mjfisher.net

Latest News

Last updated 10 Mar, 04:32 AM

BBC News

Rising prices, mixed messages: Iran war is fraught with political risk for Trump - The war's price, measured in damage to the economy and in political costs to Trump, is still coming into view.

Five Iranian footballers granted Australian visas after anthem protest - Concern has grown for team after one critic called them "wartime traitors" for failing to salute during the Iranian anthem.

Faisal Islam: Trump comments may have eased oil price surge, but havoc remains - It has been the most volatile day of oil trading in world history, and there is much still to play out.

US missile hit military base near Iran school, video analysis shows - A US Tomahawk missile hit a military base near a primary school in southern Iran where Iranian authorities said 168 people were killed, expert video analysis shows.

RAF jets have taken out two more drones, says Healey - The defence secretary also told MPs that the warship HMS Dragon would set sail for the Mediterranean in the next couple of days.

The Register

HPE tweaks T&Cs so the price it quotes may not be the price you pay - With memory and storage contributing over half the price of a server, Big Green needs to protect its margins HPE has changed its terms and conditions in ways that allow it to change hardware prices after it’s issued a quote, due to rampant storage and memory price rises.…

Palantir’s lethal AI weaponry deployed to find chairs for US government staff - As Department of Agriculture employees return to the office, it needs ‘real-time analytics to optimize employee seat assignments’ The U.S. Department of Agriculture is using Palantir to figure out where its staff should sit, after deciding only the colorful AI company can do the job.…

Anthropic debuts pricey and sluggish automated Code Review tool - First vibe coding, now vibe reviewing ... but the buzz is good as it finds worthy issues Anthropic has introduced a more extensive – and expensive – way to review source code in hosted repositories, many of which already contain large swaths of AI-generated code.…

AI vs AI: Agent hacked McKinsey's chatbot and gained full read-write access in just two hours - David and Goliath…but with AI agents Researchers at red-team security startup CodeWall say their AI agent hacked McKinsey's internal AI platform and gained full read and write access to the chatbot in just two hours.…

Moody humans should let AI handle bad public feedback first, study finds - Enjoy meltdowns from businesses on Yelp over negative reviews? AI is threatening to take that away Angry company responses to customer complaints are a favorite topic of internet amusement and outrage, but they're also embarrassing for the employees who post them. Having AI process customer reviews could be a better way. …

New Scientist - Home

Why is black rain falling on Iran and how dangerous is it? - US-Israeli strikes on oil facilities have caused black rain to fall on Tehran, but the black smoke filling the air is likely to be a bigger health risk

We’ve only just confirmed that Homo habilis really existed - Their species name is well known, but until recently we’ve understood very little for certain about Homo habilis. Columnist Michael Marshall reveals what new fossils are telling us about the hominins that have been considered the first humans

Frailty sets in far earlier than you’d expect, but you can reverse it - We’re learning that frailty can quietly arrive decades before old age, with some people in their 30s or 40s unknowingly in a pre-frail state. There are surprising ways to stay strong – and it’s not all about weight training

A daily multivitamin may slightly slow rates of ageing - Taking a multivitamin every day might slightly slow the rate of ageing, but the extent to which this is relevant to our health is unclear

'Singing' dogs may show the evolutionary roots of musicality - Some Samoyeds adjust the pitch of their howls depending on the music being played, showing a form of vocal ability they might have inherited from their wolf ancestors

Hacker News

Two Years of Emacs Solo: 35 Modules, Zero External Packages, and a Full Refactor - Comments

Learnings from paying artists royalties for AI-generated art - Comments

Building a Procedural Hex Map with Wave Function Collapse - Comments

Show HN: Remotely use my guitar tuner - Comments

JSLinux Now Supports x86_64 - Comments

Slashdot

European Consortium Wants Open-Source Alternative To Google Play Integrity - An anonymous reader quotes a report from Heise: Pay securely with an Android smartphone, completely without Google services: This is the plan being developed by the newly founded industry consortium led by the German Volla Systeme GmbH. It is an open-source alternative to Google Play Integrity. This proprietary interface decides on Android smartphones with Google Play services whether banking, government, or wallet apps are allowed to run on a smartphone. Obstacles and tips for paying with an Android smartphone without official Google services have been highlighted by c't in a comprehensive article. The European industry consortium now wants to address some problems mentioned. To this end, the group, which includes Murena, which develops the hardened custom ROM /e/OS, Iode from France, and Apostrophy (Dot) from Switzerland, in addition to Volla, is developing a so-called "UnifiedAttestation" for Google-free mobile operating systems, primarily based on the Android Open-Source Project (AOSP). According to Volla, a European manufacturer and a leading manufacturer from Asia, as well as European foundations such as the German UBports Foundation, have also expressed interest in supporting it. Furthermore, developers and publishers of government apps from Scandinavia are examining the use of the new procedure as "first movers." In its announcement, Volla explains that Google provides app developers with an interface called Play Integrity, which checks whether an app is running on a device with specific security requirements. This primarily affects applications from "sensitive areas such as identity verification, banking, or digital wallets -- including apps from governments and public administrations". The company criticizes that the certification is exclusively offered for Google's own proprietary "Stock Android" but not for Android versions without Google services, such as /e/OS or similar custom ROMs. "Since this is closely intertwined with Google services and Google data centers, a structural dependency arises -- and for alternative operating systems, a de facto exclusion criterion," the company states. From the consortium's perspective, this also leads to a "security paradox," because "the check of trustworthiness is carried out by precisely that entity whose ecosystem is to be avoided at the same time". The UnifiedAttestation system is built around three main components: an "operating system service" that apps can call to check whether the device's OS meets required security standards, a decentralized validation service that verifies the OS certificate on a device without relying on a single central authority, and an open test suite used to evaluate and certify that a particular operating system works securely on a specific device model. "We don't want to centralize trust, but organize it transparently and publicly verifiable. When companies check competitors' products, we can strengthen that trust," says Dr. Jorg Wurzer, CEO of Volla Systeme GmbH and initiator of the consortium. The goal is to increase digital sovereignty and break free from the control of any one, single U.S. company, he says. Read more of this story at Slashdot.

Samsung Wants To Let You Vibe Code Your Galaxy Phone Experience - Samsung says it's thinking about bringing "vibe coding" to future Galaxy phones, allowing users to describe apps or interface changes in plain language and have AI generate the code. TechRadar interviewed Won-Joon Choi, Samsung's head of mobile experience, to learn more about the plans. Here's an excerpt from their report: As noted by Won-Joon Choi, the usefulness of vibe coding on smartphones is that it opens up the "possibility of customizing your smartphone experience in new ways, not just your apps but your UX." He added, "Right now we're limited to premade tools, but with vibe coding, users could adjust their favorite apps or make something customized to their needs. So vibe coding is very interesting, and something we're looking into." [...] Samsung recently debuted the Galaxy S26 series of phones and made a point to not call them smartphones -- they're "AI phones" now. This certainly rang true with the majority of upgrades to the devices being AI software-focused, like the new Now Nudge and expanded Audio Eraser tools, with the biggest hardware bump for the base models coming via the 39% improved NPU processing (the processor in charge of on-device AI tasks). It also teased the debut of Perplexity on its phones, joining as an alternative to the Gemini assistant, and teased the possibility of other AI models getting the same treatment in the future. Read more of this story at Slashdot.

EA Lays Off Staff Across All Battlefield Studios Following Record-Breaking Battlefield 6 Launch - Electronic Arts has laid off staff across multiple Battlefield studios despite Battlefield 6 being the best-selling game in the U.S. in 2025 and the "biggest launch in franchise history." According to IGN, the layoffs include workers at Criterion, Dice, Ripple Effect, and Motive Studios. From the report: Individuals are being informed that the layoffs are taking place as part of a "realignment" across the Battlefield studios, as the team continues its ongoing, live service support for Battlefield 6 following launch. All four studios will remain operational, though the layoffs seem to be impacting a variety of teams across multiple studios and offices. IGN asked EA for comment on total number and types of roles impacted, as well as for the specific reasons for the layoffs. An EA spokesperson told IGN: "We've made select changes within our Battlefield organization to better align our teams around what matters most to our community. Battlefield remains one of our biggest priorities, and we're continuing to invest in the franchise, guided by player feedback and insights from Battlefield Labs." Read more of this story at Slashdot.

Live Nation Avoids Ticketmaster Breakup By 'Open Sourcing' Their Ticketing Model - Live Nation reached a settlement with the U.S. Department of Justice that avoids breaking up its dominant live events empire with Ticketmaster. Instead, the deal requires changes like "open sourcing" their ticketing model and divesting some venues. NBC News reports: The company and the Justice Department reached a settlement on Monday, following a week of testimony during an antitrust trial that threatened to potentially separate the world's largest live entertainment company. [...] On a background call with reporters Monday, a senior justice official said the deal will drive down prices by giving both artists and consumers more choice. As part of the agreement, Ticketmaster will provide a standalone ticketing system that will allow third-party companies like SeatGeek and StubHub to offer primary tickets through the platform. The senior justice official described it as "open sourcing" their ticketing model. The company will also divest up to 13 amphitheaters and reserve 50% of tickets for nonexclusive venues. Ticketmaster is also prohibited from retaliating against a venue that selects another primary ticket distributor, among other requirements. Although a group of states have joined the DOJ in signing the agreement, other states can continue to press their own claims. Read more of this story at Slashdot.

How AI Assistants Are Moving the Security Goalposts - An anonymous reader quotes a report from KrebsOnSecurity: AI-based assistants or "agents" -- autonomous programs that have access to the user's computer, files, online services and can automate virtually any task -- are growing in popularity with developers and IT workers. But as so many eyebrow-raising headlines over the past few weeks have shown, these powerful and assertive new tools are rapidly shifting the security priorities for organizations, while blurring the lines between data and code, trusted co-worker and insider threat, ninja hacker and novice code jockey. The new hotness in AI-based assistants -- OpenClaw (formerly known as ClawdBot and Moltbot) -- has seen rapid adoption since its release in November 2025. OpenClaw is an open-source autonomous AI agent designed to run locally on your computer and proactively take actions on your behalf without needing to be prompted. If that sounds like a risky proposition or a dare, consider that OpenClaw is most useful when it has complete access to your entire digital life, where it can then manage your inbox and calendar, execute programs and tools, browse the Internet for information, and integrate with chat apps like Discord, Signal, Teams or WhatsApp. Other more established AI assistants like Anthropic's Claude and Microsoft's Copilot also can do these things, but OpenClaw isn't just a passive digital butler waiting for commands. Rather, it's designed to take the initiative on your behalf based on what it knows about your life and its understanding of what you want done. "The testimonials are remarkable," the AI security firm Snyk observed. "Developers building websites from their phones while putting babies to sleep; users running entire companies through a lobster-themed AI; engineers who've set up autonomous code loops that fix tests, capture errors through webhooks, and open pull requests, all while they're away from their desks." You can probably already see how this experimental technology could go sideways in a hurry. [...] Last month, Meta AI safety director Summer Yue said OpenClaw unexpectedly started mass-deleting messages in her email inbox, despite instructions to confirm those actions first. She wrote: "Nothing humbles you like telling your OpenClaw 'confirm before acting' and watching it speedrun deleting your inbox. I couldn't stop it from my phone. I had to RUN to my Mac mini like I was defusing a bomb." Krebs also noted the many misconfigured OpenClaw installations users had set up, leaving their administrative dashboards publicly accessible online. According to pentester Jamieson O'Reilly, "a cursory search revealed hundreds of such servers exposed online." When those exposed interfaces are accessed, attackers can retrieve the agent's configuration and sensitive credentials. O'Reilly warned attackers could access "every credential the agent uses -- from API keys and bot tokens to OAuth secrets and signing keys." "You can pull the full conversation history across every integrated platform, meaning months of private messages and file attachments, everything the agent has seen," O'Reilly added. And because you control the agent's perception layer, you can manipulate what the human sees. Filter out certain messages. Modify responses before they're displayed." Read more of this story at Slashdot.