SoylentNews

Arthur T Knackerbracket writes:

https://www.theregister.com/security/2026/06/23/five-eyes-spooks-warn-ai-means-infosec-incidents-can-become-major-operational-and-financial-crises/5259916

The leaders of intelligence agencies from the Five Eyes nations – Australia, Canada, New Zealand, the USA and the UK – have together issued strongly worded advice calling for leaders to nail cybersecurity basics or fall victim to ruinous AI-powered attacks.

"The rapid pace of frontier AI development means cyber risk assumptions can become outdated in months, not years," the advice warns, and calls for organizations to take rapid action to ensure their defenses remain potent.

"While AI will help us improve cyber defence over time, it also accelerates the speed, scale, and sophistication of cyber threats," the advice adds. "Frontier AI models are anticipated to exceed current industry expectations, fundamentally transforming both offensive and defensive cyber capabilities. The timeline is not years, it is months."

After all that scary stuff, the spook bosses offer some antidote: "Cyber resilience is integral to advancing business continuity, market confidence, and long-term value."

And how might one achieve that resilience? The Five Eyes have four suggestions:

• Understand and assess risk, readiness and accountability
• Prioritize foundational cyber security practices and controls
• Empower cyber leaders with authority and resources
• Stay actively engaged as threats and guidance evolve

"Cyber risk can no longer be treated as a purely technical issue," the advice points out. "This is a core business risk and leadership responsibility," because breaches are inevitable and "Breaches will occur. Preparedness helps you contain them quickly and prevent escalation into major operational and financial crises."

The intelligence chiefs therefore want organizations to test their cyber resilience rigs.

"It is not enough to have controls," they write. "Leaders must be confident those controls will perform during a real incident. This requires reassessing long-standing trade-offs and using AI deliberately to strengthen defence – not just improve efficiency."

Arthur T Knackerbracket writes:

https://www.tomshardware.com/tech-industry/artificial-intelligence/sk-telecom-named-as-the-korean-carrier-at-the-center-of-anthropics-mythos-export-controls

Wired has identified SK Telecom as the South Korean telecom company whose access to Anthropic's Claude Mythos model the White House ordered revoked over alleged ties to China, days before the Trump administration imposed the export controls that pulled Anthropic's most advanced AI models offline.

SK Telecom’s footprint in China is minimal, generating roughly $1.9 million in Chinese revenue in 2024 and employing seven people in the country, according to its annual report. The national-security concern attaches instead to its parent, SK Group, whose affiliates hold extensive interests in Chinese semiconductors, energy, and other sectors.

SK hynix belongs to the same SK Group, and it received Mythos access in the same expansion, as did Samsung. The two rank among the largest suppliers of the memory and logic silicon that underpins AI hardware, and both joined Anthropic's funding round as strategic investors.

The export controls followed a separate dispute, however, when Amazon, Anthropic's largest investor with a cumulative stake of about $13 billion, flagged a guardrail bypass in Fable 5 to the White House after researchers prompted the model to read a codebase and fix its flaws, turning it into a vulnerability-discovery tool. Amazon CEO Andy Jassy reportedly raised the findings with administration officials directly, which then led to the Commerce Department’s order on June 12 barring all foreign nationals — including immigrants inside the U.S. — from accessing Fable 5 and the underlying Mythos 5.

Rather than filter users by nationality, Anthropic disabled both models for everyone. The company said the demonstration it reviewed surfaced only a small number of previously known, minor vulnerabilities, and that banning a capability common to other frontier models would halt deployments across the industry.

About 100 cybersecurity professionals, including former Facebook security chief Alex Stamos and Luta Security's Katie Moussouris, signed an open letter arguing that while Mythos-class models are “quite good” at finding and weaponizing software flaws, they “are not uniquely good,” calling for the controls to be lifted.

Mythos 5 and Fable 5 remain offline as Anthropic and the White House continue negotiations over restoring access. Anthropic opened a Seoul office on June 17 and signed a memorandum of understanding with South Korea's Ministry of Science and ICT (Information and Communication Technology), naming SK Telecom among its local partners. SK Telecom has denied the allegations, telling a Korean newspaper that the anonymous claims in foreign media “lack verified facts,” and that it has no ties to China.

Original Submission

An Anonymous Coward writes:

Since 2000 there has been an explosion of creators publishing their content online and with it a raft of laws and restrictions for what is and is not acceptable. At the forefront of this is automated scanning for images that are deemed to be inappropriate. Now Adobe has taken this one step further by incorporating AI into Photoshop to check images being edited to block what they deem to be inapproriate images from being created. Content creator Alsoashley discovered this while editing a photo of herself in a bikini (also posted on youtube).

Do you think that AI blocking you from editing a photo on your computer because it deems your art to be inappropriate to be acceptable?

Original Submission

Arthur T Knackerbracket writes:

This is reminiscent of the acoustic mirror used from World War I until the advent of radar as an early warning system for bombers:

A Lithuanian startup developed an Android app that lets verified users monitor the general area for the acoustic signature of Shahed-type drones used by Russia to strike targets and report their approximate location. According to state broadcaster Lithuanian National Radio and Television, the app uses an embedded algorithm to isolate and analyze targets from environmental noise. It reports a possible detection on a public map. With the app running on enough devices, the system could determine the potential location and direction of these drones and warn both civilians and the military of an impending strike.

Shahed-type drones have been widely employed in Russia’s invasion of Ukraine, which is quite effective for its relatively low price compared to other, more advanced missile systems. Ukraine has been taking steps to counter this threat, including requiring users inside the country to register their Starlink units to avoid getting blocked because Russia has been using the service to guide its drones as late as last year. Other nations are experimenting with cost-effective countermeasures, too, including microwave drone swarm killers and man-portable anti-drone laser systems.

The biggest issue for air defense systems is that these drones are quite small and made of lightweight materials, which gives them a relatively low radar cross-section (RCS). A Shahed-type drone usually measures around eight to 12 feet in length and has a wingspan of around eight feet. Although they could be detected by standard radar systems, their speed and size mean that the radar receiver would also pick up a lot of other clutter, such as birds, making it hard to distinguish relevant targets from background noise. These characteristics, combined with their low flight cruising altitude, mean that ground-based radars have trouble picking them up unless they’re flying relatively close.

However, their low flight path also means that they could easily be heard by observers on the ground. So, if enough people can detect their aural signature and report it to a central database, defense forces could mobilize and engage these threats while they’re still distant from their targets and away from population centers. This is similar to the acoustic mirrors and acoustic locators that militaries used in World War I before the advent of radar, wherein they built massive concrete dishes aimed upward, or used smaller, more portable metal horn arrays, crewed by trained personnel listening in to detect the low-frequency sound coming from aircraft piston engines from far away.

We expect this to be far more accurate, though, because it uses advanced algorithms and thousands of detectors operated by verified users. While using this system alone is probably not enough to accurately detect these drones, pairing it with modern radar systems could make the radar operators’ job far easier, as they would have another data source to confirm whether they’re actually seeing drones on their screens or just a flock of birds.

Here's the old school acoustic mirrors referenced in TFA

Original Submission

Arthur T Knackerbracket writes:

https://www.slashgear.com/2197980/how-airbags-deploy-so-quickly-in-a-crash-physics-explained/

Front airbags have been required in new passenger vehicles since the 1999 model year. While side airbags aren't specifically mandated, auto manufacturers install them to meet other federal safety requirements regarding side protection. The National Highway Traffic Safety Administration (NHTSA) claims that airbags saved over 70,000 lives in the U.S. since their implementation, so they work. But how do they work?

Airbags, which have recently become targets of theft, are part of the vehicle's passive safety system designed to help keep passengers safe during an accident. On average, an accident happens in roughly 200 milliseconds — less than 1/5 of a second. So, the system needs to detect, react, and deploy faster than that to be effective — usually just 10 to 30 milliseconds, which is quicker than you can blink. The deployment of an airbag has been described as "engineered violence" because it essentially contains and directs a literal explosion.

First of all, the term "airbag" isn't accurate since they don't actually use "air" per se. Today's systems use guanidinium nitrate with a copper nitrate oxidizer to produce nitrogen gas. When guanidinium nitrate is ignited, it breaks down into nitrogen gas, water, and carbon. The copper nitrate oxidizer is included to help reduce the temperature of the expelled gas. Older airbag systems once used ammonium nitrate, a chemical that didn't play nicely with humidity and moisture, and ended up causing several injuries and even some deaths. Guanidinium nitrate isn't affected by moisture.

Airbags are designed to deploy at various speeds depending on the scenario. If a car hits something narrow (think tree or pole), bags can deploy at just 8 mph. Impacts involving larger objects (such as other cars) can cause bags to unfurl at 18 mph. But the technology and methods used in the front passenger compartment are different than those used in other parts of the car.

Front airbags use small electronic accelerometers that can detect when a car suddenly decelerates, which is technically what occurs when it's involved in a crash. Using a technology called MEMS (micro-electro-mechanical systems), the onboard impact sensors determine — in the proverbial blink of an eye — changes in the vehicle's speed, how fast the car was going, what hit it, and whether the occupants were wearing seat belts. Passengers wearing seatbelts are considered safer, so airbags won't deploy unless the speed exceeds 16 mph. However, those not wearing them are at greater risk, so the system typically triggers bag deployment at speeds between 10 and 12 mph.

owl writes:

https://www.newsweek.com/cost-me-the-election-data-centers-trigger-voter-backlash-12118327

A wave of voter anger over massive data center projects is beginning to reshape U.S. politics, with local officials and senior lawmakers losing elections after backing controversial developments tied to the artificial intelligence boom.

In Utah on Wednesday, State Senate President J. Stuart Adams—one of the most powerful Republicans in the state—lost his primary election after supporting a major data center development near the Great Salt Lake, in one of the clearest signs yet of the growing political risks tied to the industry.

At the local level, the fallout was just as direct. "Do I think that the data center vote cost me the election? Yes I do," former Box Elder County Commissioner Lee Perry said after conceding his primary race, after voting to advance the same project.

Original Submission

An Anonymous Coward writes:

https://www.timwehrle.de/blog/i-stored-a-website-in-a-favicon/

A while ago I wrote about storing two bytes inside my mouse's DPI register. It wasn't useful. It wasn't practical. But it did something unfortunate to my brain. Once you've successfully hidden data somewhere it doesn't belong, you start looking at everything as potential storage.
A monitor is storage.

A keyboard is storage.

A BIOS splash screen is (maybe) storage.

A favicon is storage.

And yes, here we are.

Every website has a favicon. It's that little icon in your browser tab. Usually you upload it once and then never think about it again. But. A favicon is just an image. An image is just pixels. And pixels are just bytes.

So of course I wondered if I could store something inside one.

Original Submission

Arthur T Knackerbracket writes:

ASML denies it has ever shipped an EUV scanner to China:

The company is refuting a recent report claiming the U.S. government believes that one of ASML's extreme ultraviolet (EUV) lithography systems may have somehow reached China despite export restrictions, according to Bloomberg, citing sources familiar with negotiations between the U.S. officials and ASML executives. ASML denies any wrongdoing and claims that it knows the location of every EUV tool it has ever built.

"In recent years, ASML has refuted several unfounded rumors regarding non-compliance with export controls concerning China which were inaccurate and damaging to our reputation," a spokesperson for ASML told Tom's Hardware.

The U.S. government has not publicly produced evidence that a complete EUV scanner is operating in China. Yet, several senior administration officials told Bloomberg that they possess information indicating that ASML exported equipment associated with EUV systems, including specialized systems used to 'transport EUV machines.' Those officials declined to disclose any evidence, citing sensitivity concerns.

"ASML has never shipped an EUV machine to China, nor have we shipped to China any component, module or equipment specially designed to be used in an EUV machine," the spokesperson told us.

An ASML EUV scanner is made of 100,000 components and weighs 180 tons. It is transported only by air on multiple planes, and it would be impossible to intercept such a shipment without causing an international scandal. Meanwhile, given the complexity of the machine, it is impossible to build one using spare or scrap parts or reverse engineer it using its components, as we reported back in December.

Bloomberg claims that ASML has circulated an internal presentation titled 'No indication of any ASML EUV System in China,' which reportedly states there are 314 EUV systems currently operating worldwide and another 26 that have been retired. According to the document, none are located in China. The presentation further notes that EUV scanners continuously communicate with ASML, so the company can detect interruptions, abnormal activity, or connectivity issues. In addition, customers cannot simply dismantle, transport, and reinstall an EUV scanner without direct assistance from ASML due to specialized logistics and handling requirements.

Original Submission

Arthur T Knackerbracket writes:

https://www.theregister.com/software/2026/06/22/cloudflare-teams-up-with-big-browsers-to-help-websites-tell-welcome-from-unwelcome-visitors/5259782

Cloudflare on Monday said that it has joined with the three leading commercial browser makers to create a privacy-preserving protocol that websites can use to separate desirable web traffic from undesirable network requests.

Cloudflare, along with Google Chrome, Microsoft Edge, and Mozilla Firefox, have committed to develop Private Access Control Tokens (PACTs), a way for websites to generate a digital token that asserts a given browsing session is being run by a human or bot with legitimate intent, as opposed to network requests from people or software deemed abusive or improper.

PACTs will let websites "with strong knowledge of 'personhood'" issue anonymous tokens that browser users and designated bots can present at other websites, so that fewer identity checks are necessary. 

Think of PACTs as a shareable, privacy-preserving CAPTCHA test result, where the desirability of the web traffic is being tested rather than whether the visitor is a human or bot – an increasingly difficult distinction.

While the technical details are still being hammered out and harmonized between related proposals, it isn't immediately clear what constitutes "strong knowledge of 'personhood'" in this context, particularly since "personhood" appears to extend to software that has been authorized to act on behalf of a legitimate person for an authorized purpose. 

It may be that the test criteria puts certain browsers, behaviors, or network signals at greater risk of being denied the dispensation of a PACT, though past technical discussion by developers from Google and Mozilla suggests that excluding certain hardware, platforms, or user-agents is not a goal.

Dane Knecht, CTO of Cloudflare, argues that the way people interact with the web is changing and increasingly may involve autonomous agents.

"As AI-powered traffic becomes widespread, existing tools to support its use are too generic and coarse," said Knecht in a statement. "Now this collaboration lets us eliminate the friction caused by security protocols for every visitor – whether they are human or agent – without sacrificing privacy."

The claim "without sacrificing privacy" is a bit of an overstatement. PACT tokens, it appears, will not contain personal details. But they won't do anything to repair all the other ways browsers can facilitate digital fingerprinting and tracking. And if implemented poorly, they may introduce novel risks. Fundamentally, they divide the internet traffic into welcome and unwelcome traffic – something already widely done through firewalls and other technical measures but not easily reconciled with the notionally open web.

"Mozilla is committed to defending openness and user privacy on the web," said Bobby Holley, CTO for Firefox at Mozilla, in a statement. "An avalanche of automated traffic is pushing sites to adopt blunt defenses – paywalls, identity checks, CAPTCHAs, and invasive tracking – simply to tell whether a request comes from a human."

While Cloudflare touts the privacy benefits of PACTs, it's clear from the company's announcement that the technology is designed to "empower businesses to identify genuine visitors, ensuring they can focus their resources on the traffic that matters to them." Essentially, this is an anti-fraud initiative.

Many website operators have complained about the burden of handling unwanted network traffic from disrespectful crawlers. PACTs may be the answer to their prayers. At the same time, they may also become an access barrier that demands negotiation with site publishers to have one's site visits or software deemed worthy of "personhood."

Original Submission

An Anonymous Coward writes:

https://github.com/Rompass/openc6-bios

OpenC6 BIOS is a fully open-source, high-performance modular platform (BIOS) for the ESP32-C6 (RISC-V) microcontroller. It completely changes the traditional embedded development paradigm by decoupling hardware initialization from application logic—bringing a PC/Server-like architecture to a $2 microcontroller.

Instead of monolithic firmwares, OpenC6 acts as a host platform. It initializes the hardware, provides out-of-band management via an independent LP-Core coprocessor, and exposes a standardized System Call Interface (ABI). This allows you to hot-swap, download, and execute tiny, lightning-fast bare-metal Payloads directly into RAM or Execute-In-Place (XIP) Flash.

Original Submission

jelizondo writes:

I found a very interesting article published by The Guardian about the physical characteristics of the new FIFA ball and how it is surprising goalkeepers:

Poor old Luca Zidane. The Algeria goalkeeper has had a turbulent time. In two matches he has conceded five goals, and a pair of them – first from Lionel Messi, then, more embarrassing, from Jordan's Nizar al-Rashdan – have gone through his fingers.

But Zidane is not alone. Senegal's Édouard Mendy and Iraq's Ahmed Basil have got their hands to shots, but been unable to stop them. Is something going on?

Certainly Joe Hart seems to think so. He has frequently been pointing out on BBC that goalkeepers are having trouble reading the speed of the World Cup ball, the Adidas Trionda. "The ball is coming into the keepers a lot faster than it feels when it comes off the foot," he said. "Zidane is more than capable of saving that ball [from Messi]. When goalkeepers get up to speed with these World Cup balls we're going to see these shots saved."

Hart issued his assessment before Zidane had played his second match, when the 28-year-old's inability to stop al-Rashdan's outside-of-the-boot effort suggest the problem may continue for a while yet. But there is help at hand and it comes in the form of an 18-page paper produced by South Korean and Japanese academics.

It has the title Orientation-Dependent Drag Crisis and Flight Response of the Fifa World Cup Match Ball Trionda and its contents do not deviate from the outline. Researchers took the ball and fired it through a wind tunnel to measure the effect of aerodynamic forces upon it. They did so from six angles and found a consistent outcome.

Regardless of where the ball was struck, if the ball reached a certain velocity it would fly faster. This, the researchers from Seoul Women's University and the University of Tsukuba found, was down to an effect called "drag crisis". This occurs when an object flying through the air reaches the point where the air flow around it shifts from a smooth state (known as a laminal flow) to a turbulent one. When the flow is turbulent, it disrupts the drag behind a moving object, allowing it to move faster.

Researchers noted that the "upstream seam and groove arrangements" in the Trionda's design made drag crisis possible at lower speeds.

If a ball does not slow down as expected, because of the drag crisis effect, you can understand how goalkeepers may be caught unawares. The researchers found further complicating factors. They observed that while there was a drag-crisis effect regardless of where the ball was hit, the level of the crisis would shift depending on whether the ball was struck on a seam or on a panel (hitting on the seam seemed to create the lower drag). Drag crisis was also variable according to altitude, with the higher the game, the less likely the occurrence.

Original Submission

Arthur T Knackerbracket writes:

https://www.theregister.com/personal-tech/2026/06/22/the-memory-crisis-is-getting-so-bad-that-even-retro-ram-prices-are-going-to-the-moon/5259627

The global memory crisis has developed a new twist as buyers turn to "legacy" products such as DDR2 and DDR3 to meet demand, according to market watcher TrendForce.

The Taiwanese firm says DRAM buyers are turning to older products to secure larger supply allocations, driving up prices for components including DDR2 and DDR3.

As Reg readers will be well aware by now, the AI craze has led to memory chipmakers prioritizing production of more profitable HBM and server DRAM silicon to power AI infrastructure, leaving a shortage of the mainstream memory types needed for PCs, smartphones, and other devices.

As a result, prices have risen for DDR4 and DDR5 modules – if you can even find them – resulting in hikes in the cost of kit such as PCs, which are up by double figures, according to some estimates.

Continued shortages of everyday DRAM components and rapidly rising contract prices have prompted some hardware makers to downgrade memory specifications to control system costs, TrendForce claims. In some cases, DDR4 designs are being replaced with DDR3 solutions, while certain DDR3-based products are being redesigned to use DDR2. 

We find it hard to believe that PC makers would ship systems with memory types so old or that modern processors would support them, so it is likely this applies to other kinds of device.

Now the market intelligence operation estimates that DDR2 contract prices will rise by approximately 55 to 60 percent for the second quarter of 2026, followed by a further 35 to 40 percent increase in the third quarter.

This is happening because customers are desperate to secure more reliable supplies, adopting lower capacity configurations or turning to older memory generations. Consequently, the supply shortages are now rippling through the memory market and starting to affect even legacy DRAM products.

Key suppliers of DDR2 components include Winbond and Elite Semiconductor Microelectronics Technology (ESMT), based in TrendForce's home turf of Taiwan. However, Winbond is gradually winding down DDR2 production and reallocating capacity toward more high-margin products such as DDR3, DDR4, and LPDDR4, it says.

But ESMT plans to maximize DDR2 production within its existing allocation at wafer maker PSMC. The firm is understood to be concentrating resources on this segment to enhance profitability and help offset the supply gap created by Winbond's withdrawal from the DDR2 market.

Some of the big memory makers are planning to increase capacity, but only slowly. Korean giant SK hynix aims to double silicon wafer output capacity over the next five years, while US biz Micron expects "meaningful new capacity" at its new Virginia fabrication plant in 2027 and 2028.

Original Submission

AnonTechie writes:

So to summarize:

Larry Sanger resuggested "WikiProject Intellectual Diversity", a group with the goal to make "Wikipedia more intellectually diverse" and "ensure fair and open decision-making and governance, broaden the range of permissible sources, reinforce genuine neutrality, rein in over-aggressive blocking while holding the powerful to higher standards of accountability", etc, with the implied undertone of preventing Wikipedia from drifting too far to the political left.

This is unpopular because people oppose this on various grounds (mostly that it might be vote brigading and tiling decisions in their favor just by showing up in an organised way around wikipedia). Also the same project was apparently suggested before and rejected in early stages

But then he made a tweet that basically just says "I suggested this, some people like it, some hate it". That's super against the rules, because it attracts people to the proposal who otherwise wouldn't have seen it. Probably in an attempt to sway discussion, because his tweets are obviously seen primarily by people who like his ideas

Which then lead to the vote to ban him from editing Wikipedia. With a total ban getting more votes than a more limited ban, like banning him from participating in articles namespaced for internal matters.

There are lots of comments about this news ... Some of them are quite entertaining !!

[Source]: YCombinator

[Ref.]: https://en.wikipedia.org/wiki/User:Larry_Sanger

Original Submission

owl writes:

https://pluralistic.net/2026/06/23/destroy-the-village/

The literature on harms to kids from online platforms is complex and nuanced, rife with people citing small, ambiguous studies as iron-clad evidence that kids are being destroyed by the internet.

It's a weird coalition of anti-Big Tech campaigners (who are rightly angry at the platforms' callous disregard for user welfare) and Heritage Foundation-backed culture warriors (who think that if their kids aren't exposed to LGBTQ content they won't come out as queer). While there's plenty these groups disagree about, they share one consensus: there should be a "minimum age" for certain kinds of internet use.

The problem is, there's no such thing as "age verification" for the internet. What we call "age verification" is actually mass surveillance, so invasive and pervasive that it makes the ad-tech industry's commercial surveillance look like some kind of cypherpunk darknet pirate utopia.

"Age verification" means that everyone who does anything online will have to submit to fine-grained tracking and recording of all their online activities. This nightmare is the surveillance advertising industry's fondest dream, a world where it's literally illegal to avoid their tracking, all in the name of saving kids...from them!

Original Submission

Arthur T Knackerbracket writes:

The Hidden Cost of Cyber Risk report found that businesses are most impacted by everyday cyber disruption, rather than large-scale one-off breaches:

The Eir Business Hidden Cost of Cyber Risk report, which is supported by Microsoft, has found that on average cyberattacks are costing Irish small and medium-sized enterprises (SMEs) up to €3.4bn annually. 

However, the greatest impact is not from large-scale, one-off breaches, but frequent day-to-day cybersecurity-related disruptions that are driving losses for many Irish companies. 

Reportedly, SMEs lose more than 7.2m working days every year due to cyber incidents, with affected businesses experiencing multiple incidents annually. For individual firms, this equates to nearly three working weeks lost annually. 

Susan Brady, the managing director at Eir Business, said: “This report shows that cyber risk is not just about rare, large-scale attacks. 

"For most SMEs, it is the cumulative impact of everyday incidents, from phishing emails and ransomware attempts to service disruptions, that drives significant loss of time and productivity. These risks affect not just individual businesses, but supply chains, customers and the wider business ecosystem.”

[...] The report stated that the companies with more cyber preparedness tend to experience fewer incidents, lower overall losses and significantly less disruption. Moreover, the organisations with higher levels of preparedness can reduce annual downtime from more than 30 days to around five days, while structured data management significantly lowers the likelihood of experiencing an attack.

[...] “This research highlights the real and growing impact that cyber risk is having on businesses across the country, not just in financial terms, but in disrupted operations and lost productivity. However, with the right support, guidance and focus on practical measures, businesses can strengthen their resilience and reduce their exposure.”

Original Submission