Transportation

VW Group's Troubled Cariad Software Division To Lay Off 2,000 Workers 34

According to Germany's Manager Magazin, Volkswagen's board has approved laying off 2,000 employees in the Cariad software unit as part of the latest restructuring intended to right the digital ship. Autoblog reports: Former group CEO Herbert Diess established Car.Software Organization in 2020, eventually renaming it Cariad and giving the task of creating "a uniform software and technology platform for all Volkswagen Group brands." VW's info page on the division says the unit employs roughly 6,000 people around the world, up from roughly 4,500 at the end of 2021. Despite that same page claiming Cariad is building "the leading tech stack for the automotive industry," the failed stacks brought down the division's first CEO in less than a year, then brought down VW Group CEO Diess two years later as problems continued. It then probably played a role in bringing down Audi brand CEO Markus Duesmann and much, if not all, of Audi's Project Trinity when Oliver Blume took over as CEO of the VW Group. It finally took out Cariad's second CEO, Dirk Hilgenberg, over the summer. And aside from the career killing, Cariad's woes have proved problematic for every battery-electric car VW Group launch since the ID.3.

Blume put ex-Bentley production manager Peter Bosch in charge in May. Since then, Bosch has been at work on a reorganization plan to get the software division running as it should so that the software runs as it should, and so that vital products like the Audi Q6 E-Tron and Porsche Macan EV can get out the door as envisioned. Manager Magazin reported that Bosch's plan involves laying off those 2,000 employees over the next 15 months, a step that would rewind back to 2021 staffing levels, but that action needs to be discussed with VW's Works Council as it concerns labor issues. [...] As it awaits its v1.2 VW Group software, Porsche said it's going to move ahead with Google Built-In as an interim solution. More worryingly, Cariad's timetable was meant to have v2.0 out by 2025, when products like the electric Cayman and Boxster are expected, but v2.0 has been buried in favor of a redesign from scratch.
Windows

Microsoft Commits To 6 Years of Firmware Updates For New and Some Older Surface PCs (windowscentral.com) 12

Microsoft has updated its Surface support documentation, committing to supporting some Surface Pcs with six years of firmware updates -- up from the four years it originally offered. Windows Central reports: The updated documentation states that any Surface PC shipped after January 1, 2021 will receive six years of firmware updates. Surface devices shipped before that date will remain on four years of firmware updates. This means Surface Pro 7+, Surface Go 3, Surface Laptop 4, Surface Laptop Go 2, Surface Studio 2+, Surface Laptop Studio 1 and newer have all had their support cycles extended by two additional years.

Here's what the documentation says:

- For devices released before January 1, 2021: Surface devices will receive driver and firmware updates for at least four years from when the device was first released. In cases where the support duration is longer than four years, an updated end-of-servicing date will be published before the date of the last servicing.
- For devices released on and after January 1, 2021: Surface devices will receive driver and firmware updates for at least six years from when the device was first released. In cases where the support duration is longer than six years, an updated end-of-servicing date will be published before the date of the last servicing.

AI

Meta's Free AI Isn't Cheap To Use, Companies Say (theinformation.com) 18

Some companies that pay for OpenAI's artificial intelligence have been looking to cut costs with free, open-source alternatives. But these AI customers are realizing that oftentimes open-source tech can actually be more expensive than buying from OpenAI. The Information: Take Andreas Homer and Ebby Amir, co-founders of Cypher, an app that helps people create virtual versions of themselves in the form of a chatbot. Industry excitement this summer about the release of Llama 2, an open-source large language model from Meta Platforms, prompted the duo to test it for their app, leading to a $1,200 bill in August from Google Cloud, Cypher's cloud provider. Then they tried using GPT-3.5 Turbo, an OpenAI model that underpins services such as ChatGPT, and were surprised to see that it cost around $5 per month to handle the same amount of work.

Baseten, a startup that helps developers use open-source LLMs, says its customers report that using Llama 2 out of the box costs 50% to 100% more than for OpenAI's GPT-3.5 Turbo. The open-source option is cheaper only for companies that want to customize an LLM by training it on their data; in that case, a customized Llama 2 model costs about one-fourth as much as a customized GPT-3.5 Turbo model, Baseten found. Baseten also found that OpenAI's most advanced model, GPT-4, is about 15 times more expensive than Llama 2, but typically it's only needed for the most advanced generative AI tasks like code generation rather than the ones most large enterprises want to incorporate.

Security

Okta Breach: 134 Customers Exposed in October Support System Hack 13

Okta says attackers who breached its customer support system last month gained access to files belonging to 134 customers, five of them later being targeted in session hijacking attacks with the help of stolen session tokens. From a report: "From September 28, 2023 to October 17, 2023, a threat actor gained unauthorized access to files inside Okta's customer support system associated with 134 Okta customers, or less than 1% of Okta customers," Okta revealed. "Some of these files were HAR files that contained session tokens which could in turn be used for session hijacking attacks. The threat actor was able to use these session tokens to hijack the legitimate Okta sessions of 5 customers, 3 of whom have shared their own response to this event." The three Okta customers that already disclosed they were targeted due to the company's October security breach are 1Password, BeyondTrust, and Cloudflare. They all notified Okta of suspicious activity after detecting unauthorized attempts to log into in-house Okta administrator accounts.
Google

Google, Lendlease End Deals for San Francisco Bay Projects (bloomberg.com) 48

Alphabet's Google and property developer Lendlease Group have ended an agreement to build four projects in the San Francisco Bay Area as the technology firm reviews its real estate footprint. From a report: Lendlease said it will be compensated for its work during the planning process for the projects, which are located in San Jose, Sunnyvale and Mountain View, according to a statement Thursday. "The decision to end these agreements followed a comprehensive review by Google of its real estate investments, and a determination by both organizations that the existing agreements are no longer mutually beneficial given current market conditions," Sydney-based Lendlease said in the statement.

The projects would have totaled more than 15 million square feet (1.4 million square meters) of office, residential, retail, hospitality and community development space. The projects were also slated to bring more housing to California's tight residential market. Google still plans to work with developers and capital partners to move the projects forward, according to a spokesperson. "As we've shared before, we've been optimizing our real estate investments in the Bay Area, and part of that work is looking at a variety of options to move our development projects forward and deliver on our housing commitment," Alexa Arena, a senior director of development at Google, said in an emailed statement.

Power

12 V Battery Problem Forces Toyota To Recall 1.8 Million SUVs (arstechnica.com) 62

An anonymous reader quotes a report from Ars Technica: There's plenty of fear, uncertainty, and doubt about electric cars and the potential risk of battery fires, but the regular old 12 V battery is responsible for Toyota issuing a recall for more than 1.8 million cars this week. Toyota says the problem is due to differences in the sizes of replacement batteries -- some have smaller tops than others, and if a smaller-top battery isn't held in properly by its clamp, the battery could move under hard cornering, letting the positive terminal contact the clamp, causing a short-circuit and possible fire risk.

The problem affects 2013-2018 RAV4s -- about 1,854,000 of them, according to Toyota. The official National Highway Traffic Safety Administration safety recall notice has not yet been posted, but NHTSA's Office of Defects Investigation has had an open case looking into the problem since February 2021, after 11 complaints about "non-crash thermal events" starting in the engine bays of RAV4s. Toyota says that it's working on a new hold-down clamp, battery tray, and positive terminal cover. Once those are ready, the automaker will replace those components for free. The automaker says owners should be contacted about the recall by late December.

Google

Apple Called Android a 'Massive Tracking Device' In 2013 (9to5google.com) 29

An anonymous reader quotes a report from 9to5Google: Coming out of the ongoing Google antitrust trial, an internal Apple presentation has surfaced (via The Verge) in which the company called Android a "massive tracking device." The presentation in question was regarding a push within Apple to start "Competing on Privacy." The slides, made in January 2013, dove into how Apple's competitors (Google, Facebook, Amazon, and Microsoft primarily) handled privacy matters and user data. A "privacy timeline" includes some 2000s and 2010s events that made headlines regarding privacy, such as Google's Street View cars recording private Wi-Fi networks and Instagram's aim to use user photos in its ads, as well as Google's privacy policy move to combining user data across services. Apple went on to compare how its products handle privacy differently from Google and others.

The presentation culminates in the full-page statement [...] where Apple says that "Android is a massive tracking device." The slideshow is partially redacted and abridged, which leaves out the context of this statement, but it's certainly a bold way to talk about a competitor. Of course, all mobile devices do a whole lot of tracking, whether it's Android or iOS.

Microsoft

Microsoft Overhauling Its Software Security After Major Azure Cloud Attacks (theverge.com) 40

An anonymous reader shares a report: Microsoft has had a rough few years of cybersecurity incidents. It found itself at the center of the SolarWinds attack nearly three years ago, one of the most sophisticated cybersecurity attacks we've ever seen. Then, 30,000 organizations' email servers were hacked in 2021 thanks to a Microsoft Exchange Server flaw. If that weren't enough already, Chinese hackers breached US government emails via a Microsoft cloud exploit earlier this year. Something had to give.

Microsoft is now announcing a huge cybersecurity effort, dubbed the Secure Future Initiative (SFI). This new approach is designed to change the way Microsoft designs, builds, tests, and operates its software and services today. It's the biggest change to security efforts inside Microsoft since the company announced its Security Development Lifecycle (SDL) in 2004 after Windows XP fell victim to a huge Blaster worm attack that knocked PCs offline in 2003. That push came just two years after co-founder Bill Gates had called on a trustworthy computing initiative in an internal memo.

Microsoft now plans to use automation and AI during software development to improve the security of its cloud services, cut the time it takes to fix cloud vulnerabilities, enable better security settings out of the box, and harden its infrastructure to protect against encryption keys falling into the wrong hands. In an internal memo to Microsoft's engineering teams today, the company's leadership has outlined its new cybersecurity approach. It comes just months after Microsoft was accused of "blatantly negligent" cybersecurity practices related to a major breach that targeted its Azure platform. Microsoft has faced mounting criticism of its handling of a variety of cybersecurity issues in recent years.

Mozilla

Mozilla's 'Failed' Bet on Yahoo Takes Spotlight in Google Trial (bloomberg.com) 15

Mozilla Foundation's decision to switch the search engine built into its Firefox browser to Yahoo from Google was a "failed" bet that degraded the user experience, the company's chief executive said. From a report: Chief Executive Officer Mitchell Baker said Mozilla decided to switch to Yahoo's technology in 2014 after CEO Marissa Mayer took over and promised "to make a big bet on us."

"That bet failed," Baker said in a videotaped interview from 2022 played Wednesday in Google's defense during the Justice Department's antitrust trial. "The search experience that Yahoo was providing to Firefox users deteriorated." The Mozilla example -- the only situation in which a browser has switched the default search engine provider -- has been cited by both Google and the Justice Department to support their arguments in the case. [...] Yahoo agreed to pay Mozilla a minimum of $375 million -- more than the $276 million a year that Google was offering, Baker said. It also agreed to reduce the number of ads and offer less user tracking than Google, but over time Yahoo reneged on that and began showing more advertising, she added.

Social Networks

Instagram Head Says Threads API Is In the Works (techcrunch.com) 15

Ivan Mehta reports via TechCrunch: Instagram head Adam Mosseri said today that a Threads API is in the works. This will give developers a chance to create different apps and experiences around Threads. Mosseri was responding to journalist Casey Newton, who was conversing with a user about a TweetDeck-like experience for Threads. The Instagram head expressed apprehension about publishers posting a bunch of content and in turn, overshadowing creator content.

"We're working on it. My concern is that it'll mean a lot more publisher content and not much more creator content, but it still seems like something we need to get done," Mosseri said in a post. Later, an engineer working on Threads said that the team would start with endpoints for publishing content for the API. [...]

While Mosseri is concerned about publishers pushing an overwhelming amount of content through API integration, creators also need different tools to post various types of content. It also makes it easier for developers to design features suited for a specific platform if there is the option for an API integration.

Google

Google's 2019 'Code Yellow' Blurred Line Between Search, Ads (bloomberg.com) 25

An anonymous reader shares a report: The former head of search at Alphabet's Google told colleagues in February 2019 that his team was "getting too involved with ads for the good of the product and company," according to emails shown at the Justice Department's landmark antitrust trial against the search giant. Google maintains a firewall between its ads and search teams so that its engineers can innovate on Google's search engine, unsullied by the influence of the team whose goal is to maximize advertising revenue. But in February 2019, testimony at the antitrust trial revealed Tuesday, Google internally declared a "Code Yellow" amid concerns the company might not meet its goals for search revenue for the quarter.

As part of the emergency, which lasted for seven weeks, engineers from Google's search and Chrome browser teams were reassigned to figure out why user queries had slowed, according to the documents. Ben Gomes, Google's former head of search, was called by the company in its defense to show that it had made various advancements in search, particularly in mobile. However, cross examination by Justice Department lawyer David Dahlquist revealed the tensions between Gomes' search team and its advertising counterparts. The questioning sought to undermine Google's contentions that its search team focuses solely on improving the user experience and has sometimes been pulled into the advertising side, where the Justice Department alleges Google has been able to raise prices without pushback.

Microsoft

Microsoft Calls Time on Windows Insider MVP Program (theregister.com) 12

Microsoft has decided to axe the Windows Insider MVP program, which is now scheduled to be discontinued at the end of the year. From a report: A Microsoft spokesperson told The Register: "In an effort to consolidate MVP-style programs across Microsoft, we have decided to retire the Windows Insider MVP Program effective December 31, 2023. All our existing Windows Insider MVPs will be nominated to participate in the Microsoft MVP Program which has similar benefits and opportunities to continue networking with us and interacting with many other Microsoft MVPs globally."

The Windows Insider MVPs are usually enthusiasts of Microsoft's wares who are rewarded for their loyalty with access to the engineering teams, complimentary subscriptions to products such as Visual Studio Enterprise and Office 365, as well as the odd paperweight or two. A nomination must come from another MVP or a Microsoft employee to achieve this coveted status. An application is then scrutinized, and if one has demonstrated sufficient passion for all things Microsoft, the nod is given. Microsoft has plenty of Insider programs where users can play with pre-release versions of the company's software.

Technology

HSBC Takes Stab at Using Blockchain To Modernize London's Antiquated Gold Market (bloomberg.com) 39

One of the world's top bullion banks is bringing blockchain to the antiquated London gold market. From a report: HSBC has launched a platform that uses distributed ledger technology to tokenize ownership of physical gold held in its London vault, Mark Williamson, global head of FX and commodities partnerships and propositions, said in an interview. The new system creates digital tokens that represent gold bars, which can then be traded through the bank's single-dealer platform. [...] What sets HSBC apart is its clout in the bullion market. It is one of the world's largest custodians of precious metals and one of four clearers on the London gold market, where over $30 billion of the metal changes hands every day.

Around 698,000 gold bars are stored in vaults in the Greater London area, valued at around $525 billion, according to the London Bullion Market Association. Despite its vast size, London's gold market still relies heavily on manual record keeping and trades entirely over-the-counter. Using blockchain technology makes the process "quicker and less cumbersome" as clients can more easily track the gold they own through the platform, down to the serial number of each bar, Williamson said. HSBC plans to eventually expand its system to include other precious metals, he added.

Google

A Rare Look at Google's Most Lucrative Search Queries (theverge.com) 66

An anonymous reader shares a report: Not all Google searches make Google money. Google often says that it only shows ads on about 20 percent of queries, the ones it calls "commercial queries." This week, during the US v. Google antitrust trial, we got a rare glimpse at a closely guarded secret: which search terms make the most money. The list is only for the week of September 22nd, 2018, and it is the list of top queries ordered by revenue and nothing else. Still, we've never seen anything quite like this before, and the list was only made public after long deliberations from Judge Amit Mehta, who has, over the course of the trial, begun to push both sides to be more public with information and data like this.

Okay, here are the top 20 queries for that week ordered by revenue: iphone 8, iphone 8 plus, auto insurance, car insurance, cheap flights, car insurance quotes, direct tv, online colleges, at&t, hulu, iphone, uber, spectrum, comcast, xfinity, insurance quotes, free credit report, cheap car insurance, aarp, and lifelock.

AI

US, China and 26 Other Nations Agree To Co-operate Over AI Development (ft.com) 15

Twenty-eight countries including the US, UK and China have agreed to work together to ensure artificial intelligence is used in a "human-centric, trustworthy and responsible" way, in the first global commitment of its kind. From a report: The pledge forms part of a communique signed by major powers including Brazil, India and Saudi Arabia, at the inaugural AI Safety Summit. The two-day event, hosted and convened by British prime minister Rishi Sunak at Bletchley Park, started on Wednesday. Called the Bletchley Declaration, the document recognises the "potential for serious, even catastrophic, harm" to be caused by advanced AI models, but adds such risks are "best addressed through international co-operation." Other signatories include the EU, France, Germany, Japan, Kenya and Nigeria.

The communique represents the first global statement on the need to regulate the development of AI, but at the summit there are expected to be disagreements about how far such controls should go. Country representatives attending the event include Hadassa Getzstain, Israeli chief of staff at the ministry of innovation, science and technology, and Wu Zhaohui, Chinese vice minister for technology. Gina Raimondo, US commerce secretary, gave an opening speech at the summit and announced a US safety institute to evaluate the risks of AI. This comes on the heels of a sweeping executive order by President Joe Biden, announced on Monday, and intended to curb the risks posed by the technology.

Businesses

LinkedIn Hits 1 Billion Users, Adds AI Features for Job Seekers (reuters.com) 28

LinkedIn, the business-focused social network owned by Microsoft, on Wednesday said it now has more than 1 billion members and is adding more AI features for paying users. From a report: Crossing the billion-users mark puts LinkedIn -- where members maintain a resume-like profile of their education, work experience and professional skills -- in the top-tier of social media networks that include rivals such as Meta Platforms. About 80% of recent members are signing up from outside of the United States, the company has said.

LinkedIn has a free tier of membership but also offers subscriptions. Members of its $39.99-a-month tier will get new AI features that can tell a user, who may be plowing through dozens of job postings, whether they're a good candidate based on the information in their profile. The system can also recommend profile changes to make the user more competitive for a job.

Businesses

WeWork Plans To File For Bankruptcy as Early as Next Week (reuters.com) 50

WeWork plans to file for bankruptcy as early as next week, Reuters reported Tuesday, citing a source familiar with the matter, as the SoftBank Group-backed company struggles with a massive debt pile and hefty losses. From the report: Shares of the flexible workspace provider fell 32% in extended trading after the Wall Street Journal first reported the news. They have fallen roughly 96% this year. [...] The company had net long-term debt of $2.9 billion as of June end and more than $13 billion in long-term leases, at a time when rising borrowing costs are hurting the commercial real estate sector. WeWork's filing for bankruptcy would mark a stunning reversal of fortune for the company that was privately valued at $47 billion in 2019 and a black spot for investor SoftBank that sunk billions.
Google

Google Registry Launches .ing Domains, Begg.ing For Wordplay (9to5google.com) 75

Google Registry has added domains ending in ".ing" -- "a situation seem/ing ripe for exceed.ing amounts of wordplay," reports 9to5Google. From the report: Google Registry -- which is different from Google Domains, the service Google is sell.ing off to SquareSpace -- tries to push the boundaries of domain names by launch.ing options like ".dev," ".app," and ".meme" (soon). After first be.ing announced in August, Google Registry is officially open.ing registration of .ing domains through partner companies like GoDaddy and 101Domain. As you might expect, the new domain end.ing is meant to inspire a sense of action, as exemplified by the first wave of companies debut.ing new domain names:

If you want a .ing domain of your own, you can do so from the official ".ing" site, but you'll be pay.ing an extra one-time fee dur.ing the Early Access Period, which runs until December 5, 2023, with fees decreas.ing on a "daily schedule." Register.ing during "Phase 1" will set you back over $1 million -- quite a lot of cha-ch.ing -- while "Phase 9" drops down as low as $144.99.

Media

YouTube Is Getting Serious About Blocking Ad Blockers (theverge.com) 286

Emma Roth reports via The Verge: YouTube is broadening its efforts to crack down on ad blockers. The platform has "launched a global effort" to encourage users to allow ads or try YouTube Premium, YouTube communications manager Christopher Lawton says in a statement provided to The Verge. If you run into YouTube's block, you may see a notice that says "video playback is blocked unless YouTube is allowlisted or the ad blocker is disabled." It also includes a prompt to allow ads or try YouTube Premium. You may get prompts about YouTube's stance on ad blockers but still be able to watch a video, though, for one Verge staffer, YouTube now fully blocks them nearly every time.

YouTube confirmed that it was disabling videos for users with ad blockers in June, but Lawton described it as only a "small experiment globally" at the time. Now, YouTube has expanded this effort. Over the past several weeks, more users with ad blockers installed have found themselves unable to watch YouTube videos, with a post from Android Authority highlighting the increase in reports. Lawton maintains that the "use of ad blockers" violates the platform's terms of service, adding that "ads support a diverse ecosystem of creators globally and allow billions to access their favorite content on YouTube."

The Internet

Russia Blocks 167 VPNs, Steps Up OpenVPN and WireGuard Disruption (torrentfreak.com) 42

An anonymous reader quotes a report from TorrentFreak: The head of the Russian department responsible for identifying threats to the "stability, security and integrity" of the internet, has revealed the extent of the Kremlin's VPN crackdown. Former FSO officer Sergei Khutortsev, a central figure in Russia's 'sovereign internet' project, confirmed that 167 VPN services are now blocked along with over 200 email services. Russia is also reported as stepping up measures against protocols such as OpenVPN, IKEv2 and WireGuard. [...]

An in-depth report published by TheIns.ru has details of the monitoring/blocking system reportedly deployed in Russia, how much it costs (4.3 billion rubles/$43 million in 2020, 24.7 billion rubles/$247 million for 2022-2024), and the names of the companies supplying the components. The publication also obtained original documents that apparently show some of the protocols Russia initially intended to block. They include older VPN protocols IPSec, L2TP, and PPTP, plus the BitTorrent protocol still widely used today. The full report on the system, which reveals the use of Intel chips/chipsets in 965 servers manufactured by Huawei and already purchased by Russia, plus another 2400+ servers for 2023/24, is available here.

Slashdot Top Deals