An anonymous reader quotes a report from 404 Media: Some of the world's most popular apps are likely being co-opted by rogue members of the advertising industry to harvest sensitive location data on a massive scale, with that data ending up with a location data company whose subsidiary has previously sold global location data to US law enforcement. The thousands of apps, included in hacked files from location data company Gravy Analytics, include everything from games likeCandy Crushand dating apps like Tinder to pregnancy tracking and religious prayer apps across both Android and iOS. Because much of the collection is occurring through the advertising ecosystem -- not code developed by the app creators themselves -- this data collection is likely happening without users' or even app developers' knowledge.

"For the first time publicly, we seem to have proof that one of the largest data brokers selling to both commercial and government clients appears to be acquiring their data from the online advertising 'bid stream,'" rather than code embedded into the apps themselves, Zach Edwards, senior threat analyst at cybersecurity firm Silent Push and who has followed the location data industry closely, tells 404 Media after reviewing some of the data. The data provides a rare glimpse inside the world of real-time bidding (RTB). Historically, location data firms paid app developers to include bundles of code that collected the location data of their users. Many companies have turned instead to sourcing location information through the advertising ecosystem, where companies bid to place ads inside apps. But a side effect is that data brokers can listen in on that process and harvest the location of peoples' mobile phones.

"This is a nightmare scenario for privacy, because not only does this data breach contain data scraped from the RTB systems, but there's some company out there acting like a global honey badger, doing whatever it pleases with every piece of data that comes its way," Edwards says. Included in the hacked Gravy data are tens of millions of mobile phone coordinates of devices inside the US, Russia, and Europe. Some of those files also reference an app next to each piece of location data. 404 Media extracted the app names and built a list of mentioned apps. The list includes dating sites Tinder and Grindr; massive games such asCandy Crush,Temple Run,Subway Surfers, andHarry Potter: Puzzles & Spells; transit app Moovit; My Period Calendar & Tracker, a period-tracking app with more than 10 million downloads; popular fitness app MyFitnessPal; social network Tumblr; Yahoo's email client; Microsoft's 365 office app; and flight tracker Flightradar24. The list also mentions multiple religious-focused apps such as Muslim prayer and Christian Bible apps, various pregnancy trackers, and many VPN apps, which some users may download, ironically, in an attempt to protect their privacy. 404 Media's full list of apps included in the data can be found here. There are also other lists available from other security researchers.

An anonymous reader quotes a report from Ars Technica: AT&T, following last year's embarrassing botched update that kicked every device off its wireless network and blocked over 92 million phone calls, is now promising full-day bill credits to mobile customers for future outages that last at least 60 minutes and meet certain other criteria. A similar promise is being made to fiber customers for unplanned outages lasting at least 20 minutes, but only if the customer uses an AT&T-provided gateway. The "AT&T Guarantee" announced today has caveats that can make it possible for a disruption to not be covered. AT&T says the promised mobile bill credits are "for wireless downtime lasting 60 minutes or more caused by a single incident impacting 10 or more towers."

The full-day bill credits do not include a prorated amount for the taxes and fees imposed on a monthly bill. The "bill credit will be calculated using the daily rate customer is charged for wireless service only (excludes taxes, fees, device payments, and any add-on services," AT&T said. If an outage lasts more than 24 hours, a customer will receive another full-day bill credit for each additional day. If only nine or fewer AT&T towers aren't functioning, a customer won't get a credit even if they lose service for an hour. The guarantee kicks in when a "minimum 10 towers [are] out for 60 or more minutes resulting from a single incident," and the customer "was connected to an impacted tower at the time the outage occurs," and "loses service for at least 60 consecutive minutes as a result of the outage."

The guarantee "excludes events beyond the control of AT&T, including but not limited to, natural disasters, weather-related events, or outages caused by third parties." AT&T says it will determine "in its sole discretion" whether the disruption is "a qualifying" network outage. "Consumers will automatically receive a bill credit equaling a full day of service and we'll reach out to our small business customers with options to help make it right," AT&T said. When there's an outage, AT&T said it will "notify you via e-mail or SMS to inform you that you've been impacted. Once the interruption has been resolved, we'll contact you with details about your bill credit." If AT&T fails to provide the promised credit for any reason, customers will have to call AT&T or visit an AT&T store.

To qualify for the similar fiber-outage promise, "customers must use AT&T-provided gateways," the firm said. There are other caveats that can prevent a home Internet customer from getting a bill credit. AT&T said the fiber-outage promise "excludes events beyond the control of AT&T, including but not limited to, natural disasters, weather-related events, loss of service due to downed or cut cable wires at a customer residence, issues with wiring inside customer residence, and power outages at customer premises. Also excludes outages resulting from planned maintenance." AT&T notes that some residential fiber customers in multi-dwelling units "have an account with AT&T but are not billed by AT&T for Internet service." In the case of outages, these customers would not get bill credits but would be given the option to redeem a reward card that's valued at $5 or more.

An anonymous reader shares a report: Akamai has decided to end its content delivery network services in China, but not because it's finding it hard to do business in the Middle Kingdom. News of Akamai's decision to end CDN services in China emerged in a letter it recently published and sent to customers and partners that opens by reminding them the company has a "commitment to providing world-class delivery and security solutions" -- and must therefore inform them that "Effective June 30, 2026, all China CDN services will reach their decommission date."

Customers are offered a choice: do nothing and then be moved to an Akamai CDN located outside China, or use similar services from Chinese companies Tencent Cloud and Wangsu Science & Technology.

A forthcoming peer-reviewed study (PDF) from Rutgers University's Network Contagion Research Institute argues that TikTok surfaces fewer anti-CCP posts compared to Instagram and YouTube, despite higher user engagement with such content. It also found that heavy TikTok usage correlates with more favorable views of China's human rights record. The findings come a Supreme Court hearing later this week on whether the federal government can ban TikTok. Gizmodo reports: The new peer-reviewed paper, which was first reported by The Free Press, begins by examining whether content on TikTok, Instagram, and YouTube related to the keywords "Tiananmen," "Tibet," "Uyghur," and "Xinjiang" tends to display pro- or anti-CCP sentiment. The researchers found that TikTok's algorithm didn't necessarily surface more pro-CCP content in response to searches for those terms, but it delivered fewer anti-CCP posts than did Instagram or YouTube and significantly more posts that were irrelevant to the subject.

In the second stage of their study, the NCRI team tested whether the lower performance of anti-CCP content was a result of less user engagement (likes and comments) with those posts. They found that TikTok users "liked or commented on anti-CCP content nearly four times as much as they liked or commented on pro-CCP content, yet the search algorithm produced nearly three times as much pro-CCP content" while there was no similar discrepancy on Instagram or YouTube.

Finally, the researchers surveyed 1,214 Americans about their social media usage and their views on China's human rights record. The more time users spent on any social media platform, the more likely they were to have favorable views of China's human rights record, the survey showed. Users were particularly more likely to have favorable views if they spent more than three hours a day using TikTok. The researchers wrote that they could not definitively conclude that spending more time on TikTok resulted in more positive views of China, but "taken together, the findings from these three studies raise the distinct possibility that TikTok is a vehicle for CCP propaganda."

A U.S. Appeals Court ruled this week that net neutrality couldn't be reinstated by America's Federal Communications Commission. But "Despite the dismantling of the FCC's efforts to regulate broadband internet service, state laws in California, New York and elsewhere remain intact," notes the Los Angeles Times: This week's decision by the 6th U.S. Circuit Court of Appeals, striking down the FCC's open internet rules, has little bearing on state laws enacted during the years-long tug-of-war over the government's power to regulate internet service providers, telecommunications experts said. In fact, some suggested that the Cincinnati-based 6th Circuit's decision — along with other rulings and the U.S. Supreme Court's posture on a separate New York case — has effectively fortified state regulators' efforts to fill the gap. "Absent an act of Congress, the FCC has virtually no role in broadband any more," Ernesto Falcon, a program manager for the California Public Utilities Commission, said in an interview. "The result of this decision is that states like California, New York and others will have to govern and regulate broadband carriers on our own."

California has one of the nation's strongest laws on net neutrality, the principle that internet traffic must be treated equally to ensure a free and open network. Former Gov. Jerry Brown signed the measure into law in 2018, months after federal regulators in President elect-Donald Trump's first administration repealed the net neutrality rules put in place under President Obama. Colorado, Oregon and other states also adopted their own standards.

The Golden State's law has already survived legal challenges. It also prompted changes in the way internet service providers offered plans and services. "California's net neutrality law, which is seen as the gold standard by consumer advocates, carries national impact," Falcon said.... "The state's authority and role in broadband access has grown dramatically now," Falcon said.
California's net neutrality rules prohibit "throttling" data speeds, according to the article.

In a potential U.S.-China conflict, cyberattackers are military weapons. That's the thrust of a new article from the Wall Street Journal: The message from President Biden's national security adviser was startling. Chinese hackers had gained the ability to shut down dozens of U.S. ports, power grids and other infrastructure targets at will, Jake Sullivan told telecommunications and technology executives at a secret meeting at the White House in the fall of 2023, according to people familiar with it. The attack could threaten lives, and the government needed the companies' help to root out the intruders.

What no one at the briefing knew, including Sullivan: China's hackers were already working their way deep inside U.S. telecom networks, too. The two massive hacking operations have upended the West's understanding of what Beijing wants, while revealing the astonishing skill level and stealth of its keyboard warriors — once seen as the cyber equivalent of noisy, drunken burglars. China's hackers were once thought to be interested chiefly in business secrets and huge sets of private consumer data. But the latest hacks make clear they are now soldiers on the front lines of potential geopolitical conflict between the U.S. and China, in which cyberwarfare tools are expected to be powerful weapons. U.S. computer networks are a "key battlefield in any future conflict" with China, said Brandon Wales, a former top U.S. cybersecurity official at the Department of Homeland Security, who closely tracked China's hacking operations against American infrastructure. He said prepositioning and intelligence collection by the hackers "are designed to ensure they prevail by keeping the U.S. from projecting power, and inducing chaos at home."

As China increasingly threatens Taiwan, working toward what Western intelligence officials see as a target of being ready to invade by 2027, the U.S. could be pulled into the fray as the island's most important backer... Top U.S. officials in both parties have warned that China is the greatest danger to American security.

In the infrastructure attacks, which began at least as early as 2019 and are still taking place, hackers connected to China's military embedded themselves in arenas that spies usually ignored, including a water utility in Hawaii, a port in Houston and an oil-and-gas processing facility. Investigators, both at the Federal Bureau of Investigation and in the private sector, found the hackers lurked, sometimes for years, periodically testing access. At a regional airport, investigators found the hackers had secured access, and then returned every six months to make sure they could still get in. Hackers spent at least nine months in the network of a water-treatment system, moving into an adjacent server to study the operations of the plant. At a utility in Los Angeles, the hackers searched for material about how the utility would respond in the event of an emergency or crisis. The precise location and other details of the infrastructure victims are closely guarded secrets, and couldn't be fully determined.

American security officials said they believe the infrastructure intrusions — carried out by a group dubbed Volt Typhoon — are at least in part aimed at disrupting Pacific military supply lines and otherwise impeding America's ability to respond to a future conflict with China, including over a potential invasion of Taiwan... The focus on Guam and West Coast targets suggested to many senior national-security officials across several Biden administration agencies that the hackers were focused on Taiwan, and doing everything they could to slow a U.S. response in a potential Chinese invasion, buying Beijing precious days to complete a takeover even before U.S. support could arrive.
The telecom breachers "were also able to swipe from Verizon and AT&T a list of individuals the U.S. government was surveilling in recent months under court order, which included suspected Chinese agents. The intruders used known software flaws that had been publicly warned about but hadn't been patched."

And ultimately nine U.S. telecoms were breached, according to America's deputy national security adviser for cybersecurity — including what appears to have been a preventable breach at AT&T (according to "one personal familiar with the matter"): [T]hey took control of a high-level network management account that wasn't protected by multifactor authentication, a basic safeguard. That granted them access to more than 100,000 routers from which they could further their attack — a serious lapse that may have allowed the hackers to copy traffic back to China and delete their own digital tracks.
The details of the various breaches are stunning: Chinese hackers gained a foothold in the digital underpinnings of one of America's largest ports in just 31 seconds. At the Port of Houston, an intruder acting like an engineer from one of the port's software vendors entered a server designed to let employees reset their passwords from home. The hackers managed to download an encrypted set of passwords from all the port's staff before the port recognized the threat and cut off the password server from its network...

Remember that massive botnet run by Chinese government hackers? Flax Typhoon "compromised computer networks in North America, Europe, Africa, and across Asia, with a particular focus on Taiwan," according to the U.S. Treasury Department. (The group's botnet breaching this autumn affected "at least 260,000 internet-connected devices," reports the Washington Post, "roughly half of which were located in the United States.")

Friday America's Treasury Department sanctioned "a Beijing-based cybersecurity company for its role in multiple computer intrusion incidents against U.S. victims..." according to an announcement from the department's Office of Foreign Assets Control. "Between summer 2022 and fall 2023, Flax Typhoon actors used infrastructure tied to Integrity Tech during their computer network exploitation activities against multiple victims. During that time, Flax Typhoon routinely sent and received information from Integrity Tech infrastructure."

From the Washington Post: The group behind the attacks was active since at least 2021, but U.S. authorities only managed to wrest control of the devices from the hackers in September, after the FBI won a court order that allowed the agency to send commands to the infected devices...

Treasury's designation follows sanctions announced last month on Sichuan Silence Information Technology Company, in which U.S. officials accused the company of exploiting technology flaws to install malware in more than 80,000 firewalls, including those protecting U.S. critical infrastructure. The new sanctions on Beijing Integrity Technology are notable due to the company's public profile and outsize role in servicing China's police and intelligence services via state-run hacking competitions. The company, which is listed in Shanghai and has a market capitalization of more than $327 million, plays a central role in providing state agencies "cyber ranges" — technology that allows them to simulate cyberattacks and defenses...

In September, FBI Director Christopher A. Wray said the Flax Typhoon attack successfully infiltrated universities, media organizations, corporations and government agencies, and in some cases caused significant financial losses as groups raced to replace the infected hardware. He said at the time that the operation to shut down the network was "one round in a much longer fight...." A 2024 assessment by the Office of the Director of National Intelligence said China is the most "active and persistent" cyberthreat and that actors under Beijing's direction have made efforts to breach U.S. critical infrastructure with the intention of lying in wait to be able to launch attacks in the event of major conflict.
"The Treasury sanctions bar Beijing Integrity Technology from access to U.S. financial systems and freeze any assets the company might hold in the United States," according to the article, "but the moves are unlikely to have a significant effect on the company," (according to Dakota Cary, a fellow at the Atlantic Council who has studied the company's role in state-sponsored hacking).

President Vladimir Putin has directed Russia's government and the country's biggest bank, Sberbank, to strengthen AI cooperation with China, aiming to overcome Western sanctions and challenge U.S. dominance in AI innovation. Reuters reports: Putin's instructions were published on the Kremlin's website on Wednesday, three weeks after he announced that Russia would team up with BRICS partners and other countries to develop AI. He told the government and Sberbank, which is spearheading Russia's AI efforts, to "ensure further co-operation with the People's Republic of China in technological research and development in the field of artificial intelligence."

Western sanctions intended to restrict Moscow's access to the technologies it needs to sustain its war against Ukraine have resulted in the world's major producers of microchips halting exports to Russia, severely limiting its AI ambitions. Sberbank CEO German Gref acknowledged in 2023 that graphics processing units (GPUs), the microchips that underpin AI development, were the trickiest hardware for Russia to replace.

By partnering with non-Western countries, Russia is seeking to challenge the dominance of the United States in one of the most promising and crucial technologies of the 21st century. Putin said on Dec. 11 that a new AI Alliance Network would bring together specialists from BRICS countries and other interested states.

A U.S. appeals court ruled on Thursday the Federal Communications Commission did not have legal authority to reinstate landmark net neutrality rules. From a report: The decision is a blow to the outgoing Biden administration that had made restoring the open internet rules a priority. President Joe Biden signed a 2021 executive order encouraging the FCC to reinstate the rules.

A three-judge panel of the Cincinnati-based 6th U.S. Circuit Court of Appeals said the FCC lacked authority to reinstate the rules initially implemented in 2015 by the agency under Democratic former President Barack Obama, but then repealed by the commission in 2017 under Republican former President Donald Trump.

The rules also forbid special arrangements in which ISPs give improved network speeds or access to favored users. The court cited the Supreme Court's June decision in a case known as Loper Bright to overturn a 1984 precedent that had given deference to government agencies in interpreting laws they administer, in the latest decision to curb the authority of federal agencies. "Applying Loper Bright means we can end the FCC's vacillations," the court ruled.

SvarDOS, a compact open-source operating system derived from DR-DOS, has switched to using the EDRDOS kernel, marking a shift from its FreeDOS distribution roots. The change allows the operating system to fit on a single 1.4MB floppy disk while offering a network-capable package manager that can fetch from a repository of over 400 packages.

Unlike its rival FreeDOS, SvarDOS can run Microsoft Windows 3.1 natively, though the capability currently requires additional configuration. The system maintains compatibility with legacy DOS applications while providing modern features like FAT32 support and network connectivity.

India has once again pushed back a contentious plan to limit major technology companies' control of the nation's digital payments system, extending a regulatory uncertainty that has weighed on the sector for years. From a report: The National Payments Corporation of India said on Tuesday it would extend the deadline for implementing a 30% cap on any individual app's share of transactions on the Unified Payments Interface, or UPI, the country's ubiquitous digital payments network, to December 31, 2026.

The decision provides temporary relief to Walmart-backed PhonePe and Google Pay, which together handle more than 85% of transactions on UPI. The network, which processes over 13 billion transactions monthly, has become the backbone of India's digital economy since its launch eight years ago.

Researchers have uncovered widespread manipulation of GitHub's star-rating system, with over 3.1 million fraudulent stars identified across 15,835 repositories, according to a new study by Socket, Carnegie Mellon University, and North Carolina State University.

The research team analyzed 20TB of data from GHArchive, spanning 6 billion GitHub events from 2019 to 2024, using their "StarScout" detection tool. The tool identified 278,000 accounts engaging in coordinated inauthentic behavior to artificially boost repository rankings.

GitHub uses stars, similar to social media likes, to rank projects and recommend content to users. The platform has previously encountered malicious exploitation of this system, including the "Stargazers Ghost Network" malware operation discovered last summer. Approximately 91% of flagged repositories and 62% of suspicious accounts were removed by October 2024.

An anonymous reader shared this report from the Washington Post: Archer is aiming to launch its first commercially operated [and electrically-powered] flights with a pilot and passengers within a year in Abu Dhabi. A competitor, Joby Aviation, says it is aiming to launch passenger service in Dubai as soon as late 2025. Advancements in batteries and other technologies required for the futuristic tilt-rotor craft are moving so fast that they could soon move beyond the novelty stage and into broader commercial use in a matter of years. Both companies are laying plans to operate at the 2028 Olympics in Los Angeles...

Scaling the industry from a novelty ride for the wealthy to a broadly available commuter option will take billions more in start-up money, executives said, including building out a network of takeoff and landing areas (called vertiports) and charging stations. Some high-profile ventures have already faltered. A plan for air taxis to transport spectators around the Paris Olympics fizzled... Still, investors, including big names like Stellantis and Toyota, have poured money into Silicon Valley companies like Archer and Joby. Boeing and Airbus are developing their own versions. All are betting that quieter, greener and battery-powered aircraft can revolutionize the way people travel. Major U.S. airlines including American, Delta, Southwest and United also are building relationships and planting seeds for deals with air taxi companies.
Two interesting quotes from the article:

• "It feels like the modern-day American Dream, where you can invent a technology and actually bring it to market even [if it's] as crazy as what some people call flying cars."
  
  — Adam Goldstein, CEO of Archer Aviation.

• "They have created these amazing new aircraft that really 10 or 15 years ago would've been unimaginable. I think there's something innately attractive about being able to leapfrog all of your terrestrial obstacles. Who hasn't wished that if you live in the suburbs that, you know, something could drop into your cul-de-sac and 15 minutes later you're at the office."
  
  — Roger Connor, curator of the vertical flight collection at the Smithsonian's National Air and Space Museum.

It had a 4.8-inch display. Introduced in 1991, Hewlett-Packard's (DOS-based) HP 95LX Palmtop PC — a collaboration with Lotus — was finally discontinued back in 2003.

But one found its way to long-time Slashdot reader Shayde (who in November repaired a 48-year-old handheld videogame console from Mattel). "I really wanted to get this HP95LX talking to the internet at large," they told Slashdot, " but network stacks for DOS in 1991 were pretty limited, and this machine didn't even have the hardware for a network connection.

"It did have a serial port though — a flat 4-pin custom interface. I did a bunch of research and learned how to custom-build an RS-232 hookup for this port, and using an external Wifi module, got it online — and talking to the retrocomputing BBS!"

There's a video documenting the whole experience. (Along the way he uses 20-gauge hook-up wire from Amazon, a zip tie, solder cups, and an internet modem (the WiFi232 Hayes modem emulator). The whole thing is powered by two AA batteries — it has 512K of memory, and about half a meg of storage. My favorite technical detail?

"Conveniently, the HP 95 [Palmtop PC] uses the exact same pinout as the HP 48GX handheld graphing calculator. So looking up on the Internet, we can determine what pins we need to map from the HP unit over to what would be a DB25 serial port..."

Accidental missile attacks on commercial airliners have become the leading cause of aviation fatalities in recent years (Warning: source paywalled; alternative source), driven by rising global conflicts and the proliferation of advanced antiaircraft weaponry. Despite improvements in aviation safety overall, inconsistent risk assessments, political complexities, and rapid military escalations make protecting civilian flights in conflict zones increasingly difficult. The Wall Street Journal reports: The crash Wednesday of an Azerbaijan Airlines jetliner in Kazakhstan, if officially confirmed as a midair attack, would be the third major fatal downing of a passenger jet linked to armed conflict since 2014, according to the Flight Safety Foundation's Aviation Safety Network, a global database of accidents and incidents. The tally would bring to more than 500 the number of deaths from such attacks during that period. Preliminary results of Azerbaijan's investigation into the crash indicate the plane was hit by a Russian antiaircraft missile, or shrapnel from it, said people briefed on the probe.

"It adds to the worrying catalog of shootdowns now," said Andy Blackwell, an aviation risk adviser at security specialist ISARR and former head of security at Virgin Atlantic. "You've got the conventional threats, from terrorists and terrorist groups, but now you've got this accidental risk as well." No other cause of aviation fatalities on commercial airliners comes close to shootdowns over those years, according to ASN data. The deadliness of such attacks is a dramatic shift: In the preceding 10 years, there were no fatal shootdowns of scheduled commercial passenger flights, ASN data show. The trend highlights the difficulty -- if not impossibility -- of protecting civilian aviation in war zones, even for rigorous aviation regulators, because of the politics of war. Early last century similar woes plagued sea travel, when belligerents targeted ocean transport.

Increasing civilian aviation deaths from war also reflect both a growing number of armed conflicts internationally and the increasing prevalence of powerful antiaircraft weaponry. If a missile was indeed the cause of this week's disaster, it would mean that the three deadliest shootdowns of the past decade all involved apparently unintended targetings of passenger planes flying near conflict zones, by forces that had been primed to hit enemy military aircraft. Two of those incidents were linked to Russia: Wednesday's crash of an Embraer E190 with 67 people aboard, of whom 38 died, and the midair destruction in 2014 of a Malaysia Airlines Boeing 777 flying over a battle zone in Ukraine, on which all 298 people aboard died. The other major downing was the mistaken shooting in 2020 by Iranian forces of a Ukraine International Airlines Boeing 737 departing Tehran, killing all 176 people onboard. Iran's missile defense systems had been on alert for a potential U.S. strike at the time.

The implementation of the Corporate Transparency Act -- a law aimed at getting shell companies to disclose their true ownership -- was paused again just days before a reporting deadline was set to take effect, as a federal appeals court handed the case to a panel for further consideration. From a report: In a court filing late Thursday, the Fifth Circuit Court of Appeals vacated a stay on a national injunction the court had issued Monday that reinstated the Jan. 1 reporting deadline for millions of companies. The lifting of the stay means the January filing deadline will be postponed once again and bars the government and the Treasury Department from enforcing the law, pending oral arguments before the court's so-called merits panel, a group of judges tasked with considering appeals.

The Corporate Transparency Act, a bipartisan law passed in 2021 to curtail the use of anonymous shell companies and help track flows of illicit money, would require companies to file beneficial ownership information with the Treasury's Financial Crimes Enforcement Network or face the possibility of penalties such as fines and jail time. The law could cover more than 32 million small businesses nationwide.

Japan Airlines said it was hit by a cyberattack Thursday, causing delays to more than 20 domestic flights but the carrier said there was no impact on flight safety. From a report: JAL said the problem started Thursday morning when the company's network connecting internal and external systems began malfunctioning. The airline said the cyberattack had delayed 24 domestic flights for more than 30 minutes, and the impact could expand later in the day.

An AI system has outperformed human experts in distinguishing between American whiskey and Scotch, achieving 100% accuracy by identifying subtle differences in the chemical composition of the spirits. New Scientist reports: Andreas Grasskamp at the Fraunhofer Institute for Process Engineering and Packaging IVV in Germany and his colleagues trained an AI molecular odor prediction algorithm called OWSum on descriptions of different whiskies. Then, in a study involving 16 samples -- nine types of Scotch whisky and seven types of American bourbon or whiskey -- they tasked OWSum with telling drinks from the two nations apart based on keyword descriptions of their flavors, such as flowery, fruity, woody or smoky. Using these alone, the AI could tell which country a drink came from with almost 94 per cent accuracy.

Because the complex aroma of these spirits is determined by the absence or presence of many chemical compounds, the researchers also fed the AI a reference dataset of 390 molecules commonly found in whiskies. When they gave the AI data from gas chromatography -- mass spectrometry showing which molecules were present in the sample spirits, it boosted OWSum's ability to differentiate American from Scotch drams to 100 percent. Compounds such as menthol and citronellol were a dead giveaway for American whiskey, while the presence of methyl decanoate and heptanoic acid pointed to Scotch.

The researchers also tested both OWSum and a neural network on their ability to predict the top five odor keywords based on the chemical contents of a whisky. On a score from 1 for perfect accuracy to 0 for consistent inaccuracy, OWSum achieved 0.72. The neural network achieved 0.78 and human whisky expert test participants achieved only 0.57. The study has been published in the journal Nature Communications Chemistry.

An anonymous reader quotes a report from TorrentFreak: In a landmark ruling, the Court of Milan has ordered (PDF) Cloudflare to block pirate streaming services that offer Serie A football matches. The court found that Cloudflare's services are instrumental in facilitating access to live pirate streams, undermining Italy's 'Piracy Shield' legislation. The order, which applies in Italy, affects Cloudflare's CDN, DNS resolver, WARP and proxy services. It also includes a broad data disclosure section. [...]

The Court of Milan's decision prohibits Cloudflare from resolving domain names and routing internet traffic to IP addresses of all services present on the "Piracy Shield" system. This also applies to future domains and aliases used by these pirate services. The order applies to Cloudflare's content delivery network (CDN), DNS services, and reverse proxy services. The order also mentions Cloudflare's free VPN among the targets, likely referring to the WARP service. If any of the targeted pirate streaming providers use Cloudflare's services to infringe on Serie A's copyrights, the company Cloudflare must stop providing CDN, authoritative DNS, and reverse proxy services to these customers. (Note: This is an Italian court order and Cloudflare previously used geotargeting to block sites only in Italy. It may respond similarly here, but terminating customer accounts only in Italy might be more complicated. )

Finally, the order further includes a data disclosure component, under which Cloudflare must identify customers who use Cloudflare's services to offer pirated streams. This should help Serie A to track down those responsible. The data disclosure section also covers information related to the 'VPN' and alternative public DNS services, where these relate to the IPTV platforms identified in the case. That covers traffic volume and connection logs, including IP-addresses and timestamps. In theory, that could also cover data on people who accessed these services using Cloudflare's VPN and DNS resolver. [...] The court ordered Cloudflare to cover the costs of the proceeding and if it doesn't implement the blocking requirements in time, an additional fine of 10,000 euros per day will apply.

An anonymous reader quotes a report from Ars Technica: On Thursday, a large group of university and private industry researchers unveiled Genesis, a new open source computer simulation system that lets robots practice tasks in simulated reality 430,000 times faster than in the real world. Researchers also plan to introduce an AI agent to generate 3D physics simulations from text prompts. The accelerated simulation means a neural network for piloting robots can spend the virtual equivalent of decades learning to pick up objects, walk, or manipulate tools during just hours of real computer time.

"One hour of compute time gives a robot 10 years of training experience. That's how Neo was able to learn martial arts in a blink of an eye in the Matrix Dojo," wrote Genesis paper co-author Jim Fan on X, who says he played a "minor part" in the research. Fan has previously worked on several robotics simulation projects for Nvidia. [...] The team also announced they are working on the ability to generate what it calls "4D dynamic worlds" -- perhaps using "4D" because they can simulate a 3D world in motion over time. The system will reportedly use vision-language models (VLMs) to generate complete virtual environments from text descriptions (similar to "prompts" in other AI models), utilizing Genesis's own simulation infrastructure APIs to create the worlds.