Technology

The most honest thing you can say about violence is that nobody wants it, but the conditions that produce it are being engineered with extraordinary efficiency by people who have apparently never opened a history book.

Over the decades, there has been no shortage of sites using clever techniques to covertly track visitors’ browsing histories, device fingerprints, and keystrokes and mouse movements in real time. Even Meta and Yandex were recently caught joining in the privacy-invasive free-for-all.

Now sites have a new way to spy on their visitors: measuring subtle interactions with their solid-state drives. The technique, named FROST (fingerprinting remotely using OPFS-based SSD timing), allows sites to monitor other sites a visitor is viewing and what apps are open on their devices.

The technique, laid out in a research paper, exploits a side channel, a form of leak resulting from physical manifestations such as electromagnetic emanations, data caches, or the time required to complete a task. By measuring the manifestations, attackers can decrypt encrypted traffic and infer other confidential data.

The attack that FROST uses is known as a contention side channel, which measures the interaction of various processes all using (or competing for) a given resource. By measuring the timing of certain I/O (input-output) operations of the SSD a visitor is using, the researchers were able to determine the websites open in other tabs—even on other browsers—and the apps that were open on the visitor’s device. FROST requires no interaction from the visitor other than opening the site hosting the attack.

But I'm sure they'll still charge advertisers per impression sted conversion. Enshittification at its finest.

Valnet, the self-proclaimed “leading digital media investment company” behind the likes of Polygon, GameRant, OpenCritic, Collider, and over a dozen more gaming, technology, and lifestyle websites, isn’t known for paying its freelance writers well. But new “Pay Per Session” contracts issued to writers and editors at TheGamer on May 21 threaten to break new ground when it comes to click-mill-style exploitation.

According to details outlined in TheGamer’s Slack, these new terms, mandated by Valnet management, would “reward top-performing articles.” However, Kotaku last learned, based on the details outlined in the newly issued contracts, that the proposed “performance structure” would also result in writers not being paid at all if their articles do not exceed a minimum threshold of views.

Valnet was founded by Hassan Youssef and Sam Youssef, who were previously the owners of Canadian pornographic production company Brazzers and the “silent partners” of Pornhub, in 2012. The company has since earned a negative reputation over the years for the way it treats staff and freelance writers, with one former Collider employee describing it as “a content mill, borderline like almost sweatshop-level” during an interview with TheWrap in 2025 (I briefly freelanced for TheGamer from 2022 to 2023).

Robots have taken over Los Angeles.

It’s not just the AI-generated videos that have caused angst in Hollywood. Our streets are full of driverless Waymo vehicles, covered in more sensors and gadgets than the Batmobile. And our walkways are home to fleets of boxes on wheels, hurrying past pedestrians and navigating outdoor bar-hoppers as the robots deliver smoothies and keto-friendly salads.

And it’s only getting stranger. This month, Serve Robotics, one of the leading companies behind the food-delivery bots, deployed another 500 of them in 40 neighborhoods across the city, up from two neighborhoods in 2023. The other big company, Coco Robotics, founded at UCLA in 2020, has about 300 robots across the city and is looking to expand. Soon a region already known for its lack of walkability will have more obstacles for pedestrians to contend with.

The expansion has sparked consternation in LA and other US cities as residents debate whether our new neighbors are welcome. Neighboring Glendale is considering a moratorium on the bots; Chicago has also limited their expansion. Worse than the sidewalk frustrations, they mean fewer jobs for delivery drivers, even if some are human-controlled.

via

I'm incredibly pleased to announce that the microcode for the Intel 80386 has been decoded.

It was a group effort by a bunch of talented people to extract and correct the physical bits, but the major work of decoding them was done by reenigne - you may know him from such incredible PC demos as 8088 MPH and Area 5150, as well as being the person who decoded the 8088 microcode previously.

Please, check out his writeup.

cross-posted from: https://piefed.world/c/tech/p/1144611/google-disregard-right-now-if-you-want-to-see-where-ai-overviews-fall-short-similar-comm

For comparison, Bing and Kagi responses

Sources

• The Verge;
• Tech Crunch;
• Mac Rumors;
• Business Insider.

Samsung Electronics narrowly averted a walkout by nearly 48,000 workers this week, after executives agreed to a tentative deal over bonus payments. But the labor union’s demand for a bigger share of profits from the company’s semiconductor business has sparked questions — in South Korea and elsewhere — about who benefits from the AI industry, and whether its rewards should be shared more equitably.

Samsung, the world’s biggest memory chip maker, has reported record profits in recent months amid a global shortage of memory chips. The labor union had demanded the company allocate 15% of operating profit to bonuses for all workers, not just those at the memory chip division that supplies Tesla, Nvidia, and other big tech companies.

“As the AI industry drives record operating profits, union members are in a structure where they cannot receive the performance-based rewards they deserve,” Choi Seung-ho, head of Samsung’s union, told Rest of World. “We want to change that.”

Game 7 in the NBA playoffs: a chance to kick back, enjoy the drama of a winner-takes-all shootout between basketball’s big beasts, and … switch over from your regular TV provider to Amazon Prime? The excitement drains from the occasion at the first touch of the remote. Amazon no doubt imagined it had landed a real coup when the Eastern Conference semi-final series between Detroit and Cleveland extended to its maximum length, thereby handing the retail giant’s streaming arm, Prime Video, the right to air a Game 7 in the first season of its partnership with the NBA. In the event, Sunday’s game was a dud: a blowout win for the Cavs, playing on the road, that had all the electricity and charm of a stint in the doctor’s waiting room. Fortunately for viewers, Prime Video did its best to match the moment by producing a broadcast that was every bit as dull and juiceless as events on the court.

The pre-tipoff highlight was an interview with Shai Gilgeous-Alexander, on the occasion of his coronation as this season’s MVP, in which the Oklahoma City star appeared to be speaking from a movie theater for some reason. Blake Griffin, the house beefcake on Prime Video’s studio set, chided ESPN insider Shams Charania for leaking this year’s MVP announcement hours earlier: “It’s Sunday, Shams – go to brunch, you nerd.” If Hillary had won and Shams had kept his trap shut, we’d all be at brunch! The game got under way, and things did not improve. During the half-time show, Dirk Nowitzki rambled Germanly about various topics, while fellow former MVP Steve Nash delivered lines like “That decisiveness in isolation is so important” with all the conviction of a hostage recording a ransom video. Host Taylor Rooks tried valiantly to compensate for the lack of chemistry on set by laughing at even the slightest hint of a joke from any of her panellists. Awkward laughter delivered over dead air on a platform it feels like a punishment to access: that’s the Prime Video NBA playoffs guarantee.

These have been a difficult debut playoffs for Prime as it muscles in on the broadcast territory once ruled by what the media analysts call “linear TV”. The feed dropped out for several minutes during overtime in the play-in game between the Hornets and the Heat; buffering, the nightmare we all thought we outlived in 2006, has plagued the stream in several games; and video has frequently been mistimed with audio, producing delays and mismatches. There’s primetime, which is when the bulk of these playoffs are taking place, and then there’s Prime Video time, which comes in around three seconds later. The audio itself in many games has often, in my experience at least, been strangely soft, requiring a trip all the way to the top of the volume scale to hear what the analysts and announcers are saying.

github.com/select/movies-delux…

As Meta races to recenter itself around artificial intelligence, the tech giant is mandating that more than 7,000 workers must move to new teams, and it’s radically changing some employees’ jobs. The Guardian has also learned that some of these reassigned employees will shift to two new teams: one building AI cloud infrastructure and another that’s building an internal AI agent codenamed Hatch.

Late last week, Meta employees received a notice that engineers had been “selected” for reassignment and would begin reporting to the cloud infrastructure and Hatch teams by the end of this week. Meta made a similar move last month when it reshuffled at least 1,000 engineers on to a new data labeling team called Applied AI, or AAI – at first giving them the option to volunteer, but later telling workers: “Transfers aren’t optional.”

“Our work, infrastructure and our products are fundamentally changing as a result of the continued acceleration of AI,” wrote Peter Hoose, vice-president of production engineering at Meta, in an internal post about the two new teams viewed by the Guardian. “The pace of what we are building is unprecedented, and these are exactly the kind of challenges that define what we do best.”

A Meta employee referenced last month’s reshuffle in a comment on Hoose’s announcement, writing: “Does ‘selected’ imply this is an [Applied AI]-style draft rather than a voluntary move?”

Further proof the Meta doesn't know what the Zuck it's doing. The rebrand has gone swimmingly, given all the time we spend in the legless metaverse.

Intel ME and AMD PSP: The silicon layer nobody certifies

About cloud sovereignty and the often-ignored and unknown on-CPU management engine running below the OS and BIOS.

The article is quite long; it explains how CPUs run firmware that can include remote management over the network, and can be running even when the OS is not. They can be vulnerable to supply chain attacks and firmware replacements. Because it's on hardware, the firmware with open security vulnerabilities is often not updated.

Regarding cloud, the French SecNumCloud is a framework for cloud infrastructure security requirements. It doesn't cover these hardware attack vectors specifically but may mitigate risks through surrounding practices and isolation.

In conclusion, even a cloud provider that meets SecNumCloud must be asked whether and how they manage CPU management engine attack vectors.

AI is, as it stands, not economically viable for anybody involved other than the construction firms, NVIDIA, and the surrounding hardware companies benefitting from the irrational exuberance of a data center buildout that doesn’t appear to be happening at the speed we believed.

Every AI startup loses millions or billions of dollars a year, and nobody appears to have worked out a way to stop hemorrhaging cash. Hyperscalers have invested over $800 billion in the last three years, with plans to add another $700 billion or so in 2026 and another $1 trillion in 2027, meaning that they need to make at least three trillion dollars in AI specific revenue just to break even, and $6 trillion or more for AI to be anything other than a wash. I went into detail about this (albeit at a lower, pre-2026/2027 capex number) in a premium piece last year.

To give you some context, Microsoft made $281 billion, Meta $200 billion, Amazon $716 billion, and Google $402.8 billion in revenue in their most-recent fiscal years for every single product combined, for a total of $1.599 trillion. None of them will talk about their actual AI revenues. Yes, yes, I know Microsoft said that it had $37 billion in AI revenue run rate ($3.08 billion a month or so) and Amazon had $15 billion, or around $1.25 billion a month, but both of these are snapshots of single months that are meant to make it sound like they’re going to make that much in a year but in the end, you don’t actually know anything about how much money they’ve made from AI.

The terms "blindingly obvious," "logical consequence," and "that is not how it works" appear nowhere in the government handbook of internet legislation. In particular, the discovery that imposing age access controls on websites has pushed users to VPNs has come as a huge surprise to legislators in the UK, the EU, Canada, and Australia. Nobody here knows how old VPN users are, be they kids unwilling to lose access or adults unwilling to disgorge personally identifying data to who knows what.

As they recover from this shocking discovery, these fine people are looking at ways to control VPNs, whether by adding age verification here too or by some magical "digital age of consent" technology that somehow evades the paradox that demanding more personal information in the name of safety itself reduces safety. Yet here, as in so many ways, the rest of the world is lagging behind America – more specifically, the great state of Utah, which has just enacted an anti-VPN law.

This law makes it compulsory for any site that the state says needs age verification – porn, basically – to impose those checks on anyone physically in Utah whether or not they are using any VPN. Those would be the same VPNs whose sole purpose is to prevent the geolocation of their users. Which would seem, and is, another paradox.

I'd not go online without a VPN. There's absolutely no reason my ISP needs my browsing history. And at about $6/month, it's not exactly breaking the bank.

What I'd not use is any VPN provider that sponsors YouTube content. A free VPN has to make their money from somewhere.

cross-posted from: https://poptalk.scrubbles.tech/post/4133762

A researcher known as "Nightmare-Eclipse" recently released YellowKey, a security vulnerability that allegedly enables a full bypass of BitLocker's full-volume encryption. The researcher described YellowKey as one of the most "insane" flaws they have ever encountered and has also accused Microsoft of potentially embedding a legitimate backdoor in BitLocker's data protection system.

To no-one's surprise

TL;DR: Between May 2025 and May 2026, Waymo’s recall-scope count of autonomous cabs rose from 1,212 vehicles to 3,791 vehicles.

That is more than a 3x increase in the Waymo fleet size in roughly one year, a major acceleration that dwarfs Tesla's faltering Robotaxi rollout.

cross-posted from: https://piefed.world/c/tech/p/1127117/shl0ms-famous-prankster-on-x-twitter-baited-ai-haters-by-posting-a-real-painting-by-mone

Comments

• Hacker News;
• Reddit.

Context

The painting is one of the 250 oil paintings in the renowned French Impressionist painter Claude Monet’s Water Lilies series in which he depicted scenes from his home flower garden over the final 31 years of his life.

As the post went viral, many of the critics began deleting their replies, but @SHL0MS and other users such as @Jediwolf took screenshots of some of the best replies before they disappeared.

Individual replies

Critics, however, were eager to point out all kinds of “obvious” details that show why the “AI” Monet can’t hold a candle to a genuine Monet. One person even took the time to write out an 850-word breakdown of the AI work’s shortcomings.

“I’m disappointed I have to even point it out,” writes @egg_oni. “There is no cohesion to the depth and color choices. The reflection of the tree bleeds into the lilypads with no regard for spatial depth or contrast. The background lilypad-algae amalgam is egregiously vague, like most AI art.”

“The reflection in AI art is just noise splattered right,” writes @jordoxx. “Monet actually understood how light behaves on water.”

“The choice of color in places e.g. the purple around the lily pads sticks out to me as decidedly worse than most Monet,” writes @0xchiefyeti. “I get a sense that the artist failed to connect their eyes to the brush/palette […]”

“No frame, no sense of the threshold between subject and object, just colors,” writes @robertjett_.

“I would say that the allegedly real one here is superior in the sense that it carries, and conveys more information than the artificial one,” writes @artprograce. “The dark cold reflection of the trees triggers my attention. They strike me as slightly off, too dirty, and too pronounced to be natural.”

“I’m no artist but a real Monet actually looks like a real place…” writes @amaldorai. “the further back you get in this picture the less it looks like anything at all.”

“Depth, contrast, and cohesion are the most obvious,” writes @para_dim3. “There’s also no clear focal point.”

“It feels less lively,” writes @AzuriSplashes. “It lacks the texture, the rugged edges, the folds, the crevices and creases and bevels and topology of plastic arts. The fine, calculated highlights. The AI version is granulated pixelation, and it looks that way, it lacks the mess of humanity.”

“The fact that it looks like s**t and is s**t,” writes @RDL0013 in a since-deleted reply. “Slop. Doesn’t look anywhere near like a Monet. Looks exactly like somebody trying to replicate style and achieving like 20% of it. Not as vibrant as Monet’s typical choice of colors. Looks dull.”

“There’s no coherent composition,” writes @HundtRichard. “The eye is drawn to the 1/3rd from bottom, 1/3rd from left region and there’s nothing really to focus on. The lilly’s contrast is too low and the negative space around it too cluttered. The surface texture in the water regions are too vertical.”

“[T]here is no consistency in colour choice,” writes @Polymind_. “The view looks obscured perspective wise and feels like there is too much detail in the AI version, which if I am thinking correctly comes back again to the colours being so distinct and contrasty.”

“As an amateur art enjoyer, the only criticism I can offer is that the AI generated image does not make me feel anything,” writes @ThrosturTh. “It does not conjure emotion, thought or wonder. It’s just a colorful wallpaper pattern. If you look up ‘monet painting’ in Google images, you feel something.”

“There’s a certain harshness, no soft blending of colors, no depth, no symbiosis of the elements,” writes @JesTer396.

“The AI seems to be unable to distinguish plant reflections and submerged plants, for one,” writes @DavyRogue27930. “It’s combining tokens from the two randomly and the result is an incoherent muddle of inconsistently saturated greens.”

“Spatial coherence,” writes @enfilmigult. “The phony gen-AI pic isn’t getting it right and the reflections look like they’re growing out of the water. You look at the painting and instantly see the angle of the water surface. Also those lily pads are hideous, looks like someone drew on them.”

“Because it’s crap. That simple,” writes @nightingale9181. “This ain’t no painting. No talent to it. AI needs to go.”

“I present you with my eye lines, thickness denotes how quickly my eye moved,” writes @KEMOS4BE in a since deleted post, which included helpful illustrations. “One has a sensible, meandering composition that fits the subject.”

People are pointing out that results of this experiment are in line with what studies have shown about how people perceive art differently in light of how it was produced. The famous 2004 Kruger study into something called the effort heuristic found that people liked and valued artworks more if they believe they took more time and effort to create.

There is also a natural human bias against AI. A 2024 study published in Nature found that while people generally prefer AI-generated artworks over human-made ones when they didn’t know they were AI-generated, they preferred AI art less after finding out that AI was behind it.

The Post.