In an era where Silicon Valley’s conservatism is both expressed openly and becoming more intense by the day, it’s strange to think that tech was once seen as a hive of liberalism. The right-wing nature of today’s tech industry means that its products tend to also be seen as serving right-wing interests, either in their actual operation (like X’s openly and unrepentantly right-wing chatbot Grok) or by the simple fact that their existence serves to enrich a small group of very powerful, very conservative people.

But does it have to be this way? Can LLMs and AI agents find a place in the toolkit of progressive activist groups? The conviction that they can is the idea behind a new app called Outcry, which provides a chatbot designed specifically as a “private, on-device AI mentor for activists, organizers and movement builders.” (There’s also a web version, although it obviously lacks the privacy benefits of being entirely offline.) It’s the brainchild of Occupy Wall Street co-creator Micah White, who recently wrote a blog post about the thinking behind the project.

[…] Outcry’s other distinguishing feature is that its dataset is entirely offline — it’s included with the download. According to the readme, the entire dataset is downloaded to your device at first launch, and stored in your library’s Application Support directory.

To force companies to be more transparent about rapid developments, Illinois would likely rely on “the Big Four accounting and auditing firms — Deloitte, EY, KPMG, and PwC — to audit their safety practices,” [said Scott Wisor, a policy director at a nonprofit called Secure AI Project, which supported the bill]. The required independent audits will likely frustrate Trump, who has tried and failed to stop states from implementing AI safety laws as Congress stalls on passing any legislation.

For Trump, the priority has been to promote AI industry interests, but he began considering expanding federal government safety testing after Anthropic’s Mythos was released and the AI firm limited access due to safety concerns. Whether or not governments at any level are prepared to protect society from the most catastrophic AI risks remains a major concern for critics who wonder how and when governments will intervene. After inside sources started leaking the details of Trump’s AI safety testing plans, critics warned that even the federal government may lack the necessary expertise to audit frontier AI models. And it seems the same criticism extends to independent auditors that Illinois may rely on but industry insiders suggest some AI firms may not entirely trust.

Adam Kovacevich is CEO of Chamber of Progress, a trade group that opposed SB 315 and counts Google and Apple among its members. He told Wired that Illinois’ requirements “would force companies to expose sensitive systems to untested auditors in a regulatory regime that’s all liability and no standards.”

Over the last couple weeks, Valve has been receiving plenty of “game console” shipments from China. At first, I thought this was a sign that the company was getting ready to finally release the Steam Machine, but it looks like at least a portion of these shipments â" if not all of them — were Steam Deck restocks. That’s a lot of Steam Decks to sell through at these inflated prices, but it’s also possible that Valve is just staggering its stock so that its delivery infrastructure isn’t overwhelmed.

Now its just a question of when the Steam Deck will come back in stock. Before yesterday, the Deck was sold out for months. At the time, it was the most affordable way to get into PC gaming, especially in the face of the RAM crisis. That’s no longer true, but it looks like the Steam Deck’s popularity is enough to make it sell out regardless. Maybe the higher price will at least help Valve keep it in stock for people who still want to buy it, no matter the cost.

The technology giant Microsoft has been accused of leaking the data of civil servants working for the Netherlands’ regulatory agencies to the US House of Representatives. The civil servants affected by the leak work at the Authority for Consumers and Markets (ACM) and the Dutch Data Protection Authority (AP), according to the NL Times. They are involved in implementing the Digital Services Act (DSA), the European Union regulation on online services, aimed at combating illegal content and protecting user rights.

NL Times reports that Microsoft shared emails, minutes, and invitations sent by the civil servants without redacting their names in the documents. Willemijn Aerdts, Dutch State Secretary for Digital Economy and Sovereignty, said she discussed the allegations with US Ambassador to the Netherlands Joe Popolo. […] The allegations against Microsoft further strengthen concerns over Europe’s dependence on American technologies, which poses major risks to data privacy.

IBM and Red Hat today announced Project Lightwell, a $5 billion commitment backed by new frontier AI capabilities and a global force of more than 20,000 engineers to help enterprises secure open source software. Together, these investments establish a new model for enterprise use of open source software, from upstream development through production environments.

Project Lightwell will establish a trusted enterprise clearinghouse combined with a global force of engineers to identify and fix vulnerabilities at scale. The clearinghouse will serve as a security coordination layer, using advanced AI capabilities to validate and test fixes across an unprecedented volume of open source code. These capabilities will be offered through commercial subscriptions, allowing enterprises to integrate secure patches directly into their existing software supply chains with enterprise-grade validation and lifecycle management.

IBM and Red Hat have already begun collaborating with a select group of early adopters on Project Lightwell, including Bank of America, BNY, Citi, Goldman Sachs, JPMorganChase, Mastercard, Morgan Stanley, Royal Bank of Canada, State Street, Visa and Wells Fargo. The real-world insights from these initial deployments will actively shape how vulnerabilities are identified, validated, and remediated at scale across complex software supply chains.

Robinhood said users on its platform can now create a separate account for their AI agents and connect them to a dedicated wallet. While these agents would be able to read and analyze users’ portfolios to come up with trading strategies and suggest investments, they’ll only be able to access the pre-loaded balance in the dedicated wallet to place orders.

Users will get notifications of all trades their AI agent makes and will be able to monitor their activities within the Robinhood app. For some trades, agents will show a preview that users may have to approve before the order is executed. The company said it has also built in fraud detection protection, in which a team from Robinhood would review suspicious trades and help users resolve disputes.

Robinhood says users can connect their AI agents to its Model Context Protocol (MCP) service to do things like analyze concentration risk and sector exposure, execute trades, or look through analyst notes to identify new investment opportunities across various sectors. The agentic trading feature is launching in beta and only allows stock trading right now. The company says it plans to add support for options, crypto, event contracts, futures, and prediction markets soon.

Federal prosecutors charged a Google employee with fraud on Wednesday, alleging that he made $1.2 million off of bets using insider information on Polymarket. Prosecutors claim that Michele Spagnuolo, a staff information security engineer at Google, used confidential information to place trades correctly betting that singer d4vd would be Google’s most searched person in 2025. Spagnuolo has been charged with money laundering, commodities fraud and wire fraud. The complaint, filed in the Southern District of New York, was unsealed on Wednesday.

Spagnuolo was arrested Wednesday morning in New York, ABC reported. “Spagnuolo had access to Google’s internal data systems, including a particular Google internal software tool that provided him access to confidential, nonpublic Year in Search data,” the prosecutors said in their complaint. Some observers of the Polymarket platform flagged the user “AlphaRaccoon” back in December for suspicious trades on the most searched person contracts. The complaint Wednesday said that Spagnuolo was the person behind that account. “Google officially and publicly announced its Year in Search 2025 results on or about December 4, 2025. Soon after it did so, Spagnuolo’s AlphaRaccoon account, profited approximately $1.2 million on his Google Year in Search 2025-related bets,” the complaint said.

[…] Spagnuolo is also facing a civil case from the Commodity Futures Trading Commission, where he’s charged with insider trading. The complaint detailed that Spagnuolo correctly predicted the outcomes of a slew of other search markets, including contracts like “Will Zohran Mamdani rank in the Top 5 most searched” and “Will Squid Game be the #1 searched TV show.” “Spagnuolo misappropriated the material Confidential Information by knowingly or recklessly using it to trade the 2025 Year in Search List Contracts in breach of his duties of trust and confidentiality,” the CFTC complaint alleged.

“Today, Last.fm begins a new chapter as an independent company,” the announcement reads. “Ownership has changed, but the product you use every day has not.” It also said that it will keep its current team. Last.fm is a music website that can track what you listen to across platforms, apps and streaming services, including Spotify, YouTube and Apple Music.Â

[…] Last.fm started as an internet radio station in 2002, and it didn’t get scrobbling until a few years later when it merged with the original team that created the tracking process. It operated as an independent company until it was acquired by CBS Interactive, which is now part of the merged Paramount Skydance Corporation, for $280 million in 2007. In 2014, it killed off its $3-a-month subscription radio service to focus on tracking your listening habits on other providers. The company promised to share more about what you can expect from the transition in the coming weeks, but everything will work on Last.fm “exactly as it did yesterday” for now.

They call their method randomness amplification. “This was made possible by an improved so-called Bell-Test with simultaneously high quality and high data rate,” says [Renato Renner and Andreas Wallraff]. He and his coworkers use a complex setup that consists of two superconducting chips, which they cool down to very low temperatures close to absolute zero. Each chip represents a quantum bit or qubit, which can take on the states “0” or “1” or any arbitrary superposition of these states. A 30-meter-long tube, which is also cooled down, connects the two chips.

Microwave photons can fly back and forth between them, thus creating quantum mechanical entanglement. This means that a quantum measurement on one qubit, which randomly yields the values “0” or “1,” influences automatically and at a distance whether “0” or “1” is measured on the second qubit. The separation of 30 meters ensures that, during the measurement, even at the speed of light, no information can be exchanged between the qubits. This would disturb the perfect randomness.

Wallraff and his team made the choice of the exact type of measurement (or “measurement basis” in technical jargon) on the two qubits depending on an imperfect random number generator. Renner’s coworkers could then amplify the randomness of the measurement results further using a special algorithm. “The resulting sequence of zeros and ones is now really perfectly random, and we can even certify that,” says Renner. He likens this result to crossing a ridge: “The technical improvements allowed us, for the first time, to create random numbers that will remain perfectly random for all eternityâ"no matter what analytical methods are used to assess their randomness.”

Now sites have a new way to spy on their visitors: measuring subtle interactions with their solid-state drives. The technique, named FROST (fingerprinting remotely using OPFS-based SSD timing), allows sites to monitor other sites a visitor is viewing and what apps are open on their devices. The technique, laid out in a research paper (PDF), exploits a side channel, a form of leak resulting from physical manifestations such as electromagnetic emanations, data caches, or the time required to complete a task. By measuring the manifestations, attackers can decrypt encrypted traffic and infer other confidential data.

The attack that FROST uses is known as a contention side channel, which measures the interaction of various processes all using (or competing for) a given resource. By measuring the timing of certain I/O (input-output) operations of the SSD a visitor is using, the researchers were able to determine the websites open in other tabs — even on other browsers — and the apps that were open on the visitor’s device. FROST requires no interaction from the visitor other than opening the site hosting the attack. […] Unlike previous contention side-channel attacks on SSDs, FROST runs exclusively in the browser. It uses JavaScript that interacts with the OPFS (origin private file system), an allocated storage space that’s reserved for a specific site to run code needed to complete a given task. Websites can create one with no interaction required by the visitor.

While each file system is sandboxed, meaning it’s isolated from other websites and from the device system itself, the JavaScript can measure the I/O interactions. Then, by running those interactions through a pretrained convolutional neural network — a system that uses deep learning to analyze text, audio, and images — the attacker can deduce various apps and websites open on the device. “The attacker continuously measures SSD contention by performing random reads from a large OPFS file,” the researchers explained. “SSD contention caused by user activity causes measurable latency differences for these read operations. By training a convolutional neural network (CNN) on these traces, the attacker can fingerprint user activity on the host system by classifying new traces using the trained model.”

Naomi Gleit, the head of product at Meta, revealed the subscription testing in an Instagram video, announcing that the plans “give people who use Meta AI more to work with, more capacity, bigger, more complex requests, and more room to create for businesses and creators.”

Meta One Plus will cost $7.99 a month and the Meta One Premium plan will cost $19.99 a month, the company confirmed. The more expensive version offers users additional computing capacity to produce more comprehensive responses and other advanced features. The company will continue to provide a free version of the app and site.

“We’re offering premium tools that allow you to enhance presence, supercharge content, automate tasks, and protect your brand,” Gleit said in the post. “We’re also thinking about how to bring this all together in a way that makes sense.”

Huang was speaking at a launch celebration in Taipei for the chip company’s planned Taiwan headquarters, which he said will break ground this year and aims to become operational in 2030. He did not provide a timeframe for the number of years the company plans to invest $150 billion. The Taiwan headquarters will bring Nvidia closer to TSMC, the world’s largest contract chipmaker which makes many of the advanced semiconductors powering the trend towards AI and is a major supplier to the U.S. tech company.

“Taiwan is booming,” Huang said on stage at the celebration which was attended by his parents, wife, daughter and son in addition to around 1,000 employees. “Taiwan is the epicentre of the AI revolution. This is where the chips come, packaging comes, this is where the systems are made, this is where AI supercomputers were created. The number of partners we work with here in Taiwan, incredible.”

Kroah-Hartman illustrated those pitfalls with real C bugs in the kernel, including a 15-year-old Bluetooth bug that dereferenced a pointer without checking it and a Xen bug where “we forgot to unlock” in an error path. “The majority of the bugs in the kernel are this tiny, minor stuff,” he explained. “Error conditions aren’t checked, locks aren’t forgotten, unreleased memories leak, and vulnerabilities add up over time. They crash the kernel. This is what we live with in C. This is why we don’t like it.” Kroah-Hartman argued that the “best beauty of Rust” is catching those mistakes at build time rather than in review. For example, when it comes to locking, he highlighted Rust’s locking abstractions in the kernel: “The only way you can get access to inner pointers of structures is by grabbing that lock, and releasing the lock automatically. The compiler does it, it’s guarded, the lock happens, everything’s happy. You just can’t write code to access these values…without grabbing the lock. The compiler will not let you.”

Those properties, he argued, directly remove a huge fraction of the bugs he sees: “This is going to save us those two things. First, 60% of the bugs in the kernel right there, they’re gone. Thank you.” The payoff is earlier, more automated enforcement: “If this happens at build time, not review time, don’t make me a maintainer who has to read your code [and] say, ‘Oh, then you properly check that error value. Oh, did you properly grab the locks in the right spot?’ Rust gives us that for free. This is the best thing ever.” Even if Rust vanished tomorrow, Kroah-Hartman argued, it has already forced the kernel to clean up C code and interfaces. He credited Rust’s influence outright: “We stole this from Rust. Thank you. It’s a good idea, so if Rust disappeared tomorrow, we have cleaned up the C code in the kernel so much and taken in the ideas. We thank you, you’ve made Linux better with it just by existing.”

[…] What ultimately sold a number of core maintainers, including him, on Rust was how it “makes reviewing code easier.” With CI [Continuous Integration] bots enforcing builds and Rust’s type system enforcing key invariants, maintainers can “focus on the logic” rather than resource bookkeeping: “I can care about that one function. I don’t have to worry about the rest of this stuff, because I assume that it works properly, because it was built properly.” Internally, he said, the top maintainers have already made their call on Rust’s status: “The Linux kernel maintainers, we get together every year and talk about what the processes are doing. Last year, we said the Rust experiment is over. It’s not an experiment. This is for real.” The rationale: “The people behind it are real. We trust them. We know what they’re doing. They’ve shown and put in the work to make Rust a viable language in the kernel, and we’re going to make this stick. Let’s go full speed ahead. And, as always,” he said wryly, “world domination proceeds.”

How newsrooms should use AI — or if they should at all — has been a recurrent debate within the media industry over the last several years. Increasingly, these rules are being hammered out at the bargaining table between unions and publishers. Right now, employees at The New York Times are gearing up for a fight. Unionized staff with the Tech Guild say Times management has refused to provide the union with information related to how the company has used AI, its plans for AI use in the future, and how it will affect employees’ jobs and workflow. (The union filed an unfair labor practice charge earlier this month.) The Tech Guild, a NewsGuild of New York unit of around 700 software engineers, designers, product and project managers, and data analysts, also filed grievances saying Times management violated their collective bargaining agreement when it started using two internal AI tools that track and evaluate employee performance and activity.

[…] Both the Tech Guild and the Times Guild (which represents 1,500 editorial, ad sales, and support staff at the Times) filed unfair labor practice charges against the Times, saying that company violated labor law by refusing to respond to their requests for information around AI use at the outlet. The Times did not respond to specific questions about how it uses DX and Glean, but spokesperson Danielle Rhoades Ha said in an email that the company disagrees with the characterizations made in grievances and that it would respond as part of its “normal contractual process.” “Likewise, we will respond to this Request for Information (RFI) in due course as we’ve done with 80+ other RFIs from the Guild in recent years,” Rhoades Ha said.

The Times Guild is currently bargaining a new contract, pushing for robust protections against AI, like requirements that a human is behind any AI tool being used, that any journalism utilizing AI is transparently labeled, and that staff are compensated for AI model training deals the company might make. The Times deploys artificial intelligence tools for some reporting, like using it to parse millions of documents related to Jeffrey Epstein or scan satellite images of Gaza to try to find where Israel had dropped a specific kind of bomb. […] [Ben Harnett, a software engineer at the Times and chair of the unit’s generative AI committee] emphasizes that the unit’s position is not that AI shouldn’t ever be used, but that workers should have a say in how it’s deployed. Metrics like how many tokens an employee uses or how often they’re using AI to do their jobs create pressure to do more and incentives that don’t align with doing quality work. “It’s going to distract [you] from actually doing a good job, which is what we think the company should want,” he says.

Under YouTube’s guidelines, creators will still be required to manually disclose when they use realistic AI. But starting this week, it also will roll out a new internal system to help identify AI-generated content. “If a creator doesn’t specify whether or not they used AI, but our systems detect significant photorealistic AI use, we will now automatically apply a label,” YouTube said.

YouTube creators who believe their content was incorrectly flagged as AI-generated can modify the disclosure status using the YouTube Studio tool. However, according to YouTube, the AI labels will “remain permanent” in some cases, including for content created using YouTube’s own AI tools (such as Veo or Dream Screen) and for content that contains C2PA metadata (based on standards from the Coalition for Content Provenance and Authenticity) that indicates it was fully AI-generated.

In addition, YouTube is moving the disclosure label for photorealistic and meaningfully AI-altered or AI-generated content to a more prominent position. Until now, YouTube labeled AI content in a video’s expanded description. Going forward, for long-form videos, the AI label will now appear directly below the video player and above the description. For YouTube Shorts, the label will appear as an overlay on the video itself.