mjfisher.net

Latest News

Last updated 08 Apr, 04:04 AM

BBC News

Iran ceasefire deal a partial win for Trump - but at a high cost - The path to the two-week ceasefire with Iran may have fundamentally altered the way the rest of the world views the US.

What we know about the two-week ceasefire between the US and Iran - The provisional truce comes more than a month after the US and Israel launched coordinated attacks on Iran.

Oil plunges after US-Iran ceasefire deal to reopen Strait of Hormuz - The agreement was announced not long before Trump's Tuesday evening deadline was reached.

Why the Strait of Hormuz matters so much in the Iran war - Tehran says it has agreed to open the Strait of Hormuz for two weeks "if attacks against Iran are halted".

Wireless Festival cancelled after Kanye West blocked from coming to UK - West was due to headline the festival in July but drew criticism over past antisemitic comments.

The Register

Anthropic: All your zero-days are belong to Mythos - Hasn't released it to the public, because it would break the internet - in a bad way For years, the infosec community’s biggest existential worry has been quantum computers blowing away all classical encryption and revealing the world’s secrets. Now they have a new Big Bad: an AI model that can generate zero-day vulnerabilities.…

Iran cyber actors disrupting US water, energy facilities, FBI warns - Your PLCs aren't internet-connected, right? Right?! Iranian-affiliated actors have escalated intrusions targeting critical US water and energy facilities, in some cases disrupting operations, the FBI and American cyber defense agencies said on Tuesday.…

Nutanix thinks some Azure cloud desktops belong on-prem to make them usable - Also asserts it can beat Cisco's homebrew hypervisor for calling apps .NEXT Nutanix has teamed with Microsoft to bring cloudy desktops on-prem, using its extensive desktop virtualization (VDI) experience to make it work.…

Cloudflare, GoDaddy team up to curb AI bot brigades - Pair backs scraper blocking and standards to separate trusted agents from bad bots Citing the need to adapt to an internet increasingly serving the needs of AI agents without considering the needs of site owners, Cloudflare and GoDaddy are partnering on efforts to control how AIs crawl the web and interact with web content.…

AWS CEO: It's funny when people ask me if AI is overhyped - Matt Garman sounds the alarm but plays down the SaaS-pocalypse at Human[X] Stefan Weitz, CEO and co-founder of the Human[X] conference, welcomed attendees to the AI-focused bitshow in San Francisco with the promise that they would receive no certainty and no playbook.…

New Scientist - Home

How a century-long argument over light’s true nature came to an end - Two of the forefathers of quantum theory, Albert Einstein and Niels Bohr, had a famous argument over whether light is a wave or a particle. Columnist Karmela Padavic-Callaghan finds that the matter has been settled once and for all

The most stunning pictures from Artemis II’s flyby of the moon - The crew of NASA’s Artemis II mission have captured extraordinary views of the moon, including close-ups of the far side and a breathtaking solar eclipse

I don’t see images in my head. Can training give me a mind’s eye? - Training programmes for people with aphantasia – the inability to create mental images – are challenging neuroscientists' understanding of how we create thoughts

Migraines could be treated by ramping up the brain's cleaning system - Amplifying the brain's waste disposal system seems to clear a substance that drives migraines, relieving some of the pain associated with the condition

Are manure digesters a real solution to dairy farm emissions? - Anaerobic digesters converting manure to biogas reduce methane emissions from livestock, but incentives for them have encouraged factory farms to get bigger

Hacker News

OpenAI says its new model GPT-2 is too dangerous to release (2019) - Comments

US and Iran agree to provisional ceasefire - Comments

Project Glasswing: Securing critical software for the AI era - Comments

Lunar Flyby - Comments

Slightly safer vibecoding by adopting old hacker habits - Comments

Slashdot

Russian Government Hackers Broke Into Thousands of Home Routers To Steal Passwords - An anonymous reader quotes a report from TechCrunch: A group of Russian government hackers have hijacked thousands of home and small business routers around the world as part of an ongoing campaign aimed at redirecting victim's internet traffic to steal their passwords and access tokens, security researchers and government authorities warned on Tuesday. [...] The hacking group targeted unpatched routers made by MikroTik and TP-Link using previously disclosed vulnerabilities according to the U.K. government's cybersecurity unit NCSC and Lumen's research arm Black Lotus Labs, which released new details of the campaign Tuesday. According to the researchers, the hackers were able to spy on large numbers of people over the course of several years by compromising their routers, many of which run outdated software, leaving them vulnerable to remote attacks without their owners' knowledge. The NCSC said that these operations are "likely opportunistic in nature, with the actor casting a wide net to reach many potential victims, before narrowing in on targets of intelligence interest as the attack develops." Per the researchers and government advisories, the Russian hackers hacked routers to modify the device's settings so that the victim's internet requests are surreptitiously passed to infrastructure run by the hackers. This allows the hackers to redirect victims to spoof websites under their control, then steal passwords and tokens that let the hackers log in to that victim's online accounts without needing their two-factor authentication codes. Black Lotus Labs said that Fancy Bear compromised at least 18,000 victims in around 120 countries, including government departments, law enforcement agencies, and email providers across North Africa, Central America, and Southeast Asia. Microsoft, which also released details of the campaign on Tuesday, said in a blog post that its researchers identified over 200 organizations and 5,000 consumer devices affected by these hacking operations, including at least three government organizations in Africa. The Justice Department said Tuesday it neutralized compromised routers in the U.S. under court authorization. As the DOJ put it, the FBI "developed a series of commands to send to compromised routers" to collect evidence, reset settings, and prevent hackers from breaking back in. Read more of this story at Slashdot.

Apple Faces 'Massive Dilemma' With Success of the MacBook Neo - Apple may have a supply problem on its hands with the MacBook Neo... The laptop reportedly relies on "binned" A18 Pro chips with one GPU core disabled, and demand is so strong that the supply of those cheaper leftover chips could run out before the next model is ready. That leaves Apple choosing between lower margins, shifting production plans, or changing the lineup to keep its $599 hit product in stock. MacRumors reports: The all-new MacBook Neo has been such a hit that Apple is facing a "massive dilemma," according to Taiwan-based tech columnist and former Bloomberg reporter Tim Culpan. [...] In the latest edition of his Culpium newsletter today, Culpan said the MacBook Neo is selling so well that Apple's supply of the binned A18 Pro chips with a 5-core GPU will "run out" before the company is able to fully satisfy demand for the laptop. Apple's initial plan was to have suppliers build around five to six million MacBook Neo units before ceasing production of the model with the A18 Pro chip, he said, but it sounds like demand is so strong that Apple might run out of A18 Pro chips to put in the MacBook Neo before the second-generation MacBook Neo with an A19 Pro chip is ready next year. Apple is unlikely to mark the MacBook Neo as temporarily sold out, so it may be forced to take action, but profit margins might be affected. A18 Pro chips are manufactured with TSMC's second-generation 3nm process, known as N3E, and Culpan said TSMC's N3E production lines are currently operating at maximum capacity. As a result, he said that Apple may have to pay a premium to restart A18 Pro chip production for the MacBook Neo, which would lower its profit margins. Apple would have to disable a GPU core on these chips to ensure that they have only a 5-core GPU, like all other MacBook Neo units sold to date. Alternatively, Culpan said that Apple could reallocate some of its chip production that was originally planned for other devices, but he said the cost would still be higher than what it paid for its initial batch of A18 Pro chips. Culpan speculated that Apple could also opt to discontinue the $599 model with 256GB of storage, leaving the $699 model with 512GB of storage and a Touch ID button as the only configuration available. This is unlikely to happen any time soon, in our view, given how heavily Apple has been promoting the MacBook Neo's affordability. Apple might also be able to move up the release of a MacBook Neo with the iPhone 17 Pro's A19 Pro chip, but that too would be a costlier option, at least until the company achieves a sufficient stockpile of binned A19 Pro chips with a 5-core GPU. In any case, Apple could opt to keep the starting price of current and future MacBook Neo models at $599 and simply accept lower profit margins on the laptop, especially given that it attracts customers to the macOS and broader Apple ecosystem. Read more of this story at Slashdot.

Anthropic Unveils 'Claude Mythos', Powerful AI With Major Cyber Implications - "Anthropic has unveiled Claude Mythos, a new AI model capable of discovering critical vulnerabilities at scale," writes Slashdot reader wiredmikey. "It's already powering Project Glasswing, a joint effort with major tech firms to secure critical software. But the same capabilities could also accelerate offensive cyber operations." SecurityWeek reports: Mythos is not an incremental improvement but a step change in performance over Anthropic's current range of frontier models: Haiku (smallest), Sonnet (middle ground), and Opus (most powerful). Mythos sits in a fourth tier named Copybara, and Anthropic describes it as superior to any other existing AI frontier model. It incorporates the current trend in the use of AI: the modern use of agentic AI. "The powerful cyber capabilities of Claude Mythos Preview are a result of its strong agentic coding and reasoning skills... the model has the highest scores of any model yet developed on a variety of software coding tasks," notes Anthropic in a blog titled Project Glasswing -- Securing critical software for the AI era. In the last few weeks, Mythos Preview has identified thousands of zero-day vulnerabilities with many classified as critical. Several are ten or 20 years old -- the oldest found so far is a 27-years old bug in OpenBSD. Elsewhere, a 16-years old vulnerability found in video software has survived five million hits from other automated testing tools without ever being discovered. And it autonomously found and chained together several in the Linux kernel allowing an attacker to escalate from ordinary user access to complete control of the machine. [...] Anthropic is concerned that Mythos' capabilities could unleash cyberattacks too fast and too sophisticated for defenders to block. It hopes that Mythos can be used to improve cybersecurity generally before malicious actors can get access to it. To this end, the firm has announced the next stage of this preparation as Project Glasswing, powered by Mythos Preview. Given the rate of AI progress, it will not be long before such capabilities proliferate, potentially beyond actors who are committed to deploying them safely. "Project Glasswing is a starting point. No one organization can solve these cybersecurity problems alone: frontier AI developers, other software companies, security researchers, open-source maintainers, and governments across the world all have essential roles to play." Claude Mythos Preview is described as a general-purpose, unreleased frontier model from Anthropic that has nevertheless completed its training phase. The firm does not plan to make Mythos Preview generally available. The implication is that 'Preview' is a term used solely to describe the current state of Mythos and the market's readiness to receive it, and will be dropped when the firm gets closer to general release. Read more of this story at Slashdot.

Chrome Is Finally Getting Vertical Tabs - Chrome is finally adding built-in vertical tabs, "which will move the tabs to the side of the browser window, making it easier to read full page titles and manage tab groups," reports TechCrunch. The company is also introducing an immersive reading mode for a distraction-free, text-focused experience. From the report: The company notes that the new vertical tabs can be enabled at any time by right-clicking on a Chrome window and selecting "Show Tabs Vertically." The company says there's no hard limit on the number of tabs that can be opened (beyond what would be limited already by the user's hardware). The vertical tabs work just as the horizontal tabs do, meaning you can have different Chrome windows with their own set of tabs or tab groups. [...] Alongside the launch of vertical tabs, Chrome is also rolling out a new Reading Mode experience, which will offer a full-page interface to make it even easier to reduce on-screen clutter to focus on the text. This will be the new default experience for Chrome users, and arrives at a time when web pages, particularly those on news sites, have become cluttered with ads and prompts to subscribe to newsletters. Read more of this story at Slashdot.

Supreme Court Wipes Piracy Liability Verdict Against Grande Communications - An anonymous reader quotes a report from TorrentFreak: Following on the heels of the landmark Cox v. Sony ruling, the Supreme Court has vacated the contributory copyright infringement verdict against ISP Grande Communications, ordering the Fifth Circuit to reconsider its decision in light of the new precedent. [...] The order (PDF) effectively removes the case from the Supreme Court docket, urging the Fifth Circuit Court of Appeals to take another look at its decision in light of the new ruling. Given the similarities between the two cases, it is no surprise that the Supreme Court came to this conclusion. It is now up to the Fifth Circuit to revisit whether Grande's conduct meets the intent threshold that was established in Cox. That is a significantly higher bar than the one applied in the original verdict, which found that continuing to provide service to known infringers was enough to establish material contribution. The music companies previously said they sent over a million copyright infringement notices, but that Grande failed to terminate even a single subscriber account in response. However, without proof of active inducement, these absolute numbers carry less weight now. Whether this translates into a win for Grande on remand remains to be seen. For now, however, the original $47 million verdict is further away than ever. Read more of this story at Slashdot.