theodp writes: America's National Football League announced that beginning with the 2025 season, Sony's Hawk-Eye virtual measurement technology will assess and identify first downs after a ball spot.

Sony's Hawk-Eye virtual measurement technology, which consists of six 8K cameras for optical tracking of the position of the ball, is operated from the NFL's "Art McNally GameDay Central Officiating Center" in New York and is integrated with the League's existing replay system. It will serve as an efficient alternative to the process of having a three-person chain crew walk chains onto the field and manually measure whether 10 yards have been met after the official has spotted the ball.

However, the chain crew will remain on the field in a secondary capacity.
The NFL's executive VP of football operations says their move brings "world-class on field officiating with state-of-the-art technology to advance football excellence." (The NFL's announcement notes the whole process takes about 30 seconds, "saving up to 40 seconds from a measurement with the chains.")

The move comes a full seven years after Apple introduced its iPhone Measure app...

It's "a milestone for Meta AI and for open source," Mark Zuckerberg said this weekend. "For the first time, the best small, mid-size, and potentially soon frontier [large-language] models will be open source."

Zuckerberg anounced four new Llama LLMs in a video posted on Instagram and Facebook — two dropping this weekend, with another two on the way. "Our goal is to build the world's leading AI, open source it, and make it universally accessible so that everyone in the world benefits."

Zuckerberg's announcement: I've said for a while that I think open source AI is going to become the leading models. And with Llama 4 this is starting to happen.

- The first model is Llama 4 Scout. It is extremely fast, natively multi-modal. It has an industry-leading "nearly infinite" 10M-token context length, and is designed to run on a single GPU. [Meta's blog post says it fits on an NVIDIA H100]. It is 17 billion parameters by 16 experts, and it is by far the highest performing small model in its class.

- The second model is Llama 4 Maverick — the workhorse. It beats GPT-4o and Gemini Flash 2 on all benchmarks. It is smaller and more efficient than DeepSeek v3, but it is still comparable on text, plus it is natively multi-modal. This one is 17B parameters x 128 experts, and it is designed to run on a single host for easy inference.

This thing is a beast.
Zuck promised more news next month on "Llama 4 Reasoning" — but the fourth model will be called Llama 4 Behemoth. "This thing is massive. More than 2 trillion parameters." (A blog post from Meta AI says it also has a 288 billion active parameter model, outperforms GPT-4.5, Claude Sonnet 3.7, and Gemini 2.0 Pro on STEM benchmarks, and will "serve as a teacher for our new models.")

"I'm not aware of anyone training a larger model out there," Zuckberg says in his video, calling Behemoth "already the highest performing base model in the world, and it is not even done training yet."

"If you want to try Llama 4, you can use Meta AI in WhatsApp, Messenger, or Instagram Direct," Zuckberg said in his video, "or you can go to our web site at meta.ai." The Scout and Maverick models can be downloaded from llama.com and Hugging Face.

"We continue to believe that openness drives innovation," Meta AI says in their blog post, "and is good for developers, good for Meta, and good for the world." Their blog post declares it's "The beginning of a new era of natively multimodal AI innovation," calling Scout and Maverick "the best choices for adding next-generation intelligence." This is just the beginning for the Llama 4 collection. We believe that the most intelligent systems need to be capable of taking generalized actions, conversing naturally with humans, and working through challenging problems they haven't seen before. Giving Llama superpowers in these areas will lead to better products for people on our platforms and more opportunities for developers to innovate on the next big consumer and business use cases. We're continuing to research and prototype both models and products, and we'll share more about our vision at LlamaCon on April 29...

We also can't wait to see the incredible new experiences the community builds with our new Llama 4 models.
"The impressive part about Llama 4 Maverick is that with just 17B active parameters, it has scored an ELO score of 1,417 on the LMArena leaderboard," notes the tech news site Beebom. "This puts the Maverick model in the second spot, just below Gemini 2.5 Pro, and above Grok 3, GPT-4o, GPT-4.5, and more.

"It also achieves comparable results when compared to the latest DeepSeek V3 model on reasoning and coding tasks, and surprisingly, with just half the active parameters."

U.K. postmasters were mistakenly sent to prison due to a bug in their "Horizon" accounting software — as first reported by Computer Weekly back in 2009. Nearly 16 years later, the same site reports that now the Scottish Criminal Cases Review Commission "is attempting to contact any former subpostmasters that could have been prosecuted for unexplained losses on the Post Office's pre-Horizon Capture software.

"There are former subpostmasters that, like Horizon users, could have been convicted of crimes based on data from these systems..." Since the Post Office Horizon scandal hit the mainstream in January 2024 — revealing to a wide audience the suffering experienced by subpostmasters who were blamed for errors in the Horizon accounting system — users of Post Office software that predated Horizon have come forward... to tell their stories, which echoed those of victims of the Horizon scandal. The Criminal Cases Review Commission for England and Wales is now reviewing 21 cases of potential wrongful conviction... where the Capture IT system could be a factor...

The SCCRC is now calling on people that might have been convicted based on Capture accounts to come forward. "The commission encourages anyone who believes that their criminal conviction, or that of a relative, might have been affected by the Capture system to make contact with it," it said. The statutory body is also investigating a third Post Office system, known as Ecco+, which was also error-prone...

A total of 64 former subpostmasters in Scotland have now had their convictions overturned through the legislation brought through Scottish Parliament. So far, 97 convicted subpostmasters have come forward, and 86 have been assessed, out of which the 64 have been overturned. However, 22 have been rejected and another 11 are still to be assessed. An independent group, fronted by a former Scottish subpostmaster, is also calling on users of any of the Post Office systems to come forward to tell their stories, and for support in seeking justice and redress.

Berkeley, California is "the latest city to try to block landlords from using algorithms when deciding rents," reports the Associated Press (noting that officials in many cities claim the practice is driving up the price of housing).

But then real estate software company RealPage filed a federal lawsuit against Berkeley on Wednesday: Texas-based RealPage said Berkeley's ordinance, which goes into effect this month, violates the company's free speech rights and is the result of an "intentional campaign of misinformation and often-repeated false claims" about its products.

The U.S. Department of Justice sued Realpage in August under former President Joe Biden, saying its algorithm combines confidential information from each real estate management company in ways that enable landlords to align prices and avoid competition that would otherwise push down rents. That amounts to cartel-like illegal price collusion, prosecutors said. RealPage's clients include huge landlords who collectively oversee millions of units across the U.S. In the lawsuit, the Department of Justice pointed to RealPage executives' own words about how their product maximizes prices for landlords. One executive said, "There is greater good in everybody succeeding versus essentially trying to compete against one another in a way that actually keeps the entire industry down."

San Francisco, Philadelphia and Minneapolis have since passed ordinances restricting landlords from using rental algorithms. The Department of Justice case remains ongoing, as do lawsuits against RealPage brought by tenants and the attorneys general of Arizona and Washington, D.C...

[On a conference call, RealPage attorney Stephen Weissman told reporters] RealPage officials were never given an opportunity to present their arguments to the Berkeley City Council before the ordinance was passed and said the company is considering legal action against other cities that have passed similar policies, including San Francisco.
RealPage blames high rents not on the software they make, but on a lack of housing supply...

Over on Reddit's "selfhosted" subreddit for alternatives to popular services, long-time Slashdot reader Zoup described a pain point:

- Landlock is a Linux Security Module (LSM) that lets unprivileged processes restrict themselves.

- It's been in the kernel since 5.13, but the API is awkward to use directly.

- It always annoyed the hell out of me to run random binaries from the internet without any real control over what they can access.

So they've rolled their own solution, according to Thursday's submission to Slashdot: I just released Landrun, a Go-based CLI tool that wraps Linux Landlock (5.13+) to sandbox any process without root, containers, or seccomp. Think firejail, but minimal and kernel-native. Supports fine-grained file access (ro/rw/exec) and TCP port restrictions (6.7+). No daemons, no YAML, just flags.

Example (where --rox allows read-only access with execution to specified path):

# landrun --rox /usr touch /tmp/file
touch: cannot touch '/tmp/file': Permission denied
# landrun --rox /usr --rw /tmp touch /tmp/file
#

It's MIT-licensed, easy to audit, and now supports systemd services.

"The third James Bond novel was published on this day in 1955," writes long-time Slashdot reader sandbagger. Film buff Christian Petrozza shares some history: In 1979, the market was hot amid the studios to make the next big space opera. Star Wars blew up the box office in 1977 with Alien soon following and while audiences eagerly awaited the next installment of George Lucas' The Empire Strikes Back, Hollywood was buzzing with spacesuits, lasers, and ships that cruised the stars. Politically, the Cold War between the United States and Russia was still a hot topic, with the James Bond franchise fanning the flames in the media entertainment sector. Moon missions had just finished their run in the early 70s and the space race was still generationally fresh. With all this in mind, as well as the successful run of Roger Moore's fun and campy Bond, the time seemed ripe to boldly take the globe-trotting Bond where no spy has gone before.

Thus, 1979's Moonraker blasted off to theatres, full of chrome space-suits, laser guns, and jetpacks, the franchise went full-boar science fiction to keep up with the Joneses of current Hollywood's hottest genre. The film was a commercial smash hit, grossing 210 million worldwide. Despite some mixed reviews from critics, audiences seemed jazzed about seeing James Bond in space.

When it comes to adaptations of the novella that Ian Flemming wrote of the same name, Moonraker couldn't be farther from its source material, and may as well be renamed completely to avoid any association... Ian Flemming's original Moonraker was more of a post-war commentary on the domestic fears of modern weapons being turned on Europe by enemies who were hired for science by newer foes. With Nazi scientists being hired by both the U.S. and Russia to build weapons of mass destruction after World War II, this was less of a Sci-Fi and much more of a cautionary tale.
They argue that filming a new version of Moonraker "to find a happy medium between the glamor and the grit of the James Bond franchise..."

Slashdot reader zlives shared this report from BleepingComputer: Microsoft used its AI-powered Security Copilot to discover 20 previously unknown vulnerabilities in the GRUB2, U-Boot, and Barebox open-source bootloaders.

GRUB2 (GRand Unified Bootloader) is the default boot loader for most Linux distributions, including Ubuntu, while U-Boot and Barebox are commonly used in embedded and IoT devices. Microsoft discovered eleven vulnerabilities in GRUB2, including integer and buffer overflows in filesystem parsers, command flaws, and a side-channel in cryptographic comparison. Additionally, 9 buffer overflows in parsing SquashFS, EXT4, CramFS, JFFS2, and symlinks were discovered in U-Boot and Barebox, which require physical access to exploit.

The newly discovered flaws impact devices relying on UEFI Secure Boot, and if the right conditions are met, attackers can bypass security protections to execute arbitrary code on the device. While exploiting these flaws would likely need local access to devices, previous bootkit attacks like BlackLotus achieved this through malware infections.
Miccrosoft titled its blog post "Analyzing open-source bootloaders: Finding vulnerabilities faster with AI." (And they do note that Micxrosoft disclosed the discovered vulnerabilities to the GRUB2, U-boot, and Barebox maintainers and "worked with the GRUB2 maintainers to contribute fixes... GRUB2 maintainers released security updates on February 18, 2025, and both the U-boot and Barebox maintainers released updates on February 19, 2025.")

They add that performing their initial research, using Security Copilot "saved our team approximately a week's worth of time," Microsoft writes, "that would have otherwise been spent manually reviewing the content." Through a series of prompts, we identified and refined security issues, ultimately uncovering an exploitable integer overflow vulnerability. Copilot also assisted in finding similar patterns in other files, ensuring comprehensive coverage and validation of our findings...

As AI continues to emerge as a key tool in the cybersecurity community, Microsoft emphasizes the importance of vendors and researchers maintaining their focus on information sharing. This approach ensures that AI's advantages in rapid vulnerability discovery, remediation, and accelerated security operations can effectively counter malicious actors' attempts to use AI to scale common attack tactics, techniques, and procedures (TTPs).
This week Google also announced Sec-Gemini v1, "a new experimental AI model focused on advancing cybersecurity AI frontiers."

The advent of LLMs and machine learning-based applications "opened the door to a new wave of security threats," argues Google's security blog. (Including model and data poisoning, prompt injection, prompt leaking and prompt evasion.)

So as part of the Linux Foundation's nonprofit Open Source Security Foundation, and in partnership with NVIDIA and HiddenLayer, Google's Open Source Security Team on Friday announced the first stable model-signing library (hosted at PyPI.org), with digital signatures letting users verify that the model used by their application "is exactly the model that was created by the developers," according to a post on Google's security blog. [S]ince models are an uninspectable collection of weights (sometimes also with arbitrary code), an attacker can tamper with them and achieve significant impact to those using the models. Users, developers, and practitioners need to examine an important question during their risk assessment process: "can I trust this model?"

Since its launch, Google's Secure AI Framework (SAIF) has created guidance and technical solutions for creating AI applications that users can trust. A first step in achieving trust in the model is to permit users to verify its integrity and provenance, to prevent tampering across all processes from training to usage, via cryptographic signing... [T]he signature would have to be verified when the model gets uploaded to a model hub, when the model gets selected to be deployed into an application (embedded or via remote APIs) and when the model is used as an intermediary during another training run. Assuming the training infrastructure is trustworthy and not compromised, this approach guarantees that each model user can trust the model...

The average developer, however, would not want to manage keys and rotate them on compromise. These challenges are addressed by using Sigstore, a collection of tools and services that make code signing secure and easy. By binding an OpenID Connect token to a workload or developer identity, Sigstore alleviates the need to manage or rotate long-lived secrets. Furthermore, signing is made transparent so signatures over malicious artifacts could be audited in a public transparency log, by anyone. This ensures that split-view attacks are not possible, so any user would get the exact same model. These features are why we recommend Sigstore's signing mechanism as the default approach for signing ML models.

Today the OSS community is releasing the v1.0 stable version of our model signing library as a Python package supporting Sigstore and traditional signing methods. This model signing library is specialized to handle the sheer scale of ML models (which are usually much larger than traditional software components), and handles signing models represented as a directory tree. The package provides CLI utilities so that users can sign and verify model signatures for individual models. The package can also be used as a library which we plan to incorporate directly into model hub upload flows as well as into ML frameworks.
"We can view model signing as establishing the foundation of trust in the ML ecosystem..." the post concludes (adding "We envision extending this approach to also include datasets and other ML-related artifacts.") Then, we plan to build on top of signatures, towards fully tamper-proof metadata records, that can be read by both humans and machines. This has the potential to automate a significant fraction of the work needed to perform incident response in case of a compromise in the ML world...

To shape the future of building tamper-proof ML, join the Coalition for Secure AI, where we are planning to work on building the entire trust ecosystem together with the open source community. In collaboration with multiple industry partners, we are starting up a special interest group under CoSAI for defining the future of ML signing and including tamper-proof ML metadata, such as model cards and evaluation results.

Is OpenAI's ChatGPT violating copyrights? The New York Times sued OpenAI in December 2023. But Ars Technica summarizes OpenAI's response. The New York Times (or NYT) "should have known that ChatGPT was being trained on its articles... partly because of the newspaper's own reporting..."

OpenAI pointed to a single November 2020 article, where the NYT reported that OpenAI was analyzing a trillion words on the Internet.

But on Friday, U.S. district judge Sidney Stein disagreed, denying OpenAI's motion to dismiss the NYT's copyright claims partly based on one NYT journalist's reporting. In his opinion, Stein confirmed that it's OpenAI's burden to prove that the NYT knew that ChatGPT would potentially violate its copyrights two years prior to its release in November 2022... And OpenAI's other argument — that it was "common knowledge" that ChatGPT was trained on NYT articles in 2020 based on other reporting — also failed for similar reasons...

OpenAI may still be able to prove through discovery that the NYT knew that ChatGPT would have infringing outputs in 2020, Stein said. But at this early stage, dismissal is not appropriate, the judge concluded. The same logic follows in a related case from The Daily News, Stein ruled. Davida Brook, co-lead counsel for the NYT, suggested in a statement to Ars that the NYT counts Friday's ruling as a win. "We appreciate Judge Stein's careful consideration of these issues," Brook said. "As the opinion indicates, all of our copyright claims will continue against Microsoft and OpenAI for their widespread theft of millions of The Times's works, and we look forward to continuing to pursue them."

The New York Times is also arguing that OpenAI contributes to ChatGPT users' infringement of its articles, and OpenAI lost its bid to dismiss that claim, too. The NYT argued that by training AI models on NYT works and training ChatGPT to deliver certain outputs, without the NYT's consent, OpenAI should be liable for users who manipulate ChatGPT to regurgitate content in order to skirt the NYT's paywalls... At this stage, Stein said that the NYT has "plausibly" alleged contributory infringement, showing through more than 100 pages of examples of ChatGPT outputs and media reports showing that ChatGPT could regurgitate portions of paywalled news articles that OpenAI "possessed constructive, if not actual, knowledge of end-user infringement." Perhaps more troubling to OpenAI, the judge noted that "The Times even informed defendants 'that their tools infringed its copyrighted works,' supporting the inference that defendants possessed actual knowledge of infringement by end users."

An anonymous reader shares a report: Yet another busy hurricane season is likely across the Atlantic this year -- but some of the conditions that supercharged storms like Hurricanes Helene and Milton in 2024 have waned, according to a key forecast issued Thursday.

A warm -- yet no longer record-hot -- strip of waters across the Atlantic Ocean is forecast to help fuel development of 17 named tropical cyclones during the season that runs from June 1 through Nov. 30, according to Colorado State University researchers. Of those tropical cyclones, nine are forecast to become hurricanes, with four of those expected to reach "major" hurricane strength.

That would mean a few more tropical storms and hurricanes than in an average year, yet slightly quieter conditions than those observed across the Atlantic basin last year. This time last year, researchers from CSU were warning of an "extremely active" hurricane season with nearly two dozen named tropical storms. The next month, the National Oceanic and Atmospheric Administration released an aggressive forecast, warning the United States could face one of its worst hurricane seasons in two decades.

The forecast out Thursday underscores how warming oceans and cyclical patterns in storm activity have primed the Atlantic basin for what is now a decades-long string of frequent, above-normal -- but not necessarily hyperactive -- seasons, said Philip Klotzbach, a senior research scientist at Colorado State and the forecast's lead author.

SpaceX's Fram2 mission returned safely after becoming the first crewed spaceflight to orbit directly over Earth's poles. From a report: Led by cryptocurrency billionaire Chun Wang, who is the financier of this mission, the Fram2 crew has been free-flying through orbit since Monday. The group splashed down at 9:19 a.m. PT, or 12:19 p.m. ET, off the coast of California -- the first West Coast landing in SpaceX's five-year history of human spaceflight missions. The company livestreamed the splashdown and recovery of the capsule on its website.

During the journey, the Fram2 crew members were slated to carry out various research projects, including capturing images of auroras from space and documenting their experiences with motion sickness. [...] This trip is privately funded, and such missions allow for SpaceX's customers to spend their time in space as they see fit. For Fram2, the crew traveled to orbit prepared to carry out 22 research and science experiments, some of which were designed and overseen by SpaceX. Most of the research involves evaluating crew health.

Web crawlers collecting training data for AI models are overwhelming Wikipedia's infrastructure, with bot traffic growing exponentially since early 2024, according to the Wikimedia Foundation. According to data released April 1, bandwidth for multimedia content has surged 50% since January, primarily from automated programs scraping Wikimedia Commons' 144 million openly licensed media files.

This unprecedented traffic is causing operational challenges for the non-profit. When Jimmy Carter died in December 2024, his Wikipedia page received 2.8 million views in a day, while a 1.5-hour video of his 1980 presidential debate caused network traffic to double, resulting in slow page loads for some users.

Analysis shows 65% of the foundation's most resource-intensive traffic comes from bots, despite bots accounting for only 35% of total pageviews. The foundation's Site Reliability team now routinely blocks overwhelming crawler traffic to prevent service disruptions. "Our content is free, our infrastructure is not," the foundation said, announcing plans to establish sustainable boundaries for automated content consumption.

China said Friday that it will impose reciprocal 34% tariffs on all imports from the United States from April 10, making good on a promise to strike back after US President Donald Trump escalated a global trade war. CNN: On Wednesday, Trump unveiled an additional 34% tariff on all Chinese goods imported into the US, in a move poised to cause a major reset of relations and worsen trade tensions between the world's two largest economies.

"This practice of the US is not in line with international trade rules, seriously undermines China's legitimate rights and interests, and is a typical unilateral bullying practice," China's State Council Tariff Commission said in a statement announcing its retaliatory tariffs. Since returning to power in January, Trump had already levied two tranches of 10% additional duties on all Chinese imports, which the White House said was necessary to stem the flow of illicit fentanyl from the country to the US. Combined with pre-existing tariffs, that means Chinese goods arriving in the US would be effectively subject to tariffs of well over 54%.

An anonymous reader quotes a report from Reuters: Visa has offered Apple roughly $100 million to take over the tech giant's credit card partnership from Mastercard, the Wall Street Journal reported on Tuesday, citing sources familiar with the matter. Visa has made a bold push to secure the Apple Card, offering an upfront payment typically reserved for the largest card programs, WSJ reported. American Express is also trying to unseat Mastercard to win the Apple card. Amex is looking to become the card's issuer as well as the network, the report said, citing the sources. Goldman Sachs ended its partnership with Apple in late 2023 as the Wall Street bank retreated from consumer lending.

An anonymous reader quotes a report from Ars Technica: [...] The study, led by researchers at Brown University, found that the wealthiest Americans lived shorter lives than the wealthiest Europeans. In fact, wealthy Northern and Western Europeans had death rates 35 percent lower than the wealthiest Americans, whose lifespans were more like the poorest in Northern and Western Europe -- which includes countries such as France, the Netherlands, and Switzerland. "The findings are a stark reminder that even the wealthiest Americans are not shielded from the systemic issues in the US contributing to lower life expectancy, such as economic inequality or risk factors like stress, diet or environmental hazards," lead study author Irene Papanicolas, a professor of health services, policy and practice at Brown, said in a news release.

The study looked at health and wealth data of more than 73,000 adults across the US and Europe who were 50 to 85 years old in 2010. There were more than 19,000 from the US, nearly 27,000 from Northern and Western Europe, nearly 19,000 from Eastern Europe, and nearly 9,000 from Southern Europe. For each region, participants were divided into wealth quartiles, with the first being the poorest and the fourth being the richest. The researchers then followed participants until 2022, tracking deaths. The US had the largest gap in survival between the poorest and wealthiest quartiles compared to European countries. America's poorest quartile also had the lowest survival rate of all groups, including the poorest quartiles in all three European regions.

While less access to health care and weaker social structures can explain the gap between the wealthy and poor in the US, it doesn't explain the differences between the wealthy in the US and the wealthy in Europe, the researchers note. There may be other systemic factors at play that make Americans uniquely short-lived, such as diet, environment, behaviors, and cultural and social differences. "If we want to improve health in the US, we need to better understand the underlying factors that contribute to these differences -- particularly amongst similar socioeconomic groups -- and why they translate to different health outcomes across nations," Papanicolas said. The findings have been published in the New England Journal of Medicine.