SoylentNews

upstart writes:

The window to patch vulnerabilities is shrinking rapidly:

Russian-state hackers wasted no time exploiting a critical Microsoft Office vulnerability that allowed them to compromise the devices inside diplomatic, maritime, and transport organizations in more than half a dozen countries, researchers said Wednesday.

The threat group, tracked under names including APT28, Fancy Bear, Sednit, Forest Blizzard, and Sofacy, pounced on the vulnerability, tracked as CVE-2026-21509, less than 48 hours after Microsoft released an urgent, unscheduled security update late last month, the researchers said. After reverse-engineering the patch, group members wrote an advanced exploit that installed one of two never-before-seen backdoor implants.

The entire campaign was designed to make the compromise undetectable to endpoint protection. Besides being novel, the exploits and payloads were encrypted and ran in memory, making their malice hard to spot. The initial infection vector came from previously compromised government accounts from multiple countries and were likely familiar to the targeted email holders. Command and control channels were hosted in legitimate cloud services that are typically allow-listed inside sensitive networks.

"The use of CVE-2026-21509 demonstrates how quickly state-aligned actors can weaponize new vulnerabilities, shrinking the window for defenders to patch critical systems," the researchers, with security firm Trellix, wrote. "The campaign's modular infection chain—from initial phish to in-memory backdoor to secondary implants was carefully designed to leverage trusted channels (HTTPS to cloud services, legitimate email flows) and fileless techniques to hide in plain sight."

The 72-hour spear phishing campaign began January 28 and delivered at least 29 distinct email lures to organizations in nine countries, primarily in Eastern Europe. Trellix named eight of them: Poland, Slovenia, Turkey, Greece, the UAE, Ukraine, Romania, and Bolivia. Organizations targeted were defense ministries (40 percent), transportation/logistics operators (35 percent), and diplomatic entities (25 percent).

[...] Trellix attributed the campaign to APT28 with "high confidence" based on technical indicators and the targets selected. Ukraine's CERT-UA has also attributed the attacks to UAC-0001, a tracking name that corresponds to APT28.

"APT28 has a long history of cyber espionage and influence operations," Trellix wrote. "The tradecraft in this campaign—multi-stage malware, extensive obfuscation, abuse of cloud services, and targeting of email systems for persistence—reflects a well-resourced, advanced adversary consistent with APT28's profile. The toolset and techniques also align with APT28's fingerprint."

Trellix has provided a comprehensive list of indicators organizations can use to determine if they have been targeted.

Original Submission

owl writes:

https://www.rs-online.com/designspark/a-fresh-look-at-ibm-3270-information-display-system

The IBM mainframe computer has evolved over a period spanning almost six decades and in part, this has been in response to wider industry trends, with notably the advent of "midrange" and personal computers, and the sweeping success of TCP/IP. However, the mainframe has also been responsible for delivering features and functionality which would only come much later to smaller systems, not to mention enduring and enviable reliability which is hard to beat today.

This post takes a look at the IBM 3270 Information Display System, which played a key role in enabling a single mainframe computer to scale and serve thousands of users. It should also be noted that, while discussing the system mostly in the past tense, the mainframe itself very much lives on and actually so does 3270, albeit nowadays as a protocol that is run on top of TCP/IP.

Original Submission

upstart writes:

Five other states have introduced similar bills recently as data center development skyrockets:

On Friday, New York State Senators Liz Krueger and Kristen Gonzales introduced a bill that would stop the issuance of permits for new data centers for at least three years and ninety days to give time for impact assessments and to update regulations. The bill would require the Department of Environmental Conservation and Public Service Commissions to issue impact statements and reports during the pause, along with any new orders or regulations that they deem necessary to minimize data centers' impacts on the environment and consumers in New York.

The bill would require these departments to study data centers' water, electricity and gas usage, and their impact on the rates of these resources, among other things. The bill, citing a Bloomberg analysis, notes that, "Nationally, household electricity rates increased 13 percent in 2025, largely driven by the development of data centers." New York is the sixth state this year to introduce a bill aiming to put the brakes on data centers, following in the footsteps of Georgia, Maryland, Oklahoma, Vermont and Virginia, according to Wired. It's still very much in the early stages, and is now with the Senate Environmental Conservation Committee for consideration.

Original Submission

hubie writes:

Time is almost up on the way we track each second of the day, with optical atomic clocks set to redefine the way the world measures one second in the near future:

Researchers from Adelaide University worked with the National Institute of Standards and Technology (NIST) in the United States and the National Physical Laboratory (NPL) in the United Kingdom to review the future of the next generation of timekeeping.

They found that development is happening at such a fast rate that optical atomic clocks are well positioned to become the gold standard for timekeeping within the next few years, provided some technical challenges can be addressed.

"Optical atomic clocks have advanced rapidly over the past decade, to the point where they are now one of the most precise measurement tools ever built. They're more accurate than the best microwave atomic clocks and can even work outside the lab – this is a place that conventional atomic clocks have trouble venturing," said co-author Professor Andre Luiten from Adelaide University's Institute for Photonics and Advanced Sensing.

Optical atomic clocks are made from laser-cooled trapped ions and atoms. When scientists repeatedly probe the atoms with a laser, they respond only at a special frequency which can be converted into ticks to track time accurately.

The review into the next generation technology, which has been published in the journal Optica, outlines the key features, progress that's been made over the past decade, challenges and future applications.

"A decade ago, optical atomic clocks had no impact on the steering of international time. Today, at least ten have been approved for use," said Professor Luiten.

A roadmap for redefining how the second is measured is underway, but researchers have noted other potential uses for optical atomic clocks, including as gravity sensors that can aid in creating an international height reference system that's not based on sea level. Their precision and sensitivity also positions them as a useful tool for testing fundamental physics such as dark matter.

They could be relied on to maintain accurate time during satellite outages caused by solar storms or malicious attacks. This latter opportunity is seeing an outpouring of commercial interest in optical clocks, including from Adelaide University spin-out, QuantX Labs.

Despite the rapid development of this technology, the review does identify several key challenges. These include limitations to the operational capability of optical atomic clocks, with many still operating intermittently. Decisions around how to redefine the second also need to be made, including if a single type of optical atomic clock or a group are the most reliable way to replace caesium fountain clocks, with direct comparisons needed.

Supply chains for critical components are also underdeveloped, resulting in higher costs, however, researchers believe progress in quantum computing and bioscience are likely to lead to more affordable and accessible systems in the future.

Journal Reference: https://doi.org/10.1364/OPTICA.575770

Original Submission

hubie writes:

Vibe Coding Is Killing Open Source Software, Researchers Argue:

According to a new study from a team of researchers in Europe, vibe coding is killing open-source software (OSS) and it's happening faster than anyone predicted.

Thanks to vibe coding, a colloquialism for the practice of quickly writing code with the assistance of an LLM, anyone with a small amount of technical knowledge can churn out computer code and deploy software, even if they don't fully review or understand all the code they churn out. But there's a hidden cost. Vibe coding relies on vast amounts of open-source software, a trove of libraries, databases, and user knowledge that's been built up over decades.

Open-source projects rely on community support to survive. They're collaborative projects where the people who use them give back, either in time, money, or knowledge, to help maintain the projects. Humans have to come in and fix bugs and maintain libraries.

Vibe coders, according to these researchers, don't give back.

The study Vibe Coding Kills Open Source, takes an economic view of the problem and asks the question: is vibe coding economically sustainable? Can OSS survive when so many of its users are takers and not givers? According to the study, no.

"Our main result is that under traditional OSS business models, where maintainers primarily monetize direct user engagement...higher adoption of vibe coding reduces OSS provision and lowers welfare," the study said. "In the long-run equilibrium, mediated usage erodes the revenue base that sustains OSS, raises the quality threshold for sharing, and reduces the mass of shared packages...the decline can be rapid because the same magnification mechanism that amplifies positive shocks to software demand also amplifies negative shocks to monetizable engagement. In other words, feedback loops that once accelerated growth now accelerate contraction."

[...] According to Koren, vibe-coders simply don't give back to the OSS communities they're taking from. "The convenience of delegating your work to the AI agent is too strong. There are some superstar projects like Openclaw that generate a lot of community interest but I suspect the majority of vibe coders do not keep OSS developers in their minds," he said. "I am guilty of this myself. Initially I limited my vibe coding to languages I can read if not write, like TypeScript. But for my personal projects I also vibe code in Go, and I don't even know what its package manager is called, let alone be familiar with its libraries."

The study said that vibe coding is reducing the cost of software development, but that there are other costs people aren't considering. "The interaction with human users is collapsing faster than development costs are falling," Koren told 404 Media. "The key insight is that vibe coding is very easy to adopt. Even for a small increase in capability, a lot of people would switch. And recent coding models are very capable. AI companies have also begun targeting business users and other knowledge workers, which further eats into the potential 'deep-pocket' user base of OSS."

This won't end well. "Vibe coding is not sustainable without open source," Koren said. "You cannot just freeze the current state of OSS and live off of that. Projects need to be maintained, bugs fixed, security vulnerabilities patched. If OSS collapses, vibe coding will go down with it. I think we have to speak up and act now to stop that from happening."

He said that major AI firms like Anthropic and OpenAI can't continue to free ride on OSS or the whole system will collapse. "We propose a revenue sharing model based on actual usage data," he said. "The details would have to be worked out, but the technology is there to make such a business model feasible for OSS."

[...] "Popular libraries will keep finding sponsors," Koren said. "Smaller, niche projects are more likely to suffer. But many currently successful projects, like Linux, git, TeX, or grep, started out with one person trying to scratch their own itch. If the maintainers of small projects give up, who will produce the next Linux?"

arXiv link: https://arxiv.org/abs/2601.15494

Original Submission

jelizondo writes:

CIO published a very interesting article about how the use of AI by the best engineers actually is slowing them down, and quite not delivering on the promised speed up of production code:

We've all heard the pitch. By now, it's practically background noise in every tech conference: AI coding is solved. We are told that large language models (LLMs) will soon write 80% of all code, leaving human engineers to merely supervise the output.

For a CIO, this narrative is quite seductive. It promises a massive drop in the cost of software production while increasing the engineering speed. It suggests that the bottleneck of writing code is about to vanish.

But as someone who spends his days building mission-critical financial infrastructure and autonomous agent platforms, I have to be the bearer of bad news: it's not working out that way. At least, not for your best engineers.

The deployment of AI copilots into the workflows of experienced engineers isn't producing the frictionless acceleration promised in the brochures. Instead, I'm seeing the emergence of a productivity trap — a hidden tax on velocity that is disproportionately hitting your most valuable technical talent.

[...]

For the first few years of the generative AI boom, we operated on vibes. We had anecdotal evidence and vendor-sponsored studies claiming massive productivity gains. And for junior developers working on simple tasks, those gains were real. If you just need a basic react component for a login button, using AI feels like a miracle.

But we got a reality check in mid-2025. A randomized controlled trial by METR (Model Evaluation & Threat Research) analyzed the impact on senior engineering talent. Unlike previous studies that used toy problems, this one watched experienced developers working on their own mature codebases — the kind of messy, complex legacy systems that actually power your business.

The results were stark. When experienced developers used AI tools to complete real-world maintenance tasks, they took 19% longer than when they worked without them.

[...]

It comes down to what I call the illusion of velocity. In the study, developers felt faster. They predicted the AI would save them huge amounts of time. Even after they finished — and were objectively recorded as being slower — they still believed the AI had been a timesaver.

The AI gives you a dopamine hit. Text appears on the screen at superhuman speed and the blank page problem vanishes. But the engineer's role has shifted from being a creator to being a reviewer and that is where the trap snaps shut.

According to the 2025 Stack Overflow Developer Survey, the single greatest frustration for developers is dealing with AI solutions that look correct but are slightly wrong. Nearly half of developers explicitly stated that debugging AI-generated code takes more time than writing it themselves.

In software engineering, blatantly broken code is fine. The compiler screams, the app crashes upon launch, the red squiggly lines appear. You know it's wrong immediately.

Almost-right code is insidious. It compiles. It runs. It passes the basic unit tests. But it contains subtle logical flaws or edge-case failures that aren't immediately obvious.

upstart writes:

FBI stymied by Apple's Lockdown Mode after seizing journalist's iPhone:

The Federal Bureau of Investigation has so far been unable to access data from a Washington Post reporter's iPhone because it was protected by Apple's Lockdown Mode when agents seized the device from the reporter's home, the US government said in a court filing.

FBI agents were able to access the reporter's work laptop by telling her to place her index finger on the MacBook Pro's fingerprint reader, however. This occurred during the January 14 search at the Virginia home of reporter Hannah Natanson.

As previously reported, the FBI executed a search warrant at Natanson's home as part of an investigation into a Pentagon contractor accused of illegally leaking classified data. FBI agents seized an iPhone 13 owned by the Post, one MacBook Pro owned by the Post and another MacBook Pro owned by Natanson, a 1TB portable hard drive, a voice recorder, and a Garmin watch.

Government investigators want to read Natanson's Signal messages, and were able to view at least some of them on her work laptop. The reporter has said she has a contact list of 1,100 current and former government employees in Signal, which she uses for encrypted chats.

The Justice Department described the search in a court filing that was submitted Friday in US District Court for the Eastern District of Virginia and noted in a 404 Media article today. The government filing opposes a motion in which the Post and Natanson asked the court to order the return of the seized devices. A federal magistrate judge previously issued a standstill order telling the government to stop searching the devices until the court rules on whether they must be returned.

"The iPhone was found powered on and charging, and its display noted that the phone was in 'Lockdown' mode," the government filing said. After the seized devices were taken to the FBI's Washington field office, the Computer Analysis Response Team (CART) "began processing each device to preserve the information therein," the filing said.

CART couldn't get anything from the iPhone. "Because the iPhone was in Lockdown mode, CART could not extract that device," the government filing said.

The government also submitted a declaration by FBI Assistant Director Roman Rozhavsky that said the agency "has paused any further efforts to extract this device because of the Court's Standstill Order." The FBI did extract information from the SIM card "with an auto-generated HTML report created by the tool utilized by CART," but "the data contained in the HTML was limited to the telephone number."

Apple says that LockDown Mode "helps protect devices against extremely rare and highly sophisticated cyber attacks," and is "designed for the very few individuals who, because of who they are or what they do, might be personally targeted by some of the most sophisticated digital threats."

upstart writes:

Russian spy satellites have intercepted EU communications satellites:

European security officials believe two Russian space vehicles have intercepted the communications of at least a dozen key satellites over the continent.

Officials believe that the likely interceptions, which have not previously been reported, risk not only compromising sensitive information transmitted by the satellites but could also allow Moscow to manipulate their trajectories or even crash them.

Russian space vehicles have shadowed European satellites more intensively over the past three years, at a time of high tension between the Kremlin and the West following Moscow's full-scale invasion of Ukraine.

For several years, military and civilian space authorities in the West have been tracking the activities of Luch-1 and Luch-2—two Russian objects that have carried out repeated suspicious maneuvers in orbit.

Both vehicles have made risky close approaches to some of Europe's most important geostationary satellites, which operate high above the Earth and service the continent, including the UK, as well as large parts of Africa and the Middle East.

According to orbital data and ground-based telescopic observations, they have lingered nearby for weeks at a time, particularly over the past three years. Since its launch in 2023, Luch-2 has approached 17 European satellites.

Both satellites are suspected of "doing sigint [signals intelligence] business," Major General Michael Traut, head of the German military's space command, told the Financial Times, referring to the satellites' practice of staying close to Western communications satellites.

A senior European intelligence official said the Luch vehicles were almost certainly intended to position themselves within the narrow cone of data beams transmitted from Earth-based stations to the satellites.

The official expressed concern that sensitive information—notably command data for European satellites—is unencrypted, because many were launched years ago without advanced onboard computers or encryption capabilities.

This leaves them vulnerable to future interference—or even destruction—once hostile actors have recorded their command data.

jelizondo writes:

A very interesting article was published by The New Republic, which centers on the intersection of social media, government censorship and activism, China style. It is a long read but very much worth you while, as the "spring" of public freedom becomes the hard, cold winter at the hands of an authoritarian regime.

A very interesting article was published by The New Republic, which centers on the intersection of social media, government censorship and activism, China style. It is a long read but very much worth you while, as the "spring" of public freedom becomes the hard, cold winter at the hands of an authoritarian regime.

Weibo, the Chinese uber social media platform, is an unlikely vehicle for protests, demand for change and surprisingly results, in the form of government reform, changes to the law and favorable judgments in courts.

While China, and its famous Great Firewall, (built using "American bricks" in the form of technology from Cisco and others) is known for its unforgiving censorship of citizen's protests, something changed with social media. This is not to say that China has given up on censorship, some subjects are very much forbidden, for example the so called "Three Ts": Tibet, Tiananmen and Taiwan. No criticism or protest on those subjects is allowed, not even a suggestion of a protest.

Other subjects are open for debate. Some examples follow:

On a cold Valentine's Day in 2012, three women walked down a Beijing shopping street in white wedding dresses smeared with red to look like blood. (It was lipstick.) They had bruises on their faces, as if they'd been beaten. (It was dark-blue eye shadow.) They chanted, "Yes to love, no to violence." Photos of the protest spread instantly across the Chinese microblogging platform Weibo

The "bloody brides" were the invention of Lü Pin, founder of Feminist Voices, a digital magazine that had grown into a viral Weibo hub for young women unwilling to stay quiet. Activists called 2012 "Year One of the Chinese feminist movement." Women shaved their heads to protest higher-education quotas that favored men, rode the subway with placards denouncing gropers, and Li Maizi's "Occupy the Men's Bathroom," demanding more women's stalls, trended on Weibo.

These actions produced real legal and policy shifts. The Ministry of Education discontinued discriminatory college quotas, and a Beijing court for the first time issued a domestic violence protection order, ruling in favor of a U.S. citizen who sued her Chinese husband, a millionaire celebrity English teacher. China passed its first national anti–domestic violence law, and new buildings were required to add more women's bathrooms.

[ More examples follow - Ed ]

hubie writes:

Linux From Scratch Abandoning SysVinit Support:

Linux From Scratch was one of the holdouts continuing optional SysVinit init system support through 2026, but that's now ending. Linux From Scratch "LFS" and Beyond Linux From Scratch "BLFS" are ending their System V Init support moving forward.

LFS/BLFS will not be supporting System V in future versions due to the increasing demands of continuing to maintain and test both System V and systemd support. LFS/BLFS is a volunteer effort and continuing to maintain the SysVInit support is a burden. Additionally, with GNOME and soon KDE Plasma going to depend upon functionality explicitly found in systemd and not System V, it's going to be all the more challenging.

Bruce Dubbs of Linux From Scratch announced the decision:

"There are two reasons for this decision. The first reason is workload. No one working on LFS is paid. We rely completely on volunteers. In LFS there are 88 packages. In BLFS there are over 1000. The volume of changes from upstream is overwhelming the editors. In this release cycle that started on the 1st of September until now, there have been 70 commits to LFS and 1155 commits to BLFS (and counting). When making package updates, many packages need to be checked for both System V and systemd. When preparing for release, all packages need to be checked for each init system.

The second reason for dropping System V is that packages like GNOME and soon KDE's Plasma are building in requirements that require capabilities in systemd that are not in System V. This could potentially be worked around with another init system like OpenRC, but beyond the transition process it still does not address the ongoing workload problem.

He ended the announcement with:

"As a personal note, I do not like this decision. To me LFS is about learning how a system works. Understanding the boot process is a big part of that. systemd is about 1678 "C" files plus many data files. System V is "22" C files plus about 50 short bash scripts and data files. Yes, systemd provides a lot of capabilities, but we will be losing some things I consider important.

However, the decision needs to be made."

Original Submission

fliptop writes:

The chief safety officer for a leading self-driving car company admitted during a Senate hearing Wednesday that it hires remote human operators overseas to guide cars in "difficult driving situations:"

The U.S. Senate Committee on Commerce, Science, and Transportation held a hearing [NOT reviewed] Wednesday on the future of self-driving cars during which Waymo and Tesla executives testified. Democratic Massachusetts Sen. Ed Markey pressed Waymo Chief Safety Officer Mauricio Peña on if his company's remote human operators worked from outside the U.S. and Peña responded that some were based in the Philippines.

In his exchange with Markey, Peña acknowledged that his company's operators do not remotely drive the vehicle but rather serve to provide additional input and guide Waymo vehicles in what the senator called "difficult driving situations."

The Waymo official stated that his company uses remote operators in both the U.S. and abroad. When Markey asked Peña what countries the remote employees were based in, he said they were in the Philippines.

[...] Ethan Teicher, a Waymo spokesperson, told the Daily Caller News Foundation all of his company's remote human operators, which he called "fleet response agents," must have a valid passenger car or van license as a hiring requirement.

[...] Fleet response agents receive a training program that includes local road rules, simulations on complex scenarios the vehicle might encounter, hands on practice, and evaluations by experienced fleet response agents, according to the Waymo spokesperson. He added that all agents undergo thorough background checks, receive random drug tests, and are reviewed for traffic violations, infractions and driving-related convictions.

"Their role is never to drive the vehicle remotely," Teicher said, concerning what the fleet response agent does to help guide Waymo vehicles. "Our fleet response team is not continuously monitoring and intervening in the vehicle's operation ... our technology, the Waymo Driver, is in control of the dynamic driving task even when it's receiving guidance from remote assistance."

Related: Autonomous Cars Vulnerable to Prompt Injection

Original Submission

hubie writes:

"We should not forget the lessons of history. And the lesson is those regulations have been very important."

The Environmental Protection Agency (EPA) cracked down on lead-based products—including lead paint and leaded gasoline—in the 1970s because of its toxic effects on human health. Scientists at the University of Utah have analyzed human hair samples spanning nearly 100 years and found a 100-fold decrease in lead concentrations, concluding that this regulatory action was highly effective in achieving its stated objectives. They described their findings in a new paper published in the Proceedings of the National Academy of Sciences.

We've known about the dangers of lead exposure for a very long time—arguably since the second century BCE—so why conduct this research now? Per the authors, it's because there are growing concerns over the Trump administration's move last year to deregulate many key elements of the EPA's mission. Lead specifically has not yet been deregulated, but there are hints that there could be a loosening of enforcement of the 2024 Lead and Cooper rule requiring water systems to replace old lead pipes.

"We should not forget the lessons of history. And the lesson is those regulations have been very important," said co-author Thure Cerling. "Sometimes they seem onerous and mean that industry can't do exactly what they'd like to do when they want to do it or as quickly as they want to do it. But it's had really, really positive effects."

[...] But his [Clair Patterson] many experimental findings on the extent of lead contamination and its toxic effects ultimately led to the rapid phase-out of lead in all standard automotive gasolines. Prior to the EPA's actions in the 1970s, most gasolines contained about 2 grams of lead per gallon, which quickly adds up to nearly 2 pounds of lead released via automotive exhaust into the environment, per person, every year.

Lead can linger in the air for several days, contaminating one's lungs, accumulating in living tissue, and being absorbed by one's hair. Cerling had previously developed techniques to determine where animals lived and their diet by analyzing hair and teeth. Those methods proved ideal for analyzing hair samples from Utah residents who had previously participated in an earlier study that sampled their blood.

[...] "The surface of the hair is special," said co-author Diego Fernandez. "We can tell that some elements get concentrated and accumulated in the surface. Lead is one of those. That makes it easier because lead is not lost over time. Because mass spectrometry is very sensitive, we can do it with one hair strand, though we cannot tell where the lead is in the hair. It's probably in the surface mostly, but it could be also coming from the blood if that hair was synthesized when there was high lead in the blood."

The authors found very high levels of lead in hair samples dating from around 1916 to 1969. But after the 1970s, lead concentrations in the hair samples they analyzed dropped steeply, from highs of 100 parts per million (ppm) to 10 PPM by 1990, and less than 1 ppm by 2024. Those declines largely coincide with the lead reductions in gasoline that began after President Nixon established the EPA in 1970. The closing of smelting facilities likely also contributed to the decline. "This study demonstrates the effectiveness of environmental regulations controlling the emissions of pollutants," the authors concluded.

Journal Reference: PNAS, 2026. DOI: 10.1073/pnas.2525498123

Original Submission

upstart writes:

France might seek restrictions on VPN use in campaign to keep minors off social media:

France may take additional steps to prevent minors from accessing social media platforms. As its government advances a proposed ban on social media use for anyone under age 15, some leaders are already looking to add further restrictions. During an appearance on public broadcast service Franceinfo, Minister Delegate for Artificial Intelligence and Digital Affairs Anne Le Hénanff said VPNs might be the next target.

"If [this legislation] allows us to protect a very large majority of children, we will continue. And VPNs are the next topic on my list," she said.

A virtual private network would potentially allow French citizens younger than 15 to circumnavigate the social media ban. We've already seen VPN's experience a popularity spike in the UK last year after similar laws were passed over age-gating content. However, a VPN also offers benefits for online privacy, and introducing age verification requirements where your personal data must be submitted negates a large part of these services' appeal.

The French social media ban is still a work in progress. France's National Assembly voted in favor of the restrictions last week with a result of 116-23, moving it ahead for discussion in the country's Senate. While a single comment doesn't mean that France will in fact ban VPNs for any demographic, it does point to the direction some of the country's leaders want to take. Critics responded to Le Hénanff's statements with worry that these attempts at protective measures were veering into an authoritarian direction.

The actions in France echo several other legislative pushes around the world aimed at reducing children and teens' access to social media and other potentially sensitive content online. The US had seen 25 state-level laws for age verification introduced in the past two years, which has created a new set of concerns around users' privacy and personal data, particularly when there has been no attempt to standardize how that information will be collected or protected. When data breaches at large corporations are already all too common, it's hard to trust that the individual sites and services that suddenly need to build an age verification process won't be an easy target for hacks.

France may take additional steps to prevent minors from accessing social media platforms. As its government advances a proposed ban on social media use for anyone under age 15, some leaders are already looking to add further restrictions. During an appearance on public broadcast service Franceinfo, Minister Delegate for Artificial Intelligence and Digital Affairs Anne Le Hénanff said VPNs might be the next target.

"If [this legislation] allows us to protect a very large majority of children, we will continue. And VPNs are the next topic on my list," she said.

A virtual private network would potentially allow French citizens younger than 15 to circumnavigate the social media ban. We've already seen VPN's experience a popularity spike in the UK last year after similar laws were passed over age-gating content. However, a VPN also offers benefits for online privacy, and introducing age verification requirements where your personal data must be submitted negates a large part of these services' appeal.

The French social media ban is still a work in progress. France's National Assembly voted in favor of the restrictions last week with a result of 116-23, moving it ahead for discussion in the country's Senate. While a single comment doesn't mean that France will in fact ban VPNs for any demographic, it does point to the direction some of the country's leaders want to take. Critics responded to Le Hénanff's statements with worry that these attempts at protective measures were veering into an authoritarian direction.

The actions in France echo several other legislative pushes around the world aimed at reducing children and teens' access to social media and other potentially sensitive content online. The US had seen 25 state-level laws for age verification introduced in the past two years, which has created a new set of concerns around users' privacy and personal data, particularly when there has been no attempt to standardize how that information will be collected or protected. When data breaches at large corporations are already all too common, it's hard to trust that the individual sites and services that suddenly need to build an age verification process won't be an easy target for hacks.

Original Submission

hubie writes:

Used electric vehicles currently are a comparative bargain that could help more drivers reduce their carbon footprints:

Now is a great time for anyone who's shopping for a used car to consider an electric vehicle, according to new research from the University of Michigan.

In assessing the lifetime ownership costs of used vehicles with different body styles and powertrains, the researchers found that completely electrified candidates offered the greatest savings.

For example, compared with a new midsized SUV with an internal combustion engine, a 3-year-old used EV version offered a lifetime savings of $13,000, according to the new study published in Environmental Research Letters. Meanwhile, compared with that same new vehicle, a used internal combustion engine vehicle, or ICEV, would offer a lifetime savings of only $3,000.

[...] "I was surprised by how consistent the result was. I expected EVs would be cheaper in some scenarios, for some cities or vehicle types," Woody said. "But their costs were consistently lower across all vehicle classes and in almost all the cities."

[...] While EV's low cost of ownership is the take-home message of the study, the team's analysis also revealed some notable caveats and considerations.

For instance, used EVs cut costs the most when drivers can do the majority of their charging at home. That means drivers who can't install a home charger or who need to charge a lot on the road won't save as much. The team also found that EVs' lifetime cost of ownership could creep above ICEVs and hybrids in two cities, Boston and San Francisco, because of their high electricity costs.

The team also acknowledged concerns about the battery performance of a used EV, which won't match a new EV's in terms of capacity and range. Thus, used EVs may not be a fit for long-haul drivers, but can offer thousands in lifetime savings for drivers who largely stay local. And that advantage is primarily fueled by how quickly EVs currently lose value compared with other powertrains.

"Electric vehicles have lower maintenance and repair costs than other powertrains, but the initial depreciation of the vehicle is really what drives the savings," Woody said.

As EV adoption becomes more common, the depreciation gap would shrink and the playing field would become more level across powertrains. But, for now, depreciation is creating a bargain for anyone considering a used EV.

"It's not the most positive news if you're in the market for a new EV, knowing that your resale value may be impacted by the faster depreciation," Keoleian said. "But if you're in the market for a used vehicle, it's very positive news."

Journal Reference: Maxwell Woody et al 2026 Environ. Res. Lett. 21 024022 https://doi.org/10.1088/1748-9326/ae38f8

Original Submission

canopic jug writes:

Spotted via Simon Willison's blog, the plug has been pulled very suddenly on the CIA World Factbook. The old pages all redirect and the CIA has only some short comments and offer no explanation for the bizarre act of cultural vandalism.

Over many decades, The World Factbook evolved from a classified to unclassified, hardcopy to electronic product that added new categories, and even new global entities. The original classified publication, titled The National Basic Intelligence Factbook, launched in 1962. The first unclassified companion version was issued in 1971. A decade later it was renamed The World Factbook. In 1997, The World Factbook went digital and debuted to a worldwide audience on CIA.gov, where it garnered millions of views each year.

The CIA World Factbook (dead link now) was one of the US government's older and most recognized publications, providing basic information about each country in the world regarding their demographics, history, people, government, economy, energy, geography, environment, communications, transportation, and much more.

Original Submission