mjfisher.net

Latest News

Last updated 17 Apr, 04:13 AM

BBC News

Top Foreign Office official to leave post after Mandelson vetting row - It comes after it emerged the peer failed security vetting but the Foreign Office still allowed him to take up the post.

Chris Mason: Mandelson nightmare haunts Starmer again, as senior figure effectively sacked - The prime minister is believed to be absolutely furious over the handling of Lord Mandelson's vetting, Chris Mason writes.

UK seeks closer EU ties in volatile times - but at what cost? - The UK is adopting a "ruthlessly pragmatic" approach to becoming closer to its European neighbours, the UK's EU minister tells the BBC.

Singer D4vd arrested in connection with death of missing teen girl - The remains of 14-year-old Celeste Rivas Hernandez were found in the singer's car last year.

Finance ministers and top bankers raise serious concerns about Mythos AI model - Experts say Mythos potentially has an unprecedented ability to identify and exploit cybersecurity weaknesses.

The Register

IPv6 carried half of internet traffic – for one day, according to Google - We're not half way there, we're still livin' on a prayer IPv6 carried half of global traffic for a single day in March, according to Google.…

Anthropic won't own MCP 'design flaw' putting 200K servers at risk, researchers say - Bug or feature? A design flaw – or expected behavior based on a bad design choice, depending on who is telling the story – baked into Anthropic's official Model Context Protocol (MCP) puts as many as 200,000 servers at risk of complete takeover, according to security researchers.…

Mozilla throws Thunderbolt at enterprise AI providers - Client connects to deepset's Haystack platform Mozilla has declared war on OpenAI, Microsoft, and other firms flogging enterprise AI platforms with an open-source alternative it says provides data privacy guarantees proprietary products never could. …

NodeWeaver says its perpetual licensing beats VMware’s perpetual price hikes - 'I think you can run this thing on a potato,' NodeWeaver CTO Alan Conboy said. Broadcom's price increases and policy changes have led many VMware customers to look for other options. Nodeweaver is positioning itself as an alternative for customers running computing workloads in far-flung edge locations, from cruise ships to solar farms in Sub-Saharan Africa, and it is taking cost out of the hardware needed as well.…

Anthropic squeezes enterprises by ejecting bundled tokens from seat deal - Large organizations pushed toward metered pricing UPDATED More bad news for Claude users. Anthropic has revised its seat-based pricing for enterprise customers, shifting them to a new pricing plan upon contract renewal.…

New Scientist - Home

Our dreams become more emotive and symbolic as we approach death - Terminally ill people are commonly reunited with lost loved ones in their dreams and have visions of doors, stairways and light, which are said to help them accept the dying process

How to spot the Lyrid meteor shower tonight - The Lyrid meteor shower will soon hit its peak. Here's how to spot it, including by using the New Scientist stargazing companion

Neanderthal infants were enormous compared with modern humans - A detailed analysis of the best-preserved Neanderthal infant skeleton ever found suggests that our ancient relatives grew much faster as young children

Exclusive report: Inside Chernobyl, 40 years after nuclear disaster - New Scientist reporter Matthew Sparkes secured unrivalled access to Chernobyl's most crucial scientific sites, where researchers are fighting to protect the area and ensure it remains safe amid the constant threat of attack from Russia

What to read this week: Emma Chapman's mind-expanding Radio Universe - An imaginative and compelling book reveals how radio waves help us tune in to our universe – and even search for alien civilisations, says Karmela Padavic-Callaghan

Hacker News

Claude Opus 4.7 - Comments

Codex for almost everything - Comments

CadQuery is an open-source Python library for building 3D CAD models - Comments

Guy builds AI driven hardware hacker arm from duct tape, old cam and CNC machine - Comments

Show HN: Spice simulation → oscilloscope → verification with Claude Code - Comments

Slashdot

Sperm Whales' Communication Closely Parallels Human Language, Study Finds - An anonymous reader quotes a report from the Guardian: We may appear to have little in common with sperm whales – enormous, ocean-dwelling animals that last shared a common ancestor with humans more than 90 million years ago. But the whales' vocalized communications are remarkably similar to our own, researchers have discovered. Not only do sperm whale have a form of "alphabet" and form vowels within their vocalizations but the structure of these vowels behaves in the same way as human speech, the new study has found. Sperm whales communicate in a series of short clicks called codas. Analysis of these clicks shows that the whales can differentiate vowels through the short or elongated clicks or through rising or falling tones, using patterns similar to languages such as Mandarin, Latin and Slovenian. The structure of the whales' communication has "close parallels in the phonetics and phonology of human languages, suggesting independent evolution," the paper, published in the Proceedings B journal, states. Sperm whale coda vocalizations are "highly complex and represent one of the closest parallels to human phonology of any analyzed animal communication system," it added. [...] The new study shows that "sperm whale communication isn't just about patterns of clicks -- it involves multiple interacting layers of structure," said Mauricio Cantor, a behavioral ecologist at the Marine Mammal Institute who was not involved in the research. "With this study, we're starting to see that these signals are organized in ways we didn't fully appreciate before." The latest discovery around sperm whale speech has inched forward the possibility of someday fully understanding the creatures and even communicating with them. Project CETI has set a goal of being able to comprehend 20 different vocalized expressions, relating to actions such as diving and sleeping, within the next five years. A future where we're able to fully understand what the whales are saying and be able to have a conversation with them is "totally within our grasp," said David Gruber, founder and president of Project CETI. "We've already got a lot further than I thought we could. But it will take time, and funding. At the moment we are like a two-year-old, just saying a few words. In a few years' time, maybe we will be more like a five-year-old." Read more of this story at Slashdot.

'TotalRecall Reloaded' Tool Finds a Side Entrance To Windows 11 Recall Database - An anonymous reader quotes a report from Ars Technica: Two years ago, Microsoft launched its first wave of "Copilot+" Windows PCs with a handful of exclusive features that could take advantage of the neural processing unit (NPU) hardware being built into newer laptop processors. These NPUs could enable AI and machine learning features that could run locally rather than in someone's cloud, theoretically enhancing security and privacy. One of the first Copilot+ features was Recall, a feature that promised to track all your PC usage via screenshot to help you remember your past activity. But as originally implemented, Recall was neither private nor secure; the feature stored its screenshots plus a giant database of all user activity in totally unencrypted files on the user's disk, making it trivial for anyone with remote or local access to grab days, weeks, or even months of sensitive data, depending on the age of the user's Recall database. After journalists and security researchers discovered and detailed these flaws, Microsoft delayed the Recall rollout by almost a year and substantially overhauled its security. All locally stored data would now be encrypted and viewable only with Windows Hello authentication; the feature now did a better job detecting and excluding sensitive information, including financial information, from its database; and Recall would be turned off by default, rather than enabled on every PC that supported it. The reconstituted Recall was a big improvement, but having a feature that records the vast majority of your PC usage is still a security and privacy risk. Security researcher Alexander Hagenah was the author of the original "TotalRecall" tool that made it trivially simple to grab the Recall information on any Windows PC, and an updated "TotalRecall Reloaded" version exposes what Hagenah believes are additional vulnerabilities. The problem, as detailed by Hagenah on the TotalRecall GitHub page, isn't with the security around the Recall database, which he calls "rock solid." The problem is that, once the user has authenticated, the system passes Recall data to another system process called AIXHost.exe, and that process doesn't benefit from the same security protections as the rest of Recall. "The vault is solid," Hagenah writes. "The delivery truck is not." The TotalRecall Reloaded tool uses an executable file to inject a DLL file into AIXHost.exe, something that can be done without administrator privileges. It then waits in the background for the user to open Recall and authenticate using Windows Hello. Once this is done, the tool can intercept screenshots, OCR'd text, and other metadata that Recall sends to the AIXHost.exe process, which can continue even after the user closes their Recall session. "The VBS enclave won't decrypt anything without Windows Hello," Hagenah writes. "The tool doesn't bypass that. It makes the user do it, silently rides along when the user does it, or waits for the user to do it." A handful of tasks, including grabbing the most recent Recall screenshot, capturing select metadata about the Recall database, and deleting the user's entire Recall database, can be done with no Windows Hello authentication. Once authenticated, Hagenah says the TotalRecall Reloaded tool can access both new information recorded to the Recall database as well as data Recall has previously recorded. "We appreciate Alexander Hagenah for identifying and responsibly reporting this issue. After careful investigation, we determined that the access patterns demonstrated are consistent with intended protections and existing controls, and do not represent a bypass of a security boundary or unauthorized access to data," a Microsoft spokesperson told Ars. "The authorization period has a timeout and anti-hammering protection that limit the impact of malicious queries." Read more of this story at Slashdot.

OpenAI's Big Codex Update Is a Direct Shot At Claude Code - OpenAI is updating Codex with more agent-like capabilities, positioning it as a more direct rival to Anthropic's Claude Code. Some of the new features include the ability to operate macOS desktop apps, browse the web inside the app, generate images, use new workplace plug-ins, and remember useful context from past tasks. The Verge reports: Codex will now be able to operate desktop apps on your computer, OpenAI says in a blog post announcing the update. It can work in the background, meaning it won't interfere with your own work in other apps, and multiple agents can work in parallel. For developers, OpenAI says "this is helpful for testing and iterating on frontend changes, testing apps, or working in apps that don't expose an API." The feature will start rolling out to Codex desktop app users signed in with ChatGPT today and will initially be limited to macOS. OpenAI did not indicate a timeline for when use will expand to other operating systems. EU users will also have to wait, it said, adding that the update will roll out to users there "soon." Codex is also getting the ability to generate and iterate on images with gpt-image-1.5, new plug-ins for tools like GitLab, Atlassian Rovo, and Microsoft Suite, and native web browsing through an in-app browser, "where you can comment directly on pages to provide precise instructions to the agent." OpenAI also said it will also be easier to automate tasks, with users able to re-use existing conversation threads and Codex now able to schedule future work for itself and wake up automatically to continue on a long-term task. Codex will also be getting a memory feature allowing it to remember useful context from past experience, such as personal preferences, corrections, and information that took time to gather. OpenAI said it hopes the opt-in feature, which will be released as a preview, will help future tasks complete faster and to a quality that previously required detailed custom instructions. The personalization features will roll out to Enterprise, Edu, and EU users "soon." Read more of this story at Slashdot.

Is Linux Mint In Trouble? - BrianFagioli writes: The developers behind Linux Mint say the project is rethinking its release strategy and moving toward a longer development cycle, with the next version now expected around Christmas 2026. In a monthly update, project lead Clement Lefebvre said the team reached a "crossroads" and needs more flexibility to fix bugs, improve the desktop, and adapt to rapid changes across the Linux ecosystem. The upcoming development build, temporarily called Mint 23 "Alfa," is currently based on Ubuntu 26.04 LTS and includes Linux kernel 7.0, an unstable build of Cinnamon 6.7, and early Wayland related work. Mint is also replacing the long used Ubiquity installer with "live-installer," the same tool used by Linux Mint Debian Edition, allowing the project to unify installation infrastructure across its Ubuntu based and Debian based variants. While the team frames the changes as an opportunity to improve quality and reduce maintenance overhead, the shift has raised questions about the project's long term direction and whether Linux Mint may eventually lean more heavily on its Debian roots rather than its traditional Ubuntu base. Read more of this story at Slashdot.

Europe Has 'Maybe 6 Weeks of Jet Fuel Left' - The head of the International Energy Agency warned that Europe may have only "six weeks or so" of jet fuel left if oil supplies remain blocked by the Iran war and the Strait of Hormuz stays disrupted. The Associated Press reports: IEA Executive Director Fatih Birol painted a sobering picture of the global repercussions of what he called "the largest energy crisis we have ever faced," stemming from the pinch-off of oil, gas and other vital supplies through the Strait of Hormuz. "In the past there was a group called 'Dire Straits.' It's a dire strait now, and it is going to have major implications for the global economy. And the longer it goes, the worse it will be for the economic growth and inflation around the world," he told The Associated Press. The impact will be "higher petrol (gasoline) prices, higher gas prices, high electricity prices," said Birol, speaking in his Paris office looking out over the Eiffel Tower. Economic pain will be felt unevenly and "the countries who will suffer the most will not be those whose voice are heard a lot. It will be mainly the developing countries. Poorer countries in Asia, in Africa and in Latin America," said the Turkish economist and energy expert who has led the IEA since 2015. But without a settlement of the Iran war that permanently reopens the Strait of Hormuz, "Everybody is going to suffer," he added. "Some countries may be richer than the others. Some countries may have more energy than the others, but no country, no country is immune to this crisis," he said. Read more of this story at Slashdot.