Tech News
Grammarly Rebrands To 'Superhuman,' Launches a New AI Assistant
technology - Posted On:2025-10-29 18:45:00 Source: slashdot
Grammarly is rebranding itself as "Superhuman" following its acquisition of the email client, while keeping its existing product names for now. Along with the rebrand, the company is launching "Superhuman Go," an AI assistant that integrates with tools like Gmail, Jira, and Google Drive to enhance writing and automate productivity tasks. "The assistant can use these connections to do tasks like logging tickets or fetching your availability when you're scheduling a meeting," adds TechCrunch. "Superhuman said it plans to add functionality to enable the assistant to fetch data from sources like CRMs and internal systems to suggest changes to your emails." "Users can try Superhuman Go by turning on a toggle in the Grammarly extension, which will let them connect it to different apps. Users can also try out different agents in the company's agent store, which include a plagiarism checker and a proofreader, launched in August." Read more of this story at Slashdot.
FCC's Gomez Slams Move To Revise Broadband Labels as 'Anti-Consumer'
technology - Posted On:2025-10-29 17:30:00 Source: slashdot
An anonymous reader shares a report: The FCC adopted a notice of proposed rulemaking (NPRM) to rescind and revise certain rules attached to consumer broadband labels. The measure passed on a two-to-one vote, with Commissioner Anna Gomez, the lone Democrat on the FCC, voting no and calling the notice "one of the most anti-consumer items I have seen." The vote was held at the Commission's open meeting for the month of October. As per a draft notice circulated earlier this month, the FCC is looking to roll back several rules, including requirements that service providers read the label to consumers via phone, itemize state and local pass-through fees, and display labels in consumer account portals, among others. Advocates at Public Knowledge urged the Commission to reconsider, saying in a recent filing that "the Commission could create a permission structure for ISPs to continue to act without accountability." In her remarks during Tuesday's open meeting, Commissioner Gomez appeared to concur, depicting the move as "anti-consumer" and counter to the goals of Congress. The FCC was mandated via the 2021 Infrastructure Investment and Jobs Act (IIJA) to create rules for implementing consumer broadband labels. After a lengthy rulemaking process and discussions with industry and consumer groups, ISPs were required to start displaying labels in 2024. "I typically vote in favor of notices of proposed rulemaking because I believe in asking balanced questions, even on proposals that I dislike, so that we can encourage fruitful and helpful public comment. Answers to tough questions help us strike the right balance so that our rules can both encourage competition and serve consumers. However, the questions posed in this NPRM are so anti-consumer that I could not bring myself to even agree to them," said Gomez. Gomez stressed that the notice will harm consumers by enabling ISPs to hide add-on fees and stripping people of their ability to access information in their own language. Moreover, added Gomez, it's unclear why the FCC is doing this. "What adds insult to injury is that the FCC does not even explain why this proposal is necessary. Make it make sense," she added. Read more of this story at Slashdot.
Google Chrome Will Finally Default To Secure HTTPS Connections Starting in April
technology - Posted On:2025-10-29 15:30:00 Source: slashdot
An anonymous reader shares a report: The transition to the more-secure HTTPS web protocol has plateaued, according to Google. As of 2020, 95 to 99 percent of navigations in Chrome use HTTPS. To help make it safer for users to click on links, Chrome will enable a setting called Always Use Secure Connections for public sites for all users by default. This will happen in October 2026 with the release of Chrome 154. The change will happen earlier for those who have switched on Enhanced Safe Browsing protections in Chrome. Google will enable Always Use Secure Connections by default in April when Chrome 147 drops. When this setting is on, Chrome will ask for your permission before it first accesses a public website that doesn't use HTTPS. Read more of this story at Slashdot.
'ChatGPT's Atlas: The Browser That's Anti-Web'
it - Posted On:2025-10-29 15:00:01 Source: slashdot
Blogger and technologist Anil Dash, writing about OpenAI's recently launched browser, Atlas: When I first got Atlas up and running, I tried giving it the easiest and most obvious tasks I could possibly give it. I looked up "Taylor Swift showgirl" to see if it would give me links to videos or playlists to watch or listen to the most popular music on the charts right now; this has to be just about the easiest possible prompt. The results that came back looked like a web page, but they weren't. Instead, what I got was something closer to a last-minute book report written by a kid who had mostly plagiarized Wikipedia. The response mentioned some basic biographical information and had a few photos. Now we know that AI tools are prone to this kind of confabulation, but this is new, because it felt like I was in a web browser, typing into a search box on the Internet. And here's what was most notable: there was no link to her website. I had typed "Taylor Swift" in a browser, and the response had literally zero links to Taylor Swift's actual website. If you stayed within what Atlas generated, you would have no way of knowing that Taylor Swift has a website at all. Unless you were an expert, you would almost certainly think I had typed in a search box and gotten back a web page with search results. But in reality, I had typed in a prompt box and gotten back a synthesized response that superficially resembles a web page, and it uses some web technologies to display its output. Instead of a list of links to websites that had information about the topic, it had bullet points describing things it thought I should know. There were a few footnotes buried within some of those response, but the clear intent was that I was meant to stay within the AI-generated results, trapped in that walled garden. During its first run, there's a brief warning buried amidst all the other messages that says, "ChatGPT may give you inaccurate information", but nobody is going to think that means "sometimes this tool completely fabricates content, gives me a box that looks like a search box, and shows me the fabricated content in a display that looks like a web page when I type in the fake search box." And it's not like the generated response is even that satisfying. Read more of this story at Slashdot.
China Bars Influencers From Discussing Professional Topics Without Relevant Degrees
technology - Posted On:2025-10-29 12:15:00 Source: slashdot
schwit1 writes: China has enacted a new law regulating social media influencers, requiring them to hold verified professional qualifications before posting content on sensitive topics such as medicine, law, education, and finance, IOL reported. The new law went into effect on Saturday. The regulation was introduced by the Cyberspace Administration of China (CAC) as part of its broader effort to curb misinformation online. Under the new rules, influencers must prove their expertise through recognized degrees, certifications, or licenses before discussing regulated subjects. Major platforms such as Douyin (China's TikTok), Bilibili, and Weibo are now responsible for verifying influencer credentials and ensuring that content includes clear citations, disclaimers, and transparency about sources. Audiences expect influencers to be both creative and credible. Yet when they blur the line between opinion and expertise, the impact can be severe. A single misleading financial tip could wipe out someone's savings. A viral health trend could cause real harm. That's why many believe it's time for creators to acknowledge the weight of their influence. However, China's new law raises deeper questions: Who defines "expertise"? What happens to independent creators who challenge official narratives but lack formal credentials? And how far can regulation go before it suppresses free thought? Read more of this story at Slashdot.
Society Will Accept a Death Caused By a Robotaxi, Waymo Co-CEO Says
technology - Posted On:2025-10-28 22:30:00 Source: slashdot
At TechCrunch Disrupt 2025, Waymo co-CEO Tekedra Mawakana said society will ultimately accept a fatal robotaxi crash as part of the broader tradeoff for safer roads overall. TechCrunch reports: The topic of a fatal robotaxi crash came up during Mawakana's interview with Kristen Korosec, TechCrunch's transportation editor, during the first day of the outlet's annual Disrupt conference in San Francisco. Korosec asked Mawakana about Waymo's ambitions and got answer after answer about the company's all-consuming focus on safety. The most interesting part of the interview arrived when Korosec brought on a thought experiment. What if self-driving vehicles like Waymo and others reduce the number of traffic fatalities in the United States, but a self-driving vehicle does eventually cause a fatal crash, Korosec pondered. Or as she put it to the executive: "Will society accept that? Will society accept a death potentially caused by a robot?" "I think that society will," Mawakana answered, slowly, before positioning the question as an industrywide issue. "I think the challenge for us is making sure that society has a high enough bar on safety that companies are held to." She said that companies should be transparent about their records by publishing data about how many crashes they're involved in, and she pointed to the "hub" of safety information on Waymo's website. Self-driving cars will dramatically reduce crashes, Mawakana said, but not by 100%: "We have to be in this open and honest dialogue about the fact that we know it's not perfection." Circling back to the idea of a fatal crash, she said, "We really worry as a company about those days. You know, we don't say 'whether.' We say 'when.' And we plan for them." Korosec followed up, asking if there had been safety issues that prompted Waymo to "pump the breaks" on its expansion plans throughout the years. The co-CEO said the company pulls back and retests "all the time," pointing to challenges with blocking emergency vehicles as an example. "We need to make sure that the performance is backing what we're saying we're doing," she said. [...] "If you are not being transparent, then it is my view that you are not doing what is necessary in order to actually earn the right to make the roads safer," Mawakana said. Read more of this story at Slashdot.
Nvidia's New Product Merges AI Supercomputing With Quantum
technology - Posted On:2025-10-28 21:45:00 Source: slashdot
NVIDIA has introduced NVQLink, an open system architecture that directly connects quantum processors with GPU-based supercomputers. The Quantum Insider reports: The new platform connects the high-speed, high-throughput performance of NVIDIA's GPU computing with quantum processing units (QPUs), allowing researchers to manage the intricate control and error-correction workloads required by quantum devices. According to a NVIDIA statement, the system was developed with guidance from researchers at major U.S. national laboratories including Brookhaven, Fermi, Lawrence Berkeley, Los Alamos, MIT Lincoln, Oak Ridge, Pacific Northwest, and Sandia. Qubits, the basic units of quantum information, are extremely sensitive to noise and decoherence, making them prone to errors. Correcting and stabilizing these systems requires near-instantaneous feedback and coordination with classical processors. NVQLink is meant to meet that demand by providing an open, low-latency interconnect between quantum processors, control systems, and supercomputers -- effectively creating a unified environment for hybrid quantum applications. The architecture offers a standardized, open approach to quantum integration, aligning with the company's CUDA-Q software platform to enable researchers to develop, test, and scale hybrid algorithms that draw simultaneously on CPUs, GPUs, and QPUs. The U.S. Department of Energy (DOE) -- which oversees several of the participating laboratories -- framed NVQLink as part of a broader national effort to sustain leadership in high-performance computing, according to NVIDIA. Read more of this story at Slashdot.
Jensen Huang Introduces NVQLink To Bridge Quantum and Classical Computing
technology - Posted On:2025-10-28 14:30:01 Source: slashdot
Jensen Huang unveiled NVQLink at Nvidia's Washington conference on Tuesday. The interconnect links quantum processors to the AI supercomputers they require to function effectively. Nvidia is not building its own quantum computers but is positioning itself as critical infrastructure for the technology's future. Quantum processors harness principles of quantum physics to solve problems classical computers cannot address, but they need classical supercomputers to perform calculations beyond their capability and to correct the errors that naturally occur in their outputs. Tim Costa, Nvidia's general manager of industrial engineering and quantum, said AI will be necessary for full-scale error correction. Earlier attempts to integrate quantum processors with AI supercomputers failed to deliver the speed and scale needed for fast error correction at scale. Nvidia developed NVQLink with more than a dozen quantum companies including IonQ, Quantinuum and Infleqtion and worked with national labs including Sandia, Oak Ridge and Fermi. The interconnect operates on open architecture and works across different quantum modalities including trapped ion, superconducting and photonic systems. Costa declined to predict when quantum computing will produce meaningful commercial value, though some quantum companies estimate two to four years. Read more of this story at Slashdot.
China Dives in on the World's First Wind-Powered Undersea Data Center
technology - Posted On:2025-10-28 13:45:00 Source: slashdot
China has completed the first phase of what it claims is the world's first underwater data center in Shanghai's Lingang Special Area. The facility cost roughly 1.6 billion yuan ($226 million) and operates on twenty-four megawatts of power drawn entirely from wind energy. Seawater acts as a natural cooling system for the submerged servers. Traditional land-based data centers devote up to 50% of their energy consumption to air conditioning. The underwater design reduces cooling energy demand to less than 10%. The first phase is designed to achieve a power usage effectiveness rating of no more than 1.15. More than 95% of the facility's electricity comes from offshore wind turbines in the East China Sea. The project reduces land usage by more than 90% and eliminates the need for fresh water. The main contractors signed an agreement to launch another offshore wind-powered underwater data center with a capacity of 500 megawatts. Read more of this story at Slashdot.
Signal Chief Explains Why the Encrypted Messenger Relies on AWS
it - Posted On:2025-10-28 13:00:00 Source: slashdot
An anonymous reader shares a report: After last week's major AWS outage took Signal along with it, Elon Musk was quick to criticize the encrypted messaging app's reliance on big tech. But Signal president Meredith Whittaker argues that the company didn't have any other choice but to use AWS or another major cloud provider. "The problem here is not that Signal 'chose' to run on AWS," Whittaker writes in a series of posts on Bluesky. "The problem is the concentration of power in the infrastructure space that means there isn't really another choice: the entire stack, practically speaking, is owned by 3-4 players." In the thread, Whittaker says the number of people who didn't realize Signal uses AWS is "concerning," as it indicates they aren't aware of just how concentrated the cloud infrastructure industry is. "The question isn't 'why does Signal use AWS?'" Whittaker writes. "It's to look at the infrastructural requirements of any global, real-time, mass comms platform and ask how it is that we got to a place where there's no realistic alternative to AWS and the other hyperscalers." Read more of this story at Slashdot.
Study Finds Growing Social Circles May Fuel Polarization
technology - Posted On:2025-10-27 21:45:00 Source: slashdot
A new study from the Complexity Science Hub Vienna finds that as people's close social circles expanded from two to five friends around the rise of social media (2008-2010), polarization in society spiked. "The connection between these two developments could provide a fundamental explanation for why societies around the world are increasingly fragmenting into ideological bubbles," reports Phys.org. From the report: The researchers' findings confirm that increasing polarization is not merely perceived -- it is measurable and objectively occurring. "And this increase happened suddenly, between 2008 and 2010," says [says Stefan Thurner from the Complexity Science Hub (CSH)]. The question remained: what caused it? [...] The sharp rise in both polarization and the number of close friends occurred between 2008 and 2010 -- precisely when social media platforms and smartphones first achieved widespread adoption. This technological shift may have fundamentally changed how people connect with each other, indirectly promoting polarization. "Democracy depends on all parts of society being involved in decision-making, which requires that everyone be able to communicate with each other. But when groups can no longer talk to each other, this democratic process breaks down," emphasizes Stefan Thurner. Tolerance plays a central role. "If I have two friends, I do everything I can to keep them -- I am very tolerant towards them. But if I have five and things become difficult with one of them, it's easier to end that friendship because I still have 'backups.' I no longer need to be as tolerant," explains Thurner. What disappears as a result is a societal baseline of tolerance -- a development that could contribute to the long-term erosion of democratic structures. To prevent societies from increasingly fragmenting, Thurner emphasizes the importance of learning early how to engage with different opinions and actively cultivating tolerance. The research was published in Proceedings of the National Academy of Sciences. Read more of this story at Slashdot.
Ransomware Profits Drop As Victims Stop Paying Hackers
it - Posted On:2025-10-27 20:15:00 Source: slashdot
An anonymous reader quotes a report from BleepingComputer: The number of victims paying ransomware threat actors has reached a new low, with just 23% of the breached companies giving in to attackers' demands. With some exceptions, the decline in payment resolution rates continues the trend that Coveware has observed for the past six years. In the first quarter of 2024, the payment percentage was 28%. Although it increased over the next period, it continued to drop, reaching an all-time low in the third quarter of 2025. One explanation for this is that organizations implemented stronger and more targeted protections against ransomware, and authorities increasing pressure for victims not to pay the hackers. [...] Over the years, ransomware groups moved from pure encryption attacks to double extortion that came with data theft and the threat of a public leak. Coveware reports that more than 76% of the attacks it observed in Q3 2025 involved data exfiltration, which is now the primary objective for most ransomware groups. The company says that when it isolates the attacks that do not encrypt the data and only steal it, the payment rate plummets to 19%, which is also a record for that sub-category. The average and median ransomware payments fell in Q3 compared to the previous quarter, reaching $377,000 and $140,000, respectively, according to Coveware. The shift may reflect large enterprises revising their ransom payment policies and recognizing that those funds are better spent on strengthening defenses against future attacks. The researchers also note that threat groups like Akira and Qilin, which accounted for 44% of all recorded attacks in Q3 2025, have switched focus to medium-sized firms that are currently more likely to pay a ransom. "Cyber defenders, law enforcement, and legal specialists should view this as validation of collective progress," Coveware says. "The work that gets put in to prevent attacks, minimize the impact of attacks, and successfully navigate a cyber extortion -- each avoided payment constricts cyber attackers of oxygen." Read more of this story at Slashdot.
More Than 60 UN Members Sign Cybercrime Treaty Opposed By Rights Groups
it - Posted On:2025-10-27 11:30:00 Source: slashdot
Countries signed their first UN treaty targeting cybercrime in Hanoi on Saturday, despite opposition from an unlikely band of tech companies and rights groups warning of expanded state surveillance. From a report: The new global legal framework aims to strengthen international cooperation to fight digital crimes, from child pornography to transnational cyberscams and money laundering. More than 60 countries were seen to sign the declaration Saturday, which means it will go into force once ratified by those states. UN Secretary General Antonio Guterres described the signing as an "important milestone", but that it was "only the beginning". "Every day, sophisticated scams, destroy families, steal migrants and drain billions of dollars from our economy... We need a strong, connected global response," he said at the opening ceremony in Vietnam's capital on Saturday. The UN Convention against Cybercrime was first proposed by Russian diplomats in 2017, and approved by consensus last year after lengthy negotiations. Critics say its broad language could lead to abuses of power and enable the cross-border repression of government critics. Read more of this story at Slashdot.
Mozilla to Require Data-Collection Disclosure in All New Firefox Extensions
technology - Posted On:2025-10-27 03:45:01 Source: slashdot
"Mozilla is introducing a new privacy framework for Firefox extensions that will require developers to disclose whether their add-ons collect or transmit user data..." reports the blog Linuxiac: The policy takes effect on November 3, 2025, and applies to all new Firefox extensions submitted to addons.mozilla.org. According to Mozilla's announcement, extension developers must now include a new key in their manifest.json files. This key specifies whether an extension gathers any personal data. Even extensions that collect nothing must explicitly state "none" in this field to confirm that no data is being collected or shared. This information will be visible to users at multiple points: during the installation prompt, on the extension's listing page on addons.mozilla.org, and in the Permissions and Data section of Firefox's about:addons page. In practice, this means users will be able to see at a glance whether a new extension collects any data before they install it. Read more of this story at Slashdot.
Microsoft Disables Preview In File Explorer To Block Attacks
technology - Posted On:2025-10-27 00:45:00 Source: slashdot
Slashdot reader joshuark writes: Microsoft says that the File Explorer (formerly Windows Explorer) now automatically blocks previews for files downloaded from the Internet to block credential theft attacks via malicious documents, according to a report from BleepingComputer. This attack vector is particularly concerning because it requires no user interaction beyond selecting a file to preview and removes the need to trick a target into actually opening or executing it on their system. For most users, no action is required since the protection is enabled automatically with the October 2025 security update, and existing workflows remain unaffected unless you regularly preview downloaded files. "This change is designed to enhance security by preventing a vulnerability that could leak NTLM hashes when users preview potentially unsafe files," Microsoft says in a support document published Wednesday. It is important to note that this may not take effect immediately and could require signing out and signing back in. Read more of this story at Slashdot.
GM Plans to Drop Apple CarPlay and Android Auto From All Its Cars
technology - Posted On:2025-10-26 20:00:00 Source: slashdot
GM plans to dump Apple CarPlay and Android Auto on all its car new vehicles "in the near future," reports the Verge. In an episode of the Verge's Decoder podcast, GM CEO Mary Barra confirmed the upcoming change to "phone projections" for GM cars: The timing is unclear, but Barra pointed to a major rollout of what the company is calling a new centralized computing platform, set to launch in 2028, that will involve eventually transitioning its entire lineup to a unified in-car experience. In place of phone projection, GM is working to update its current Android-powered infotainment implementation with a Google Gemini-powered assistant and an assortment of other custom apps, built both in-house and with partners. GM's 2023 decision to drop CarPlay and Android Auto support in its EVs has proved controversial, though for now GM has maintained support for phone projection in its gas-powered vehicles. Read more of this story at Slashdot.
Is AI Responsible for Job Cuts - Or Just a Good Excuse?
it - Posted On:2025-10-26 13:45:00 Source: slashdot
Has AI just become an easy excuse for firms looking to downsize, asks CNBC: Fabian Stephany, assistant professor of AI and work at the Oxford Internet Institute, said there might be more to job cuts than meets the eye. Previously there may have been some stigma attached to using AI, but now companies are "scapegoating" the technology to take the fall for challenging business moves such as layoffs. "I'm really skeptical whether the layoffs that we see currently are really due to true efficiency gains. It's rather really a projection into AI in the sense of 'We can use AI to make good excuses,'" Stephany said in an interview with CNBC. Companies can essentially position themselves at the frontier of AI technology to appear innovative and competitive, and simultaneously conceal the real reasons for layoffs, according to Stephany... Some companies that flourished during the pandemic "significantly overhired" and the recent layoffs might just be a "market clearance...." One founder, Jean-Christophe Bougl� even said in a popular LinkedIn post that AI adoption is at a "much slower pace" than is being claimed and in large corporations "there's not much happening" with AI projects even being rolled back due to cost or security concerns. "At the same time there are announcements of big layoff plans 'because of AI.' It looks like a big excuse, in a context where the economy in many countries is slowing down..." The Budget Lab, a non-partisan policy research center at Yale University, released a report on Wednesday which showed that U.S. labor has actually been little disrupted by AI automation since the release of ChatGPT in 2022... Additionally, New York Fed economists released research in early September which showed that AI use amongst firms "do not point to significant reductions in employment" across the services and manufacturing industry in the New York-Northern New Jersey region. Read more of this story at Slashdot.
How America's Transportation Department Blocked a Self-Driving Truck Company
technology - Posted On:2025-10-26 10:45:00 Source: slashdot
Reason.com explores the fortunes of Aurora Innovation, the first company to put heavy-duty commercial self-driving trucks on public roads (and hopes to expand routes to El Paso, Texas, and Phoenix by the end of the year): An obscure federal rule is slowing the self-driving revolution. When trucks break down, operators are required to place reflective warning cones and road flares around the truck to warn other motorists. The regulations areexacting: Within 10 minutes of stopping, three warning signals must be set in specific locations around the truck. Auroraaskedthe federal Department of Transportation (DOT) to allow warning beacons to be fixed to the truck itself — and activated when a truck becomes disabled. The warning beacons would face both forward and backward, would be more visible�than cones (particularly at night), and wouldn't burn out like road flares. Drivers of nonautonomous vehicles could also benefit from that rule change, as they would no longer have to walk into traffic to place the required safety signals. In December 2024, however, the Transportation Department denied Aurora's request for an exemption to the existing rules, even though regulatorsadmittedin theFederal Registerthat no evidence indicated the truck-mounted beacons would be less safe. Such a study is now underway, but it's unclear how long it will take to draw any conclusions. The article notes that Aurora has now filed a lawsuit in federal court that seeks to overturn the Transportation Department's denial... Thanks to long-time Slashdot reader schwit1 for sharing the article. Read more of this story at Slashdot.
Are Network Security Devices Endangering Orgs With 1990s-Era Flaws?
it - Posted On:2025-10-26 00:00:00 Source: slashdot
Critics question why basic flaws like buffer overflows, command injections, and SQL injections are "being exploited remain prevalent in mission-critical codebases maintained by companies whose core business is cybersecurity," writes CSO Online. Benjamin Harris, CEO of cybersecurity/penetration testing firm watchTowr tells them that "these are vulnerability classes from the 1990s, and security controls to prevent or identify them have existed for a long time. There is really no excuse." Enterprises have long relied on firewalls, routers, VPN servers, and email gateways to protect their networks from attacks. Increasingly, however, these network edge devices are becoming security liabilities themselves... Google's Threat Intelligence Group tracked 75 exploited zero-day vulnerabilities in 2024. Nearly one in three targeted network and security appliances, a strikingly high rate given the range of IT systems attackers could choose to exploit. That trend has continued this year, with similar numbers in the first 10 months of 2025, targeting vendors such as Citrix NetScaler, Ivanti, Fortinet, Palo Alto Networks, Cisco, SonicWall, and Juniper. Network edge devices are attractive targets because they are remotely accessible, fall outside endpoint protection monitoring, contain privileged credentials for lateral movement, and are not integrated into centralized logging solutions... [R]esearchers have reported vulnerabilities in these systems for over a decade with little attacker interest beyond isolated incidents. That shifted over the past few years with a rapid surge in attacks, making compromised network edge devices one of the top initial access vectors into enterprise networks for state-affiliated cyberespionage groups and ransomware gangs. The COVID-19 pandemic contributed to this shift, as organizations rapidly expanded remote access capabilities by deploying more VPN gateways, firewalls, and secure web and email gateways to accommodate work-from-home mandates. The declining success rate of phishing is another factor... "It is now easier to find a 1990s-tier vulnerability in a border device where Endpoint Detection and Response typically isn't deployed, exploit that, and then pivot from there" [says watchTowr CEL Harris]... Harris of watchTowr doesn't want to minimize the engineering effort it takes to build a secure system. But he feels many of the vulnerabilities discovered in the past two years should have been caught with automatic code analysis tools or code reviews, given how basic they have been. Some VPN flaws were "trivial to the point of embarrassing for the vendor," he says, while even the complex ones should have been caught by any organization seriously investing in product security... Another problem? These appliances have a lot of legacy code, some that is 10 years or older. Attackers may need to chain together multiple hard-to-find vulnerabilities across multiple components, the article acknowleges. And "It's also possible that attack campaigns against network-edge devices are becoming more visible to security teams because they are looking into what's happening on these appliances more than they did in the past... " The article ends with reactions from several vendors of network edge security devices. Thanks to Slashdot reader snydeq for sharing the article. Read more of this story at Slashdot.
Some Startups Are Demanding 12-Hour Days, Six Days a Week from Workers
it - Posted On:2025-10-25 11:45:00 Source: slashdot
The Washington Post reports on 996, "a term popularized in China that refers to a rigid work schedule in which people work from 9 a.m. to 9 p.m., six days a week..." As the artificial intelligence race heats up, many start-ups in Silicon Valley and New York are promoting hardcore culture as a way of life, pushing the limits of work hours, demanding that workers move fast to be first in the market. Some are even promoting 996 as a virtue in the hiring process and keeping "grind scores" of companies... Whoever builds first in AI will capture the market, and the window of opportunity is two to three years, "so you better run faster than everyone else," said Inaki Berenguer, managing partner of venture-capital firm LifeX Ventures. At San Francisco-based AI start-up Sonatic, the grind culture also allows for meal, gym and pickleball time, said Kinjal Nandy, its CEO. Nandy recently posted a job opening on X that requires in-person work seven days a week. He said working 10-hour days sounds like a lot but the company also offers its first hires perks such as free housing in a hacker house, food delivery credits and a free subscription to the dating service Raya... Mercor, a San Francisco-based start-up that uses AI to match people to jobs, recently posted an opening for a customer success engineer, saying that candidates should have a willingness to work six days a week, and it's not negotiable. "We know this isn't for everyone, so we want to put it up top," the listing reads. Being in-person rather than remote is a requirement at some start-ups. AI start-up StarSling had two engineering job descriptions that required six days a week of in-person work. In a job description for an engineer, Rilla, an AI company in New York, said candidates should not work at the company if they're not excited about working about 70 hours a week in person. One venture capitalist even started tracking "grind scores." Jared Sleeper, a partner at New York-based venture capital firm Avenir, recently ranked public software companies' "grind score" in a post on X, which went viral. Using data from Glassdoor, it ranks the percentage of employees who have a positive outlook for the company compared with their views on work-life balance. "At Google's AI division, cofounder Sergey Brin views 60 hours per week as the 'sweet spot' for productivity," notes the Independent: Working more than 55 hours a week, compared with a standard 35-40-hour week, is linked to a 35 percent higher risk of stroke and a 17 percent higher risk of death from heart disease, according to the World Health Organization. Productivity also suffers. A British study shows that working beyond 60 hours a week can reduce overall output, slow cognitive performance, and impair tasks ranging from call handling to problem-solving. Shorter workweeks, in contrast, appear to boost productivity. Microsoft Japan saw a roughly 40% increase in output after adopting a four-day work week. In a UK trial, 61 companies that tested a four-day schedule reported revenue gains, with 92 percent choosing to keep the policy, according to Bloomberg. Read more of this story at Slashdot.