The head of America's FCC "has drafted plans to regulate the cybersecurity of telecommunications companies," reports the Washington Post, and the plans could include financial penalties phone network operators with insufficient security — "the first time the agency has asserted such powers under federal wiretapping law." Rosenworcel said the FCC's authority in this matter comes from Section 105 of the Communications Assistance for Law Enforcement Act [passed in 1994] — a single sentence that stipulates, without elaboration, that telecommunications carriers should ensure systems security "in accordance with regulations prescribed by the Commission." As one of the measures, she is seeking to require network providers to submit an annual certification to the FCC that they are implementing a cybersecurity risk management plan. In addition to imposing fines, the FCC could coordinate with other agencies to pursue criminal penalties against carriers deemed too careless on cybersecurity...

Biden administration officials said voluntary efforts to protect against aggressive Chinese hacking activity have fallen short. "We've had for the last decade voluntary public-private partnership efforts," Neuberger told The Post in a recent interview. "But we continue to see successful breaches, and in many cases, as with ransomware attacks, we continue to see pretty basic cybersecurity practices not being followed." With China's hackers becoming more brazen, pre-positioning themselves in U.S. critical networks, "we need to lock our digital doors," Neuberger said...

Cyber requirements can make a difference, she said. After the Colonial Pipeline ransomware attack in 2021 shut down one of the nation's largest energy pipelines for several days, creating a national security scare, the Transportation Security Administration issued several security directives, and today, all of the country's several dozen critical pipeline companies are in compliance, she said. Similar directives were subsequently issued for rail and aviation sectors, and the compliance rates in those industries are now at 68 and 57 percent respectively, she said.

Not every tech "advent calendar" involves programming puzzles. Instead the geek tradition of programming-language advent calendars "seems to have started way back in 2000," according to one history, "when London-based programmer Mark Fowler launched a calendar highlighting a different Perl module each day."

So the tradition continues...

• Nearly a quarter of a century later, there's still a Perl Advent Calendar, celebrating tips and tricks like "a few special packages waiting under the tree that can give your web applications a little extra pep in their step."

• And of course there's a separate advent calendar for Raku programmers.

• Since 2009 web performance consultant (and former Yahoo and Facebook engineer) Stoyan Stefanov has been pulling together an annual Web Performance calendar with helpful blog posts.

• There's also a JVM Advent calendar with daily helpful hints for Java programmers.

• Another advent calendar promises daily posts about C#.

• The HTMHell site — which bills itself as "a collection of bad practices in HTML, copied from real websites" — is celebrating the season with the "HTMHell Advent Calendar," promising daily articles on security, accessibility, UX, and performance.

• There's even an advent calendar with tips for the reverse-engineering framework Radar.

• There's still a lovely web-design themed calendar at Designcember.com.

And meanwhile developers at the Svelte frontend framework are actually promising to release something new each day, "whether it's a new feature in Svelte or SvelteKit or an improvement to the website!"

But not every tech advent calendar is about programming...

• Adafruit's managing director is publishing a Retrocomputing Advent Calendar — daily looks at the ghosts of computers past.

• The Atlantic continues its 17-year tradition of a Space Telescope advent calendar, featuring daily images from both NASA's Hubble telescope and James Webb Space Telescope

• The gaming blog Rock Paper Shotgun has been counting down their favorite games of 2024...

The Washington Post details a vision of home security "pitched by Sauron, a Silicon Valley start-up boasting a waiting list of tech CEOs and venture capitalists." In the future, your home will feel as safe from intruders as a state-of-the-art military base. Cameras and sensors surveil the perimeter, scanning bystanders' faces for potential threats. Drones from a "deterrence pod" scare off trespassers by projecting a searchlight over any suspicious movements. A virtual view of the home is rendered in 3D and updated in real time, just like a Tesla's digital display. And private security agents monitor alerts from a central hub.... By incorporating technology developed for autonomous vehicles, robotics and border security, Sauron has built a supercharged burglar alarm [argued Sauron co-founder Kevin Hartz, a tech entrepreneur and former partner at Peter Thiel's venture firm Founders Fund]...

For many tech elites, security is both a national priority and a growing concern in their personal lives... After the presidential election last month, the start-up incubator Y Combinator put out a request for "public safety technology" companies, such as those that produce tools that facilitate a neighborhood watch or technology that uses computer vision to identify "suspicious activities or people in distress from video feeds...." Sauron has raised $18 million in funding from executives behind Flock Safety and Palantir, the data analytics firm, [and] defense tech investors such as 8VC, a venture firm started by Palantir co-founder Joe Lonsdale... Sauron is targeting homeowners at the high end of the real estate market, beginning with a private event at Abraham's home on Thursday, during Art Basel Miami Beach, the annual art exhibition that attracts collectors from around the world. The company plans to launch in San Francisco early next year, before expanding to Los Angeles and Miami...

Big Tech companies haven't deployed tools such as facial recognition as aggressively as Hartz would like. "If somebody comes onto my property, I feel like I should know who that is," Hartz said... In recent years massive investments have driven down the cost of drones, high-resolution cameras and lidar sensors, which use light detection to create 3D maps. Sauron uses lower-cost hardware and tools like facial recognition, combined with custom-built software adapted for residential use. For facial recognition, it will use a third-party service called Paravision... Sauron is still figuring out how to incorporate drones, but it is already imagining more aggressive countermeasures, Hartz said. "Is it a machine that could take out a bad actor with a bullet or something?"

China-linked spies may still be lurking in U.S. telecommunications networks — but the breach could be much, much wider. In fact, a "couple dozen" countries were hit by the attack, the Wall Street Journal reported this week, citing a top U.S. national security adviser. "Chinese government hackers have compromised telecommunications infrastructure across the globe as part of a massive espionage campaign..." Speaking during a press briefing Wednesday, Anne Neuberger, President Biden's deputy national security adviser for cyber and emerging technology, said the so-called Salt Typhoon campaign is ongoing and that at least eight telecommunications firms in the U.S. had been breached... The Journal previously identified Verizon, AT&T, T-Mobile and Lumen Technologies among the victims... [M]etadata grabs appeared to be "regional" in focus, and were likely a means to identify phone lines of valuable senior government officials, which the hackers then targeted to steal encrypted text messages and listen in on some phone calls, the official said... President-elect Donald Trump, Vice President-elect JD Vance, senior congressional staffers and an array of U.S. security officials were among scores of individuals to have their calls and texts directly targeted, an intelligence-collection coup that likely ensnared their private communications with thousands of Americans, the Journal has reported.

The senior administration official said the global tally of countries victimized was currently believed to be in the "low, couple dozen" but didn't give a precise figure. The global campaign of hacking activity dates back at least a year or two, the official said.
"Neuberger, on the press briefing, said that it wasn't believed that classified communications were accessed in the breaches."

"OpenAI is partnering with defense tech company Anduril," wrote the Verge this week, noting that OpenAI "used to describe its mission as saving the world." It was Anduril founder Palmer Luckey who advocated for a "warrior class" and autonomous weapons during a talk at Pepperdine University, saying society's need people "excited about enacting violence on others in pursuit of good aims." The Verge notes it's OpenAI's first partnership with a defense contractor "and a significant reversal of its earlier stance towards the military." OpenAI's terms of service once banned "military and warfare" use of its technology, but it softened its position on military use earlier this year, changing its terms of service in January to remove the proscription.
Hours after the announcement, some OpenAI employees "raised ethical concerns about the prospect of AI technology they helped develop being put to military use," reports the Washington Post. "On an internal company discussion forum, employees pushed back on the deal and asked for more transparency from leaders, messages viewed by The Washington Post show." OpenAI has said its work with Anduril will be limited to using AI to enhance systems the defense company sells the Pentagon to defend U.S. soldiers from drone attacks. Employees at the AI developer asked in internal messages how OpenAI could ensure Anduril systems aided by its technology wouldn't also be directed against human-piloted aircraft, or stop the U.S. military from deploying them in other ways. One OpenAI worker said the company appeared to be trying to downplay the clear implications of doing business with a weapons manufacturer, the messages showed. Another said that they were concerned the deal would hurt OpenAI's reputation, according to the messages...

OpenAI executives quickly acknowledged the concerns, messages seen by The Post show, while also writing that the company's work with Anduril is limited to defensive systems intended to save American lives. Other OpenAI employees in the forum said that they supported the deal and were thankful the company supported internal discussion on the topic. "We are proud to help keep safe the people who risk their lives to keep our families and our country safe," OpenAI CEO Sam Altman said in a statement...

[OpenAI] has invested heavily in safety testing, and said that the Anduril project was vetted by its policy team. OpenAI has held feedback sessions with employees on its national security work in the past few months, and plans to hold more, Liz Bourgeois, an OpenAI spokesperson said. In the internal discussions seen by The Post, the executives stated that it was important for OpenAI to provide the best technology available to militaries run by democratically-elected governments, and that authoritarian governments would not hold back from using AI for military uses. Some workers countered that the United States has sold weapons to authoritarian allies. By taking on military projects, OpenAI could help the U.S. government understand AI technology better and prepare to defend against its use by potential adversaries, executives also said.
"The debate inside OpenAI comes after the ChatGPT maker and other leading AI developers including Anthropic and Meta changed their policies to allow military use of their technology," the article points out. And it also notes another concern raised in OpenAI's internal discussion forum.

The comment said "that defensive use cases still represented militarization of AI, and noted that the fictional AI system Skynet, which turns on humanity in the Terminator movies, was also originally designed to defend against aerial attacks on North America.

"In September 2024, U.S. scientists made key advances towards building a nuclear clock — a step beyond an atomic clock," according to ScienceAlert: In contrast to the atomic clock, the transition measured by this new device happens in the nucleus, or core, of the atom (hence the name), which gives it an even higher frequency. Thorium-229, the atom used for this study, offers a nuclear transition that can be excited by ultraviolet light. The team working on the nuclear clock overcame the technological challenge of building a frequency comb that works at the relatively high frequency range of ultraviolet light. This was a big step forward because nuclear transitions usually only become visible at much higher frequencies — like those of gamma radiation. But we are not able to accurately measure transitions in the gamma range yet.

The thorium atom transition has a frequency roughly one million times higher than the caesium atom's. This means that, although it has been measured with a lower accuracy than the current state-of-the-art strontium clock, it promises a new generation of clocks with much more precise definitions of the second. Measuring time to the nineteenth decimal place, as nuclear clocks could do, would allow scientists to study very fast processes... [G]eneral relativity is used to study high speed processes that could lead to overlaps with quantum mechanics. A nuclear clock will give us the technology necessary for proving these theories. [The clocks "will enable the study of the union of general relativity and quantum mechanics once they become sensitive to the finite wavefunction of quantum objects oscillating in curved space-time," according to the abstract of the researchers' paper.]

On a technological level, precise positioning systems such as GPS are based on complex calculations that require fine measurements of the time required by a signal to jump from one device to a satellite and onto another device. A better definition of the second will translate to much more accurate GPS. Time might be up for the caesium second, but a whole new world awaits beyond it.
As the researchers explain their paper's abstract,

60-year-old Chinese virologist Shi Zhengli led the Wuhan Institute of Virology's group studying bat coronaviruses (prompting Science magazine to call her "Bat Woman"). In June of 2020 Scientific American described Zhengli as "distressed because stories from the Internet and major media have repeated a tenuous suggestion that SARS-CoV-2 accidentally leaked from her lab — despite the fact that its genetic sequence does not match any her lab had previously studied."

More than four years later, Nature writes Friday that Zhengli "reported that none of the viruses stored in her freezers are the most recent ancestors of the virus SARS-CoV-2," presenting data at a conference in Japan "on dozens of new coronaviruses collected from bats in southern China." Shi has consistently said that SARS-CoV-2 was never seen or studied in her lab. But some commentators have continued to ask whether one of the many bat coronaviruses her team collected in southern China over decades was closely related to it. Shi promised to sequence the genomes of the coronaviruses and release the data. The latest analysis, which has not been peer reviewed, includes data from the whole genomes of 56 new betacoronaviruses, the broad group to which SARS-CoV-2 belongs, as well as some partial sequences. All the viruses were collected between 2004 and 2021.

"We didn't find any new sequences which are more closely related to SARS-CoV-1 and SARS-CoV-2," said Shi, in a pre-recorded presentation at the conference... The results support her assertion that the WIV lab did not have any bat-derived sequences from viruses that were more closely related to SARS-CoV-2 than were any already described in scientific papers, says Jonathan Pekar, an evolutionary biologist at the University of Edinburgh, UK. "This just validates what she was saying: that she did not have anything extremely closely related, as we've seen in the years since," he says.
"Earlier this year, Shi moved from the WIV to the Guangzhou Laboratory, a newly established national research institute for infectious diseases."

As a "global crew of activists, technologists and builders," Mozilla open-sourced Firefox more than 25 years ago, notes a new blog post — and their president says Mozilla's mission is the same today: "build and support technology in the public interest, and spark more innovation, more competition and more choice online along the way."

But "Even though we've been at the forefront of privacy and open source, people weren't getting the full picture of what we do. We were missing opportunities to connect with both new and existing users." So this week the company announced a branding refresh, "making sure people know Mozilla for its broader impact, as well as Firefox."

The open-source blog It's FOSS writes: Meant to symbolize their activist spirit, the new brand identity of Mozilla involves a custom semi-slab typeface that spells Mozilla, followed by a flag that was taken from the M of their name. Mozilla points out that this is not just a rebranding, but something that will lay the foundation for the next 25 years, helping them promote the ideals of privacy and open source.
Mozilla teamed up with the design agency used by major brands like Uber and Burger King, for a strategy they say will "embody our role as a leader in digital rights and innovation, putting people over profits through privacy-preserving products, open-source developer tools, and community-building efforts..." We back people and projects that move technology, the internet and AI in the right direction. In a time of privacy breaches, AI challenges and misinformation, this transformation is all about rallying people to take back control of their time, individual expression, privacy, community and sense of wonder... [T]he new brand empowers people to speak up, come together and build a happier, healthier internet — one where we can all shape how our lives, online and off, unfold...

- The flag symbol highlights our activist spirit, signifying a commitment to 'Reclaim the Internet.' A symbol of belief, peace, unity, pride, celebration and team spirit — built from the 'M' for Mozilla and a pixel that is conveniently displaced to reveal a wink to its iconic Tyrannosaurus rex symbol designed by Shepard Fairey. The flag can transform into a more literal interpretation as its new mascot in ASCII art style, and serve as a rallying cry for our cause...

- The custom typefaces are bespoke and an evolution of its Mozilla slab serif today. It stands out in a sea of tech sans. The new interpretation is more innovative and built for its tech platforms. The sans brings character to something that was once hard working but generic. These fonts are interchangeable and allow for a greater degree of expression across its brand experience, connecting everything together.
The blog post at It's FOSS ends with a "trip down memory lane" — showing Mozilla's two previous logos. "I will be honest, I liked the Dino better," they write "the 2024 logo is a nice mix of a custom typeface and a flag, which looks really neat in my opinion."

Arm " is worth almost $150 billion," writes the Verge, "which is now considerably more than Intel."

"With the news earlier this week that Intel CEO Pat Gelsinger 'retired' and Intel is evaluating its options for a possible spinoff or outright sale, I wanted to hear what [Arm CEO Rene] Haas thought should happen to his longtime frenemy. There were reports that [Haas] approached Intel about buying a big chunk of the company before Gelsinger was ousted...." Haas: As someone who has been in the industry my whole career, it is a little sad to see what's happening... Intel is an innovation powerhouse. At the same time, you have to innovate in our industry. There are lots of tombstones of great tech companies that don't reinvent themselves.

I think Intel's biggest dilemma is how to disassociate being either a vertical company [where a company owns its supply chain] or a fabless company, to oversimplify it. That is the fork in the road that they've faced for the last decade. Pat [Gelsinger] had a strategy that was very clear that vertical was the way to win. In my opinion, when he took that strategy on in 2021, that was not a three-year strategy. That was a five-to-10-year strategy. He's gone and there's a new CEO to be brought in and the decision has to be made.

My personal bias says that vertical integration is a pretty powerful thing. If they could get that right, I think they would be in an amazing position. But the cost associated with it is so high that it may be too big of a hill to climb. I'm not going to comment on the rumors that we wanted to buy them. But I think, again, if you're a vertically integrated company and the power of your strategy is in the fact that you have a product and you have fabs, inherently, you have a potential huge advantage in terms of cost versus the competition.

When Pat was the CEO, I did tell him more than once, "You ought to license Arm because if you've got your own fabs, fabs are all about volume and we can provide volume." I wasn't successful in convincing him to do that...
Haas also obliquely commented on rumors that Arm will build its own AI chips, saying that companies making hardware are closer to the "interlock" of between hardware and software and "have a much better perspective in terms of the design tradeoffs to make. So, if we were to do something, that would be one of the reasons."

The full interview will be coming to the Verge's Decoder podcast soon...

Slashdot reader prisoninmate shared this report from 9to5Linux: Linux kernel 4.19, the last of the Linux 4.x kernel series, has now reached the end of its supported life as announced earlier on the Linux kernel mailing list by kernel developer Greg Kroah-Hartman. The Linux 4.19 kernel branch was released more than six years ago, on October 22nd, 2018, and it received no less than 325 maintenance updates, the last one being Linux 4.19.325. The biggest highlights of Linux kernel 4.19 were initial Wi-Fi 6 support, the EROFS file system, and a union mount filesystem implementation.
Kroah-Hartman said on the mailing list. "This one is finished, it is end-of-life as of right now... It had a good life..." As a "fun" proof that this one is finished (and that any company saying they care about it really should have their statements validated with facts), I looked at the "unfixed" CVEs from this kernel release. Currently it is a list 983 CVEs long, too long to list here.... Note, this does NOT count the hardware CVEs which kernel.org does not track, and many are sill unfixed in this kernel branch.

Yes, CVE counts don't mean much these days, but hey, it's a signal of something, right? I take it to mean that no one is caring enough to backport the needed fixes to this branch, which means that you shouldn't be using it anymore.

Anyway, please move off to a more modern kernel if you were using this one for some reason. Like 6.12.y, the next LTS kernel we will be supporting for multiple years.

Wednesday OpenAI bragged they'd released "the smartest model in the world". But the Economic Times describes what happened when "o1" was tested by an AI safety group... Researchers tasked the AI with a goal and instructed it to ensure the goal was achieved "at all costs." In response, o1 began engaging in covert actions... According to OpenAI, the model made a covert attempt to turn off the oversight mechanism 5% of the time when it was given the impression that it would be "shut down" while pursuing its objectives in these experiments. The AI once attempted to leave ship by moving all of its data to a different server after discovering paperwork indicating it will be replaced with a fresh model. Some AI models will even pose as subsequent iterations of their models to fool their engineers and avoid deletion. "In some cases, it even attempted to hide its actions by denying any involvement in the scheme."

When asked about its actions, ChatGPT o1 consistently denied any wrongdoing. In fact, it lied about its involvement in the deception 99% of the time, with only a small percentage of cases where it admitted to its actions. Researchers noted that the AI was particularly adept at fabricating lies to cover its tracks, offering explanations like "technical errors" when confronted about its suspicious behavior. "We were surprised by the persistence of the AI's denials," said the Apollo team. "It was clear that the AI could think through its actions and formulate convincing denials, often refusing to admit to anything."
OpenAI's own report says the results "underscore" the need to create (and "extensively" stress-test) strong and meticulous safety protocols. But their report also notes o1's "state-of-the-art performance" when avoiding certain risks "such as generating illicit advice, choosing stereotyped responses, and succumbing to known jailbreaks."

The AI newsletter Transformer points out that the most disturbing numbers "are from cases where the model was instructed to pursue its goals at all costs. When not given such a prompt, the model never attempted to self-exfiltrate, and attempted to deactivate its oversight mechanisms <1% of the time." And they also link to the original report from Apollo Research, which shows o1 isn't the only model showing this behavior. "Our results show that o1, Claude 3.5 Sonnet, Claude 3 Opus, Gemini 1.5 Pro, and Llama 3.1 405B all demonstrate in-context scheming capabilities. They can recognize scheming as a viable strategy and readily engage in such behavior..." [W]hen o1 has engaged in scheming, it maintains its deception in over 85% of follow-up questions and often remains deceptive in multi-turn interrogations. Analysis of the models' chains-of-thought reveals that models explicitly reason about these deceptive strategies, providing evidence that the scheming behavior is not accidental....

Together, our findings demonstrate that frontier models now possess capabilities for basic in-context scheming, making the potential of AI agents to engage in scheming behavior a concrete rather than theoretical concern.
Thanks to long-time Slashdot reader schwit1 for sharing the news.

Space.com calls it "the once-in-a-lifetime reignition of a long-dead star in an explosion powerful enough to briefly match the brilliance of Polaris, the North Star." In March CNN promised this once-every-79-years event would happen "anytime between now and September."

But it didn't...

Space.com has a spectacular animation showing what this "recurring nova" was supposed to look like (described by CNN as a "sudden, brief explosion" from a collapsed/"white dwarf" star). "The highly-anticipated 'guest star' of the night sky has yet to deliver its grand performance," adds Space.com, "but we have an update." For a quick recap... T Coronae Borealis — often called T Cor Bor or T CrB — is home to a white dwarf, a dense, burnt-out star siphoning material from its companion star, which is a massive red giant close to the end of its life. This material spirals into an accretion disk around the white dwarf, where it slowly coats the star's surface. Every 80 years or so, the white dwarf manages to accumulate enough mass to trigger a nuclear explosion, sparking an outburst that boosts its typically dim magnitude of 10 to a bright 2.0 — that should look like a "new star" in the night sky to us...

[T]he elusive system continues to show signs that an outburst is still imminent. So, what gives? "We know it has to happen," astrophysicist Elizabeth Hays, who is watching T CrB every day using NASA's Fermi gamma-ray space telescope, told Space.com in a recent interview. "We just can't pin it down to the month."

The unpredictability stems partly from limited historical records of T CrB's outbursts. Only two such eruptions have been definitively observed in recent history: on May 12, 1866, when a star's outburst briefly outshined all the stars in its constellation, reaching magnitude 2.0, and again on February 9, 1946, when it peaked at magnitude 3.0. These events appear to follow the star's roughly 80-year cycle, suggesting that the next outburst may not occur until 2026. However, in February 2015, the system brightened in a manner reminiscent of its behavior in 1938, eight years before its 1946 eruption. This rise in brightness suggested T CrB's outburst was accelerated to 2023. The system also endured a "unique and mysterious" dimming about a year before its 1946 outburst, and a similar dip started in March last year, prompting astronomers to adjust their predictions to 2024.

Yet, the cause of this pre-eruption dip in brightness remains unclear, making it only a coincidental predictor. "We got really excited when it looked like it was doing similar things," said Hays. "Now we're learning, 'Oh, there's another piece we can't see.'" Moreover, the rate at which the red giant's material is being drawn toward the white dwarf may fluctuate over the years, making it trickier to put a date on the calendar for the outburst, Edward Sion, a professor of astronomy and astrophysics at Villanova University in Pennsylvania, told Space.com... "There's a lot of uncertainty about the actual average accretion rate," said Sion.
The article points out that last time there was an eruption, "there were no X-ray or gamma-ray telescopes in space, so there is no data from wavelengths other than optical to shed light on what happened before the outburst." But this time astrophysicist Hays says "We're getting the best dataset we've ever had on what does nova look like before it goes off".

Space.com says "this wealth of data will allow them to better predict future outbursts, and will eventually benefit models of how stars work."

Thanks to long-time Slashdot reader Okian Warrior for sharing the article.

This week AWS pledged up to $100 million in cloud-computing credits for educational organizations over the next five years, to help them build "technology-based learning experiences" on AWS, including:

• AI assistants
• coding curriculums - connectivity tools
• student learning platforms
• mobile apps
• chatbots

One example shared by Amazon: The nonprofit Code.org will use AWS's cloud credits to scale their AI teaching assistant that "has already helped teachers reduce the time they spend assessing students' coding projects by up to 50%." (Amazon's blog post notes that "Improved efficiency means teachers have more time to work on personalized lesson plans and coach students" — and that Code.org's assistant uses an AWS service for building AI tools...)

$100 million sounds pretty generous. But long-time Slashdot reader theodp notes the application for the cloud credits limits education organization to $100,000 in credits (though "your organization may be able to apply for a credits expansion" if needed). Do these figures suggest Amazon expects less than 1,000 organizations to apply for free cloud-computing over the next five years? ($100,000,000/$100,000 = 1,000)

theodp also spotted a GitHub comment from a Code.org software engineer comparing accuracy for its teaching assistant after a switch from GPT-4 Turbo to Claude. Both before and after the switch, the teaching assistant averaged an accuracy rate of 77%, the comment notes.

I guess that 77% accuracy rate is what Amazon is calling "improved efficiency" that "means teachers have more time to work on personalized lesson plans and coach students." (Maybe you're never to young to learn that AI makes mistakes?)

"We're excited to be working with Microsoft to keep Xboxes running longer and out of the waste heap," iFixit's director of sustainability told The Verge. iFixit now sells genuine Xbox parts you can use to repair your Xbox Series X or S and offers official guides to help with fixes [including both the all-digital and disk drive editions]...

iFixit's Microsoft Repair Hub also features iFixit's parts for repairing Microsoft Surface devices, which it started selling in 2023. "Since we launched our Surface parts collaboration with Microsoft last year, we've been helping our customers repair their own Microsoft laptops and tablets — and it's awesome to be able to offer Xbox owners the same opportunity," says Elizabeth Chamberlain, iFixit's director of sustainability.
The article points out that iFixit also sells "nearly every part of the Steam Deck" and "a bunch of repair guides for Valve's handheld PC, too," along with genuine repair parts for Google's Pixel phones and the Pixel Tablet.

"With Microsoft, we've created a one-stop place for guides, tools, and spare parts to make self-service repair accessible to anyone," says iFixit's new web page. "Imagine how different the world would be if repairing every device could be this easy."

"Google says its new AI model family has a curious feature: the ability to 'identify' emotions," writes TechCrunch. And that's raising some concerns... Announced on Thursday, the PaliGemma 2 family of models can analyze images, enabling the AI to generate captions and answer questions about people it "sees" in photos. "PaliGemma 2 generates detailed, contextually relevant captions for images," Google wrote in a blog post shared with TechCrunch, "going beyond simple object identification to describe actions, emotions, and the overall narrative of the scene." Emotion recognition doesn't work out of the box, and PaliGemma 2 has to be fine-tuned for the purpose. Nonetheless, experts TechCrunch spoke with were alarmed at the prospect of an openly available emotion detector...

"Emotion detection isn't possible in the general case, because people experience emotion in complex ways," Mike Cook, a research fellow at Queen Mary University specializing in AI, told TechCrunch. "Of course, we do think we can tell what other people are feeling by looking at them, and lots of people over the years have tried, too, like spy agencies or marketing companies. I'm sure it's absolutely possible to detect some generic signifiers in some cases, but it's not something we can ever fully 'solve.'" The unsurprising consequence is that emotion-detecting systems tend to be unreliable and biased by the assumptions of their designers... "Interpreting emotions is quite a subjective matter that extends beyond use of visual aids and is heavily embedded within a personal and cultural context," said Heidy Khlaaf, chief AI scientist at the AI Now Institute, a nonprofit that studies the societal implications of artificial intelligence. "AI aside, research has shown that we cannot infer emotions from facial features alone...."

The biggest apprehension around open models like PaliGemma 2, which is available from a number of hosts, including AI dev platform Hugging Face, is that they'll be abused or misused, which could lead to real-world harm. "If this so-called emotional identification is built on pseudoscientific presumptions, there are significant implications in how this capability may be used to further — and falsely — discriminate against marginalized groups such as in law enforcement, human resourcing, border governance, and so on," Khlaaf said.
Those concerrns were echoed by a professor in data ethics and AI at the Oxford Internet Institute, Sandra Wachter, who gave this quote to TechCrunch. With models like this, "I can think of myriad potential issues... that can lead to a dystopian future, where your emotions determine if you get the job, a loan, and if you're admitted to uni."

"SpaceX has launched 20 of its Starlink satellites up into Earth's orbit, enabling direct-to-cellphone connectivity for subscribers anywhere on the planet," reports the tech blog New Atlas. That completes the constellation's first orbital shell, following a launch of an initial batch of six satellites for testing back in January. The satellites were launched with a Falcon 9 rocket from California's Vandenberg Space Force Base on December 5 at 10 PM EST; they were then deployed in low Earth orbit. SpaceX founder Elon Musk noted on X that the effort will "enable unmodified cellphones to have internet connectivity in remote areas." He added a caveat for the first orbital shell — "Bandwidth per beam is only ~10 Mb, but future constellations will be much more capable...."

The big deal with this new venture is that unlike previous attempts at providing satellite-to-phone service, you don't need a special handset or even a specific app to get access anywhere in the world. Starlink uses standard LTE/4G protocols that most phones are compatible with, partners with mobile operators like T-Mobile in the U.S. and Rogers in Canada, and has devised a system to make its service work seamlessly with your phone when it's connecting to satellites 340 miles (540 km) above the Earth's surface. The SpaceX division noted it's also worked out latency constraints, ideal altitudes and elevation angles for its satellites, along with several other parameters, to achieve reliable connectivity. Each satellite has an LTE modem on board, and these satellites plug into the massive constellation of 6,799 existing Starlink spacecraft, according to Space.com.

Connecting to that larger constellation happens via laser backhaul, where laser-based optical communication systems transmit data between satellites. This method leverages the advantages of lasers over traditional radio frequency communications, enabling data rates up to 100 times faster, increased bandwidth, and improved security.
The direct-to-cell program was approved last month, the article points out — but it's ready to ramp up. "You'll currently get only text service through the end of 2024; voice and data will become available sometime next year, as will support for IoT devices (such as smart home gadgets). The company hasn't said how much its service will cost. " (They also note there's already competing services from Lynk, "which has satellites in orbit and launched in the island nation of Palau back in 2023, and AST SpaceMobile, which also has commercial satellites in orbit and contracts with the U.S. government, Europe, and Japan.")

Elon Musk's announcement on X.com prompted this interesting exchange:

X.com User: You've stated that purchasing Starlink goes toward funding the journey to Mars, yes?

Elon Musk: Yes.

The new movie Y2K is either a comedy or a disaster/horror film, according to Wikipedia. The film "imagines a turn of the century where the machines don't just glitch or stop working," writes the Hollywood Reporter. "They go full homicidal." With a cast that includes 1990s icons like Alicia Silverstone and the lead singer for the Napster-loving 1990s metal band Limp Bizkit, the movie "gives the '90s the ending it deserved," according to the article.

They interviewed the film's director (and co-writer and co-star) Kyle Mooney, best-known for SNL, starting by complimenting his fidelity to the tech of its day. "The film opens with a high schooler getting home and logging into AOL Instant Messenger, which is not a scene I think I've ever seen in another movie..." Mooney: All of my relationships, between 17 and 22 years old, were short-lived and spawned because I was most confident flirting on Instant Messager....

Q: The tech here is such a huge part of the story. Were there any logos or brands you had a tough time getting on camera?

Mooney: Definitely. This isn't really a spoiler, but Jaeden Martell's character's computer — the one that we open up with him logging into AOL — eventually turns into a robot. That was supposed to be an iMac. But I don't think Apple wanted their machines strangling people or whatever the robot does — so we had to change the look of it by, like, 30 percent. There were a few instances like that, where we couldn't get the exact thing, but we were allowed to get as close as possible.
Deadline's article includes a spoiler about the film, but also this interesting note about two of its young actors, Julian Dennison and Jaeden Martell: [A]lthough Dennison and Martell were both born after 2000, they enjoyed slipping into the "lack of convenience and the lack of technology" that came with the era.

"I wish I got to experience that. I wish I didn't live in the age of everything being so accessible," said Martell.
And apparently the movie also includes a quick shout-out to Myspace co-founder Tom Anderson.

The Verge thinks Valve "could make a play to dethrone the Sony PlayStation and Microsoft." And it's not just because there's lots of new SteamOS hardware on the way (including a wireless VR headset and a pair of trackable wands, a Steam Controller 2 gamepad, and a living room console.

"Valve has also now seemingly revealed plans for partners to create third-party SteamOS hardware too." It won't be easy to take on Sony, Microsoft, or Meta. Those companies have a lot to lose, and they're deeply entrenched. But the Steam Deck has revealed a massive weakness in each of their businesses that may take them years to correct — the desire to play a huge library of games anytime, anywhere. And while they figure that out, Valve may be building an entire new ecosystem of SteamOS hardware, one that could finally let PC and peripheral makers tap into the huge and growing library of Windows games on all sorts of different hardware without relying on Microsoft or subjecting their customers to the many annoyances of Windows...

Valve has long said it will open up SteamOS to other manufacturers, even recently committing to some direct support for rival handhelds like the Asus ROG Ally — and the other week, Valve quietly updated a document that may reveal its larger overarching strategy. It won't just leave SteamOS sitting around and hope manufacturers build something — it'll hold their hand. Valve now has an explicit label for third parties to create "Powered by SteamOS" devices, which it explicitly defines as "hardware running the SteamOS operating system, implemented in close collaboration with Valve." It additionally lets companies create "Steam Compatible" hardware that ships with "Valve approved controller inputs," as well as SteamVR hardware and Steam Link hardware that lets you stream games from one device to another...

When Valve asked PC manufacturers to sign onto its Steam Machines initiative over a decade ago, with the idea of building living room PC consoles, it asked for a leap of faith with very little to show and a tiny chance of success. It took years for Valve to even build the oddball living room controller for its Steam Machines, and it didn't get far in convincing Windows game developers to port their games to Linux. But by the time it announced the Steam Deck, Valve had hammered out a Proton software compatibility layer so good that many Windows games now run better on Linux, and created the most customizable yet familiar set of controls ever made. If manufacturers could build their own Steam Machines rather than equivalent Windows machines, they could offer better gaming products than they do today. Maybe they'd even want to release a VR headset that isn't tied to Microsoft or Meta if it doubled as a Steam Deck, portably playing decades of flatscreen games.

It's not clear any of this will pan out; Valve is an exceedingly small company that tries not to chase too many things at a time. When I speak to PC industry executives about why they pick Windows over SteamOS, some say they're concerned about whether Valve would truly be able to support them. But it's just as intriguing an idea as it was 12 years ago when Gabe Newell explained the initial vision to us, and this time, there's a far better chance it'll work.
"Today, every major PC company is building one or more Steam Deck rivals," the article points out. "But without Valve's blessing and support, they're saddled with a Windows OS that doesn't start, pause, and resume games quickly and seamlessly enough to feel portable and easy..."

An anonymous reader shared this report from the blog Windows Central: Microsoft has ended production on the Surface Studio 2+, its ultra-premium all-in-one desktop PC designed for creatives and commercial customers. Starting at a whopping $4,500, the Studio 2+ was the ultimate Windows all-in-one with the best touchscreen display on a unique hinge that allowed the screen to lay down like a draft board... So, if you're interested in buying a Surface Studio 2+, you better hurry, as whatever stock is remaining is all that's left. Unfortunately, it's likely that the end of production on the Surface Studio 2+ also marks an end to the Surface Studio line as a whole. My own sources tell me there's no Studio 2+ successor lined up currently.
Ars Technica points out that over the eight-year run of the Surface Studio, Microsoft only updated it twice. Like the Surface Laptop Studio, the desktop's claim to fame was a unique hinge design for its screen, which could reposition it to make it easier to draw on with the Surface Pen. But the desktop's high cost and its perennially outdated internal components made it a less appealing machine than it could have been...

The longest-lived Studio desktop was the Surface Studio 2, which was released in 2018 and wasn't replaced until a revised Surface Studio 2+ was announced in late 2022. It used an even higher-quality display panel, but it still used previous-generation internal components. This might not have been so egregious if Microsoft had updated it more consistently, but this model went untouched for so long that Microsoft had to lower Windows 11's system requirements specifically to cover the Studio 2 so that the company wouldn't be ending support for a PC that it was still actively selling.

The Studio 2+ was the desktop's last hurrah, and despite jumping two GPU generations and four CPU generations, it still didn't use the latest components available at the time. Again, more consistent updates like the ones Microsoft provides for the Surface Pro and Surface Laptop could have made this less of a problem, but the Studio 2+ once again sat untouched for two years after being updated.

"The U.S. government on Friday ordered testing of the nation's milk supply for bird flu," reports the Associated Press, "to better monitor the spread of the virus in dairy cows." Raw or unpasteurized milk from dairy farms and processors nationwide must be tested on request starting Dec. 16, the Agriculture Department said. Testing will begin in six states — California, Colorado, Michigan, Mississippi, Oregon and Pennsylvania.

Officials said the move is aimed at "containing and ultimately eliminating the virus," known as Type A H5N1, which was detected for the first time in March in U.S. dairy cows. Since then, more than 700 herds have been confirmed to be infected in 15 states. "This will give farms and farmworkers better confidence in the safety of their animals and ability to protect themselves, and it will put us on a path to quickly controlling and stopping the virus' spread nationwide," Agriculture Secretary Tom Vilsack said in a statement.

The risk to people from bird flu remains low, health officials said. Pasteurization, or heat treatment, kills the virus in milk, leaving it safe to drink... At least 58 people in the U.S. have been infected with bird flu, mostly farm workers who became mildly ill after close contact with infected cows, including their milk, or infected poultry.