"Astronomers have spotted the largest cosmic explosion ever witnessed, and it's 10 times brighter than any known exploding star, or supernova," reports CNN: The brightness of the explosion, called AT2021lwx, has lasted for three years, while most supernovas are only bright for a few months. The event, still being detected by telescopes, occurred nearly 8 billion light-years away from Earth when the universe was about 6 billion years old. The luminosity of the explosion is also three times brighter than tidal disruption events, when stars fall into supermassive black holes.

But what triggered such a long-lived, massive cosmic explosion? Astronomers said they think a supermassive black hole disrupted a vast gas or dust cloud, potentially thousands of times larger than our sun. It's possible that the cloud was drawn off the course of its orbit and went flying into the black hole, the researchers said. As the black hole swallowed pieces of the hydrogen cloud, shock waves likely reverberated through the cloud's remnants and into the swirling mass of material that orbits around the black hole...

The research team determined that the incredibly luminous event was nearly 100 times brighter than all the 100 billion stars in the Milky Way galaxy combined.
The New York Times calls its "one of the most violent and energetic acts of cosmic cannibalism ever witnessed, perhaps the biggest explosion seen yet in the history of the universe... [A] black hole perhaps a billion times as massive as the sun seems to be gorging on a humongous cloud of gas." "Most supernovae and tidal disruption events only last for a couple of months before fading away," said Philip Wiseman, an astrophysicist at the University of Southampton and the lead author of the new paper [published Thursday in the Monthly Notices of the Royal Astronomical Society]. "For something to be bright for two-plus years was immediately very unusual...."

He added that, with a total radiated energy equal to 100 supernovas, "it is one of the most luminous transients ever discovered." Jolt for jolt, that would put it in the company of colliding black holes. "Black holes colliding release energy in gravitational waves at an extreme luminosity — 10 billion times more 'powerful' than this explosion," Dr. Wiseman wrote. "But that power only lasts for 20 milliseconds," adding that this explosion has lasted years.

Slashdot reader storagedude writes: If cloud service providers are the only ones who can get security right, will everyone eventually move to the cloud?

That's one of the questions longtime IT systems architect Henry Newman asks in a new article on eSecurity Planet.

"The concept of zero trust has been around since 2010, when Forrester Research analyst John Kindervag created the zero trust security model. Yet two years after the devastating Colonial Pipeline attack and strong advocacy from the U.S. government and others, we are still no closer to seeing zero trust architecture widely adopted," Newman writes. "The only exception, it seems, has been cloud service providers, who boast an enviable record when it comes to cybersecurity, thanks to rigorous security practices like Google's continuous patching."

"As security breaches continue to happen hourly, sooner or later zero trust requirements are going to be forced upon all organizations, given the impact and cost to society. The Biden Administration is already pushing ambitious cybersecurity legislation, but it's unlikely to get very far in the current Congress. I am very surprised that the cyber insurance industry has not required zero trust architecture already, but perhaps the $1.4 billion Merck judgment that went against the industry last week will begin to change that.

"The central question is, can any organization implement a full zero trust stack, buy hardware and software from various vendors and put it together, or will we all have to move to cloud service providers (CSPs) to get zero trust security?

"Old arguments that cloud profit margins will eventually make on-premises IT infrastructure seem like the cheaper alternative failed to anticipate an era when security became so difficult that only cloud service providers could get it right."

Cloud service providers have one key advantage when it comes to security, Newman notes: They control, write and build much of their software and hardware stacks.

Newman concludes: "I am somewhat surprised that cloud service providers don't tout their security advantages more than they do, and I am equally surprised that the commercial off-the-shelf vendors do not band together faster than they have been to work on zero trust. But what surprises me the most is the lack of pressure on everyone to move to zero trust and get a leg or two up on the current attack techniques and make the attack plane much smaller than it is."

Long-time Slashdot reader theodp writes: AWS offered A Look Inside the Making of an NFL Football Schedule in conjunction with Thursday's release of the 2023 NFL Schedule Powered by AWS. AWS notes that producing the schedule required the use of 4,000+ AWS EC2 Spot Instances. An AWS promotional video claims they "saved the NFL an estimated $2 million each season" by leveraging AWS Spot Instances for a discount of up to 90% off compared to AWS On-Demand pricing..

"In just three months," AWS explains, "National Football League (NFL) schedule makers methodically build an exciting 18 week 272-game schedule spanning 576 possible game windows." Up until 10 years ago, AWS notes in an accompanying infographic, the NFL used a white-boarding process to manually craft its schedule.

Not to diminish the NFL's and AWS's 2023 scheduling achievement, but the 2013 documentary The Schedule Makers told the remarkable tale of the husband-and-wife duo of Henry and Holly Stephenson, who for almost a quarter of a century in the pre-Cloud era managed the scheduling for 30 Major League Baseball (MLB) teams who each played 162 regular season games a year. According to the May 1985 Atari Compendium (pg. 38), the Stephensons were using a self-written program running on a 64K IMS-8000 to help schedule games for the MLB (2,106 games over a 6-month season), NBA, and NASL/MISL (defunct soccer leagues). So perhaps the NFL's claim that "There's no way the NFL could deliver the quality of schedule that we put out every year for our fans and television partners without the contributions of our friends at AWS" should be taken with a grain of salt.

ZDNet reports that Jim Zemlin, executive director at the Linux Foundation, recently noted rounds of tech-industry layoffs "in the name of cost-cutting." But then Zemlin added that "open source is countercyclical to these trends. The Linux Foundation itself, for instance, had its best first quarter ever."

As Hilary Carter, SVP of research and communications at the Linux Foundation, said in her keynote speech at Open Source Summit North America in Vancouver, Canada: "In spite of what the headlines are saying, the facts are 57% of organizations are adding workers this year." Carter was quoting figures from the Linux Foundation's latest job survey, which was released at the event.

Other research also points to brighter signs in tech employment trends. CompTIA's recent analysis of the latest Bureau of Labor Statistics (BLS) data suggests the tech unemployment rate climbed by just 2.3% in April. In fact, more organizations plan to increase their technical staff levels rather than decrease.

The demand for skilled tech talent remains strong, particularly in fast-developing areas, such as cloud and containers, cybersecurity, and artificial intelligence and machine learning. So, what do these all areas of technology have in common? The answer is they're all heavily dependent on open source and Linux technologies.
While layoffs are happening at Microsoft, Amazon, Google, IBM, and even Red Hat, "the Linux Foundation found senior technical roles are seeing the biggest cuts," the article points out. "New hiring is focused on developers and IT managers." And companies are also spending more on training for existing technical staff, "driven by the fact that there aren't enough experts in hot technologies, such as Kubernetes and generative AI, to go around." Interestingly, a college degree is no longer seen as such a huge benefit. Businesses responding to the Linux Foundation's research felt upskilling (91%) and certifications (77%) are more important than a university education (58%) when it comes to addressing technology needs.

An anonymous reader quotes a report from Ars Technica: After the release of Apple's AirTags, Google suddenly has interest in the Bluetooth tracker market. The company has already quietly rolled out what must be the world's largest Bluetooth tracking network via Android's 3 billion active devices, and now trackers are starting to plug in to that network. Google is taking the ecosystem approach and letting various companies plug in to the Android Bluetooth tracking network, which has the very derivative name of "Find My Device." While these Bluetooth trackers are great for finding your lost car keys on a messy desk, they can also work as worldwide GPS trackers and locate items much farther away, even though they don't have GPS. The IDs of Bluetooth devices are public, so Tile started this whole idea of crowdsourced Bluetooth tracker location, called the "Tile Network." Every phone with the Tile app installed scans Bluetooth devices in the background and, using the phone GPS, uploads their last seen location to the cloud. This location data is only available to the person who owns the Tile, but every Tile user works to scan the environment and upload any Tiles the app can see. [...]

Now, third-party Bluetooth trackers for Android's network are starting to arrive. The two companies that have announced products are Chipolo and Pebblebee, both of which seem to be cloning the Tile line of products. Both offer normal keychain tracker tags and slim credit card format trackers. The worst habits of Tile include making completely disposable products because the batteries can't be changed, but it looks like our clones have mostly avoided that. All of Pebblebee's Find My Device products are rechargeable, which is great, while the Chipolo keychain tracker has a replaceable CR2032 battery. Only the Chipolo wallet tracker is disposable (boo!). All these tags will show up in the Find My Device app, right alongside your Android phones, headphones, and whatever else you have that plugs in to the network. They also have a speaker, like normal, so you can make them ring when you're near them. Both sets of products are up for preorder now.

Toyota Japan has apologized after admitting to leaving millions of customers' vehicle details on the public internet for a decade. From a report: The car maker said in a notice that it will notify about 2.15 million customers whose personal and vehicle information were left exposed to the internet after a "cloud misconfiguration" was discovered recently in April. Toyota said that the exposed data includes: registered email addresses; vehicle-unique chassis and navigation terminal numbers; the location of vehicles and what time they were there; and videos from the vehicle's "drive recorder" which records footage from the car. Toyota said the data spilling from its Connected Cloud (TC) was initially exposed in November 2013, but pertains only to vehicles in Japan, according to the company. The company's connected service provides Toyota customers with information about their vehicle, provides in-car entertainment services, and helps to notify authorities in the event of an accident or breakdown.

Google, in a blog post: PaLM 2 is a state-of-the-art language model with improved multilingual, reasoning and coding capabilities.

Multilinguality: PaLM 2 [PDF] is more heavily trained on multilingual text, spanning more than 100 languages. This has significantly improved its ability to understand, generate and translate nuanced text -- including idioms, poems and riddles -- across a wide variety of languages, a hard problem to solve. PaLM 2 also passes advanced language proficiency exams at the "mastery" level.
Reasoning: PaLM 2's wide-ranging dataset includes scientific papers and web pages that contain mathematical expressions. As a result, it demonstrates improved capabilities in logic, common sense reasoning, and mathematics.
Coding: PaLM 2 was pre-trained on a large quantity of publicly available source code datasets. This means that it excels at popular programming languages like Python and JavaScript, but can also generate specialized code in languages like Prolog, Fortran and Verilog.

Even as PaLM 2 is more capable, it's also faster and more efficient than previous models -- and it comes in a variety of sizes, which makes it easy to deploy for a wide range of use cases. We'll be making PaLM 2 available in four sizes from smallest to largest: Gecko, Otter, Bison and Unicorn. Gecko is so lightweight that it can work on mobile devices and is fast enough for great interactive applications on-device, even when offline. This versatility means PaLM 2 can be fine-tuned to support entire classes of products in more ways, to help more people.

At I/O today, we announced over 25 new products and features powered by PaLM 2. That means that PaLM 2 is bringing the latest in advanced AI capabilities directly into our products and to people -- including consumers, developers, and enterprises of all sizes around the world. Here are some examples:

PaLM 2's improved multilingual capabilities are allowing us to expand Bard to new languages, starting today. Plus, it's powering our recently announced coding update.
Workspace features to help you write in Gmail and Google Docs, and help you organize in Google Sheets are all tapping into the capabilities of PaLM 2 at a speed that helps people get work done better, and faster.
Med-PaLM 2, trained by our health research teams with medical knowledge, can answer questions and summarize insights from a variety of dense medical texts. It achieves state-of-the-art results in medical competency, and was the first large language model to perform at "expert" level on U.S. Medical Licensing Exam-style questions. We're now adding multimodal capabilities to synthesize information like x-rays and mammograms to one day improve patient outcomes. Med-PaLM 2 will open up to a small group of Cloud customers for feedback later this summer to identify safe, helpful use cases.

Amazon CTO Werner Vogels, writes in a blog post: Software architectures are not like the architectures of bridges and houses. After a bridge is constructed, it is hard, if not impossible, to change the way it was built. Software is quite different, once we are running our software, we may get insights about our workloads that we did not have when it was designed. And, if we had realized this at the start, and we chose an evolvable architecture, we could change components without impacting the customer experience. My rule of thumb has been that with every order of magnitude of growth you should revisit your architecture, and determine whether it can still support the next order level of growth.

A great example can be found in two insightful blog posts written by Prime Video's engineering teams. The first describes how Thursday Night Football live streaming is built around a distributed workflow architecture. The second is a recent post that dives into the architecture of their stream monitoring tool, and how their experience and analysis drove them to implement it as a monolithic architecture. There is no one-size-fits-all. We always urge our engineers to find the best solution, and no particular architectural style is mandated. If you hire the best engineers, you should trust them to make the best decisions.

I always urge builders to consider the evolution of their systems over time and make sure the foundation is such that you can change and expand them with the minimum number of dependencies. Event-driven architectures (EDA) and microservices are a good match for that. However, if there are a set of services that always contribute to the response, have the exact same scaling and performance requirements, same security vectors, and most importantly, are managed by a single team, it is a worthwhile effort to see if combining them simplifies your architecture.

Evolvable architectures are something that we've taken to heart at Amazon from the very start. Re-evaluating and re-architecting our systems to meet the ever-increasing demands of our customers. You can go all the way back to 1998, when a group of senior engineers penned the Distributed Computing Manifesto, which put the wheels in motion to move Amazon from a monolith to a service-oriented architecture. In the decades since, things have continued to evolve, as we moved to microservices, then microservices on shared infrastructure, and as I spoke about at re:Invent, EDA.

An anonymous reader quotes a report from TechCrunch: NextGen Healthcare, a U.S.-based provider of electronic health record software, admitted that hackers breached its systems and stole the personal data of more than 1 million patients. In a data breach notification filed with the Maine attorney general's office, NextGen Healthcare confirmed that hackers accessed the personal data of 1.05 million patients, including approximately 4,000 Maine residents. In a letter sent to those affected, NextGen Healthcare said that hackers stole patients' names, dates of birth, addresses and Social Security numbers. "Importantly, our investigation has revealed no evidence of any access or impact to any of your health or medical records or any health or medical data," the company added. TechCrunch asked NextGen Healthcare whether it has the means, such as logs, to determine what data was exfiltrated, but company spokesperson Tami Andrade declined to answer.

In its filing with Maine's AG, NextGen Healthcare said it was alerted to suspicious activity on March 30, and later determined that hackers had access to its systems between March 29 and April 14, 2023. The notification says that the attackers gained access to its NextGen Office system -- a cloud-based EHR and practice management solution -- using client credentials that "appear to have been stolen from other sources or incidents unrelated to NextGen." "When we learned of the incident, we took steps to investigate and remediate, including working together with leading outside cybersecurity experts and notifying law enforcement," Andrade told TechCrunch in a statement. "The individuals known to be impacted by this incident were notified on April 28, 2023, and we have offered them 24 months of free fraud detection and identity theft protection." NextGen was also the victim of a ransomware attack in January this year, adds TechCrunch. The stolen data, including employee names, addresses, phone numbers and passport scans, appears to be available on the dark web.

Slack sees the future: Imagine if every time you hop into a channel, you'll be able to get up to speed on unread Slack messages in one click — whether you're jumping in midway through a project or catching up from being out of the office. In the future, with generative AI built seamlessly into the user experience, conversation summaries will be there when you need them, the moment you start scrolling through a channel.

With AI assistance built natively into Slack's message composer and canvas, a new surface for curating information, Slack GPT could also help you tweak your drafts until the words are just right. In a few clicks, you'll be able to distill content, adjust the tone, and more, right from where you're already writing.
In fact, Slack "previewed generative AI tools on Thursday," reports the Register, "currently under development and bundled under the banner Slack GPT." Customers will be able to use large language models like Anthropic's Claude as well as OpenAI's GPT to instruct the chatbots to perform other tasks, like search or answering questions.

Slack is also working on Workflow Builder — a no-code automation tool that will enable users to add generative prompts to automatically perform tasks for them, like setting up alerts or writing and sharing documents... Other tools, like its forthcoming Einstein GPT app, are aimed at supporting existing Salesforce services in its CRM software. Users of Salesforce Customer 360 data and Data Cloud — like customer service agents, sales reps, or marketers — can access language models to generate leads, write emails, schedule meetings, or draft plans. Einstein GPT will also be able to handle code, so developers can ask chatbots to write short programs or fix bugs.

It's not clear when Slack GPT or Einstein GPT will be generally available. Integration with Anthropic's Claude, however, is available now, whilst integration with ChatGPT is currently in beta. Workflow Builder is scheduled to be released in summer this year.
From Slack's announcement: Say you have a workflow that alerts you when a new lead comes in from Sales Cloud, ensuring sales reps can quickly respond. Imagine if ChatGPT could take your workflow a few steps further, using CRM data from a sales lead to draft a personalized prospecting email for you? Put it in a document, share it in a channel, and every sales rep now has a head start when they follow up on the lead.

According to Bloomberg (paywalled), Microsoft is helping finance AMD's expansion into AI chips. Meanwhile, AMD is working with Microsoft to create an in-house chipset, codenamed Athena, for the software giant's data centers. Paul Thurrott reports: Athena is designed as a cost-effective replacement for AI chipsets from Nvidia, which currently dominates this market. And it comes with newfound urgency as Microsoft's ChatGPT-powered Bing chatbot workloads are incredibly expensive using third-party chips. With Microsoft planning to expand its use of AI dramatically this year, it needs a cheaper alternative.

Microsoft's secretive hardware efforts also come amid a period of Big Tech layoffs. But the firm's new Microsoft Silicon business, led by former Intel executive Rani Borkar, is growing and now has almost 1,000 employees, several hundred of which are working on Athena. The software giant has invested about $2 billion on this effort so far, Bloomberg says. (And that's above the $11 billion it's invested in ChatGPT maker OpenAI.) Bloomberg also says that Microsoft intends to keep partnering with Nvidia too, and that it will continue buying Nvidia chipsets as needed.

An anonymous reader shares a report: We recently covered a study by Secure Data Recovery, an HDD, SSD, and RAID data recovery company, of 2,007 defective hard disk drives it received. It found the average time before failure among those drives to be 2 years and 10 months. That seemed like a short life span, but considering the limited sample size and analysis in Secure Data Recovery's report, there was room for skepticism. Today, Backblaze, a backup and cloud storage company with a reputation for detailed HDD and SSD failure analysis, followed up Secure Data Recovery's report with its own research using a much larger data set. Among the 17,155 failed HDDs Backblaze examined, the average age at which the drives failed was 2 years and 6 months.

Backblaze arrived at this age by examining all of its failed drives and their respective power-on hours. The company recorded each drive's failure date, model, serial number, capacity, failure, and SMART raw value. The 17,155 drives examined include 72 different models and does not include failed boot drives, drives that had no SMART raw attribute data, or drives with out-of-bounds data. If Backblaze only looked at drives that it didn't use in its data centers anymore, there would be 3,379 drives across 35 models, and the average age of failure would be a bit longer at 2 years and 7 months. Backblaze said its results thus far "are consistent" with Secure Data Recovery's March findings. This is despite Backblaze currently using HDDs that are older than 2 years and 7 months.

An anonymous reader shares a report: Not everyone trusts OpenAI's ChatGPT. While the new artificial intelligence-powered chatbot has proved popular with some businesses looking to automate business tasks, other companies, such as banks, have avoided adopting ChatGPT for fear that their employees would inadvertently give the chatbot proprietary information when they use it. Microsoft, which has the rights to resell the startup's technology, has a plan to win over the holdouts.

Later this quarter Microsoft's Azure cloud server unit plans to sell a version of ChatGPT that runs on dedicated cloud servers where the data will be kept separate from those of other customers, according to two people with knowledge of the upcoming announcement. The idea is to give customers peace of mind that their secrets won't leak to the main ChatGPT system, the people said. But it will come at a price: The product could cost as much as 10 times what customers currently pay to use the regular version of ChatGPT, one of these people said.

An anonymous reader quotes a report from The Register: Tencent Cloud has announced it's offering a digital human production platform -- essentially Deepfakes-as-a-Service (DFaaS). According to Chinese media and confirmed to The Reg by Tencent, the service needs just three minutes of live-action video and 100 spoken sentences -- and a $145 fee -- to create a high-definition digital human. Gestating the creation requires just 24 hours. Making people hasn't been that quick since Eden.

The digital characters are available in half bodies or full bodies, and the service is available in both Chinese and English. Some aspects, like background and tone, are customizable. The videos avoid the flat intonation and single speech rhythm that plagues traditional acoustic models by using an in-house small-sample timbre customization technology that relies on deep learning acoustic models and neural network vocoders. [...] Tencent offers five styles for its digital humans: 3D realistic, 3D semi-realistic, 3D cartoon, 2D real person, and 2D cartoon. Customized Q&As can be created for the digital human, turning them into a type of deepfaked chatbot.

A shocking number of organizations -- including banks and healthcare providers -- are leaking private and sensitive information from their public Salesforce Community websites, KrebsOnSecurity has learned. From the report: The data exposures all stem from a misconfiguration in Salesforce Community that allows an unauthenticated user to access records that should only be available after logging in. Salesforce Community is a widely-used cloud-based software product that makes it easy for organizations to quickly create websites. Customers can access a Salesforce Community website in two ways: Authenticated access (requiring login), and guest user access (no login required). The guest access feature allows unauthenticated users to view specific content and resources without needing to log in.

However, sometimes Salesforce administrators mistakenly grant guest users access to internal resources, which can cause unauthorized users to access an organization's private information and lead to potential data leaks. Until being contacted by this reporter on Monday, the state of Vermont had at least five separate Salesforce Community sites that allowed guest access to sensitive data, including a Pandemic Unemployment Assistance program that exposed the applicant's full name, Social Security number, address, phone number, email, and bank account number.

After security researchers criticized Google for not including end-to-end encryption with Authenticator's account-syncing update, the company announced "plans to offer E2EE" in the future. "Right now, we believe that our current product strikes the right balance for most users and provides significant benefits over offline use," writes Google product manager Christiaan Brand on Twitter. "However, the option to use the app offline will remain an alternative for those who prefer to manage their backup strategy themselves." The Verge reports: Earlier this week, Google Authenticator finally started giving users the option to sync two-factor authentication codes with their Google accounts, making it much easier to sign into accounts on new devices. While this is a welcome change, it also poses some security concerns, as hackers who break into someone's Google account could potentially gain access to a trove of other accounts as a result. If the feature supported E2EE, hackers and other third parties, including Google, wouldn't be able to see this information.

Security researchers Mysk highlighted some of these risks in a post on Twitter, noting that "if there's ever a data breach or if someone obtains access to your Google Account, all of your 2FA secrets would be compromised." They added that Google could potentially use the information linked to your accounts to serve personalized ads and also advised users not to use the syncing feature until it supports E2EE. Brand pushed back against the criticism, stating that while Google encrypts "data in transit, and at rest, across our products, including in Google Authenticator," applying E2EE comes at the "cost of enabling users to get locked out of their own data without recovery."

Microsoft's president Brad Smith said the UK regulator's decision to prevent its acquisition of 'Call of Duty' maker Activision Blizzard "had shaken confidence" in Britain as a destination for tech businesses. From a report: The Competition and Markets Authority (CMA), which operates independently from government, blocked the deal on Wednesday, saying it could hit competition in the nascent cloud gaming market. Microsoft hit back on Thursday, saying it was "probably the darkest day in our four decades in Britain" and sent the wrong message to the global tech industry about the UK.

"If the government of the United Kingdom wants to bring in investment, if it wants to create jobs (...) it needs to look hard at the role of the CMA, the regulatory structure in the United Kingdom, this transaction, and the message that the United Kingdom has just said to the world," he told BBC radio. "We continue to believe that the UK has an extremely attractive tech sector and a growing games market," he said. "We will continue to engage proactively with Microsoft and other companies."

Cloud storage giant Dropbox today joined the fray of tech companies announcing layoffs. From a report: The company today announced that it would be laying off 16% of its staff, equivalent to about 500 employees, due to slowing growth, and -- in the words of CEO Drew Houston -- because "the AI era of computing has finally arrived." These appear to be the first layoffs the company has made since January 2021, when it laid off 315 employees in the throes of the Covid-19 pandemic.

An anonymous reader quotes a report from TechCrunch: In pursuit of "safer" text-generating models, Nvidia today released NeMo Guardrails, an open source toolkit aimed at making AI-powered apps more "accurate, appropriate, on topic and secure." Jonathan Cohen, the VP of applied research at Nvidia, says the company has been working on Guardrails' underlying system for "many years" but just about a year ago realized it was a good fit for models along the lines of GPT-4 and ChatGPT. "We've been developing toward this release of NeMo Guardrails ever since," Cohen told TechCrunch via email. "AI model safety tools are critical to deploying models for enterprise use cases."

Guardrails includes code, examples and documentation to "add safety" to AI apps that generate text as well as speech. Nvidia claims that the toolkit is designed to work with most generative language models, allowing developers to create rules using a few lines of code. Specifically, Guardrails can be used to prevent -- or at least attempt to prevent -- models from veering off topic, responding with inaccurate information or toxic language and making connections to "unsafe" external sources. Think keeping a customer service assistant from answering questions about the weather, for instance, or a search engine chatbot from linking to disreputable academic journals. "Ultimately, developers control what is out of bounds for their application with Guardrails," Cohen said. "They may develop guardrails that are too broad or, conversely, too narrow for their use case."

While companies like Zapier are using Guardrails to add a layer of safety to their generative models, Nvidia acknowledges that the toolkit isn't imperfect; it won't catch everything, in other words. Cohen also notes that Guardrails works best with models that are "sufficiently good at instruction-following," a la ChatGPT, and that use the popular LangChain framework for building AI-powered apps. That disqualifies some of the open source options out there. And -- effectiveness of the tech aside -- it must be emphasized that Nvidia isn't necessarily releasing Guardrails out of the goodness of its heart. It's a part of the company's NeMo framework, which is available through Nvidia's enterprise AI software suite and its NeMo fully managed cloud service. Any company can implement the open source release of Guardrails, but Nvidia would surely prefer that they pay for the hosted version instead.

According to The Verge, Amazon is shuttering its health-focused Halo division. All three Halo products will be discontinued and portions of the Halo team will be laid off. From the report: "We have made the difficult decision to wind down the Halo program, which will result in role reductions," Melissa Cha, Amazon's VP of smart home and health, told staffers in an email obtained by The Verge. "More recently, Halo has faced significant headwinds, including an increasingly crowded segment and an uncertain economic environment. Although our customers love many aspects of Halo, we must prioritize resources and maximize benefits to customers and the long-term health of the business."

"We continually evaluate the progress and potential of our products to deliver customer value, and we regularly make adjustments based on those assessments," Amazon spokesperson Kristy Schmidt told The Verge in an email. "We recently made the difficult decision to stop supporting Amazon Halo effective July 31, 2023. We are incredibly proud of the invention and hard work that went into building Halo on behalf of our customers, and our priorities are taking care of our customers and supporting our employees." The company says it will refund customers who bought a Halo devices or accessory band in the last 12 months. "All unused prepaid Halo subscription fees will be refunded, and users will no longer be charged," adds The Verge. Early adopters, like myself, are out of luck.

In related news, Amazon kicked off another round of layoffs today, impacting its cloud computing and human resources divisions.