An anonymous reader quotes a report from Wired: If you want a job at McDonald's today, there's a good chance you'll have to talk to Olivia. Olivia is not, in fact, a human being, but instead an AI chatbot that screens applicants, asks for their contact information and resume, directs them to a personality test, and occasionally makes them "go insane" by repeatedly misunderstanding their most basic questions. Until last week, the platform that runs the Olivia chatbot, built by artificial intelligence software firm Paradox.ai, also suffered from absurdly basic security flaws. As a result, virtually any hacker could have accessed the records of every chat Olivia had ever had with McDonald's applicants -- including all the personal information they shared in those conversations -- with tricks as straightforward as guessing the username and password "123456." On Wednesday, security researchers Ian Carroll and Sam Curryrevealedthat they found simple methods to hack into the backend of the AI chatbot platform on McHire.com, McDonald's website that many of its franchisees use to handle job applications. Carroll and Curry, hackers with along track record of independent security testing, discovered that simple web-based vulnerabilities -- including guessing one laughably weak password -- allowed them to access a Paradox.ai account and query the company's databases that held every McHire user's chats with Olivia. The data appears to include as many as 64 million records, including applicants' names, email addresses, and phone numbers. Carroll says he only discovered that appalling lack of security around applicants' information because he was intrigued by McDonald's decision to subject potential new hires to an AI chatbot screener and personality test. "I just thought it was pretty uniquely dystopian compared to a normal hiring process, right? And that's what made me want to look into it more," says Carroll. "So I started applying for a job, and then after 30 minutes, we had full access to virtually every application that's ever been made to McDonald's going back years." Paradox.ai confirmed the security findings, acknowledging that only a small portion of the accessed records contained personal data. The company stated that the weak-password account ("123456") was only accessed by the researchers and no one else. To prevent future issues, Paradox is launching a bug bounty program. "We do not take this matter lightly, even though it was resolved swiftly and effectively," Paradox.ai's chief legal officer, Stephanie King, told WIRED in an interview. "We own this." In a statement to WIRED, McDonald's agreed that Paradox.ai was to blame. "We're disappointed by this unacceptable vulnerability from a third-party provider, Paradox.ai. As soon as we learned of the issue, we mandated Paradox.ai to remediate the issue immediately, and it was resolved on the same day it was reported to us," the statement reads. "We take our commitment to cyber security seriously and will continue to hold our third-party providers accountable to meeting our standards of data protection."

Read more of this story at Slashdot.

AMD is warning users of a newly discovered form of side-channel attack affecting a broad range of its chips that could lead to information disclosure. Register: Akin to Meltdown and Spectre, the Transient Scheduler Attack (TSA) comprises four vulnerabilities that AMD said it discovered while looking into a Microsoft report about microarchitectural leaks. The four bugs do not appear too venomous at face value -- two have medium-severity ratings while the other two are rated "low." However, the low-level nature of the exploit's impact has nonetheless led Trend Micro and CrowdStrike to assess the threat as "critical." The reasons for the low severity scores are the high degree of complexity involved in a successful attack -- AMD said it could only be carried out by an attacker able to run arbitrary code on a target machine. It affects AMD processors (desktop, mobile and datacenter models), including 3rd gen and 4th gen EPYC chips -- the full list is here.

Read more of this story at Slashdot.

Microsoft is keen to show employees how much AI is transforming its own workplace, even as the company terminates thousands of personnel. From a report: During a presentation this week, Chief Commercial Officer Judson Althoff said artificial intelligence tools are boosting productivity in everything from sales and customer service to software engineering, according to a person familiar with his remarks. Althoff said AI saved Microsoft more than $500 million last year in its call centers alone and increased both employee and customer satisfaction, according to the person, who requested anonymity to discuss an internal matter. The company is also starting to use AI to handle interactions with smaller customers, Althoff said. This effort is nascent, but already generating tens of millions of dollars, he said.

Read more of this story at Slashdot.

Western Europe sweltered through its hottest June on record last month, as "extreme" temperatures blasted the region in punishing back-to-back heatwaves, the EU climate monitor Copernicus said Wednesday. From a report: Globally, this past June was the third warmest on record, continuing a blistering heat streak in recent years as the planet warms as a result of humanity's emissions of greenhouse gases. The previous hottest June was in 2024 and the second hottest was in 2023, the Copernicus Climate Change Service (C3S) said. Sweltering extremes were particularly pronounced in Europe, which is warming several times faster than the global average.

Read more of this story at Slashdot.

OpenAI is close to releasing an AI-powered web browser that will challenge market-dominating Google Chrome, Reuters reported Wednesday. From the report: The browser is slated to launch in the coming weeks, three of the people said, and aims to use artificial intelligence to fundamentally change how consumers browse the web. It will give OpenAI more direct access to a cornerstone of Google's success: user data.

Read more of this story at Slashdot.

Apple plans to release its first Vision Pro upgrade as early as this year, according to Bloomberg. The updated $3,499 headset will feature an M4 processor, replacing the current M2 chip, and components designed to better handle AI tasks. The company is also developing new straps to reduce neck strain and head pain from the 1.4-pound device. The Vision Pro launched in February 2024 but has sold only hundreds of thousands of units. Apple is working on a significantly lighter redesigned model for 2027, the report added.

Read more of this story at Slashdot.

Microsoft has pledged more than $4 billion in cash and technology services to train millions of people in AI use, targeting schools, community colleges, technical colleges and nonprofits. The company said it will launch Microsoft Elevate Academy to help 20 million people earn AI certificates. Microsoft President Brad Smith said the company would "serve as an advocate to ensure that students in every school across the country have access to A.I. education." The announcement follows Tuesday's news that the American Federation of Teachers received $23 million from Microsoft, OpenAI and Anthropic for a national AI training center. Last week, dozens of companies including Amazon, Apple, Google, Meta, Microsoft, Nvidia and OpenAI signed a White House pledge promising schools funding, technology and training materials for AI education.

Read more of this story at Slashdot.

An anonymous reader quotes a report from the Associated Press: Filmmaker Peter Jackson owns one of the largest private collections of bones of an extinct New Zealand bird called the moa. His fascination with the flightless ostrich-like bird has led to an unusual partnership with a biotech company known for its grand and controversial plans to bring back lost species. On Tuesday, Colossal Biosciences announced an effort to genetically engineer living birds to resemble the extinct South Island giant moa -- which once stood 12 feet (3.6 meters) tall -- with $15 million in funding from Jackson and his partner Fran Walsh. The collaboration also includes the New Zealand-based Ngai Tahu Research Centre. "The movies are my day job, and the moa are my fun thing I do," said Jackson. "Every New Zealand schoolchild has a fascination with the moa." The moa had roamed New Zealand for 4,000 years until they became extinct around 600 years ago, mainly because of overhunting. A large skeleton brought to England in the 19th century, now on display at the Yorkshire Museum, prompted international interest in the long-necked bird. Unlike Colossal's work with dire wolves, the moa project is in very early stages. It started with a phone call about two years ago after Jackson heard about the company's efforts to "de-extinct" -- or create genetically similar animals to -- species like the woolly mammoth and the dire wolf. Then Jackson put Colossal in touch with experts he'd met through his own moa bone-collecting. At that point, he'd amassed between 300 and 400 bones, he said. In New Zealand, it's legal to buy and sell moa bones found on private lands, but not on public conservation areas -- nor to export them. The first stage of the moa project will be to identify well-preserved bones from which it may be possible to extract DNA, said Colossal's chief scientist Beth Shapiro. Those DNA sequences will be compared to genomes of living bird species, including the ground-dwelling tinamou and emu, "to figure out what it is that made the moa unique compared to other birds," she said. [...] The direction of the project will be shaped by Mori scholars at the University of Canterbury's Ngi Tahu Research Centre. Ngi Tahu archaeologist Kyle Davis, an expert in moa bones, said the work has "really reinvigorated the interest in examining our own traditions and mythology."

Read more of this story at Slashdot.

alternative_right shares a report from Phys.org: Researchers at Princeton University, Boston University and other institutes used machine learning to predict the strategic decisions of humans in various games. Their paper, published in Nature Human Behavior, shows that a deep neural network trained on human decisions could predict the strategic choices of players with high levels of accuracy. [...] Essentially, the team suggests that people behave more rationally while playing games that they perceive as easier. In contrast, when they are playing more complex games, people's choices could be influenced by various other factors, thus the "noise" affecting their behavior would increase. As part of their future studies, the researchers would also like to shed more light on what makes a game "complex" or "easy." This could be achieved using the context-dependent noise parameter that they integrated into their model as a signature of "perceived difficulty." "Our analysis provides a robust model comparison across a wide range of candidate models of decision-making," said [Jian-Qiao Zhu, first author of the paper]. "We now have strong evidence that introducing context-dependence into the quantal response model significantly improves its ability to capture human strategic behavior. More specifically, we identified key factors in the game matrix that shape game complexity: considerations of efficiency, the arithmetic difficulty of computing payoff differences, and the depth of reasoning required to arrive at a rational solution." The findings gathered as part of this recent study also highlight the "lightness" with which many people approach strategic decisions, which could make them vulnerable to parties looking to sway them towards making irrational decisions. Once they gather more insight into what factors make games and decision-making scenarios more challenging for people, Zhu and his colleagues hope to start devising new behavioral science interventions aimed at prompting people to make more rational decisions.

Read more of this story at Slashdot.

Senators Tim Sheehy and Elizabeth Warren have introduced the bipartisan "Warrior Right to Repair Act," which would guarantee the military's right to repair its own equipment. The bill builds on a previous Army directive and has broad public support, with nearly 75% of Americans in favor, according to a PIRG poll. Engadget reports: The Department of Defense has not been immune from restrictive practices set forth by manufacturers, and much like the average consumer, has been hamstrung in its ability to repair its own equipment by clauses in its purchase agreements. According to the Public Interest Research Group (PIRG), the current system leads to excessive repair and sustainment costs, and can even impede military readiness. "When our neighbors, friends and family serve in our military, we expect them to get what they need to do their jobs as safely as possible," PIRG Federal Legislative Director Isaac Bowers wrote regarding the newly introduced bill. "Somehow, that hasn't included the materials and information they need to repair equipment they rely on. It's time we fixed that."

Read more of this story at Slashdot.

An anonymous reader quotes a report from TechCrunch: Google announced on Tuesday that it's launching a new Gmail feature that is designed to help users easily manage their subscriptions and declutter their inboxes. The new "Manage subscriptions" tool is rolling out on the web, Android, and iOS in select countries. With the new feature, users can view and manage their subscription emails in one place and quickly unsubscribe from the ones they no longer want to receive. Users can view their active subscriptions, organized by the most frequent senders, alongside the number of emails they've sent in the past few weeks. Clicking on a sender provides a direct view of all emails from them. If a user decides to unsubscribe, Gmail will send an unsubscribe request to the sender on their behalf. "It can be easy to feel overwhelmed by the sheer volume of subscription emails clogging your inbox: Daily deal alerts that are basically spam, weekly newsletters from blogs you no longer read, promotional emails from retailers you haven't shopped in years can quickly pile up," Chris Doan, Gmail's Director of Product, wrote in a blog post. Users can access the new feature by clicking the navigation bar in the top-left corner of their Gmail inbox and then selecting "Manage subscriptions." [...] Google says the new feature will begin rolling out on the web starting Tuesday, with Android and iOS users starting to receive it on July 14 and July 21, respectively. It may take up to 15 days from the start of the rollout for the feature to reach every user, the company says. The Manage subscriptions feature is available to all Google Workspace customers, Workspace Individual Subscribers, and users with personal Google accounts.

Read more of this story at Slashdot.

Meta has acquired a $3.5 billion stake in Ray-Ban maker EssilorLuxottica, "a deal that increases the U.S. tech giant's financial commitment to the fast-growing smart glasses industry," reports Bloomberg. From the report: Meta's investment in the eyewear giant deepens the relationship between the two companies, which have partnered over the past several years to develop AI-powered smart glasses. Meta currently sells a pair of Ray-Ban glasses, first debuted in 2021, with built-in cameras and an AI assistant. Last month, it launched separate Oakley-branded glasses with EssilorLuxottica. EssilorLuxottica Chief Executive Officer Francesco Milleri said last year that Meta was interested in taking a stake the company, but that plan hadn't materialized until now. The deal aligns with Meta CEO Mark Zuckerberg's commitment to AI, which has become a top priority and major expense for the company. Smart glasses are a key part of that plan. While Meta has historically had to deliver its apps and services via smartphones created by competitors, glasses offer Meta a chance to build its own hardware and control its own distribution, Zuckerberg has said. The arrangement gives Meta the advantage of having more detailed manufacturing knowledge and global distribution networks, fundamental to turning its smart glasses into mass-market products. For EssilorLuxottica, the deal provides a deeper presence in the tech world, which would be helpful if Meta's futuristic bets pay off. Meta is also betting on the idea that people will one day work and play while wearing headsets or glasses.

Read more of this story at Slashdot.

BrianFagioli shares a report from NERDS.xyz: Apple is making a high-level leadership change that could significantly shape its future behind the scenes. The company has announced that longtime executive Jeff Williams will step down from his role as Chief Operating Officer later this month. His successor will be Sabih Khan, Apple's Senior Vice President of Operations and a key player in the company's global supply chain strategy. Williams isn't leaving Apple entirely just yet. He'll continue working closely with CEO Tim Cook for the rest of the year, overseeing Apple Watch and health initiatives, as well as leading the company's industrial design team until his retirement. After that, Apple's design team will report directly to Cook. Khan's promotion is part of what Apple describes as a long-planned transition. Cook praised Khan as a "brilliant strategist" who helped Apple reduce its carbon footprint by over 60 percent, expand domestic manufacturing, and remain agile during global supply chain challenges. Khan has been with Apple for 30 years and took on a more prominent executive role in 2019. He has quietly helped the company build one of the most influential supply chains in the world.

Read more of this story at Slashdot.

Intel is laying off over 500 employees in Oregon as part of a broader restructuring plan expected to impact about 20% of its workforce. Bloomberg reports: The Oregon job reduction will hit facilities in Aloha and Hillsboro starting on July 15, Intel said in a regulatory filing. The layoffs are expected to eliminate about 529 employees on a permanent basis. The latest disclosure follows an announcement in California, where 107 employees were let go at Intel's Santa Clara headquarters. Under new Chief Executive Officer Lip-Bu Tan, Intel embarked on a plan in April to slash jobs and reduce operating expenses. The company hasn't given a total figure for the cuts, but a person familiar with the matter has put the amount at more than a fifth of staff. In a statement, Intel said it was making the Oregon cuts to become "a leaner, faster and more efficient company." "Removing organizational complexity and empowering our engineers will enable us to better serve the needs of our customers and strengthen our execution," the company said. "We are making these decisions based on careful consideration of what's needed to position our business for the future, and we will treat people with care and respect as we complete this important work."

Read more of this story at Slashdot.

An anonymous reader quotes a report from ZDNet: The Linux Foundation announced at the Open Source Summit in Denver that it will now host the Agent2Agent (A2A) protocol. Initially developed by Google and now supported by more than 100 leading technology companies, A2A is a crucial new open standard for secure and interoperable communication between AI agents. In his keynote presentation, Mike Smith, a Google staff software engineer, told the conference that the A2A protocol has evolved to make it easier to add custom extensions to the core specification. Additionally, the A2A community is working on making it easier to assign unique identities to AI agents, thereby improving governance and security. The A2A protocol is designed to solve one of AI's most pressing challenges: enabling autonomous agents -- software entities capable of independent action and decision-making -- to discover each other, securely exchange information, and collaborate across disparate platforms, vendors, and frameworks. Under the hood, A2A does this work by creating an AgentCard. An AgentCard is a JavaScript Object Notation (JSON) metadata document that describes its purpose and provides instructions on how to access it via a web URL. A2A also leverages widely adopted web standards, such as HTTP, JSON-RPC, and Server-Sent Events (SSE), to ensure broad compatibility and ease of integration. By providing a standardized, vendor-neutral communication layer, A2A breaks down the silos that have historically limited the potential of multi-agent systems. For security, A2A comes with enterprise-grade authentication and authorization built in, including support for JSON Web Tokens (JWTs), OpenID Connect (OIDC), and Transport Layer Security (TLS). This approach ensures that only authorized agents can participate in workflows, protecting sensitive data and agent identities. While the security foundations are in place, developers at the conference acknowledged that integrating them, particularly authenticating agents, will be a hard slog. Antje Barth, an Amazon Web Services (AWS) principal developer advocate for generative AI, explained what the adoption of A2A will mean for IT professionals: "Say you want to book a train ride to Copenhagen, then a hotel there, and look maybe for a fancy restaurant, right? You have inputs and individual tasks, and A2A adds more agents to this conversation, with one agent specializing in hotel bookings, another in restaurants, and so on. A2A enables agents to communicate with each other, hand off tasks, and finally brings the feedback to the end user." Jim Zemlin, executive director of the Linux Foundation, said: "By joining the Linux Foundation, A2A is ensuring the long-term neutrality, collaboration, and governance that will unlock the next era of agent-to-agent powered productivity." Zemlin expects A2A to become a cornerstone for building interoperable, multi-agent AI systems.

Read more of this story at Slashdot.

The U.N. Human Rights Council passed a motion on climate change and human rights by consensus Tuesday after the Marshall Islands withdrew a divisive amendment calling for states to recommit to a fossil fuel phase-out. The motion calls on countries "to contribute to the global efforts" against climate change and follows the council's 2021 recognition of access to a clean and healthy environment as a fundamental right. Oil-producing countries including Saudi Arabia and Kuwait had voiced opposition to the original fossil fuel phrasing during negotiations. Instead, the final motion referenced "the imperative of defossilizing our economies" in a footnote, allowing passage without a vote where the outcome had been uncertain.

Read more of this story at Slashdot.

Activision removed "Call of Duty: WWII" from Microsoft Store and Game Pass after hackers exploited a security vulnerability that allowed them to compromise players' computers, TechCrunch reported Tuesday, citing a source. The gaming giant took the 2017 first-person shooter offline last week while investigating what it initially described only as "reports of an issue." Players posted on social media claiming their systems had been hacked while playing the game. The vulnerability was a remote code execution exploit that enables attackers to install malware and take control of victims' devices. The Microsoft Store and Game Pass versions contained an unpatched security flaw that had been fixed in other versions of the game.

Read more of this story at Slashdot.

Corporate employees of Amazon have been asked to volunteer their time to the company's warehouses to assist with grocery delivery as it heads into its annual discount spree known as Prime Day. From a report: In a Slack message reviewed by the Guardian that went to thousands of white-collar workers in the New York City area from engineers to marketers, an Amazon area manager called for corporate "volunteers to help us out with Prime Day to deliver to customers on our biggest days yet." It is not clear how many took up the offer. The ask came the day before Prime Day kicks off. The manager said volunteers are "needed" to work Tuesday through Friday this week, in two-hour shifts between 10am and 6pm in the Red Hook neighborhood of Brooklyn, where the company operates a warehouse as part of its grocery delivery service, Amazon Fresh. Corporate employees seconded to the warehouse would be tasked with picking items, preparing carts and bags of groceries for delivery, packing boxes on receiving carts, and working to "boost morale with distribution of snacks," though they would be allowed to step into a conference room to take meetings and calls, according to the message. The manager noted such an effort would help "connect" warehouse and corporate teams. Further reading: Amazon Prime Day Spending Down 14% in Early Hours From 2024.

Read more of this story at Slashdot.

Napster has returned with an AI-powered reinvention, launching a platform of specialized chatbots and holographic avatars. The former dot-com music file-sharing pioneer now offers dozens of "AI companions" trained as experts in fields from therapy to business strategy, plus the View device for 3D holographic video chats, FastCompany reports. Infinite Reality acquired Napster for $207 million in March and rebranded itself under the nostalgic name. The platform charges $19 monthly or $199 bundled with hardware, marking Napster's latest attempt at relevance after previous owners tried VR concerts and crypto ventures.

Read more of this story at Slashdot.

An anonymous reader shares a blog post: Version 140 of the Thunderbird mail client has been released. Notable features include "dark message mode" to adapt message content to dark mode, the ability to easily transfer desktop settings to the mobile Thunderbird client, experimental support for Microsoft Exchange, as well as global controls for message threading and sort order. Thunderbird 140 is an extended-support release (ESR) which will be supported for 12 months. However, the Thunderbird project is trying to encourage users to adopt the Release channel for monthly updates instead. The project is staggering upgrades to 140 for existing Thunderbird users in order to catch any significant bugs before they are widely deployed, but users can upgrade manually via the Help > About menu. See the release notes for a full list of changes.

Read more of this story at Slashdot.