Posted by BeauHD from Slashdot
From the so-far-so-good department: An anonymous reader quotes a report from the Washington Post: The Biden administration marked the close of tax season Monday by announcing it had met a modest goal of getting at least 100,000 taxpayers to file through the Internal Revenue Service's new tax software, Direct File -- an alternative to commercial tax preparers. Although the government had billed Direct File as a small-scale pilot, it still represents one of the most significant experiments in tax filing in decades -- a free platform letting Americans file online directly to the government. Monday's announcement aside, though, Direct File's success has proven highly subjective.

By and large, people who tried the Direct File software -- which looks a lot like TurboTax or other commercial tax software, with its question-and-answer format -- gave it rave reviews. "Against all odds, the government has created an actually good piece of technology," a writer for the Atlantic marveled, describing himself as "giddy" as he used the website to chat live with a helpful IRS employee. The Post's Tech Friend columnist Shira Ovide called it "visible proof that government websites don't have to stink." Online, people tweeted praise after filing their taxes, like the user who called it the "easiest tax experience of my life."

< This article continues on their website >
Posted by BeauHD from Slashdot
From the better-late-than-never department: Roku has made two-factor authentication (2FA) mandatory for all users following two credential stuffing attacks that compromised approximately 591,000 customer accounts and led to unauthorized purchases in fewer than 400 cases. The Register reports: Credential stuffing and password spraying are both fairly similar types of brute force attacks, but the former uses known pairs of credentials (usernames and passwords). The latter simply spams common passwords at known usernames in the hope one of them leads to an authenticated session. "There is no indication that Roku was the source of the account credentials used in these attacks or that Roku's systems were compromised in either incident," it said in an update to customers. "Rather, it is likely that login credentials used in these attacks were taken from another source, like another online account, where the affected users may have used the same credentials."

All accounts now require 2FA to be implemented, whether they were affected by the wave of compromises or not. Roku has more than 80 million active accounts, so only a minority were affected, and these have all been issued mandatory password resets. Compromised or not, all users are encouraged to create a strong, unique password for their accounts, consisting of at least eight characters, including a mix of numbers, symbols, and letter cases. [...] Roku also asked users to remain vigilant to suspicious activity regarding its service, such as phishing emails or clicking on dodgy links to rest passwords -- the usual stuff. "In closing, we sincerely regret that these incidents occurred and any disruption they may have caused," it said. "Your account security is a top priority, and we are committed to protecting your Roku account."
Posted by BeauHD from Slashdot
From the taking-matters-into-his-own-hands department: Michael Larabel reports via Phoronix: Within yesterday's Linux 6.9-rc4 release is an interesting little nugget by Linus Torvalds to battle Kconfig parsers that can't correctly handle tabs but rather just assume spaces for whitespace for this kernel configuration format. Due to a patch having been queued last week to replace a tab with a space character in the kernel tracing Kconfig file, Linus Torvalds decided to take matters into his own hand for Kconfig parsers that can't deal with tabs... Torvalds authored a patch to intentionally add some tabs of his own into Kconfig for throwing off any out-of-tree/third-party parsers that can't correctly handle them. Torvalds added these intentional hidden tabs to the common Kconfig file for handling page sizes for the kernel. Thus sure to cause dramatic and noticeable breakage for any parsers not having tabs correctly.
Posted by Ethan Gach from Kotaku
Destiny 2 is back on the menu thanks to a brilliant new horde mode called Onslaught. As players return to the sci-fi shooter MMO in droves following the free Into The Light update that’s been showering them with loot, a lot of you are no doubt behind on the latest top gear. Fortunately, Apex Predator is arguably the…

< This article continues on their website >
Posted by BeauHD from Slashdot
From the would-you-look-at-that department: An anonymous reader quotes a report from TechCrunch: Dropout's Dungeons & Dragons actual play show, Dimension 20, is getting pretty close to selling out a 19,000-seat venue just hours after ticket sales opened to the general public. To the uninitiated, it may seem absurd to go to a massive sports arena and watch people play D&D. As one Redditor commented, "This boggles my mind. When I was playing D&D in the early eighties, I would have never believed that there was a future where people would watch live D&D at Madison Square Garden. It's incomprehensible to me." It is indeed bizarre, albeit fun. But in this monumental moment for the actual play genre, the triumph is eclipsed by the biggest frustration that links sports, music and now D&D fans: Ticketmaster. As Federal Trade Commission chair Lina Khan said amid the Taylor Swift-Ticketmaster scandal, the company's failures "ended up converting more Gen Zers into anti-monopolists overnight than anything [she] could have done."

< This article continues on their website >
Posted by msmash from Slashdot
From the security-woes department: The U.S. government is warning that smart locks securing entry to an estimated 50,000 dwellings nationwide contain hard-coded credentials that can be used to remotely open any of the locks. Krebs on SecurityL: The lock's maker Chirp Systems remains unresponsive, even though it was first notified about the critical weakness in March 2021. Meanwhile, Chirp's parent company, RealPage, Inc., is being sued by multiple U.S. states for allegedly colluding with landlords to illegally raise rents. On March 7, 2024, the U.S. Cybersecurity & Infrastructure Security Agency (CISA) warned about a remotely exploitable vulnerability with "low attack complexity" in Chirp Systems smart locks.

"Chirp Access improperly stores credentials within its source code, potentially exposing sensitive information to unauthorized access," CISA's alert warned, assigning the bug a CVSS (badness) rating of 9.1 (out of a possible 10). "Chirp Systems has not responded to requests to work with CISA to mitigate this vulnerability." Matt Brown, the researcher CISA credits with reporting the flaw, is a senior systems development engineer at Amazon Web Services. Brown said he discovered the weakness and reported it to Chirp in March 2021, after the company that manages his apartment building started using Chirp smart locks and told everyone to install Chirp's app to get in and out of their apartments.
Posted by Kenneth Shepard from Kotaku
Two years after he made his debut in Sonic the Hedgehog 2, we finally know who is voicing Shadow the Hedgehog in Paramount’s live-action movies. Keanu Reeves of The Matrix, Cyberpunk 2077, and John Wick fame is voicing the Ultimate Lifeform in Sonic the Hedgehog 3.

< This article continues on their website >
Posted by msmash from Slashdot
From the rundown department: Top takeaways from Stanford's new AI Index Report [PDF]: 1. AI beats humans on some tasks, but not on all. AI has surpassed human performance on several benchmarks, including some in image classification, visual reasoning, and English understanding. Yet it trails behind on more complex tasks like competition-level mathematics, visual commonsense reasoning and planning.
2. Industry continues to dominate frontier AI research. In 2023, industry produced 51 notable machine learning models, while academia contributed only 15. There were also 21 notable models resulting from industry-academia collaborations in 2023, a new high.
3. Frontier models get way more expensive. According to AI Index estimates, the training costs of state-of-the-art AI models have reached unprecedented levels. For example, OpenAI's GPT-4 used an estimated $78 million worth of compute to train, while Google's Gemini Ultra cost $191 million for compute.
4. The United States leads China, the EU, and the U.K. as the leading source of top AI models. In 2023, 61 notable AI models originated from U.S.-based institutions, far outpacing the European Union's 21 and China's 15.
5. Robust and standardized evaluations for LLM responsibility are seriously lacking. New research from the AI Index reveals a significant lack of standardization in responsible AI reporting. Leading developers, including OpenAI, Google, and Anthropic, primarily test their models against different responsible AI benchmarks. This practice complicates efforts to systematically compare the risks and limitations of top AI models.
6. Generative AI investment skyrockets. Despite a decline in overall AI private investment last year, funding for generative AI surged, nearly octupling from 2022 to reach $25.2 billion. Major players in the generative AI space, including OpenAI, Anthropic, Hugging Face, and Inflection, reported substantial fundraising rounds.
< This article continues on their website >
Posted by Zack Zwiezen from Kotaku
FPS Fest, a large Steam sales event featuring big and small PC shooters is happening right now, and we’ve got a list of some of the biggest and best deals to grab before the event ends later this month.

< This article continues on their website >
Posted by Moises Taveras from Kotaku
Amazon’s Fallout show is, miraculously, pretty fun and great. It manages to capture the satire of the games and somehow makes it even sharper by trimming much of their fat. Because of this, the elements which the show lifts from the games feel like they’re lent even more space to shine prominently, and this is…

< This article continues on their website >
Posted by Kenneth Shepard from Kotaku
It’s not often that I kick down someone’s door and get real close to their face to tell them something Homer Simpson-style, but dear readers, one of the best games of 2021 is so cheap right now it’s practically a steal. If you haven’t played Before Your Eyes, it’s available on Steam for real cheap for a few more days.…

< This article continues on their website >
Posted by msmash from Slashdot
From the owning-vs-renting department: Ubisoft has come under fire from players who claim the company has revoked access to a game they had previously purchased. Users attempting to launch "The Crew" on Ubisoft Connect are met with a message stating, "You no longer have access to this game. Why not check the Store to pursue your adventures?" The game has also been moved to a separate "inactive games" section in players' libraries.

While the game can still be launched, it reportedly only plays a limited demo version. Ubisoft has yet to comment on the matter, but some speculate that the decision may be related to the game's reliance on servers that are no longer operational. The incident has sparked concerns among gamers about the control platform holders have over digital purchases. Ubisoft's subscription boss, Philippe Tremblay, recently stated that players will need to get "comfortable" with not owning games.
Posted by Tony_Bacala from The Toyark


Earlier today the Marvel team at Hasbro held a stream revealing new Marvel 85th Anniversary figures.  Included were comic inspired figs from all eras including SKAAR, Warbird, Wolverine, Spider-Man, Ghost Rider, Iron Fist and Luke Cage.  Read on to check ...

The post Marvel Legends Marvel 85th Anniversary Figures – Official Pics and Info appeared first on The Toyark - News.
Posted by Willa Rowe from Kotaku
As I play through the sci-fi adventure that is Harold Halibut, I am often reminded of walking through an aquarium. It’s partially because the game’s gorgeous environments are submerged in, but it’s also because I feel a childlike frustration at the events unfolding in front of me. Like a kid tapping the glass in hopes…

< This article continues on their website >
Posted by msmash from Slashdot
From the shape-of-things-to-come department: The UK is starting to draft regulations to govern AI, focusing on the most powerful language models which underpin OpenAI's ChatGPT, Bloomberg News reported Monday, citing people familiar with the matter. From the report: Policy officials at the Department for Science, Innovation and Technology are in the early stages of devising legislation to limit potential harms caused by the emerging technology, according to the people, who asked not to be identified discussing undeveloped proposals. No bill is imminent, and the government is likely to wait until France hosts an AI conference either later this year or early next to launch a consultation on the topic, they said.

Prime Minister Rishi Sunak, who hosted the first world leaders' summit on AI last year and has repeatedly said countries shouldn't "rush to regulate" AI, risks losing ground to the US and European Union on imposing guardrails on the industry. The EU passed a sweeping law to regulate the technology earlier this year, companies in China need approvals before producing AI services and some US cities and states have passed laws limiting use of AI in specific areas.
Posted by Kenneth Shepard from Kotaku
Respawn’s hero shooter battle royale Apex Legends is an incredibly inclusive game for the queer community. It has several playable LGBTQIA+ legends, has given players Pride Flag cosmetics to showcase their identities in-game, and developer Respawn even put a statement supporting trans rights in the game itself. After…

< This article continues on their website >
Posted by Zack Zwiezen from Kotaku
A recent update for Bethesda’s popular post-apocalyptic spin-off, Fallout Shelter, added some characters from the Amazon Prime live-action TV show adaptation to the base-building game. While it’s fun that you can now have some of these characters, like Lucy and Maximus, in your own digital vault, it also reveals their

< This article continues on their website >
Posted by Ethan Gach from Kotaku
The 2024 gaming release calendar has hit a bit of a lull, and a conveniently timed GameStop sale on used games is a great way to quickly catch up on all of the biggest games you may have missed from earlier this year and beyond. A buy 2, get 1 free promotion will let you scoop up new hits like Dragon’s Dogma 2 and Tekk…

< This article continues on their website >
Posted by msmash from Slashdot
From the closer-look department: Abstract of a paper on Nature: Music is ubiquitous in our everyday lives, and lyrics play an integral role when we listen to music. The complex relationships between lyrical content, its temporal evolution over the last decades, and genre-specific variations, however, are yet to be fully understood. In this work, we investigate the dynamics of English lyrics of Western, popular music over five decades and five genres, using a wide set of lyrics descriptors, including lyrical complexity, structure, emotion, and popularity.

We find that pop music lyrics have become simpler and easier to comprehend over time: not only does the lexical complexity of lyrics decrease (for instance, captured by vocabulary richness or readability of lyrics), but we also observe that the structural complexity (for instance, the repetitiveness of lyrics) has decreased. In addition, we confirm previous analyses showing that the emotion described by lyrics has become more negative and that lyrics have become more personal over the last five decades. Finally, a comparison of lyrics view counts and listening counts shows that when it comes to the listeners' interest in lyrics, for instance, rock fans mostly enjoy lyrics from older songs; country fans are more interested in new songs' lyrics.
Posted by msmash from Slashdot
From the justice-served department: An anonymous reader shares a report: Shakeeb Ahmed, a cybersecurity engineer convicted of stealing around $12 million in crypto, was sentenced on Friday to three years in prison. In a press release, the U.S. Attorney for the Southern District of New York announced the sentence. Ahmed was accused of hacking into two cryptocurrency exchanges, and stealing around $12 million in crypto, according to prosecutors.

Adam Schwartz and Bradley Bondi, the lawyers representing Ahmed, did not immediately respond to a request for comment. When Ahmed was arrested last year, the authorities described him as "a senior security engineer for an international technology company." His LinkedIn profile said he previously worked at Amazon. But he wasn't working there at the time of his arrest, an Amazon spokesperson told TechCrunch. While the name of one of his victims was never disclosed, Ahmed reportedly hacked into Crema Finance, a Solana-based crypto exchange, in early July 2022.
© Z-R0E