The Trump administration is "taking measures to restrict the sale of AI chips by Nvidia, Advanced Micro Devices and Intel," especially in China, reports the New York Times. But that's triggered a series of dominoes. "In the two days after the limits became public, shares of Nvidia, the world's leading AI chipmaker, fell 8.4%. AMD's shares dropped 7.4%, and Intel's were down 6.8%." (AMD expects up to $800 million in charges after the move, according to CNBC, while NVIDIA said it would take a quarterly charge of about $5.5 billion.)

The Times notes hopeful remarks Thursday from Jensen Huang, CEO of Nvidia, during a meeting with the China Council for the Promotion of International Trade. "We're going to continue to make significant effort to optimize our products that are compliant within the regulations and continue to serve China's market." But America's chipmakers also have a greater fear, according to the article: "that their retreat could turn the Chinese tech giant Huawei into a global chip-making powerhouse." "For the U.S. semiconductor industry, China is gone," said Handel Jones, a semiconductor consultant at International Business Strategies, which advises electronics companies. He projects that Chinese companies will have a majority share of chips in every major category in China by 2030... Huang's message spoke to one of his biggest fears. For years, he has worried that Huawei, China's telecommunications giant, will become a major competitor in AI. He has warned U.S. officials that blocking U.S. companies from competing in China would accelerate Huawei's rise, said three people familiar with those meetings who spoke on the condition of anonymity.

If Huawei gains ground, Huang and others at Nvidia have painted a dark picture of a future in which China will use the company's chips to build AI data centers across the world for the Belt and Road Initiative, a strategic effort to increase Beijing's influence by paying for infrastructure projects around the world, a person familiar with the company's thinking said...

Nvidia's previous generation of chips perform about 40% better than Huawei's best product, said Gregory C. Allen, who has written about Huawei in his role as director of the Wadhwani AI Center at the Center for Strategic and International Studies. But that gap could dwindle if Huawei scoops up the business of its American rivals, Allen said. Nvidia was expected to make more than $16 billion in sales this year from the H20 in China before the restriction. Huawei could use that money to hire more experienced engineers and make higher-quality chips. Allen said the U.S. government's restrictions also could help Huawei bring on customers like DeepSeek, a leading Chinese AI startup. Working with those companies could help Huawei improve the software it develops to control its chips. Those kinds of tools have been one of Nvidia's strengths over the years.
TechRepublic identifies this key quote from an earlier article: "This kills NVIDIA's access to a key market, and they will lose traction in the country," Patrick Moorhead, a tech analyst with Moor Insights & Strategy, told The New York Times. He added that Chinese companies will buy from local rival Huawei instead.

"Russia is automating the spread of false information to fool AI chatbots," reports the Washington Post. (When researchers checked 10 chatbots, a third of the responses repeated false pro-Russia messaging.)

The Post argues that this tactic offers "a playbook to other bad actors on how to game AI to push content meant to inflame, influence and obfuscate instead of inform," and calls it "a fundamental weakness of the AI industry." Chatbot answers depend on the data fed into them. A guiding principle is that the more the chatbots read, the more informed their answers will be, which is why the industry is ravenous for content. But mass quantities of well-aimed chaff can skew the answers on specific topics. For Russia, that is the war in Ukraine. But for a politician, it could be an opponent; for a commercial firm, it could be a competitor. "Most chatbots struggle with disinformation," said Giada Pistilli, principal ethicist at open-source AI platform Hugging Face. "They have basic safeguards against harmful content but can't reliably spot sophisticated propaganda, [and] the problem gets worse with search-augmented systems that prioritize recent information."

Early commercial attempts to manipulate chat results also are gathering steam, with some of the same digital marketers who once offered search engine optimization — or SEO — for higher Google rankings now trying to pump up mentions by AI chatbots through "generative engine optimization" — or GEO.
Our current situation "plays into the hands of those with the most means and the most to gain: for now, experts say, that is national governments with expertise in spreading propaganda." Russia and, to a lesser extent, China have been exploiting that advantage by flooding the zone with fables. But anyone could do the same, burning up far fewer resources than previous troll farm operations... In a twist that befuddled researchers for a year, almost no human beings visit the sites, which are hard to browse or search. Instead, their content is aimed at crawlers, the software programs that scour the web and bring back content for search engines and large language models. While those AI ventures are trained on a variety of datasets, an increasing number are offering chatbots that search the current web. Those are more likely to pick up something false if it is recent, and even more so if hundreds of pages on the web are saying much the same thing...

The gambit is even more effective because the Russian operation managed to get links to the Pravda network stories edited into Wikipedia pages and public Facebook group postings, probably with the help of human contractors. Many AI companies give special weight to Facebook and especially Wikipedia as accurate sources. (Wikipedia said this month that its bandwidth costs have soared 50 percent in just over a year, mostly because of AI crawlers....) Last month, other researchers set out to see whether the gambit was working. Finnish company Check First scoured Wikipedia and turned up nearly 2,000 hyperlinks on pages in 44 languages that pointed to 162 Pravda websites. It also found that some false information promoted by Pravda showed up in chatbot answers.
"They do even better in such places as China," the article points out, "where traditional media is more tightly controlled and there are fewer sources for the bots." (The nonprofit American Sunlight Project calls the process "LLM grooming".)

The article quotes a top Kremlin propagandist as bragging in January that "we can actually change worldwide AI."

"There has never been a consensus or a 'smoking gun' to explain what started the pandemic," writes ABC News.

Yet the Associated Press reports that "A federal website that used to feature information on vaccines, testing and treatment for COVID-19 has been transformed into a page supporting the theory that the pandemic originated with a lab leak." (This despite the fact that "about 325 Americans have died from COVID per week on average over the past four weeks, according to the U.S. Centers for Disease Control and Prevention.") The covid.gov website shows a photo of President Donald Trump walking between the words "lab" and "leak" under a White House heading... The web page also accuses Dr. Anthony Fauci, the former director of the National Institute of Allergy and Infectious Diseases, of pushing a "preferred narrative" that COVID-19 originated in nature. The origins of COVID have never been proven. Scientists are unsure whether the virus jumped from an animal, as many other viruses have, or came from a laboratory accident. A U.S. intelligence analysis released in 2023 said there is insufficient evidence to prove either theory.
"Many scientists think it's more likely the virus originated naturally in a wild animal and then spilled over into people in a wildlife market located in Wuhan," reports NPR.

And even Jamie Metzl, a critic of the wildlife spillover theory, told NPR that while they appreciated "efforts to dig deeper... it would be a terrible shame if such efforts distracted from essential work to help prevent further infections and treat people suffering from COVID-19 and long COVID." (The federal website covidtests.gov now also redirects instead to the new page...) Some scientists were critical of the new site, which they say appears political in intent. "Every one of the five pieces of evidence supporting the lab leak hypothesis ... is factually incorrect, embellished, or presented in a misleading way," [wrote Angela Rasmussen, a virologist at the University of Saskatchewan in Canada]. "But making evidence-based arguments in good faith about the pandemic's origin is not the purpose of this document. This is pure propaganda, intended to justify the systematic devastation of the federal government, particularly programs devoted to public health and biomedical research," Rasmussen added.

Other scientists said the web site doesn't follow the existing body of scientific evidence on the issue. That evidence does not support "any of the many, often contradictory, lab leak scenarios that have been proposed," Michael Worobey, an evolutionary biologist at the University of Arizona, in an email to NPR. He argued that the evidence is consistent with "the less flashy hypothesis that bringing live animals infected with pathogens with pandemic potential into the heart of one of the biggest cities in the world was how this pandemic started.... the next pathogen with pandemic potential will find us easy pickings if we don't appreciate how risky this sort of 'biosafety level zero' activity is."

An anonymous reader quotes a report from SecurityWeek: An October 2024 study by Software AG suggests that half of all employees are Shadow AI users, and most of them wouldn't stop even if it was banned. The problem is the ease of access to AI tools, and a work environment that increasingly advocates the use of AI to improve corporate efficiency. It is little wonder that employees seek their own AI tools to improve their personal efficiency and maximize the potential for promotion. It is frictionless, says Michael Marriott, VP of marketing at Harmonic Security. 'Using AI at work feels like second nature for many knowledge workers now. Whether it's summarizing meeting notes, drafting customer emails, exploring code, or creating content, employees are moving fast.' If the official tools aren't easy to access or if they feel too locked down, they'll use whatever's available which is often via an open tab on their browser.

There is almost also never any malicious intent (absent, perhaps, the mistaken employment of rogue North Korean IT workers); merely a desire to do and be better. If this involves using unsanctioned AI tools, employees will likely not disclose their actions. The reasons may be complex but combine elements of a reluctance to admit that their efficiency is AI assisted rather than natural, and knowledge that use of personal shadow AI might be discouraged. The result is that enterprises often have little knowledge of the extent of Shadow IT, nor the risks it may present. According to an analysis from Harmonic, ChatGPT is the dominant gen-AI model used by employees, with 45% of data prompts originating from personal accounts (such as Gmail). Image files accounted for 68.3%. The report also notes that 7% of empmloyees were using Chinese AI models like DeepSeek, Baidu Chat and Qwen.

"Overall, there has been a slight reduction in sensitive prompt frequency from Q4 2024 (down from 8.5% to 6.7% in Q1 2025)," reports SecurityWeek. "However, there has been a shift in the risk categories that are potentially exposed. Customer data (down from 45.8% to 27.8%), employee data (from 26.8% to 14.3%) and security (6.9% to 2.1%) have all reduced. Conversely, legal and financial data (up from 14.9% to 30.8%) and sensitive code (5.6% to 10.1%) have both increased. PII is a new category introduced in Q1 2025 and was tracked at 14.9%."

An anonymous reader quotes a report from 404 Media: A judge in Nevada has ruled that "tower dumps" -- the law enforcement practice of grabbing vast troves of private personal data from cell towers -- is unconstitutional. The judge also ruled that the cops could, this one time, still use the evidence they obtained through this unconstitutional search. Cell towers record the location of phones near them about every seven seconds. When the cops request a tower dump, they ask a telecom for the numbers and personal information of every single phone connected to a tower during a set time period. Depending on the area, these tower dumps can return tens of thousands of numbers. Cops have been able to sift through this data to solve crimes. But tower dumps are also a massive privacy violation that flies in the face of the Fourth Amendment, which protects people from unlawful search and seizure. When the cops get a tower dump they're not just searching and seizing the data of a suspected criminal, they're sifting through the information of everyone who was in the location. The ruling stems from a court case involving Cory Spurlock, a Nevada man charged with drug offenses and a murder-for-hire plot. He was implicated through a cellphone tower dump that law enforcement used to place his device near the scenes of the alleged crimes.

A federal judge ruled that the tower dump constituted an unconstitutional general search under the Fourth Amendment but declined to suppress the evidence, citing officers' good faith in obtaining a warrant. It marks the first time a court in the Ninth Circuit has ruled on the constitutionality of tower dumps, which in Spurlock's case captured location data from over 1,600 users -- many of whom had no way to opt out.

An anonymous reader shares a report: Members of the European Parliament were offered special pouches to protect digital devices from espionage and tampering for a visit to Hungary this week, a sign of rising spying fears within Europe.

Five lawmakers from the Parliament's civil liberties committee traveled to Hungary on Monday for a three-day visit to inspect the EU member country's progress on democracy, the rule of law and fundamental rights.

One lawmaker on the trip confirmed to POLITICO that the Parliament officials joining the delegation were offered Faraday bags -- special metal-lined pouches that block electromagnetic signals -- by the Parliament's services and were also advised to be cautious about using public Wi-Fi networks or charging facilities.

HP has agreed to a $4 million settlement over allegations of deceptive pricing practices on its website, including falsely inflating original prices for computers and accessories to create the illusion of steep discounts. Ars Technica reports: Earlier this month, Judge P. Casey Pitts for the US District Court of the San Jose Division of the Northern District of California granted preliminary approval [PDF] of a settlement agreement regarding a class-action complaint first filed against HP on October 13, 2021. The complaint accused HP's website of showing "misleading" original pricing for various computers, mice, and keyboards that was higher than how the products were recently and typically priced.

Per the settlement agreement [PDF], HP will contribute $4 million to a "non-reversionary common fund, which shall be used to pay the (i) Settlement Class members' claims; (ii) court-approved Notice and Settlement Administration Costs; (iii) court-approved Settlement Class Representatives' Service Award; and (iv) court-approved Settlement Class Counsel Attorneys' Fees and Costs Award. All residual funds will be distributed pro rata to Settlement Class members who submitted valid claims and cashed checks."

The two plaintiffs who filed the initial complaint may also file a motion to receive a settlement class representative service award for up to $5,000 each, which would come out of the $4 million pool. People who purchased a discounted HP desktop, laptop, mouse, or keyboard that was on sale for "more than 75 percent of the time the products were offered for sale" from June 5, 2021, to October 28, 2024, are eligible for compensation. The full list of eligible products is available here [PDF] and includes HP Spectre, Chromebook Envy, and Pavilion laptops, HP Envy and Omen desktops, and some mechanical keyboards and wireless mice. Depending on the product, class members can receive $10 to $100 per eligible product purchased.

Longtime Slashdot reader schwit1 shares a report from the Associated Press: Google has been branded an abusive monopolist by a federal judge for the second time in less than a year, this time for illegally exploiting some of its online marketing technology to boost the profits fueling an internet empire currently worth $1.8 trillion. The ruling issued Thursday by U.S. District Judge Leonie Brinkema in Virginia comes on the heels of a separate decision in August that concluded Google's namesake search engine has been illegally leveraging its dominance to stifle competition and innovation. [...] The next step in the latest case is a penalty phase that will likely begin late this year or early next year. The same so-called remedy hearings in the search monopoly case are scheduled to begin Monday in Washington D.C., where Justice Department lawyers will try to convince U.S. District Judge Amit Mehta to impose a sweeping punishment that includes a proposed requirement for Google to sell its Chrome web browser.

Brinkema's 115-page decision centers on the marketing machine that Google has spent the past 17 years building around its search engine and other widely used products and services, including its Chrome browser, YouTube video site and digital maps. The system was largely built around a series of acquisitions that started with Google's $3.2 billion purchase of online ad specialist DoubleClick in 2008. U.S. regulators approved the deals at the time they were made before realizing that they had given the Mountain View, California, company a platform to manipulate the prices in an ecosystem that a wide range of websites depend on for revenue and provides a vital marketing connection to consumers.

The Justice Department lawyers argued that Google built and maintained dominant market positions in a technology trifecta used by website publishers to sell ad space on their webpages, as well as the technology that advertisers use to get their ads in front of consumers, and the ad exchanges that conduct automated auctions in fractions of a second to match buyer and seller. After evaluating the evidence presented during a lengthy trial that concluded just before Thanksgiving last year, Brinkema reached a decision that rejected the Justice Department's assertions that Google has been mistreating advertisers while concluding the company has been abusing its power to stifle competition to the detriment of online publishers forced to rely on its network for revenue.

"For over a decade, Google has tied its publisher ad server and ad exchange together through contractual policies and technological integration, which enabled the company to establish and protect its monopoly power in these two markets." Brinkema wrote. "Google further entrenched its monopoly power by imposing anticompetitive policies on its customers and eliminating desirable product features." Despite that rebuke, Brinkema also concluded that Google didn't break the law when it snapped Doubleclick nor when it followed up that deal a few years later by buying another service, Admeld. The Justice Department "failed to show that the DoubleClick and Admeld acquisitions were anticompetitive," Brinkema wrote. "Although these acquisitions helped Google gain monopoly power in two adjacent ad tech markets, they are insufficient, when viewed in isolation, to prove that Google acquired or maintained this monopoly power through exclusionary practices." That finding may help Google fight off any attempt to force it to sell its advertising technology to stop its monopolistic behavior.

An anonymous reader quotes a report from TechCrunch: There's a somewhat concerning new trend going viral: People are using ChatGPT to figure out the location shown in pictures. This week, OpenAI released its newest AI models, o3 and o4-mini, both of which can uniquely "reason" through uploaded images. In practice, the models can crop, rotate, and zoom in on photos -- even blurry and distorted ones -- to thoroughly analyze them. These image-analyzing capabilities, paired with the models' ability to search the web, make for a potent location-finding tool. Users on X quickly discovered that o3, in particular, is quite good at deducing cities, landmarks, and even restaurants and bars from subtle visual clues.

In many cases, the models don't appear to be drawing on "memories" of past ChatGPT conversations, or EXIF data, which is the metadata attached to photos that reveal details such as where the photo was taken. X is filled with examples of users giving ChatGPT restaurant menus, neighborhood snaps, facades, and self-portraits, and instructing o3 to imagine it's playing "GeoGuessr," an online game that challenges players to guess locations from Google Street View images. It's an obvious potential privacy issue. There's nothing preventing a bad actor from screenshotting, say, a person's Instagram Story and using ChatGPT to try to doxx them.

Discord has begun testing age verification via facial scans or ID uploads for users in the UK and Australia seeking access to sensitive content. "The chat app's new process has been described as an 'experiment,' and comes in response to laws passed in those countries that place guardrails on youth access to online platforms," reports Gizmodo. From the report: Users may be asked to verify their age when encountering content that has been flagged by Discord's systems as being sensitive in nature, or when they change their settings to enable access to sensitive content. The app will ask users to scan their face through a computer or smartphone webcam; alternatively, they can scan a driver's license or other form of ID. "We're currently running tests in select regions to age-gate access to certain spaces or user settings," a spokesperson for Discord said in a statement. "The information shared to power the age verification method is only used for the one-time age verification process and is not stored by Discord or our vendor. For Face Scan, the solution our vendor uses operates on-device, which means there is no collection of any biometric information when you scan your face. For ID verification, the scan of your ID is deleted upon verification."

An anonymous reader quotes a report from 404 Media: As part of the company's months-long obsession with catching employees leaking internal developments to the press, staff at Wordpress parent company Automattic recently noticed individually-unique watermarks on internal sites, according to employees who spoke to 404 Media. Automattic added the watermarks to an internal employee communications platform called P2. P2 is a WordPress product other workplaces can also use. There are hundreds of P2 sites across teams at Automattic alone; many are team-specific, but some are company-wide for announcements. The watermarks in Automattic's P2 instance are nearly invisible, rendered as a pattern overlaid on the site's white page backgrounds. Zooming in or manually changing the background color reveals the pattern. If, for example, a journalist published a screenshot leaked to them that was taken from P2, Automattic could theoretically identify the employee who shared it.

In October, as part of a series of buyout offers meant to test employee's loyalty to his leadership, Automattic CEO Matt Mullenweg issued a threat for anyone speaking to the press, saying they should "exit gracefully, or be fired tomorrow with no severance." Earlier this month, the company laid off nearly 300 people. [...] It's not clear when the watermarks started appearing on P2, and Automattic has not responded to a request for comment. But Mullenweg has been warring with web hosting platform WP Engine -- and as the story has developed, seemingly with his own staff -- since last year. [...] One Automattic employee told me they don't think anyone is shocked by the watermarking, considering Mullenweg's ongoing campaign to find leakers, but that it's still adding to the uncertain, demoralized environment at the company. "Can't help but feel even more paranoid now," they said.

An anonymous reader quotes a report from SecurityWeek: Insurance firm Lemonade is notifying roughly 190,000 individuals that their driver's license numbers were likely exposed due to a technical glitch. Copies of the notification letter that were submitted to regulators in several states show that the incident involved an online application that enables individuals to obtain car insurance quotes and purchase policies. According to the company, a vulnerability in the car insurance quote flow resulted in the exposure of certain driver's license numbers for identifiable individuals. The vulnerability has been addressed, Lemonade says.

Between April 2023 and September 2024, the platform transmitted the information unencrypted, which the company says allowed driver's license numbers to be accessed without authorization. "We have no evidence to suggest that your driver's license number has been misused but we are providing this notice as a precaution to inform potentially affected individuals and share some steps you can take to help protect yourself," the company's notification letter reads. The insurer is providing the impacted individuals with 12 months of free credit monitoring and identity protection services.

A Canadian math prodigy is accused of stealing over $65 million through complex exploits on decentralized finance platforms and is currently a fugitive from U.S. authorities. Despite facing criminal charges for fraud and money laundering, he has evaded capture by moving internationally, embracing the controversial "Code is Law" philosophy, and maintaining that his actions were legal under the platforms' open-source rules. The Globe and Mail reports: Andean Medjedovic was 18 years old when he made a decision that would irrevocably alter the course of his life. In the fall of 2021, shortly after completing a master's degree at the University of Waterloo, the math prodigy and cryptocurrency trader from Hamilton had conducted a complex series of transactions designed to exploit a vulnerability in the code of a decentralized finance platform. The maneuver had allegedly allowed him to siphon approximately $16.5-million in digital tokens out of two liquidity pools operated by the platform, Indexed Finance, according to a U.S. court document.

Indexed Finance's leaders traced the attack back to Mr. Medjedovic, and made him an offer: Return 90 per cent of the funds, keep the rest as a so-called "bug bounty" -- a reward for having identified an error in the code -- and all would be forgiven. Mr. Medjedovic would then be free to launch his career as a white hat, or ethical, hacker. Mr. Medjedovic didn't take the deal. His social media posts hinted, without overtly stating, that he believed that because he had operated within the confines of the code, he was entitled to the funds -- a controversial philosophy in the world of decentralized finance known as "Code is Law." But instead of testing that argument in court, Mr. Medjedovic went into hiding. By the time authorities arrived on a quiet residential street in Hamilton to search his parents' townhouse less than two months later, Mr. Medjedovic had moved out, taking his electronic devices with him.

Then, roughly two years later, he struck again, netting an even larger sum -- approximately $48.4-million -- by conducting a similar exploit on another decentralized finance platform, U.S. authorities allege. Mr. Medjedovic, now 22, faces five criminal charges -- including wire fraud, attempted extortion and money laundering -- according to a U.S. federal court document that was unsealed earlier this year. If convicted, he could be facing decades in prison. First, authorities will have to find him.

An anonymous reader quotes a report from TechCrunch: Figma has sent a cease-and-desist letter to popular no-code AI startup Lovable, Figma confirmed to TechCrunch. The letter tells Lovable to stop using the term "Dev Mode" for a new product feature. Figma, which also has a feature called Dev Mode, successfully trademarked that term last year, according to the U.S. Patent and Trademark office. What's wild is that "dev mode" is a common term used in many products that cater to software programmers. It's like an edit mode. Software products from giant companies like Apple's iOS, Google's Chrome, Microsoft's Xbox have features formally called "developer mode" that then get nicknamed "dev mode" in reference materials.

Even "dev mode" itself is commonly used. For instance Atlassian used it in products that pre-date Figma's copyright by years. And it's a common feature name in countless open source software projects. Figma tells TechCrunch that its trademark refers only to the shortcut "Dev Mode" -- not the full term "developer mode." Still, it's a bit like trademarking the term "bug" to refer to "debugging." Since Figma wants to own the term, it has little choice but send cease-and-desist letters. (The letter, as many on X pointed out, was very polite, too.) If Figma doesn't defend the term, it could be absorbed as a generic term and the trademarked becomes unenforceable.

An anonymous reader quotes a report from TechCrunch: Car rental giant Hertz has begun notifying its customers of a data breach that included their personal information and driver's licenses. The rental company, which also owns the Dollar and Thrifty brands, said in notices on its website that the breach relates to a cyberattack on one of its vendors between October 2024 and December 2024. The stolen data varies by region, but largely includes Hertz customer names, dates of birth, contact information, driver's licenses, payment card information, and workers' compensation claims. Hertz said a smaller number of customers had their Social Security numbers taken in the breach, along with other government-issued identification numbers.

Notices on Hertz's websites disclosed the breach to customers in Australia, Canada, the European Union, New Zealand, and the United Kingdom. Hertz also disclosed the breach with several U.S. states, including California and Maine. Hertz said at least 3,400 customers in Maine were affected but did not list the total number of affected individuals, which is likely to be significantly higher. Emily Spencer, a spokesperson for Hertz, would not provide TechCrunch with a specific number of individuals affected by the breach but said it would be "inaccurate to say millions" of customers are affected. The company attributed the breach to a vendor, software maker Cleo, which last year was at the center of a mass-hacking campaign by a prolific Russia-linked ransomware gang.