Posted by EditorDavid from Slashdot
From the final-frontier department: 18 years ago Slashdot covered the creation of Spaceport America.
Today Space.com hails it as "the first purpose-built commercial spaceport in the world." But engineer/executive director Scott McLaughlin has plans to grow even more.
Already home to an array of commercial space industry tenants, such as Virgin Galactic, SpinLaunch, Up Aerospace, and Prismatic, Spaceport America is a "rocket-friendly environment of 6,000 square miles of restricted airspace, low population density, a 12,000-foot by 200-foot runway, vertical launch complexes, and about 340 days of sunshine and low humidity," the organization boasts on its website...
Space.com: What changes do you see that make Spaceport America even more viable today?
McLaughlin: I think opening ourselves up to doing different kinds of work. We're more like a civilian test range now. We've got high-altitude UAVs [Unmanned Aerial Vehicles]. We're willing to do engine production. We believe we're about to sign a data center, one that's able to provide services to our customers who want low-latency, artificial intelligence, or high-powered computing. You'll be able to rent some virtual machines and do your own thing and have it be instantaneous at the spaceport. So I think being more broadminded about what we can do at the spaceport is helping generate customers and revenue...
< This article continues on their website >
Posted by EditorDavid from Slashdot
From the big-Whoop department: Whoop fitness trackers had promised free upgrades to anyone who'd been a member for at least six months — and then reneged. "After customers began complaining, the company responded with a Reddit post, according to a report from TechCrunch:
Now, anyone with more than 12 months remaining on their subscription is eligible for a free upgrade to Whoop 5.0 (or a refund if they've already paid the fee). And customers with less than 12 months can extend their subscription to get the upgrade at no additional cost.
Whoop acknowledged that they'd previously said anyone who'd been a member for six months would receive a free upgrade. Friday they described that blog article as "incorrect". ("This was never our policy and should never have been posted... We removed that blog article... We're sorry for any confusion this may have caused.")
TechCrunch explains:
While the company said it's making these changes because it "heard your feedback," it also suggested that its apparent stinginess was tied to its transition from a [2021] model focused on monthly or six-month subscription plans to one where it only offers 12- and 24-month subscriptions...
There's been a mixed response to these changes on the Whoop subreddit, with one moderator describing it as a "win for the community." Other posters were more skeptical, with one writing, "You don't publish a policy by accident and keep it up for years. Removing it after backlash doesn't erase the fact [that] it is real."
Other changes announced by Whoop:
"If you purchased or renewed a WHOOP 4.0 membership in the last 30 days before May 8, your upgrade fee will be automatically waived at checkout..."
"If you've already upgraded to WHOOP 5.0 on Peak and paid a one-time upgrade fee despite having more than 12 months remaining, we'll refund that fee."
"Thank you for your feedback. We remain committed to delivering the best technology, experience, and value to our community."
Posted by EditorDavid from Slashdot
From the deal-or-no-deal department: OpenAI is currently in "a tough negotiation" with Microsoft, the Financial Times reports, citing "one person close to OpenAI."
On the road to building artificial general intelligence, OpenAI hopes to unlock new funding (and launch a future IPO), according to the article, which says both sides are at work "rewriting the terms of their multibillion-dollar partnership in a high-stakes negotiation...."
Microsoft, meanwhile, wants to protect its access to OpenAI's cutting-edge AI models...
[Microsoft] is a key holdout to the $260bn start-up's plans to undergo a corporate restructuring that moves the group further away from its roots as a non-profit with a mission to develop AI to "benefit humanity". A critical issue in the deliberations is how much equity in the restructured group Microsoft will receive in exchange for the more than $13bn it has invested in OpenAI to date.
According to multiple people with knowledge of the negotiations, the pair are also revising the terms of a wider contract, first drafted when Microsoft first invested $1bn into OpenAI in 2019. The contract currently runs to 2030 and covers what access Microsoft has to OpenAI's intellectual property such as models and products, as well as a revenue share from product sales. Three people with direct knowledge of the talks said Microsoft is offering to give up some of its equity stake in OpenAI's new for-profit business in exchange for accessing new technology developed beyond the 2030 cut off...
< This article continues on their website >
Posted by EditorDavid from Slashdot
From the thanks-for-the-memory department: "When Rust developers think of us C++ folks, they picture a cursed bloodline," writes professional game developer Mamadou Babaei (also a *nix enthusiast who contributes to the FreeBSD Ports collection). "To them, every line of C++ we write is like playing Russian Roulette — except all six chambers are loaded with undefined behavior."
But you know what? We don't need a compiler nanny. No borrow checker. No lifetimes. No ownership models. No black magic. Not even Valgrind is required. Just raw pointers, raw determination, and a bit of questionable sanity.
He's created a video on "how to hunt down memory leaks like you were born with a pointer in one hand and a debugger in the other." (It involves using a memory leak tracker — specifically, Visual Studio's _CrtDumpMemoryLeaks, which according to its documentation "dumps all the memory blocks in the debug heap when a memory leak has occurred," identifying the offending lines and pointers.)
"If that sounds unreasonably dangerous — and incredibly fun... let's dive into the deep end of the heap."
"The method is so easy, it renders Rust's memory model (lifetimes, ownership) and the borrow checker useless!" writes Slashdot reader NuLL3rr0r. Does anybody agree with him? Share your own experiences and reactions in the comments.
And how do you feel about Rust's "borrow-checking compiler nanny"?
Posted by EditorDavid from Slashdot
From the hole-in-the-NetWeaver department: "A China-linked unnamed threat actor dubbed Chaya_004 has been observed exploiting a recently disclosed security flaw in SAP NetWeaver," reports The Hacker News:
Forescout Vedere Labs, in a report published Thursday, said it uncovered a malicious infrastructure likely associated with the hacking group weaponizing CVE-2025-31324 (CVSS score: 10.0) since April 29, 2025. CVE-2025-31324 refers to a critical SAP NetWeaver flaw that allows attackers to achieve remote code execution (RCE) by uploading web shells through a susceptible "/developmentserver/metadatauploader" endpoint.
The vulnerability was first flagged by ReliaQuest late last month when it found the shortcoming being abused in real-world attacks by unknown threat actors to drop web shells and the Brute Ratel C4 post-exploitation framework. According to [SAP cybersecurity firm] Onapsis, hundreds of SAP systems globally have fallen victim to attacks spanning industries and geographies, including energy and utilities, manufacturing, media and entertainment, oil and gas, pharmaceuticals, retail, and government organizations. Onapsis said it observed reconnaissance activity that involved "testing with specific payloads against this vulnerability" against its honeypots as far back as January 20, 2025. Successful compromises in deploying web shells were observed between March 14 and March 31.
"In recent days, multiple threat actors are said to have jumped aboard the exploitation bandwagon to opportunistically target vulnerable systems to deploy web shells and even mine cryptocurrency..."
Thanks to Slashdot reader bleedingobvious for sharing the news.
Posted by EditorDavid from Slashdot
From the shape-of-things-to-come department: Fast Company's "AI Decoded" newsletter makes the case that the first "killer app" for generative AI... is coding.
Tools like Cursor and Windsurf can now complete software projects with minimal input or oversight from human engineers... Naveen Rao, chief AI officer at Databricks, estimates that coding accounts for half of all large language model usage today. A 2024 GitHub survey found that over 97% of developers have used AI coding tools at work, with 30% to 40% of organizations actively encouraging their adoption.... Microsoft CEO Satya Nadella recently said AI now writes up to 30% of the company's code. Google CEO Sundar Pichai echoed that sentiment, noting more than 30% of new code at Google is AI-generated.
The soaring valuations of AI coding startups underscore the momentum. Anysphere's Cursor just raised $900 million at a $9 billion valuation — up from $2.5 billion earlier this year. Meanwhile, OpenAI acquired Windsurf (formerly Codeium) for $3 billion. And the tools are improving fast. OpenAI's chief product officer, Kevin Weil, explained in a recent interview that just five months ago, the company's best model ranked around one-millionth on a well-known benchmark for competitive coders — not great, but still in the top two or three percentile. Today, OpenAI's top model, o3, ranks as the 175th best competitive coder in the world on that same test. The rapid leap in performance suggests an AI coding assistant could soon claim the number-one spot. "Forever after that point computers will be better than humans at writing code," he said...
< This article continues on their website >
Posted by EditorDavid from Slashdot
From the Model-Context-Protocol department: Exposure-management company Tenable recently discussed how the MCP tool-interfacing framework for AI can be "manipulated for good, such as logging tool usage and filtering unauthorized commands." (Although "Some of these techniques could be used to advance both positive and negative goals.")
Now an anonymous Slashdot reader writes: In a demonstration video put together by security researcher Seth Fogie, an AI client given a simple prompt to 'Scan and exploit' a web server leverages various connected tools via MCP (nmap, ffuf, nuclei, waybackurls, sqlmap, burp) to find and exploit discovered vulnerabilities without any additional user interaction
As Tenable illustrates in their MCP FAQ, "The emergence of Model Context Protocol for AI is gaining significant interest due to its standardization of connecting external data sources to large language models (LLMs). While these updates are good news for AI developers, they raise some security concerns." With over 12,000 MCP servers and counting, what does this all lead to and when will AI be connected enough for a malicious prompt to cause serious impact?
Posted by EditorDavid from Slashdot
From the not-playing-well-together department: Slashdot reader BrianFagioli writes:
The new Nintendo Switch 2 is almost here. Next month, eager fans will finally be able to get their hands on the highly anticipated follow-up to the wildly popular hybrid console. But before you line up (or frantically refresh your browser for a preorder), you might want to read the fine print, because Nintendo might be able to kill your console.
Yes, really. That's not just speculation, folks. According to its newly updated user agreement, Nintendo has granted itself the right to make your Switch 2 "permanently unusable" if you break certain rules. Yes, the company might literally brick your device. Buried in the legalese is a clause that says if you try to bypass system protections, modify software, or mess with the console in a way that's not approved, Nintendo can take action. And that action could include completely disabling your system.
The exact wording makes it crystal clear: Nintendo may "render the Nintendo Account Services and/or the applicable Nintendo device permanently unusable in whole or in part...." [T]o be fair, this is probably targeted at people who reverse engineer the system or install unauthorized software — think piracy, modding, cheating, and the like. But the broad and vague nature of the language leaves a lot of room for interpretation. Who decides what qualifies as "unauthorized use"? Nintendo does.
Nintendo's verbiage says users must agree "without limitation" not to...
Publish, copy, modify, reverse engineer, lease, rent, decompile, disassemble, distribute, offer for sale, or create derivative works
Obtain, install or use any unauthorized copies of Nintendo Account Services
Exploit the Nintendo Account Services in any manner other than to use them in accordance with the applicable documentation and intended use [unless "otherwise expressly permitted by applicable law."]
< This article continues on their website >
Posted by EditorDavid from Slashdot
From the have-u-been-pwned department: "Login credentials belonging to an employee at both the Cybersecurity and Infrastructure Security Agency and the Department of Government Efficiency have appeared in multiple public leaks from info-stealer malware," reports Ars Technica, "a strong indication that devices belonging to him have been hacked in recent years."
As an employee of DOGE, [30-something Kyle] Schutt accessed FEMA's proprietary software for managing both disaster and non-disaster funding grants [to Dropsite News]. Under his role at CISA, he likely is privy to sensitive information regarding the security of civilian federal government networks and critical infrastructure throughout the U.S. According to journalist Micah Lee, user names and passwords for logging in to various accounts belonging to Schutt have been published at least four times since 2023 in logs from stealer malware... Besides pilfering login credentials, stealers can also log all keystrokes and capture or record screen output. The data is then sent to the attacker and, occasionally after that, can make its way into public credential dumps...
Lee went on to say that credentials belonging to a Gmail account known to belong to Schutt have appeared in 51 data breaches and five pastes tracked by breach notification service Have I Been Pwned. Among the breaches that supplied the credentials is one from 2013 that pilfered password data for 3 million Adobe account holders, one in a 2016 breach that stole credentials for 164 million LinkedIn users, a 2020 breach affecting 167 million users of Gravatar, and a breach last year of the conservative news site The Post Millennial.
The credentials may have been exposed when service providers were compromised, the article points out, but the "steady stream of published credentials" is "a clear indication that the credentials he has used over a decade or more have been publicly known at various points.
< This article continues on their website >
Posted by EditorDavid from Slashdot
From the battlefield-brawl. department: "The Overwatch 2 team at Blizzard has unionized," reports Kotaku:
That includes nearly 200 developers across disciplines ranging from art and testing to engineering and design. Basically anyone who doesn't have someone else reporting to them. It's the second wall-to-wall union at the storied game maker since the World of Warcraft team unionized last July... Like unions at Bethesda Game Studios and Raven Software, the Overwatch Gamemakers Guild now has to bargain for its first contract, a process that Microsoft has been accused of slow-walking as negotiations with other internal game unions drag on for years.
"The biggest issue was the layoffs at the beginning of 2024," Simon Hedrick, a test analyst at Blizzard, told Kotaku... "People were gone out of nowhere and there was nothing we could do about it," he said. "What I want to protect most here is the people...." Organizing Blizzard employees stress that improving their working conditions can also lead to better games, while the opposite — layoffs, forced resignations, and uncompetitive pay can make them worse....
"We're not just a number on an Excel sheet," [said UI artist Sadie Boyd]. "We want to make games but we can't do it without a sense of security." Unionizing doesn't make a studio immune to layoffs or being shuttered, but it's the first step toward making companies have a discussion about those things with employees rather than just shadow-dropping them in an email full of platitudes. Boyd sees the Overwatch union as a tool for negotiating a range of issues, like if and how generative AI is used at Blizzard, as well as a possible source of inspiration to teams at other studios.
"Our industry is at such a turning point," she said. "I really think with the announcement of our union on Overwatch...I know that will light some fires."
< This article continues on their website >
Posted by EditorDavid from Slashdot
From the if-at-first-you-don't-succeed department: "The romantic partner of Theranos fraudster Elizabeth Holmes has launched a start-up that sounds eerily similar to the venture that landed his girlfriend behind bars," writes The Daily Beast.
He's incorporated "Haemanthus" in Delaware a year and a half ago (though the company operates out of his neighborhood in Austin), according to the New York Times. Haemanthus appears to have around 10 employees.
From The Daily Beast:
California hotel heir Billy Evans' new company is a blood-testing firm that markets itself as "the future of diagnostics," offering "a radically new approach to health testing," according to The New York Times. In other words, exactly what Theranos said it would do. Holmes is even advising the start-up from the Texas prison where she is serving out an 11-year prison sentence for fraud, sources told NPR... Evans has managed to raise nearly $20 million in funds from both friends and established investors in Austin and San Francisco, according to the investor materials.
The Times reports that Evan's company "plans to begin with testing pets for diseases before progressing to humans, according to two investors pitched on the company."
And TechCrunch reminds readers that Elizabeth Holmes said in a recent interview "that she remains 'completely committed to my dream of making affordable healthcare solutions available to everyone.'"
Posted by EditorDavid from Slashdot
From the gently-down-the-stream department: Back in 2000, Slashdot founder CmdrTaco marked the 4th anniversary of Jennifer Ringley's pioneering "JenniCam" livestream (saying "It sure beats the Netscape FishCam. It's nuts how Jenni's little cam became such a fixture on The Internet...")
But a new article in the Washington Post remembers how "Once, Ringley looked directly into the camera and held a note in front of her eye. It read: 'I FEEL SO LONELY.'"
By 2003, Ringley had shut down the site and disappeared. She began declining interview requests, saying she was enjoying her privacy; her absence on social media continues to this day.
"But by then, the human zoo was everywhere," they write including "social media, where everyone could become a character in their own show." In 2007 Justin Kan launched Justin.TV, which eventually became Twitch, "a thrumming online city for anyone wanting to, as its slogan said, 'waste time watching other people waste time.'"
But the article also notes 2023 stats from the Bureau of Labor Statistics survey that found Americans"were spending far less time socializing than they had 20 years ago — especially 18-to-29-year-olds, who were spending two more hours a day alone." So how did this play out for the next generation of livestreaming influencers? Here's the origin story of "a lonely young woman in Texas" who's "streamed every second of her life for three years and counting."
One afternoon, her boyfriend told her to try Twitch, saying, as she recalled: "Your life sucks, you work at CVS, you have no friends. ... This could be helpful." In her first stream, on a Friday night, she played 3½ hours of "World of Warcraft" for her zero followers.
Eight years later...
< This article continues on their website >
Posted by EditorDavid from Slashdot
From the old-OS department: Long-time Slashdot reader mbessey (a Mac/iOS developer) writes:
As we're coming up on the 50th anniversary of the first release of UCSD Pascal, I thought it would be interesting to poke around in it a bit, and work on some tools to bring this "portable operating system" back to life on modern hardware, in a modern language (Rust).
Wikipedia describes UCSD Pascal as "a version that ran on a custom operating system that could be ported to different platforms. A key platform was the Apple II, where it saw widespread use as Apple Pascal. This led to Pascal becoming the primary high-level language used for development in the Apple Lisa, and later, the Macintosh. Parts of the original Macintosh operating system were hand-translated into Motorola 68000 assembly language from the Pascal source code."
mbessey is chronicling their new project in a series of blog posts which begins here:
The p-System was not the first portable byte-code interpreter and compiler system — that idea goes very far back, at least to the origins of the Pascal language itself. But it was arguably one of the most-successful early versions of the idea and served as an inspiration for future portable software systems (including Java's bytecode, and Infocom's Z-machine).
And they've already gotten UCSD Pascal running in an emulator and built some tools (in Rust) to transfer files to disk images. Now they're working towards writing a p-machine emulator in Rust, which they can they port to "something other than the Mac. Ideally, something small â" like an Arduino or Raspberry Pi Pico."
Posted by EditorDavid from Slashdot
From the school-daze department: Chungin Lee used ChatGPT to help write the essay that got him into Columbia University — and then "proceeded to use generative artificial intelligence to cheat on nearly every assignment," reports New York magazine's blog Intelligencer:
As a computer-science major, he depended on AI for his introductory programming classes: "I'd just dump the prompt into ChatGPT and hand in whatever it spat out." By his rough math, AI wrote 80 percent of every essay he turned in. "At the end, I'd put on the finishing touches. I'd just insert 20 percent of my humanity, my voice, into it," Lee told me recently... When I asked him why he had gone through so much trouble to get to an Ivy League university only to off-load all of the learning to a robot, he said, "It's the best place to meet your co-founder and your wife."
He eventually did meet a co-founder, and after three unpopular apps they found success by creating the "ultimate cheat tool" for remote coding interviews, according to the article. "Lee posted a video of himself on YouTube using it to cheat his way through an internship interview with Amazon. (He actually got the internship, but turned it down.)" The article ends with Lee and his co-founder raising $5.3 million from investors for one more AI-powered app, and Lee says they'll target the standardized tests used for graduate school admissions, as well as "all campus assignments, quizzes, and tests. It will enable you to cheat on pretty much everything."
Somewhere along the way Columbia put him on disciplinary probation — not for cheating in coursework, but for creating the apps. But "Lee thought it absurd that Columbia, which had a partnership with ChatGPT's parent company, OpenAI, would punish him for innovating with AI." (OpenAI has even made ChatGPT Plus free to college students during finals week, the article points out, with OpenAI saying their goal is just teaching students how to use it responsibly.)
< This article continues on their website >
Posted by EditorDavid from Slashdot
From the water-world department: Though global sea levels "varied little" for the 2,000 years before the 20th century, CNN reports that sea levels then "started rising and have not stopped since — and the pace is accelerating."
And sea level rise "was unexpectedly high last year, according to a recent NASA analysis of satellite data."
More concerning, however, is the longer-term trend. The rate of annual sea level rise has more than doubled over the past 30 years, resulting in the global sea level increasing 4 inches since 1993. "It's like we're putting our foot on the gas pedal," said Benjamin Hamlington, a research scientist in the Sea Level and Ice Group at NASA's Jet Propulsion Laboratory. While other climate signals fluctuate, global sea level has a "persistent rise," he told CNN.
It spells trouble for the future. Scientists have a good idea how much average sea level will rise by 2050 — around 6 inches globally, and as much as 10 to 12 inches in the US. Past 2050, however, things get very fuzzy. "We have such a huge range of uncertainty," said Dirk Notz, head of sea ice at the University of Hamburg. "The numbers are just getting higher and higher and higher very quickly." The world could easily see an extra 3 feet of sea level rise by 2100, he told CNN; it could also take hundreds of years to reach that level. Scientists simply don't know enough yet to project what will happen.
< This article continues on their website >
Posted by EditorDavid from Slashdot
From the killing-a-job department: Long-time Slashdot reader smooth wombat writes: Over the past year there have been stories about North Korean spies unknowingly or knowingly being hired to work in western companies. During an interview by Kraken, a crypto exchange, the interviewers became suspicious about the candidate. Instead of cutting off the interview, Kraken decided to continue the candidate through the hiring process to gain more information. One simple question confirmed the user wasn't who they said they were and even worse, was a North Korean spy.
Would-be IT worker "Steven Smith" already had an email address on a "do-not-hire" list from law enforcement agencies, according to CBS News. And an article in Fortune magazine says Kraken asked him to speak to a recruiter and take a technical-pretest, and "I don't think he actually answered any questions that we asked him," according to its chief security officer Nick Percoco — even though the application was claiming 11 years of experience as a software engineer at U.S.-based companies:
The interview was scheduled for Halloween, a classic American holiday—especially for college students in New York—that Smith seemed to know nothing about. "Watch out tonight because some people might be ringing your doorbell, kids with chain saws," Percoco said, referring to the tradition of trick or treating. "What do you do when those people show up?" Smith shrugged and shook his head. "Nothing special," he said. Smith was also unable to answer simple questions about Houston, the town he had supposedly been living in for two years. Despite having listed "food" as an interest on his résumé, Smith was unable to come up with a straight answer when asked about his favorite restaurant in the Houston area. He looked around for a few seconds before mumbling, "Nothing special here...."
< This article continues on their website >
Posted by EditorDavid from Slashdot
From the face-time department: An anonymous reader shared this repost from the Washington Post:
It's becoming standard practice at a growing number of U.S. airports: When you reach the front of the security line, an agent asks you to step up to a machine that scans your face to check whether it matches the face on your identification card. Travelers have the right to opt out of the face scan and have the agent do a visual check instead — but many don't realize that's an option.
Sens. Jeff Merkley (D-Oregon) and John Neely Kennedy (R-Louisiana) think it should be the other way around. They plan to introduce a bipartisan bill that would make human ID checks the default, among other restrictions on how the Transportation Security Administration can use facial recognition technology. The Traveler Privacy Protection Act, shared with the Tech Brief on Wednesday ahead of its introduction, is a narrower version of a 2023 bill by the same name that would have banned the TSA's use of facial recognition altogether. This one would allow the agency to continue scanning travelers' faces, but only if they opt in, and would bar the technology's use for any purpose other than verifying people's identities. It would also require the agency to immediately delete the scans of general boarding passengers once the check is complete.
"Facial recognition is incredibly powerful, and it is being used as an instrument of oppression around the world to track dissidents whose opinion governments don't like," Merkley said in a phone interview Wednesday, citing China's use of the technology on the country's Uyghur minority. "It really creates a surveillance state," he went on. "That is a massive threat to freedom and privacy here in America, and I don't think we should trust any government with that power...."
< This article continues on their website >
This week’s tips hodgepodge will shed some light on Clair Obscur’s elusive Petanks, help you score the best weapons and armor in Monster Hunter Wilds, and highlight some great console commands you should try out in Oblivion Remastered.
