Webtagr - Technology News Summarizer

Critical Apple CPU Side-Channel Flaws Steal Browser Data

2025-01-28

Researchers have uncovered new side-channel vulnerabilities, FLOP and SLAP, in Apple's M-series and A-series processors. These flaws allow remote attackers to steal sensitive data from web browsers via malicious websites, bypassing browser sandboxing. The vulnerabilities stem from faulty speculative execution, exploiting the CPU's mispredictions to leak information like emails, location history, and more. Apple is aware and plans to address the issue, but patches aren't yet available. Disabling JavaScript is a temporary mitigation, but impacts website functionality.

(www.bleepingcomputer.com)

Tech Apple CPU Side-channel attack Security vulnerability

Boom Supersonic's XB-1 Breaks the Sound Barrier: A New Era for Civilian Supersonic Flight

2025-01-28

Boom Supersonic's XB-1 demonstrator plane successfully broke the sound barrier over California's Mojave Desert, becoming the first civilian aircraft to achieve supersonic flight. This historic milestone occurred during the XB-1's twelfth test flight, maintaining supersonic speed (Mach 1.1) for approximately four minutes. Boom plans to build the 64-passenger Overture supersonic airliner, already securing orders from American Airlines and Japan Airlines. This achievement marks a resurgence of civilian supersonic flight and offers hope for the future of supersonic passenger travel.

(techcrunch.com)

Tech

Critical Security Flaws Found in Apple Silicon: SLAP and FLOP Attacks

2025-01-28

Researchers have uncovered two critical security vulnerabilities, dubbed SLAP and FLOP, affecting Apple's M2/A15 and later chipsets. SLAP exploits incorrect guesses by the Load Address Predictor (LAP) during speculative execution to access out-of-bounds data, leaking sensitive information like email content and browsing history in Safari. FLOP leverages mispredictions by the Load Value Predictor (LVP) to bypass memory safety checks, stealing data such as location history, calendar events, and credit card information from Safari and Chrome. These attacks exploit speculative execution and affect most Apple devices released since 2022. Apple is aware and plans to address these issues in an upcoming security update; users are urged to keep their systems and apps updated.

(predictors.fail)

Tech Apple Security Vulnerability Speculative Execution Attack

River Runner Global: Disruptive Hydropower Tech?

2025-01-28

River Runner Global claims to possess revolutionary hydropower technology that generates electricity from natural river flow without needing large dams. The technology is purportedly low-cost and environmentally friendly, potentially providing clean energy to remote areas. However, details about the technology and its real-world effectiveness remain scarce, and its viability and commercial potential are yet to be proven. Nevertheless, its innovative concept has attracted industry attention.

(river-runner-global.samlearner.com)

Tech hydropower

Chrome Sync Sunset: Older Chrome Versions Affected

2025-01-28

Google has announced that Chrome Sync will be discontinued on Chrome versions older than four years. This means users on older Chrome versions will no longer be able to sync their bookmarks, passwords, and other data. The move encourages users to upgrade to the latest Chrome version for improved performance and security. Users of older Chrome versions should upgrade to avoid data loss or functional limitations.

(support.google.com)

Tech Chrome browser Sync functionality Software update

Subaru Starlink Flaw Lets Hackers Unlock Cars, Track Location

2025-01-28

Security researchers discovered a critical vulnerability in Subaru's Starlink connected services, allowing hackers to access location data, remotely unlock doors, and more. By compromising Subaru employee accounts and exploiting an admin panel, attackers gained access to vehicle information. While the vulnerability has been patched, it highlights the serious security risks associated with connected cars.

(jalopnik.com)

Tech Subaru

Bitwarden Bolsters Security: New Device Login Protection Coming in February 2025

2025-01-28

Bitwarden is enhancing security by implementing new device login protection starting February 2025. Users without two-factor authentication (2FA) enabled will be required to verify their logins on new devices with a one-time code sent to their registered email address after entering their master password. This added security measure protects accounts even if passwords are compromised. Users with 2FA, SSO logins, API key logins, or self-hosted instances are exempt.

(bitwarden.com)

Tech Login Verification

Shocking: Nearly 1 in 10 People Use the Same Four-Digit PIN

2025-01-28

Analysis of 29 million PINs reveals that nearly one in ten people use the same four-digit PIN, with '1234' being the most popular. Researchers found people favor birthdays, repeating digits, or sequential numbers on the keypad, making these PINs easily guessable. The findings highlight a widespread security vulnerability in PIN selection, urging users to adopt stronger PINs for enhanced personal data protection.

(www.abc.net.au)

Tech PIN

Super-Earth Discovered in Habitable Zone of Sun-like Star

2025-01-28

The Instituto de Astrofísica de Canarias (IAC) has confirmed the discovery of a super-Earth, designated HD 20794 d, orbiting within the habitable zone of the Sun-like star HD 20794. This six-Earth-mass planet has a 647-day orbital period and an elliptical orbit. The discovery, based on over two decades of radial velocity measurements, opens exciting possibilities for future studies of terrestrial planet atmospheres and makes it a prime target for next-generation telescopes. While residing in the habitable zone, its high mass and eccentric orbit suggest a vastly different environment than Earth, yet offering a unique perspective on how habitability conditions vary over time.

(www.iac.es)

Tech Super-Earth Habitable Zone Exoplanet

UK Cloud Services Market: Oligopoly Concerns

2025-01-28

The Competition and Markets Authority (CMA) has released provisional findings from its investigation into the UK cloud services market. AWS and Microsoft hold a dominant 30-40% market share each, dwarfing Google's presence. High capital investment and technical barriers create significant entry hurdles, hindering customer switching. Microsoft leverages its software strength to further limit competition. The CMA proposes using new digital market powers to consider designating AWS and Microsoft with strategic market status (SMS), potentially implementing interventions like regulating egress fees, lowering technical barriers, and addressing Microsoft's licensing practices. This aims to boost competition, leading to better prices, service quality, and choice for UK businesses.

(www.gov.uk)

Tech digital markets

FTC Slams GoDaddy for Lax Data Security

2025-01-28

The Federal Trade Commission (FTC) is taking action against GoDaddy for allegedly failing to implement reasonable security measures, leading to multiple data breaches since 2018. The FTC alleges GoDaddy misled customers about its data security protections. The proposed settlement requires GoDaddy to establish a comprehensive data security program and undergo independent security assessments. This action highlights the importance of robust security practices for web hosting providers and underscores the FTC's commitment to protecting consumer data.

(www.ftc.gov)

Tech Data Breach

Boom Supersonic to Break Sound Barrier in Historic Test Flight: Watch Live

2025-01-28

Boom Supersonic is attempting to break the sound barrier today with its 12th test flight of the XB-1 supersonic test vehicle. This milestone flight, likened by the CEO to SpaceX's Falcon 1 moment, will mark the company's first supersonic achievement and the return of supersonic flight since Concorde. The flight will be livestreamed, offering viewers a dramatic, real-time view of the supersonic flight, transmitted via SpaceX's Starlink satellite internet service.

(www.space.com)

Tech supersonic flight

AI Facial Recognition Derails Murder Case

2025-01-28

Cleveland police used AI facial recognition to obtain a search warrant in a murder case, but the technology's results are inadmissible in court. A judge subsequently threw out the evidence, potentially derailing the prosecution. The case highlights a critical lack of oversight, regulation, and training surrounding the use of AI in law enforcement, raising ethical and legal concerns about its application in judicial proceedings.

(www.cleveland.com)

Tech Facial Recognition Justice

AI's Hidden Cost: The Environmental Impact of Artificial Intelligence

2025-01-28

The rapid advancement of AI comes at a significant environmental cost. This article estimates the daily energy consumption of Midjourney, a popular AI image generation service, at a staggering 960,000 kWh – enough to power over 25,000 average households. This is just the tip of the iceberg, with other AI services like ChatGPT and Gemini contributing significantly to energy waste. The author calls for collaboration among developers, researchers, and entrepreneurs to find more efficient and sustainable ways to develop AI.

(loopbreaker.substack.com)

Tech AI energy consumption environmental impact sustainable AI

Biomachining: Using Bacteria to Machine Metal

2025-01-28

Biomachining is a novel machining process employing lithotrophic bacteria, such as Thiobacillus ferrooxidans and Thiobacillus thiooxidans, to remove material from metal parts. These bacteria utilize the chemical energy from iron or copper oxidation to remove material from a metal surface when immersed in a culture fluid. Unlike traditional chemical or physical machining, biomachining offers a low material removal rate and a superior surface finish, making it ideal for micromachining. This process has been successfully used on pure iron and copper, and involves masking the areas not to be machined, similar to chemical milling. The process's depth is influenced by factors like stirring rate and temperature.

(en.wikipedia.org)

Tech biomachining metal machining

Google Maps to Reflect US Government's Name Changes

2025-01-28

Following President Trump's executive order, Google Maps will update to reflect the renaming of the Gulf of Mexico to the "Gulf of America" and Denali to Mount McKinley. The update will align with changes made by the Geographic Names Information System (GNIS). This highlights the impact of government decisions on major tech platforms.

(www.theverge.com)

Tech Google Maps Name Changes Government Order

Corpses Move for Over a Year After Death, Study Finds

2025-01-28

An Australian researcher's 17-month time-lapse study of a decomposing body at a human body farm revealed significant post-mortem movement. The body's limbs shifted considerably due to the decomposition process, specifically the drying of ligaments. This discovery has implications for forensic investigations, potentially improving estimations of time of death and aiding crime scene reconstruction. While not yet peer-reviewed, the findings have already sparked interest within the forensic science community.

(www.newsweek.com)

Tech forensic science decomposition time of death

US Wind and Solar to Outpace Coal in 2024

2025-01-28

Data from the US Energy Information Agency reveals that US solar power generation surged 30% in the first 11 months of 2024, leading to combined wind and solar generation surpassing coal for the first time. Despite a near 3% rise in electricity demand, coal generation fell by almost 5%. The rapid growth of renewables has primarily displaced fossil fuel generation, not met increased demand. Future growth in solar and wind capacity, coupled with policy uncertainties, promises a dynamic energy landscape for the US grid.

(arstechnica.com)

Tech solar wind

Deepseek Predicts Devastating Impact of 25% Tariffs on Canadian GDP

2025-01-28

A blog post details Deepseek's AI model prediction of the impact of a 25% US tariff on Canadian goods. Deepseek simulates the effects on Canadian GDP, factoring in reduced exports, demand elasticity, multiplier effects, and potential retaliatory tariffs. The model suggests a GDP decrease ranging from 1.7% to 8%, with a baseline estimate of 4%, aligning with the Bank of Canada's projection. Deepseek's analysis speed highlights the potential of AI in economic modeling.

(stephaniekelton.substack.com)

Tech economic model tariffs

UK Council's Oracle Project Costs Balloon to £40M

2025-01-28

West Sussex County Council in the UK is undertaking a £40 million ($50 million) Oracle-based transformation project, a massive escalation from the initial £2.6 million estimate. To fund this, the council is selling off assets like property, including a former fire station. The project, initially slated for 2021, has faced repeated delays, a system integrator change, and a new contract with Oracle extending it to 2030. This highlights the risks of runaway costs in large IT projects and the financial challenges faced by local governments.

(www.theregister.com)

Tech IT project cost overruns

CDC Halts Collaboration with WHO, Immediately

2025-01-27

The U.S. Centers for Disease Control and Prevention (CDC) has abruptly ordered an immediate end to all collaborations with the World Health Organization (WHO), sending shockwaves through the global public health community. This isn't a phased withdrawal; it's an immediate and complete cessation of all interactions, including work with technical working groups, coordinating centers, and advisory boards. Experts express deep concern, warning that this will severely hamper efforts to investigate and control outbreaks like the Marburg virus and mpox, potentially jeopardizing global health security. While President Trump had previously issued an executive order to begin the U.S. withdrawal from WHO, this sudden action is far more drastic and unexpected, sparking widespread worry and criticism.

(apnews.com)

Tech Global Public Health

Big Tech's New Power: US Intel Agencies Embrace Corporate Partnerships

2025-01-27

A new directive from US intelligence agencies reveals a deepening partnership with major tech corporations, even at the risk of compromising security. This underscores the immense power wielded by tech giants, whose influence now surpasses many nation-states, forcing intelligence agencies to rely on them for information. The directive authorizes the sharing of classified information and streamlines cooperation, raising concerns about power imbalances and potential misuse of information by corporations. The article argues this marks a significant shift of power towards Big Tech.

(www.kenklippenstein.com)

Tech Intelligence Cooperation

Facebook's Linux Ban: A Case of Mistaken Identity?

2025-01-27

Facebook is blocking posts mentioning Linux, even targeting prominent sites like DistroWatch, labeling them as 'cybersecurity threats'. Users report account limitations and post removals. The irony is palpable: Facebook relies heavily on Linux infrastructure and frequently advertises for Linux developers. DistroWatch's appeal to Facebook was rejected, highlighting the potential for AI-driven content moderation to misidentify legitimate content. The incident underscores the challenges of large tech companies in balancing security and freedom of expression, raising questions about the accuracy and fairness of automated systems.

(www.tomshardware.com)

Tech

Token Security Raises $20M to Secure the Booming World of Machine Identities

2025-01-27

The rise of cloud computing and AI has led to a surge in machine identities, creating more entry points for hackers. Token Security, a startup tackling this growing security risk, just secured $20 million in Series A funding. Their platform automatically identifies and manages machine identities, helping companies prevent breaches before they occur. Founded by veterans of Israel's Unit 8200, the company counts HPE among its clients and plans to use the funding to expand its AI capabilities and US presence. The funding highlights the increasing importance of securing machine identities, often overlooked in traditional cybersecurity strategies.

(techcrunch.com)

Tech machine identity

Google Open Sources PebbleOS: Rebble's Rebirth and Community Ownership

2025-01-27

Rebble announced exciting news: Google has open-sourced PebbleOS! This significantly accelerates Rebble's efforts to produce new hardware and transitions Rebble into a non-profit community-owned organization. Rebble remains committed to preserving this classic smartwatch, using it as an embedded systems education platform, and keeping it alive through open-source software. A hackathon is planned to develop RebbleOS and other apps, and upgrade the classic Pebble assistant, Snowy. The future will see Rebble continue its user-respectful approach, creating an open, community-driven smartwatch ecosystem.

(rebble.io)

Tech

Pebble Smartwatch Source Code Now Open Source

2025-01-27

Google has open-sourced the source code for the once-popular Pebble smartwatch. Pebble achieved massive success through Kickstarter, selling over two million units. Acquired by Fitbit in 2016, Fitbit was later acquired by Google. Despite hardware and software support ceasing eight years ago, Pebble maintains a dedicated fanbase. This release includes most of the Pebble OS source code, encompassing features like notifications, media controls, fitness tracking, and a framework for developing apps in C and JavaScript. While some proprietary code was removed, it provides a significant boost for volunteers in the Rebble project to continue supporting Pebble watches.

(opensource.googleblog.com)

Tech Smartwatch

A Faster Quantum Fourier Transform Algorithm

2025-01-27

Ronit Shah presents an improved algorithm for the Quantum Fourier Transform (QFT). Traditionally, approximate QFT requires Θ(n log n) gates, and exact QFT requires Θ(n²) gates. The new algorithm, leveraging a novel recursive partitioning of qubits, reduces the cost of approximate QFT to Θ(n(log log n)²) gates and exact QFT to Θ(n(log n)²) gates. This breakthrough promises significant efficiency gains in quantum computation.

(arxiv.org)

Tech quantum fourier transform algorithm optimization

Ocean Bacteria's Nanotube Networks: A Revolutionary Discovery of Microbial Interconnectivity

2025-01-27

A groundbreaking discovery reveals complex networks of bacterial nanotubes connecting the most abundant photosynthetic bacteria in the ocean, Prochlorococcus. These nanotubes act as tiny bridges, linking the inner spaces of bacterial cells and facilitating the exchange of nutrients and information. This challenges the traditional view of bacteria as isolated individuals, demonstrating a far more interconnected microbial world than previously imagined. This interconnectivity may have profound implications for Earth's oxygen and carbon cycles.

(www.quantamagazine.org)

Tech bacterial nanotubes marine microbes intercellular communication

Taylorator: Flooding the FM Band with Taylor Swift (and Some Legal Concerns)

2025-01-27

The Taylorator is a project that uses Software Defined Radio (SDR) to broadcast Taylor Swift's music across the FM radio band. The creator wrote software to simultaneously transmit 100 songs to different FM frequencies, effectively 'flooding' the airwaves. The project faced significant performance challenges, requiring powerful CPUs for real-time audio processing of multiple channels. While legal ramifications exist regarding unlicensed broadcasting, the Taylorator is an impressive feat of engineering with its source code publicly available.

(www.scd31.com)

Tech Taylor Swift

Meta's War Rooms: Dissecting DeepSeek's Low-Cost AI Threat

2025-01-27

Meta has established four war rooms to analyze the technology behind DeepSeek, a Chinese open-source large language model. DeepSeek's ability to compete with OpenAI's ChatGPT and Meta's own offerings, using significantly lower costs and less powerful chips, has sparked concern. The analysis focuses on DeepSeek's cost reduction techniques and the data it utilizes. DeepSeek's emergence is causing significant ripples in the AI infrastructure investment landscape and impacting tech stocks.

(markets.businessinsider.com)

Tech AI Competition

Category: Tech