An anonymous reader shared this report from the Los Angeles Times: Los Angeles County has filed suit against the world's largest beverage companies — Coca-Cola and Pepsi — claiming the soda and drink makers lied to the public about the effectiveness of plastic recycling and, as a result, left county residents and ecosystems choking in discarded plastic... The Los Angeles County suit alleges — in a vein similar to that of [California attorney general] Bonta's suit against Exxon Mobil — that the global beverage companies misrepresented the environmental impact of their plastic bottles, "despite knowing that plastics cannot be readily disposed of without associated environmental impacts."

"Coke and Pepsi need to stop the deception and take responsibility for the plastic pollution problems" their products are causing, said Los Angeles County Board of Supervisors Chair Lindsey P. Horvath... Currently, just 9% of the world's plastics are recycled. The rest ends up being incinerated, sent to landfills, or discarded on the landscape, where they are often flushed into rivers or out to sea. At the same time, there is growing concern about the health and environmental consequences of microplastics — the bits of degraded plastic that slough off as the product ages, or is used, or washed. The tiny particles have been detected in every ecosystem on the planet that has been surveyed, as well as nearly every living organism examined... According to the county's statement, the two companies have consistently ranked as the world's "top plastic polluters...."

The beverage maker lawsuit was filed in Los Angeles Superior Court by County Counsel Dawyn R. Harrison on behalf of the people of the state of California... "The goal of this lawsuit is to stop the unfair and illegal conduct, to address the marketing practices that deceive consumers, and to force these businesses to change their practices to reduce the plastic pollution problem in the County and in California," Harrison said in a statement. "My office is committed to protecting the public from deceptive business practices and holding these companies accountable for their role in the plastic pollution crisis."

Five years ago remote workers were offered $10,0000 to move to Tulsa, Oklahoma for at least a year. Since then roughly 3,300 have accepted the offer, according to the New York TImes. [Alternate URL here.] But more importantly, now researchers are looking at the results: Their research, released this month, surveyed 1,248 people — including 411 who had participated in Tulsa Remote and others who were accepted but didn't move or weren't accepted but had applied to the program — and found that remote workers who moved to Tulsa saved an average of $25,000 more on annual housing costs than the group that was chosen but didn't move... Nearly three-quarters of participants who have completed the program are still living in Tulsa. The program brings them together for farm-to-table dinners, movie nights and local celebrity lectures to help build community, given that none have offices to commute to.
The article says every year the remote workers contribute $14.9 million in state income taxes and $5.8 million in sales taxes (more than offsetting the $33 million spent over the last five years). And additional benefits could be even greater. "We know that for every dollar we've spent on the incentive, there's been about a $13 return on that investment to the city," the program's managing director told Fortune — pointing out that the remote workers have an average salary of $100,000. (500 of the 3,300 even bought homes...)

The Tulsa-based George Kaiser Family Foundation — which provides the $10,000 awards — told the New York Times it will continue funding the program "so long as it demonstrates to be a community-enhancing opportunity." And with so much of the population now able to work remotely, the lead author on the latest study adds that "Every heartland mayor should pay attention to this..."

Millions of U.S. cellphone users could be vulnerable to Chinese government surveillance, warns a Washington Post columnist, "on the networks of at least three major U.S. carriers."

They cite six current or former senior U.S. officials, all of whom were briefed about the attack by the U.S. intelligence community. The Chinese hackers, who the United States believes are linked to Beijing's Ministry of State Security, have burrowed inside the private wiretapping and surveillance system that American telecom companies built for the exclusive use of U.S. federal law enforcement agencies — and the U.S. government believes they likely continue to have access to the system.... The U.S. government and the telecom companies that are dealing with the breach have said very little publicly about it since it was first detected in August, leaving the public to rely on details trickling out through leaks...

The so-called lawful-access system breached by the Salt Typhoon hackers was established by telecom carriers after the terrorist attacks of Sept. 11, 2001, to allow federal law enforcement officials to execute legal warrants for records of Americans' phone activity or to wiretap them in real time, depending on the warrant. Many of these cases are authorized under the Foreign Intelligence Surveillance Act (FISA), which is used to investigate foreign spying that involves contact with U.S. citizens. The system is also used for legal wiretaps related to domestic crimes.

It is unknown whether hackers were able to access records about classified wiretapping operations, which could compromise federal criminal investigations and U.S. intelligence operations around the world, multiple officials told me. But they confirmed the previous reporting that hackers were able to both listen in on phone calls and monitor text messages. "Right now, China has the ability to listen to any phone call in the United States, whether you are the president or a regular Joe, it makes no difference," one of the hack victims briefed by the FBI told me. "This has compromised the entire telecommunications infrastructure of this country."

The Wall Street Journal first reported on Oct. 5 that China-based hackers had penetrated the networks of U.S. telecom providers and might have penetrated the system that telecom companies operate to allow lawful access to wiretapping capabilities by federal agencies... [After releasing a short statement], the FBI notified 40 victims of Salt Typhoon, according to multiple officials. The FBI informed one person who had been compromised that the initial group of identified targets included six affiliated with the Trump campaign, this person said, and that the hackers had been monitoring them as recently as last week... "They had live audio from the president, from JD, from Jared," the person told me. "There were no device compromises, these were all real-time interceptions...." [T]he duration of the surveillance is believed to date back to last year.
Several officials told the columnist that the cyberattack also targetted senior U.S. government officials and top business leaders — and that even more compromised targets are being discovered. At this point, "Multiple officials briefed by the investigators told me the U.S. government does not know how many people were targeted, how many were actively surveilled, how long the Chinese hackers have been in the system, or how to get them out."

But the article does include this quote from U.S. Senate Intelligence Committee chairman Mark Warner. "It is much more serious and much worse than even what you all presume at this point."

One U.S. representative suggested Americans rely more on encrypted apps. The U.S. is already investigating — but while researching the article, the columnist writes, "The National Security Council declined to comment, and the FBI did not respond to a request for comment..." They end with this recommendation.

"If millions of Americans are vulnerable to Chinese surveillance, they have a right to know now."

"One technology critical to fighting climate change is lagging," reports the Washington Post, "thanks to a combination of high interest rates, rising costs, misinformation and the cycle of home construction. Adoption of heat pumps, one of the primary ways to cut emissions from buildings, has slowed in the United States and stalled in Europe, endangering the switch to clean energy.

"Heat pump investment in the United States has dropped by 4 percent in the past two years, even as sales of EVs have almost doubled, according to data from MIT and the Rhodium Group. In 13 European countries, heat pump sales dropped nearly in half in the first half of 2024, putting the European Union off-track for its climate goals." "Many many markets are falling," said Paul Kenny, the director general of the European Heat Pump Association. "It takes time to change people's minds about a heating system." Heat pumps — essentially air conditioners that can also work in reverse, heating a space as well as cooling it — are crucial to making buildings more climate-friendly. Around 60 percent of American homes are still heated with furnaces running on oil, natural gas, or even propane; to cut emissions from homes, all American houses and apartments will need to be powered by electricity...

In the United States, experts point to lags in construction, high interest rates, and general belt-tightening from inflation... [Cora Wyent, director of research for the electrification advocacy group Rewiring America] added, heat pumps are still growing as a share of overall heating systems, gaining ground on gas furnaces. In 2023, heat pumps made up 55 percent of all heating systems sold, while gas furnaces made up just 45 percent. "Heat pumps are continuing to increase their total market share," she said.

Homeowners may also run into trouble when trying to find contractors to install heat pumps. Barton James, the president and CEO of the Air Conditioning Contractors of America, says many contractors don't have training on how to properly install heat pumps; if they install them incorrectly, the ensuing problems can sour consumers on the technology... In the United States, low gas prices also make the economics of heat pumps more challenging. Gas is around three times cheaper than electricity — while heat pumps make up most of that ground with efficiency, they aren't the most cost-effective option for every household.
The Post also spoke to the manager for the carbon-free buildings team at the clean energy think tank RMI. They pointed out that heating systems need to be replaced roughly every 15 years — and the next cycle doesn't start until 2035.

The article concludes that "even with government policies and subsidies, many parts of the move to clean energy will require individual people to make changes to their lives. According to the International Energy Agency, the number of heat pumps will have to triple by 2030 to stay on track with climate goals. The only way to do that, experts say, is if incentives, personal beliefs, and technology all align."

The Washington Post reports that a former Etsy CEO remodeled their home into what's known as a passive house. It's "designed to be as energy efficient as possible, typically with top-notch insulation and a perfect seal that prevents outside air from penetrating the home; air flows in and out through filtration and exhaust systems only."

Their benefits include protection from pollution and pollen, noise insulation and a stable indoor temperature that minimizes energy needs. That translates to long-term savings on heating and cooling.

While the concept has been around for about 50 years, experts say that the United States is on the cusp of a passive house boom, driven by lowered costs, state-level energy code changes and a general greater awareness of — and desire for — more sustainable housing... Massachusetts — which alongside New York and Pennsylvania is one of the leading states in passive house adoption — has 272 passive house projects underway thanks to an incentive program, says Zack Semke [the director of the Passive House Accelerator, a group of industry professionals who aim to spread lessons in passive house building]. Consumer demand for passive houses is also increasing, says Michael Ingui, an architect in New York City and the founder of the Passive House Accelerator... The need to lower our energy footprint is so much more top-of-mind today than it was 10 years ago, Ingui says, and covid taught us about the importance of good ventilation and filtered fresh air. "People are searching for the healthiest house," he says, "and that's a passive house...."

These days, new passive houses are usually large, multifamily apartment buildings or high-end single-family homes. But that leaves out a large swath of homeowners in the middle. To widen passive house accessibility to include all types of people and their housing needs, we need better energy codes and even more policies and incentives, says In Cho, a sustainability architect, educator and a co-founder of the nonprofit Passive House for Everyone! Passive houses "can and should serve folks from all socioeconomic backgrounds," she says. Using a one-two punch of mandates for energy efficient buildings and greater awareness to the public, that increased demand for passive houses will lead to more supply, Cho says. And we're already seeing those changes in the market.

Take triple-pane windows, for example, which are higher performing and more insulating than their double-pane counterparts. Even just 10 to 20 years ago, the difference in price between the two was high enough to make triple-pane windows cost-prohibitive for a lot of people, Cho says. Over the years, as the benefits of higher performing windows became more well-known, and as cities and states changed their energy codes, more companies began producing better windows. Now they're basically at price parity, she says. If we keep pushing for greater awareness and further policy changes, it's possible that all of the components of passive house buildings could follow that trend.
"For large multifamily projects, we're already seeing price parity in some cases, Semke says...

"But as it stands, single-family passive houses are still likely to cost a margin more than non-passive houses, he says. This is because price parity is easier to achieve when working at larger scales, but also because many of the housing policies and incentives encouraging passive house buildings are geared toward these larger projects."

"AI-driven 0-day detection is here," argues a new blog post from ZeroPath, makers of a GitHub app that "detects, verifies, and issues pull requests for security vulnerabilities in your code."

They write that AI-assisted security research "has been quietly advancing" since early 2023, when researchers at the DARPA and ARPA-H's Artificial Intelligence Cyber Challenge demonstrated the first practical applications of LLM-powered vulnerability detection — with new advances continuing. "Since July 2024, ZeroPath's tool has uncovered critical zero-day vulnerabilities — including remote code execution, authentication bypasses, and insecure direct object references — in popular AI platforms and open-source projects." And they ultimately identified security flaws in projects owned by Netflix, Salesforce, and Hulu by "taking a novel approach combining deep program analysis with adversarial AI agents for validation. Our methodology has uncovered numerous critical vulnerabilities in production systems, including several that traditional Static Application Security Testing tools were ill-equipped to find..." TL;DR — most of these bugs are simple and could have been found with a code review from a security researcher or, in some cases, scanners. The historical issue, however, with automating the discovery of these bugs is that traditional SAST tools rely on pattern matching and predefined rules, and miss complex vulnerabilities that do not fit known patterns (i.e. business logic problems, broken authentication flaws, or non-traditional sinks such as from dependencies). They also generate a high rate of false positives.

The beauty of LLMs is that they can reduce ambiguity in most of the situations that caused scanners to be either unusable or produce few findings when mass-scanning open source repositories... To do this well, you need to combine deep program analysis with an adversarial agents that test the plausibility of vulnerabilties at each step. The solution ends up mirroring the traditional phases of a pentest — recon, analysis, exploitation (and remediation which is not mentioned in this post)...

AI-driven vulnerability detection is moving fast... What's intriguing is that many of these vulnerabilities are pretty straightforward — they could've been spotted with a solid code review or standard scanning tools. But conventional methods often miss them because they don't fit neatly into known patterns. That's where AI comes in, helping us catch issues that might slip through the cracks.
"Many vulnerabilities remain undisclosed due to ongoing remediation efforts or pending responsible disclosure processes," according to the blog post, which includes a pie chart showing the biggest categories of vulnerabilities found:

• 53%: Authorization flaws, including roken access control in API endpoints and unauthorized Redis access and configuration exposure. ("Impact: Unauthorized access, data leakage, and resource manipulation across tenant boundaries.")

• 26%: File operation issues, including directory traversal in configuration loading and unsafe file handling in upload features. ("Impact: Unauthorized file access, sensitive data exposure, and potential system compromise.")

• 16%: Code execution vulnerabilities, including command injection in file processing and unsanitized input in system commands. ("Impact: Remote code execution, system command execution, and potential full system compromise.")

The company's CIO/cofounder was "former Red Team at Tesla," according to the startup's profile at YCombinator, and earned over $100,000 as a bug-bounty hunter. (And another co-founded is a former Google security engineer.)

Thanks to Slashdot reader Mirnotoriety for sharing the article.

Former FTX executive Nishad Singh was ordered to forfeit $11 billion, reports CNBC — and is subject to three years of supervised release, making him "the fourth ex-employee of the collapsed crypto exchange to be punished."

But while he'd faced a maximum sentence of 75 years, he'll serve no time, according to this report from the Associated Press: Singh, the company's former engineering director, was sentenced in Manhattan by Judge Lewis A. Kaplan, who said his cooperation was "remarkable." The judge noted that Singh did not learn of the billions of dollars that were misappropriated from FTX customer accounts and investors until two months before the fraud unraveled... Singh, 29, testified a year ago at Bankman-Fried's trial, saying he was "blindsided and horrified" when he saw the extent of the fraud behind the once-celebrated and seemingly pioneering firm. At sentencing, Singh said he was "overwhelmed with remorse" for his role in the fraud. "I strayed so far from my values, and words can't express how sorry I am," he said....

The sentencing came a month after Caroline Ellison, another key witness at Bankman-Fried's trial and a former top executive in his cryptocurrency empire, was sentenced to two years in prison. At the time, Kaplan praised her cooperation but said it wasn't a get-out-of-jail-free card. On Wednesday, Kaplan drew a distinction between the cooperation by Ellison and Singh's work with prosecutors, saying Ellison had participated in the fraud "from the beginning" and had been aware of all the wrongdoing for years... [Defense attorney Andrew Goldstein] said leniency would encourage future cooperators in other criminal cases to come forward.

Assistant U.S. Attorney Nicolas Roos credited Singh with providing information within weeks of the fraud being publicly revealed, saying he helped prosecutors learn about crimes they might otherwise have never discovered, including his own. Roos said, for instance, that Singh told prosecutors about campaign finance violations that occurred as FTX executives made tens of millions of dollars in donations to political candidates. The prosecutor also said Singh revealed private conversations with Bankman-Fried that strengthened the government's case and enabled it to bring charges more quickly against multiple people. Singh gave prosecutors "documentary evidence the government did not have and likely never would have had," Roos said.
Bankman-Fried, of course, began a 25-year sentence last November. And three weeks ago FTX executive Ryan Salame made an update on his LinkedIn profile. "I'm happy to share that I'm starting a new position as Inmate at FCI Cumberland!"

"His post quickly went viral," notes CNN, "prompting Salame to joke on X: "Today I learned people still use LinkedIn."

The Washington Post reports that America's Consumer Financial Protection Bureau (or CFPB) "is considering legal action against Meta over allegations that it improperly used financial data obtained from third parties in its highly-lucrative advertising business..."

The article says a Meta securities filing Thursday revealed it had received a formal notification about the federal investigation last month. The filing said only that the inquiry relates to "advertising for financial products and services on our platform." A spokesperson for Meta declined to comment on the investigation. "We disagree with the claims," the company's filing said, "and believe an enforcement action is unwarranted...."

The CFPB's probe underscores its aggressive recent focus on Big Tech. In recent years, major companies including Apple, Amazon, Facebook and Google have launched a wave of new financial services, including credit cards and apps that help users send money to friends... Under its current director, Rohit Chopra, the CFPB has also sought to ensure that tech giants adhere to the same safeguards that have long applied to their brick-and-mortar banking predecessors. The bureau formalized its tech crackdown in 2021, when Chopra ordered companies including Facebook to turn over records related to their payment apps and other financial service offerings.

At the time, he expressed fear that these giants already possessed troves of customer data and could solidify their dominance if they gained greater insight into users' purchasing and spending habits. "This data can be monetized by companies that seek to profit from behavioral targeting, particularly around advertising and e-commerce," Chopra said in a statement announcing the review. "That many Big Tech companies aspire to grow in this space only heightens these concerns." Since then, the watchdog agency has proposed new rules that could treat Apple, Google and PayPal-owned Venmo more like banks, opening the door for federal regulators to inspect some of their operations in a bid to protect users' deposits.

The rules, which have not been finalized, have sparked fierce lobbying opposition from major tech companies.

While Amazon, Google, and other companies build new data centers — sometimes for their AI projects — parts of America "are facing higher electric bills," reports the Washington Post: The facilities' extraordinary demand for electricity to power and cool computers inside can drive up the price local utilities pay for energy and require significant improvements to electric grid transmission systems. As a result, costs have already begun going up for customers — or are about to in the near future, according to utility planning documents and energy industry analysts. Some regulators are concerned that the tech companies aren't paying their fair share, while leaving customers from homeowners to small businesses on the hook. In Oregon, electric utilities are warning regulators that consumers need protections from rising rates caused by data centers. From Virginia to Ohio and South Carolina, companies are battling over the extent of their responsibility for increases, attempting to fend off anger from customers. In the Mid-Atlantic, the regional power grid's energy costs shot up dramatically, and data centers are cited as among root causes of rate increases of up to 20 percent expected in 2025...

The tech firms and several of the power companies serving them strongly deny they are burdening others. They say higher utility bills are paying for overdue improvements to the power grid that benefit all customers. In some cases, they said in response to criticism from consumer and business advocates that they are committed to covering additional costs. But regulators — and even some utilities — are growing skeptical.

A jarring example of fallout on consumers is playing out on the Mid-Atlantic regional power grid, called PJM Interconnection, which serves 13 states and D.C. The recent auction to secure power for the grid during periods of extreme weather and high demand resulted in an 800 percent jump in the price that the grid's member utilities had to pay. The impact will be felt by millions by the spring, according to public records. Power bills will increase as much as 20 percent for customers of a dozen utilities in Maryland, Ohio, Pennsylvania, New Jersey and West Virginia, regulatory filings show. That includes households in the Baltimore area, where annual bills will increase an average of $192, said Maryland People's Counsel David Lapp, a state appointee who monitors utilities. The next auction, in 2025, could be more painful, Lapp said, leaving customers potentially "looking at increases of as much as $40 to $50 a month...."

Advocates cite another source of cost-shifting onto consumers: discounted rates that power companies and local government officials use to entice tech companies to build data centers... Google worked out a deal with Dominion Energy, blessed by regulators, to pay 6 cents per kilowatt hour for its power. That is less than half of what residential customers pay, as well as substantially less than is paid by businesses...
The article points out that in Pennsylvania, "Amazon's novel plan to fuel a data center from a reactor at the nearby Susquehanna nuclear plant is now in jeopardy, after regulators blocked it Friday. They cited potential impact on consumers as among their concerns. The plan threatens to leave other ratepayers stuck with a bill of $50 million to $140 million, according to testimony from [power utility] AEP and utility conglomerate Exelon."

And meanwhile, one Virginia retiree complained about a proposed $54 million transmission line and substation for an Amazon data center. "They are already making money hand over fist, and now they want us to pay for this?

In 1896 the Dow Jones Industrial Average (or DJIA) was created as a kind of proxy indicator for the wider stock market. "A stock is typically added only if the company has an excellent reputation, demonstrates sustained growth and is of interest to a large number of investors," according to a source cited by Yahoo Finance. Its mix of stocks might be informally considered a sign of the times, since it's made up of 30 stocks that according to Wikipedia have been changed only 57 times over the last 128 years.

Wait — make that 58.... CNBC reports that NVIDIA is replacing Intel in the DJIA, "a shakeup to the blue-chip index that reflects the boom in AI and a major shift in the semiconductor industry." Companies including Microsoft, Meta, Google and Amazon are purchasing Nvidia's GPUs, such as the H100, in massive quantities to build clusters of computers for their AI work. Nvidia's revenue has more than doubled in each of the past five quarters, and has at least tripled in three of them. The company has sginaled that demand for its next-generation AI GPU called Blackwell is "insane...."

While Nvidia has been soaring, Intel has been slumping. Long the dominant maker of PC chips, Intel has lost market share to Advanced Micro Devices and has made very little headway in AI. Intel shares have fallen by more than half this year as the company struggles with manufacturing challenges and new competition for its central processors. Intel said in a filing this week that the board's audit and finance committee approved cost and capital reduction activities, including lowering head count by 16,500 employees and reducing its real estate footprint. The job cuts were originally announced in August."
The DJIA will now include four of six tech companies worth $1 trillion — Apple, Microsoft, NVIDIA, and Amazon (which joined in February, replacing the owners of the Walgreens pharmacy chain). The other two trillion-dollar tech companies (not included in the DJIA) are Meta and Alphabet.

Adding NVIDIA to the DJIA will ensure "more representative exposure to the semiconductors industry" within the average, the index's curators told the Washington Post.

And also leaving the DJIA is power-generation company AES (which according to CNBC had a power mix of 54% renewables, 27% natural gas, 17% coal). It will be replaced by Vistra, defined by Wikipedia as America's largest competitive power generator, "with a capacity of approximately 39GW powered by a diverse portfolio including natural gas, nuclear, solar, and battery energy storage facilities." In the 2020 Forbes Global 2000, Vistra Energy was ranked as the 756th-largest public company in the world. The company owns the Moss Landing Power Plant in California which currently (2021) contains the largest battery energy storage system in the world (400-MW/1,600-MWh). As of 2020, the company was ranked as the highest CO2 emitter in the U.S.

The free face-image search engine PimEyes "scans through billions of images from the internet and finds matches of your photo that could have appeared in a church bulletin or a wedding photographer's website," -us/news/technology/they-made-a-public-rolodex-of-our-faces-here-s-how-i-tried-to-get-out/ar-AA1tlpPuwrites a Washington Post columnist.

So to find and delete themselves from "the PimEyes searchable Rolodex of faces," they "recently handed over a selfie and a digital copy of my driver's license to a company I don't trust." PimEyes says it empowers people to find their online images and try to get unwanted ones taken down. But PimEyes face searches are largely open to anyone with either good or malicious intent. People have used PimEyes to identify participants in the Jan. 6, 2021, attack on the Capitol, and creeps have used it to publicize strangers' personal information from just their image.

The company offers an opt-out form to remove your face from PimEyes searches. I did it and resented spending time and providing even more personal information to remove myself from the PimEyes repository, which we didn't consent to be part of in the first place. The increasing ease of potentially identifying your name, work history, children's school, home address and other sensitive information from one photo shows the absurdity of America's largely unrestrained data-harvesting economy.
While PimEyes' CEO said they don't keep the information you provide to opt-out, "you give PimEyes at least one photo of yourself plus a digital copy of a passport or ID with personal details obscured..." according to the article. (PimEyes' confirmation email "said I might need to repeat the opt-out with more photos...") Some digital privacy experts said it's worth opting out of PimEyes, even if it's imperfect, and that PimEyes probably legitimately needs a personal photo and proof of identity for the process. Others found it "absurd" to provide more information to PimEyes... or they weren't sure opting out was the best choice... Experts said the fundamental problem is how much information is harvested and accessible without your knowledge or consent from your phone, home speakers, your car and information-organizing middlemen like PimEyes and data brokers.

Nathan Freed Wessler, an American Civil Liberties Union attorney focused on privacy litigation, said laws need to change the assumption that companies can collect almost anything about you or your face unless you go through endless opt-outs. "These systems are scary and abusive," he said. "If they're going to exist, they should be based on an opt-in system."

An anonymous reader shared this report from the Washington Post: A few weeks ago, analysts at a specialized technological lab put a microchip from China under a powerful microscope. Something didn't look right... The microscopic proof was there that a chunk of the electronic components from Chinese high-tech champion Huawei Technologies had been produced by the world's most advanced chipmaker, Taiwan Semiconductor Manufacturing Company.

That was a problem because two U.S. administrations in succession had taken actions to assure that didn't happen. The news of the breach of U.S. export controls, first reported in October by the tech news site the Information, has sent a wave of concern through Washington... The chips were routed to Huawei through Sophgo Technologies, the AI venture of a Chinese cryptocurrency billionaire, according to two people familiar with the matter, speaking on the condition of anonymity to discuss a sensitive topic... "It raises some fundamental questions about how well we can actually enforce these rules," said Emily Kilcrease, a senior fellow at the Center for a New American Security in Washington... Taiwan's Ministry of Economic Affairs confirmed that TSMC recently halted shipments to a "certain customer" and notified the United States after suspecting that customer might have directed its products to Huawei...

There's been much intrigue in recent days in the industry over how the crypto billionaire's TSMC-made chips reportedly ended up at Huawei. Critics accuse Sophgo of working to help Huawei evade the export controls, but it is also possible that they were sold through an intermediary, which would align with Sophgo's denial of having any business relationship with Huawei... While export controls are often hard to enforce, semiconductors are especially hard to manage due to the large and open nature of the global chip trade. Since the Biden administration implemented sweeping controls in 2022, there have been reports of widespread chip smuggling and semiconductor black markets allowing Chinese companies to access necessary chips...

Paul Triolo, technology policy lead at Albright Stonebridge Group, said companies were trying to figure out what lengths they had to go to for due diligence: "The guidelines are murky."

An anonymous Slashdot reader shared this report from CNBC: Threads now has nearly 275 million monthly users, CEO Mark Zuckerberg said Wednesday. "We continue to be on track towards this becoming our next major social app," Zuckerberg said on a call with analysts, adding that he was "quite pleased" with the trajectory of the app.

The latest numbers indicate Threads is up 175% from a year ago when it reached 100 million users... The app is now signing up more than 1 million users per day, Zuckerberg also said on Wednesday. X remains ahead of Threads in terms of users, but not by much. Musk's social media app now has roughly 318 million monthly users, according to an estimate by market intelligence firm Sensor Tower. That's down 24% since Musk completed his acquisition of the company in October 2022, according to Sensor Tower.
The news also drew a reaction from ActivityPub/Activity Streams 2.0 co-author Evan Prodromou, who pointed out that the 275 million monthly active users is up from the 200 million reported just 13 weeks ago at the end of July.

"And most of them have access to the Fediverse. With more, hopefully, getting access soon."

Disney's recently formed Office of Technology Enablement will coordinate the company's exploration, adoption and use of artificial intelligence, AR and VR tech. Engadget reports: It has tapped Jamie Voris, previously the CTO of its Studios Technology division, to oversee the effort. Before joining Disney in 2010, Voris was the chief technology officer at the National Football League. More recently, he led the development of the company's Apple Vision Pro app. Voris will report to Alan Bergman, the co-chairman of Disney Entertainment. Reuters reports the company eventually plans to grow the group to about 100 employees.

"The pace and scope of advances in AI and XR are profound and will continue to impact consumer experiences, creative endeavors, and our business for years to come -- making it critical that Disney explore the exciting opportunities and navigate the potential risks," Bergman wrote in an email Disney shared with Engadget. "The creation of this new group underscores our dedication to doing that and to being a positive force in shaping responsible use and best practices."

A Disney spokesperson told Engadget the Office of Technology Enablement won't take over any existing AI and XR projects at the company. Instead, it will support Disney's other teams, many of which are already working on products that involve those technologies, to ensure their work fits into the company's broader strategic goals. "It is about bringing added focus, alignment, and velocity to those efforts, and about reinforcing our commitment being a positive force in shaping responsible use and best practices," the spokesperson said.

Intel is rolling back one of the biggest changes to its laptop chips in years. The Verge: Remember how this fall's Lunar Lake laptops ditched the idea of memory sticks, putting a fixed amount of RAM on the processor package instead? Intel CEO Pat Gelsinger now says that turned out to be a financial mistake, and Intel won't do it again. Oh, and he may be axing desktop GPUs, too. Future Intel generations of chips, including Panther Lake and Nova Lake, won't have baked-on memory. "It's not a good way to run the business, so it really is for us a one-off with Lunar Lake," said Gelsinger on Intel's Q3 2024 earnings call, as spotted by VideoCardz.

Corporate resistance to AI tools is costing employees six hours per week in manual tasks that could be automated, according to research by recruitment firm SThree. Sixty-three percent of workers blame management's "digital illiteracy" for slow AI adoption, despite major companies rushing to tout AI initiatives since ChatGPT's launch. A 2023 tech.io study found two-thirds of business leaders barely use AI tools due to limited understanding.

Three months ago, Wall Street punished the world's largest technology firms for spending enormous amounts to develop artificial intelligence, only to deliver results that failed to justify the costs. Silicon Valley's response this quarter? Plans to invest even more. Bloomberg: The capital expenditures of the four largest internet and software companies -- Amazon, Microsoft, Meta and Alphabet -- are set to total well over $200 billion this year, a record sum for the profligate collective.

Executives from each company warned investors this week that their splurge will continue next year, or even ramp up. The spree underscores the extreme costs and resources consumed from the worldwide boom in AI ignited by the arrival of ChatGPT. Tech giants are racing to secure the scarce high-end chips and build the sprawling data centers the technology demands. To do so, the companies have cut deals with energy providers to power these facilities, even reviving a notorious nuclear plant.

An anonymous reader quotes a report from The Guardian: The cost of cleaning up Sellafield is expected to spiral to 136 billion pounds ($175 billion USD) and Europe's biggest nuclear waste dump cannot show how it offers taxpayers value for money, the public spending watchdog has said. Projects to fix buildings containing hazardous and radioactive material at the state-owned site on the Cumbrian coast are running years late and over budget. Sellafield's spending is so vast -- with costs of more than 2.7 billion pounds a year -- that it is causing tension with the Treasury, the report from the National Audit Office (NAO) suggests. Officials from finance ministry told the NAO it was "not always clear" how Sellafield made decisions, the report reveals. Criticisms of its costs and processes come as the chancellor, Rachel Reeves, prepares to plug a hole of about 40 billion pounds in her maiden budget. Gareth Davies, the head of the NAO, said: "Despite progress achieved since the NAO last reported, I cannot conclude Sellafield is achieving value for money yet, as large projects are being delivered later than planned and at higher cost, alongside slower progress in reducing multiple risks."

He added: "Continued underperformance will mean the cost of decommissioning will increase considerably, and 'intolerable risks' will persist for longer."

David Peattie, the NDA's chief executive, said: "Sellafield is one of the most complex environmental programs in the world. We're proud of our workforce and achievements being made, including the unprecedented retrieval of legacy waste from all four highest hazard facilities. But as the NAO rightly points out there is still more to be done. This includes better demonstrating we are delivering value for money and the wider significant societal and economic benefits through jobs, the supply chain and community investments."

An anonymous reader quotes a report from SFGATE: If you've recently been laid off and have started the arduous process of looking for a new job, you've probably seen them on networking platforms like LinkedIn: postings for roles that are 30 days old, maybe more, with suspiciously wide salary ranges. They usually have hundreds, or even thousands, of hopeful applicants vying for the same position, but if you do a quick cross-check and notice that the role isn't posted on the company's actual website -- or any of their social media pages -- you should probably stop drafting that cover letter, because it's possible they're not hiring at all. "Ghost jobs," or ads for positions that aren't actually open, are a common phenomenon in the tech industry, which has been plagued by layoffs and budget cuts over recent years. As unemployed workers struggle to regain their footing, recruiters and career coaches who spoke with SFGATE warned that these fake jobs posted by real companies serve multiple, sometimes insidious purposes.

According to a 2024 survey from MyPerfectResume, 81% of recruiters admitted to posting ads for positions that were fake or already filled. While some respondents said employers did it to maintain a presence on job boards and build a talent pool, it's also used to commit psychological warfare: 25% said ghost jobs helped companies gauge how replaceable their employees were, while 23% said it helped make the company appear more stable during a hiring freeze. Another damning 2024 report from Resume Builder said that 62% companies posted them specifically to make their employees feel replaceable. They also made ads to "trick overworked employees" into believing that more people would be brought on to alleviate their overwhelming workload.

After interviewing 1,641 hiring managers, Resume Builder researchers found that 40% of employers posted fake job listings in 2024, and that three in 10 currently had ghost jobs listed. The idea to post them mostly trickled down from HR, followed by senior management and executives, their June 2024 article continued. Though the listings were posted on multiple hiring platforms, the majority of them appeared on LinkedIn and the companies' websites. Evidence suggests this trend is taking hold throughout the Bay Area, too. A collaborative document circulating online reveals a growing list of employers accused of posting ghost jobs. Many of them, it turns out, are tech companies with offices based in California.

An anonymous reader quotes a report from Ars Technica: More than 500 Amazon workers reportedly signed a letter to Amazon Web Services' (AWS) CEO this week, sharing their outrage over Amazon's upcoming return-to-office (RTO) policy that will force workers into offices five days per week. In September, Amazon announced that starting in 2025, workers will no longer be allowed to work remotely twice a week. At the time, Amazon CEO Andy Jassy said the move would make it easier for workers "to learn, model, practice, and strengthen our culture." Reuters reported today that it viewed a letter from a swath of workers sent to AWS chief Matt Garman on Wednesday regarding claims he reportedly made during an all-hands meeting this month. Garman reportedly told attendees that 9 out of 10 employees he spoke with support the five-day in-office work policy. The letter called the statements "inconsistent with the experiences of many employees" and "misrepresenting the realities of working at Amazon," Reuters reported. "We were appalled to hear the non-data-driven explanation you gave for Amazon imposing a five-day in-office mandate,'" the letter reportedly stated. [...]

In the letter, hundreds of Amazon workers reportedly lamented what they believe was a lack of third-party data shared in making the RTO policy. It said that Garman's statements "break the trust of your employees who have not only personal experience that shows the benefits of remote work but have seen the extensive data which supports that experience." The letter included stories from 12 anonymous employees about medical, familial, and other challenges that the new RTO policy could create. The letter also reportedly pointed out the obstacles that a five-day in-office work policy has on groups of protected workers, like those providing childcare. The new policy will not align with Amazon's "'Strive to be Earth's Best Employer' leadership principle,'" the letter said. In a statement, an Amazon spokesperson told Reuters that Amazon's benefits include commuter benefits, elder care, and subsidized parking fees.