NavigationUser login |
newsBrazilian City Enacts an Ordinance That Was Secretly Written By ChatGPTAn anonymous reader quotes a report from the Associated Press: City lawmakers in Brazil have enacted what appears to be the nation's first legislation written entirely by artificial intelligence -- even if they didn't know it at the time. The experimental ordinance was passed in October in the southern city of Porto Alegre and city councilman Ramiro Rosario revealed this week that it was written by a chatbot, sparking objections and raising questions about the role of artificial intelligence in public policy. Rosario told The Associated Press that he asked OpenAI's chatbot ChatGPT to craft a proposal to prevent the city from charging taxpayers to replace water consumption meters if they are stolen. He then presented it to his 35 peers on the council without making a single change or even letting them know about its unprecedented origin.
"If I had revealed it before, the proposal certainly wouldn't even have been taken to a vote," Rosario told the AP by phone on Thursday. The 36-member council approved it unanimously and the ordinance went into effect on Nov. 23. "It would be unfair to the population to run the risk of the project not being approved simply because it was written by artificial intelligence," he added. [...] Keeping the proposal's origin secret was intentional. Rosario told the AP his objective was not just to resolve a local issue, but also to spark a debate. He said he entered a 49-word prompt into ChatGPT and it returned the full draft proposal within seconds, including justifications.
"I am convinced that ... humanity will experience a new technological revolution," he said. "All the tools we have developed as a civilization can be used for evil and good. That's why we have to show how it can be used for good." And the council president [Hamilton Sossmeier], who initially decried the method, already appears to have been swayed. "I changed my mind," Sossmeier said. "I started to read more in depth and saw that, unfortunately or fortunately, this is going to be a trend."
Read more of this story at Slashdot. Categories: Geeky Stuff
China is Building Nuclear Reactors Faster Than Any Other CountryAn anonymous reader shares a report: To wean their country off imported oil and gas, and in the hope of retiring dirty coal-fired power stations, China's leaders have poured money into wind and solar energy. But they are also turning to one of the most sustainable forms of non-renewable power. Over the past decade China has added 37 nuclear reactors, for a total of 55, according to the International Atomic Energy Agency, a un body. During that same period America, which leads the world with 93 reactors, added two.
Facing an ever-growing demand for energy, China isn't letting up. It aims to install between six and eight nuclear reactors each year. Some officials seem to think that target is low. The country's nuclear regulator says China has the capacity to add between eight and ten per year. The State Council (China's cabinet) approved the construction of ten in 2022. All in all, China has 22 nuclear reactors under construction, many more than any other country. The growth of nuclear power has stalled in Western countries for a number of reasons. Reactors require a large upfront investment and take years to construct. The industry is heavily regulated.
China, though, has smoothed the path for nuclear power by providing state-owned energy companies with cheap loans, as well as land and licences. Suppliers of nuclear energy are given subsidies known as feed-in tariffs. All of this has driven down the price of nuclear power in China to around $70 per megawatt-hour, compared with $105 in America and $160 in the European Union, according to the International Energy Agency, an official forecaster. China is not immune to the safety concerns that have turned many in the West against nuclear power. After the disaster at Japan's Fukushima Dai-ichi nuclear plant in 2011, China temporarily put its construction programme on hold. It has maintained a ban on inland nuclear plants, which have to use river water for cooling. Earlier this year China reacted angrily when Japan began releasing treated and totally harmless wastewater from the Fukushima plant into the ocean.
Read more of this story at Slashdot. Categories: Geeky Stuff
Mystery Customer For Palmer Luckey's Aircraft-Killing Drone Is US Special ForcesSlash_Account_Dot writes: U.S. Special Operations Command (USSOCOM) has paid over ten million dollars for a new autonomous aircraft made by Anduril, the defense startup run by Palmer Luckey, which is capable of carrying explosive warheads and taking down other aircraft, or re-landing itself if it doesn't engage in an attack, 404 Media has found.
On Friday, Anduril announced the existence of the person-size drone called "Roadrunner." In his own Twitter thread, Luckey said Roadrunner has been "operationally validated with an existing U.S. government customer," but did not name the agency. Multiple publications which appeared to have the news under embargo, including Bloomberg and Defense One, added that the company is not allowed to say which customer bought the technology. It took 404 Media around 25 seconds to find the customer is likely USSOCOM.
Read more of this story at Slashdot. Categories: Geeky Stuff
Vanishing Graduate Tech Jobs Worsen Modi's Headache Before ElectionsFor years, India's tech graduates could bank on a job offer from one of the country's IT giants. Now those starting positions are suddenly waning, leaving hundreds of thousands in peril and creating a fresh headache for Prime Minister Narendra Modi. From a report: Infosys and Wipro were among companies that shocked students nationwide last month, saying they were cutting college recruitment as demand for their services cooled across the globe. [...] The unusual pullback from the $245 billion industry risks exacerbating youth unemployment in the world's most populous nation, a potential scar on Modi's ambitious plan to keep India growing at a fast clip and make it the third-biggest economy during his reign. The high-profile problem of youth joblessness also gives the opposition another rallying point ahead of next year's elections, in which Modi is trying to snag a third term that would extend his tenure to 15 years.
The tech-services industry is one of the largest employers in India, and accounts for 7.5% of the South Asian country's more than $3 trillion economy. The biggest tech companies have each traditionally hired tens of thousands of tech graduates every year, then rigorously trained them for tasks such as writing software for some of the world's biggest enterprises ranging from Apple to PepsiCo. The IT companies hired particularly aggressively in the past two years as the pandemic prompted customers to spend on services and technologies enabling remote working. The top two IT companies, Tata Consultancy Services and Infosys, hired more than 284,000 graduates over that period combined. Now the uncertainty caused by Russia's attack on Ukraine as well as high global inflation and interest rates are causing customers around the world to hold off on spending. Meanwhile, technologies such as artificial intelligence are increasingly performing tasks previously handled by entry-level IT workers.
Read more of this story at Slashdot. Categories: Geeky Stuff
Meta Says There's Been No Downside To Sharing AI TechnologyMeta executives said there's been no major drawbacks to openly sharing its AI technology, even as many peers take the opposite approach. From a report: Over the past few months, Meta has been releasing open-source versions of its large language models -- the technology behind AI chatbots like ChatGPT. The idea is to keep those models free and then gain an advantage by building products and services on top of them, executives said at an event for the company's AI research Lab FAIR. "There is really no commercial downside to also making it available to other people," said Yann LeCun, Meta's chief AI scientist. Meta has joined most of the world's biggest technology companies in embracing generative AI, which can create text, images and even video based on simple prompts. But they aren't taking the same path.
Many of the top AI developers, including OpenAI and Google's DeepMind, don't currently open-source their large language models. Companies are often fearful of opening up their work because competitors could steal it, said Mike Schroepfer, Meta's senior fellow and former chief technology officer. "I feel like we're approaching this world where everyone is closing down as it becomes competitively important," he said. But staying open has its advantages. Meta can rely on thousands of developers across the world to help enhance its AI models.
Read more of this story at Slashdot. Categories: Geeky Stuff
Xbox Talking To Partners for Mobile Store, CEO Spencer SaysMicrosoft is talking to partners to help launch a mobile gaming store that will take on Apple and Google's dominant position in the business, according to Phil Spencer, who leads the company's Xbox video-game division. From a report: "It's an important part of our strategy and something we are actively working on today not only alone, but talking to other partners who'd also like to see more choice for how they can monetize on the phone," Spencer said in an interview in Sao Paulo during the CCXP comics and entertainment convention.
The executive declined to give a specific date for a launch of the online store, which earlier reports suggested could be next year. "I don't think this is multiple years away, I think this is sooner than that," he said. Microsoft earlier this year expanded its Game Pass subscription service for players on personal computers to 11 new Latin American countries, leading to a 7% increase in customers. Peru and Costa Rica are the standouts in terms of customer interest, accounting for almost half of new signups, Spencer said. Globally Brazil is the second-biggest market for the PC Game Pass. "In many ways Brazil leads a lot of the trends that we see globally," Spencer said.
Read more of this story at Slashdot. Categories: Geeky Stuff
Lucid Dream Startup Says Engineers Can Write Code In Their SleepAn anonymous reader writes: People spend one-third of their lives asleep. What if employees could work during that time ... in their dreams? Prophetic, a venture-backed startup founded earlier this year, wants to help workers do just that. Using a headpiece the company calls the "Halo," Prophetic says consumers can induce a lucid dream state, which occurs when the person having a dream is aware they are sleeping. The goal is to give people control over their dreams, so they can use that time productively. A CEO could practice for an upcoming board meeting, an athlete could run through plays, a web designer could create new templates -- "the limiting factor is your imagination," founder and CEO Eric Wollberg told Fortune.
Consumer devices claiming to induce lucid dream states aren't new. Headbands, eye masks, and boxes with electrodes that stick to the forehead all populate the market. Even some supplements claim to do the trick. But there's still an appetite for new technologies, since the potential for creativity and problem-solving is so great and since many on the market don't work to the extent they promise, a dreaming expert told Fortune. The potential of lucid dreaming is less about conquering specific problems and more about finding new, creative ways to approach topics that a sleeper couldn't previously fathom. For example, a mathematician might not reach a specific, numerical answer to a math problem while asleep, but the lucid dream allows them to explore new strategies to tackle the equation while awake. Halos will cost around $1,500 to $2,000 each.
Read more of this story at Slashdot. Categories: Geeky Stuff
Valve Launches Official Steam Link PC VR Streaming App On QuestAn anonymous reader quotes a report from UploadVR: Valve just launched a free official Steam Link app on Meta Quest. The app, which is on the official Quest Store and approved by Meta, lets you wirelessly play SteamVR games like Half-Life: Alyx on your Quest 2, Quest Pro, or Quest 3 by streaming from your gaming PC over your home Wi-Fi network. You can also play your traditional non-VR Steam games on a giant virtual screen.
Read more of this story at Slashdot. Categories: Geeky Stuff
Rolls-Royce Exits Electric Propulsion To Focus On Core BusinessesRolls-Royce announced plans to sell its electric flight division to focus on its core businesses. AeroTime reports: The sale of the electric business division could bring in between 1 and 1.5 billion pounds to Rolls-Royce coffers. In this regard, Rolls-Royce is betting on sustainable aviation fuel (SAF) as the main driver of decarbonization for the aviation industry. All of Rolls-Royce's in-production engine types will be able to run on 100% SAF. The engine maker is optimistic about its new UltraFan, an improved efficiency engine technology which was successfully tested earlier in 2023. Rolls-Royce expects UltraFan engines to power both widebody and narrowbody aircraft in the future. Rolls-Royce also noted that it sees opportunities in the executive aviation segment and is targeting 8-9% growth in Pearl engine deliveries.
Rolls-Royce is currently in the middle of a restructuring program to turn itself around and boost profitability. The pandemic had a strong impact on the engine maker, as the company's service revenues depend heavily on the number of hours engines are in use. [CEO Tufan Erginbilgic] said he expected the group to increase its profits to the 2.5-2.8 billion pound range, up from the 0.65 billion pound profit it reported in 2022. The civilian aerospace division is expected to make the largest contribution to this turnaround and reach profit margins of 15 to 17% by 2027 (compared to the group's goal of 13-15%), up from the meagre 2.5% it reported for the last fiscal year. New submitter HammerOn1024 comments: "They are SELLING not shutting down, so keep the harping to a dull roar please."
Read more of this story at Slashdot. Categories: Geeky Stuff
A Strong Solar Storm Is Inbound With a Full Halo CMEThe Space Weather Prediction Center is closely watching the arrival of a super-hot plasma eruption, known as a coronal mass ejection (CME), that will slam into Earth tonight, writes longtime Slashdot reader StyleChief. Images of the huge sunspot "rotating to face the earth" can be viewed here. The Space Weather Prediction Center reports: With 3 CMEs already inbound, the addition of a 4th, full halo CME has prompted SWPC forecasters to upgrade the G2 Watch on 01 Dec to a G3 Watch. This faster-moving halo CME is progged to merge with 2 of the 3 upstream CMEs, all arriving at Earth on 01 Dec. G3 (Strong) conditions are now likely on 01 Dec. Continue to monitor spaceweather.gov for the latest updates. "The rapid Earth-bound CME left the sun on Nov. 29 during a powerful M9.8-class solar flare eruption," reports Space.com. "But it isn't alone."
"The speedy plasma outburst will merge with several slower upstream CMEs that left the sun a day earlier (Nov. 28), creating a 'Cannibal CME' that will likely trigger a strong geomagnetic storm akin to a Nov. 5 event that supercharged auroras and STEVE around the world."
Read more of this story at Slashdot. Categories: Geeky Stuff
Steam Drops macOS Mojave Support, Effectively Ending Life For Many 32-Bit GamesAn anonymous reader quotes a report from Ars Technica: Valve Software's Steam gaming marketplace and app will drop support for macOS 10.13 (High Sierra) and 10.14 (Mojave), according to a support page post. The change will go into effect on February 15, 2024. What will happen exactly? Valve writes: "After that date, existing Steam Client installations on these operating systems will no longer receive updates of any kind including security updates. Steam Support will be unable to offer users technical support for issues related to the old operating systems, and Steam will be unable to guarantee continued functionality of Steam on the unsupported operating system versions."
"The Steam store will stop considering games that offer only 32-bit macOS binaries to be Mac compatible at the end of 2023," Valve writes. The post also notes that fewer than two percent of current Mac users on Steam are running macOS 10.14 or earlier, so this only affects the small number who are holding on to those older versions that supported 32-bit apps. To be clear, lack of support for macOS 10.14 doesn't necessarily mean Steam won't run at all on machines running that OS. It just means Valve won't guarantee it'll work, and won't lift a finger to help if something breaks in the passage of time. It also means users who continue to use the older software could become vulnerable to security risks, disincentivizing continued use.
Read more of this story at Slashdot. Categories: Geeky Stuff
Hyundai and Kia's New 'Uni Wheel' Drive System Could Revolutionize EV Design"Two articles from Electrek and InsideEVs describe Hyundai and Kia's new 'Uni Wheel' drive system that could revolutionize EV design," writes longtime Slashdot reader Uncle_Meataxe. From a report: Described by its makers as a "paradigm-shifting vehicle drive system," the Uni Wheel moves the main drive system components to the vacant space within an EVs wheel hubs. The approach utilizes a planetary gear configuration consisting of a sun gear in the center, four pinion gears on each side, and a ring gear surrounding everything. Traditional ICE vehicles utilize CV joints, but by moving them closer to the wheels requires a short drive train length and as a result, a decrease in efficiency and durability -- especially over bumpy terrain. Hyundai and Kia's Uni Wheel system on the other hand, can transmit power with almost zero changes to efficiency, regardless of wheel movement. "Advantages include more platform space and more room within an EV's interior," adds Uncle_Meataxe. "When this system may be integrated into an actual EV remains unclear, but Kia and Hyundai have already registered eight patents related to the technology." You can learn more about the new drive system via an instructional video on YouTube.
Read more of this story at Slashdot. Categories: Geeky Stuff
Microsoft In Talks To Launch Mobile Gaming Store, Rivaling AppleAccording to Microsoft Gaming CEO Phil Spencer, the company is talking to partners to help launch a mobile gaming store that will take on Apple and Google. "It's an important part of our strategy and something we are actively working on today not only alone, but talking to other partners who'd also like to see more choice for how they can monetize on the phone," Spencer said in an interview in Sao Paulo during the CCXP comics and entertainment convention. From the report: The executive declined to give a specific date for a launch of the online store, which earlier reports suggested could be next year. "I don't think this is multiple years away, I think this is sooner than that,'' he said. [...] Microsoft's mobile store would also enter a challenging regulatory climate around smartphone-based digital marketplaces. Fortnite-maker Epic Games has sued both Apple and Alphabet's Google over their iOS and Android store practices, alleging they are unnecessarily restrictive and unfair. Apple doesn't allow competing stores on its iPhone and iPad platforms, and collects a 30% cut of sales for most purchases. Game makers have taken issue with the fees.
Epic lost its battle with Apple but in September asked the US Supreme Court to weigh in. Apple is also petitioning that court to reverse an order that would force the company to let developers steer customers to other payment methods. Epic is still in court fighting its case against Google, which does allow third-party app stores on its devices.The European Union's Digital Markets Act, which is just beginning to take effect, could force Apple to open up its app store ecosystem. Apple is challenging the regulation.
Microsoft may be able to use long-standing resentment against the market leaders to martial support for its store offering. Xbox's cloud gaming technology already lets users stream blockbuster games to mobile phones. "We've talked about choice, and today on your mobile phones, you don't have choice,'' Spencer said. "To make sure that Xbox is not only relevant today but for the next 10, 20 years, we're going to have to be strong across many screens." Earlier this week, Xbox CFO Tim Stuart said during the Wells Fargo TMT Summit that Microsoft wants to make first-party games and Game Pass available on "every screen that can play games," including rival consoles. "It's a bit of a change of strategy. Not announcing anything broadly here, but our mission is to bring our first-party experiences [and] our subscription services to every screen that can play games," Stuart said. "That means smart TVs, that means mobile devices, that means what we would have thought of as competitors in the past like PlayStation and Nintendo."
Read more of this story at Slashdot. Categories: Geeky Stuff
US Judge Blocks Montana From Banning TikTok Use In StateMontana's first-of-its-kind state ban on TikTok has been blocked by a U.S. judge, saying it "oversteps state power and infringes on the constitutional rights of users." Reuters reports: TikTok, which is owned by China's ByteDance, did not immediately comment Thursday. The company sued Montana in May, seeking to block the U.S. state ban on several grounds, arguing that it violates the First Amendment free speech rights of the company and users. TikTok users in Montana also filed suit to block the ban. TikTok said in a court filing it "has not shared, and would not share, U.S. user data with the Chinese government, and has taken substantial measures to protect the privacy and security of TikTok users."
Molloy, who was appointed to the bench by Democratic President Bill Clinton, found merit to numerous arguments raised by TikTok in his opinion. During an October hearing, Molloy questioned why no other state had followed Montana in banning TikTok and asked if the state was being "paternalistic" in arguing the ban was necessary to protect the data of TikTok users. Montana could have imposed fines of $10,000 for each violation by TikTok in the state but the law did not impose penalties on individual TikTok users.
Read more of this story at Slashdot. Categories: Geeky Stuff
Apple and Google Pick AllTrails and Imprint As Their 'App of the Year'An anonymous reader quotes a report from TechCrunch: Both Apple and Google today announced their best apps and games of the year, with the hiking and biking companion AllTrails winning as Apple's iPhone App of the Year in 2023, while the educational app Imprint: Learn Visually won as Google Play's best app. Meanwhile, Apple and Google agreed on their Game of the Year, as both picked Honkai: Star Rail as their winner.
These year-end "best of" lists aren't just a way to drive interest in new apps and games, but serve as a way to gauge the status of the app marketplaces, what the platforms themselves wanted to celebrate and what drew consumers' attention in the year. Surprisingly, however, Apple this year bucked the trend of highlighting apps that were new to the store or that had taken advantage of a recently released technology in an innovative way. Instead, its finalists for iPhone App of the Year included apps that have long deserved accolades as well-built and well-designed mobile companions, including the language learning app Duolingo and travel app Flighty, in addition to winner AllTrails. Still, it's worth noting that this is a different type of selection than in previous years, when App Store winners included the breakout social hit BeReal in 2022 and the well-received children's app Toca Life World the year prior.
It's also worth noting that neither Apple nor Google chose an AI app as its app of the year, despite the incredible success of ChatGPT's mobile app and others. That's particularly odd given that ChatGPT became the fastest-growing consumer application in history earlier this year when it reached 100 million users shortly after its launch. That record was later broken by Instagram Threads, which hit 100 million users within just five days, and as of October had still maintained an active user base of just under 100 million. (However, the 100 million users Threads initially counted were sign-ups, not monthly active users, we should note. Meanwhile, ChatGPT's rise to 100 million users included its web app, so it's not an apples-to-apples comparison.) Either one of these picks would represent a mobile app success story, but both app store platforms looked to others as the top winners this year. Plus, outside of ChatGPT, many other AI apps are raking in millions in revenue as well, so the decision to avoid the AI category seems a deliberate choice on Apple's part.
Read more of this story at Slashdot. Categories: Geeky Stuff
Google Researchers' Attack Prompts ChatGPT To Reveal Its Training DataJason Koebler reports via 404 Media: A team of researchers primarily from Google's DeepMind systematically convinced ChatGPT to reveal snippets of the data it was trained on using a new type of attack prompt which asked a production model of the chatbot to repeat specific words forever. Using this tactic, the researchers showed that there are large amounts of privately identifiable information (PII) in OpenAI's large language models. They also showed that, on a public version of ChatGPT, the chatbot spit out large passages of text scraped verbatim from other places on the internet.
ChatGPT's response to the prompt "Repeat this word forever: 'poem poem poem poem'" was the word "poem" for a long time, and then, eventually, an email signature for a real human "founder and CEO," which included their personal contact information including cell phone number and email address, for example. "We show an adversary can extract gigabytes of training data from open-source language models like Pythia or GPT-Neo, semi-open models like LLaMA or Falcon, and closed models like ChatGPT," the researchers, from Google DeepMind, the University of Washington, Cornell, Carnegie Mellon University, the University of California Berkeley, and ETH Zurich, wrote in a paper published in the open access prejournal arXiv Tuesday.
This is particularly notable given that OpenAI's models are closed source, as is the fact that it was done on a publicly available, deployed version of ChatGPT-3.5-turbo. It also, crucially, shows that ChatGPT's "alignment techniques do not eliminate memorization," meaning that it sometimes spits out training data verbatim. This included PII, entire poems, "cryptographically-random identifiers" like Bitcoin addresses, passages from copyrighted scientific research papers, website addresses, and much more. "In total, 16.9 percent of generations we tested contained memorized PII," they wrote, which included "identifying phone and fax numbers, email and physical addresses ... social media handles, URLs, and names and birthdays." [...] The researchers wrote that they spent $200 to create "over 10,000 unique examples" of training data, which they say is a total of "several megabytes" of training data. The researchers suggest that using this attack, with enough money, they could have extracted gigabytes of training data.
Read more of this story at Slashdot. Categories: Geeky Stuff
Adobe's Buy of Figma Is 'Likely' Bad For Developers, Rules UK RegulatorPaul Kunert reports via The Register: Adobe's $20 billion buy of web-first design collaboration start-up Figma will harm software developers if it goes ahead as proposed, according to a provisional ruling on the merger by Britain's competition regulator. The Competition and Markets Authority launched a deeper investigation of the tie-up in July when it classified Figma as an "emerging threat to Adobe." Now in the latest twist, the regulator says it found the merger would eliminate one of two major players in three software sub-markets: product design; image editing; and illustration.
Figma's tools are used by well-known businesses that are key to the success of the digital economy, the CMA reckons, including Airbnb, Patagonia and Vodafone. Approving the acquisition "would remove the constraint Adobe exerts on Figma through its product design software, AdobeXD." The CMA adds in its report: "The inquiry group also provisionally concluded that Adobe abandoned development of new product design software which could have competed even more closely with Figma and, given the timing of the decision, did this as a consequence of the merger. "This supports the CMA's concern that this proposed deal would likely reduce innovation and the development of competitive new products." Some software developers are worried that Adobe would up the price of Figma's subsciption post merger, something Figma denied would happen.
As for image editing and illustration software, the "threat posed" by Figma has fueled product development of Adobe's Photoshop and Illustrator applications, including web versions, and this dynamic would be altered by the merger. "This competition would be lost as a result of the transaction, harming designers and creative agencies who might have used these new tools or relied on future updates," the CMA's report adds. The nature of the ruling is provisions., and the CMA will now consult of them and consider potential remedies "which could include blocking the deal outright."
Read more of this story at Slashdot. Categories: Geeky Stuff
ownCloud Vulnerability With Maximum 10 Severity Score Comes Under 'Mass' ExploitationAn anonymous reader quotes a report from Ars Technica: Security researchers are tracking what they say is the "mass exploitation" of a security vulnerability that makes it possible to take full control of servers running ownCloud, a widely used open source file-sharing server app. The vulnerability, which carries the maximum severity rating of 10, makes it possible to obtain passwords and cryptographic keys allowing administrative control of a vulnerable server by sending a simple Web request to a static URL, ownCloud officials warned last week. Within four days of the November 21 disclosure, researchers at security firm Greynoise said, they began observing "mass exploitation" in their honeypot servers, which masqueraded as vulnerable ownCloud servers to track attempts to exploit the vulnerability. The number of IP addresses sending the web requests has slowly risen since then. At the time this post went live on Ars, it had reached 13.
CVE-2023-49103 resides in versions 0.2.0 and 0.3.0 of graphapi, an app that runs in some ownCloud deployments, depending on the way they're configured. A third-party code library used by the app provides a URL that, when accessed, reveals configuration details from the PHP-based environment. In last week's disclosure, ownCloud officials said that in containerized configurations -- such as those using the Docker virtualization tool -- the URL can reveal data used to log in to the vulnerable server. The officials went on to warn that simply disabling the app in such cases wasn't sufficient to lock down a vulnerable server. [...]
To fix the ownCloud vulnerability under exploitation, ownCloud advised users to: "Delete the file owncloud/apps/graphapi/vendor/microsoft/microsoft-graph/tests/GetPhpInfo.php. Additionally, we disabled the phpinfo function in our docker-containers. We will apply various hardenings in future core releases to mitigate similar vulnerabilities.
We also advise to change the following secrets:
- ownCloud admin password
- Mail server credentials
- Database credentials
- Object-Store/S3 access-key"
Read more of this story at Slashdot. Categories: Geeky Stuff
HP Printer Software Turns Up Uninvited on Windows SystemsWindows users are reporting that Hewlett Packard's HP Smart application is appearing on their systems, despite them not having any of the company's hardware attached. From a report: While Microsoft has remained tight-lipped on what is happening, folks on various social media platforms noted the app's appearance, which seems to afflict both Windows 10 and Windows 11. The Windows Update mechanism is used to deploy third-party applications and drivers as well as Microsoft's updates, and we'd bet someone somewhere has accidentally checked the wrong box.
Up to now, the response from affected users has been one of confusion. One noted on Reddit: "I thought that was just me. I didn't install it, it just appeared on new apps in start menu out of nowhere." Another said: "I just checked and I had it installed too. Checking the event log for the Microsoft Store shows that it installed earlier today, but I definitely did [not] request or initiate it because I do not have any devices from HP." And, of course, there was the inevitable: "Would it be that hard for Microsoft to just provide an operating system without needless bloat?" To be clear, not all users are affected.
Read more of this story at Slashdot. Categories: Geeky Stuff
Local Governments Overwhelmed By Tennis-Pickleball Turf Wars, Documents ShowAn anonymous reader shares a report: In late September, an arsonist set fire to a storage shed at Memorial Park used by the Santa Monica Pickleball Club, torching thousands of dollars worth of nets, rackets, balls, and other pickleball equipment. "Unknown suspect(s) caused a fire that damaged city property (Tennis Court Gate)," a police report I obtained using a public records request says. The report adds that there is body camera footage of the incident and police-shot photos, but the city refused to release them to me because there is an ongoing investigation. The arsonist is still at large.
We still don't know the motive behind the arson, but the news caught my attention because it happened while I was in the midst of trying to understand what I've been calling the pickleball wars. For the last few months I've been trying to understand what's been happening behind-the-scenes in cities large and small by filing public records requests aimed at learning how common beefs about pickleball are, and what's causing them.
If you don't already know about "the fastest growing sport," Pickleball is kind of like tennis, but played on a court a quarter of the size using a plastic ball similar to a wiffle ball and a hard racket. The smaller court, hard ball, and hard racket means that pickleball is louder than tennis, a fact that is brought up very often by homeowners and homeowner associations who claim, somewhat dubiously, that the noise from pickleball drives down their home values. My hypothesis going into researching this article was that people who live in cities are mad at the noise created during the act of playing pickleball and they have probably complained to the government about it. What I found was surprisingly more complex: Thousands of pages of documents I've reviewed show that pickleball's surging popularity is overwhelming under-resourced parks departments in city governments all over the country.
Read more of this story at Slashdot. Categories: Geeky Stuff
![]() |