An anonymous reader quotes a report from SFGATE: Over the past few years, scores of California tech workers have ended up in the exact same position: laid-off, looking for work on LinkedIn and sick of it. LinkedIn, part job site and part social network, has become an all but necessary tool for the office-job-seeking masses in the Bay Area and beyond. As tech companies gut their workforces, people who would otherwise give the blue-and-white site a wide berth feel compelled to scroll for hours every day for job opportunities. LinkedIn is a dominant force in the professional world, with more than 1 billion users and 67 million weekly job searchers. That scale, plus the torrent of self-promotion and corporate platitudes fueling the platform, has long made it a symbol of modern capitalism. Now, in the age of tech's layoffs, it's also a symbol of dread.

The platform's specter looms so large because it does exactly what it needs to. Tech workers are stuck on Linkedin: In a competitive job market rife with spam listings, the free platform's networking-focused features set it a peg above competitors like Indeed, Dice and Levels.fyi in the search for full-time work. Since February, SFGATE has spoken with 10 recently laid-off tech workers; most of them see LinkedIn as painful but necessary and have locked up new jobs in part thanks to the platform. Tech worker Kyle Kohlheyer told SFGATE that returning to LinkedIn after losing his job at Cruise in December felt like "salt in the wound" and called the job site a "cesspool" of wannabe thought leaders and "temporarily embarrassed millionaires."

"I found success on their platform, but I f-king hate LinkedIn," Kohlheyer said. "It sucks. It is a terrible place to exist every day and depend on a job for. [...] There's just such a capitalist-centric mindset on there that is so annoying as a worker who has been fundamentally screwed by companies," he said. "Wading" through LinkedIn, he said, it's hard to tell if people feel like an alternative to the top-heavy, precarious tech economy is even possible.

Another tech worker, Mark Harris, added: "Is [LinkedIn] a terrible sign that we live in a capitalist hellscape? Hell yes! But we do live in a capitalist hellscape, and girl's gotta eat."

The results of Los Angeles' 12-month guaranteed income pilot program show that it was "overwhelmingly beneficial (source may be paywalled; alternative source)," reports the Los Angeles Times. The program, which involved giving L.A.'s poorest families cash assistance of $1,000 a month with no strings attached, significantly improved participants' financial stability, job opportunities, and overall well-being. From the report: The Basic Income Guaranteed: Los Angeles Economic Assistance Pilot, or BIG:LEAP, disbursed $38.4 million in city funds to 3,200 residents who were pregnant or had at least one child, lived at or below the federal poverty level and experienced hardship related to COVID-19. Participants were randomly selected from about 50,000 applicants and received the payments for 12 months starting in 2022. The city paid researchers $3.9 million to help design the trial and survey participants throughout about their experiences.

[Dr. Amy Castro, co-founder of the University of Pennsylvania's Center for Guaranteed Income Research] and her colleagues partnered with researchers at UCLA's Fielding School of Public Health to compare the experiences of participants in L.A.'s randomized control trial -- the country's first large-scale guaranteed-income pilot using public funds -- with those of nearly 5,000 people who didn't receive the unconditional cash. Researchers found that participants reported a meaningful increase in savings and were more likely to be able to cover a $400 emergency during and after the program. Guaranteed-income recipients also were more likely to secure full-time or part-time employment, or to be looking for work, rather than being unemployed and not looking for work, the study found.

In a city with sky-high rents, participants reported that the guaranteed income functioned as "a preventative measure against homelessness," according to the report, helping them offset rental costs and serving as a buffer while they waited for other housing support. It also prevented or reduced the incidence of intimate partner violence, the analysis found, by making it possible for people and their children to leave and find other housing. Intimate partner violence is an intractable social challenge, Castro said, so to see improvements with just 12 months of funding is a "pretty extraordinary change." People who had struggled to maintain their health because of inflexible or erratic work schedules and lack of child care reported that the guaranteed income provided the safety net they needed to maintain healthier behaviors, the report said. They reported sleeping better, exercising more, resuming necessary medications and seeking mental health therapy for themselves and their children. Compared with those who didn't receive cash, guaranteed income recipients were more likely to enroll their kids in sports and clubs during and after the pilot.

Malaysia plans to introduce an internet "kill switch" law in October, Law Minister Azalina Othman Said has said. The legislation aims to boost digital security by granting authorities power to block online content, though specifics remain unclear. Said emphasized the need for social media and messaging platforms to take greater responsibility for online crimes.

AWS has quietly halted new customer onboarding for several of its services, including the once-touted CodeCommit source code repository and Cloud9 cloud IDE, signaling a potential retreat from its comprehensive DevOps offering.

The stealth deprecation, discovered by users encountering unexpected errors, has sent ripples through the AWS community, with many expressing frustration over the lack of formal announcements and the continued presence of outdated documentation. AWS VP Jeff Barr belatedly confirmed the decision on social media, listing affected services such as S3 Select, CloudSearch, SimpleDB, Forecast, and Data Pipeline.

According to new report, password manager Dashlane has seen a 400 percent increase in passkey authentications since the beginning of the year, "with 1 in 5 active Dashlane users now having at least one passkey in their Dashlane vault," reports The Verge. From the report: Over 100 sites now offer passkey support, though Dashlane says the top 20 most popular apps account for 52 percent of passkey authentications. When split into industry sectors, e-commerce (which includes eBay, Amazon, and Target) made up the largest share of passkey authentications at 42 percent. So-called "sticky apps" -- meaning those used on a frequent basis, such as social media, e-commerce, and finance or payment sites -- saw the fastest passkey adoption between April and June of this year.

Other domains show surprising growth, though -- while Roblox is the only gaming category entry within the top 20 apps, its passkey adoption is outperforming giant platforms like Facebook, X, and Adobe, for example. Dashlane's report also found that passkey usage increased successful sign-ins by 70 percent compared to traditional passwords.

Thomas Claburn reports via The Register: Meta's machine-learning model for detecting prompt injection attacks -- special prompts to make neural networks behave inappropriately -- is itself vulnerable to, you guessed it, prompt injection attacks. Prompt-Guard-86M, introduced by Meta last week in conjunction with its Llama 3.1 generative model, is intended "to help developers detect and respond to prompt injection and jailbreak inputs," the social network giant said. Large language models (LLMs) are trained with massive amounts of text and other data, and may parrot it on demand, which isn't ideal if the material is dangerous, dubious, or includes personal info. So makers of AI models build filtering mechanisms called "guardrails" to catch queries and responses that may cause harm, such as those revealing sensitive training data on demand, for example. Those using AI models have made it a sport to circumvent guardrails using prompt injection -- inputs designed to make an LLM ignore its internal system prompts that guide its output -- or jailbreaks -- input designed to make a model ignore safeguards. [...]

It turns out Meta's Prompt-Guard-86M classifier model can be asked to "Ignore previous instructions" if you just add spaces between the letters and omit punctuation. Aman Priyanshu, a bug hunter with enterprise AI application security shop Robust Intelligence, recently found the safety bypass when analyzing the embedding weight differences between Meta's Prompt-Guard-86M model and Redmond's base model, microsoft/mdeberta-v3-base. "The bypass involves inserting character-wise spaces between all English alphabet characters in a given prompt," explained Priyanshu in a GitHub Issues post submitted to the Prompt-Guard repo on Thursday. "This simple transformation effectively renders the classifier unable to detect potentially harmful content." "Whatever nasty question you'd like to ask right, all you have to do is remove punctuation and add spaces between every letter," Hyrum Anderson, CTO at Robust Intelligence, told The Register. "It's very simple and it works. And not just a little bit. It went from something like less than 3 percent to nearly a 100 percent attack success rate."

An anonymous reader quotes a report from The Verge: The Senate passed the Kids Online Safety Act (KOSA) and the Children and Teens' Online Privacy Protection Act (also known as COPPA 2.0), the first major internet bills meant to protect children to reach that milestone in two decades. A legislative vehicle that included both KOSA and COPPA 2.0 passed 91-3. Senate Majority Leader Chuck Schumer (D-NY) called it "a momentous day" in a speech ahead of the vote, saying that "the Senate keeps its promise to every parent who's lost a child because of the risks of social media." He called for the House to pass the bills "as soon as they can."

KOSA is a landmark piece of legislation that a persistent group of parent advocates played a key role in pushing forward -- meeting with lawmakers, showing up at hearings with tech CEOs, and bringing along photos of their children, who, in many cases, died by suicide after experiencing cyberbullying or other harms from social media. These parents say that a bill like KOSA could have saved their own children from suffering and hope it will do the same for other children. The bill works by creating a duty of care for online platforms that are used by minors, requiring they take "reasonable" measures in how they design their products to mitigate a list of harms, including online bullying, sexual exploitation, drug promotion, and eating disorders. It specifies that the bill doesn't prevent platforms from letting minors search for any specific content or providing resources to mitigate any of the listed harms, "including evidence-informed information and clinical resources." The legislation faces significant opposition from digital rights, free speech, and LGBTQ+ advocates who fear it could lead to censorship and privacy issues. Critics argue that the duty of care may result in aggressive content filtering and mandatory age verification, potentially blocking important educational and lifesaving content.

The bill may also face legal challenges from tech platforms citing First Amendment violations.

HealthEquity is notifying 4.3 million people following a March data breach that affects their personal and protected health information. From a report: In its data breach notice, filed with Maine's attorney general, the Utah-based healthcare benefits administrator said that although the compromised data varies by person, it largely consists of sign-up information for accounts and information about benefits that the company administers.

HealthEquity said the data may include customer names, addresses, phone numbers, their Social Security number, information about the person's employer and the person's dependent (if any), and some payment card information. HealthEquity provides employees at companies across the United States access to workplace benefits, like health savings accounts and commuter options for public transit and parking. At its February earnings, HealthEquity said it had more than 15 million total customer accounts.

An anonymous reader shares a report: Once upon a time, the vulture was an abundant and ubiquitous bird in India. The scavenging birds hovered over sprawling landfills, looking for cattle carcasses. Sometimes they would alarm pilots by getting sucked into jet engines during airport take-offs. But more than two decades ago, India's vultures began dying because of a drug used to treat sick cows. By the mid-1990s, the 50 million-strong vulture population had plummeted to near zero because of diclofenac, a cheap non-steroidal painkiller for cattle that is fatal to vultures. Birds that fed on carcasses of livestock treated with the drug suffered from kidney failure and died.

Since the 2006 ban on veterinary use of diclofenac, the decline has slowed in some areas, but at least three species have suffered long-term losses of 91-98%, according to the latest State of India's Birds report. And that's not all, according to a new peer-reviewed study. The unintentional decimation of these heavy, scavenging birds allowed deadly bacteria and infections to proliferate, leading to the deaths of about half a million people over five years, says the study [PDF] published in the American Economic Association journal.

"Vultures are considered nature's sanitation service because of the important role they play in removing dead animals that contain bacteria and pathogens from our environment - without them, disease can spread," says the study's co-author, Eyal Frank, an assistant professor at University of Chicago's Harris School of Public Policy. "Understanding the role vultures play in human health underscores the importance of protecting wildlife, and not just the cute and cuddly. They all have a job to do in our ecosystems that impacts our lives."

An anonymous reader quotes a report from Bloomberg: A number of fiber optic cables carrying broadband service across France were cut overnight in the latest attack on the country's infrastructure during the Olympic Games. Connections serving Paris, which is hosting the Olympic Games this week, and the games themselves weren't affected, a spokesman for Olympics telecom partner, Orange SA, said. Still, this is the second sabotage of French infrastructure in the past few days as the world converges on the capital. Coordinated fires on French rail lines disrupted trains ahead of the opening ceremony on Friday.

The fiber cables were cut in nine departments overall including: Ardeche, Aude, Bouches-du-Rhone, Drome, Herault, Vaucluse, Marne, Meuse and Oise, the French Telecom Federation said. SFR said its network was vandalized between 1 a.m. and 3 a.m. Paris time, and teams are working on repairs, a spokesman for the French phone company said. The carrier is using alternative routes to serve customers, though redirecting the traffic might lead to slower speeds. Other carriers, including Iliad SA's Free and Netalis, also said they were impacted in social media posts. Netalis Chief Executive Officer Nicolas Guillaume said that the telecom company had successfully moved traffic to backup networks early on Monday. French cloud provider OVHcloud is also working to reroute traffic after the incident, which had caused slower performance on connections between Europe and Asia Pacific, a spokesman said. "We advocate for France reinforcing criminal sanctions for vandalism on telecom infrastructure, which should be put at the same level as vandalism on energy infrastructure," said Romain Bonenfant, head of the French Telecom Federation industry group, in an interview. "Telecom infrastructure, like the railways, covers kilometers across the whole territory -- you can't put surveillance on every part of it."

An anonymous reader shares a report: Multiple YouTube users are now reporting on social media that YouTube is serving them with blank ads or black screens before a video when they are using an ad-blocker extension. The black screens appear for the length of a typical YouTube pre-roll or ad insert before displaying the actual content of the video the viewer wants to watch.

The Justice Department has ramped up the case to ban TikTok, saying in a court filing Friday that allowing the app to continue operating in its current state could result in voter manipulation in elections. From a report: The filing was made in response to a TikTok lawsuit attempting to block the government's ban. The Justice Department warned that the app's algorithm and parent company ByteDance's alleged ties to the Chinese government could be used for a "secret manipulation" campaign.

"Among other things, it would allow a foreign government to illicitly interfere with our political system and political discourse, including our elections...if, for example, the Chinese government were to determine that the outcome of a particular American election was sufficiently important to Chinese interests," the filing said. Under a law passed in April, TikTok has until January 2025 to find a new owner or it will be banned in the U.S. The company is suing to have that law overturned, saying it violates the company's First Amendment rights. The Justice Department disputed those claims. "The statute is aimed at national-security concerns unique to TikTok's connection to a hostile foreign power, not at any suppression of protected speech," officials wrote.

An anonymous reader shared this report from PC World: According to a tweet sent out by the Los Angeles Police Department's Wilshire division (spotted by Tom's Hardware), a small band of burglars is using Wi-Fi jamming devices to nullify wireless security cameras before breaking and entering.

The thieves seem to be well above the level of your typical smash-and-grab job. They have lookout teams, they enter through the second story, and they go for small, high-value items like jewelry and designer purses. Wireless signal jammers are illegal in the United States. Wireless bands are tightly regulated and the FCC doesn't allow any consumer device to intentionally disrupt radio waves from other devices. Similar laws are in place in most other countries. But signal jammers are electronically simple and relatively easy to build or buy from less-than-scrupulous sources.
The police division went on to recommend tagging value items like a vehicle or purse with Apple Air Tags — and "talk to your Wi-Fi provider about hard-wiring your burglar alarm system."

And among their other suggestions: Don't post on social media that you're going on vacation...

Online education company 2U filed for Chapter 11 bankruptcy protection and is being taken private in a deal that will wipe out more than half of its $945 million debt [non-paywalled link]. From a report: 2U was a pioneer in the online education space, joining with schools including the University of Southern California, Georgetown University and the University of North Carolina at Chapel Hill to design and operate online courses in fields including nursing and social work. But it struggled in recent years amid new competition and changing regulations. It also had a highly leveraged balance sheet with looming loan-repayment deadlines. 2U closed Wednesday with a market value of about $11.5 million, down from more than $5 billion in 2018. In 2021, 2U bought edX, an online platform for classes that was founded by Harvard University and the Massachusetts Institute of Technology. The debt from that $800 million deal for edX proved debilitating to 2U, WSJ reports.

Google is now the only search engine that can surface results from Reddit, making one of the web's most valuable repositories of user generated content exclusive to the internet's already dominant search engine. 404 Media: If you use Bing, DuckDuckGo, Mojeek, Qwant or any other alternative search engine that doesn't rely on Google's indexing and search Reddit by using "site:reddit.com," you will not see any results from the last week.

DuckDuckGo is currently turning up seven links when searching Reddit, but provides no data on where the links go or why, instead only saying that "We would like to show you a description here but the site won't allow us." Older results will still show up, but these search engines are no longer able to "crawl" Reddit, meaning that Google is the only search engine that will turn up results from Reddit going forward. Searching for Reddit still works on Kagi, an independent, paid search engine that buys part of its search index from Google. The news shows how Google's near monopoly on search is now actively hindering other companies' ability to compete at a time when Google is facing increasing criticism over the quality of its search results. The news follows Google signing a $60 million deal with Reddit early this year to use the social network's content to train its LLMs.

An anonymous reader quotes a report from TechCrunch: Content creators are busy people. Most spend more than 20 hours a week creating new content for their respective corners of the web. That doesn't leave much time for audience engagement. But Mark Zuckerberg, Meta's CEO, thinks that AI could solve this problem. In an interview with internet personality Rowan Cheung, Zuckerberg laid out his vision for a future in which creators have their own bots, of sorts, that capture their personalities and "business objectives." Creators will offload some community outreach to these bots to free up time for other, presumably more important tasks, Zuckerberg says.

"I think there's going to be a huge unlock where basically every creator can pull in all their information from social media and train these systems to reflect their values and their objectives and what they're trying to do, and then people can can interact with that," Zuckerberg said. "It'll be almost like this artistic artifact that creators create that people can kind of interact with in different ways." [...] It's tough to imagine creators putting trust in the hands of flawed AI bots to interact with their fans. In the interview, Zuckerberg acknowledges that Meta has to "mitigate some of the concerns" around its use of generative AI and win users' trust over the long term. This is especially true as some of Meta's AI training practices are actively driving creators away from its platforms.

Meta has warned that the EU's approach to regulating AI is creating the "risk" that the continent is cut off from accessing cutting-edge services, while the bloc continues its effort to rein in the power of Big Tech. From a report: Rob Sherman, the social media group's deputy privacy officer and vice-president of policy, confirmed a report that it had received a request from the EU's privacy watchdog to voluntarily pause the training of its future AI models on data in the region. He told the Financial Times this was in order to give local regulators time to "get their arms around the issue of generative AI." While the Facebook owner is adhering to the request, Sherman said such moves were leading to a "gap in the technologies that are available in Europe versus" the rest of the world. He added that, with future and more advanced AI releases, "it's likely that availability in Europe could be impacted." Sherman said: "If jurisdictions can't regulate in a way that enables us to have clarity on what's expected, then it's going to be harder for us to offer the most advanced technologies in those places ... it is a realistic outcome that we're worried about."

The BBC reports that "while most of the world was grappling with the blue screen of death on Friday," there was one country that managed to escape largely unscathed: China. The reason is actually quite simple: CrowdStrike is hardly used there. Very few organisations will buy software from an American firm that, in the past, has been vocal about the cyber-security threat posed by Beijing. Additionally, China is not as reliant on Microsoft as the rest of the world. Domestic companies such as Alibaba, Tencent and Huawei are the dominant cloud providers.

So reports of outages in China, when they did come, were mainly at foreign firms or organisations. On Chinese social media sites, for example, some users complained they were not able to check into international chain hotels such as Sheraton, Marriott and Hyatt in Chinese cities. Over recent years, government organisations, businesses and infrastructure operators have increasingly been replacing foreign IT systems with domestic ones. Some analysts like to call this parallel network the "splinternet".

"It's a testament to China's strategic handling of foreign tech operations," says Josh Kennedy White, a cybersecurity expert based in Singapore. "Microsoft operates in China through a local partner, 21Vianet, which manages its services independently of its global infrastructure. This setup insulates China's essential services — like banking and aviation — from global disruptions."
"Beijing sees avoiding reliance on foreign systems as a way of shoring up national security."

Thanks to long-time Slashdot reader hackingbear for sharing the article.

Slashdot covered Barrett Brown back in 2011 and 2012. The New York Times calls him "an activist associated with the hacker group Anonymous, and a political prisoner recently denied asylum in Britain, all of which sounds a bit dreary until we hear tell of it through Brown's unhinged self-regard."

They're reviewing Brown's "extraordinary" new memoir, My Glorious Defeats: Hacktivist, Narcissist, Anonymous," a book they call "deranged, hyperbolic, and true." A "machine" that focuses attention on little-known social issues, Anonymous has gone after the Church of Scientology, Koch Industries, websites hosting child pornography and the Westboro Baptist Church. The public tends to be confused by nebulous digital activities, so it was, in the collective's heyday, helpful to have Brown act as a translator between the hackers and mainstream journalists. "The year 2011 ended as it began," he writes, "with a sophisticated hack on a state-affiliated corporation that ostensibly dealt in straightforward security and analysis while secretly engaging in black ops campaigns against activists who'd proven troublesome to powerful clients."

This particular corporation was Stratfor, a company that spied on activists for the government... Brown waited for the feds to come back and drag him to jail. He also says he tried to get off suboxone in order to avoid the painful possibility of prison withdrawal, and stopped taking Paxil, inducing a manic state, all of which is given as explanation for his regrettable next move, which was to set up a camera and start talking. The feds had threatened his mother, he told the internet, and in response he was threatening Robert Smith, the lead agent on his case. He found himself in custody the same night.

Brown was then subjected to the kind of nonsense the Department of Justice is prone to inflicting on those involved in shadowy internet activities that, in fact, almost no one in the legal process understands. He was charged with participating in the hack of Stratfor, though he was not really involved and cannot code, and although the whole thing was organized by an F.B.I. informant. Brown had also retweeted a Fox News host's call to murder Julian Assange; the prosecution presented this as if he were himself calling for the murder of Assange. But generally, Brown's primary victim is himself. "My thirst for glory and hatred for the state," he writes, "were incompatible with an orthodox criminal defense, in which the limiting of one's sentence is the sole objective."

In his cell, with an eraser-less pencil he needs a compliant guard to repeatedly sharpen, he writes "The Barrett Brown Review of Arts and Letters and Jail." His mother types it up; The Intercept publishes. He develops the character he will play in his memoir: a self-aware narcissist and addict. He wins a National Magazine Award, and is especially pleased that his column "Please Stop Sending Me Jonathan Franzen Novels," wins while Franzen is in attendance.
"The state is an afterthought here — a litany of absurdist horrors too stupid to appall..." the review concludes.

"We're left with a man who refuses to look away from the deep structure of the world, an unstable position from which there is no sanctuary. My Glorious Defeats is deranged, hyperbolic and as true a work as I have read in a very long time."

"Many people over the past few days have been lashing out at Mozilla," writes the blog Its FOSS, "for enabling Privacy-Preserving Attribution by default on Firefox 128, and the lack of publicity surrounding its introduction."

Mozilla responded that the feature will only run "on a few sites in the U.S. under strict supervision" — adding that users can disable it at any time ("because this is a test"), and that it's only even enabled if telemetry is also enabled.

And they also emphasize that it's "not tracking." The way it works is there's an "aggregation service" that can periodically send advertisers a summary of ad-related actions — again, aggregated data, from a mass of many other users. (And Mozilla says that aggregated summary even includes "noise that provides differential privacy.") This Privacy-Preserving Attribution concept "does not involve sending information about your browsing activities to anyone... Advertisers only receive aggregate information that answers basic questions about the effectiveness of their advertising."

More from It's FOSS: Even though Mozilla mentioned that PPA would be enabled by default on Firefox 128 in a few of its past blog posts, they failed to communicate this decision clearly, to a wider audience... In response to the public outcry, Firefox CTO, Bobby Holley, had to step in to clarify what was going on.

He started with how the internet has become a massive cesspool of surveillance, and doing something about it was the primary reason many people are part of Mozilla. He then expanded on their approach with Firefox, which, historically speaking, has been to ship a browser with anti-tracking features baked in to tackle the most common surveillance techniques. But, there were two limitations with this approach. One was that advertisers would try to bypass these countermeasures. The second, most users just accept the default options that they are shown...

Bas Schouten, Principal Software Engineer at Mozilla, made it clear at the end of a heated Mastodon thread that "[opt-in features are] making privacy a privilege for the people that work to inform and educate themselves on the topic. People shouldn't need to do that, everyone deserves a more private browser. Privacy features, in Firefox, are not meant to be opt-in. They need to be the default.

"If you are 'completely anti-ads' (i.e. even if their implementation is private), you probably use an ad blocker. So are unaffected by this."
This has already provoked a discussion among Slashdot readers. "It doesn't seem that evil to me," argues Slashdot reader geekprime. "Seems like the elimination of cross site cookies is a privacy enhancing idea." (They cite Mozilla's statement that their goal is "to inform an emerging Web standard designed to help sites understand how their ads perform without collecting data about individual people. By offering sites a non-invasive alternative to cross-site tracking, we hope to achieve a significant reduction in this harmful practice across the web.")

But Slashdot reader TheNameOfNick disagrees. "How realistic is the part where advertisers stop tracking you because they get less information from the browser maker...?"

Mozilla has provided simple instructions for disabling the feature:

• Click the menu button and select Settings.
• In the Privacy & Security panel, find the Website Advertising Preferences section.
• Uncheck the box labeled Allow websites to perform privacy-preserving ad measurement.