis missions — SpaceX for Artemis III and Blue Origin for Artemis V. NASA later asked both companies to develop cargo-hauling variants of those landers, capable of carrying 26,000 to 33,000 pounds of equipment and other materials to the Moon. NASA says it will issue proposals to SpaceX and Blue Origin at the beginning of next year.

Submission + - Inside the Booming 'AI Pimping' Industry (404media.co)

An anonymous reader writes: Instagram is floodedwith hundreds of AI-generated influencers who are stealing videos from real models and adult content creators, giving them AI-generated faces, and monetizing their bodies with links to dating sites, Patreon, OnlyFans competitors, and various AI apps. The practice,first reported by 404 Media in April, has since exploded in popularity, showing that Instagram is unable or unwilling to stop the flood of AI-generated content on its platform and protect the human creators on Instagram who say they are now competing with AI content in a way that is impacting their ability to make a living.

According to our review of more than 1,000 AI-generated Instagram accounts, Discord channels where the people who make this content share tips and discuss strategy, and several guides that explain how to make money by “AI pimping,” it is now trivially easy to make these accounts and monetize them using an assortment of off-the-shelf AI tools and apps. Some of these apps are hosted on the Apple App and Google Play Stores. Our investigation shows that what was once a niche problem on the platform has industrialized in scale, and it shows what social media may become in the near future: a space where AI-generated content eclipses that of humans. [...]

Out of more than 1,000 AI-generated Instagram influencer accounts we reviewed, 100 included at least some deepfake content which took existing videos, usually from models and adult entertainment performers, and replaced their face with an AI-generated face to make those videos seem like new, original content consistent with the other AI-generated images and videos shared by the AI-generated influencer. The other 900 accounts shared images that in some cases were trained on real photographs and in some cases made to look like celebrities, but were entirely AI-generated, not edited photographs or videos. Out of those 100 accounts that shared deepfake or face-swapped videos, 60 self-identify as being AI-generated, writing in their bios that they are a “virtual model & influencer” or stating “all photos crafted with AI and apps.” The other 40 do not include any disclaimer stating that they are AI-generated.

Submission + - Windows 95 used three different operating systems during setup (techspot.com)

jjslash writes: Veteran Microsoft engineer Raymond Chen recently addressed a retro-tech question from a game developer on X. The developer asked about the three user interfaces in the Windows 95 setup process, transitioning from DOS to Windows 3.x and finally to the Win9x GUI. Chen explained this design minimized the code needed for the setup.

With over 30 years of experience shaping the evolution of Windows, Chen holds deep insights into the hidden intricacies of one of the worlds most widely used software platforms. Writing The Old New Thing blog, he said Windows 95 setup was designed to upgrade systems from three possible starting points – MS-DOS, Windows 3.1, and Windows 95 itself. This necessity dictated the need for compatibility with three distinct computing environments.

Slashdot Top Deals