Alterslash

the unofficial Slashdot digest
 

Contents

  1. US Suffered a Major Power Outage Every Month of 2026
  2. Book Publishers Sue Google For Copyright Infringement Over Gemini AI Training
  3. Spotify Is Now an AI Chatbot, Too
  4. Hack Reveals Suno AI Music Generator Scraped YouTube, Deezer, and Genius
  5. FCC Plans To Repeal 39% TV Ownership Cap
  6. Google and Epic Cancel Settlement; Third-Party App Stores Coming To Google Play
  7. FreeBSD 16 Retires the Last of Its GPL Code
  8. OpenAI Launches a Keypad for AI Agents
  9. Stripe, Advent Offer to Buy PayPal For More Than $53 Billion
  10. Microsoft Patches a Record 570 Security Flaws
  11. Astronauts Take First X-Rays In Space
  12. House Votes For Permanent Daylight Saving Time
  13. Iran Abused Mobile Networks’ Vulnerabilities To Locate US Military In Middle East
  14. OpenAI’s First Device Will Be Moveable, Screenless Speaker Built as AI Companion
  15. Google Images Gets a Pinterest-Like Redesign Focused On Discovery

Alterslash picks up to the best 5 comments from each of the day’s Slashdot stories, and presents them on a single page for easy reading.

US Suffered a Major Power Outage Every Month of 2026

Posted by BeauHD View on SlashDot Skip
An anonymous reader quotes a report from Electrek:
A Reddit post making the rounds this week claims the U.S. has experienced at least one major power outage every month of 2026 — but is it true? I dug into several outages, the extreme weather behind them, and what we can do to help keep the lights on. […] The claim that hundreds of thousands of Americans were without power over extended periods at least once per month, every month of 2026 surprised be in two ways. First, because I had no idea if it was true — and, second, because it felt true. We try to do better than writing about things that feel true around here, however, so I did a bit of research (translation: I Googled power outages by month) and came up with the following examples in about sixty seconds

January: More than 296,000 customers still without power as winter storm freezes much of the US
February: More than 380,000 customers without power as winter storm hits US Northeast
March: Storms Cut Power to Over 1 Million Customers in U.S. Midwest, Mid-Atlantic; Ohio Hardest Hit
April: At least 29 tornadoes touched down in Central Illinois on April 17th
May: Energy Secretary Issues Emergency Order to Deploy Backup Generation in the Mid-Atlantic Amid Heatwave
June: More than 373,000 U.S. customers without power due to extreme weather

… and that list is far from comprehensive, and how you feel about it might depend on what you consider a “major” outage, of course — but consider that there are tens of thousands of Americans without power right now, and that’s not making the news. […] The lesson here is that weather-related grid outages — whether they’re caused by wildfires, mudslides, derechos, tornadoes, ice storms, hurricanes, heat waves, or some other disaster I’m lucky enough to have forgotten about — read like statistics when they’re happening over there, but get personal real quick when they’re happening to you.

Re:Worthless fucking statistic.

By rally2xs • Score: 4 Thread

Well, I don’t think its irrelevant. I learned years ago that the US has power outages regularly, and much of the developed world, such as Europe, does not. Europeans coming here and experiencing this are appalled. We should be appalled, but are used to it. There’s really no excuse, it just isn’t that hard, other than being short on generating power. We need to build more of those over a more diverse area so we don’t need quite so much long distance transmission.

But you don’t understand!

By ArchieBunker • Score: 4 Thread

An illegal immigrant received medical care and someone touched peeling paint in a pool. That is the country’s top priorities now.

Re:Worthless fucking statistic.

By phantomfive • Score: 4, Interesting Thread

About 70% of outages are triggered by severe weather, and another 20% come from equipment failing on its own

I don’t think it’s cost effective to harden all equipment to withstand tornadoes.

The thing missing from the story is data. Are the number of outages increasing or decreasing? How many of the outages were due to negligence (apparently less than 10%)?

The only thing worth getting outraged about here is the lack of data.

Book Publishers Sue Google For Copyright Infringement Over Gemini AI Training

Posted by BeauHD View on SlashDot Skip
Major publishers Hachette, Cengage, Elsevier, and author Scott Turow have sued Google, accusing it of using millions of copyrighted books to train Gemini without permission or payment, in “one of the most prolific infringements of copyrighted materials in history.” The Guardian reports:
The publishers argue that Google repurposed books that had been supplied for limited services such as Google Books, Google Play Books and Google Scholar. Those services allowed Google to use the works in specific ways — for example, to display searchable snippets or sell ebooks — but not, the lawsuit claims, to copy them for training commercial AI products. “Desperate to maintain its online dominance, Google abandoned its early motto of ‘Don’t be evil’ and engaged in one of the most prolific infringements of copyrighted materials in history,” the suit states (PDF).

According to the complaint, the tech company made copies of copyrighted books to train Gemini without permission or payment, despite internal discussions acknowledging the legal risks. The filing claims Google flagged internally that it could face "$10Bs-$100Bs in potential fines” for using texts provided by publishers for Google Play Books. The publishers say Google’s actions are harming authors and the wider publishing industry, arguing that AI-generated content could negatively impact book sales.

It notes that, for example, Gemini could generate “a 100-page murder mystery set in a quiet seaside town filled with secrets, that substitutes for an original copyrighted murder mystery on which Gemini trained” in 20 minutes for 39 cents. “No publisher or author can compete with that.” The lawsuit names a number of specific books that the publishers allege were among the copyrighted works used without permission, including NK Jemisin’s The Fifth Season, and Lemony Snicket’s Who Could That Be at This Hour?

Re:Dictionaries Mysteriously Not Sued

By test321 • Score: 5, Informative Thread

Dictionary publishers do get sued. In 2001, the “New Oxford American Dictionary” added ghost (fake) word “esquivalience” to their boko and sued several online dictionaries that included the word (who only could have added through bulk copying the first dictionary).
In 1998, Larousse and Robert (two well-known dictionary publishers) sued Maxidico for plagiarism due due to striking similarities in definitions, including same mistakes/typos. Maxidico was sentenced to the equivalent of 1.5 million euros in damages (of the money of the time) and filed for bankrupcy.

Where’s the payout for coders?

By outsider007 • Score: 3 Thread

Seriously, why should book authors get more compensation for their work being trained on than the rest of us?

Spotify Is Now an AI Chatbot, Too

Posted by BeauHD View on SlashDot Skip
Spotify is testing a new "Talk to Spotify" AI feature for Premium subscribers that will let them chat with an AI assistant to explore music, podcasts, and audiobooks. The feature can answer questions about what users are listening to, adjust playback through follow-up prompts, and offer more personalized recommendations. The Verge reports:
Amazon Music introduced a similar feature last year when it integrated Alexa Plus into the service. Spotify’s chatbot goes a step beyond providing AI-powered recommendations and general trivia, however, because it references your playlists, favorite artists, repeat listens, and listening data when responding to requests. That means you can ask questions about your own listening history to check when you first heard a specific song, or see what genres you’ve been into lately if you can’t hold out for the annual Wrapped insights.

The updated AI capabilities are more conversational than older features like Prompted Playlist, which automatically builds playlists based on descriptions. Now, you can ask the Spotify chatbot to “play some songs I haven’t heard before,” and control what’s being played with further instructions like requesting specific artists or asking to make it “more upbeat.” Spotify says the new conversational experience aims to make the platform “more personal and useful for every listener,” making this one of several ways that the company is trying to address complaints about its algorithm.

You can also ask the Spotify AI general questions about whatever you’re listening to, making the feature feel similar to using chatbot services like Google’s Gemini or OpenAI’s ChatGPT. That includes asking for when a song was released, exploring other titles an author has written when listening to one of their audiobooks, or checking if a podcast guest has appeared on other audio shows.

Piss off

By liqu1d • Score: 3 Thread
Stop bloating the client and go back to being good at recommending new music. Perhaps some effort into the ad targeting too. If I’m currently listening to Pantera there’s a pretty reasonable chance I’m not interested in Jayden Smiths new album…

Needs to be agentic AI

By JoeyRox • Score: 5, Insightful Thread
I need Spotify to listen to music for me and summarize how much I enjoyed it.

Hack Reveals Suno AI Music Generator Scraped YouTube, Deezer, and Genius

Posted by BeauHD View on SlashDot Skip
A hacker who breached Suno reportedly revealed source code and training-library details showing the AI music generator scraped millions of songs and lyrics from sources including YouTube Music, Deezer, Genius, Pond5, Jamendo, Freesound, and podcast RSS feeds. “The hacked data is a rare look at exactly how AI models and tools are built,” reports 404 Media. “Suno is one of the largest AI music generation tools on the internet, and has been the subject of several major lawsuits from the record industry, which accused the company of training on millions of copyrighted songs.” Suno maintains that its models were trained on publicly available music files and metadata as fair use. 404 Media reports:
The Recording Industry Association of America accused Suno of ripping songs directly from YouTube; the hacked data seen by 404 Media confirms this. The hacked material includes source code that appears to be from 2023 and 2024 that includes scraping instructions and details about the scope of at least some of the scraping. For example, the comments in one file note that they will pull from “genius_hq, youtube_music, freesound, jamendo, imp, deezer, ytm_tagged,” and that “non-music will be filtered out.” A file called “youtube_music” notes that at the time the file was last updated, it had ingested “2,013,545 music clips.” Another file contains comments about different datasets Suno had created, which included “113,879 hours of youtube_music,” “17,615 hours of genius_hq,” “410 hours of free sound,” “19,514 hours of imslp,” “3,726 hours of jamendo,” “62,117 hours of pond5_music,” “12,287 hours of deezer,” “152,162 hours of ytm_tagged,” and “103 hours of musescore_lyrics.” In total, this is at least decades worth of music.

Other code the hacker shared with 404 Media appeared to look specifically for vocals by searching specifically for acapella versions of songs on YouTube. The code also suggested that Suno was using proxies to scrape songs from YouTube through a company called Bright Data, which sells scraping tools, infrastructure, and data services. Additional code shows that with the help of an online tool called PodcastIndex, Suno identified 420,000 different podcasts that had at least five, 30-minute episodes and sought to download roughly 1 million hours of podcasts.

[…] The hacker, ellie.191, told 404 Media they breached the company by hacking an individual employee using the Shai-Hulud worm, a supply chain attack that allowed hackers to harvest GitHub and cloud service credentials. They said they also accessed Suno’s customer list, which included customers’ emails and/or phone numbers and Stripe payment details, depending on what they used to login. The hacker provided a sample of some of the customers, some of whom confirmed to 404 Media they had used their phone number to sign up for Suno and said they were never notified of a breach. The hacker told 404 Media they had no specific motivation for hacking Suno and said “I like to hack anything and everything.”

SUNO - “Stealing Until Nothing’s Original”

By haruchai • Score: 3 Thread

YouTube drummer El Estapario Siberiano came up with that and sells merch with that on it

Shocking!

By SlashbotAgent • Score: 4, Funny Thread

This is as shocking as putting your tongue on the terminals of a dead 9 volt battery.

FCC Plans To Repeal 39% TV Ownership Cap

Posted by BeauHD View on SlashDot Skip
The FCC plans to vote on repealing local TV ownership limits, including the 39% national audience cap that currently restricts how much of the U.S. market a single broadcast group can reach. Engadget reports:
On August 6, commissioners will hold a ballot to repeal Section 303 of the Communications Act, and with it the 39 percent rule. In essence, the rule limits the reach of a local TV network to no more than 39 percent of the U.S.’ total audience market. In its place, the FCC would move to a system whereby it would personally approve or reject TV ownership deals on a case-by-case basis.

It’s not clear if the FCC even has the authority to reject Section 303 without the explicit consent of the legislature. As Lawrence J. Spiwak wrote in the Yale Journal on Regulation back in January, Section 10 of the Communications Act expressly forbids the FCC from bending the rules around Section 303.
“Americans no longer trust the legacy national media to report the news fairly or accurately,” wrote FCC Chairman Brendan Carr in an op-ed published on Breitbart. “In fact, only eight percent of Americans have a great deal of trust in mass media. That figure is even lower among Republicans — sitting at a mere three percent.”

"… Many local broadcast TV stations are getting hollowed out as a result and turning into little more than mouthpieces for programming produced in New York and Hollywood,” he alleged. “That is not what Congress or the FCC intended.”

People want biased news.

By Brain-Fu • Score: 5, Insightful Thread

When news is presented that fits with one’s political biases (or other biases), they tend to find it believable. And it if does not align with their biases, they tend to distrust it. This is even true of people who claim they want politically-neutral unbiased news....they still tend to react to it through the filter of their own biases.

It is natural enough to do this, and largely unconscious. It is VERY hard to overcome and even people who can overcome it don’t do so ALL the time. It is the nature of bias to work this way.

On the flip side, there are ALSO powerful groups who have a clear interest in controlling narratives.

So, any news source that makes a sincere effort at being unbiased will be distrusted by viewers at least half the time, and will be fighting a losing battle against wealthy special interest groups. With cards stacked against them like that, it is no surprise that there aren’t very many.

How will this help?

By nightflameauto • Score: 5, Insightful Thread

“Americans no longer trust the legacy national media to report the news fairly or accurately,” wrote FCC Chairman Brendan Carr in an op-ed published on Breitbart. “In fact, only eight percent of Americans have a great deal of trust in mass media.

And how will allowing even more of the media to be owned by a single business help that? Honestly, this feels like clearing the way to make sure only the “correct” message is allowed out on mass media. And we all know that means more alternative facts and less actual reality.

Re:Free Speech is Hard to Get Right

By sit1963nz • Score: 5, Insightful Thread
Free speech may be in theory a great thing, but when the ultra rich control such speech their “freedom” is not yours.
It’s now in their best interest to lie and make sure that lie is repeated and told from multiple “sources” so it becomes the alternative truth.

For example “The USA has the hottest economy in the world” without saying how much borrowing is going on and how interest payments are now the US’s biggest expense. The maxing out of the US “Credit card” will be a burden generations of Americans will be left with.
Meantime the wealthy are hiding wealth in other countries, into gold, into bunkers elsewhere in the world…

The only good thing is that the world is increasing its decoupling from the USA so the its implosion will have less of an impact on them.
Who knows, maybe they will have the cash/gold to buy up the husks of profitable US companies and take them overseas…

Re:Free Speech is Hard to Get Right

By Knightman • Score: 5, Insightful Thread

Without a doubt, restricting the target audience a local broadcaster can reach to 39% is a form of censorship, no matter the reasoning behind it.

So if someone can’t have a monopoly on local TV broadcasts they are being censored?

In the past the FCC had to balance censorship with censorship, and the cap did that by preventing a broadcaster who refused to air a show from affecting more than 39% of the national audience.

No, the FCC had to balance public interest vs corporate and political interests because it’s more beneficial to give the public more choice and different views.

If it is not addressed, local broadcasters will be regulated out of existence by forcing them to compete with one hand tied behind their back.

Where’s the competition if all the local broadcasters are owned by the same company?

Now that programs from major studios can reach 100% of the national audience via online streaming services

Oh, so every American has internet? Funny that, about ~25 million Americans lack access to reliable internet access.

If it is not addressed, local broadcasters will be regulated out of existence by forcing them to compete with one hand tied behind their back.

If addressed, there will not be any competition at all because most of the local broadcasters will be bought up by one company. Sinclair Broadcast Group tried this in 2018 by hiding their purchasing of Tribune Media through shell companies which resulted in them being sued and fined 48 million in 2020.

If FCC repeals the 39% national cap Sinclair will quickly dominate local broadcast and considering what has happened to every other local broadcaster they bought, those broadcasters will be gutted and start to air mostly news-slop that is produced centrally.

I guess it has escaped your notice that a consolidation of media is happening which means that a handful of billionaires are becoming the sole owners of a majority of all media which in turn means they get to decide what everyone can see, not you or the public. Anyone with a smidgen of critical thinking knows that is bad, like dystopian bad.

Re:Legal authority no longer is controlling

By Richard_at_work • Score: 5, Interesting Thread

Wasnt there a SCOTUS ruling recently that ruled that agencies cannot enact their own rules, but can only enforce rules as laid out in law? And if Congress wanted the agency to enforce a rule, it should pass a law to that effect?

We all know that that was targeted at agencies like the EPA, FDA etc, to get rid of the agency-created limits on things, but it feels like it should equally apply here - the law says X, the agency cant change the law.

Google and Epic Cancel Settlement; Third-Party App Stores Coming To Google Play

Posted by BeauHD View on SlashDot Skip
An anonymous reader quotes a report from Ars Technica:
Big changes are coming to Android apps, but they’re not the changes Google wanted. The settlement between Google and Epic that aimed to put to rest the companies’ long-running antitrust battle is being withdrawn, and that means third-party app stores are coming to the Play Store. Google has confirmed that it will begin distributing rival app stores next week, setting the stage for competing platforms to take a bite out of Google’s Android revenue stream. […] Google and Epic were set to return to court on July 16 to argue in favor of the settlement. However, the writing may have been on the wall. In a recent expert analysis provided to the court, MIT economics professor Nancy Rose noted that the settlement was “unlikely to enable Google Play’s potential competitors to overcome their long-standing network-effect disadvantage in a timely manner.”

With settlement approval looking increasingly unlikely, Epic and Google agreed this week to call the whole thing off. Here’s how Google Trust and Reputation Communications Lead Dan Jackson explains the company’s decision: “We’ve agreed with Epic to withdraw our motion to modify the US Court’s injunction rather than prolonging this process which creates uncertainty for the ecosystem. This allows us to focus on executing our recently announced global business model evolution to deliver greater app store choice, lower prices, and more opportunities for developers and users. We remain committed to maintaining Android’s industry-leading security and fostering a competitive ecosystem where every app store and developer has the freedom to compete. In parallel, we continue to comply with the US Court’s injunction.”

In a brief filing (PDF), Google’s legal team informs the court that Google is prepared to begin distributing third-party app stores in Google Play on July 22. Under the terms of Judge Donato’s original injunction, these stores will have access to the full catalog of Google Play apps by default. Developers will have the option to opt out of distribution in these stores, and Google has a support page explaining how to do so. Google also has documentation on how app stores can get access to the Google Play catalog. It won’t be mirroring those apps in any shady storefront that asks. The court has allowed Google to charge reasonable fees to cover its security and compliance review of third-party stores, which will be $5,000 per year.

Google will also require approved stores to block malware, respect intellectual property, and include mechanisms to update and uninstall apps. App stores can be removed from the program if more than 1 percent of attempted app installs appear to be malware or unwanted software. It’s unclear if there will be separate, possibly more stringent requirements for storefront distribution in the Play Store. However, Google is prohibited from unreasonably blocking third-party store clients uploaded to Google Play. The changes Google has announced under the Epic agreement will proceed for now. That means Registered App Stores will happen globally, but they will probably only appear in the Play Store for US users. Google hasn’t specified if there will be any differences in the features available to the stores downloaded from Play versus registered stores.

F-Droid

By TwistedGreen • Score: 3 Thread

Does this mean I will be able to download F-Droid from Google Play?

Re:F-Droid

By caseih • Score: 5, Insightful Thread

Nope. Google is still set to kill F-Droid later this year when they turn on mandatory developer certificates which will require developers to pay Google and hand over their personal information, regardless of what app store they want to distribute through. This will essentially kill F-Droid for casual users (their main target is almost certainly NewPipe). Yes you can still use F-Droid but you’ll have to do a 24 hour delay before you can install F-Droid.

Re:F-Droid

By swillden • Score: 4, Informative Thread

Nope. Google is still set to kill F-Droid later this year when they turn on mandatory developer certificates which will require developers to pay Google and hand over their personal information, regardless of what app store they want to distribute through.

Nonsense. There’s no reason to expect that mandatory developer certificates will kill F-Droid, at all. F-Droid will need one guy to pay the $25 fee and identify himself. Unless they can use the open source developer exception that Google has talked about (but hasn’t announced any details, AFAIK).

This will essentially kill F-Droid for casual users (their main target is almost certainly NewPipe). Yes you can still use F-Droid but you’ll have to do a 24 hour delay before you can install F-Droid.

That’s a bigger issue, because Google’s announced policy is to require that apps respect intellectual property, which would include not distributing apps that blatantly violate terms of service. Most likely F-Droid will have to stop distributing NewPipe if they want to be in Google Play. If dropping NewPipe is enough to kill F-Droid, then I guess that’ll do it.

Hopefully Google won’t hamstring this

By Todd Knarr • Score: 3 Thread

Hopefully Google won’t hamstring this by forcing you to enable “install apps from any source” setting to use non-Google app stores. If I use an alternate app store I don’t want to let apps from just anywhere be installed, I only want apps from that app store to be installed. Apps from anywhere else I want to continue to block.

FreeBSD 16 Retires the Last of Its GPL Code

Posted by BeauHD View on SlashDot Skip
FreeBSD 16 has removed the last GPL-licensed code from its base system, retiring the old GNU ‘dialog’ implementation after the installer moved to ‘bsddialog’ and the final dependency was disabled. Phoronix reports:
This ticket to retire dialog was opened back in February while is now merged to the FreeBSD source tree for what will become FreeBSD 16.0. With dialog removed, the latest FreeBSD code now retires the GNU sub-tree of the FreeBSD base system now that no more GNU code remains. FreeBSD 16.0 is working its way toward release that is expected to happen in December 2027.

Re:Context?

By Junta • Score: 5, Funny Thread

If only there was something about FreeBSD that might provide a clue about what license they would be wanting the software to use…

Re:Context?

By martin-boundary • Score: 5, Funny Thread
Kids today need AI to tell them about licenses. In my day, we learned about them from the BBC.

Eric.

I think I started this

By howardjp • Score: 5, Interesting Thread

27 years ago, I wrote a clean implementation of grep, specifically for this purpose. It has since been adopted by (at least) FreeBSD, OpenBSD, NetBSD, Haiku, Minix, MacOS, iOS, and who knows what else. So this is really cool to see this.

Re:I think I started this

By howardjp • Score: 5, Informative Thread

I wrote that line. But use the source. https://github.com/freebsd/fre…

Re:Context?

By abulafia • Score: 4 Thread
There’s a handy list, probably a little out of date.

Names you might recognize of include Juniper, Citrix and Netapp.

OpenAI Launches a Keypad for AI Agents

Posted by BeauHD View on SlashDot Skip
OpenAI’s first hardware device is a limited-edition desktop keypad called the Codex Micro that lets users monitor and control AI coding agents. Axios reports:
Codex Micro is a collaboration with Work Louder, a boutique hardware company known for customizable mechanical keyboards and shortcut controllers for developers and designers. The small, square macro pad — with backlit keys, a rotary knob and a tiny joystick — sits beside your regular keyboard as a physical shortcut box for common Codex actions and shows the status of your agents. The keys are customizable and include a push-to-talk option as well as a dial to adjust your reasoning setting. Codex Micro is a niche device for Codex power users and will only be available until it sells out. It’s priced at $230.

Is the Peak Here Yet?

By crunchy_one • Score: 3 Thread
$230 for $20 worth of electronics? All this device demonstrates is the utter contempt in which OpenAI holds its “customers”.

You know it’s a bubble when silly devices show up

By ArghBlarg • Score: 3 Thread

I’m old enough to remember this.

Though it looks kinda funky, will keep an eye out for one on the surplus junk market after the bubble pops, could be a fun control surface for other things.

WTF?

By CEC-P • Score: 4, Informative Thread
I already have one of these. It’s called my keyboard. And I know where all the keys are to control anything in any UI without even looking down. And it was $18 not $230.

Stripe, Advent Offer to Buy PayPal For More Than $53 Billion

Posted by BeauHD View on SlashDot Skip
Stripe and private equity firm Advent International have reportedly made a joint $60.50-per-share offer to buy PayPal, valuing the payments company at more than $53 billion. The bid is said to represent a 28% premium to PayPal’s latest closing price and is backed by roughly $50 billion in committed bank financing.

private equity firm

By Anonymous Coward • Score: 5, Insightful Thread

You thought PayPal was shitty now? Come back in one year.

Nothing ever gets better

By MpVpRb • Score: 5, Insightful Thread

…when companies are acquired.
Paypal sucked before, expect it to get worse.

Paypal needs higher fees

By jsepeta • Score: 4, Funny Thread

that’s what’s missing from their business offerings

Private_Equity + Paypal == Cancel_Account

By hwstar • Score: 3 Thread

You could smell the foul stench a month ago when they changed the terms of their arbitration clause to use JAMS instead of the AAA among other things.

Once a business starts engineering its arbitration agreements to favor it over its customers in most cases, its time to cancel.

I think companies which use arbitration agreements should be avoided if at all possible, but it is getting very difficult to do so.

Being owned by Private Equity is another reason to sever the relationship.

Re:private equity firm

By tlhIngan • Score: 5, Informative Thread

Maybe it is the push off the cliff that Paypal needs.

Not likely. Because PayPal still does one thing no one else does - which is allow two random people to accept credit card as a payment option. In other words, the recipient does not need to have a merchant account.

While PayPal does more than this nowadays, that is still one thing that no other system does. There are alternative systems but they generally are very limited (I think Visa has one that allows random people to take Visa payment).

Sure there are private networks that do the same thing if people are both members of it, but you’ll find they’re US only and generally hijack through a bank account to get the transfers done. But if you just wanted to do a random payment not using cash, PayPal is surprisingly your only option.

All other options require both sides to have an account - PayPal only requires the recipient to have an account - the sender being charged does not need one.

Microsoft Patches a Record 570 Security Flaws

Posted by BeauHD View on SlashDot Skip
An anonymous reader quotes a report from Krebs on Security:
Microsoft today released software updates to plug at least 570 security holes in its Windows operating systems and other software, almost triple the number of vulnerabilities the software giant fixed in its record-smashing Patch Tuesday release last month. Microsoft attributed the burgeoning patch counts to vulnerability discoveries aided by artificial intelligence. Nearly 60 of the bugs quashed in July’s Patch Tuesday earned a “critical” severity rating, meaning miscreants or malware could use them to seize remote control over a Windows device with little or no help from the user. Microsoft also addressed three zero-day flaws, including two that are already being exploited in the wild.

Two of the zero-day weaknesses allow an attacker to elevate their user rights on a Windows system, as do approximately 250 other elevation of privilege flaws fixed this month; they include CVE-2026-56155 - an Active Directory Federation Services bug — and CVE-2026-56164, a Microsoft Sharepoint vulnerability. CVE-2026-50661 is a security feature bypass in Windows BitLocker that could allow attackers to gain access to encrypted data if they have physical access to the device. Microsoft said this bug has been detailed publicly, but that it is not aware of any active exploitation.

In a blog post on July 9, Microsoft Executive Vice President Pavan Davuluri wrote that Windows users will notice “a higher volume of security updates included in each security release” as a result of AI aiding in the discovery of vulnerabilities. “The pace of vulnerability discovery is changing with advances in AI making it possible to find more issues, faster, across more code, with new mechanisms that can accelerate both discovery and analysis,” Davuluri wrote.

An AMAZING number of flaws

By Futurepower(R) • Score: 5, Insightful Thread
The big underlying issue is why does Microsoft deliver software with so many flaws?

Re:An AMAZING number of flaws

By AmiMoJo • Score: 4, Insightful Thread

It doesn’t, they just turned AI on it for the first time.

Linux is going through the same thing, only with less good AI and more slowly.

Right once, patch away

By Z80a • Score: 3 Thread

To find a security flaw, you only need to be right once.
So if you have a machine that has a shitload of false positives, and have a way to filter em quickly, you end up with a bunch of true positives.
Now to code, you ideally want to always be right, which is not quite ideal for a machine that does a lot of false positives.
It’s a pretty fun scenario, specially if you’re not the only one running the security flaw finding machine.

Re:Zero day already in the wild?

By Waffle Iron • Score: 5, Informative Thread

The summary says: “Microsoft also addressed three zero-day flaws, including two that are already being exploited in the wild. "

(scratches head) How can a flaw be called zero-day and already be exploited in the wild?

Because a zero-day is any flaw made public before the developer knows about it. One of the main ways this happens is by noticing that hackers are breaking into systems using a heretofore unknown exploit.

Re:An AMAZING number of flaws

By tlhIngan • Score: 5, Informative Thread

For instance, they created the SMB file protocol not from computer science first principles, but as a hack. And so everyone who wants to interoperate with it (e.g. Samba) is then locked in a decade long attempt to reproduce every single bug in their own code.

Incorrect. SMB was created by IBM to share printers and files in the PC-DOS (and likely token ring) days.

Microsoft adapted it for their Windows networking product in Windows NT as an alternative to the IPX/SPX protocol that Novell had.

Andrew Tridge then realized his SMB client/server project would work not just for IBM, but for Microsoft networks as well with a few slight adaptations to evolve the protocol (especially since it wasn’t running on TCP/IP in the early days).

Microsoft later adapted it for Windows Vista in SMB 2 and Windows 7 as SMB 3. But SMB 1 still remains a deprecated option because many Linux based NAS devices, in an attempt to skirt the GPLv3, still use an ancient version of Samba that only supports SMB1. (Samba went to GPLv3 about 3 weeks before it released support for SMB2). This is why many routers and cheap NAS boxes still require you to install SMB1 support.

(NAS providers like QNAP, Synology and vendors like Apple chose not to use the GPlv3 Samba after this, and wrote their own SMB2+ implementation). The need for SMB1 should decrease further because the Linux kernel itself has SMB2+ support inside it.

At which point we can truly ditch the nightmare that is SMB1, which is kept around less for Windows and more for devices running Linux. (You need SMB1 for Windows XP and lower and those haven’t been supported in over a decade)

The other thing is SMB was for file and print sharing, and Microsoft did the EEE thing with it once IBM was no longer interested in it which Samba had to follow faithfully to be completely compatible.

Astronauts Take First X-Rays In Space

Posted by BeauHD View on SlashDot Skip
Astronauts on SpaceX’s Fram2 mission successfully captured diagnostic X-ray images in orbit for the first time. The milestone gives space medicine a second imaging option beyond ultrasound and could help future crews diagnose injuries, inspect equipment, and support longer missions to the moon or beyond. Popular Science reports:
Commercial off-the-shelf X-ray machines like the ice cooler-sized MinXray TR90BH now allow users to perform scans on subjects far away from traditional facilities. In 2022, [Mayo Clinic researcher Sheyna Gifford] assisted in preparing a crew to successfully generate digital X-rays while experiencing microgravity during a parabolic flight. Gifford’s team then spent years collaborating with SpaceX to plan another feasibility study. This time, they didn’t want to operate an X-ray machine aboard an aircraft simulating the conditions in space — they intended to use the equipment during an orbital mission.

The process was detailed in a recently published study in the journal Radiology, and focuses on last year’s Fram2 mission. Instead of days of medical training, astronauts spent only four hours learning how to use their portable radiography device. They then took preflight X-rays of a hand, forearm, chest, abdomen, and pelvis ahead of their SpaceX Falcon 9 rocket launch on March 31, 2025. Once in orbit, the team calibrated the system before testing their MinXray on the same body parts as well as a smartwatch.

Once the crew returned, a trio of independent radiologists reviewed the orbital X-ray images based on their positioning, spatial and contrast resolutions, and general scan quality. Although positioning scores were slightly decreased for the central body images, every other scan held up to similar examples created on Earth. Meanwhile, the astronauts reported that using the machine was easy despite minimal prior coaching. Looking ahead, researchers hope to conduct further X-ray tests during orbital missions, while continuing to reduce the overall size of equipment.

Dosage

By necro81 • Score: 5, Informative Thread
Medical x-ray equipment these days requires less radiation exposure than in years past. Still, it is a radiation dose on top of what space crews are already experiencing. NASA guidelines limit astronauts to 600 millisieverts (mSv) for their whole flight career, and 250 mSv for an acute event (e.g., a solar storm). They estimate a 6-month stay on the ISS could be 77-86 mSv, depending on solar conditions. By comparison, living on the surface of the Earth will dose about 3 mSv/yr.

A typical chest x-ray is about 0.1 mSv. So not nothing, but also not a huge amount, even if they did 10 images in quick succession. And weighed against the medical diagnostic benefit, it’s probably a decent tradeoff.

Re:Captain Dabbin.

By sg_oneill • Score: 4, Interesting Thread

Its space. When it comes to radiation, an X-Ray machine is by far the least of their worries. Astronauts come back from space missions utterly glowing with radiation.

Admittedly the cancer rate amongst astronauts isnt THAT much higher (just under 1/3 of astronaut deaths compared to just over 1/5th of the general population), but this is also a cohort that have mostly been non smoking tea-totaller health conscious non-junk-eating people so its definitely a thing.

Like yeah, over exposure to medical X-Rays is totally a risk factor, but astronauts go into space knowing that space is actively trying to radiate them, freeze them, burn them, pop their lungs, boil their blood and suffocate them. Its a soldiers gambit really.

Re:Why is this a big deal?

By SouthSeb • Score: 4, Informative Thread

Because you need sufficient space and to be very still while x-raying. Also, space ships and stations get a much higher amount of external radiation than Earth (like, 20x more) and they needed to make sure it wouldn’t interfere with the scans.

House Votes For Permanent Daylight Saving Time

Posted by BeauHD View on SlashDot Skip
The House voted 308-117 to pass the Sunshine Protection Act, which would make daylight saving time permanent nationwide and end the twice-yearly clock change. The bill faces an uncertain future in the Senate, “where one G.O.P. leader said it was unclear whether it could move ahead and at least one Republican appears inclined to try to block it,” reports The New York Times. Some sleep experts oppose permanent daylight saving time, arguing that year-round standard time better aligns with circadian rhythms and winter morning safety. The New York Times reports:
President Trump has championed the effort to save an extra hour of daylight before nightfall and make the time zone permanent, describing the ritual of moving clocks forward in the spring and back in the fall a “ridiculous, twice yearly production.” “We are going with the far more popular alternative, Saving Daylight, which gives you a longer, brighter Day,” Mr. Trump wrote in a social media post in May. “And who can be against that.”

A sizable bloc of Florida Republicans in Congress is leading the charge on legislation that would do just that, mandating daylight saving time nationwide for the entire year. Representative Vern Buchanan of the Tampa Bay area is backing the bill, and Representative Anna Paulina Luna, another Tampa Bay-area Republican, cosponsored it. House leaders agreed to allow a vote on the measure this week as a sweetener for Ms. Luna in their efforts to persuade her to lift a legislative blockade she had maintained as she sought to force Senate action on a voting restriction bill Mr. Trump has championed.

Re:They should do the same in The Netherlands

By eth1 • Score: 5, Interesting Thread

If the Netherlands did this, they would reverse it immediately after the first winter. Not getting any sunlight until past 10.00 AM is so annoying, and the cost of road maintenance because rush hours is when everywhere, there is still ice on the roads, will be prohibitive.

People complaining have simply no clue how it is to have DST in the winter, and can’t imagine.

Sunlight in the morning is relatively useless: most people are waking up, getting ready for work, and going to work, all of which can be done with artificial light.

Sunlight in the evening is valuable: people get off work and need to work in their yards, kids have after-school sports/activities, etc. outside, which are all either easier or only possible with sunlight.

Re:They should do the same in The Netherlands

By sabbede • Score: 5, Insightful Thread
LEDs don’t replicate sunlight. They don’t help Seasonal Affective Disorder, which is caused by having to wake up before the sun. It appears you are not affected by it, but for people who are it is a real problem. Imagine spending all day depressed, angry, and half-asleep. Your reaction time is down, so you get into more accidents. Your temper is short and frayed, so you treat others poorly and get into lots of arguments. It sucks.

Re:They should do the same in The Netherlands

By HiThere • Score: 5, Insightful Thread

You’re being silly. If the time is stable, then you’ll set your hours to what it is. There’s nothing special about the time number “10:00 AM”. Businesses could have summer and winter hours if they chose to…at one time that wasn’t uncommon.

Re:They should do the same in The Netherlands

By Bert64 • Score: 5, Insightful Thread

The root of the problem is rigidly tying people’s daily routines to an arbitrary set of numbers, and then changing those numbers rather than changing the routine.

Re:They should do the same in The Netherlands

By Bert64 • Score: 5, Insightful Thread

The sun always rises later in the winter, that’s the nature of winter… The only thing this changes is the arbitrary numbers that are displayed when the sun is rising.
Instead of fixating around those arbitrary numbers, plan your day around actual environment factors like when the sun rises etc.

Iran Abused Mobile Networks’ Vulnerabilities To Locate US Military In Middle East

Posted by BeauHD View on SlashDot Skip
An anonymous reader quotes a report from TechCrunch:
The Iranian government abused well-known vulnerabilities in the global telecoms infrastructure to locate U.S. military personnel in the build-up to the Iran War, as well as in the early days of the conflict, according to Financial Times. The Iranian government exploited Signaling System 7, or SS7, a set of protocols for 2G and 3G networks that has long been the backbone of how cellular networks connect to each other to route subscribers’ calls and texts around the world, the newspaper reported, citing research by the Mobile Surveillance Monitor, as well as anonymous government officials with knowledge of the spy campaign.

Intelligence agencies have long abused SS7 to track cellphones abroad, which is what happened in this campaign. Using this technique, Iran was reportedly able to locate U.S. military forces stationed in military bases as well as hotels in Iraq, Bahrain, and other countries in the Middle East, which allowed the regime to strike them. These attacks resulted in several injuries. Apart from SS7, Iran also abused advertising technology used to serve tailored ads to cellphone users, another well-known surveillance technique that relies on everyday technology.

DJT, stuck in a war of his own making

By Epeeist • Score: 5, Insightful Thread

Both Putin and Trump have started wars that they cannot win, and from which they cannot withdraw without an enormous loss of face.

The only difference is that Putin’s war only effects Russia’s economy, while Trump’s war effects the whole world.

Re:DJT, stuck in a war of his own making

By sit1963nz • Score: 5, Insightful Thread
More so the USA long term as more of the world financially decouples from the USA.
And even when the fat man has fallen off his perch things will not “go back to how they used to be” , the world has already decided it will never been under control of the USA again.

That is called “being competent”....

By gweihir • Score: 5, Insightful Thread

An enemy in a war does not “abuse” your weaknesses. They are “using” them if they are competent. And on the other side? Simple: Having these vulnerabilities is stupid. But the whole war is excessively stupid on the US side. Not the most stupid war ever fought, but probably up in the all-time top-10. And to think the only reason for that war is that a multiple-felon president needs to hide how he raped children.

Sigh.

By ledow • Score: 5, Insightful Thread

I’ll say it again:

Active military personnel carrying around standard mobile phones is such a breach of all kinds of basic security protocols that it should be illegal.

But can’t let the troops get bored, eh? Have to let them do their fitbit on board your cruiser that you’re trying to keep secret, and have them checking into Facebook while they’re in Helmand province, and giving away their movements when they’re running around your bases at home, and having an always-on device capable of tracking and recording everything from audio to the radiowaves to location, made by the Chinese, wherever they go.

Dumbest fucking idea ever.

Re:Code is law.

By AleRunner • Score: 5, Insightful Thread

If the code allows it, it’s not abuse.

That’s actually pretty much a fair comment. A number of the mobile systems were originally designed to be more secure than they were finally delivered. GSM in particular. These systems then had security removed from them and monitoring added in during standardization according to American (and later European and other) requests. Probably what Iran has done to kill American soldiers are things that could have been eliminated from the mobile communication standards if the security agencies had been putting a priority on protecting us over spying.

This is a key reminder for us that when NSA and GCHQ demand that the security of systems is weakened they are doing the opposite of their jobs. They are endangering both American and British military people alongside also endangering civilians and allied military people worldwide. They are taking time from experts who should be spending it looking for vulnerabilities and building more secure systems. They are using that time to introduce weaknesses, for example getting rid of end to end encryption and adding in global identifiers, which also make the job of securing the system much more complex.

This isn’t just an American problem. Europe’s new Chat Control 2.0 is the same idea. There are pre-image attacks where you can make child porn which matches the image-hash of the material you want to track. Russia and Iran will be able to use those pre-image attacks to track people who have their secret materials.

Calling this “abuse” is misleading. It’s just Iran using weaknesses that our security services left in the systems, wanting to be able to use themselves and which Iran then discovered.

OpenAI’s First Device Will Be Moveable, Screenless Speaker Built as AI Companion

Posted by BeauHD View on SlashDot Skip
OpenAI is reportedly developing a screen-free, portable smart speaker meant to act as a personalized home computer and humanlike AI companion. “It will help control smart-home appliances, play media, answer questions, respond to messages and tap into the range of capabilities offered by OpenAI’s ChatGPT,” reports Bloomberg, citing people familiar with the matter. The device, expected to be unveiled this year and released in 2027, would mark OpenAI’s first major hardware push after acquiring Jony Ive’s io Products. Bloomberg reports:
Apple sued OpenAI last week, accusing the company of stealing trade secrets. But OpenAI believes that the device veers significantly from anything Apple has on the market today and that it’s unlikely that it violates trade secrets belonging to the iPhone maker, the people said. OpenAI’s success in hardware will hinge on bringing a novel approach to the market — something it aims to do with the smart speaker. For instance, the device’s technology is meant to become increasingly personalized and proactive as it gains a deeper understanding of its owner over time, according to the people.

OpenAI envisions the device anticipating needs, surfacing information proactively and serving as an expert on its user, they said. Though the speaker is designed to stay in the home, it will be easy to move around the house. OpenAI believes the product’s defining feature will be its personality and ability to connect on a humanlike level with users. The speaker incorporates mechanical elements that can move on their own, creating a sense that it is alive and not just an object responding to commands. The machine also will draw on personal information such as emails to better understand its owner. The goal is for the device to feel like a companion and become a physical manifestation of OpenAI’s ChatGPT. Still, the exact plans could change as the company works through the development and legal process.

The device’s communication abilities will rely on a more advanced version of the ChatGPT Voice Mode — GPT-Live — that OpenAI rolled out this month. The new voice mode is designed to act more like a human. It can listen and talk at the same time, adapt more naturally during conversations, and quickly process information. Though the new product resembles a speaker, OpenAI internally describes it as the first of its kind: a computer built for AI to help make busy people more productive. It includes a camera and other sensors that help it understand a user’s surroundings and context, as well as advanced AI models beyond those available on conventional smart speakers. Another central difference is that the device includes a rechargeable battery, allowing it to be carried from room to room throughout the day. A user could bring it into the laundry room while doing chores, move it into the kitchen for cooking assistance, and later place it in a living room or bedroom to have it play music. It can also remain plugged into a single room if the customer chooses.

Re:Not very “Innovative”

By 93 Escort Wagon • Score: 5, Funny Thread

Great, just what we needed. ANOTHER “Alexa” type of always listening speaker device.

* NOW with extra evil!! *

Sounds ghastly

By Jeremi • Score: 5, Funny Thread

OpenAI envisions the device anticipating needs, surfacing information proactively and serving as an expert on its user, they said.

Will it have a Genuine People Personality? Perhaps a cheerful and sunny disposition?

Re:Not very “Innovative”

By alcmena • Score: 5, Interesting Thread

If I remember correctly, surveys showed that people use smart speakers to do a very small number of things:
1. Set a timer
2. Play music
3. Turn on / off lights (if they have smart devices)

That’s really it. I’ve had a Google Home setup with a mini speaker in most rooms of my house, and a Home compatible smart display in the kitchen. My wife uses the kitchen one to set and check timers whenever she’s cooking. The minis get used to mostly turn on / off lights (all lights are controlled by smart switches). We do play music, but fairly rarely since they don’t sound super great. She tried using the screen to look up recipes, but it was too small to be really useful so we set up an old computer with a 21” screen for that use instead.

The annoying thing is that since I got “upgraded” from the previous Google Assistant to Gemini, the time to complete a task went from 1-3 seconds on average to about 10-15 seconds on average. They cost Google more now, they take longer, and they still don’t do anything better for me. I regret performing the upgrade and wish there was an undo button so I could go back to the fast, but dumb, assistant as that worked quite well for my needs.

Re:Even if the features appealed…

By BeaverCleaver • Score: 5, Interesting Thread

I don’t get the AI companies’ fascination with voice-only input and audio-only output. It’s a strict subset of what the device in people’s hands can already do. Further, every single product that has aimed for this has flopped and you would think they would get the hint by now…

Voice input will always be less accurate than writing. Voice output will always be slower than displaying writing on a screen. Input accuracy is even worse if you don’t have a perfect mid-atlantic accent.

I can only come up with two explanations for why companies (not just “AI” companies) keep trying to force this on us.
1. They have so much money they don’t care, or they are using investors’ money and have a robust contract in place so it’s OK if they waste the money.
2. The profit from selling all the data from inside your house is worth loads of money. I can see how knowing exactly what is being said in every household could be valuable to many different customers: advertisers, governments, health insurers.... note also that none of these customers have your best interests at heart. It gets even worse if you work from home and these devices can listen to confidential business calls.

I don’t allow any such devices in my house. If I visit people who do have such devices, it’s fun to mess with them. Obligatory XKCD: https://xkcd.com/1807/

Re:what?

By Morromist • Score: 5, Funny Thread

I can kinda see what they’re thinking:

“we could make it a phone app but we want to sell a physical object, and if it was just a thing with a screen it might as well be an app, so we’ll make it a speaker, which could also be an app, but is sorta more divorced from the phone I guess. HEY get off our backs we don’t have any new ideas, we just need to keep building the possibility we may become a huge apple-like company by saying we’re developing this device WHICH WILL BE REVOLUTIONARY. Also old people don’t know how to use AI -or phones really- but they sure as hell know how to yell at smart speakers!”

Google Images Gets a Pinterest-Like Redesign Focused On Discovery

Posted by BeauHD View on SlashDot
Google Images is getting a Pinterest-like redesign that turns image search into a personalized discovery feed, with “For You” galleries, real-time updates, and collections for saving visual ideas. “Google is also adding a way for users to create AI images right in Search, as it celebrates 25 years since the debut of Google Images,” reports TechCrunch. From the report:
After navigating to the redesigned Google Images, users will see a “For You” gallery of images tailored to their interests and browsing history. Like Pinterest, the gallery is designed for continuous browsing, with Google saying it updates in real time with new images. As users browse, they can save ideas to their “collections,” which will appear as tabs above the main gallery of photos. For example, users can create collections for things like vacation outfit ideas, travel inspiration, and ways to design a reading nook, which they can come back to later.

[…] As for generating images directly in Search, Google says the feature is meant for moments when you have a highly specific idea for an image that doesn’t already exist online. Google is bringing image generation directly into AI Overviews on Search and will use its latest Nano Banana model to transform a text prompt into a custom visual. The feature can also help users reimagine spaces and visualize ideas, such as seeing what a room might look like painted red or what a dorm room with a coastal theme could look like.

Pinterest ruined Google’s image search

By SoCalChris • Score: 4, Insightful Thread

JFC, Pinterest absolutely ruined Google’s image search results years ago. Now they’re trying to emulate that?

Anybody have any better alternatives?

Wrong discovery

By devslash0 • Score: 4, Insightful Thread

The only discovery they should be focusing on is making it easier for me to find the exact image I’m looking for.

Re: “Focused on Discovery”

By devslash0 • Score: 4, Interesting Thread

Because it’s all made for marketing. Nothing more, nothing less. If they can convince someone that their content will get more exposure, the disillusioned customer may actually pay for it. That’s all there is to it. Marketing and money.

Re:Wrong discovery

By jenningsthecat • Score: 5, Insightful Thread

The only discovery they should be focusing on is making it easier for me to find the exact image I’m looking for.

Their goal is to tell you what you want, not to give you what you want. You seem to be under the mistaken impression that you’re the customer and not the product.

Too late

By PPH • Score: 3 Thread

Yandex image search left Google in the dust some time ago.