S&P 500 groups from a burrito maker to a cruise-ship operator tout promise of emerging technology. From a report: The rapid rise of artificial intelligence has sparked excitement in industries from fast food to theme parks, with executives rushing to show how they will be among beneficiaries of the new technology. Analysis of their regulatory filings, however, suggests much of the talk is only talk. Almost 40 per cent of companies in the blue-chip S&P 500 index have mentioned AI or related terms in earnings calls in the latest financial quarter, according to data from Alphasense. Less than one in six -- 16 per cent -- mentioned it in their corresponding regulatory filings, highlighting how AI has yet to make a material impact for the vast majority of companies.

"The joke out there was that all you had to do last quarter was say 'AI' and your stock would pop immediately," said Bryant VanCronkhite, a senior portfolio manager at Allspring Global Investments, the $550bn asset manager. "Some companies are saying they're doing AI when they're really just trying to figure out the basics of automation. The pretenders will be shown up for that at some point," he said.

An anonymous reader quotes a report from Ars Technica: Political polarization in the US has become a major issue, as Republicans and Democrats increasingly inhabit separate realities on topics as diverse as election results and infectious diseases. [...] Now, a team of researchers has tested whether social media can potentially help the situation by getting people with opposite political leanings talking to each other about controversial topics. While this significantly reduced polarization, it appeared to be more effective for Republican participants. The researchers zeroed in on two concepts to design their approach. The first is the idea that simply getting people to communicate across the political divide might reduce the sense that at least some of their opponents aren't as extreme as they're often made out to be. The second is that anonymity would allow people to focus on the content of their discussion, rather than worrying about whether what they were saying could be traced back to them.

The researchers realized that they couldn't have any sort of control over conversations on existing social networks. So, they built their own application and hired professionals to do the graphics, support, and moderation. [...] People were randomly assigned to a few conditions. Some didn't use the app at all and were simply asked to write an essay on one of the topics under consideration (immigration or gun control). The rest were asked to converse on the platform about one of these topics. Every participant in these conversations was paired with a member of the opposing political party. Their partners were either unlabeled, labeled as belonging to the opposing party, or labeled as belonging to the same party (although the latter is untrue). Both before and after use of the app, participants answered questions about their view of politicized issues, members of their own party, and political opponents. These were analyzed in terms of issues and social influences, as well as rolled into a single index of polarization for the analysis.

The conversations appeared to have an effect, with polarization lowered by about a quarter of a standard deviation among those who engaged with political opponents that were labeled accordingly. Somewhat surprisingly, conversation partners who were mislabeled had a nearly identical effect, presumably because they suggested that a person's own party contained a diversity of perspectives on the topic. In cases where no party affiliation was given, the depolarization was smaller (0.15 standard deviations). The striking thing is that most of the change came from Republican participants. There, polarization was reduced by 0.4 standard deviations. In contrast, Democratic participants only saw it drop by 0.1 standard deviations -- a change that wasn't statistically significant. The error bars of the two groups of party members overlapped, however, so while large, it's not clear what this difference might tell us. The researchers went back and ran the conversations through sentiment analysis and focused on people whose polarization had dropped the most. They found that their conversation partners used less heated language at the start of the conversation. So it appears that displaying respect for your political opponents can still make a difference, at least in one-on-one conversations. While the conversations had a larger impact on people's views of individual issues, it also influenced their opinion of their political opponents more generally, and the difference between the two effects wasn't statistically significant. The findings have been published in the journal Nature Human Behavior.

William Brady writes via The Conversation: People are increasingly interacting with others in social media environments where algorithms control the flow of social information they see. Algorithms determine in part which messages, which people and which ideas social media users see. On social media platforms, algorithms are mainly designed to amplify information that sustains engagement, meaning they keep people clicking on content and coming back to the platforms. I'm a social psychologist, and my colleagues and I have found evidence suggesting that a side effect of this design is that algorithms amplify information people are strongly biased to learn from. We call this information "PRIME," for prestigious, in-group, moral and emotional information. In our evolutionary past, biases to learn from PRIME information were very advantageous: Learning from prestigious individuals is efficient because these people are successful and their behavior can be copied. Paying attention to people who violate moral norms is important because sanctioning them helps the community maintain cooperation.

But what happens when PRIME information becomes amplified by algorithms and some people exploit algorithm amplification to promote themselves? Prestige becomes a poor signal of success because people can fake prestige on social media. Newsfeeds become oversaturated with negative and moral information so that there is conflict rather than cooperation. The interaction of human psychology and algorithm amplification leads to dysfunction because social learning supports cooperation and problem-solving, but social media algorithms are designed to increase engagement. We call this mismatch functional misalignment.

One of the key outcomes of functional misalignment in algorithm-mediated social learning is that people start to form incorrect perceptions of their social world. For example, recent research suggests that when algorithms selectively amplify more extreme political views, people begin to think that their political in-group and out-group are more sharply divided than they really are. Such "false polarization" might be an important source of greater political conflict. Functional misalignment can also lead to greater spread of misinformation. A recent study suggests that people who are spreading political misinformation leverage moral and emotional information -- for example, posts that provoke moral outrage -- in order to get people to share it more. When algorithms amplify moral and emotional information, misinformation gets included in the amplification. Brady cites several new studies on this topic that have demonstrated that social media algorithms clearly amplify PRIME information. However, it's unclear if this amplification leads to offline polarization.

Looking ahead, Brady says his team is "working on new algorithm designs that increase engagement while also penalizing PRIME information." The idea is that approach would "maintain user activity that social media platforms seek, but also make people's social perceptions more accurate," he says.

Google is testing a new feature in the Chrome browser that will warn users when an installed extension has been removed from the Chrome Web Store, usually indicative of it being malware. BleepingComputer reports: An unending supply of unwanted browser extensions is published on the Chrome Web Store and promoted through popup and redirect ads. These extensions are made by scam companies and threat actors who use them to inject advertisements, track your search history, redirect you to affiliate pages, or in more severe cases, steal your Gmail emails and Facebook accounts. The problem is that these extensions are churned out quickly, with the developers releasing new ones just as Google removes old ones from the Chrome Web Store. Unfortunately, if you installed one of these extensions, they will still be installed in your browser, even after Google detects them as malware and removes them from the store.

Due to this, Google is now bringing its Safety Check feature to browser extensions, warning Chrome users when an extension has been detected as malware or removed from the store and that they should be uninstalled from the browser. This feature will go live in Chrome 117, but you can now test it in Chrome 116 by enabling the browser's experimental 'Extensions Module in Safety Check' feature. [...] Google says that extensions can be removed from the Chrome Web Store because they were unpublished by the developer, violated policies, or were detected as malware.

The US acted aggressively last year to limit China's ability to develop artificial intelligence for military purposes, blocking the sale there of the most advanced US chips used to train AI systems. From a report: Big advances in the chips used to develop generative AI have meant that the latest US technology on sale in China is more powerful than anything available before. That is despite the fact that the chips have been deliberately hobbled for the Chinese market to limit their capabilities, making them less effective than products available elsewhere in the world. The result has been soaring Chinese orders for the latest advanced US processors. China's leading Internet companies have placed orders for $5 billion worth of chips from Nvidia, whose graphical processing units have become the workhorse for training large AI models.

The impact of soaring global demand for Nvidia's products is likely to underpin the chipmaker's second-quarter financial results due to be announced on Wednesday. Besides reflecting demand for improved chips to train the Internet companies' latest large language models, the rush has also been prompted by worries that the US might tighten its export controls further, making even these limited products unavailable in the future. However, Bill Dally, Nvidia's chief scientist, suggested that the US export controls would have greater impact in the future. "As training requirements [for the most advanced AI systems] continue to double every six to 12 months," the gap between chips sold in China and those available in the rest of the world "will grow quickly," he said.

SK Telecom, South Korea's dominant mobile carrier and sibling of chipmaker SK hynix, has declared that 5G was over-hyped, has under-delivered, and has failed to deliver a killer app. From a report: The telco offered that assessment in a recent white paper titled "5G Lessons Learned, 6G Key Requirements, 6G Network Evolution, and 6G Spectrum." The paper opens with an unflattering assessment of 5G, which the authors recall being sold as an enabler of autonomous driving, unmanned aerial vehicles (UAM), extended reality (XR) and digital twins. Those applications were possible, but did not succeed due to a combination of "device form factor constraints, immaturity of device and service technology, low or absent market demand, and policy/regulation issues."

The performance of 5G networks was not the issue, the paper argues. The telco argued that some of the goals set out by the UN's international standardization org ITU-R for 5G were met, but many tasks are still far from completion four years into the technology's commercial deployment. Those goals were meant to be realized in the long term -- but that expectation was not accurately conveyed to consumers, leading to "excessive expectations."

An anonymous reader shares a column: You can still do a clean install of Windows, and it's arguably easier than ever, with official Microsoft-sanctioned install media easily accessible and Windows Update capable of grabbing most of the drivers that most computers need for basic functionality. The problem is that a "clean install" doesn't feel as clean as it used to, and unfortunately for us, it's an inside job -- it's Microsoft, not third parties, that is primarily responsible for the pile of unwanted software and services you need to decline or clear away every time you do a new Windows install.

The "out-of-box experience" (OOBE, in Microsoft parlance) for Windows 7 walked users through the process of creating a local user account, naming their computer, entering a product key, creating a "Homegroup" (a since-discontinued local file- and media-sharing mechanism), and determining how Windows Update worked. Once Windows booted to the desktop, you'd find apps like Internet Explorer and the typical in-box Windows apps (Notepad, Paint, Calculator, Media Player, Wordpad, and a few other things) installed. Keeping that baseline in mind, here's everything that happens during the OOBE stage in a clean install of Windows 11 22H2 (either Home or Pro) if you don't have active Microsoft 365/OneDrive/Game Pass subscriptions tied to your Microsoft account:

(Mostly) mandatory Microsoft account sign-in.
Setup screen asking you about data collection and telemetry settings.
A (skippable) screen asking you to "customize your experience."
A prompt to pair your phone with your PC.
A Microsoft 365 trial offer.
A 100GB OneDrive offer.
A $1 introductory PC Game Pass offer.

This process is annoying enough the first time, but at some point down the line, you'll also be offered what Microsoft calls the "second chance out-of-box experience," or SCOOBE (not a joke), which will try to get you to do all of this stuff again if you skipped some of it the first time. This also doesn't account for the numerous one-off post-install notification messages you'll see on the desktop for OneDrive and Microsoft 365. (And it's not just new installs; I have seen these notifications appear on systems that have been running for months even if they're not signed in to a Microsoft account, so no one is safe). And the Windows desktop, taskbar, and Start menu are no longer the pristine places they once were. Due to the Microsoft Store, you'll find several third-party apps taking up a ton of space in your Start menu by default, even if they aren't technically downloaded and installed until you run them for the first time. Spotify, Disney+, Prime Video, Netflix, and Facebook Messenger all need to be removed if you don't want them (this list can vary a bit over time).

The Biden administration on Monday continued its push toward internet-for-all by 2030, announcing about $667 million in new grants and loans to build more broadband infrastructure in the rural U.S. From a report: "With this investment, we're getting funding to communities in every corner of the country because we believe that no kid should have to sit in the back of a mama's car in a McDonald's parking lot in order to do homework," said Mitch Landrieu, the White House's infrastructure coordinator, in a call with reporters. The 37 new recipients represent the fourth round of funding under the program, dubbed ReConnect by the U.S. Department of Agriculture. Another 37 projects received $771.4 million in grants and loans announced in April and June.

The money flowing through federal broadband programs, including what was announced Monday and the $42.5 billion infrastructure program detailed earlier this summer, will lead to a new variation on "the electrification of rural America," Landrieu said, repeating a common Biden administration refrain. The largest award went to the Ponderosa Telephone Co. in California, which received more than $42 million to deploy fiber networks in Fresno County. In total, more than 1,200 people, 12 farms and 26 other businesses will benefit from that effort alone, according to USDA.

Slashdot reader Dave Knott writes: John Warnock, co-founder and ex-CEO of Adobe, has died at the age of 82. Under his tenure, Adobe created Postscript, Acrobat, Photoshop, and many other technologies and software products that have become industry standards in publishing, graphic design, video editing, photography and more. A cause of death has not been released; he is survived by his wife, graphic designer Marva Warnock, and his three children
Slashdot covered the death of Adobe co-founder Charles 'Chuck' Geschke in 2021: The company started in co-founder John Warnock's garage in 1982, and was named after the Adobe Creek which ran behind Warnock's home, offering pioneering capabilities in "What you see is what you get" (or WYSIWYG) desktop publishing... [Gizmodo writes] after earning a doctorate from Carnegie Mellon University, Geschke met Warnock while working at the Xerox Palo Alto Research Center, according to the Mercury News.
"In the Spring of 1991 Dr. John Warnock wrote a paper he dubbed 'Camelot' in which the Adobe Systems Co-founder and CEO laid out the foundation for what has become Acrobat/PDF," remembers this 2002 Slashdot post.

And last year Silicon Valley's Computer History Museum publicly released "for the first time, the source code for the breakthrough printing technology, PostScript. We thank Adobe, Inc. for their permission and support, and John Warnock for championing this release.... From the start of Adobe Systems Incorporated (now Adobe, Inc.) exactly forty years ago in December 1982, the firm's cofounders envisioned a new kind of printing press â" one that was fundamentally digital, using the latest advances in computing. Initial discussions by cofounders Chuck Geschke and John Warnock with computer-makers such as Digital Equipment Corporation and Apple convinced them that software was the key to the new digital printing press. Their vision: Any computer could connect with printers and typesetters via a common language to print words and images at the highest fidelity. Led by Warnock, Adobe assembled a team of skillful and creative programmers to create this new language. In addition to the two cofounders, the team included Doug Brotz, Bill Paxton, and Ed Taft. The language they created was in fact a complete programming language, named PostScript, and was released by Adobe in 1984.

By treating everything to be printed the same, in a common mathematical description, PostScript granted abilities offered nowhere else. Text and images could be scaled, rotated, and moved at will, as in the opening image to this essay. Adobe licensed PostScript to computer-makers and printer manufacturers, and the business jumped into a period of hypergrowth....

Today, most printers rely on PostScript technology either directly or through a technology that grew out of it: PDF (Portable Document Format). John Warnock championed the development of PDF in the 1990s, transforming PostScript into a technology that was safer and easier to use as the basis for digital documents, but retaining all the benefits of interoperability, fidelity, and quality.

In a Thursday memo, Meta's "Head of People" told employees "that their managers would receive their badge data and that repeated violations of the new three-day-a-week requirement could cause workers to lose their jobs," writes SFGate (citing a report from Insider): In June, the Menlo Park-based firm announced its plan to require that most employees work from an office at least three days each week — it goes into effect Sept. 5... Meta confirmed the update to SFGATE... Goler's note on the return-to-office requirements, Insider reports, reads, "As with other company policies, repeated violations may result in disciplinary action, up to and including a Performance rating drop and, ultimately, termination if not addressed."

As for employees who are grandfathered into a remote work arrangement (the firm bars managers from opening more of these positions), the note lays down a strict policy: If remote employees consistently come into the office more than four times every two months outside major events, they'll be shifted to the three-day-a-week plan.

"We believe that distributed work will continue to be important in the future, particularly as our technology improves," a Meta spokesperson said in a statement sent to SFGATE. "In the near-term, our in-person focus is designed to support a strong, valuable experience for our people who have chosen to work from the office, and we're being thoughtful and intentional about where we invest in remote work."
The article notes that Mark Zuckerberg told The Verge in 2020 that Meta would become "the most forward-leaning company on remote work at our scale," speculating that half the company could be permanently remote within a decade.

"However, in 2023, which Zuckerberg dubbed Meta's 'year of efficiency,' employees have seen a remote-first culture melt away. In March, as the executive announced 10,000 layoffs on top of a huge cut in November, he wrote that early-career engineers do better when they're working in person at least three days a week."

The "vast majority of battery-powered and hybrid cars" don't have a spare tire, reports the Los Angeles Times.

Honda told one complaining customer that "if the vehicle is in an accident, the spare tire can cause damage to the electric battery which could cause a failure in the battery." But according to the Times, "car design experts said that explanation was plausible but far-fetched." There's a simpler explanation for the move away from spare tires: They're too big and heavy, and people don't really need them anymore... Car manufacturers have been ridding their sedans and smaller SUVs of full-sized spares for some time. In 2018, Consumer Reports said, 60% of the vehicles it had tested over the previous five years came with small-sized temporary tires ("doughnuts"), and only 10% came with full-sized spares... The best-selling models of electric sedans and SUVs — Teslas, the Chevy Bolt, the Volkswagen ID.4, the Ford Mustang Mach-E, the Hyundai Ioniq 5, the BMW i4 and the Mercedes EQS — have no spare of any kind, even if they come with a premium price tag. Ditto for hybrids; the Toyota Prius, for example, hasn't included a spare since 2016.

That's not because people magically stopped having flat tires. U.S. drivers suffer 94 million flat tires a year, according to LookupAPlate.com, a site that collects reports about bad drivers... Finding space for a spare is particularly challenging for a car powered by something other than gasoline, designers say. "Pushing the range of EVs requires batteries, electrical systems control units or hydrogen tanks to encroach into the traditional places that spare tires are found: under the trunk floor," said Geoff Wardle, executive director of transportation systems and design at the ArtCenter College of Design. The space crunch is worse for hybrids, which require room for both a battery system and an internal combustion engine, said Scott Grasman, dean of the College of Engineering at Kettering University in Flint, Mich.
The extra weight always made it a little harder to meet fuel efficiency requirements — but spare tires also increase manufacturing costs, the article notes. "And tires for an EV may be more expensive than those for a gas-powered vehicle of the same size. That's because EVs tend to be heavier than their gas-fueled counterparts, so they require sturdier tires. And with comparatively quiet engines, they need tires that don't generate as much road noise."

But Gil Tal, director of the Electric Vehicle Research Center at UC Davis, also pointed out to the Times that today's tires are just much better and more durable than they used to be: And because federal regulations require new cars to have tire pressure indicators, he said, drivers are alerted as soon as their tires need air. "In most cases, flat tires ... are the outcome of long low-pressure driving," he said. "And if you drive a modern car, it will tell you [that] you have low pressure long before you get into the catastrophic failure" of a flat.
So what are car manufacturers doing now? According to the article...

• Some manufacturers swap in inflatable spares that take up just a third of the space.

• Some cars ship with puncture kits since, the article points out, many people don't know how to change a tire anyways, and will probably just call a tow truck. "For these drivers, carmakers may safely assume that a can of Fix-a-Flat will be more useful..." (Others like Tesla and GM offer roadside assistance programs.)

Some car manufacturers are also using self-sealing or run-flat tires — but Wardle tells the Times these are "good if it is just a puncture from a nail but useless if you hit a pothole and split the rim and sidewall."

To one-up Valve's Steam Deck, Lenovo's handheld gaming device, the "Legion Go," will have "Switch-style detachable controllers," reports Ars Technica" The Legion Go wouldn't be the very first portable PC gaming device with removable controllers; the crowd-funded OneXplayer sported a similar design last year, for instance. But few other PC-based portables have similarly mimicked the Switch Joy-cons in their ability to slide smoothly off from the main screen of the system for detached play.

Combined with a nice, wide kickstand shown in the leaked images, you should be able to give your arms a rest by setting the bulky-looking Legion Go's screen on a tabletop. The slide-off controls also mean you don't need to purchase and/or drag out a separate controller when docking the device to a TV or monitor (which we assume will be a main use case of the device's two USB-C ports). And completely detachable controls for each hand means you can keep your hands as far apart as you want while you hold each "half-controller" separately (one of our favorite unique use cases on the Switch)... The Legion Go also reportedly sports an 8-inch diagonal screen, which is 1 inch larger than Valve's and ROG's devices.

The Legion Go leaks come just months after Lenovo abandoned its button- and cooler-packed Legion line of Android-based gaming phones as part of what it said was a "gaming portfolio consolidation." The Windows 11-based Legion Go — which Windows Central says will be based on AMD's Phoenix processors — should have the high-end PC gaming support that the Legion phones lacked, as well as a more market-proven form factor.
Windows Report believes Lenovo "is preparing to launch an entire gaming ecosystem alongside the Legion Go."

"Among the accessories is a new pair of Legion AR glasses specifically tweaked for gaming." Based on the images we have, the glasses should be small enough to wear through long gaming sessions, with only one USB cable connecting them to any device (most likely for power, which means no standalone battery). The Legion AR Glasess could also feature a high refresh rate and other gaming-specific features, as the Legion branding implies they're made specifically for that...

Remember when your email address came from your ISP?

Now the cost for small companies to offer email service "has gone up in server and administration costs," reports the Guardian, "without the economies of scale." But in Australia, this has created a problem for people like the Canberra-based customer of iiNet who's had the same email address since the 1990s... TPG — which owns brands that have historically offered email including iiNet all the way back to OzEmail — informed customers in July that it would migrate their email to a separate private service, the Messaging Company, by the end of November. Users will keep their exisiting email addresses on this service, and would get it free for the first year. After that, there will be options of paying for a service, or an ad-based free service after that. The amount to be charged from next year has not yet been decided.

The announcement was met with outrage among users of the long-running web forum Whirlpool. "It's a shitty move. My wife has never set up a Gmail or Yahoo and only ever used her iiNet email address for her business as well as personal. This screws us royally," one user said.

"Us oldies couldn't start out using Gmail etc because they weren't in existence 25 years ago," another said.

"It's a nightmare trying to change logins at many places...."

The other factor is the increasing security risk. Legacy systems, particularly those managed under a variety of absorbed companies, as with TPG, can over time become more at risk of a cybersecurity attack or breach. External providers who offer this service either in place of, or on behalf of the internet service provider are becoming seen as the more secure option....

The Australian Communications Consumer Action Network chief executive, Andrew Williams, says that ultimately internet providers getting out of the email game is a good thing because it means customers don't feel locked into one internet company...

With the rise in data breaches, and the avalanche of spam and scams, the shift offers people the opportunity of a clean email slate, according to Andrew Williams, of the Australian Communications Consumer Action Network.

Thursday a Cruise robotaxi drove through a green light in front of an oncoming firetruck "with its forward facing red lights and siren on, the San Francisco Police Department said in a statement to Reuters." The San Francisco Chronicle adds that the Cruise vehicle's passenger "passenger was treated on the scene and shared taken in an ambulance to a hospital, though the company said the injuries were 'non-severe.' The company added in an email to the Chronicle that the passenger was on the scene walking around and talking to emergency responders before being taken to the hospital."

By Friday California's Department of Motor Vehicles said it was investigating the "concerning incidents," according to TechCrunch. But it adds that the AV-regulating agency also "called for Cruise to reduce its fleet by 50% and have no more than 50 driverless vehicles in operation during the day and 150 driverless vehicles in operation at night until the investigation is complete. Cruise told TechCrunch it is complying with the request. Cruise also issued a blog post giving the company's perspective of how and why the crash occurred.
Cruise's blog post points out the firetruck was unexpectedly in the oncoming lane of traffic that night. But meanwhile, elsewhere in the city... The same night, a Cruise car collided with another vehicle at 26th and Mission streets. The company said another driverless car, which had no passengers, entered the intersection on a green light when another car ran a red light at high speed. The driverless car detected the other car and braked, according to Cruise, but the two cars still collided...

The collisions came a day after city officials asked state regulators to halt their approval of robotaxi companies' unrestricted commercial expansion in the city, citing concerns about how the robotaxis' behavior impacts emergency responders.
Last weekend Cruise was also criticized after "as many as 10 Cruise driverless taxis blocked two narrow streets," reports the Los Angeles Times: Human-driven cars sat stuck behind and in between the robotaxis, which might as well have been boulders: no one knew how to move them.... The cars sat motionless with parking lights flashing for 15 minutes, then woke up and moved on, witnesses said.
Cruise "blamed cellphone carriers for the problem," according to the article — arguing that a music festival overloaded the cellphone network they used to communicate with their vehicles.

Thanks to Slashdot reader jjslash for sharing the story.

An anonymous reader quotes a report from TorrentFreak: Founded in 2011, AnonFiles.com became known as a popular hosting service that allowed users to share files up to 20GB without download restrictions. As the name suggests, registering an account wasn't required either; both up and downloading files was totally anonymous. The same also applies to BayFiles.com, an affiliated file-hosting service that was launched by The Pirate Bay. Both sites launched around the same time and shared a similar design and identical features. Both sites had millions of visitors but AnonFiles stood out with over 18 million visitors a month. This popularity didn't go unnoticed by rightsholders, who repeatedly flagged AnonFiles as a "notorious" pirate site.

Rightsholders and law enforcement authorities were not the only ones unhappy with the illegal content posted to the site. For AnonFiles' operators, it caused major problems too. The current owners purchased the site two years ago but didn't expect the abuse to be so massive that the only option would be to shut it down. According to a goodbye message posted on the site, they simply can't continue. "After trying endlessly for two years to run a file sharing site with user anonymity, we have been tired of handling the extreme volumes of people abusing it and the headaches it has created for us."

The operators tried to contain the abuse by setting up all sorts of automated filters and filename restrictions, taking thousands of false positives for granted, but that didn't help much. With tens of millions of uploads and petabytes of data, no anti-abuse measure was sufficient. And when the site's proxy service pulled the plug a few days ago, AnonFiles decided to call it quits. "We have auto banned contents of hundreds of thousands files. Banned file names and also banned specific usage patterns connected to abusive material," the AnonFiles team writes. "Even after all this the high volume of abuse will not stop. This is not the kind of work we imagine when acquiring it and recently our proxy provider shut us down. This can not continue." The current owners have invited others to buy the domain name and give it a shot themselves.

Researchers at Georgia Tech have developed a prototype pipeline for the Defense Advanced Research Projects Agency (DARPA) that can "distill" binary executables into human-intelligible code so that it can be updated and deployed in "weeks, days, or hours, in some cases." The work is part of a five-year, $10 million project with the agency. The Register reports: After running an executable through the university's "distillation" process, software engineers should be able to examine the generated HAR, figure out what the code does, and make changes to add new features, patch bugs, or improve security, and turn the HAR back into executable code, says GT associate professor and project participant Brendan Saltaformaggio. This would be useful for, say, updating complex software that was written by a contractor or internal team, the source code is no longer or never was to hand and neither are its creators, and stuff needs to be fixed up. Reverse engineering the binary and patching in an update by hand can be a little hairy, hence DARPA's desire for something a bit more solid and automatic. The idea is to use this pipeline to freshen up legacy or outdated software that may have taken years and millions of dollars to develop some time ago.

Saltaformaggio told El Reg his team has the entire process working from start to finish, and with some level of stability, too. "DARPA sets challenges they like to use to test the capabilities of a project," he told us over the phone. "So far we've handled every challenge problem DARPA's thrown at us, so I'd say it's working pretty well." Saltaformaggio said his team's pipeline disassembles binaries into a graph structure with pseudo-code, and presented in a way that developers can navigate, and replace or add parts in C and C++. Sorry, Java devs and Pythonistas: Saltaformaggio tells us that there's no reason the system couldn't work with other programming languages, "but we're focused on C and C++. Other folks would need to build out support for that." Along with being able to deconstruct, edit, and reconstruct binaries, the team said its processing pipeline is also able to comb through HARs and remove extraneous routines. The team has also, we're told, baked in verification steps to ensure changes made to code within hardware ranging from jets and drones to plain-old desktop computers work exactly as expected with no side effects.

The Mozilla Foundation has started a petition to stop the French government from forcing browsers like Mozilla's Firefox to censor websites. "It would set a dangerous precedent, providing a playbook for other governments to also turn browsers like Firefox into censorship tools," says the organization. "The government introduced the bill to parliament shortly before the summer break and is hoping to pass this as quickly and smoothly as possible; the bill has even been put on an accelerated procedure, with a vote to take place this fall." You can add your name to their petition here.

The bill in question is France's SREN Bill, which sets a precarious standard for digital freedoms by empowering the government to compile a list of websites to be blocked at the browser level. The Mozilla Foundation warns that this approach "is uncharted territory" and could give oppressive regimes an operational model that could undermine the effectiveness of censorship circumvention tools.

"Rather than mandate browser based blocking, we think the legislation should focus on improving the existing mechanisms already utilized by browsers -- services such as Safe Browsing and Smart Screen," says Mozilla. "The law should instead focus on establishing clear yet reasonable timelines under which major phishing protection systems should handle legitimate website inclusion requests from authorized government agencies. All such requests for inclusion should be based on a robust set of public criteria limited to phishing/scam websites, subject to independent review from experts, and contain judicial appellate mechanisms in case an inclusion request is rejected by a provider."

An anonymous reader quotes a report from Reuters: The Canadian government on Friday demanded that Meta lift a "reckless" ban on domestic news from its platforms to allow people to share information about wildfires in the west of the country. Meta started blocking news on its Facebook and Instagram platforms for all users in Canada this month in response to a new law requiring internet giants to pay for news articles. Some people fleeing wildfires in the remote northern town of Yellowknife have complained to domestic media that the ban prevented them from sharing important data about the fires.

"Meta's reckless choice to block news ... is hurting access to vital information on Facebook and Instagram," Heritage Minister Pascale St-Onge said in a social media post. "We are calling on them to reinstate news sharing today for the safety of Canadians facing this emergency. We need more news right now, not less," she said. Transport Minister Pablo Rodriguez earlier said the ban meant people did not have access to crucial information. Chris Bittle, a legislator for the ruling Liberal Party, complained on Thursday that "Meta's actions to block news are reckless and irresponsible." Ollie Williams, who runs Yellowknife's Cabin Radio digital radio station, told the Canadian Broadcasting Corp. that people were posting screen shots of information on Facebook since they could not share links to news feeds. A Meta spokesperson responded by saying that the company had activated the "Safety Check" feature on Facebook that allows users to mark that they are safe in the wake of a natural disaster or a crisis.

An anonymous reader quotes a report from BleepingComputer: Google has announced the first open-source quantum resilient FIDO2 security key implementation, which uses a unique ECC/Dilithium hybrid signature schema co-created with ETH Zurich. FIDO2 is the second major version of the Fast IDentity Online authentication standard, and FIDO2 keys are used for passwordless authentication and as a multi-factor authentication (MFA) element. Google explains that a quantum-resistant FIDO2 security key implementation is a crucial step towards ensuring safety and security as the advent of quantum computing approaches and developments in the field follow an accelerating trajectory.

To protect against quantum computers, a new hybrid algorithm was created by combining the established ECDSA algorithm with the Dilithium algorithm. Dilithium is a quantum-resistant cryptographic signature scheme that NIST included in its post-quantum cryptography standardization proposals, praising its strong security and excellent performance, making it suitable for use in a wide array of applications. This hybrid signature approach that blends classic and quantum-resistant features wasn't simple to manifest, Google says. Designing a Dilithium implementation that's compact enough for security keys was incredibly challenging. Its engineers, however, managed to develop a Rust-based implementation that only needs 20KB of memory, making the endeavor practically possible, while they also noted its high-performance potential.

The hybrid signature schema was first presented in a 2022 paper (PDF) and recently gained recognition at the ACNS (Applied Cryptography and Network Security) 2023, where it won the "best workshop paper" award. This new hybrid implementation is now part of the OpenSK, Google's open-source security keys implementation that supports the FIDO U2F and FIDO2 standards. The tech giant hopes that its proposal will be adopted by FIDO2 as a new standard and supported by major web browsers with large user bases. The firm calls the application of next-gen cryptography at the internet scale "a massive undertaking" and urges all stakeholders to move quickly to maintain good progress on that front.

Free and open software have transformed the tech industry. But we still have a lot to work out to make them healthy, equitable enterprises. From a report: When Xerox donated a new laser printer to MIT in 1980, the company couldn't have known that the machine would ignite a revolution. While the early decades of software development generally ran on a culture of open access, this new printer ran on inaccessible proprietary software, much to the horror of Richard M. Stallman, then a 27-year-old programmer at the university.

A few years later, Stallman released GNU, an operating system designed to be a free alternative to one of the dominant operating systems at the time: Unix. The free-software movement was born, with a simple premise: for the good of the world, all code should be open, without restriction or commercial intervention. Forty years later, tech companies are making billions on proprietary software, and much of the technology around us is inscrutable. But while Stallman's movement may look like a failed experiment, the free and open-source software movement is not only alive and well; it has become a keystone of the tech industry.