Security

Sensitive DeepSeek Data Was Exposed to the Web, Cybersecurity Firm Says (reuters.com) 17

An anonymous reader shared this report from Reuters: New York-based cybersecurity firm Wiz says it has found a trove of sensitive data from the Chinese artificial intelligence startup DeepSeek inadvertently exposed to the open internet. In a blog post published Wednesday, Wiz said that scans of DeepSeek's infrastructure showed that the company had accidentally left more than a million lines of data available unsecured.

Those included digital software keys and chat logs that appeared to capture prompts being sent from users to the company's free AI assistant.

Wiz's chief technology officer tells Reuters that DeepSeek "took it down in less than an hour" after Wiz alerted them.

"But this was so simple to find we believe we're not the only ones who found it."
Displays

The 25-Year Success Story of SereneScreen (pcgamer.com) 24

A recent video from retro tech YouTuber Clint "LGR" Basinger takes a deep dive into the history of the SereneScreen Marine Aquarium, exploring how former Air Force pilot Jim Sachs transformed a lackluster Windows 95 screensaver into a 25-year digital phenomenon. PC Gamer reports: The story centers on Jim Sachs, a man with one of those "they don't make this type of guy anymore" life stories so common to '80s and '90s computing, one Sachs recounted to the website AmigaLove back in 2020. After a six-year career in the US Air Force flying C-141 Starlifters, Sachs taught himself programming and digital art and began creating games for Commodore 64 and Amiga computers. From his first game, Saucer Attack, to later efforts like Defender of the Crown or his large portfolio of promotional and commissioned pieces, Sach's pixel art remains gorgeous and impressive to this day, and he seems to be a bit of a legend among Commodore enthusiasts.

It's with this background in games and digital art that Sachs looked at Microsoft's simple aquarium-themed screensaver for Windows 95 and 98 and thought he could do better. "Microsoft had an aquarium that they gave away with Windows where it was just bitmaps of fish being dragged across the screen," Sachs told the Matt Chat podcast back in 2015. "And they had that for like, three or four years. And I thought, I've given them enough time, I'm taking them to market. I'm gonna do something which will just blow that away."

Using reference photographs of real aquariums -- Sachs thanked a specific pet shop that's still around in an early version of his website" -- Sachs created the 3D art by hand and programmed the screensaver in C++, releasing the initial version in July 2000. Even looking at it all these years later, the first iteration of the SereneScreen Marine Aquarium is pretty gorgeous, and it has the added charm of being such a distinctly Y2K, nostalgic throwback.

The standalone screensaver sold well, but then things came full circle with Microsoft licensing a version of the Marine Aquarium for the Windows XP Plus Pack and later standard releases of the OS. Since that time, the Marine Aquarium has continued to see new releases, and a section on the SereneScreen website keeps track of its various appearances in the background of movies and TV shows like Law and Order. Over on the SereneScreen website, you can purchase a real time, 3D-accelerated version of the Marine Aquarium for Mac, iOS, Android, and the original Windows. Echoing the Windows XP deal, Roku actually licensed this 3.0 version for its TVs, bringing it to a new generation of users.

AI

Taiwan Says Government Departments Should Not Use DeepSeek, Citing Security Concerns (reuters.com) 37

An anonymous reader shares a report: Taiwan's digital ministry said on Friday that government departments should not use Chinese startup DeepSeek's artificial intelligence (AI) service, saying that as the product is from China it represents a security concern.

Democratically-governed Taiwan has long been wary of Chinese tech given Beijing's sovereignty claims over the island and its military and political threats against the government in Taipei. In a statement, Taiwan's Ministry of Digital Affairs said that government departments are not allowed to use DeepSeek's AI service to "prevent information security risks".

"DeepSeek's AI service is a Chinese product, and its operation involves cross-border transmission and information leakage and other information security concerns, and is a product that jeopardises the country's information security," the ministry said.

Games

VGHF Opens Free Online Access To 1,500 Classic Game Mags, 30K Historic Files (arstechnica.com) 12

An anonymous reader quotes a report from Ars Technica: The Video Game History Foundation has officially opened up digital access to a large portion of its massive archives today, offering fans and researchers unprecedented access to information and ephemera surrounding the past 50 years of the game industry. Today's launch of the VGHF Library comprises more than 30,000 indexed and curated files, including high-quality artwork, promotional material, and searchable full-text archives over 1,500 video game magazine issues. This initial dump of digital materials also contains never-before-seen game development and production archival material stored by the VGHF, such as over 100 hours of raw production files from the creation of the Myst series or Sonic the Hedgehog concept art and design files contributed by artist Tom Payne.

In a blog post and accompanying launch video, VGHF head librarian Phil Salvador explains how today's launch is the culmination of a dream the organization has had since its launch in 2017. But it's also just the start of an ongoing process to digitize the VGHF's mountains of unprocessed physical material into a cataloged digital form, so people can access it "without having to fly to California." The VGHF doesn't require any special credentials or even a free account to access its archives, a fact that might be contributing to overloaded servers on this launch day. Despite those server issues, amateur researchers online are already sharing crucial library-derived information about the history of describing games as "immersive" or that one time Garfield ranked games in GamePro, for instance.
Unfortunately, digital libraries cannot offer direct, playable access to retail video games due to DMCA restrictions, notes Ars. However, organizations like the VGHF "continue to challenge those copyright rules every three years," raising hope for future access.
Democrats

Democrat Teams Up With Movie Industry To Propose Website-Blocking Law (arstechnica.com) 155

An anonymous reader quotes a report from Ars Technica: US Rep. Zoe Lofgren (D-Calif.) today proposed a law that would let copyright owners obtain court orders requiring Internet service providers to block access to foreign piracy websites. The bill would also force DNS providers to block sites. Lofgren said in a press release that she "work[ed] for over a year with the tech, film, and television industries" on "a proposal that has a remedy for copyright infringers located overseas that does not disrupt the free Internet except for the infringers." Lofgren said she plans to work with Republican leaders to enact the bill. [...]

Lofgren's bill (PDF) would impose site-blocking requirements on broadband providers with at least 100,000 subscribers and providers of public domain name resolution services with annual revenue of over $100 million. The bill has exemptions for VPN services and "similar services that encrypt and route user traffic through intermediary servers"; DNS providers that offer service "exclusively through encrypted DNS protocols"; and operators of premises that provide Internet access, like coffee shops, bookstores, airlines, and universities. Lofgren released a summary of the bill explaining how copyright owners can obtain blocking orders. "A copyright owner or exclusive licensee may file a petition in US District Court to obtain a preliminary order against a foreign website or online service engaging in copyright infringement," the summary said.

For non-live content, the petition must show that "transmission of a work through a foreign website likely infringes exclusive rights under Section 106 [of US law] and is causing irreparable harm." For live events, a petition must show that "an imminent or ongoing unauthorized transmission of a live event is likely to infringe, and will cause irreparable harm." The proposed law says that after a preliminary order is issued, copyright owners would be able to obtain orders directing service providers "to take reasonable and technically feasible measures to prevent users of the service provided by the service provider from accessing the foreign website or online service identified in the order." Judges would not be permitted to "prescribe any specific technical measures" for blocking and may not require any action that would prevent Internet users from using virtual private networks.
Consumer advocacy group Public Knowledge described the bill as a "censorious site-blocking" measure "that turns broadband providers into copyright police at Americans' expense."

"Rather than attacking the problem at its source -- bringing the people running overseas piracy websites to court -- Congress and its allies in the entertainment industry has decided to build out a sweeping infrastructure for censorship," Public Knowledge Senior Policy Counsel Meredith Rose said. "Site-blocking orders force any service provider, from residential broadband providers to global DNS resolvers, to disrupt traffic from targeted websites accused of copyright infringement. More importantly, applying blocking orders to global DNS resolvers results in global blocks. This means that one court can cut off access to a website globally, based on one individual's filing and an expedited procedure. Blocking orders are incredibly powerful weapons, ripe for abuse, and we've seen the messy consequences of them being implemented in other countries."
Businesses

New Zealand Relaxes Visa Rules To Lure Digital Nomads (theguardian.com) 65

New Zealand has relaxed its visitor visa rules to attract so-called "digital nomads" in a bid to boost tourism and the economy. From a report: Visitor visas will now allow people to work remotely for a foreign employer while they are visiting New Zealand for up to 90 days. The visa can be extended up to nine months but visitors may need to pay tax during this time. Economic growth minister Nicola Willis said making it easier for digital nomads -- people who work remotely while travelling -- to work in New Zealand, will boost the country's appeal as a destination. The visa would extend to influencers, as long as they are being paid by an overseas company.
Books

Bookshop Takes On Amazon With E-book Platform For Independent Stores 29

Bookshop.org has launched an e-book platform and mobile app that allows independent bookstores to sell digital books, marking its latest effort to compete with Amazon in the online book market. The platform enables bookstores to sell e-books directly through their websites, with stores receiving all profits from direct sales. When customers buy e-books through Bookshop.org without selecting a specific store, 30% of profits will be shared among member bookstores.

The move comes as most independent bookstores remain shut out of the growing digital book market. Only 18% of independent stores currently sell e-books, according to a 2023 American Booksellers Association survey. Since its 2020 launch, Bookshop.org has generated more than $35 million in profits for over 2,200 independent bookstores through physical book sales. The site will initially offer more than one million digital titles and plans to add self-published works later this year.
Apple

HomePod With Screen 'Most Significant New Apple Product' of 2025, Says Gurman 75

In his latest Power On! newsletter, Apple analyst Mark Gurman called the company's new smart device "Apple's most significant release of the year because it's the first step toward a bigger role in the smart home." The device in question is rumored to be a new smart hub that could look like a HomePod with a seven-inch screen. Digital Trends reports: Gurman calls the new smart device a "smaller and cheaper iPad that lets users control appliances, conduct FaceTime chats and handle other tasks." It doesn't sound like the new hub will stand alone, though; Gurman goes on to say that it "should be followed by a higher-end version in a few years." That version should be able to pan and tilt to keep users in-frame during video calls, or just to keep the display visible as someone moves around the home.

[...] Other details are still known, like whether the device will use an original operating system. The overall plan is to make the new smart device the center of an Apple-based smart home and open the doors to a more conversational Siri.
Social Networks

Pixelfed Creator Crowdfunds More Capacity, Plus Open Source Alternatives to TikTok and WhatsApp (techcrunch.com) 11

An anonymous reader shared this report from TechCrunch: The developer behind Pixelfed, Loops, and Sup, open source alternatives to Instagram, TikTok, and WhatsApp, respectively, is now raising funds on Kickstarter to fuel the apps' further development. The trio is part of the growing open social web, also known as the fediverse, powered by the same ActivityPub protocol used by X alternative Mastodon... [and] challenge Meta's social media empire... "Help us put control back into the hands of the people!" [Daniel Supernault, the Canadian-based developer behind the federated apps] said in a post on Mastodon where he announced the Kickstarter's Thursday launch.

As of the time of writing, the campaign has raised $58,383 so far. While the goal on the Kickstarter site has been surpassed, Supernault said that he hopes to raise $1 million or more so he can hire a small team... A fourth project, PubKit, is also a part of these efforts, offering a toolset to support developers building in the fediverse... The stretch goal of the Kickstarter campaign is to register the Pixelfed Foundation as a not-for-profit and grow its team beyond volunteers. This could help address the issue with Supernault being a single point of failure for the project... Mastodon CEO Eugen Rochko made a similar decision earlier this month to transition to a nonprofit structure. If successful, the campaign would also fund a blogging app as an alternative to Tumblr or LiveJournal at some point in the future.

The funds will also help the apps manage the influx of new users. On Pixelfed.social, the main Pixelfed instance, (like Mastodon, anyone can run a Pixelfed server), there are now more than 200,000 users, thanks in part to the mobile app's launch, according to the campaign details shared with TechCrunch. The server is also now the second-largest in the fediverse, behind only Mastodon.social, according to network statistics from FediDB. New funds will help expand the storage, CDNs, and compute power needed for the growing user base and accelerate development. In addition, they'll help Supernault dedicate more of his time to the apps and the fediverse as a whole while also expanding the moderation, security, privacy, and safety programs that social apps need.

As a part of its efforts, Supernault also wants to introduce E2E encryption to the fediverse.

The Kickstarter campaign promises "authentic sharing reimagined," calling the apps "Beautiful sharing platforms that puts you first. No ads, no algorithms, no tracking — just pure photography and authentic connections... More Privacy, More Safety. More Variety. " Pixelfed/Loops/Sup/Pubkit isn't a ambitious dream or vaporware — they're here today — and we need your support to continue our mission and shoot for the moon to be the best social communication platform in the world.... We're following the both the Digital Platform Charter of Rights & Ethical Web Principles of the W3C for all of our projects as guidelines to building platforms that help people and provide a positive social benefit.
The campaign's page says they're building "a future where social networking respects your privacy, values your freedom, and prioritizes your safety."
Businesses

Crypto Czar David Sacks Says NFTs and Memecoins Are Collectibles, Not Securities (fortune.com) 56

Non-fungible tokens and memecoins are neither securities nor commodities, according to White House crypto czar David Sacks. Instead, he defines them as "collectibles." From a report: "It's like a baseball card or a stamp," Sacks said in an interview with Fox Business on Thursday, referencing Trump's explosively popular memecoin. "People buy it because they want to commemorate something."

The famous venture capitalist's comments touched on a long-running debate about the crypto industry in general: how exactly to treat different digital assets. Some argue that digital assets are securities, which are tradable financial assets like stocks. But others say they're commodities, or raw materials that can be bought and sold, like gold and wheat. The classification differences have vast regulatory implications. "There's a few different categories here, so defining the market structure is important," said Sacks.

Businesses

Walgreens Replaced Fridge Doors With Smart Screens. It's Now a $200 Million Fiasco 175

Walgreens Boots Alliance has ended a $200 million digital display venture with startup Cooler Screens after widespread technical failures and poor revenue, removing thousands of smart screens from its store freezer doors [non-paywalled link]. The screens, which displayed product information and ads, frequently crashed, showed incorrect inventory, and occasionally caught fire, Bloomberg reports.

Cooler Screens CEO Arsen Avakian cut data feeds to over 100 Chicago-area stores in December 2023 during a contract dispute, prompting Walgreens to obtain a restraining order. Walgreens completed removal of 10,300 screens from 700 stores in August 2024, replacing them with traditional glass doors. The screens generated just $215 per door annually, less than half the contractual minimum, according to Walgreens. Nearly $50 million worth of custom-made screens now sit unused in a Texas warehouse.
EU

Epic Games To Cover Developer iOS Fees (theverge.com) 9

Epic Games is expanding its mobile app store to include nearly 20 third-party games on Android and EU iOS, launching a free games program, and temporarily covering Apple's Core Technology Fee for participating developers to counter platform restrictions. "Our aim here isn't just to launch a bunch of different stores in different places, but to build a single, cross-platform store in which, within the era of multi-platform games, if you buy a game or digital items in one place, you have the ability to own them everywhere," Epic CEO Tim Sweeney told reporters during a press briefing. The Verge reports: Under the program, Epic will offer new free games in the store each month before eventually switching to a weekly schedule. However, the games aren't actually in the store yet -- Epic said on Thursday that it "ran into a few bugs that we're working through now" and "we'll provide an update once the games are live and ready to play!"

To sweeten the deal for developers that participate in the free games program on iOS, Epic will help defray the cost of using third-party marketplaces. For one year, it will pay these developers' Core Technology Fee (CTF): a 50 euro cent fee levied on every install of an iOS app that uses third-party stores after it exceeds 1 million annual downloads. (Apple gives developers with less than 10 million euros in global revenue a three-year on-ramp.) [...] Epic writes in its blog post that covering the fee "is not financially viable for every third party app store or for Epic long term, but we'll do it while the European Commission investigates Apple's non-compliance with the law."

Bitcoin

Trump Issues Executive Order To Create Cryptocurrency Working Group, Establish Digital Asset Stockpile (coindesk.com) 106

President Trump signed an executive order on Thursday that "sets a federal agenda meant to move U.S. digital assets businesses into friendly oversight," reports CoinDesk. The order creates a cryptocurrency working group tasked with proposing a new regulatory framework for digital assets. It will be "made up of the Treasury secretary, attorney general and chairs of the Securities and Exchange Commission and Commodity Futures Trading Commission, along with other agency heads," notes Reuters.

The directive also explores the creation of a "national digital asset stockpile," orders protections for banking services for crypto companies, and bans the creation of central bank digital currencies which could compete with existing cryptocurrencies.
United Kingdom

UK Watchdog Targets Apple, Google Mobile Ecosystems With New Digital Market Powers (apnews.com) 21

Britain's competition watchdog launched investigations into Apple and Google's mobile ecosystems on Thursday under new powers to tackle digital market abuses that took effect this year. The Competition and Markets Authority will examine whether the tech giants' control over operating systems, app stores and browsers constitutes "strategic market status" requiring regulatory intervention.

The probe will focus on potential barriers to competition, preferential treatment of their own apps, and whether developers face unfair terms for app distribution. The regulator could force changes including mandatory access to key mobile functions or allowing users to download apps outside official stores.
Technology

Calm Tech Certification 'Rewards' Less Distracting Tech (ieee.org) 11

An anonymous reader quotes a report from IEEE Spectrum: [Amber Case is a speaker and author of Calm Technology.] Case's book, inspired by the work of Xerox PARC researchers Mark Weiser and John Seely Brown, outlines eight principles for calm technology; examples include the idea that technology "should require the smallest possible amount of attention" while in use, and that it "should work even when it fails." The book's ideas gained the attention of major technology companies, including Microsoft and Amazon, and Case gave talks at TED and the Thinking Digital Conference, among others. "But that wasn't enough," says Case. While her ideas received plenty of interest, she noticed that interest didn't translate to concrete action. Companies designing new products were unclear on what was right, or wrong, and uncertain about how they might put calm technology ideals into practice.

So, Case decided on a new approach. She founded the Calm Tech Institute in May 2024 to develop and promote a Calm Tech certification. "A standard is a good way of rewarding that behavior," says Case. The certification includes 81 points that span six categories: attention, periphery, durability, light, sound, and materials. Some of the certification's specifications are quite stringent. It outlines minimum standards for user interface (UI) design, such as consistent use of icons and font typography, asks that all but the "most crucial" notifications be turned off by default, and requires an instruction booklet with a list of replacements and compatible parts.

The first handful of devices that earned the Calm Tech certification were announced at, or just before, CES 2025. This first batch included, for example, the reMarkable Paper Pro. Released on September 4, 2024, the Paper Pro looks like an iPad and has a color eInk display, but it's tightly focused on writing and organizing notes with the tablet's included stylus. ReMarkable purposefully constrains the device's features to maintain a distraction-free experience. Though it can sync notes online, the Paper Pro doesn't have an app store, a web browser, or widgets. It doesn't even display the time. [...]

Another early adopter was Mui Labs, creator of the Mui Board, a smart home device that looks like a piece of finely finished decorative wood but, when touched, illuminates to reveal a smart home interface. [...] Several other devices earned certification in late 2024. These include the AirThings View Plus, an air quality monitor with a simple eInk display that I highlighted during the 2021 wildfire season; the Daylight Computer, a portable PC with an eInk display and custom OS meant to reduce distractions; and Unpluq, a physical dongle that can lock apps on Android and iOS devices until the dongle is moved close to the device.
Calm Tech Institute's certification is not yet publicly available, though it does hope to have it published "soon," says Case.

Spectrum notes that Calm is "also exploring research into calm technology and working with neuroscientists to study the 'cognitive need for dimensionality and texture' in user interfaces."
United Kingdom

UK To Launch Digital Wallet For Passports, Driving Licences, and More (www.gov.uk) 49

Britain will launch a digital wallet app later this year allowing citizens to store government documents on their smartphones, UK Science Secretary Peter Kyle announced on Tuesday. The GOV.UK Wallet, available on Android and iOS, will first support veteran cards followed by driver's licenses in late 2025, with plans to eventually include passports, marriage certificates and benefit documents.

The app will use facial recognition for security. "The overflowing drawer rammed with letters from the government and hours spent on hold to get a basic appointment will soon be consigned to history," Kyle said. The Labour government aims to have all UK agencies offering digital alternatives to physical documents by 2027. Officials said users can recover their digital credentials if phones are lost, adding the system complies with existing data protection laws.
AI

Trump Revokes Biden Executive Order On Addressing AI Risks (msn.com) 123

An anonymous reader quotes a report from Reuters: U.S. President Donald Trump on Monday revoked a 2023 executive order signed by Joe Biden that sought to reduce the risks that artificial intelligence poses to consumers, workers and national security. Biden's order required developers of AI systems that pose risks to U.S. national security, the economy, public health or safety to share the results of safety tests with the U.S. government, in line with the Defense Production Act, before they were released to the public. Four days before leaving office, Biden issued a comprehensive cybersecurity executive order that also targeted AI usage. The directive aimed to leverage AI's security benefits, implement digital identities for citizens, and address vulnerabilities that have allowed Chinese and Russian intrusions into U.S. government systems, among other things. It's unclear at this time if it, too, will be revoked.
Social Networks

Major Tech Firms Sign EU Pledge To Tackle Hate Speech (theverge.com) 176

Many of the world's largest tech companies, including Meta, Google, TikTok, and X, have pledged to European lawmakers that they will do more to prevent and remove illegal hate speech on their platforms. The revised set of voluntary commitments unveiled on Monday aim to help platforms "demonstrate their compliance" with the Digital Services Act (DSA) obligations regarding illegal content moderation. The Verge reports: Facebook, Instagram, TikTok, Twitch, X, YouTube, Snapchat, LinkedIn, Dailymotion, Jeuxvideo.com, Rakuten Viber, and Microsoft-hosted consumer services have all signed the "Code of Conduct on Countering Illegal Hate Speech Online Plus" -- which is not a terribly named streaming service but an update to a 2016 Code. The revised code commits signatories to transparency around hate speech detection and reduction, to allowing third-party monitors to assess how hate speech notices are reviewed by the platforms, and to review "at least two-thirds of hate speech notices" within 24 hours. These EU Codes of Conduct are voluntary commitments and companies face no penalties if they decide to back out of the agreement [...].
Security

HPE Investigating Breach Claims After Hacker Offers To Sell Data (securityweek.com) 3

The notorious hacker IntelBroker claims to have stolen data from HPE systems, including source code, private repositories, digital certificates, and access to certain services. SecurityWeek reports: The compromised data allegedly includes source code for products such as Zerto and iLO, private GitHub repositories, digital certificates, Docker builds, and even some personal information that the hacker described as "old user PII for deliveries." IntelBroker is also offering access to some services used by HPE, including APIs, WePay, GitHub and GitLab. Contacted by SecurityWeek, HPE said it's aware of the breach claims and is conducting an investigation.

"HPE became aware on January 16 of claims being made by a group called IntelBroker that it was in possession of information belonging to HPE. HPE immediately activated our cyber response protocols, disabled related credentials, and launched an investigation to evaluate the validity of the claims," said HPE spokesperson Adam R. Bauer. "There is no operational impact to our business at this time, nor evidence that customer information is involved," Bauer added.

AI

CIA's Chatbot Stands In For World Leaders 37

The CIA has developed a chatbot to talk to virtual versions of foreign presidents and prime ministers. "Understanding leaders around the world is one of the CIA's most important jobs. Teams of analysts comb through intelligence collected by spies and publicly available information to create profiles of leaders that can predict behaviors," reports the New York Times. "A chatbot powered by artificial intelligence now helps do that work." From the report: The chatbot is part of the spy agency's drive to improve the tools available to CIA analysts and its officers in the field, and to better understand adversaries' technical advances. Core to the effort is to make it easier for companies to work with the most secretive agency. William Burns, CIA director for the past four years, prioritized improving the agency's technology and understanding of how it is used. Incoming Trump administration officials say they plan to build on those initiatives, not tear them down. [...]

The CIA has long used digital tools, spy gadgets and even AI. But with the development of new forms of AI, including the large language models that power chatbots, the agency has stepped up its investments. Making better use of AI, Burns said, is crucial to US competition with China. And better AI models have helped the agency's analysts "digest the avalanche of open-source information out there," he said. The new tools have also helped analysts process clandestinely acquired information, Burns said. New technologies developed by the agency are helping spies navigate cities in authoritarian countries where governments use AI-powered cameras to conduct constant surveillance on their population and foreign spies.

Slashdot Top Deals