OpenTable's restaurant pages still feature a lot of reviews left by anonymous diners at the moment, but that will not be the case starting next month. From a report: The online restaurant reservation service is changing its policy around reviews so that they're not as anonymous -- and it's even applying the new rule retroactively. As BleepingComputer reports, it told users in an email that starting on May 22, it "will begin displaying diner first names and profile photos on all diner reviews." Further, "this update will also apply to past reviews." "We've heard from you, our diners, that trust and transparency are important when looking at reviews," the company also said in its letter, insinuating that it's changing the way reviews work based on user feedback. As BleepingComputer says, it'll be easy to match a bad review with customer reservation records based on the user's first name and when the post was made. While that's not nearly as bad as Glassdoor publishing people's names alongside their employer reviews without consent, it could still be very uncomfortable for people who wanted to talk about bad experiences without the fear of not being welcomed back into a particular establishment.

Read more of this story at Slashdot.

Adobe has begun to procure videos to build its AI text-to-video generator, trying to catch up to competitors after OpenAI demonstrated a similar technology. From a report: The software company is offering its network of photographers and artists $120 to submit videos of people engaged in everyday actions such as walking or expressing emotions including joy and anger, according to documents seen by Bloomberg. The goal is to source assets for artificial intelligence training, the company wrote. Over the past year, Adobe has focused on adding generative AI features to its portfolio of software for creative professionals, including Photoshop and Illustrator. [...] Adobe is requesting more than 100 short clips of people engaged in actions and showing emotions as well as simple anatomy shots of feet, hands or eyes. The company also wants video of people "interacting with objects" such as smartphones or fitness equipment. It cautions against providing copyrighted material, nudity or other "offensive content." Pay for the submission works out, on average, to about $2.62 per minute of submitted video, although it could be as much as about $7.25 per minute.

Read more of this story at Slashdot.

An anonymous reader shares a report: Recent headlines have made clear: If AI is doing an impressively good job at a human task, there's a good chance that the task is actually being done by a human. When George Carlin's estate sued the creators of a podcast who said they used AI to create a standup routine in the late comedian's style, the podcasters claimed that the script had actually been generated by a human named Chad. (The two sides recently settled the suit.) A company making AI-powered voice interfaces for fast-food drive-thrus can only complete 30% of jobs without the help of a human reviewing its work. Amazon is dropping its automated "Just Walk Out" checkout systems from new stores -- a system that relied on far more human verification than it was hoping for. We've seen this before -- though it may already be lost to Silicon Valley's pathologically short memory. Back in 2015, AI chatbots were the hot thing. Tech giants and startups alike pitched them as always-available, always-chipper, always-reliable assistants. One startup, x.ai, advertised an AI assistant who could read your emails and schedule your meetings. Another, GoButler, offered to book your flights or order your fries through a delivery app. Facebook also tested a do-anything concierge service called M, which could answer seemingly any question, do almost any task, and draw you pictures on demand. But for all of those services, the "AI assistant" was often just a person. Back in 2016, I wrote a story about this and interviewed workers whose job it was to be the human hiding behind the bot, making sure the bot never made a mistake or spoke nonsense.

Read more of this story at Slashdot.

Apple on Friday lost a bid to throw out a mass lawsuit valued at just under $1 billion, brought in London on behalf of more than 1,500 app developers over its App Store fees. Reuters: The case, worth up to 785 million pounds ($979 million) and one of several faced by the U.S. tech giant in the United Kingdom, alleges Apple charged third-party developers unfair commissions of up to 30% on purchases of apps or other content. Sean Ennis, a competition law professor and economist, is spearheading the case which was filed at the Competition Appeal Tribunal (CAT) last year. His lawyers say Apple has abused its dominant position in the market for the distribution of apps on iPhones and other Apple devices and are seeking damages for UK-based developers. Apple, however, says 85% of developers on its App Store do not pay any commission at all.

Read more of this story at Slashdot.

Discord has shut down the Discord servers for the Nintendo Switch emulators Suyu and Sudachi and has completely disabled their lead developers' accounts. The Verge: Both Suyu and Sudachi began as forks of Yuzu, the emulator that Nintendo sued out of existence on March 4th. "Discord responds to and complies with all legal and valid Digital Millennium Copyright Act requests. In this instance, there was also a court ordered injunction for the takedown of these materials, and we took action in a manner consistent with the court order," reads part of a statement from Discord director of product communications Kellyn Slone to The Verge. The developers of Suyu and Sudachi only received vague messages about how they were sharing content that allegedly violates intellectual property rights, according to images shared with The Verge. Meanwhile, Discord tells us that it's following its normal process for DMCA takedown requests -- but it's not at all clear there was a valid DMCA takedown request or that those communities were actually violating IP rights, and it's quite possible Discord isn't following its own policy by kicking them out. Remember, Nintendo got Yuzu to settle rather than proving its case in court, and the settlement did not give Nintendo the rights to Yuzu's freely copyable GPL v3 code. Developers of Yuzu's forks also claimed they were changing the code further, among other practices, in an effort to avoid pissing Nintendo off. And that code wasn't hosted on Discord in any case.

Read more of this story at Slashdot.

Datacenter power issues in Ireland may be coming to a head amid reports from customers that Amazon is restricting resources users can spin up in that nation, even directing them to other AWS regions across Europe instead. From a report: Energy consumed by datacenters is a growing concern, especially in places such as Ireland where there are clusters of facilities around Dublin that already account for a significant share of the country's energy supply. This may be leading to restrictions on how much infrastructure can be used, given the power requirements. AWS users have informed The Register that there are sometimes limits on the resources that they can access in its Ireland bit barn, home to Amazon's eu-west-1 region, especially with power-hungry instances that make use of GPUs to accelerate workloads such as AI. "You cannot spin up GPU nodes in AWS Dublin as those locations are maxed out power-wise. There is reserved capacity for EC2 just in case," one source told us. "If you have a problem with that, AWS Europe will point you at spare capacity in Sweden and other parts of the EU." We asked AWS about these issues, but when it finally responded the company was somewhat evasive. "Ireland remains core to our global infrastructure strategy, and we will continue to work with customers to understand their needs, and help them to scale and grow their business," a spokesperson told us. Ireland's power grid operator, EirGrid, was likewise less than direct when we asked if they were limiting the amount of power datacenters could consume.

Read more of this story at Slashdot.

An anonymous reader shares a report: The story of warehouse robotics is a story of attempting to keep up with Amazon. It's been more than a decade since the online giant revolutionized its delivery services through its Kiva Systems acquisition. As Walmart works to remain competitive, it's taking a more piecemeal approach to automation, through partnerships with a range of different robotics firms. On Thursday, the mega-retailer announced a partnership with Fox Robotics, which brings 19 of the Austin-based startup's robotic forklifts to its distribution centers. Today's news follows a 16-month pilot, which found Walmart trialing the technology in Distribution Center 6020. That Florida distribution center is the first of what the company calls its "high-tech DC." These are warehouses where it trials automation and various other technologies, before rolling them out to its wider channel of distribution and fulfillment centers. DC 6020 is the place where Walmart began trials with Symbotic's package sortation and retrieval technologies.

Read more of this story at Slashdot.

Epic Games, the maker of the popular "Fortnite" video game, has urged a U.S. judge to compel Google to open up its Play Store to more competition following a jury verdict that found the tech giant had abused its power over Android app distribution. In a court filing on Thursday [PDF], Epic proposed requiring Google to allow the distribution of competing third-party app stores on its platform for six years and limiting its ability to restrict preloading of competing app stores on devices. The move follows a December antitrust trial in which a jury found Google guilty of impeding developers' ability to distribute apps outside the Play Store and maintaining an overly tight grip on in-app transaction payments.

Read more of this story at Slashdot.

HP "sought to take advantage of customers' sunk costs," printer owners claimed this week in a class action lawsuit against the hardware giant. The Register: Lawyers representing the aggrieved were responding in an Illinois court to an earlier HP motion to dismiss a January lawsuit. Among other things, the plaintiffs' filing stated that the printer buyers "never entered into any contractual agreement to buy only HP-branded ink prior to receiving the firmware updates." They allege HP broke several anti-competitive statutes, which they claim: "bar tying schemes, and certain uses of software to accomplish that without permission, that would monopolize an aftermarket for replacement ink cartridges, when these results are achieved in a way that 'take[s] advantage of customers' sunk costs.'" In the case, which began in January, the plaintiffs are arguing that HP issued a firmware update between late 2022 and early 2023 that they allege disabled their printers if they installed a replacement cartridge that was not HP-branded. They are asking for damages that include the cost of now-useless third-party cartridges and an injunction to disable the part of the firmware updates that prevent the use of third-party ink.

Read more of this story at Slashdot.

sinij shares a report: Members of Parliament in Canada are expected to vote for up to 15 hours in a row Thursday and Friday on more than 200 Conservative amendments to the government's sustainable jobs bill. The amendments are what's left of nearly 20,000 changes the Conservatives proposed to Bill C-50 last fall at a House of Commons committee. Liberals now contend the Conservatives came up with the amendments using artificial intelligence in order to gum up the government's agenda. The Conservatives deny that accusation.

Read more of this story at Slashdot.

An anonymous reader shares a report: If you're -- apparently, one of the few people -- using the VPN service that comes with Google One, we've got bad news for you. In an email you're going to receive from Google if you haven't gotten it yet, it revealed that it's phasing out the perk sometime later this year. The company rolled out Google One's VPN feature back in 2020, but you could only access it then if you're paying for a plan with at least 2TB of storage, which costs at least $10 a month. Last year, the company expanded its availability across all One plans, including the basic $2-per-month option, making it more affordable than before.

Read more of this story at Slashdot.

Kyle Wiggers reports via TechCrunch: OpenAI announced today that premium ChatGPT users -- customers paying for ChatGPT Plus, Team or Enterprise -- can now leveraged an updated and enhanced version of GPT-4 Turbo, one of the models that powers the conversational ChatGPT experience. This new model ("gpt-4-turbo-2024-04-09") brings with it improvements in writing, math, logical reasoning and coding, OpenAI claims, as well as a more up-to-date knowledge base. It was trained on publicly available data up to December 2023, in contrast to the previous edition of GPT-4 Turbo available in ChatGPT, which had an April 2023 cut-off. "When writing with ChatGPT [with the new GPT-4 Turbo], responses will be more direct, less verbose and use more conversational language," OpenAI writes in a post on X.

Read more of this story at Slashdot.

An anonymous reader quotes a report from 9to5Mac: Following moves of other tech giants like Amazon and Microsoft, Apple is reportedly set to open a new office space in a Miami suburb. This won't be the first corporate space for Apple in the city, but it will be larger than the existing office. Reported by Bloomberg, anonymous sources close to the matter say that Apple's new Miami office will be 45,000 square feet in the affluent Coral Gables suburb of Miami. It's not clear yet what part of Apple's business the new office will focus on but it will be larger than its existing small Miami office that handles Latin America and advertising operations. The specific property of the new Apple offices will be at The Plaza Coral Gables.

Read more of this story at Slashdot.

Scientists from Oxford University Physics have developed a breakthrough in cloud-based quantum computing that could allow it to be harnessed by millions of individuals and companies. The findings have been published in the journal Physical Review Letters. Phys.Org reports: In the new study, the researchers use an approach dubbed "blind quantum computing," which connects two totally separate quantum computing entities -- potentially an individual at home or in an office accessing a cloud server -- in a completely secure way. Importantly, their new methods could be scaled up to large quantum computations. "Using blind quantum computing, clients can access remote quantum computers to process confidential data with secret algorithms and even verify the results are correct, without revealing any useful information. Realizing this concept is a big step forward in both quantum computing and keeping our information safe online," said study lead Dr. Peter Drmota, of Oxford University Physics. The researchers created a system comprising a fiber network link between a quantum computing server and a simple device detecting photons, or particles of light, at an independent computer remotely accessing its cloud services. This allows so-called blind quantum computing over a network. Every computation incurs a correction that must be applied to all that follow and needs real-time information to comply with the algorithm. The researchers used a unique combination of quantum memory and photons to achieve this. The results could ultimately lead to commercial development of devices to plug into laptops, to safeguard data when people are using quantum cloud computing services. "We have shown for the first time that quantum computing in the cloud can be accessed in a scalable, practical way which will also give people complete security and privacy of data, plus the ability to verify its authenticity," said Professor David Lucas, who co-heads the Oxford University Physics research team and is lead scientist at the UK Quantum Computing and Simulation Hub, led from Oxford University Physics.

Read more of this story at Slashdot.

China is rapidly advancing its space capabilities to challenge the United States' dominance in space, as evidenced by its significant increase in on-orbit intelligence and reconnaissance satellites and the development of sophisticated counterspace weapons. Space.com reports: "Frankly, China is moving at a breathtaking speed. Since 2018, China has more than tripled their on-orbit intelligence, surveillance and reconnaissance satellites," Gen. Stephen Whiting, commander of U.S. Space Command, said here on Tuesday, during a talk at the 39th Space Symposium. "And with these systems, they've built a kill web over the Pacific Ocean to find, fix, track and, yes, target United States and allied military capabilities," he added. And that's not all. China has also "built a range of counterspace weapons, from reversible jamming all the way up to kinetic hit-to-kill direct-ascent and co-orbital ASATs," Whiting said. Indeed, China demonstrated direct-ascent ASAT, or anti-satellite, weapon technology back in January 2007, when it destroyed one of its defunct weather satellites with a missile. That test was widely decried as irresponsible, for it generated thousands of pieces of debris, many of which are still cluttering up Earth orbit. Such activities show that China is now treating space as a war-fighting domain, Whiting said. And so, he added, is Russia, which has also conducted ASAT tests recently, including a destructive one in November 2021. Russia has also been aggressively building out its orbital architecture; since 2018, the nation has more than doubled its total number of active satellites, according to Whiting. The U.S. government has taken notice of these trends. "We are at a pivotal moment in history," Troy Meink, principal deputy director of the National Reconnaissance Office, which builds and operates the United States' fleet of spy satellites, said during a different talk on Tuesday here at the symposium. "For the first time in decades, U.S. leadership in space and space technology is being challenged," Meink added. "Our competitors are actively seeking ways to threaten our capabilities, and we see this every day." The U.S. must act if it wishes to beat back this challenge, Meink and Whiting stressed; it cannot rely on the inertia of past success to do the job. For example, Meink highlighted the need to innovate with the nation's reconnaissance satellites, to make them more numerous, more agile and more resilient. U.S. Under Secretary of Defense for Research and Engineering Heidi Shyu also emphasized the importance of increasing resilience, a goal that she said could be achieved by diversifying the nation's space capabilities. "We must assess ways to incorporate radiation-hardened electronics, novel orbits, varied communication pathways, advancements in propulsion technologies and increased cooperation with our allies," Shyu said in another talk on Tuesday at the symposium.

Read more of this story at Slashdot.

An anonymous reader quotes a report from KrebsOnSecurity: The U.S. Cybersecurity and Infrastructure Security Agency (CISA) said today it is investigating a breach at business intelligence company Sisense, whose products are designed to allow companies to view the status of multiple third-party online services in a single dashboard. CISA urged all Sisense customers to reset any credentials and secrets that may have been shared with the company, which is the same advice Sisense gave to its customers Wednesday evening. New York City based Sisense has more than 1,000 customers across a range of industry verticals, including financial services, telecommunications, healthcare and higher education. On April 10, Sisense Chief Information Security Officer Sangram Dash told customers the company had been made aware of reports that "certain Sisense company information may have been made available on what we have been advised is a restricted access server (not generally available on the internet.)" In its alert, CISA said it was working with private industry partners to respond to a recent compromise discovered by independent security researchers involving Sisense. Sisense declined to comment when asked about the veracity of information shared by two trusted sources with close knowledge of the breach investigation. Those sources said the breach appears to have started when the attackers somehow gained access to the company's code repository at Gitlab, and that in that repository was a token or credential that gave the bad guys access to Sisense's Amazon S3 buckets in the cloud. Both sources said the attackers used the S3 access to copy and exfiltrate several terabytes worth of Sisense customer data, which apparently included millions of access tokens, email account passwords, and even SSL certificates. The incident raises questions about whether Sisense was doing enough to protect sensitive data entrusted to it by customers, such as whether the massive volume of stolen customer data was ever encrypted while at rest in these Amazon cloud servers. It is clear, however, that unknown attackers now have all of the credentials that Sisense customers used in their dashboards. The breach also makes clear that Sisense is somewhat limited in the clean-up actions that it can take on behalf of customers, because access tokens are essentially text files on your computer that allow you to stay logged in for extended periods of time -- sometimes indefinitely. And depending on which service we're talking about, it may be possible for attackers to re-use those access tokens to authenticate as the victim without ever having to present valid credentials. Beyond that, it is largely up to Sisense customers to decide if and when they change passwords to the various third-party services that they've previously entrusted to Sisense. "If they are hosting customer data on a third-party system like Amazon, it better damn well be encrypted," said Nicholas Weaver, a researcher at University of California, Berkeley's International Computer Science Institute (ICSI) and lecturer at UC Davis. "If they are telling people to rest credentials, that means it was not encrypted. So mistake number one is leaving Amazon credentials in your Git archive. Mistake number two is using S3 without using encryption on top of it. The former is bad but forgivable, but the latter given their business is unforgivable."

Read more of this story at Slashdot.

Amanda Hoover reports via Wired: Students have submitted more than 22 million papers that may have used generative AI in the past year, new data released by plagiarism detection company Turnitin shows. A year ago, Turnitin rolled out an AI writing detection tool that was trained on its trove of papers written by students as well as other AI-generated texts. Since then, more than 200 million papers have been reviewed by the detector, predominantly written by high school and college students. Turnitin found that 11 percent may contain AI-written language in 20 percent of its content, with 3 percent of the total papers reviewed getting flagged for having 80 percent or more AI writing. Turnitin says its detector has a false positive rate of less than 1 percent when analyzing full documents.

Read more of this story at Slashdot.

Harvard College is reinstating the requirement for standardized testing, reversing course on a pandemic-era policy that made them optional. It follows similar moves from elite universities like Yale, Dartmouth, and MIT. Axios reports: At Harvard, the mandate will be in place for students applying to begin school in fall 2025. Harvard had previously committed to a test-optional policy for applicants through the class of 2030, which would have started in fall 2026. Most students who applied since the pandemic began have submitted test scores despite the test-optional policy, the university said. Reviewing SAT/ACT scores as part of a student's application packet helps an admissions decision be holistic, the university said in a statement. "Standardized tests are a means for all students, regardless of their background and life experience, to provide information that is predictive of success in college and beyond," Hopi Hoekstra, a Harvard dean, said in the statement. "Indeed, when students have the option of not submitting their test scores, they may choose to withhold information that, when interpreted by the admissions committee in the context of the local norms of their school, could have potentially helped their application."

Read more of this story at Slashdot.

A federal jury in Illinois on Wednesday said Amazon Web Services owes tech company Kove $525 million for violating three patents relating to its data-storage technology. From the report: The jury determined (PDF) that AWS infringed three Kove patents covering technology that Kove said had become "essential" to the ability of Amazon's cloud-computing arm to "store and retrieve massive amounts of data." An Amazon spokesperson said the company disagrees with the verdict and intends to appeal. Kove's lead attorney Courtland Reichman called the verdict "a testament to the power of innovation and the importance of protecting IP (intellectual property) rights for start-up companies against tech giants." Kove also sued Google last year for infringing the same three patents in a separate Illinois lawsuit that is still ongoing.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: Hardware sold for years by the likes of Intel and Lenovo contains a remotely exploitable vulnerability that will never be fixed. The cause: a supply chain snafu involving an open source software package and hardware from multiple manufacturers that directly or indirectly incorporated it into their products. Researchers from security firm Binarly have confirmed that the lapse has resulted in Intel, Lenovo, and Supermicro shipping server hardware that contains a vulnerability that can be exploited to reveal security-critical information. The researchers, however, went on to warn that any hardware that incorporates certain generations of baseboard management controllers made by Duluth, Georgia-based AMI or Taiwan-based AETN are also affected. BMCs are tiny computers soldered into the motherboard of servers that allow cloud centers, and sometimes their customers, to streamline the remote management of vast fleets of servers. They enable administrators to remotely reinstall OSes, install and uninstall apps, and control just about every other aspect of the system -- even when it's turned off. BMCs provide what's known in the industry as "lights-out" system management. AMI and AETN are two of several makers of BMCs. For years, BMCs from multiple manufacturers have incorporated vulnerable versions of open source software known as lighttpd. Lighttpd is a fast, lightweight web server that's compatible with various hardware and software platforms. It's used in all kinds of wares, including in embedded devices like BMCs, to allow remote administrators to control servers remotely with HTTP requests. [...] "All these years, [the lighttpd vulnerability] was present inside the firmware and nobody cared to update one of the third-party components used to build this firmware image," Binarly researchers wrote Thursday. "This is another perfect example of inconsistencies in the firmware supply chain. A very outdated third-party component present in the latest version of firmware, creating additional risk for end users. Are there more systems that use the vulnerable version of lighttpd across the industry?" The vulnerability makes it possible for hackers to identify memory addresses responsible for handling key functions. Operating systems take pains to randomize and conceal these locations so they can't be used in software exploits. By chaining an exploit for the lighttpd vulnerability with a separate vulnerability, hackers could defeat this standard protection, which is known as address space layout randomization. The chaining of two or more exploits has become a common feature of hacking attacks these days as software makers continue to add anti-exploitation protections to their code. Tracking the supply chain for multiple BMCs used in multiple server hardware is difficult. So far, Binarly has identified AMI's MegaRAC BMC as one of the vulnerable BMCs. The security firm has confirmed that the AMI BMC is contained in the Intel Server System M70KLP hardware. Information about BMCs from ATEN or hardware from Lenovo and Supermicro aren't available at the moment. The vulnerability is present in any hardware that uses lighttpd versions 1.4.35, 1.4.45, and 1.4.51. "A potential attacker can exploit this vulnerability in order to read memory of Lighttpd Web Server process," Binarly researchers wrote in an advisory. "This may lead to sensitive data exfiltration, such as memory addresses, which can be used to bypass security mechanisms such as ASLR." Advisories are available here, here, and here.

Read more of this story at Slashdot.