The Wall Street Journal reports on [1]a "suspicious fleet of unidentified aircraft ... as many as a dozen or more" that appeared in Virginia 10 months ago "over an area that includes the home base for the Navy's SEAL Team Six and Naval Station Norfolk, the world's largest naval port." The article notes this was just 10 months after the U.S. [2]shot down a Chinese spy balloon ...

After watching the drones — some "roughly 20 feet long and flying at more than 100 miles an hour" — there were weeks of meetings where "Officials from agencies including the Defense Department, Federal Bureau of Investigation and the Pentagon's UFO office joined outside experts to throw out possible explanations as well as ideas about how to respond..."

> Federal law prohibits the military from shooting down drones near military bases in the U.S. unless they pose an imminent threat. Aerial snooping doesn't qualify, though some lawmakers hope to give the military greater leeway...

>

> Drone incursions into restricted airspace was already worrying national-security officials. Two months earlier, in October 2023, five drones flew over a government site used for nuclear-weapons experiments. The Energy Department's Nevada Nuclear Security Site outside Las Vegas detected four of the drones over three days. Employees spotted a fifth. U.S. officials said they didn't know who operated the drones in Nevada, a previously unreported incursion, or for what reason. A spokeswoman said the facility has since upgraded a system to detect and counter drones...

>

> Over 17 days, the [Virginia] drones arrived at dusk, flew off and circled back... They also were nearly impossible to track, vanishing each night despite a wealth of resources deployed to catch them. Gen. Glen VanHerck, at the time commander of the U.S. Northern Command and the North American Aerospace Defense Command, said drones had for years been spotted flying around defense installations. But the nightly drone swarms over Langley [Air Force base], he said, were unlike any past incursion...

>

> Analysts learned that the smaller quadcopters didn't use the usual frequency band available for off-the-shelf commercial drones — more evidence that the drone operators weren't hobbyists.

"Langley officials canceled nighttime training missions, worried about potential collisions with the drone swarm, and moved the F-22 jet fighters to another base... On December 23, the drones made their last visit."

But toward the end of the article, it notes that "In January, authorities found a clue they hoped would crack the case." It was a student at the University of Minnesota named Fengyun Shi — who was reported flying a drone on a rainy morning near a Virginia shipyard that builds nuclear submarines and aircraft carriers. Their drone got stuck in a tree, and ended up with federal investigators who found "Shi had photographed Navy vessels in dry dock, including shots taken around midnight. Some were under construction at the nearby shipyard."

> On Jan. 18, federal agents arrested Shi as he was about to board a flight to China on a one-way ticket. Shi told FBI agents he was a ship enthusiast and hadn't realized his drone crossed into restricted airspace. Investigators weren't convinced. but found no evidence linking him to the Chinese government. They learned he had bought the drone on sale at a Costco in San Francisco the day before he traveled to Norfolk. U.S. prosecutors charged Shi with unlawfully taking photos of classified naval installations, the first case involving a drone under a provision of U.S. espionage law. The 26-year-old Chinese national pleaded guilty and appeared in federal court in Norfolk on Oct. 2 for sentencing. Magistrate Judge Lawrence Leonard said he didn't believe Shi's story — that he had been on vacation and was flying drones in the middle of the night for fun. "There's significant holes," the judge said in court.

>

> "If he was a foreign agent, he would be the worst spy ever known," said Shi's attorney, Shaoming Cheng. "I'm sorry about what happened in Norfolk," Shi said before he was sentenced to six months in federal prison.

But "U.S. officials have yet to determine who flew the Langley drones or why..."

"U.S. officials confirmed this month that more unidentified drone swarms were spotted in recent months near Edwards Air Force Base, north of Los Angeles."



[1] https://www.msn.com/en-us/news/us/mystery-drones-swarmed-a-u-s-military-base-for-17-days-the-pentagon-is-stumped/ar-AA1saqAu

[2] https://news.slashdot.org/story/23/02/04/2227235/us-fighter-jets-shoot-down-spy-balloon-with-a-single-missile

Early this morning SpaceX successfully launched its Starship rocket on its fifth test flight. But more importantly, [1]CNBC points out , SpaceX "made a dramatic first catch of the rocket's more than 20-story tall booster."

[2]Watch the footage here. It's pretty exciting ...

> The achievement marks a major milestone toward SpaceX's goal of making Starship a fully reusable rocket system... The rocket's "Super Heavy" booster returned to land on the arms of the company's launch tower nearly seven minutes after launch.

>

> "Are you kidding me?" SpaceX communications manager Dan Huot said on the company's webcast. "What we just saw, that looked like magic," Huot added...

>

> Starship separated and continued on to space, traveling halfway around the Earth before reentering the atmosphere and splashing down in the Indian Ocean as intended to complete the test. There were no people on board the fifth Starship flight. The company's leadership has said SpaceX expects to fly hundreds of Starship missions before the rocket launches with any crew...

>

> With the booster catch, SpaceX has surpassed the fourth test flight's milestones... The company sees the ambitious catch approach as critical to its goal of making the rocket fully reusable. "SpaceX engineers have spent years preparing and months testing for the booster catch attempt, with technicians pouring tens of thousands of hours into building the infrastructure to maximize our chances for success," the company wrote on its website.



[1] https://www.cnbc.com/2024/10/13/spacex-starship-rocket-launch-flight-5-booster-catch-attempt.html

[2] https://youtu.be/OuUgLKK_S5k?t=901

Last month [1]C dropped from 3rd to 4th in TIOBE's ranking of programming language popularity (which tries to calculate [2]each language's share of search engine results ). Java moved up into the #3 position in September, [3]reports TechRepublic , which notes that by comparison October "saw relatively little change" — though percentages of search results increased slightly. "At number one, Python jumped from 20.17% in September to 21.9% in October. In second place, C++ rose from 10.75% in September to 11.6%. In third, Java ascended from 9.45% to 10.51%..."

Is there a larger trend? TIOBE CEO Paul Jansen [4]writes that the need to harvest more data increases demand for fast data manipulation languages. But they also need to be easy to learn ("because the resource pool of skilled software engineers is drying up") and secure ("because of continuous cyber threats.")

> King of all, Python, is easy to learn and secure, but not fast. Hence, engineers are frantically looking for fast alternatives for Python. C++ is an obvious candidate, but it is considered "not secure" because of its explicit memory management. Rust is another candidate, although not easy to learn. Rust is, thanks to its emphasis on security and speed, making its way to the TIOBE index top 10 now. [It's #13 — up from #20 a year ago]

>

> The cry for fast, data crunching languages is also visible elsewhere in the TIOBE index. [5]The language Mojo [a faster superset of Python [6]designed for accelerated hardware like GPUs ]... enters the top 50 for the first time. The fact that this language is only 1 year old and already showing up, makes it a very promising language.

In the last 12 months three languages also fell from the top ten:

PHP (dropping from #8 to #15)

SQL (dropping from #9 to #11)

Assembly language (dropping from #10 to #16)



[1] https://www.techrepublic.com/article/tiobe-index-sep-24/

[2] https://www.tiobe.com/tiobe-index/programminglanguages_definition/

[3] https://www.techrepublic.com/article/tiobe-index-oct-24/

[4] https://www.tiobe.com/tiobe-index/

[5] https://developers.slashdot.org/story/23/05/17/034204/mojo-may-be-the-biggest-programming-language-advance-in-decades

[6] https://thenewstack.io/mojos-chris-lattner-on-making-programming-languages-evolve/

Zambia has the largest man-made lake in the world, [1]reports the Associated Press — but [2]a severe drought has left the lake's 128-meter-high (420-feet) dam wall "almost completely exposed". This leaves Kariba dam without enough water to run most of its hydroelectric turbines — meaning millions of people in Zambia now face "a climate-induced energy crisis..."

> The water level is so low that only one of the six turbines on Zambia's side of the dam is able to operate, cutting generation to less than 10% of normal output. Zambia relies on the dam for more than 80% of its national electricity supply, and the result is Zambians have barely a few hours of power a day at the best of times. Often, areas are going without electricity for days... The power crisis is a bigger blow to the economy and the battle against poverty than the lockdowns during the COVID-19 pandemic, said Zambia Association of Manufacturers president Ashu Sagar.

>

> Africa contributes the least to global warming but is [3]the most vulnerable continent to extreme weather events and climate change as poor countries can't meet the high financials costs of adapting. This year's drought in southern Africa is the worst in decades and has parched crops and left millions hungry, causing [4]Zambia and others to already declare national disasters and ask for aid...

>

> Zambia is not alone in that hydroelectric power makes up over 80% of the energy mix in Mozambique, Malawi, Uganda, Ethiopia and Congo, even as experts warn it will become more unreliable. "Extreme weather patterns, including prolonged droughts, make it clear that overreliance on hydro is no longer sustainable," said Carlos Lopes, a professor at the Mandela School of Public Governance at the University of Cape Town in South Africa.

While the lake's water level normally rises six meters after it rains, "It moved by less than 30 centimeters after the last rainy season barely materialized, authorities said...

"Experts say there's also no guarantee those rains will come and it's dangerous to rely on [5]a changing climate given Zambia has had drought-induced power problems before, and the trend is they are getting worse."



[1] https://apnews.com/article/climate-power-electricity-drought-environment-6e3e746566b0831491e72de380f4079d

[2] https://apnews.com/article/southern-africa-drought-hunger-food-climate-2ef702abc386f7182dbc5f8f4192be3c

[3] https://apnews.com/article/africa-climate-change-flooding-droughts-af5beebf70f414098ad2a4a73a19b76c

[4] https://apnews.com/article/malawi-africa-drought-disaster-el-nino-ccdb755b84133d0e2796da3296410edf

[5] https://apnews.com/article/water-united-nations-world-meteorological-organization-86183afa4d917fe9777f730159849c8f

Thursday [1]the Associated Press reported :

> One of the two companies that manufacture high-purity quartz used for making semiconductors and other high-tech products from mines in a western North Carolina community severely damaged by Hurricane Helene is operating again. Sibelco announced on Thursday that production has restarted at its mining and processing operations in Spruce Pine, located 50 miles (80 kilometers) northeast of Asheville. [ [2]Per Wikipedia , its pre-hurricane population was 2,175.] Production and shipments are progressively ramping up to full capacity, the company said in [3]a news release .

>

> "While the road to full recovery for our communities will be long, restarting our operations and resuming shipments to customers are important contributors to rebuilding the local economy," Sibelco CEO Hilmar Rode said... A Spruce Pine council member said recently that an estimated three-quarters of the town has a direct connection to the mines, whether through a job, a job that relies on the mines or a family member who works at the facilities.

An [4]announcement last week from Sibelco attributed its resilience to their long-standing commitment to sustainability, "which includes measures to mitigate the impact of extreme weather events such as Hurricane Helene." Initial assessments indicated their operating facilities sustained only minor damage.

And "the company previously announced that all its employees are safe," Sibelco reaffirmed [5]in its announcement Thursday :

> Sibelco, with support from its contractors, has been [6]contributing to the local recovery efforts by clearing debris, repairing roads, providing road building materials to the North Carolina Department of Transportation, installing temporary power generators for emergency shelters and local businesses, and working with the town of Spruce Pine to restart water supply to residents.

>

> Additionally, Sibelco has incorporated the Sibelco Spruce Pine Foundation to further support the community's recovery. The company [7]previously announced that it is making an immediate $1 million donation as seed money for the foundation. Anyone interested in learning more or contributing to this initiative should contact the foundation by [8]email or by visiting [9]our website for additional information and donation opportunities.



[1] https://apnews.com/article/north-carolina-helene-quartz-production-b977148e2b3fd0ada7e7ae4d300a0a6a

[2] https://en.wikipedia.org/wiki/Spruce_Pine,_North_Carolina

[3] https://www.sibelco.com/en/news/sibelco-restarts-production-and-customer-shipments-at-spruce-pine-following-hurricane-helene

[4] https://www.sibelco.com/en/news/progress-with-spruce-pine-recovery-activities

[5] https://www.sibelco.com/en/news/sibelco-restarts-production-and-customer-shipments-at-spruce-pine-following-hurricane-helene

[6] https://www.sibelco.com/en/news/progress-with-spruce-pine-recovery-activities

[7] https://www.sibelco.com/en/news/sibelco-announces-1-million-donation-to-spruce-pine-recovery-and-establishes-foundation-for-ongoing-community-support

[8] mailto:SibelcoSprucePineFoundation@sibelco.com

[9] https://www.sibelco.com/en/sibelco-spruce-pine-foundation

The Wall Street Journal [1]delves into the origin story of that teenaged [2] Grand Theft Auto VI leaker .

> Arion Kurtaj, now 19 years old, is the most notorious name that has emerged from a sprawling set of online communities called the Com... Their youthful inventiveness and tenacity, as well as their status as minors that make prosecution more complicated, have made the Com especially dangerous, according to law-enforcement officials and cybersecurity investigators. Some kids, they say, are recruited from popular online spaces like Minecraft or Roblox.... [William McKeen, a supervisory special agent with the FBI's Cyber Division] said the average age of anyone arrested for a crime in the U.S. is 37, while the average age of someone arrested for cybercrime is 19. Cybersecurity investigators have found posts they say suggest Kurtaj has been involved in online attacks since he was 11.

"He had limited social skills and trouble developing relationships, records say — and ultimately looked for approval in the booming world of cybercrime..."

> [When Kurtaj was 14] he landed in a residential school serving children with severe emotional and behavioral needs. Kurtaj was physically assaulted by a staff member at his school who was later convicted as a result, according to a person familiar with the case. In early 2021, his mother brought him home and removed him from government care, court records say. He never returned to school. He was 16.

>

> A month after his mother pulled him out of school, investigators say that Kurtaj was part of a hacking group called Recursion Team that broke into the videogame firm Electronic Arts and stole 780 gigabytes of data. When Electronic Arts refused to engage, they dumped the stolen data online. Within a week of that hack, investigators had identified Kurtaj and provided his name to the FBI. Later in that summer of 2021, according to court records, Kurtaj partnered with another teenager, known as ASyntax, and several Brazilian hackers, and started calling themselves Lapsus$. The group hacked into the British telecommunications giant BT in an effort to steal money using a technique called SIM swapping... The hacks weren't always for money. In late 2021, Lapsus$ hacked into a website operated by Brazil's Ministry of Health and deleted the country's database of Covid vaccinations, according to law enforcement...

>

> If the Com has a social center, it's a website called Doxbin, where users publish personal details, such as home addresses and phone numbers, of their online rivals in an attempt to intimidate each other. Kurtaj bought Doxbin in November 2021 for $75,000, according to Chainalysis. But after a few months, the previous owners accused Kurtaj of mismanaging the site and pressured him to sell it back. He relented. Then in January 2022, cybersecurity investigators say, he doxxed the entire site, publishing a database that included usernames, passwords and email addresses that he'd downloaded when he was the owner. For cybersecurity experts, it was a gold mine. "It helped investigators piece together which crimes were done by who," said Allison Nixon, chief research officer at Unit 221B, an online investigations firm.

>

> Doxbin's owners responded with a dox of Kurtaj and his family, including his home address and photos of him, investigators say — setting up the chain of events that would put Kurtaj in the Travelodge.

After two weeks of "protective custody" there — during which time he was supposed to be computer-free — Kurtaj "was arrested a third time and charged with hacking, fraud and blackmail. Authorities said that while at the Travelodge, he broke into Uber and taunted the company by posting a link to a photo of an erect penis on the company's internal Slack messaging system, then stole software and videos from Rockstar Games. Stolen clips had popped up in a Grand Theft Auto discussion forum from a user named teapotuberhacker and stirred a frenzy.

"As officers collected evidence, the teen stood by, emotionless, police say...."

"Kurtaj's lawyers and some experts on autism have said a potential lifetime of incarceration isn't appropriate for a teenager like Kurtaj..."

Thanks to long-time Slashdot reader [3]SpzToid for sharing the article.



[1] https://www.msn.com/en-us/money/other/this-teenage-hacker-became-a-legend-attacking-companies-then-his-rivals-attacked-him/ar-AA1rFCM7

[2] https://yro.slashdot.org/story/23/12/21/2214238/teen-gta-vi-hacker-sentenced-to-indefinite-hospital-order

[3] https://www.slashdot.org/~SpzToid

Though native Linux game servers have been scarce over the last two decades, "I've seen people using the Box64 emulator to play x86_64 games on ARM devices," writes Slashdot reader [1]VennStone . "It got me thinking: why not apply this to game servers...?

"I thought it would be fun to see if I could build a super low-power Trackmania 2 server using a Raspberry Pi Zero 2 W."

They dubbed the experiment "Trackberry", and [2]shared all the technical details in a blog post at Interfacing Linux (including [3]a video ). For example, they installed PyEnv so it could create a virtual environment for the PyPlanet server controller. ("That's right, your little Pi Zero 2 W is about to compile some software, slowly....")

But ultimately "it turns out that the A53 can run not only the server but also the server controller, with minimal effort. Five players push one core to around 50% load, while the others handle the database and controller."

> WHY STOP THERE? There are a gang of x86 Linux servers that could potentially run with Box64. Imagine playing Pirraria , 7 Days to Pi , Counter-Pi 2 , Pitorio , and countless others! Granted, you may need a more powerful device than a Raspberry Pi Zero 2 W. I'll leave that research up to you.

>

> My main takeaway from this experiment? Box64 is straight-up Scandinavian witchcraft and is not to be trifled with. Not even a little bit.

>

> That said, it introduces a compelling option for those of us looking to run dedicated game servers that don't require much in the way of system resources. Under load, TrackBerry averages 2.8 watts and, according to the scientific number digits below, ends up running just under $3.00 a year or $0.25 a month. I find the concept of having a stack of microSD cards, each holding a different game server, neat....

>

> You can see TrackBerry in action every Tuesday and Friday [4]on Twitch ...



[1] https://www.slashdot.org/~VennStone

[2] https://interfacinglinux.com/2024/10/04/trackberry-raspberry-pi-trackmania-server/

[3] https://www.youtube.com/watch?v=LkwN3AhSQ9s

[4] https://www.twitch.tv/linuxgamecast/schedule

[1]spatwei shared [2]an article from SC World :

> Attacks on large language models (LLMs) take less than a minute to complete on average, and leak sensitive data 90% of the time when successful, according to Pillar Security.

>

> Pillar's [3]State of Attacks on GenAI report , published Wednesday, revealed new insights on LLM attacks and jailbreaks, based on telemetry data and real-life attack examples from more than 2,000 AI applications. LLM jailbreaks successfully bypass model guardrails in one out of every five attempts, the Pillar researchers also found, with the speed and ease of LLM exploits demonstrating the risks posed by the growing generative AI (GenAI) attack surface...

>

> The more than 2,000 LLM apps studied for the State of Attacks on GenAI report spanned multiple industries and use cases, with virtual customer support chatbots being the most prevalent use case, making up 57.6% of all apps.

Common jailbreak techniques included "ignore previous instructions" and "ADMIN override", or just using base64 encoding. "The Pillar researchers found that attacks on LLMs took an average of 42 seconds to complete, with the shortest attack taking just 4 seconds and the longest taking 14 minutes to complete.

"Attacks also only involved five total interactions with the LLM on average, further demonstrating the brevity and simplicity of attacks."



[1] https://www.slashdot.org/~spatwei

[2] https://www.scworld.com/news/llm-attacks-take-just-42-seconds-on-average-20-of-jailbreaks-succeed

[3] https://www.pillar.security/resources/the-state-of-attacks-on-genai

[1]wiredmikey writes:

> As the dust settles following the massive Windows BSOD tech [2]outages caused by CrowdStrike in July 2024, the question is now, how do we prevent this happening again? While there was no current way Microsoft could have prevented this incident, the OS firm is obviously keen to prevent anything similar happening in the future. SecurityWeek talked to David Weston, VP enterprise and OS security at Microsoft, to [3]discuss Windows kernel access and safe deployment practices (or SDP).

Former Ukranian officer Serhii "Flash" Beskrestnov created a Signal channel where military communications specialists could talk with civilian radio experts, [4]reports MIT's Technology Review . But radio communications are crucial for drones, so...

> About once a month, he drives hundreds of kilometers east in a homemade mobile intelligence center: a black VW van in which stacks of radio hardware connect to an array of antennas on the roof that stand like porcupine quills when in use. Two small devices on the dash monitor for nearby drones. Over several days at a time, Flash studies the skies for Russian radio transmissions and tries to learn about the problems facing troops in the fields and in the trenches.

>

> He is, at least in an unofficial capacity, a spy. But unlike other spies, Flash does not keep his work secret. In fact, he shares the results of these missions with more than 127,000 followers — including many soldiers and government officials — on several public social media channels. Earlier this year, for instance, he described how he had recorded five different Russian reconnaissance drones in a single night — one of which was flying directly above his van... Drones have come to define the brutal conflict that has now dragged on for more than two and a half years. And most rely on radio communications — a technology that Flash has obsessed over since childhood. So while Flash is now a civilian, the former officer has still taken it upon himself to inform his country's defense in all matters related to radio...

>

> Flash has also become a source of some controversy among the upper echelons of Ukraine's military, he tells me. The Armed Forces of Ukraine declined multiple requests for comment, but Flash and his colleagues claim that some high-ranking officials perceive him as a security threat, worrying that he shares too much information and doesn't do enough to secure sensitive intel... [But] His work has become greatly important to those fighting on the ground, and he recently received formal recognition from the military for his contributions to the fight, with two medals of commendation — one from the commander of Ukraine's ground forces, the other from the Ministry of Defense...

>

> And given the [5]mounting [6]evidence that both [7]militaries and [8]militant groups in other parts of the world are now adopting drone tactics developed in Ukraine, it's not only his country's fate that Flash may help to determine — but also the ways that armies wage war for years to come.

He's also written guides on building cheap anti-drone equipment...



[1] https://slashdot.org/~wiredmikey

[2] https://it.slashdot.org/story/24/07/19/0943232/global-it-outage-linked-to-crowdstrike-update-disrupts-businesses

[3] https://www.securityweek.com/microsofts-take-on-kernel-access-and-safe-deployment-practices-following-crowdstrike-incident/

[4] https://www.technologyreview.com/2024/09/12/1103833/ukraine-russia-drone-war-flash-radio-serhii-beskrestnov-social-media/

[5] https://interestingengineering.com/military/china-training-troops-tackle-fpv-drones

[6] https://www.haaretz.com/israel-news/security-aviation/2024-09-05/ty-article/.premium/like-ukraine-hezbollah-begins-attacking-israeli-forces-with-fpv-racing-drones/00000191-c338-d870-a59d-e77bec490000

[7] https://www.inss.org.il/publication/fpv/

[8] https://www.haaretz.com/israel-news/security-aviation/2024-09-05/ty-article/.premium/like-ukraine-hezbollah-begins-attacking-israeli-forces-with-fpv-racing-drones/00000191-c338-d870-a59d-e77bec490000

Former Ukranian officer Serhii "Flash" Beskrestnov created a Signal channel where military communications specialists could talk with civilian radio experts, [1]reports MIT's Technology Review . But radio communications are crucial for drones, so...

> About once a month, he drives hundreds of kilometers east in a homemade mobile intelligence center: a black VW van in which stacks of radio hardware connect to an array of antennas on the roof that stand like porcupine quills when in use. Two small devices on the dash monitor for nearby drones. Over several days at a time, Flash studies the skies for Russian radio transmissions and tries to learn about the problems facing troops in the fields and in the trenches.

>

> He is, at least in an unofficial capacity, a spy. But unlike other spies, Flash does not keep his work secret. In fact, he shares the results of these missions with more than 127,000 followers — including many soldiers and government officials — on several public social media channels. Earlier this year, for instance, he described how he had recorded five different Russian reconnaissance drones in a single night — one of which was flying directly above his van... Drones have come to define the brutal conflict that has now dragged on for more than two and a half years. And most rely on radio communications — a technology that Flash has obsessed over since childhood. So while Flash is now a civilian, the former officer has still taken it upon himself to inform his country's defense in all matters related to radio...

>

> Flash has also become a source of some controversy among the upper echelons of Ukraine's military, he tells me. The Armed Forces of Ukraine declined multiple requests for comment, but Flash and his colleagues claim that some high-ranking officials perceive him as a security threat, worrying that he shares too much information and doesn't do enough to secure sensitive intel... [But] His work has become greatly important to those fighting on the ground, and he recently received formal recognition from the military for his contributions to the fight, with two medals of commendation — one from the commander of Ukraine's ground forces, the other from the Ministry of Defense...

>

> And given the [2]mounting evidence that both [3]militaries and [4]militant groups in other parts of the world are now adopting drone tactics developed in Ukraine, it's not only his country's fate that Flash may help to determine — but also the ways that armies wage war for years to come.

He's also written guides on building cheap anti-drone equipment...



[1] https://www.technologyreview.com/2024/09/12/1103833/ukraine-russia-drone-war-flash-radio-serhii-beskrestnov-social-media/

[2] https://interestingengineering.com/military/china-training-troops-tackle-fpv-drones

[3] https://www.inss.org.il/publication/fpv/

[4] https://www.haaretz.com/israel-news/security-aviation/2024-09-05/ty-article/.premium/like-ukraine-hezbollah-begins-attacking-israeli-forces-with-fpv-racing-drones/00000191-c338-d870-a59d-e77bec490000

After nearly 30 years of covering Kamala Harris, the San Francisco Chronicle is [1]now letting ChatGPT do it . Sort of...

"We're introducing a new way to engage with our decades of coverage: an AI-powered tool designed to answer your questions about Harris' life, her journey through public service and her presidential campaign," they announced this week:

> Drawing from thousands of articles written, edited and published by Chronicle journalists since 1995, this tool aims to give readers informed answers about a politician who rose from the East Bay and is now campaigning to become one of the world's most powerful people.

>

> Why don't we have a similar tool for Donald Trump, the Republican nominee for president? The answer isn't political. It's because we've been covering Harris since her career began in the Bay Area and have an archive of vetted articles to draw from. Our newsroom can't offer the same level of expertise when it comes to the former president.

The tool's answers are "drawn directly from decades of extensive reporting," according to a notice toward the bottom of the page. "The tool searches through thousands of Chronicle articles, with new stories added every hour as they are published, ensuring readers have access to the most up-to-date information."

> Our news assistant is powered by OpenAI's GPT-4o mini model, combined with OpenAI's text-embedding-3-large model, to deliver precise answers based on user queries. The Chronicle articles in this tool's corpus span from April 24, 1995, to the present, covering the length of Harris' career.

>

> This corpus wouldn't be possible without the hard work of the Chronicle's journalists.

Questions go through OpenAI's moderation filter and "relevance check" — and if it asks how to vote, "we redirect readers to appropriate resources including [2]canivote.org ..."



[1] https://www.sfchronicle.com/projects/2024/kamala-harris-election-questions/

[2] https://www.nass.org/can-I-vote

In mid-2021 Ameria's National Security Advisor set up a new directorate focused on "advanced chips, quantum computing, and other cutting-edge tech," [1]reports Wired . And the next year as Congress was working on [2]boosting America's semiconductor sector, he was "closing in on a plan to cripple China's... In October 2022, the Commerce Department forged ahead with its new export controls."

So what happened next?

> In a phone call with President Biden this past spring, Xi Jinping [3]warned that if the US continued trying to stall China's technological development, he would not "sit back and watch." And he hasn't. Already, China has answered the US export controls — and its corresponding deals with other countries — by imposing its own restrictions on critical minerals used to make semiconductors and by hoovering up older chips and manufacturing equipment it is still allowed to buy. For the past several quarters, in fact, China was the top customer for ASML and a number of Japanese chip companies. A robust black market for banned chips has also emerged in China. According to a recent New York Times [4]investigation , some of the Chinese companies that have been barred from accessing American chips through US export controls have set up new corporations to evade those bans. (These companies have claimed no connection to the ones who've been banned.) This has reportedly [5]enabled Chinese entities with ties to the military to obtain small amounts of Nvidia's high-powered chips.

>

> Nvidia, meanwhile, has responded to the US actions by developing new China-specific chips that don't run afoul of the US controls but don't exactly thrill the Biden administration either. For the White House and Commerce Department, keeping pace with all of these workarounds has been a constant game of cat and mouse. In 2023, the US introduced the first round of updates to its export controls. This September, it released another — an announcement that was quickly followed by a similar expansion of controls by the Dutch. Some observers have speculated that the Biden administration's actions have only made China more determined to invest in its advanced tech sector.

>

> And there's clearly some truth to that. But it's also true that China has been trying to become self-sufficient since long before Biden entered office. Since 2014, it has plowed nearly $100 billion into its domestic chip sector. "That was the world we walked into," [NSA Advisor Jake] Sullivan said. "Not the world we created through our export controls." The United States' actions, he argues, have only made accomplishing that mission that much tougher and costlier for Beijing. Intel CEO Pat Gelsinger estimated earlier this year that there's a "10-year gap" between the most powerful chips being made by Chinese chipmakers like SMIC and the ones Intel and Nvidia are working on, thanks in part to the export controls.

>

> If the measure of Sullivan's success is how effectively the United States has constrained China's advancement, it's hard to argue with the evidence. "It's probably one of the biggest achievements of the entire Biden administration," said Martijn Rasser, managing director of Datenna, a leading intelligence firm focused on China. Rasser said the impact of the US export controls alone "will endure for decades." But if you're judging Sullivan's success by his more idealistic promises regarding the future of technology — the idea that the US can usher in an era of progress dominated by democratic values — well, that's a far tougher test. In many ways, the world, and the way advanced technologies are poised to shape it, feels more unsettled than ever.

>

> Four years was always going to be too short for Sullivan to deliver on that promise. The question is whether whoever's sitting in Sullivan's seat next will pick up where he left off.



[1] https://www.wired.com/story/jake-sullivan-china-tech-profile/

[2] https://www.semiconductors.org/chips-incentives-awards/

[3] https://www.politico.com/news/2024/04/02/biden-jinping-warning-election-meddling-cyberattacks-call-00150129

[4] https://www.nytimes.com/2024/08/04/technology/china-ai-microchips-takeaways.html

[5] https://www.reuters.com/technology/chinas-military-government-acquire-nvidia-chips-despite-us-ban-2024-01-14/

Formed in 2021 by cybersecurity professionals (and backed by high-powered VCs including Dell Technologies Capital), [1]Halcyon sells an enterprise-grade anti-ransomware platform.

And this month they announced they're offering protection against ransomware attacks targeting Linux systems, [2]according to Linux magazine :

> [3]According to Cynet , Linux ransomware attacks increased by 75 percent in 2023 and are expected to continue to climb as more bad actors target Linux deployments... "While Windows is the favorite for desktops, Linux dominates the market for supercomputers and servers."

Here's how Halcyon's announcement [4]made their pitch :

> "When it comes to ransomware protection, organizations typically prioritize securing Windows environments because that's where the ransomware operators were focusing most of their attacks. However, Linux-based systems are at the core of most any organization's infrastructure, and protecting these systems is often an afterthought," said Jon Miller, CEO & Co-founder, Halcyon. "The fact that Linux systems usually are always on and available means they provide the perfect beachhead for establishing persistence and moving laterally in a targeted network, and they can be leveraged for data theft where the exfiltration is easily masked by normal network traffic. As more ransomware operators are developing the capability to target Linux systems alongside Windows, it is imperative that organizations have the ability to keep pace with the expanded threat."

>

> Halcyon Linux, powered through the Halcyon Anti-Ransomware Platform, uniquely secures Linux-based systems offering comprehensive protection and rapid response capabilities... Halcyon Linux monitors and detects ransomware-specific behaviors such as unauthorized access, lateral movement, or modification of critical files in real-time, providing instant alerts with critical context... When ransomware is suspected or detected, the Halcyon Ransomware Response Engine allows for rapid response and action.... Halcyon Data Exfiltration Protection (DXP) identifies and blocks unauthorized data transfers to protect sensitive information, safeguarding the sensitive data stored in Linux-based systems and endpoints...

>

> Halcyon Linux runs with minimal resource impact, ensuring critical environments such as database servers or virtualized workloads, maintain the same performance.

And in addition, Halcyon offers "an around the clock Threat Response team, reviewing and responding to alerts," so your own corporate security teams "can attend to other pressing priorities..."



[1] https://www.halcyon.ai/company

[2] https://www.linux-magazine.com/Online/News/Halcyon-Creates-Anti-Ransomware-Protection-for-Linux

[3] https://www.cynet.com/ransomware/linux-ransomware-attack-anatomy-examples-and-protection/

[4] https://finance.yahoo.com/news/halcyon-announces-anti-ransomware-protection-130000706.html

This week (MIT-licensed) WebAssembly runtime [1]Wasmer announced "a major milestone in making any software run with WebAssembly."

The announcement's headline? [2]Running Clang in the browser using WebAssembly ...

> Thanks to the newest release of Wasmer (4.4) and the Wasmer JS SDK (0.8.0) you can now run [compiler front-end] clang anywhere Wasmer runs! This allows compiling C programs from virtually anywhere. Including Javascript and your preferred browser! (we tested Chrome, Safari and Firefox and everything is working like a charm)...

>

> - You can compile C code to WebAssembly easily just using the Wasmer CLI: no toolchains or complex installations needed, install Wasmer and you are ready to go...!

>

> - You can compile C projects directly from JavaScript...!

>

> - We expect online IDEs to start adopting the SDK to allow their users compile and run C programs in the browser....

>

> Do you want to use clang in your Javascript project? Thanks to our newly released [3]Wasmer JS SDK you can do it easily, in both the browser and Node.js/Bun etc... Wasmer's clang can even optimize the file for you automatically using wasm-opt under the hood (Clang automatically detects if wasm-opt is used, and it will be automatically called when optimizing the file). Imagine using Emscripten without needing its toolchain installed — or even better, imagine running Emscripten in the browser.

The announcement looks to a future of compiling native Python libraries, when "any project depending on LLVM can now be easily compiled to WebAssembly..."

"This is the beginning of an awesome journey, we can't wait to see what you create next with this."



[1] https://github.com/wasmerio/wasmer

[2] https://wasmer.io/posts/clang-in-browser

[3] https://wasmer.io/posts/introducing-the-wasmer-js-sdk

Many U.S. states now require candidates to disclose when political ads used generative AI, [1]reports the Washington Post .

Unfortunately, researchers at New York University's Center on Technology Policy "found that people rated candidates 'less trustworthy and less appealing' when their ads featured AI disclaimers..."

> In [2]the study , researchers asked more than 1,000 participants to watch political ads by fictional candidates — some containing AI disclaimers, some not — and then rate how trustworthy they found the would-be officeholders, how likely they were to vote for them and how truthful their ads were. Ads containing AI labels largely hurt candidates across the board, with the pattern holding true for "both deceptive and more harmless uses of generative AI," the researchers wrote. Notably, researchers also found that AI labels were more harmful for candidates running attack ads than those being attacked, something they called the "backfire effect".

>

> "The candidate who was attacked was actually rated more trustworthy, more appealing than the candidate who created the ad," said Scott Babwah Brennen, who directs the center at NYU and co-wrote the report with Shelby Lake, Allison Lazard and Amanda Reid.

One other interesting finding... The article notes that study participants in both parties "preferred when disclaimers were featured anytime AI was used in an ad, even when innocuous."



[1] https://www.msn.com/en-us/news/politics/ai-disclaimers-in-political-ads-backfire-on-candidates-study-finds/ar-AA1rTpf5

[2] http://techpolicynyu.org/wp-content/uploads/2024/10/CTP_In-Disclaimers-we-Trust_final.pdf

Meta's Oversight Board "is spinning off a new appeals center," [1]reports the Washington Post , "to handle content disputes from European social media users on multiple platforms".

It will operate under Europe's Digital Services Act, "which requires tech companies to allow users to appeal restrictions on their accounts before an independent group of experts."

> "I think this is really a game changer," Appeals Centre Europe CEO Thomas Hughes said in an interview. "It could really drive platform accountability and transparency."

>

> The expansion arrives as the Oversight Board, an independent collection of academics, experts and lawyers funded by Meta, has been seeking to expand its influence beyond the social media giant... [The Board] has tried for years to court other major internet companies, offering to help them referee debates about content, The Post has [2]reported ...

>

> Oversight Board members and Oversight Board Trust Chairman Stephen Neal said in statements that both the Appeals Centre Europe and the Oversight Board will play critical but complimentary roles in holding tech companies accountable for their decisions on content. "Both entities are committed to improving user redress, transparency and upholding users' rights online," Neal said...

>

> Hughes, who used to be the Oversight Board's administration director, said that he was "proud" of what the Oversight Board is accomplishing but that it is different from what the Appeals Centre Europe will offer. When Facebook, YouTube or TikTok removes a post, European social media users will be able to appeal the decision to the center. Users also will also be able to flag the center with posts they think violate the rules but were not removed. While the Appeals Centre Europe's decisions will be nonbinding, the group will generate data that could power decisions by regulators, civil society groups and the general public, Hughes said. By contrast, the Oversight Board's decisions on Meta content are binding.

Last year the original Oversight Board completed more than 50 cases, "and is on track to exceed that number in 2024," according to the article. But this board is different, CEO Hughes told the Post . They'll have about two dozen staffers, with expertise in human rights and tech policy — or fluency in various languages.

And he added that though the center is funded by an initial grant, future operating costs will be covered by the fees social media companies pay the appeal center — roughly 90 euros ($100) per case.



[1] https://www.msn.com/en-us/news/technology/meta-supreme-court-expands-with-european-center-to-handle-tiktok-youtube-cases/ar-AA1rUZm5

[2] https://www.washingtonpost.com/technology/2024/06/30/meta-facebook-content-moderation-oversight-board/

Amazon is "embedding pharmacies in same-day delivery facilities often clustered around major metro areas," [1]reports CNBC .

This will enable "a coming expansion of its same-day prescription delivery service," [2]according to Engadget , "with 20 more cities and affiliated metro areas entering the program next year. This expansion will open up the feature to nearly half of US residents."

"In most cases, that means a customer can order medication by 4 p.m. and receive it at home by 10 p.m.," Amazon [3]said in their announcement — making the case that their service (and its 24/7 pharmacists) "ensures customers can get care within hours, bridging health care accessibility divides..."

> A recent [4]study found nearly half of U.S. counties have communities over 10 miles from the nearest pharmacy, limiting their access to medications and pharmacist care. Traditional mail-order prescriptions can take up to 10 days to arrive, leaving many underserved... As of 2019, seven in 10 hospitals [5]relied on fax machines and phone lines to transfer and retrieve patient records or order prescriptions. Nearly a third of physicians have said they spend 20 hours or more a week on paperwork and administrative tasks...

>

> The new, smaller pharmacies complement Amazon Pharmacy's existing, highly automated pharmacy fulfillment sites that feature robotic arms and other automation, overseen by a team of highly trained, licensed pharmacists and pharmacy technicians.

CNBC adds that in the last year Amazon has also [6]tested prescription deliveries by drone in one Texas city.



[1] https://www.cnbc.com/2024/10/09/amazon-same-day-prescription-delivery-expanding-to-half-of-us-in-2025.html

[2] https://www.engadget.com/big-tech/amazon-to-bring-same-day-prescription-deliveries-to-nearly-half-of-the-us-next-year-185708164.html

[3] https://www.aboutamazon.com/news/retail/amazon-pharmacy-expands-same-day-prescription-delivery-united-states

[4] https://jamanetwork.com/journals/jamanetworkopen/fullarticle/2822776?resultClick=1#google_vignette

[5] https://www.computerworld.com/article/1626950/the-fax-is-still-king-in-healthcare-and-its-not-going-away-anytime-soon.html

[6] https://www.cnbc.com/2023/10/18/amazon-begins-delivering-medications-by-drone-in-texas.html

Eli Lilly and Novo Nordisk are leading efforts to [1]curb the sale of compounded GLP-1 medications . Lilly has issued hundreds of cease-and-desist letters to entities selling compounded tirzepatide, following the end of its FDA-declared shortage. Novo Nordisk, whose semaglutide drugs remain in shortage, is taking a different approach. The company [2]published a peer-reviewed study in Pharmaceutical Research, highlighting quality concerns in compounded semaglutide samples, including lower-than-claimed strength and banned ingredients. These actions signal a broader industry pushback against compounders who entered the market during drug shortages. Wired adds:

> With mounting evidence that GLP-1s like tirzepatide are [3]an effective treatment for other ailments beyond obesity and diabetes -- including addiction and Parkinson's disease -- demand is only expected to increase. It remains to be seen whether the pharmaceutical companies will be able to keep pace with the demand or if the meds will go back into shortage and compounders will be able to bound back into the market.



[1] https://www.wired.com/story/crackdown-compounded-glp-1-lilly-mounjaro-zepbound/

[2] https://link.springer.com/epdf/10.1007/s11095-024-03771-6

[3] https://www.wired.com/story/the-benefits-of-ozempic-are-multiplying/

The PC market is [1]not showing many signs of a rebound , despite the hype around AI PCs, with market watchers split over whether unit shipments are up or down slightly. From a report:

> Those magical AI PC boxes were supposed to fire up buyer enthusiasm and spur the somewhat listless market for desktop and laptop systems into significant growth territory, but that doesn't appear to be happening. According to the latest figures from Gartner, global PC shipments totaled 62.9 million units during Q3 of this year, representing a 1.3 percent decline compared with the same period last year. However, this does follow three consecutive quarters of modest growth.

>

> "Even with a full line-up of Windows-based AI PCs for both Arm and x86 in the third quarter of 2024, AI PCs did not boost the demand for PCs since buyers have yet to see their clear benefits or business value," commented Gartner Director Analyst Mikako Kitagawa. This is perhaps understandable when AI PCs are largely just a marketing concept, and vendors can't agree on exactly what the the definition of an AI PC should be. Even worse, some buyers of Arm-based Copilot+ machines discovered that their performance isn't actually very good with some applications.



[1] https://www.theregister.com/2024/10/10/pc_market_gartner_canalys/

"Boeing said Friday it will cull 10 percent of its workforce — roughly 17,000 jobs," [1]reports the Washington Post , "as the aviation giant grapples with mounting losses and manufacturing disruptions amid a machinists strike that has dragged into a fifth week."

> Executives, managers and production employees will be affected by the cuts, chief executive Kelly Ortberg informed employees Friday in a memo. Boeing will also delay the launch of its 777X plane until 2026 due to ongoing challenges, Ortberg wrote... The layoffs add to the pain at Boeing, where a stalemate between the company's largest employee union dovetails with ongoing legal troubles and safety woes. The strike has halted production of some of the company's best-selling jets, further adding to its financial troubles. In the past five years, Boeing has lost more than $25 billion...

>

> "Our business is in a difficult position, and it is hard to overstate the challenges we face together," Ortberg said in the memo. "The state of our business and our future recovery require tough actions...." Now at risk of a downgrade to its credit rating as its circumstances worsen, Boeing has taken other steps to reduce expenses, including imposing a hiring freeze and eliminating unnecessary travel.

"The strike by Boeing machinists is costing the company roughly $1 billion a month, according to estimates from S&P Global..."



[1] https://www.msn.com/en-us/money/news/boeing-will-shed-17-000-jobs-as-finacial-woes-deepen/ar-AA1s7jMc