Long-time Slashdot reader [1]theodp writes:

> Over at the

>> Communications of the ACM

> , Bard College CS Prof Valerie Barr explains why she's [2]Feeling Cranky About AI and CS Education . Having seen CS education go through a number of we-have-to-teach-this moments over the decades — introductory programming languages, the Web, Data Science, etc. — Barr turns her attention to the next hand-wringing "what will we do" CS education moment with AI.

>

> "We're jumping through hoops without stopping first to question the run-away train," Barr writes...

>

> Barr calls for stepping back from "the industry assertion that the ship has sailed, every student needs to use AI early and often, and there is no future application that isn't going to use AI in some way" and instead thoughtfully "articulate what sort of future problem solvers and software developers we want to graduate from our programs, and determine ways in which the incorporation of AI can help us get there."

From the article:

> In much discussion about CS education:

>

> a.) There's little interest in interrogating the downsides of generative AI, such as the environmental impact, the data theft impact, the treatment and exploitation of data workers.

>

> b.) There's little interest in considering the extent to which, by incorporating generative AI into our teaching, we end up supporting a handful of companies that are burning billions in a vain attempt to each achieve performance that is a scintilla better than everyone else's.

>

> c.) There's little interest in thinking about what's going to happen when the LLM companies decide that they have plateaued, that there's no more money to burn/spend, and a bunch of them fold—but we've perturbed education to such an extent that our students can no longer function without their AI helpers.



[1] https://slashdot.org/~theodp

[2] https://cacm.acm.org/blogcacm/feeling-cranky-about-ai-and-cs-education/

"On a recent assignment to test defenses, Dave Brauchler of the cybersecurity company NCC Group tricked a client's AI program-writing assistant into executing programs that forked over the company's databases and code repositories," [1]reports the Washington Post .

"We have never been this foolish with security," Brauchler said...

> Demonstrations at last month's Black Hat security conference in Las Vegas included other attention-getting means of exploiting artificial intelligence. In one, an imagined attacker sent documents by email with hidden instructions aimed at ChatGPT or competitors. If a user asked for a summary or one was made automatically, the program would execute the instructions, even finding digital passwords and sending them out of the network. A similar attack on Google's Gemini didn't even need an attachment, just an email with hidden directives. The AI summary [2]falsely told the target an account had been compromised and that they should call the attacker's number, mimicking successful phishing scams.

>

> The threats become more concerning with the rise of agentic AI, which empowers browsers and other tools to conduct transactions and make other decisions without human oversight. Already, security company Guardio has [3]tricked the agentic Comet browser addition from Perplexity into buying a watch from a fake online store and to follow instructions from a fake banking email...

>

> Advanced AI programs also are beginning to be used to find previously undiscovered security flaws, the so-called zero-days that hackers highly prize and exploit to gain entry into software that is configured correctly and fully updated with security patches. Seven teams of hackers that developed autonomous "cyber reasoning systems" for a contest held last month by the Pentagon's Defense Advanced Research Projects Agency were able to find a total of 18 zero-days in 54 million lines of open source code. They worked to patch those vulnerabilities, but officials said hackers around the world are developing similar efforts to locate and exploit them. Some longtime security defenders are predicting a once-in-a-lifetime, [4]worldwide mad dash to use the technology to find new flaws and exploit them, leaving back doors in place that they can return to at leisure.

>

> The real nightmare scenario is when these worlds collide, and an attacker's AI finds a way in and then starts communicating with the victim's AI, working in partnership — "having the bad guy AI collaborate with the good guy AI," as SentinelOne's [threat researcher Alex] Delamotte put it. "Next year," said Adam Meyers, senior vice president at CrowdStrike, "AI will be the new insider threat."

In August more than 1,000 people [5]lost data to a modified Nx program (downloaded hundreds of thousands of times) that used pre-installed coding tools from Google/Anthropic/etc. According to the article, the malware "instructed those programs to root out" sensitive data (including passwords or cryptocurrency wallets) and send it back to the attacker. "The more autonomy and access to production environments such tools have, the more havoc they can wreak," the article points out — including this quote from SentinelOne threat researcher Alex Delamotte.

"It's kind of unfair that we're having AI pushed on us in every single product when it introduces new risks."



[1] https://www.msn.com/en-us/news/technology/artificial-intelligence-ushers-in-a-golden-age-of-hacking-experts-say/ar-AA1MWPHB

[2] https://0din.ai/blog/phishing-for-gemini

[3] https://guard.io/labs/scamlexity-we-put-agentic-ai-browsers-to-the-test-they-clicked-they-paid-they-failed

[4] https://www.linkedin.com/feed/update/urn:li:activity:7366486915878924288/

[5] https://www.securityweek.com/hackers-target-popular-nx-build-system-in-first-ai-weaponized-supply-chain-attack/

Long-time Slashdot reader [1]fahrbot-bot shared [2]this report from ZME Science

> Researchers from the University of Turku, in collaboration with Aalto University and Wageningen University, have developed a bio-based UV protection film for solar cells that not only blocks nearly all harmful ultraviolet light but also outperforms commercial plastic films. The key ingredient is a water extract made from red onion skins...

>

> [T]he same sunlight that powers [solar cells] can also degrade their delicate components — particularly the electrolyte inside dye-sensitized solar cells (DSSCs), a type known for their flexibility and low-light performance. To mitigate this, manufacturers typically wrap cells in UV-protective films made from petroleum-based plastics like polyethylene terephthalate (PET). But these plastics degrade over time and are difficult to recycle... Nanocellulose can be processed into thin, transparent films that serve as the perfect substrate for UV-blocking compounds.

>

> Their breakthrough came when they dyed these films using an extract from red onion skins, a common kitchen waste. The result was a filter that blocked 99.9% of UV radiation up to 400 nanometers, a feat that outstripped even the PET-based commercial filters chosen for comparison... [T]he onion-treated filter excelled: it let through over 80% of light in the 650-1,100 nm range — an ideal sweet spot for energy absorption... Even predictive modeling based on early degradation trends suggested the CNF-ROE filter could extend a solar cell's lifetime to roughly 8,500 hours. The PET-based filter? Just 1,500 hours... [T]he red onion extract offered a rare combination of longevity, transparency, and sustainability...

>

> The team envisions biodegradable solar cells for smart packaging, remote sensors, or wearable devices — especially in applications where recovery and recycling are not feasible. Their work is part of the BioEST project, funded by the Research Council of Finland, which supports sustainable innovation across electronics and materials science. This achievement taps into a broader movement to decarbonize every step of solar energy production. Plastic packaging is one of the overlooked sources of emissions in clean technology. Swapping out fossil-based plastics for biodegradable alternatives helps close that loop...

>

> The findings appeared in the journal [3]Applied Optical Materials .



[1] https://www.slashdot.org/~fahrbot-bot

[2] https://www.zmescience.com/science/news-science/a-new-solar-panel-shield-made-from-onion-peels-outlasted-industry-plastics-in-tests/

[3] https://pubs.acs.org/doi/10.1021/acsaom.4c00484

In a debate on employment rights, a [1]U.K. Parliament member brought up Meta's former director of global public policy Sarah Wynn-Williams

> Louise Haigh, the former Labour transport secretary, said Wynn-Williams was facing a fine of $50,000 (£37,000) every time she breached an [2]order secured by Meta preventing her from talking disparagingly about the company... "I am sure that the whole house and the government will stand with Sarah as we pass this legislation to ensure that whistleblowers and those with the moral courage to speak out are always protected...."

>

> Meta has emphasised that Wynn-Williams entered into the non-disparagement agreement voluntarily as part of her departure. Meta said that to date, Wynn-Williams had not been forced to make any payments under the agreement... [The ruling came after Wynn-Williams published an exposé in March about her time at Facebook titled Careless People: A Cautionary Tale of Power, Greed, and Lost Idealism .] The ruling stated Wynn-Williams should stop promoting the book and, to the extent she could, stop further publication... Wynn-Williams has not spoken in public since appearing at the Senate hearing in April.

Wynn-Williams "remains silenced" according to her lawyer, who tells the Guardian that Meta's arbitration proceedings in the U.K. "threaten to bankrupt" the whistleblower.



[1] https://www.theguardian.com/technology/2025/sep/21/meta-expose-author-sarah-wynn-williams-faces-bankruptcy-after-ban-on-criticising-company

[2] https://www.theguardian.com/technology/2025/mar/13/meta-careless-people-book-former-employee

A July combat training exercise involved a satellite dish-style antenna that "could fire enough electromagnetic energy to fry the satellite 22,000 miles away," [1]reports the Washington Post . But "Instead, the salvo would be more covert — millisecond pulses of energy that would subtly disrupt the satellite's signals, which U.S. military forces were using to communicate in the Pacific Ocean."

> The goal was to disguise the strike as a garbled connection that could be easily remedied by securing a loose cable or a simple reboot, leaving U.S. service members frustrated without raising their suspicions. [And using less power "would make it harder for the Blue Team to track where the interference was coming from."] This is how the next war could start: invisible shots fired in space on the electromagnetic spectrum that could render U.S. fighter jets and aircraft carriers deaf and blind, unable to communicate. In this case, the "aggressors" targeting the U.S. satellite were not from China or Russia, but rather an elite squadron of U.S. Space Force Guardians mimicking how potential adversaries would act in a conflict that begins in orbit... Involving more than 700 service members and spanning 50 million square miles and six time zones, the training exercise, called Resolute Space, was observed firsthand exclusively by The Washington Post.

The article describes leadership at the U.S. Space Force "still honing their mission while jousting with adversaries, such as China, that are moving quickly and conducting combat-like operations in orbit... While the Space Force continues to evolve, many defense analysts and some members of Congress fear the United States has already ceded its dominance in space to China and others."

> With a budget of just $40 billion, the relatively tiny Space Force makes up just about 4 percent of the Defense Department's budget and less than 1 percent of its personnel. It has more than 15,000 Guardians, which also includes several thousand civilians. By comparison, the Army has nearly 1 million soldiers. The Space Force has been squeezed under the department of the Air Force and struggled to distinguish itself from the other branches...

>

> China, Russia and others have demonstrated that they can take out or interfere with the satellites operated by the Pentagon and intelligence agencies that provide the nation's missile warning and tracking, reconnaissance and communications. China in particular has moved rapidly to build an arsenal of space-based weapons... [R]ecently, several of China's satellites have engaged in what Space Force officials have called "dogfighting," jousting with U.S. satellites at high speeds and close ranges.



[1] https://www.msn.com/en-us/news/us/inside-the-space-force-as-it-prepares-for-a-new-kind-of-war/ar-AA1MT3FB

Near Microsoft's headquarters in Redmond, the Five Stones coffee shop advertised for a barista a few months ago — and started getting resumes from "people who listed Microsoft and other tech companies," [1]writes the Wall Street Journal :

> The applicants typically had master's degrees and experience in graphic design or marketing roles, Andrews said — sometimes senior ones. They were applying to jobs at Five Stones that would pay Redmond's minimum wage, $16.66 an hour. Five Stones hasn't yet hired such candidates because the coffee shop gives priority to more traditional entry-level baristas, like high-schoolers...

>

> [Microsoft and Amazon] have laid off more than 46,000 employees since 2023, according to Layoffs.fyi, which tracks workforce reductions. That represents 85% of layoffs by Seattle-area tech companies... As Amazon and Microsoft have made cuts — and other local tech firms including Expedia and Redfin have followed suit — the effects have rippled through Seattle's other business sectors. Weakness in payroll and sales tax contributed to a projected $146 million shortfall in revenue over the next two years. Restaurant and retail spending is down in the business and shopping districts surrounding Amazon's and Microsoft's campuses, with total transactions falling by as much as 7% in some popular areas in the past year, according to data from Square. In the first half of 2025, around 450 restaurants closed in Seattle, or about 16% of its total. "At the halfway point of the year, we've already seen as many closures as we'd usually see in a full year," said Anthony Anton, chief executive officer of the Washington Hospitality Association.

>

> Uber driver Juan Prado made six figures in 2021, often shuttling passengers in town for job interviews and doing frequent drop-offs near downtown tech offices. Now, he said, demand is much lower. "There are moments where you can be online, and in certain areas, it shows nothing...." Seattle tech firms are asking for significantly fewer job placements than years ago, said Noelle McDonald, senior vice president at recruiting company Aquent, which counts Amazon and Microsoft as clients. Hiring windows have lengthened and open roles receive around 10 times as many applications.

And of course, "Commercial real-estate vacancies stand at a record high as offices built to accommodate a boom sit empty... "

While some laid-off employees launched their own startups, "the outlook for many tech workers is dour as companies invest in software tools they can use to streamline teams," the article points out. Microsoft CEO Satya Nadella "has said the company is increasingly looking to AI to perform coding and other tasks once done by people," while in June, Amazon "said [2]its workforce would shrink going forward ."



[1] https://www.msn.com/en-us/money/realestate/seattle-tech-boomtown-grapples-with-a-future-of-fewer-tech-jobs/ar-AA1MYI6q

[2] https://www.wsj.com/tech/ai/amazon-ceo-says-ai-will-lead-to-job-cuts-5401ab17

Writing in Communications of the ACM , former Go tech lead Russ Cox warns [1]we need to keep improving defenses of software supply chains , highlighting "promising approaches that should be more widely used" and "areas where more work is needed."

> There are important steps we can take today, such as adopting software signatures in some form, making sure to scan for known vulnerabilities regularly, and being ready to update and redeploy software when critical new vulnerabilities are found. More development should be shifted to safer languages that make vulnerabilities and attacks less likely. We also need to find ways to fund open source development to make it less susceptible to takeover by the mere offer of free help. Relatively small investments in OpenSSL and XZ development could have prevented both the Heartbleed vulnerability and the XZ attack.

Some highlights from the 5,000-word article:

Make Builds Reproducible . "The [2]Reproducible Builds project aims to raise awareness of reproducible builds generally, as well as building tools to help progress toward complete reproducibility for all Linux software. The Go project recently arranged for Go itself to be [3]completely reproducible given only the source code... A build for a given target produces the same distribution bits whether you build on Linux or Windows or Mac, whether the build host is X86 or ARM, and so on. Strong reproducibility makes it possible for others to easily verify that the binaries posted for download match the source code..."

Prevent Vulnerabilities. "The most secure software dependencies are the ones not used in the first place: Every dependency adds risk... Another good way to prevent vulnerabilities is to use safer programming languages that remove error-prone language features or make them needed less often..."

Authenticate Software . ("Cryptographic signatures make it impossible to nefariously alter code between signing and verifying. The only problem left is key distribution...") "The [4]Go checksum database is a real-world example of this approach that protects millions of Go developers. The database holds the SHA256 checksum of every version of every public Go module..."

Fund Open Source. [Cox first cites [5]the XKCD cartoon "Dependencies ," calling it "a disturbingly accurate assessment of the situation..."] "The XZ attack is the clearest possible demonstration that the problem is not fixed. It was enabled as much by underfunding of open source as by any technical detail."

The article also emphasized the importance of finding and fixing vulnerabilities quickly, arguing that software attacks must be made more difficult and expensive.

"We use source code downloaded from strangers on the Internet in our most critical applications; almost no one is checking the code.... We all have more work to do."



[1] https://cacm.acm.org/practice/fifty-years-of-open-source-software-supply-chain-security/

[2] https://reproducible-builds.org/

[3] https://go.dev/blog/rebuild

[4] https://go.googlesource.com/proposal/+/master/design/25530-sumdb.md

[5] https://xkcd.com/2347/

Mickey Mouse's first movie Steamboat Willie [1]entered the public domain in 2024 .

Now one of America's largest personal injury firms is suing Disney, [2]reports the Associated Press , "in an effort to get a ruling that would allow it to use Steamboat Willie in advertisements..."

> [The law firm said] it had reached out to Disney to make sure the entertainment company wouldn't sue them if they used images from the animated film for their TV and online ads. Disney's lawyers responded by saying they didn't offer legal advice to third parties, according to the lawsuit. Morgan & Morgan said it was filing the lawsuit to get a decision because it otherwise feared being sued by Disney for trademark infringement if it used Steamboat Willie.

"Without waiver of any of its rights, Disney will not provide such advice in response to your letter," Disney's attorneys wrote in their letter (adding "Very truly yours..."). A [3]local newscast showed a glimpse of the letter , along with a few seconds of the ad (which ends with Minnie Mouse pulling out a cellphone to call for a lawyer...)

Attorney John Morgan tells the newscast that Disney's legal team "is playing cute, and so we're just trying to get a yes or no answer.. They wrote us back a bunch of mumbo-jumbo that made no sense, didn't answer the question. We tried it again, they didn't answer the question..." (The newscast adds that the case isn't expected to go to court for at least a year.)



[1] https://slashdot.org/story/22/12/28/1455209/mickeys-copyright-adventure-early-disney-creation-will-soon-be-public-property

[2] https://apnews.com/article/disney-morgan-morgan-steamboat-willie-6f8b8ab3fa1d7168424803f38d09838a

[3] https://youtu.be/DThJtvF6_4c?si=YE2YAWt3wx6VvpV2

It's not just [1]glitches at the launch of the Meta Ray-Ban Display smart glasses ... The New York Times [2]remains skeptical of its market share :

> [Meta's] smart glasses remain a niche. As of February, Meta had sold about two million of its $300 Ray-Ban Meta camera glasses since their 2023 debut, and it hopes to sell 10 million annually by the end of 2026, which is a tiny amount for a company this size. In the last decade, Meta has spent over $100 billion on its virtual and augmented reality division, which includes its smart glasses and is not profitable. Last quarter, the division reported a $4.5 billion loss, nearly the same as a year ago.

"Meta's Smart Glasses Might Make You Smarter. They'll Certainly Make You More Awkward," [3]joked a recent Wired headline .

But the Wall Street Journal does report there's "a growing group of blind users... [4]finding the devices to be more of a life-enhancing tool than a cool accessory." Jonathan Mosen, executive director at the nonprofit National Federation of the Blind said he'd like to see Meta continue to invest in the glasses. "It's giving significant accessibility benefits at a price point people can afford."

> He has used them a few times to record video of ride-share drivers refusing to give him and his wife a ride because she travels with a guide dog. Denying rides to people with service animals is illegal in many countries, including the U.S.

>

> Another concern for blind users is that AI assistants in general are prone to making errors, or so-called hallucinations, which may not be apparent. Aaron Preece, who is blind and editor in chief of American Foundation for the Blind's AccessWorld magazine, said Meta's glasses recently failed to correctly read the number on the door to his home. "I just can't trust it," he said. "It's more of a novelty than something I'd use on a day-to-day basis."

When it comes to innovative technology, CNET seems more excited about Meta's [5]display-controlling "neural wristband " accessory. Instead of camera-based hand tracking, these muscle-sensing bands "can register gestural moves like pinches, taps, thumb swipes, and maybe even typing over time..."



[1] https://tech.slashdot.org/story/25/09/21/023248/glitches-humiliated-zuck-in-smart-glasses-launch-meta-cto-explains-what-happened

[2] https://www.nytimes.com/2025/09/20/technology/personaltech/meta-smart-glasses-mark-zuckerberg.html

[3] https://www.wired.com/story/meta-smart-glasses-cognitive-disadvantage/

[4] https://www.msn.com/en-us/lifestyle/shopping/meta-s-ai-powered-ray-bans-are-life-enhancing-for-the-blind/ar-AA1zcBVZ

[5] https://www.cnet.com/tech/computing/the-incredible-part-of-metas-next-smart-glasses-could-be-on-your-wrist/

When Meta finally unveiled its [1]newest smart glasses , CEO Mark Zuckerberg "drew more snickers than applause," [2]wrote the New York Times . (Mashable [3]points out a [4]video call failing onstage followed by [5]an unsuccessful recipe demonstration .)

Meta chief technology officer Andrew Bosworth later [6]explained the funny reason their demo didn't work , reports TechCrunch, while answering questions on Instagram:

> "When the chef said, 'Hey, Meta, start Live AI,' it started every single Ray-Ban Meta's Live AI in the building. And there were a lot of people in that building," Bosworth explained. "That obviously didn't happen in rehearsal; we didn't have as many things," he said, referring to the number of glasses that were triggered... The second part of the failure had to do with how Meta had chosen to route the Live AI traffic to its development server to isolate it during the demo. But when it did so, it did this for everyone in the building on the access points, which included all the headsets. "So we DDoS'd ourselves, basically, with that demo," Bosworth added... Meta's dev server wasn't set up to handle the flood of traffic from the other glasses in the building — Meta was only planning for it to handle the demos alone.

>

> The issue with the failed WhatsApp call, on the other hand, was the result of a new bug. The smart glasses' display had gone to sleep at the exact moment the call came in, Bosworth said. When Zuckerberg woke the display back up, it didn't show the answer notification to him. The CTO said this was a "race condition" bug... "We've never run into that bug before," Bosworth noted. "That's the first time we'd ever seen it. It's fixed now, and that's a terrible, terrible place for that bug to show up." He stressed that, of course, Meta knows how to handle video calls, and the company was "bummed" about the bug showing up here... "It really was just a demo fail and not, like, a product failure," he said.

Thanks to Slashdot reader [7]fjo3 for sharing the news.



[1] https://hardware.slashdot.org/story/25/09/15/2049228/meta-ray-ban-display-glasses-design-hud-clips-leak

[2] https://www.nytimes.com/2025/09/20/technology/personaltech/meta-smart-glasses-mark-zuckerberg.html

[3] https://mashable.com/article/mark-zuckerberg-failed-demo-meta-ray-ban-display-glasses

[4] https://x.com/ns123abc/status/1968473847901880678

[5] https://x.com/TechCrunch/status/1968473437472448727

[6] https://techcrunch.com/2025/09/19/meta-cto-explains-why-the-smart-glasses-demos-failed-at-meta-connect-and-it-wasnt-the-wi-fi/

[7] https://slashdot.org/~fjo3

The consumer advocacy nonprofit PIRG (Public Interest Research Group) is now petitioning Microsoft to reconsider pulling support for Windows 10 in 2025, since "as many as 400 million perfectly good computers that can't upgrade to Windows 11 will be thrown out." In [1]a petition addressed to Microsoft CEO Satya Nadella , the group warned the October 14 end of free support could cause "the single biggest jump in junked computers ever, and make it impossible for Microsoft to hit their sustainability goals."

> About 40% of PCs currently in use can't upgrade to Windows 11, even if users want to... Less than a quarter of electronic waste is recycled, so most of those computers will end up in landfills.

Consumer Reports recently also [2]urged Microsoft to not to "strand millions of customers .". And now more groups are also pushing back, according to a [3]post from the blog Windows : Central

> The Restart Project co-developed the " [4]End of 10" toolkit , which is designed to support Windows 10 users who can't upgrade to Windows 11 after the operating system hits its end-of-support date.

They also note that a Paris-based company called Back Market plans to sell Windows 10 laptops [5]refurbished with Ubuntu Linux or ChromeOS Flex . ("We refuse to watch hundreds of millions of perfectly good computers end up in the trash as e-waste," explains their web site.) [6]Back Market's ad promises an "up-to-date, secure operating system — so instead of paying for a new computer you don't need, you can help us give this one a brand new life."

Right now Windows 10 holds 71.9% of Microsoft's market share, with Windows 11 at 22.95%, according to figures from StatCounter [7]cited by the blog Windows Central . And HP and Dell " [8]recently indicated that half of the global PCs are still running Windows 10," according to [9]another Windows Central post...



[1] https://pirg.org/take-action/tell-microsoft-to-extend-free-support-for-windows-10/

[2] https://tech.slashdot.org/story/25/09/16/206245/consumer-reports-asks-microsoft-to-keep-supporting-windows-10

[3] https://www.windowscentral.com/microsoft/windows-10/refurbished-windows-10-pc-back-market-programmed-obsolescence

[4] https://therestartproject.org/end-of-windows-10-toolkit-for-repair-groups/

[5] https://www.fastcompany.com/91403854/back-market-is-turning-old-windows-10-pcs-into-99-chromebooks

[6] https://www.youtube.com/watch?v=6uMQUZUi2S4

[7] https://www.windowscentral.com/software-apps/windows-11/windows-11-adoption-shows-a-slight-drop-versus-windows-10

[8] https://www.windowscentral.com/microsoft/windows-10/hp-and-dell-say-half-of-todays-pcs-still-run-windows-10

[9] https://www.windowscentral.com/microsoft/windows-10/refurbished-windows-10-pc-back-market-programmed-obsolescence

Last week the Guardian reported on " [1]thousands of AI workers contracted for Google through Japanese conglomerate Hitachi's GlobalLogic to rate and moderate the output of Google's AI products, including its flagship chatbot Gemini... and its summaries of search results, AI Overviews."

> "AI isn't magic; it's a pyramid scheme of human labor," said Adio Dinika, a researcher at the Distributed AI Research Institute based in Bremen, Germany. "These raters are the middle rung: invisible, essential and expendable...." Ten of Google's AI trainers the Guardian spoke to said they have grown disillusioned with their jobs because they work in siloes, face tighter and tighter deadlines, and feel they are putting out a product that's not safe for users... In May 2023, a contract worker for Appen submitted a letter to the US Congress that the pace imposed on him and others would make Google Bard, Gemini's predecessor, [2]a "faulty" and "dangerous" product

This week Google laid off 200 of those moderating contractors, [3]reports Wired . "These workers, who often are hired because of their specialist knowledge, had to have either a master's or a PhD to join the super rater program, and typically include writers, teachers, and people from creative fields."

> Workers still at the company claim they are increasingly concerned that they are being set up to replace themselves. According to internal documents viewed by WIRED, GlobalLogic seems to be using these human raters to train the Google AI system that could automatically rate the responses, with the aim of replacing them with AI. At the same time, the company is also finding ways to get rid of current employees as it continues to hire new workers. In July, GlobalLogic made it mandatory for its workers in Austin, Texas, to return to office, according to a notice seen by WIRED...

>

> Some contractors attempted to unionize earlier this year but claim those efforts were quashed. Now they allege that the company has retaliated against them. Two workers have filed a complaint with the National Labor Relations Board, alleging they were unfairly fired, one due to bringing up wage transparency issues, and the other for advocating for himself and his coworkers. "These individuals are employees of GlobalLogic or their subcontractors, not Alphabet," Courtenay Mencini, a Google spokesperson, said in a statement...

"Globally, other AI contract workers are fighting back and organizing for better treatment and pay," the article points out, noting that content moderators from around the world facing similar issues formed the Global Trade Union Alliance of Content Moderators which includes workers from Kenya, Turkey, and Colombia.

Thanks to long-time Slashdot reader [4]mspohr for sharing the news.



[1] https://www.theguardian.com/technology/2025/sep/11/google-gemini-ai-training-humans?CMP=share_btn_url

[2] https://www.bloomberg.com/news/articles/2023-07-12/google-s-ai-chatbot-is-trained-by-humans-who-say-they-re-overworked-underpaid-and-frustrated

[3] https://www.wired.com/story/hundreds-of-google-ai-workers-were-fired-amid-fight-over-working-conditions/

[4] https://slashdot.org/~mspohr

A large U.S.-made bomb left over from World War II was discovered at a construction site, [1]reports the Associated Press :

> Police said the bomb was 1.5 meters (nearly 5 feet) in length and weighed about 1,000 pounds (450 kilograms). It was discovered by construction workers in Quarry Bay, a bustling residential and business district on the west side of Hong Kong island... [A police official] said that because of "the exceptionally high risks associated with its disposal," approximately 1,900 households involving 6,000 individuals were "urged to evacuate swiftly." The operation to deactivate the bomb began late Friday and lasted until around 11:30 a.m. Saturday. No one was injured in the operation.

>

> Bombs left over from World War II are discovered from time to time in Hong Kong. The city was occupied by Japanese forces during the war, when it became a base for the Japanese military and shipping. The United States, along with other Allied forces, targeted Hong Kong in air raids to disrupt Japanese supply lines and infrastructure.

"Bombs from the war have triggered evacuations and emergency measures around the globe in recent months," [2]reports CBS News :

> Earlier this month, a [3]500-pound bomb was discovered in Slovakia's capital during construction work, prompting evacuations. In August, large parts of Dresden, Germany, were [4]evacuated so experts could defuse an unexploded World War II bomb found during clearance work for a collapsed bridge. In June, over [5]20,000 people were evacuated from Cologne after three unexploded U.S. bombs from the war were found... In March, a World War II bomb [6]was found near the tracks of Paris' Gare du Nord station. In February, more than 170 bombs were [7]found near a children's playground in northern England. And in October 2024, a World War II bomb [8]exploded at a Japanese airport.



[1] https://apnews.com/article/ww2-bomb-defused-hong-kong-0bc14ce5cc6e7b1b96d04ae60093b2a3

[2] https://www.cbsnews.com/news/american-wwii-bomb-hong-kong-thousands-evacuated/

[3] https://www.cbsnews.com/news/world-war-ii-bomb-found-slovakia-evacuations/

[4] https://www.cbsnews.com/news/world-war-ii-bomb-dresden-germany-evacuations/

[5] https://www.cbsnews.com/news/3-world-war-ii-bombs-found-cologne-evacuations/

[6] https://www.cbsnews.com/news/world-war-ii-bomb-paris-train-station-unexploded-gare-du-nord/

[7] https://www.cbsnews.com/news/world-war-ii-bombs-found-children-playground-uk/

[8] https://www.cbsnews.com/news/us-wwii-bomb-explodes-japan-airport-runway-flights-canceled/

"A cyberattack targeting check-in and boarding systems disrupted air traffic and caused delays at several of Europe's major airports on Saturday," [1]reports the Associated Press .

"While the impact on travelers appeared to be limited, experts said the intrusion exposed vulnerabilities in security systems."

> The disruptions to electronic systems initially reported at Brussels, Berlin's Brandenburg and London's Heathrow airports meant that only manual check-in and boarding was possible. Many other European airports said their operations were unaffected... Airports said the issue centered around a provider of check-in and boarding systems — not airlines or the airports themselves. Collins Aerospace, whose systems help passengers check themselves in, print boarding passes and bag tags and dispatch their luggage from a kiosk, cited a "cyber-related disruption" to its MUSE (Multi-User System Environment) software at "select airports."

Brussels Airport initially reported a "large impact" on flight schedules," according to the article, with a spokesperson telling broadcaster VTM that by mid-morning nine flights had been canceled, with four more redirected to another airport and 15 delayed an hour or more. The airport later [2]told Reuters there were "delays on most of the departing flights."

Reuters notes it's "the latest in a string of hacks targeting governments and companies across the world, hitting sectors from healthcare and [3]defence to [4]retail and autos.:

> A [5]recent breach at luxury carmaker Jaguar Land Rover brought its production to a halt...

>

> At Heathrow, Berlin and Brussels, 29 flight departures and arrivals had been cancelled as of 1130 GMT, aviation data provider Cirium said. In total, 651 departures were scheduled from Heathrow, 228 from Brussels and 226 from Berlin on Saturday... Brussels Airport said it had asked airlines to cancel half of their scheduled departing flights on Sunday to avoid long queues and late cancellations, signalling that the disruption would continue through the weekend.

>

> A European Commission spokesperson said there were currently no indications of a "widespread or severe attack" and that the origin of the incident was still under investigation.



[1] https://apnews.com/article/europe-airports-cyberattack-29b6d890baf7ac3a22f0f2b2f169b890

[2] https://www.reuters.com/en/cyberattack-causes-flight-delays-cancellations-brussels-airport-2025-09-20/

[3] https://www.reuters.com/technology/cybersecurity/uk-military-personnels-data-accessed-hack-bbc-reports-2024-05-06/

[4] https://www.reuters.com/business/media-telecom/ms-digital-chief-exits-months-after-damaging-hack-2025-09-11/

[5] https://www.reuters.com/business/retail-consumer/uk-working-closely-with-jaguar-land-rover-after-cyber-incident-2025-09-19/

"Betelgeuse may have competition for the most exciting star about to go nova near Earth," [1]writes Space.com .

"Astronomers have discovered the secret of a strange star system that has baffled them for years, finding it contains a dead star about to erupt after [2]overfeeding on a stellar companion ."

> The supernova explosion of this cosmic cannibal could be as bright as the moon, making it visible with the naked eye over Earth even in broad daylight. The system in question is the [3]double star V Sagittae located around 10,000 light-years from Earth, containing a [4]white dwarf stellar remnant and its victim companion star, which orbit each other roughly twice every Earth day. The new research and the revelation of this white dwarf's imminent catastrophic fate answer questions about V Sagittae that have lingered for 123 years...

>

> White dwarfs represent the final stage of stars with masses around that of the sun, occurring when they run out of fuel for nuclear fusion... [W]hite dwarfs that have a stellar companion can get a second lease on life and a more conclusive and explosive end... [T]he stolen stellar material piles up on the surface of the white dwarf until it pushes this stellar remnant past the so-called [5]Chandrasekhar limit of 1.4 solar masses. This is the mass limit that a stellar remnant has to exceed to trigger a supernova...

>

> However, this team found something very different and extraordinary happening with the stellar material being stolen by the white dwarf in V Sagittae... This investigation revealed that there is a giant halo of gas comprised of material stolen from the companion star wrapped around both the cannibal white dwarf and its stellar victim... "The white dwarf cannot consume all the mass being transferred from its hot star twin, so it creates this bright cosmic ring," team member Pasi Hakala from the University of Turku said. "The speed at which this doomed stellar system is lurching wildly, likely due to the extreme brightness, is a frantic sign of its imminent, violent end."

>

> "The matter accumulating on the white dwarf is likely to produce a nova outburst in the coming years, during which V Sagittae would become visible with the naked eye," Pablo Rodríguez-Gil from Spain's Instituto de Astrofisica de Canarias said. "But when the two stars finally smash into each other and explode, this would be a supernova explosion so bright it'll be visible from Earth even in the daytime."

The research was conducted with the [6]Very Large Telescope (four individual telescopes high in the mountains of Chile) — and published last week in the journal [7] Monthly Notices of the Royal Astronomical Society .



[1] https://www.space.com/astronomy/exoplanets/doomed-cannibal-star-could-soon-explode-in-a-supernova-so-bright-it-would-be-visible-during-the-day

[2] https://www.southampton.ac.uk/news/2025/09/hungry-star-is-eating-its-cosmic-twin.page

[3] https://www.space.com/22509-binary-stars.html

[4] https://www.space.com/23756-white-dwarf-stars.html

[5] https://www.space.com/chandrasekhar-limit

[6] https://en.wikipedia.org/wiki/Very_Large_Telescope

[7] https://academic.oup.com/mnras/advance-article/doi/10.1093/mnras/staf1284/8233646?login=true

Fast Company [1]ran a contrarian take about AI from entrepreneur/thought leader Faisal Hoque, who argues there's three AI bubbles.

The first is a classic speculative bubble, with asset prices soaring above their fundamental values (like the 17th century's Dutch "tulip mania"). "The chances of this not being a bubble are between slim and none..."

> Second, AI is also arguably in what we might call an infrastructure bubble , with huge amounts being invested in infrastructure without any certainty that it will be used at full capacity in the future. This happened multiple times in the later 1800s, as railroad investors built thousands of miles of unneeded track to serve future demand that never materialized. More recently, [2]it happened in the late '90s with the rollout of huge amount of fiber optic cable in anticipation of internet traffic demand that didn't turn up until decades later. [3]Companies are pouring billions into GPUs, power systems, and cooling infrastructure, betting that demand will eventually justify the capacity. McKinsey analysts talk of [4]a $7 trillion "race to scale data centers " for AI, and just eight projects in 2025 already represent [5]commitments of over $1 trillion in AI infrastructure investment. Will this be like the railroad booms and busts of the late 1800s? It is impossible to say with any kind of certainty, but it is not unreasonable to think so.

>

> Third, AI is certainly in a hype bubble , which is where the promise claimed for a new technology exceeds reality, and the discussion around that technology becomes increasingly detached from likely future outcomes. Remember the hype around NFTs? That was a classic hype bubble. And AI has been in a similar moment for a while. All kinds of media — social, print, and web — are filled with AI-related content, while AI boosterism has been the mood music of the corporate world for the last few years. Meanwhile, a recent [6]MIT study reported that 95% of AI pilot projects fail to generate any returns at all.

But the article ultimately argues there's lessons in the 1990s dotcom boom: that "a thing can be hyped beyond its actual capabilities while still being important... When valuations correct — and they will — the same pattern will emerge: companies that focus on solving real problems with available technology will extract value before, during, and after the crash." The winners will be companies with systematic approaches to extracting value — adopting mixed portfolios with different time horizons and risk levels, while recognizing organizational friction points for a purposeful (and holistic) integration.

"The louder the bubble talk, the more space opens for those willing to take a methodical approach to building value."

Thanks to Slashdot reader [7]Tony Isaac for sharing the article.



[1] https://www.fastcompany.com/91400857/there-isnt-an-ai-bubble-there-are-three-ai-bu

[2] https://www.forbes.com/sites/danrunkevicius/2025/03/24/is-the-ai-boom-headed-for-its-dark-fiber-moment/

[3] https://www.cantorassetmanagement.com/2025/05/29/cantor-perspectives-ais-infrastructure-revolution-a-new-golden-age-of-investment/

[4] https://www.mckinsey.com/industries/technology-media-and-telecommunications/our-insights/the-cost-of-compute-a-7-trillion-dollar-race-to-scale-data-centers

[5] https://empirixpartners.com/the-trillion-dollar-horizon/

[6] https://www.artificialintelligence-news.com/wp-content/uploads/2025/08/ai_report_2025.pdf

[7] https://www.slashdot.org/~Tony+Isaac

The Shai-Hulud malware campaign [1]impacted hundreds of npm packages across multiple maintainers, reports Koi Security, including popular libraries like @ctrl/tinycolor and some packages maintained by CrowdStrike.

> Malicious versions embed a trojanized script (bundle.js) designed to steal developer credentials, exfiltrate secrets, and persist in repositories and endpoints through automated workflows.

Koi Security created a table of packages identified as compromised, promising it's "continuously updated" (and showing the last compromise detected Tuesday). Nearly all of the compromised packages have a status of "removed from NPM".

> Attackers published malicious versions of @ctrl/tinycolor and other npm packages, injecting a large obfuscated script (bundle.js) that executes automatically during installation. This payload repackages and republishes maintainer projects, enabling the malware to spread laterally across related packages without direct developer involvement. As a result, the compromise quickly scaled beyond its initial entry point, impacting not only widely used open-source libraries but also CrowdStrike's npm packages.

>

> The injected script performs credential harvesting and persistence operations. It runs TruffleHog to scan local filesystems and repositories for secrets, including npm tokens, GitHub credentials, and cloud access keys for AWS, GCP, and Azure. It also writes a hidden GitHub Actions workflow file (.github/workflows/shai-hulud-workflow.yml) that exfiltrates secrets during CI/CD runs, ensuring long-term access even after the initial infection. This dual focus on endpoint secret theft and backdoors makes Shai-Hulud one of the most dangerous campaigns ever compared to previous compromises.

"The malicious code also attempts to leak data on GitHub by making private repositories public," according to a [2]Tuesday blog post from security systems provider Sysdig :

> The Sysdig Threat Research Team (TRT) has been monitoring this worm's progress since its discovery. Due to quick response times, the number of new packages being compromised has slowed considerably. No new packages have been seen in several hours at the time...

Their blog post concludes "Supply chain attacks are increasing in frequency. It is more important than ever to monitor third-party packages for malicious activity."

Some [3]context from Tom's Hardware :

> To be clear: This campaign is distinct from the incident that we covered on Sept. 9, which saw [4]multiple npm packages with billions of weekly downloads compromised in a bid to steal cryptocurrency. The ecosystem is the same — attackers have clearly realized the GitHub-owned npm package registry for the Node.js ecosystem is a valuable target — but whoever's behind the Shai-Hulud campaign is after more than just some Bitcoin.



[1] https://www.koi.security/incident/shai-hulud-npm-supply-chain-attack-crowdstrike-tinycolor

[2] https://www.sysdig.com/blog/shai-hulud-the-novel-self-replicating-worm-infecting-hundreds-of-npm-packages

[3] https://www.tomshardware.com/tech-industry/cyber-security/shai-hulud-malware-campaign-dubbed-the-largest-and-most-dangerous-npm-supply-chain-compromise-in-history-hundreds-of-javascript-packages-affected

[4] https://www.tomshardware.com/tech-industry/cyber-security/javascript-packages-with-billions-of-downloads-were-injected-with-malicious-code-in-worlds-largest-supply-chain-hack-geared-to-steal-crypto-a-phishing-email-is-all-it-took-to-undermine-npm-packages

Long-time Slashdot reader [1]robinsrowe shared [2]this report from the Register :

> The C++ standards committee abandoned a detailed proposal to create a rigorously safe subset of the language, according to the proposal's co-author, despite continuing anxiety about memory safety. "The Safety and Security working group voted to prioritize [3]Profiles over Safe C++. Ask the Profiles people for an update. Safe C++ is not being continued," [4]Sean Baxter , author of the cutting-edge Circle C++ compiler, commented in June this year. The topic came up as developers like Simone Bellavia [5]noted the anniversary of the proposal and discovered a decision had been made on Safe C++.

>

> One year ago, Baxter [6]told The Reg that the project would enable C++ developers to get the memory safety of Rust, but without having to learn a new language. "Safe C++ prevents users from writing unsound code," he said. "This includes compile-time intelligence like borrow checking to prevent use-after-free bugs and initialization analysis for type safety." Safe C++ would enable incremental migration of code, since it only applies to code in the safe context. Existing unsafe code would run as before.

>

> Even the matter of whether the proposal has been abandoned is not clear-cut. Erich Keane, C++ committee member and co-chair of the C++ Evolution Working Group (EWG), said that Baxter's proposal "got a vote of encouragement where roughly 1/2 (20/45) of the people encouraged Sean's paper, and 30/45 encouraged work on profiles (with 6 neutral)... Sean is completely welcome to continue the effort, and many in the committee would love to see him make further effort on standardizing it."

>

> In response, Baxter said: "The Rust safety model is unpopular with the committee. Further work on my end won't change that. Profiles won the argument." He added that the [7]language evolution principles adopted by the EWG include the statement that "we should avoid requiring a safe or pure function annotation that has the semantics that a safe or pure function can only call other safe or pure functions." This, he said, is an "irreconcilable design disagreement...."



[1] https://www.slashdot.org/~robinsrowe

[2] https://www.theregister.com/2025/09/16/safe_c_proposal_ditched/

[3] https://developers.slashdot.org/story/25/02/09/0636247/c-on-steroids-bjarne-stroustrup-presents-guideline-enforcing-profiles-for-resource-and-type-safety

[4] https://www.reddit.com/r/cpp/comments/1lhbqua/comment/mz3u7cr/

[5] https://sibellavia.lol/posts/2025/09/safe-c-proposal-is-not-being-continued/

[6] https://www.theregister.com/2024/09/16/safe_c_plusplus/

[7] https://isocpp.org/std/standing-documents/sd-10-language-evolution-principles

Micro- and nanoplastic particles "infiltrate all systems of the body, including the brain," notes [1]the University of Rhode Island , "where they can accumulate and trigger Alzheimer's-like conditions, according to a new study by researchers in the University of Rhode Island College of Pharmacy."

[2] ScienceDaily shares the announcement :

> After a previous study that showed how [3]microplastics can infiltrate all systems of the body — including the blood-brain barrier, which protects the brain from harmful substances as small as viruses and bacteria — University of Rhode Island pharmacy assistant professor Jaime Ross expanded the study to determine the brain health impacts of the plastic toxins. Her findings indicate that the accumulation of micro- and nanoplastics in the brain can lead to cognitive decline and even Alzheimer's disease, especially in those who carry genetic risk factors.

>

> Ross' latest study, published recently [4]in the journal Environmental Research Communications , examined mice that had been genetically modified to include the naturally occurring gene APOE4, a strong indicator of Alzheimer's risk making people 3.5 times more likely to develop the disease than those who carry the APOE3 variant of the gene that is passed from parents to offspring... Ross and her team exposed two groups of mice — one with the APOE4 variant and one with APOE3 — to micro- and nanoplastics in their drinking water over a period of three weeks. The tiny particles from polystyrene — among the most abundant plastics in the world, found in Styrofoam take-out containers, plastic cups and more — infiltrated the mice' organs, including the brain, as expected...

>

> Ross' team then ran the mice through a series of tests to examine their cognitive ability, beginning with an open-field test, in which researchers put a mouse in a chamber and allow it to explore at will for 90 minutes. Ordinarily, a mouse will hug the walls, naturally attempting to hide from potential predators. However, after microplastic exposure, the APOE4 mice — especially the male mice — tended to wander more in the middle of the chamber and spend time in open space, leaving themselves vulnerable to predators...

>

> The results are concerning enough to warrant further study into the cognitive decline caused by exposure to micro- and nanoplastics, which are among the most prominent environmental toxins to which people are routinely exposed... Ross is continuing to expand her research into the topic and encourages others to do so, in the hope of leading to better regulation of the toxins.



[1] https://www.uri.edu/news/2025/09/uri-study-links-microplastic-exposure-to-alzheimers-disease-in-mice/

[2] https://www.sciencedaily.com/releases/2025/09/250917221010.htm

[3] https://www.uri.edu/news/2023/08/microplastics-infiltrate-all-systems-of-body-cause-behavioral-changes/

[4] https://iopscience.iop.org/article/10.1088/2515-7620/adf8ae

The Washington Post:

> The Trump administration [1]unveiled a new crackdown Friday on journalists at the Pentagon, saying it will require them to pledge they won't gather any information - even unclassified - that hasn't been expressly authorized for release, and will revoke the press credentials of those who do not obey.

>

> Under the policy, the Pentagon may revoke press passes for anyone it deems a security threat. Possessing confidential or unauthorized information, under the new rules, would be grounds for a journalist't press pass to be revoked.

>

> "DoW remains committed to transparency to promote accountability and public trust," the document says, using an acronym for the newly rebranded Department of War. "However, DoW information must be approved for public release by an appropriate authorizing official before it is released, even if it is unclassified."

>

> For months, Defense Secretary Pete Hegseth and his staff have been tightening restrictions on Pentagon reporters while limiting military personnel's direct communication with the press. Like many defense secretaries before him, Hegseth has been deeply irritated by leaks. His staff this year threatened to use polygraph tests to stop people from leaking information, until the White House intervened.



[1] https://www.msn.com/en-us/news/politics/pentagon-demands-journalists-pledge-to-not-obtain-unauthorized-material/ar-AA1MVIa6