SoylentNews

An Anonymous Coward writes:

https://www.theregister.com/2025/11/18/google_chrome_seventh_0_day/

Seventh Chrome 0-day this year

Google pushed an emergency patch on Monday for a high-severity Chrome bug that attackers have already found and exploited in the wild.

The vulnerability, tracked as CVE-2025-13223, is a type confusion flaw in the V8 JavaScript engine, and it's the seventh Chrome zero-day this year. All have since been patched. But if you use Chrome as your web browser, make sure you are running the most recent version - or risk full system compromise.

This type of vulnerability happens when the engine misinterprets a block of memory as one type of object and treats it as something it's not. This can lead to system crashes and arbitrary code execution, and if it's chained with other bugs can potentially lead to a full system compromise via a crafted HTML page.

"Google is aware that an exploit for CVE-2025-13223 exists in the wild," the Monday security alert warned.

Also on Monday, Google issued a second emergency patch for another high-severity type confusion bug in Chrome's V8 engine. This one is tracked as CVE-2025-13224. As of now, there's no reports of exploitation - so that's another reason to update sooner than later.

Google's LLM-based bug hunting tool Big Sleep found CVE-2025-13224 in October, and a human - the Chocolate Factory's own Clément Lecigne - discovered CVE-2025-13223 on November 12.

Lecigne is a spyware hunter with Google's Threat Analysis Group (TAG) credited with finding and disclosing several of these types of Chrome zero-days. While we don't have any details about who is exploiting CVE-2025-13223 and what they are doing with the access, TAG tracks spyware and nation-state attackers abusing zero days for espionage expeditions.

TAG also spotted the sixth Chrome bug exploited as a zero-day and patched in September. That flaw, CVE-2025-10585, was also a type confusion flaw in the V8 JavaScript and WebAssembly engine.

Original Submission

A Chinese company cut open their invention on stage to prove that it was not a human in a robot suit after comments that it looked too real. Unless it was a human with a missing leg, the robot was indeed proven to be a mechanical invention.

Technology company, Xpeng, unveiled its second-generation humanoid robot, IRON, at its AI Day in Guangzhou, China last week, rivalling Tesla's Optimus robots.
Powered by a solid-state battery and three custom AI chips, IRON features a "humanoid spine, bionic muscles, and fully covered flexible skin, and supports customisation for different body shapes."

The robot has the power to make 2,250 trillion operations per second (TOPS) and features 82 degrees of freedom, including 22 in each hand.

"Its movements are natural, smooth, and flexible, capable of achieving, catwalk walking and other high-difficulty human-like actions," Xpeng said

Original Submission

canopic jug writes:

Software Engineer Nikita Prokopov delves into how programs have changed over recent years from doing our bidding to working against us, controlling us. This adverse change has been ushered in through requiring accounts, update processes, notifications, and on-boarding procedures.

This got so bad that when a program doesn't ask you to create an account, it feels refreshing.

"Okay, but accounts are still needed to sync stuff between machines."

Wrong. Syncthing is a secure, multi-machine distributed app and yet doesn't need an account.

"Okay, but you still need an account if you pay for a subscription?"

Mullvad VPN accepts payments and yet didn't ask me for my email.

These new, malevolent programs fight for attention rather than getting the job done while otherwise staying out of the way. Not only do they prioritize "engagement" over its opposite, "usability", they also tend to push (hostile) agendas along the way.

Previously:
(2025) What Happened to Running What You Wanted on Your Own Machine?
(2025) Passkeys Are Incompatible With Open-Source Software
(2024) Achieving Software Freedom in the Age of Platform Decay
(2024) Bruce Perens Solicits Comments on First Draft of a Post-Open License

Original Submission

hubie writes:

Developers tend to scrutinize AI-generated code less critically and they learn less from it:

When two software developers collaborate on a programming project—known in technical circles as 'pair programming'—it tends to yield a significant improvement in the quality of the resulting software. 'Developers can often inspire one another and help avoid problematic solutions. They can also share their expertise, thus ensuring that more people in their organization are familiar with the codebase,' explains Sven Apel, professor of computer science at Saarland University. Together with his team, Apel has examined whether this collaborative approach works equally well when one of the partners is an AI assistant. [...]

For the study, the researchers used GitHub Copilot, an AI-powered coding assistant introduced by Microsoft in 2021, which, like similar products from other companies, has now been widely adopted by software developers. These tools have significantly changed how software is written. 'It enables faster development and the generation of large volumes of code in a short time. But this also makes it easier for mistakes to creep in unnoticed, with consequences that may only surface later on,' says Sven Apel. The team wanted to understand which aspects of human collaboration enhance programming and whether these can be replicated in human-AI pairings. Participants were tasked with developing algorithms and integrating them into a shared project environment.

'Knowledge transfer is a key part of pair programming,' Apel explains. 'Developers will continuously discuss current problems and work together to find solutions. This does not involve simply asking and answering questions, it also means that the developers share effective programming strategies and volunteer their own insights.' According to the study, such exchanges also occurred in the AI-assisted teams—but the interactions were less intense and covered a narrower range of topics. 'In many cases, the focus was solely on the code,' says Apel. 'By contrast, human programmers working together were more likely to digress and engage in broader discussions and were less focused on the immediate task.

One finding particularly surprised the research team: 'The programmers who were working with an AI assistant were more likely to accept AI-generated suggestions without critical evaluation. They assumed the code would work as intended,' says Apel. 'The human pairs, in contrast, were much more likely to ask critical questions and were more inclined to carefully examine each other's contributions,' explains Apel. He believes this tendency to trust AI more readily than human colleagues may extend to other domains as well. 'I think it has to do with a certain degree of complacency—a tendency to assume the AI's output is probably good enough, even though we know AI assistants can also make mistakes.' Apel warns that this uncritical reliance on AI could lead to the accumulation of 'technical debt', which can be thought of as the hidden costs of the future work needed to correct these mistakes, thereby complicating the future development of the software.

Original Submission

AnonTechie writes:

At a recent AI conference in San Francisco, over 300 founders and investors were asked a provocative question: which billion-dollar AI startup would you bet against? The answer was surprising. Perplexity AI topped the list, with OpenAI coming in second. While the OpenAI vote raised eyebrows given its market dominance, the Perplexity verdict reveals something deeper about the AI search landscape in 2025.

Perplexity Founded in 2022, the company hit a $20 billion valuation by September 2025, processing 780 million queries monthly with over 30 million active users. Impressive on paper, but the company has raised nearly $1.5 billion in funding, with valuations jumping from $500 million to $20 billion in just 18 months. Fundraising rounds roughly every two months suggests either extraordinary growth or growing desperation to prove the business model works.

Here's the uncomfortable truth: Perplexity is increasingly looking like what Silicon Valley dreads most a wrapper. The company initially had a competitive edge when it pioneered AI powered web search with real time information. But that advantage has evaporated faster than anyone expected.

[...] The AI bubble will eventually deflate. When it does, wrappers built on vanity metrics and unsustainable unit economics will be the first to go. Perplexity's 360 million "free users" in India won't save them when those users discover that ChatGPT and Google do the same thing for free and they don't need to pay ₹17,000 for the privilege.

MEDIUM.COM

Original Submission

wirelessduck writes:

Turris, the hardware division of cz.nic CZ domain registry, has released their latest [open source] router device Omnia NG.

Coverage from cnx-software:

The Turris Omnia NG is a high-performance Wi-Fi 7 router with a mini PCIe slot for 4G/5G modems, two 10GbE SFP+ cages, a 240×240 px color display, and a D-Pad button, running OpenWrt-based Turris OS, and designed for advanced home users, small businesses, and lab environments.

Built around a 2.2 GHz Qualcomm IPQ9574 quad-core 64-bit Arm Cortex-A73 CPU, the Omnia NG supports Wi-Fi 7/6 tri-band connectivity. Additionally, it features four 2.5Gbps Ethernet ports, two USB 3.0 ports, NVMe storage support, and includes a 90 W power supply for attached peripherals. Other hardware highlights include rack-mount supports, a metal chassis, and antenna arrays for 4×4 MIMO operation. It comes 10 years after the original Turris Omnia open-source router was launched on Indiegogo.

Original Submission

hubie writes:

Use the right tool for the job:

In my first interview out of college I was asked the change counter problem:

Given a set of coin denominations, find the minimum number of coins required to make change for a given number. IE for USA coinage and 37 cents, the minimum number is four (quarter, dime, 2 pennies).

I implemented the simple greedy algorithm and immediately fell into the trap of the question: the greedy algorithm only works for "well-behaved" denominations. If the coin values were [10, 9, 1], then making 37 cents would take 10 coins in the greedy algorithm but only 4 coins optimally (10+9+9+9). The "smart" answer is to use a dynamic programming algorithm, which I didn't know how to do. So I failed the interview.

But you only need dynamic programming if you're writing your own algorithm. It's really easy if you throw it into a constraint solver like MiniZinc and call it a day.

[...] Lots of similar interview questions are this kind of mathematical optimization problem, where we have to find the maximum or minimum of a function corresponding to constraints. They're hard in programming languages because programming languages are too low-level. They are also exactly the problems that constraint solvers were designed to solve. Hard leetcode problems are easy constraint problems. Here I'm using MiniZinc, but you could just as easily use Z3 or OR-Tools or whatever your favorite generalized solver is.

[...] Now if I actually brought these questions to an interview the interviewee could ruin my day by asking "what's the runtime complexity?" Constraint solvers runtimes are unpredictable and almost always slower than an ideal bespoke algorithm because they are more expressive, in what I refer to as the capability/tractability tradeoff. But even so, they'll do way better than a bad bespoke algorithm, and I'm not experienced enough in handwriting algorithms to consistently beat a solver.

[...] Most constraint solving examples online are puzzles, like Sudoku or "SEND + MORE = MONEY". Solving leetcode problems would be a more interesting demonstration. And you get more interesting opportunities to teach optimizations, like symmetry breaking.

Original Submission

hubie writes:

Floating solar panels show promise, but environmental impacts vary by location, study finds:

Floating solar panels are emerging as a promising clean energy solution with environmental benefits, but a new study finds those effects vary significantly depending on where the systems are deployed.

Researchers from Oregon State University and the U.S. Geological Survey modeled the impact of floating solar photovoltaic systems on 11 reservoirs across six states. Their simulations showed that the systems consistently cooled surface waters and altered water temperatures at different layers within the reservoirs. However, the panels also introduced increased variability in habitat suitability for aquatic species.

"Different reservoirs are going to respond differently based on factors like depth, circulation dynamics and the fish species that are important for management," said Evan Bredeweg, lead author of the study and a former postdoctoral scholar at Oregon State. "There's no one-size-fits-all formula for designing these systems. It's ecology - it's messy."

While the floating solar panel market is established and growing in Asia, it remains limited in the United States, mostly to small pilot projects. However, a study released earlier this year by the U.S. Department of Energy's National Renewable Energy Laboratory estimated that U.S. reservoirs could host enough floating solar panel systems to generate up to 1,476 terawatt-hours annually, enough to power approximately 100 million homes.

Floating solar panels offer several advantages. The cooling effect of the water can boost panel efficiency by an estimated 5 to 15%. The systems can also be integrated with existing hydroelectric and transmission infrastructure. They may also help reduce evaporation, which is especially valuable in warmer, drier climates.

However, these benefits come with questions about potential impacts on aquatic ecosystems, an area that has received limited scientific attention.

[...] They found that changes in temperature and oxygen dynamics caused by floating solar panels can influence habitat availability for both warm-water and cold-water fish species. For instance, cooler water temperatures in summer generally benefit cold-water species, though this effect is most pronounced when panel coverage exceeds 50%.

The researchers note the need for continued research and long-term monitoring to ensure floating photovoltaic systems support clean energy goals without compromising aquatic ecosystems.

"History has shown that large-scale modifications to freshwater ecosystems, such as hydroelectric dams, can have unforeseen and lasting consequences," Bredeweg said.

Journal Reference: https://doi.org/10.1016/j.limno.2025.126293

Original Submission

Snotnose writes:

Everybody knows Intel's 4004, designed for a calculator, was the first CPU on a chip. Everybody is wrong.

For a long time, what is now considered to be a prime candidate for the title of the 'world's first microprocessor' was a very well-kept secret. The MP944 is the inauspicious name of the chip we want to highlight today. It was developed to be the brains behind U.S. Navy's F-14 Tomcat's Central Air Data Computer (CADC). Thus, it isn't surprising that the MP944 was a cut above the Intel 4004, the world's first commercial microprocessor, designed to power a desktop calculator.

The MP944 was designed by a team of engineers approximately 25-strong. Leading the two-year development of this microprocessor were Steve Geller and Ray Holt.

The processor began service, in the aforementioned F-14 flight / control computer in June 1970, over a year before Intel's 4004 would become available, in November 1971. An MP944 worked as part of a six-chip system for the real-time calculation of flight parameters such as altitude, airspeed, and Mach number – and was a key innovation to enable the Tomcat's articulated sweep-wing system.

By many accounts, the MP944 didn't just pre-date the 4004 by quite a margin, it was significantly more performant. The tweet, we embedded above, suggests Geller & Holt's design was "8x faster than the Intel 4004." Completing all the complicated polynomial calculations required by the CADC likely dictated this degree of performance it delivered.

[...] As well as offering amazing performance for the early 1970s, the MP944 had to satisfy some stringent military-minded specifications. For example, it has to remain operational in temperatures spanning -55 to +125 degrees Celsius.

Being an essential component of a flight system also meant the military pushed for safety and failsafe measures. That was tricky, with such a cutting-edge development in a new industry. What ended up being provided to the F-14 Tomcats was a system that could constantly self-diagnose issues while executing its flight computer duties. These MP944 systems could apparently switch to an identical backup unit, fitted as standard, within 1/18th of a second of a fault being flagged by the self-test system.

As mentioned above, this processor of many firsts seems to be of largely academic interest nowadays. However, if Holt's attempts to publish the research paper outlining the architecture of the F-14's MP944-powered CADC system had been cleared back in 1971, we'd surely now all be living in a different future.

Original Submission

canopic jug writes:

Task and Purpose has a short article on a traveling art exhibit of photos taken during the filming of Full Metal Jacket (1987). The actor Matthew Modine played Pvt. Joker in the war film directed by Stanley Kubrick. While Modine was playing the role of a war correspondent, he also ended up taking behind-the-scenes photos on set.

"If you're going to take pictures on my set, this is the camera you need to get," Kubrick said.

Those instructions, Modine realized, included an unspoken permission slip: to capture behind-the-scenes pictures of the iconic war film as it was being made (which perhaps made sense for the film: Pvt. Joker, after all, is a combat correspondent in the Marines, and snaps photos throughout).

Modine's photographs and a journal he kept during the filming are now the heart of "Full Metal Jacket Diary," an exhibit at the National Veterans Memorial And Museum in Columbus, Ohio. The photographs and other pieces spent much of the year at the National Museum of the Marine Corps in Quantico, Virginia, as the exhibit "Full Metal Modine."

The Internet Movie Database has a detailed entry, as usual, on Stanley Kubrik's Full Metal Jacket.

Original Submission

An Anonymous Coward writes:

https://www.nytimes.com/2025/11/14/magazine/neurotech-neuralink-rights-regulations.html
https://archive.ph/mgZRE

As neural implant technology and A.I. advance at breakneck speeds, do we need a new set of rights to protect our most intimate data — our minds?

On a recent afternoon in the minimalist headquarters of the M.I.T. Media Lab, the research scientist Nataliya Kosmyna handed me a pair of thick gray eyeglasses to try on. They looked almost ordinary aside from the three silver strips on their interior, each one outfitted with an array of electrical sensors. She placed a small robotic soccer ball on the table before us and suggested that I do some "basic mental calculus." I started running through multiples of 17 in my head. After a few seconds, the soccer ball lit up and spun around. I seemed to have made it move with the sheer force of my mind, though I had not willed it in any sense. My brain activity was connected to a foreign object. "Focus, focus," Kosmyna said. The ball swirled around again. "Nice," she said. "You will get better." Kosmyna, who is also a visiting research scientist at Google, designed the glasses herself. They are, in fact, a simple brain-computer interface, or B.C.I., a conduit between mind and machine. As my mind went from 17 to 34 to 51, electroencephalography (EEG) and electrooculography (EOG) sensors picked up heightened electrical activity in my eyes and brain. The ball had been programmed to light up and rotate whenever my level of neural "effort" reached a certain threshold. When my attention waned, the soccer ball stood still.

For now, the glasses are solely for research purposes. At M.I.T., Kosmyna has used them to help patients with A.L.S. (Amyotrophic Lateral Sclerosis) communicate with caregivers — but she said she receives multiple purchase requests a week. So far she has declined them. She's too aware that they could easily be misused.

Neural data can offer unparalleled insight into the workings of the human mind. B.C.I.s are already frighteningly powerful: Using artificial intelligence, scientists have used B.C.I.s to decode "imagined speech," constructing words and sentences from neural data; to recreate mental images (a process known as brain-to-image decoding); and to trace emotions and energy levels. B.C.I.s have allowed people with locked-in syndrome, who cannot move or speak, to communicate with their families and caregivers and even play video games. Scientists have experimented with using neural data from fMRI imaging and EEG signals to detect sexual orientation, political ideology and deception, to name just a few examples.

Advances in optogenetics, a scientific technique that uses light to stimulate or suppress individual, genetically modified neurons, could allow scientists to "write" the brain as well, potentially altering human understanding and behavior. Optogenetic implants are already able to partially restore vision to patients with genetic eye disorders; lab experiments have shown that the same technique can be used to implant false memories in mammal brains, as well as to silence existing recollections and to recover lost ones.

Neuralink, Elon Musk's neural technology company, has so far implanted 12 people with its rechargeable devices. "You are your brain, and your experiences are these neurons firing," Musk said at a Neuralink presentation in June. "We don't know what consciousness is, but with Neuralink and the progress that the company is making, we'll begin to understand a lot more."

Musk's company aims to eventually connect the neural networks inside our brains to artificially intelligent ones on the outside, creating a two-way path between mind and machine. Neuroethicists have criticized the company for ethical violations in animal experiments, for a lack of transparency and for moving too quickly to introduce the technology to human subjects, allegations the company dismisses. "In some sense, we're really extending the fundamental substrate of the brain," a Neuralink engineer said in the presentation. "For the first time we are able to do this in a mass market product."

The neurotechnology industry already generates billions of dollars of revenue annually. It is expected to double or triple in size over the next decade. Today, B.C.I.s range from neural implants to wearable devices like headbands, caps and glasses that are freely available for purchase online, where they are marketed as tools for meditation, focus and stress relief. Sam Altman founded his own B.C.I. start-up, Merge Labs, this year, as part of his effort to bring about the day when humans will "merge" with machines. Jeff Bezos and Bill Gates are investors in Synchron, a Neuralink competitor.

owl writes:

https://bit-hack.net/2025/11/10/fpga-based-ibm-pc-xt/

Recently I undertook a hobby project to recreate an IBM XT Personal Computer from the 1980s using a mix of authentic parts and modern technology. I had a clear goal in mind: I wanted to be able to play the EGA version of Monkey Island 1 on it, with no features missing. This means I need mouse support, hard drive with write access for saving the game, and Adlib audio, my preferred version of the game's musical score.

The catalyst for this project was the discovery that there are low-power versions of the NEC V20 CPU available (UPD70108H), which is compatible with the Intel 8088 used in the XT. Being a low-power version significantly simplifies its connection to an FPGA, which typically operate with 3.3-volt IO voltages. Coupled with a low-power 1MB SRAM chip (CY62158EV30) to provide the XT with its 640KB of memory, and I started to have the bones of a complete system worked out.

Source code, schematics and gerber files: https://github.com/bit-hack/iceXt

Original Submission

An Anonymous Coward writes:

https://distrowatch.com/dwres.php?resource=showheadline&story=20094

Canonical has announced the company will extend support on long-term support (LTS) versions of Ubuntu to supply security updates for 15 years.

"Today, Canonical announced the expansion of the Legacy add-on for Ubuntu Pro, extending total coverage for Ubuntu LTS releases to 15 years. Starting with Ubuntu 14.04 LTS (Trusty Tahr), this extension brings the full benefits of Ubuntu Pro – including continuous security patching, compliance tooling and support for your OS – to long-lived production systems."

The extended support is provided as part of Canonical's Ubuntu Pro service.

Editor's Comment: Ubuntu Pro is free for personal use on up to 5 computers. There is also a pricing system for professional and enterprise use.

Original Submission

An Anonymous Coward writes:

https://itsfoss.com/news/mozilla-ai-window-plans/

Planned browsing mode will let users chat with an AI assistant while surfing the web.

Firefox has been pushing AI features for a while now. Over the past year, they've added AI chatbots in the sidebar, automatic alt text generation, and AI-enhanced tab grouping. It is basically their way of keeping up with Chrome and Edge, both of which have gone all-in on AI.

Of course not everyone is thrilled about AI creeping into their web browsers, and Mozilla (the ones behind Firefox) seems to understand that. Every AI feature in Firefox is opt-in. You can keep using the browser as you always have, or flip on AI tools when you actually need them.

Now, they are taking this approach a step further with something called AI Window.

Mozilla has announced it's working on AI Window, a new browsing mode that comes with a built-in AI assistant. Think of it as a third option alongside the Classic browsing mode and Private Window mode.

Before you get angry, know that it will be fully optional. Switch to AI Window when you want help, or just ignore it entirely. Try it, hate it, disable it. Mozilla's whole pitch is that you stay in control.

On the transparency front, they are making three commitments:

        A fully opt-in experience.
        Features that protect your choice.
        More transparency around how your data is used.

Why bother with all this, you ask? Mozilla sees AI as part of the web's future and wants to shape it their way. They figure ignoring AI while it reshapes the web doesn't help anyone, so they want to steer it toward user control rather than watch browsers from AI companies (read: Big Tech) lock people in.

Ajit Varma, the Vice President and Head of Product at Firefox, put it like this:

"We believe standing still while technology moves forward doesn't benefit the web or humanity. That's why we see it as our responsibility to shape how AI integrates into the web — in ways that protect and give people more choice, not less."

The feature isn't live. Mozilla's building it "in the open" and wants feedback to shape how it turns out. If you want early access, there's a waitlist at firefox.com/ai to get updates and first dibs on testing.

Original Submission

An Anonymous Coward writes:

https://www.scientificamerican.com/article/raccoons-are-showing-early-signs-of-domestication/
https://archive.fo/HF0AV

City-dwelling raccoons seem to be evolving a shorter snout—a telltale feature of our pets and other domesticated animals

With dexterous childlike hands and cheeky "masks," raccoons are North America's ubiquitous backyard bandits. The critters are so comfortable in human environments, in fact, that a new study finds that raccoons living in urban areas are physically changing in response to life around humans—an early step in domestication.

The study lays out the case that the domestication process is often wrongly thought of as initiated by humans—with people capturing and selectively breeding wild animals. But the study authors claim that the process begins much earlier, when animals become habituated to human environments.

"One thing about us humans is that, wherever we go, we produce a lot of trash," says the study's co-author and University of Arkansas at Little Rock biologist Raffaela Lesch. Piles of human scraps offer a bottomless buffet to wildlife, and to access that bounty, animals need to be bold enough to rummage through human rubbish but not so bold as to become a threat to people. "If you have an animal that lives close to humans, you have to be well-behaved enough," Lesch says. "That selection pressure is quite intense."

Proto-dogs, for example, would have dug through human trash heaps, and cats were attracted to the mice that gathered around refuse. Over time, individual animals that had a reduced fight-or-flight response could feed more successfully around humans and pass their nonreactive behavior on to their offspring.