An anonymous reader quotes a report from Ars Technica: Silicon Valley's AI talent war just reached a compensation milestone that makes even the most legendary scientific achievements of the past look financially modest. When Meta recently offered AI researcher Matt Deitke $250 million over four years (an average of $62.5 million per year)—with potentially $100 million in the first year alone -- it shattered every historical precedent for scientific and technical compensation we can find on record. [Meta CEO Mark Zuckerberg reportedly also offered an unnamed AI engineer $1 billion in compensation to be paid out over several years.] That includes salaries during the development of major scientific milestones of the 20th century. [...]

To put these salaries in a historical perspective: J. Robert Oppenheimer, who led the Manhattan Project that ended World War II, earned approximately $10,000 per year in 1943. Adjusted for inflation using the US Government's CPI Inflation Calculator, that's about $190,865 in today's dollars -- roughly what a senior software engineer makes today. The 24-year-old Deitke, who recently dropped out of a PhD program, will earn approximately 327 times what Oppenheimer made while developing the atomic bomb. [...] The Apollo program offers another striking comparison. Neil Armstrong, the first human to walk on the moon, earned about $27,000 annually -- roughly $244,639 in today's money. His crewmates Buzz Aldrin and Michael Collins made even less, earning the equivalent of $168,737 and $155,373, respectively, in today's dollars. Current NASA astronauts earn between $104,898 and $161,141 per year. Meta's AI researcher will make more in three days than Armstrong made in a year for taking "one giant leap for mankind." The report notes that the sums being offered to some of these AI researchers top even the most popular sports athletes. "The New York Times noted that Steph Curry's most recent four-year contract with the Golden State Warriors was $35 million less than Deitke's Meta deal (although soccer superstar Cristiano Ronaldo will make $275 million this year as the highest-paid professional athlete in the world)," reports Ars.

Longtime Slashdot reader Mr_Blank shares a report from Autoblog: Once a new OTA update becomes available, owners of GM vehicles have 45 days to install the update. After this date, the company will not cover any damages or issues that are caused by ignoring the update. "Damage resulting from failure to install over-the-air software updates is not covered," states the warranty booklet for 2025 and 2026 models.

This same rule applies to all GM's brands in the USA: Chevrolet, Buick, Cadillac, and GMC. However, if the software update itself causes any component damage, that will be covered by the warranty. Owners coming from older GM vehicles will have to adapt as the company continues to implement its Global B electronic architecture on newer models, which relies heavily on OTA updates. Similar policies appear in the owner's manual for Tesla. Software-defined vehicles are here to stay, even if some of them have far more tech glitches than they should -- just ask Volvo.

Palantir has secured a massive $10 billion contract with the U.S. Army to unify 75 contracts into a single AI-focused enterprise framework, streamlining procurement and enhancing military readiness. CNBC reports: The agreement creates a "comprehensive framework for the Army's future software and data needs" that provides the government with purchasing flexibility and removes contract-related fees and procurement timelines, according to a release. Palantir co-founder and CEO Alex Karp has been a vocal proponent of protecting U.S. interests and joining forces on AI to fend off adversaries.

Earlier this year, Palantir delivered its first two AI-powered systems in its $178 million contract with the U.S. Army. In May, the Department of Defense boosted its Maven Smart Systems contract to beef up AI capabilities by $795 million.

The SEC has launched "Project Crypto" to overhaul outdated securities regulations for a blockchain-based future, aiming to support tokenized assets, crypto trading, and "super apps."

"To achieve President Trump's vision of making America the crypto capital of the world, the SEC must holistically consider the potential benefits and risks of moving our markets from an off-chain environment to an on-chain one," SEC chair Paul Atkins said at the "American Leadership in the Digital Finance Revolution" conference on Thursday. "I have directed the Commission staff to update antiquated agency rules and regulations to unleash the potential of on-chain software systems in our securities markets ... Federal securities laws have always assumed the involvement of intermediaries that require regulation, but this does not mean that we should interpose intermediaries for the sake of forcing intermediation where the markets can function without them." CNBC reports: Atkins, the SEC chair, highlighted "super apps" (such as one Coinbase introduced two weeks ago) as a priority of his chairmanship, noting the need to allow the apps to thrive with an "efficient licensing structure," rather than subject to multiple regulatory authorities.

So-called super apps like WeChat and Alipay -- which bundle several different services and functionalities into a single mobile app -- have long been viewed as the holy grail of financial technology by the industry. They're central to everyday life in China but haven't been successfully replicated in the West. Meta Platforms and X have made attempts to realize that vision, integrating payments, messaging and social content, among other functions.

Atkins also said the Trump administration will work to prevent "innovative" companies from being driven offshore by burdensome regulations, and said the SEC "will encourage our nation's builders rather than constrain them with red tape and one-size-fits-all rules."

CISA has publicly released Thorium, a powerful open-source platform developed with Sandia National Labs that automates malware and forensic analysis at massive scale. According to BleepingComputer, the platform can "schedule over 1,700 jobs per second and ingest over 10 million files per hour per permission group." From the report: Security teams can use Thorium for automating and speeding up various file analysis workflows, including but not limited to:

- Easily import and export tools to facilitate sharing across cyber defense teams,
- Integrate command-line tools as Docker images, including open-source, commercial, and custom software,
- Filter results using tags and full-text search,
- Control access to submissions, tools, and results with strict group-based permissions,
- Scale with Kubernetes and ScyllaDB to meet workload demands.

Defenders can find installation instructions and get their own copy of Thorium from CISA's official GitHub repository.

A software developer who built his own home server in response to Amazon's removal of Kindle book downloads now argues that self-hosting "is NOT the future we should be fighting for." Drew Lyton constructed a home server running open-source alternatives to Google Drive, Google Photos, Audible, Kindle, and Netflix after Amazon announced that "Kindle users would no longer be able to download and back up their book libraries to their computers."

The change prompted Amazon to update Kindle store language to say "users are purchasing licenses -- not books." Lyton's setup involved a Lenovo P520 with 128GB RAM, multiple hard drives, and Docker containers running applications like Immich for photo storage and Jellyfin for media streaming. The technical complexity required "138 words to describe but took me the better part of two weeks to actually do."

The implementation was successful but Lyton concluded that self-hosting "assumes isolated, independent systems are virtuous. But in reality, this simply makes them hugely inconvenient." He proposes "publicly funded, accessible, at cost cloud-services" as an alternative, suggesting libraries could provide "100GB of encrypted file storage, photo-sharing and document collaboration tools, and media streaming services -- all for free."

BrianFagioli writes: AI might be the future of software development, but a new report suggests we're not quite ready to take our hands off the wheel. Veracode has released its 2025 GenAI Code Security Report, and the findings are pretty alarming. Out of 80 carefully designed coding tasks completed by over 100 large language models, nearly 45 percent of the AI-generated code contained security flaws.

That's not a small number. These are not minor bugs, either. We're talking about real vulnerabilities, with many falling under the OWASP Top 10, which highlights the most dangerous issues in modern web applications. The report found that when AI was given the option to write secure or insecure code, it picked the wrong path nearly half the time.

An anonymous reader quotes a report from CNBC: Google executives are pushing employees to act with more urgency in their use of artificial intelligence as the company looks for ways to cut costs. That was the message at an all-hands meeting last week, featuring CEO Sundar Pichai and Brian Saluzzo, who runs the teams building the technical foundation for Google's flagship products. "Anytime you go through a period of extraordinary investment, you respond by adding a lot of headcount, right?" Pichai said, according to audio obtained by CNBC. "But in this AI moment, I think we have to accomplish more by taking advantage of this transition to drive higher productivity. [...] We are competing with other companies in the world," Pichai said at the meeting. "There will be companies which will become more efficient through this moment in terms of employee productivity, which is why I think it's important to focus on that." [...]

"We are going to be going through a period of much higher investment and I think we have to be frugal with our resources, and I would strive to be more productive and efficient as a company," Pichai said, adding that he's "very optimistic" about how Google is doing. At the meeting, Saluzzo highlighted a number of tools the company is building for software engineers, or SWEs, to help "everybody at Google be more AI-savvy." "We feel the urgency to really quickly and urgently get AI into more of the coding workflows to address top needs so you see a much more rapid increase in velocity," Saluzzo said. Saluzzo said Google has a portfolio of AI products available to employees "so folks can go faster." He mentioned an internal site called "AI Savvy Google" which has courses, toolkits and learning sessions, including some for individual product areas.

Google's engineering education team, which develops courses for internal and external use, partnered with DeepMind on a training called "Building with Gemini" that the company will start promoting soon, Saluzzo said. He also referenced a new internal AI coding tool called Cider that helps software engineers with various aspects of the development process. Since May, when the company first introduced Cider, 50% of users tap the service on a weekly basis, Saluzzo said. Regarding Google's internal AI tools, Saluzzo said that employees should "expect them to continuously get better" and that "they'll become a pretty integral part of most SWE work."

ZDNet's Steven Vaughan-Nichols shares his list of "what's new and improved" in the latest Linux 6.16 kernel. An anonymous reader shares an excerpt from the report: First, the Rust language is continuing to become more well-integrated into the kernel. At the top of my list is that the kernel now boasts Rust bindings for the driver core and PCI device subsystem. This approach will make it easier to add new Rust-based hardware drivers to Linux. Additionally, new Rust abstractions have been integrated into the Direct Rendering Manager (DRM), particularly for ioctl handling, file/GEM memory management, and driver/device infrastructure for major GPU vendors, such as AMD, Nvidia, and Intel. These changes should reduce vulnerabilities and optimize graphics performance. This will make gamers and AI/ML developers happier.

Linux 6.16 also brings general improvements to Rust crate support. Crate is Rust's packaging format. This will make it easier to build, maintain, and integrate Rust kernel modules into the kernel. For those of you who still love C, don't worry. The vast majority of kernel code remains in C, and Rust is unlikely to replace C soon. In a decade, we may be telling another story. Beyond Rust, this latest release also comes with several major file system improvements. For starters, the XFS filesystem now supports large atomic writes. This capability means that large multi-block write operations are 'atomic,' meaning all blocks are updated or none. This enhances data integrity and prevents data write errors. This move is significant for companies that use XFS for databases and large-scale storage.

Perhaps the most popular Linux file system, Ext4, is also getting many improvements. These boosts include faster commit paths, large folio support, and atomic multi-fsblock writes for bigalloc filesystems. What these improvements mean, if you're not a file-system nerd, is that we should see speedups of up to 37% for sequential I/O workloads. If your Linux laptop doubles as a music player, another nice new feature is that you can now stream your audio over USB even while the rest of your system is asleep. That capability's been available in Android for a while, but now it's part of mainline Linux.

If security is a top priority for you, the 6.16 kernel now supports Intel Trusted Execution Technology (TXT) and Intel Trusted Domain Extensions (TDX). This addition, along with Linux's improved support for AMD Secure Encrypted Virtualization and Secure Memory Encryption (SEV-SNP), enables you to encrypt your software's memory in what's known as confidential computing. This feature improves cloud security by encrypting a user's virtual machine memory, meaning someone who cracks a cloud can't access your data. Linux 6.16 also delivers several chip-related upgrades. It introduces support for Intel's Advanced Performance Extensions (APX), doubling x86 general-purpose registers from 16 to 32 and boosting performance on next-gen CPUs like Lunar Lake and Granite Rapids Xeon. Additionally, the new CONFIG_X86_NATIVE_CPU option allows users to build processor-optimized kernels for greater efficiency.

Support for Nvidia's AI-focused Blackwell GPUs has also been improved, and updates to TCP/IP with DMABUF help offload networking tasks to GPUs and accelerators. While these changes may go unnoticed by everyday users, high-performance systems will see gains and OpenVPN users may finally experience speeds that challenge WireGuard.

Jack Dorsey's new app Bitchat is now available on the iOS App Store. The decentralized, peer-to-peer messaging app uses Bluetooth mesh networks for encrypted, ephemeral chats without requiring accounts, servers, or internet access. Dorsey said he built it over a weekend and cautioned that it "has not received external security review and may contain vulnerabilities..." TechCrunch reports: The app's UX is very minimal. There is no log-in system, and you're immediately brought to an instant messaging box, where you can see what nearby users are saying (if anyone is actually around you and using the app) and set your display name, which can be changed at any time. [...] Dorsey has not directly addressed the fake Bitchat apps on the Google Play store, but he did repost another user's X post that said that Bitchat is not yet on Google Play, and to "beware of fakes."

Cisco has donated its AGNTCY initiative to the Linux Foundation, aiming to create an open-standard "Internet of Agents" to allow AI agents from different vendors to collaborate seamlessly. The project is backed by tech giants like Google Cloud, Dell, Oracle and Red Hat. "Without such an interoperable standard, companies have been rushing to build specialized AI agents," writes ZDNet's Steven Vaughan-Nichols. "These work in isolated silos that cannot work and play well with each other. This, in turn, makes them less useful for customers than they could be." From the report: AGNTCY was first open-sourced by Cisco in March 2025 and has since attracted support from over 75 companies. By moving it under the Linux Foundation's neutral governance, the hope is that everyone else will jump on the AGNTCY bandwagon, thus making it an industry-wide standard. The Linux Foundation has a long history of providing common ground for what otherwise might be contentious technology battles. The project provides a complete framework to solve the core challenges of multi-agent collaboration:

- Agent Discovery: An Open Agent Schema Framework (OASF) acts like a "DNS for agents," allowing them to find and understand the capabilities of others.
- Agent Identity: A system for cryptographically verifiable identities ensures agents can prove who they are and perform authorized actions securely across different vendors and organizations.
- Agent Messaging: A protocol named Secure Low-latency Interactive Messaging (SLIM) is designed for the complex, multi-modal communication patterns of agents, with built-in support for human-in-the-loop interaction and quantum-safe security.
- Agent Observability: A specialized monitoring framework provides visibility into complex, multi-agent workflows, which is crucial for debugging probabilistic AI systems.

You may well ask, aren't there other emerging AI agency standards? You're right. There are. These include the Agent2Agent (A2A) protocol, which was also recently contributed to the Linux Foundation, and Anthropic's Model Context Protocol (MCP). AGNTCY will help agents using these protocols discover each other and communicate securely. In more detail, it looks like this: AGNTCY enables interoperability and collaboration in three primary ways:

- Discovery: Agents using the A2A protocol and servers using MCP can be listed and found through AGNTCY's directories. This enables different agents to discover each other and understand their functions.
- Messaging: A2A and MCP communications can be transported over SLIM, AGNTCY's messaging protocol designed for secure and efficient agent interaction.
- Observability: The interactions between these different agents and protocols can be monitored using AGNTCY's observability software development kits (SDKs), which increase transparency and help with debugging complex workflows You can view AGNTCY's code and documentary on GitHub.

Samsung's new One UI 8 update has quietly disabled the ability to unlock the bootloader on all Galaxy devices globally, ending the custom ROM and kernel era for Android enthusiasts. While most users won't notice, the developer community sees this as a major blow to modding freedom -- one that could potentially raise regulatory concerns within the EU. SamMobile reports: A new report highlights evidence found in the Galaxy S25 One UI 8 beta builds that the bootloader unlock option has been removed. A similar change has also been confirmed on the Galaxy Z Fold 7 and Z Flip 7 which are running stable versions of One UI 8. A deep dive into the stable version's code has also confirmed that regardless of the region, the bootloader unlock option will not be available on devices running One UI 8. The enthusiast community won't like it.

They won't be able to use custom ROMs to update devices when the official software support runs out or use custom kernels to extract more performance. However, with most Samsung phones now offering seven years of Android OS upgrades, one can argue that the utility of this capability is not as significant as it once was.

Windows 11 has become indistinguishable from malware because of the way Microsoft has inserted intrusive advertising, AI monitoring features, and constant distractions designed to drive user engagement and monetization to the operating system, argues veteran writer and developer Rupert Goodwins of The Register.

Goodwins contends that Microsoft has transformed Windows 11 into "an ADHD horror show, full of distractions, promotions and snares" where AI features "constantly video what you're doing and send it back to Mother." He applies the term malware to describe software that intervenes in work to advertise and monitors user data, concluding that "for Windows it isn't a class of third-party nasties, it's an edition name."

Security researchers have discovered evidence suggesting the SkyRover X1 drone sold on Amazon for some $750 is a DJI product operating under a different brand name. The findings come at a time when DJI is facing an unofficial ban at US customs.

The drone shares identical specifications and features with the DJI Mini 4 Pro and connects to DJI's online infrastructure, including DJIGlobal, DJISupport, and DJIEnterprise services.

Hacker Kevin Finisterre successfully logged into the SkyRover system using his existing DJI credentials. Security consultant Jon Sawyer found the SkyRover app uses the same encryption keys as DJI software, with the company making only basic attempts to conceal its origins by replacing "DJI" references with "xxx" or "uav." DJI didn't deny to The Verge that the SkyRover X1 is their product.

This week Google's Open Source Security Team announced "a new project to strengthen trust in open source package ecosystems" — by reproducing upstream artifacts.

It includes automation to derive declarative build definitions, new "build observability and verification tools" for security teams, and even "infrastructure definitions" to help organizations rebuild, sign, and distribute provenance by running their own OSS Rebuild instances. (And as part of the initiative, the team also published SLSA Provenance attestations "for thousands of packages across our supported ecosystems.") Our aim with OSS Rebuild is to empower the security community to deeply understand and control their supply chains by making package consumption as transparent as using a source repository. Our rebuild platform unlocks this transparency by utilizing a declarative build process, build instrumentation, and network monitoring capabilities which, within the SLSA Build framework, produces fine-grained, durable, trustworthy security metadata. Building on the hosted infrastructure model that we pioneered with OSS Fuzz for memory issue detection, OSS Rebuild similarly seeks to use hosted resources to address security challenges in open source, this time aimed at securing the software supply chain... We are committed to bringing supply chain transparency and security to all open source software development. Our initial support for the PyPI (Python), npm (JS/TS), and Crates.io (Rust) package registries — providing rebuild provenance for many of their most popular packages — is just the beginning of our journey...

OSS Rebuild helps detect several classes of supply chain compromise:

- Unsubmitted Source Code: When published packages contain code not present in the public source repository, OSS Rebuild will not attest to the artifact.

- Build Environment Compromise: By creating standardized, minimal build environments with comprehensive monitoring, OSS Rebuild can detect suspicious build activity or avoid exposure to compromised components altogether.

- Stealthy Backdoors: Even sophisticated backdoors like xz often exhibit anomalous behavioral patterns during builds. OSS Rebuild's dynamic analysis capabilities can detect unusual execution paths or suspicious operations that are otherwise impractical to identify through manual review.


For enterprises and security professionals, OSS Rebuild can...

— Enhance metadata without changing registries by enriching data for upstream packages. No need to maintain custom registries or migrate to a new package ecosystem.

— Augment SBOMs by adding detailed build observability information to existing Software Bills of Materials, creating a more complete security picture...

- Accelerate vulnerability response by providing a path to vendor, patch, and re-host upstream packages using our verifiable build definitions...


The easiest (but not only!) way to access OSS Rebuild attestations is to use the provided Go-based command-line interface.
"With OSS Rebuild's existing automation for PyPI, npm, and Crates.io, most packages obtain protection effortlessly without user or maintainer intervention."

In 1995's online world, AOL existed mostly beside the internet as a "walled, manicured garden," remembers Fast Company.

Then along came AOHell "the first of what would become thousands of programs designed by young hackers to turn the system upside down" — built by a high school dropout calling himself "Da Chronic" who says he used "a computer that I couldn't even afford" using "a pirated copy of Microsoft Visual Basic." [D]istributed throughout the teen chatrooms, the program combined a pile of tricks and pranks into a slick little control panel that sat above AOL's windows and gave even newbies an arsenal of teenage superpowers. There was a punter to kick people out of chatrooms, scrollers to flood chats with ASCII art, a chat impersonator, an email and instant message bomber, a mass mailer for sharing warez (and later mp3s), and even an "Artificial Intelligence Bot" [which performed automated if-then responses]. Crucially, AOHell could also help users gain "free" access to AOL. The program came with a program for generating fake credit card numbers (which could fool AOL's sign up process), and, by January 1995, a feature for stealing other users' passwords or credit cards. With messages masquerading as alerts from AOL customer service reps, the tool could convince unsuspecting users to hand over their secrets...

Of course, Da Chronic — actually a 17-year-old high school dropout from North Carolina named Koceilah Rekouche — had other reasons, too. Rekouche wanted to hack AOL because he loved being online with his friends, who were a refuge from a difficult life at home, and he couldn't afford the hourly fee. Plus, it was a thrill to cause havoc and break AOL's weak systems and use them exactly how they weren't meant to be, and he didn't want to keep that to himself. Other hackers "hated the fact that I was distributing this thing, putting it into the team chat room, and bringing in all these noobs and lamers and destroying the community," Rekouche told me recently by phone...

Rekouche also couldn't have imagined what else his program would mean: a free, freewheeling creative outlet for thousands of lonely, disaffected kids like him, and an inspiration for a generation of programmers and technologists. By the time he left AOL in late 1995, his program had spawned a whole cottage industry of teenage script kiddies and hackers, and fueled a subculture where legions of young programmers and artists got their start breaking and making things, using pirated software that otherwise would have been out of reach... In 2014, [AOL CEO Steve] Case himself acknowledged on Reddit that "the hacking of AOL was a real challenge for us," but that "some of the hackers have gone on to do more productive things."

When he first met Mark Zuckerberg, he said, the Facebook founder confessed to Case that "he learned how to program by hacking [AOL]."
"I can't imagine somebody doing that on Facebook today," Da Chronic says in a new interview with Fast Company. "They'll kick you off if you create a Google extension that helps you in the slightest bit on Facebook, or an extension that keeps your privacy or does a little cool thing here and there. That's totally not allowed."

AOHell's creators had called their password-stealing techniques "phishing" — and the name stuck. (AOL was working with federal law enforcement to find him, according to a leaked internal email, but "I didn't even see that until years later.") Enrolled in college, he decided to write a technical academic paper about his program. "I do believe it caught the attention of Homeland Security, but I think they realized pretty quickly that I was not a threat."

He's got an interesting perspective today, noting with today's AI tool's it's theoretically possible to "craft dynamic phishing emails... when I see these AI coding tools I think, this might be like today's Visual Basic. They take out a lot of the grunt work."

What's the moral of the story? "I didn't have any qualifications or anything like that," Da Chronic says. "So you don't know who your adversary is going to be, who's going to understand psychology in some nuanced way, who's going to understand how to put some technological pieces together, using AI, and build some really wild shit."

At this weekend's Comic-Con, "Excitement has been high over the sneak peeks at Tron: Ares and Predator: Badlands," reports CNET. (Nine Inch Nails has even recorded a new song for Tron: Ares .)

A few highlights from CNET's coverage:

• The Coyote vs. Acme movie will hit theaters next year "after being rescued from the pile of scrapped ashes left by Warner Bros. Discovery," with footage screened during a Comic-Con panel.

• The first episode of Alien: Earth was screened before its premiere August 12th on FX.

• A panel reunited creators of the animated Avatar: The Last Airbender for its 20th anniversary — and discussed the upcoming sequel series Avatar: Seven Havens.

• A trailer dropped for the new Star Trek: Starfleet Academy series on Paramount+ ("Star Trek Goes Full Gen Z..." quips one headline.)

To capture some of the ambience, the Guardian has a collection of cosplayer photos. CNET notes there's even booths for Lego and Hot Wheels (which released toys commemorating the 40th anniversary of Back to the Future and the 50th anniversary of Jaws).

But while many buildings are "wrapped" with slick advertisements, SFGate notes the ads are technically illegal, "with penalties for each infraction running up to $1,000 per day," (according to the San Diego Union-Tribune). "Last year's total ended up at $22,500."

The Union-Tribune notes that "The fines are small enough that advertisers clearly think it is worth it, with about 30 buildings in the process of being wrapped Monday morning."

Pebble smartwatches are officially reclaiming their iconic name after Core Devices CEO Eric Migicovsky successfully recovered the Pebble trademark. "Great news -- we've been able to recover the trademark for Pebble! Honestly, I wasn't expecting this to work out so easily," Core Devices CEO Eric Migicovsky writes in an update blog. "Core 2 Duo is now Pebble 2 Duo. Core Time 2 is now Pebble Time 2." The Verge reports: As a refresher, Pebble was one of the OG smartwatches. Despite a loyal customer base, however, it wasn't able to compete with bigger names like Fitbit, the Apple Watch, or Samsung. In 2016, Pebble was acquired by Fitbit for $23 million, marking the end of the first Pebble era. Along the way, Fitbit was acquired by Google. That's important because the tech giant agreed to open-source Pebble's software, and Migicovsky announced earlier this year that Pebble was making a comeback. However, because Migicovsky didn't have the trademark, the new Pebble watches were initially dubbed the Core 2 Duo and the Core Time 2.

"With the recovery of the Pebble trademark, that means you too can use the word Pebble for Pebble related software and hardware projects," Migicovsky writes, acknowledging Pebble's history of community development.

A recent Echelon firmware update has effectively bricked offline functionality for its smart gym equipment, cutting off compatibility with popular third-party apps like QZ and forcing users to connect to Echelon's servers -- even just to view workout stats. Ars Technica reports: As explained in a Tuesday blog post by Roberto Viola, who develops the "QZ (qdomyos-zwift)" app that connects Echelon machines to third-party fitness platforms, like Peloton, Strava, and Apple HealthKit, the firmware update forces Echelon machines to connect to Echelon's servers in order to work properly. A user online reported that as a result of updating his machine, it is no longer syncing with apps like QZ, and he is unable to view his machine's exercise metrics in the Echelon app without an Internet connection. Affected Echelon machines reportedly only have full functionality, including the ability to share real-time metrics, if a user has the Echelon app active and if the machine is able to reach Echelon's servers.

Viola wrote: "On startup, the device must log in to Echelon's servers. The server sends back a temporary, rotating unlock key. Without this handshake, the device is completely bricked -- no manual workout, no Bluetooth pairing, no nothing." Because updated Echelon machines now require a connection to Echelon servers for some basic functionality, users are unable to use their equipment and understand, for example, how fast they're going without an Internet connection. If Echelon were to ever go out of business, the gym equipment would, essentially, get bricked. Viola told Ars Technica that he first started hearing about problems with QZ, which launched in 2020, at the end of 2024 from treadmill owners. He said a firmware update appears to have rolled out this month on Echelon bikes that bricks QZ functionality. In his blog, Viola urged Echelon to let its machines send encrypted data to another device, like a phone or a tablet, without the Internet. He wrote: "Users bought the bike; they should be allowed to use it with or without Echelon's services."

Job postings for entry-level roles requiring degrees have dropped nearly two-thirds in the UK and 43% in the US since ChatGPT launched in 2022, according to Financial Times analysis of Adzuna data. The decline spans sectors with varying AI exposure -- UK graduate openings fell 75% in banking, 65% in software development, but also 77% in human resources and 55% in civil engineering.

Indeed research found only weak correlation between occupations mentioning AI most frequently and those with the steepest job posting declines. US Bureau of Labor Statistics data showed no clear relationship between an occupation's AI exposure and young worker losses between 2022-2024. Economists say economic uncertainty, post-COVID workforce corrections, increased offshoring, and reduced venture capital funding are likely primary drivers of the graduate hiring slowdown.