An anonymous reader quotes an article from Fortune: Earlier this month, job advice platform Resumebuilder.com surveyed 1,000 business leaders who either use or plan to use ChatGPT. It found that nearly half of their companies have implemented the chatbot. And roughly half of this cohort say ChatGPT has already replaced workers at their companies....

Business leaders already using ChatGPT told ResumeBuilders.com their companies already use ChatGPT for a variety of reasons, including 66% for writing code, 58% for copywriting and content creation, 57% for customer support, and 52% for meeting summaries and other documents. In the hiring process, 77% of companies using ChatGPT say they use it to help write job descriptions, 66% to draft interview requisitions, and 65% to respond to applications.

Overall, most business leaders are impressed by ChatGPT's work," ResumeBuilder.com wrote in a news release. "Fifty-five percent say the quality of work produced by ChatGPT is 'excellent,' while 34% say it's 'very good....'" Nearly all of the companies using ChatGPT said they've saved money using the tool, with 48% saying they've saved more than $50,000 and 11% saying they've saved more than $100,000....

Of the companies ResumeBuilder.com identified as businesses using the chatbot, 93% say they plan to expand their use of ChatGPT, and 90% of executives say ChatGPT experience is beneficial for job seekers — if it hasn't already replaced their jobs.

Long-time Slashdot reader destinyland writes: They say "always be learning" — but do podcasts actually help? I've been trying to find podcasts that discuss programming, and I've enjoyed Lex Fridman's interviews with language creators like Guido van Rossum, Chris Lattner, and Brendan Eich (plus his long interviews with Donald Knuth). Then I discovered that GitHub, Red Hat, Stack Overflow, and the Linux Foundation all have their own podcast.

There's a developer podcast called "Corecursive" that I like with the tagline "the stories behind the code," plus a whole slew of (sometimes language-specific) podcasts at Changelog (including an interview with Brian Kernighan). And it seems like there's an entirely different universe of content on YouTube — like the retired Microsoft engineer doing "Dave's Garage," Software Engineering Daily, and the various documentaries by Honeypot.io. Computerphile has also scored various interviews with Brian Kernighan, and if you search YouTube enough you'll find stray interviews with Steve Wozniak.

But I wanted to ask Slashdot's readers: Do you listen to podcasts about computer science? And if so, which ones? (Because I'm always stumbling across new programming podcasts, which makes me worry about what else I've been missing out on.) Maybe I should also ask if you ever watch coding livestreams on Twitch — although that gets into the more general question of just how much content we consume that's related to our profession.
Fascinating discussions, or continuing work-related education? (And do podcasts really help keep your skills fresh? Are coding livestreams on Twitch just a waste of time?) Most importantly, does anyone have a favorite geek podcast that they're listening to? Share your own experience and opinions in the comments...

What's the best podcast about computer science?

Long-time Slashdot reader theodp writes: In what might be mistaken for an early April Fools' joke, one month after Amazon confirmed it would layoff 18,000+ employees, Amazon News last week put out a whimsical story about 10,000+ of its employees' dogs who are registered to "work" at corporate offices as part of Amazon's Dogs at Work program. "This unique program," Amazon explains," pulls out all the stops to make sure dogs have everything they need for a successful work day, including decked out dog parks, unlimited treats from the reception desk, and regular events where dogs and their owners can get to know their colleagues."

Amazon employees also received a back-to-the office edict last week from CEO Andy Jassy, who cited the need for "serendipitous interactions" between team members, which Amazon has at times suggested would be facilitated if its employees' dogs return to the workplace, too. "The dog-friendly policy also contributes to the company's culture of collaboration," Amazon reported last year. "Dogs in the workplace are an unexpected mechanism for connection, an Amazon manager added. "I see employees meeting each other in our lobbies or elevators every day because of their dogs."

Amazon News offers profiles of "11 Amazing Pups" who didn't need obedience school to be convinced to return to the office, including Murray and Ripley. "Working from home certainly has its perks," Amazon reports, "but Murray LOVES coming into the office. He gets to see his favorite colleagues-both human and canine-and brighten everyone's day." And "Ripley starts each workday with a greeting from her best friend Lisa at the Culver Studios gate. From there, she promptly reports for duty, doling out kisses to anyone who needs a little pick-me-up."

After an iPhone was stolen, $10,000 vanished from the owner's bank account — and they were locked out of their Apple account's photos, contacts and notes. The thieves "stole thousands of dollars through Apple Pay" and "opened an Apple Card to make fraudulent charges," writes 9 to 5 Mac, citing a report from the Wall Street Journal. These thieves often work in groups with one distracting a victim while another records over a shoulder as they enter their passcode. Others have been known to even befriend victims, asking them to open social media or other apps on their iPhones so they can watch and memorize the passcode before stealing it. A 12-person crime ring in Minnesota was recently taken down after targeting iPhones like this in bars. Almost $300,000 was stolen from 40 victims by this group before they were caught.
The Journal adds that "similar stories are piling up in police stations around the country," while one of their article's authors has tweeted Apple's official response. "We sympathize with users who have had this experience and we take all attacks on our users very seriously, no matter how rare.... We will continue to advance the protections to help keep user accounts secure."

The reporter suggests alphanumeric passwords are harder to steal, while MacRumors offers some other simple fixes. "Use Face ID or Touch ID as much as possible when in public to prevent thieves from spying... In situations where entering the passcode is necessary, users can hold their hands over their screen to hide passcode entry."

More than a quarter of Google's full-time workforce is in its cloud unit, reports CNBC. And now Google is asking cloud employees and partners "to share their desks and alternate days with their desk mates starting next quarter, citing 'real estate efficiency.'" The new desk-sharing model will apply to Google Cloud's five largest U.S. locations — Kirkland, Washington; New York City; San Francisco; Seattle; and Sunnyvale, California — and is happening so the company "can continue to invest in Cloud's growth," according to an internal FAQ recently shared with cloud employees and viewed by CNBC. Some buildings will be vacated as a result, the document noted.

"Most Googlers will now share a desk with one other Googler," the internal document stated, noting they expect employees to come in on alternate days so they're not at the same desk on the same day. "Through the matching process, they will agree on a basic desk setup and establish norms with their desk partner and teams to ensure a positive experience in the new shared environment." The FAQ says employees may come in on other days, but if they're in on an unassigned day, they will use "overflow drop-in space."

Internally, leadership has given the new seating arrangement a title: "Cloud Office Evolution" or "CLOE," which it describes as "combining the best of pre-pandemic collaboration with the flexibility" of hybrid work. The new workspace plan is not a temporary pilot, the document noted. "This will ultimately lead to more efficient use of our space," it said.
A Google spokesperson said they'd conducted pilot programs and surveys "to explore different hybrid work models," CNBC reports, with the results showing employees "value guaranteed in-person collaboration when they are in the office, as well as the option to work from home a few days each week." So they've devised their new system to combine "the best of pre-pandemic collaboration with the flexibility and focus we've all come to appreciate from remote work, while also allowing us to use our spaces more efficiently."

The article points out that Google Cloud is currently not profitable, and "is still losing hundreds of millions of dollars every quarter — $480 million in the fourth quarter, although that was nearly half of the loss a year prior."

An internal FAQ warns that affected employees are now expected to have "conversations about how they will or will not decorate the space, store personal items, and tidiness expectations."

Thanks to Slashdot reader RUs1729 for sharing the story.

L.Kynes shares a report from CSO Online: At a time when almost all software contains open source code, at least one known open source vulnerability was detected in 84% of all commercial and proprietary code bases examined by researchers at application security company Synopsys. In addition, 48% of all code bases analyzed by Synopsys researchers contained high-risk vulnerabilities, which are those that have been actively exploited, already have documented proof-of-concept exploits, or are classified as remote code execution vulnerabilities. The vulnerability data -- along with information on open source license compliance -- was included in Synopsys' 2023 Open Source Security and Risk Analysis (OSSRA) report (PDF), put together by the company's Cybersecurity Research Center (CyRC). "Of the 1,703 codebases that Synopsys audited in 2022, 96% of them contained open source," adds L.Kynes, citing the report. "Aerospace, aviation, automotive, transportation, logistics; EdTech; and Internet of Things are three of the 17 industry sectors included in the report that had open source in 100% of their audited codebases. In the remaining verticals, over 92% of the codebases contained open source."

Canada's second-largest telecom, TELUS is investigating a potential data breach after a threat actor shared samples online of what appears to be employee data. BleepingComputer reports: The threat actor subsequently posted screenshots that apparently show private source code repositories and payroll records held by the company. TELUS has so far not found evidence of corporate or retail customer data being stolen and continues to monitor the potential incident. On February 17, a threat actor put up what they claim to be TELUS' employee list (comprising names and email addresses) for sale on a data breach forum. "TELUS employes [sic] from a very recent breach. We have over 76K unique emails and on top of this, we have internal information associated with each employee scraped from Telus' API," states the forum post.

While BleepingComputer has been unable to confirm the veracity of threat actor's claims just yet, the small sample set posted by the seller does have valid names and email addresses corresponding to present-day TELUS employees, particularly software developers and technical staff. By Tuesday, February 21, the same threat actor had created another forum post -- this time offering to sell TELUS' private GitHub repositories, source code, as well as the company's payroll records. The seller further boasts that the stolen source code contains the company's "sim-swap-api" that will purportedly enable adversaries to carry out SIM swap attacks.

An anonymous reader quotes a report from Motherboard, written by Joseph Cox: On Wednesday, I phoned my bank's automated service line. To start, the bank asked me to say in my own words why I was calling. Rather than speak out loud, I clicked a file on my nearby laptop to play a sound clip: "check my balance," my voice said. But this wasn't actually my voice. It was a synthetic clone I had made using readily available artificial intelligence technology. "Okay," the bank replied. It then asked me to enter or say my date of birth as the first piece of authentication. After typing that in, the bank said "please say, 'my voice is my password.'" Again, I played a sound file from my computer. "My voice is my password," the voice said. The bank's security system spent a few seconds authenticating the voice. "Thank you," the bank said. I was in.

I couldn't believe it -- it had worked. I had used an AI-powered replica of a voice to break into a bank account. After that, I had access to the account information, including balances and a list of recent transactions and transfers. Banks across the U.S. and Europe use this sort of voice verification to let customers log into their account over the phone. Some banks tout voice identification as equivalent to a fingerprint, a secure and convenient way for users to interact with their bank. But this experiment shatters the idea that voice-based biometric security provides foolproof protection in a world where anyone can now generate synthetic voices for cheap or sometimes at no cost. I used a free voice creation service from ElevenLabs, an AI-voice company. Now, abuse of AI-voices can extend to fraud and hacking. Some experts I spoke to after doing this experiment are now calling for banks to ditch voice authentication altogether, although real-world abuse at this time could be rare. A Lloyds Bank spokesperson said in a statement that "Voice ID is an optional security measure, however we are confident that it provides higher levels of security than traditional knowledge-based authentication methods, and that our layered approach to security and fraud prevention continues to provide the right level of protection for customers' accounts, while still making them easy to access when needed."

The Consumer Financial Protection Bureau, one of the U.S. agencies that regulates the financial industry, said: "The CFPB is concerned with data security, and companies are on notice that they'll be held accountable for shoddy practices. We expect that any firm follow the law, regardless of technology used."

The cyber-insurance market, battered by a rash of pandemic-era ransomware attacks, is making a comeback. Price hikes are moderating, new carriers and fresh sources of capital are emerging, and companies can better afford coverage. From a report: Cyber-insurance pricing increased 10% from a year earlier in January, a fraction of the 110% annual increase reported in the first quarter of 2022, preliminary data from insurance broker Marsh McLennan show. If those trends continue, prices could be set to decline, said Tom Reagan, Marsh's cyber practice leader. The reversal would follow a wave of digital intrusions that dominated the work-from-home era and forced insurers to recalibrate both how they write policies and their risk appetites. Those attacks also pushed their clients to adopt stronger cybersecurity measures. The brutal conditions in the market have let up since then, with claim frequency declining in the fourth quarter of 2022 even as severity remained elevated, according to Marsh.

"What we're left with is a very, very, very different market than what we went into two or three years ago," said Paul Bantick, the global head of cyber risks at London-based insurer Beazley. "We have a mature market that has stood up against a huge test." The risks posed by cyber criminals are still enormous. Ransomware attacks against industrial organizations increased by 87% in 2022 from the year before, while the US Treasury Department said financial institutions flagged nearly $1.2 billion in likely ransomware-related payments in 2021. Recent high-profile breaches at financial services firm ION Trading UK and a major Asian data center emphasized the grim risk posed by hackers. Even so, the total amount extorted from ransomware victims in 2022 dropped to $456.8 million from $765.6 million the year before, according to data from Chainalysis.

Bruce66423 writes: The encrypted-messaging app Signal has said it would stop providing services in the UK if a new law undermined encryption. If forced to weaken the privacy of its messaging system under the Online Safety Bill, the organisation "would absolutely, 100% walk" Signal president Meredith Whittaker told the BBC. The government said its proposal was not "a ban on end-to-end encryption". The bill, introduced by Boris Johnson, is currently going through Parliament. Critics say companies could be required by Ofcom to scan messages on encrypted apps for child sexual abuse material or terrorism content under the new law. This has worried firms whose business is enabling private, secure communication.

Staff working at the European Commission have been ordered to remove the TikTok app from their phones and corporate devices. The BBC reports: The commission said it was implementing the measure to "protect data and increase cybersecurity." EU spokeswoman Sonya Gospodinova said the corporate management board of the European Commission, the EU's executive arm, had made the decision for security reasons. "The measure aims to protect the Commission against cybersecurity threats and actions which may be exploited for cyberattacks against the corporate environment of the commission," she said. The ban also means that European Commission staff cannot use TikTok on personal devices that have official apps installed.

The commission says it has around 32,000 permanent and contract employees. They must remove the app as soon as possible and no later than March 15. For those who do not comply by the set deadline, the corporate apps -- such as the commission email and Skype for Business -- will no longer be available. [...] TikTok, owned by Chinese company ByteDance, has faced allegations that it harvests users' data and hands it to the Chinese government.

In an episode that underscores the vulnerability of global computer networks, hackers got ahold of login credentials for data centers in Asia used by some of the world's biggest businesses, a potential bonanza for spying or sabotage, according to a cybersecurity research firm. From a report: The previously unreported data caches involve emails and passwords for customer-support websites for two of the largest data center operators in Asia: Shanghai-based GDS Holdings and Singapore-based ST Telemedia Global Data Centres, according to Resecurity, which provides cybersecurity services and investigates hackers. About 2,000 customers of GDS and STT GDC were affected. Hackers have logged into the accounts of at least five of them, including China's main foreign exchange and debt trading platform and four others from India, according to Resecurity, which said it infiltrated the hacking group. It's not clear what -- if anything -- the hackers did with the other logins. The information included credentials in varying numbers for some of the world's biggest companies, including Alibaba Group Holding, Amazon, Apple, BMW, Goldman Sachs, Huawei, Microsoft, and Walmart, according to the security firm and hundreds of pages of documents that Bloomberg reviewed.

The U.S. Department of Defense secured an exposed server on Monday that was spilling internal U.S. military emails to the open internet for the past two weeks, TechCrunch reported Tuesday. From a report: The exposed server was hosted on Microsoft's Azure government cloud for Department of Defense customers, which uses servers that are physically separated from other commercial customers and as such can be used to share sensitive but unclassified government data. [...] But a misconfiguration left the server without a password, allowing anyone on the internet access to the sensitive mailbox data inside using only a web browser, just by knowing its IP address.

[...] The server was packed with internal military email messages, dating back years, some of which contained sensitive personnel information. One of the exposed files included a completed SF-86 questionnaire, which are filled out by federal employees seeking a security clearance and contain highly sensitive personal and health information for vetting individuals before they are cleared to handle classified information.

Crypto exchange Coinbase has confirmed that it was briefly compromised by the same attackers that targeted Twilio, Cloudflare, DoorDash, and more than a hundred other organizations last year. From a report: In a post-mortem of the incident published over the weekend, Coinbase said that the so-called '0ktapus' hackers stole the login credentials of one of its employees in an attempt to remotely gain access to the company's systems. 0ktapus is a hacking group that has targeted more than 130 organizations in 2022 as part of an ongoing effort to steal the credentials of thousands of employees, often by impersonating Okta log-in pages. That figure of 130 organizations is now likely much higher, as a leaked Crowdstrike report seen by TechCrunch claims that the gang is now targeting several tech and video game companies.

Google has released optimization features designed to improve battery life and memory usage on machines running the latest version of its Chrome desktop web browser. From a report: Chrome's new Energy Saver and Memory Saver modes were first announced in December last year alongside the release of Chrome 108, and now as noted by Android Police, the two optimization utilities are starting to roll out globally onto Chrome 110 desktops for Mac, Windows, and Chromebooks.

Memory Saver mode essentially snoozes Chrome tabs that aren't currently in use to free up RAM for more intensive tasks and create a smoother browsing experience. Don't worry if you're a tab hoarder though, as these inactive tabs are still visible and can be reloaded at any time to pick up where you left off. Your most used websites can also be marked as exempt from Memory Saver to ensure they're always running at the maximum possible performance.

New submitter calicuse writes: Microsoft's Outlook spam filters appear to be broken for many users today. I woke up to more than 20 junk messages in my Focused Inbox in Outlook this morning, and spam emails have kept breaking through on an hourly basis today. Many Outlook users in Europe have also spotted the same thing, with some heading to Twitter to complain about waking up to an inbox full of spam messages. Most of the messages that are making it into Outlook users' inboxes are very clearly spam. Today's issues are particularly bad, after weeks of the Outlook spam filter progressively deteriorating for me personally.

An anonymous reader shares a report: Did you force your PC to install Windows 11 despite it not meeting the official requirements? Microsoft might start nagging you for doing that -- or at least reminding you that what you've done is against the intended use of its operating system. The January 2023 Windows 11 update is pestering folks who forced the update on their PCs with a persistent watermark on the desktop warning that system requirements haven't been met. The story is circulating among Windows blogs, though I found a couple of instances of folks complaining about the watermark on the official Microsoft support forums.

The watermark says "system requirements not met" and is emblazoned on the desktop's lower right hand corner if the operating system notices that it's running on hardware that doesn't meet the minimum requirements. It's possible the culprit is the dedicated security processor, or TPM 2.0 (Trusted Platform Module) chip, used by services like BitLocker and Windows Hello. Microsoft requires this module before upgrading. It's why many PCs were rendered un-upgradeable when Windows 11 was announced. Most new CPUs and motherboards have capability for it built into them, but the feature wasn't a guaranteed inclusion prior to the Windows 11 launch.

Slashdot reader John Smith 2294 is an IT consultant and system administrator "who started in the days of DEC VAX/VMS," now maintaining networks for small to medium businesses and non-profits. And they're sharing a concern with Slashdot.

"I object to Windows 11 insisting on an outlook.com / Microsoft Account OS login." Sure there are workarounds, but user action or updates can undo them. So I will not be using Windows 11 for science or business any more.... I will be using Win10 refurbs for as long as they are available, and then Mac Mini refurbs and Linux. My first Linux Mint user has been working happily for two months now and I have not heard a word from them.

So, as an IT Admin responsible for business or education networks of 20 users or more, will you be using Windows 11 on your networks or, like me, is this the end of the road for Windows for you too?
I'd thought their concern would be about Windows is sending user data to third parties. But are these really big enough reasons for system adminstrators to be avoiding Windows 11 altogether?

Share your thoughts and experiences in the comments. Should production networks avoid Windows 11?

"All right, we're going to begin this hour with a question on many people's minds these days, amid all these major developments in the field of artificial intelligence. And that question is this: How long until the machines replace us, take our jobs?"

That's the beginning of a segment broadcast on CBS's morning-television news show (with the headline, "Will artificial intelligence erase jobs?") Some excerpts:


"As artificial intelligence gets better.... job security is only supposed to get worse. And in reports like this one, of the top jobs our AI overlords plan to kill, coding or computing programming is often on the list. So with the indulgence of Sam Zonka, a coder and instructor at the General Assembly coding school in New York, I decided to test the idea of an imminent AI takeover -- by seeing if the software could code for someone who knows as little about computers as me -- eliminating the need to hire someone like him."

Gayle King: "So all this gobbledy-gook on the screen. That's what people who sit in these classrooms learn?"

"And I for one was prepared to be amazed. But take a look at the results. About as basic as a basic web site can be."

King: What do you think? You're the professional.
Zonka: Ehh.

[Microsoft CEO Satya Nadella also spoke to CBS right before the launch of its OpenAI-powered Bing search engine, arguing that AI will create more satisfaction in current jobs as well as more net new jobs -- and even helping the economy across the board. "My biggest worry," Nadella says, "is we need some new technology that starts driving real productivity. It's time for some real innovation.]

King: Do you think it'll drive up wages?
Nadella: I do believe it will drive up wages, because productivity and wages are related.


At the end of the report, King tells his co-anchors "In the long term, the research suggests Nadella is correct. In the long term, more jobs, more money. It's in the short-term that all the pain happens."

The report also features an interview with MIT economist David Autor, saying he believes the rise of AI "does indeed mean millions of jobs are going to change in our lifetime. And what's scary is we're just not sure how.... He points out, for example, that more than 60% of the types of jobs people are doing today didn't even exist in the 1940s -- while many of the jobs that did exist have been replaced."

There was also a quote from Meredith Whittaker (co-founder of the AI Now Institute and former FTC advisor), who notes that AI systems "don't replace human labor. They just require different forms of labor to sort of babysit them to train them, to make sure they're working well. Whose work will be degraded and whose house in the Hamptons will get another wing? I think that's the fundamental question when we look at these technologies and ask questions about work."

Later King tells his co-anchors that Whittaker's suggestion was for workers to organize to try to shape how AI system are implemented in their workplace.

But at an open house for the General Assembly code camp, coder Zonka says on a scale of 1 to 10, his worry about AI was only a 2. "The problem is that I'm not entirely sure if the AI that would replace me is 10 years from now, 20 years from now, or 5 years from now."

So after speaking to all the experts, King synthesized what he'd learned. "Don't necessarily panic. You see these lists of all the jobs that are going to be eliminated. We're not very good at making those predictions. Things happen in different ways than we expect. And you could actually find an opportunity to make more money, if you figure out how you can complement the machine as opposed to getting replaced by the machine."

The Washington Post reports that Amazon has over 1 million workers worldwide — and they want most of them to be back in the office at least three days a week: In a note to employees, chief executive Andy Jassy said that the length of the pandemic had given senior managers time to observe what workplace models work best. They concluded that being in person most of the time had distinct benefits, allowing employees to more easily share ideas, collaborate, train new hires and connect. "Invention is often sloppy. It wanders and meanders and marinates," Jassy wrote. "Serendipitous interactions help it, and there are more of those in-person than virtually."

Amazon is just the latest major company to adopt some version of a return-to-work policy that requires workers to show up at the office for a certain number of days. Walt Disney Co. recently told its staffers to appear in the office four days a week. The Washington Post requires workers based in D.C. to report to headquarters three days a week....

Earlier this month, data tracked by Kastle Systems said 50 percent of workers were now back at their desks — and some experts think that's as high as it will go.
GeekWire notes that Apple has already asked employees to come in three days a week, something Google also expects from most of its staff. GeekWire's article adds that local business organizations applauded Amazon's move, with the Bellevue Chamber, calling it "extraordinary news for the health and vitality in downtown." And the site also reports the various reasons Amazon's senior executives gave for favoring employees-in-the-office at least three days a week: "It's easier to learn, model, practice, and strengthen our culture when we're in the office together most of the time and surrounded by our colleagues."

"Collaborating and inventing is easier and more effective when we're in person. The energy and riffing on one another's ideas happen more freely."

"Learning from one another is easier in-person. Being able to walk a few feet to somebody's space and ask them how to do something or how they've handled a particular situation is much easier than Chiming or Slacking them."

"Teams tend to be better connected to one another when they see each other in person more frequently."

That thinking doubles down on a mindset that Jassy expressed before he took over as CEO in 2021 from Amazon founder Jeff Bezos. Jassy said in March 2021 that "invention" is hard to do virtually compared to people brainstorming together in person. "You just don't riff the same way," he said at the time, "so it's really changed the way that we've had to think about how we drive innovation, and how we solicit information from our builders and the types of meetings that we run."

Jassy said there will be a small minority of exceptions to the new return-to-office requirement and that Amazon plans to implement the change effective May 1.
The move takes effect May 1st.