CBS News investigates what happened when police thought they'd tracked down a "porch pirate" who'd stolen a package — and accused an innocent woman.

"You know why I'm here," the police sergeant tells Chrisanna Elser. "You know we have cameras in that town..." "It went right into, 'we have video of you stealing a package,'" Elser said... "Can I see the video?" Elser asked. "If you go to court, you can," the officer replied. "If you're going to deny it, I'm not going to extend you any courtesy...." [You can watch a video of the entire confrontation.] On her doorstep, the officer issued a summons, without ever looking at the surveillance video Elser had. "We can show you exactly where we were," she told him. "I already know where you were," he replied.

Her Rivian — equipped with multiple cameras — had recorded her entire route that day... It took weeks of her collecting her own evidence, building timelines, and submitting videos before someone listened. Finally, she received an email from the Columbine Valley police chief acknowledging her efforts in an email saying, "nicely done btw (by the way)," and informing her the summons would not be filed.
Elser also found the theft video (which the police officer refused to show her) on Nextdoor, reports Electrek. "The woman has the same color hair, but different facial and nose shape and apparent age than Elser, which is all reasonably apparent when viewing the video..."

But Elser does drive a green Rivian truck, which police knew had entered the neighborhood 20 times over the course of a month. (Though in the video the officer is told that a male driver in the same household passes through that neighborhood driving to and from work.) The problem may be their certainty — derived from Flock's network of cameras that automatically read license plates, "tracking movements of vehicles wherever they go..." The system has provoked concern from privacy and freedom focused organizations like the Electronic Frontier Foundation and American Civil Liberties Union. Flock also recently announced a partnership with Ring, seeking to use a network of doorbell cameras to track Americans in even more places.... [The police] didn't even have video of the truck in the area — merely tags of it entering... (it also left the area minutes later, indicating a drive through, rather than crawling through neighborhoods looking for packages — but police neglected to check the exit timestamps)... Elser has asked for an apology for [officer] Milliman's aggressive behavior during the encounter, but has heard nothing back from the department despite a call, email, and physical appearance at the police station.
The article points out that Rivian's "Road Cam" feature can be set to record footage of everything happening around it using the car's built in cameras for driver-assist features. But if you want to record footage all the time, you'll need to plug in a USB-C external drive to store it. (It's ironic how different cameras recorded every part of this story — the theft, the police officer accusing the innocent woman, and that innocent woman's actual whereabouts.)

Electrek's take? "Citizens should not need to own a $70k+ truck, or even a $100 external hard drive, to keep track of everything they do in order to prove to power-tripping officers that they didn't commit a crime."

"We've spent the last year rebuilding major components of our system," Cloudflare announced this week, "and we've just slashed the latency of traffic passing through our network for millions of our customers," (There's a 10ms cut in the median time to respond, plus a 25% performance boost as measured by CDN performance tests.) They replaced a 15-year-old system named FL (where they run security and performance features), and "At the same time, we've made our system more secure, and we've reduced the time it takes for us to build and release new products."

And yes, Rust was involved: We write a lot of Rust, and we've gotten pretty good at it... We built FL2 in Rust, on Oxy [Cloudflare's Rust-based next generation proxy framework], and built a strict module framework to structure all the logic in FL2... Built in Rust, [Oxy] eliminates entire classes of bugs that plagued our Nginx/LuaJIT-based FL1, like memory safety issues and data races, while delivering C-level performance. At Cloudflare's scale, those guarantees aren't nice-to-haves, they're essential. Every microsecond saved per request translates into tangible improvements in user experience, and every crash or edge case avoided keeps the Internet running smoothly. Rust's strict compile-time guarantees also pair perfectly with FL2's modular architecture, where we enforce clear contracts between product modules and their inputs and outputs...

It's a big enough distraction from shipping products to customers to rebuild product logic in Rust. Asking all our teams to maintain two versions of their product logic, and reimplement every change a second time until we finished our migration was too much. So, we implemented a layer in our old NGINX and OpenResty based FL which allowed the new modules to be run. Instead of maintaining a parallel implementation, teams could implement their logic in Rust, and replace their old Lua logic with that, without waiting for the full replacement of the old system.
Over 100 engineers worked on FL2 — and there was extensive testing, plus a fallback-to-FL1 procedure. But "We started running customer traffic through FL2 early in 2025, and have been progressively increasing the amount of traffic served throughout the year...." As we described at the start of this post, FL2 is substantially faster than FL1. The biggest reason for this is simply that FL2 performs less work [thanks to filters controlling whether modules need to run]... Another huge reason for better performance is that FL2 is a single codebase, implemented in a performance focussed language. In comparison, FL1 was based on NGINX (which is written in C), combined with LuaJIT (Lua, and C interface layers), and also contained plenty of Rust modules. In FL1, we spent a lot of time and memory converting data from the representation needed by one language, to the representation needed by another. As a result, our internal measures show that FL2 uses less than half the CPU of FL1, and much less than half the memory. That's a huge bonus — we can spend the CPU on delivering more and more features for our customers!

Using our own tools and independent benchmarks like CDNPerf, we measured the impact of FL2 as we rolled it out across the network. The results are clear: websites are responding 10 ms faster at the median, a 25% performance boost. FL2 is also more secure by design than FL1. No software system is perfect, but the Rust language brings us huge benefits over LuaJIT. Rust has strong compile-time memory checks and a type system that avoids large classes of errors. Combine that with our rigid module system, and we can make most changes with high confidence...

We have long followed a policy that any unexplained crash of our systems needs to be investigated as a high priority. We won't be relaxing that policy, though the main cause of novel crashes in FL2 so far has been due to hardware failure. The massively reduced rates of such crashes will give us time to do a good job of such investigations. We're spending the rest of 2025 completing the migration from FL1 to FL2, and will turn off FL1 in early 2026. We're already seeing the benefits in terms of customer performance and speed of development, and we're looking forward to giving these to all our customers.

After that, when everything is modular, in Rust and tested and scaled, we can really start to optimize...!
Thanks to long-time Slashdot reader Beeftopia for sharing the article.

Slashdot reader BrianFagioli writes: Password manager 1Password's 2025 Annual Report: The Access-Trust Gap exposes how everyday employees are becoming accidental hackers in the AI era. The company's data shows that 73% of workers are encouraged to use AI tools, yet more than a third admit they do not always follow corporate policies. Many employees are feeding sensitive information into large language models or using unapproved AI apps to get work done, creating what 1Password calls "Shadow AI." At the same time, traditional defenses like single sign-on (SSO) and mobile device management (MDM) are failing to keep pace, leaving gaps in visibility and control.

The report warns that corporate security is being undermined from within. More than half of employees have installed software without IT approval, two-thirds still use weak passwords, and 38% have accessed accounts at previous employers. Despite rising enthusiasm for passkeys and passwordless authentication, 1Password says most organizations still depend on outdated systems that were never built for cloud-native, AI-driven work. The result is a growing "Access-Trust Gap" that could allow AI chaos and employee shortcuts to dismantle enterprise security from the inside.

An anonymous reader quotes a report from CNBC: Korean semiconductor giant Samsung said Thursday that it plans to buy and deploy a cluster of 50,000 Nvidia graphics processing units to improve its chip manufacturing for mobile devices and robots. The 50,000 Nvidia GPUs will be used to create a facility Samsung is calling an "AI Megafactory." Samsung didn't provide details about when the facility would be built. It's the latest splashy partnership for Nvidia, whose chips remain essential for building and deploying advanced artificial intelligence. [...]

On Thursday, Nvidia representatives said they will work with Samsung to adapt the Korean company's chipmaking lithography platform to work with Nvidia's GPUs. That process will results in 20 times better performance for Samsung, the Nvidia representatives said. Samsung will also use Nvidia's simulation software called Omniverse. Known for its mobile phones, Samsung also said it would use the Nvidia chips to run its own AI models for its devices. In addition to being a partner and customer, Samsung is also a key supplier for Nvidia. Samsung makes the kind of high-performance memory Nvidia uses in large quantities, alongside its AI chips, called high bandwidth memory. Samsung said it will work with Nvidia to tweak its HBM4 memory for use in AI chips.

OpenAI has introduced Aardvark, a GPT-5-powered autonomous agent that scans, reasons about, and patches code like a human security researcher. "By embedding itself directly into the development pipeline, Aardvark aims to turn security from a post-development concern into a continuous safeguard that evolves with the software itself," reports InfoWorld. From the report: What makes Aardvark unique, OpenAI noted, is its combination of reasoning, automation, and verification. Rather than simply highlighting potential vulnerabilities, the agent promises multi-stage analysis -- starting by mapping an entire repository and building a contextual threat model around it. From there, it continuously monitors new commits, checking whether each change introduces risk or violates existing security patterns.

Additionally, upon identifying a potential issue, Aardvark attempts to validate the exploitability of the finding in a sandboxed environment before flagging it. This validation step could prove transformative. Traditional static analysis tools often overwhelm developers with false alarms -- issues that may look risky but aren't truly exploitable. "The biggest advantage is that it will reduce false positives significantly," noted Jain. "It's helpful in open source codes and as part of the development pipeline."

Once a vulnerability is confirmed, Aardvark integrates with Codex to propose a patch, then re-analyzes the fix to ensure it doesn't introduce new problems. OpenAI claims that in benchmark tests, the system identified 92 percent of known and synthetically introduced vulnerabilities across test repositories, a promising indication that AI may soon shoulder part of the burden of modern code auditing.

ArsTechnica: When graphic design platform-provider Canva bought the Affinity image-editing and publishing apps early last year, we had some major questions about how the companies' priorities and products would mesh. How would Canva serve the users who preferred Affinity's perpetually licensed apps to Adobe's subscription-only software suite? And how would Affinity's strong stance against generative AI be reconciled with Canva's embrace of those technologies.

This week, Canva gave us definitive answers to all of those questions: a brand-new unified Affinity app that melds the Photo, Designer, and Publisher apps into a single piece of software called "Affinity by Canva" that is free to use with a Canva user account, but which gates generative AI features behind Canva's existing paid subscription plans ($120 a year for individuals).

This does seem like mostly good news, in the near to mid term, for existing Affinity app users who admired Affinity's anti-AI stance: All three apps' core features are free to use, and the stuff you're being asked to pay for is stuff you mostly don't want anyway. But it may come as unwelcome news for those who like the predictability of pay-once-own-forever software or are nervous about where Canva might draw the line between "free" and "premium" features down the line.

[...] There's now a dedicated page for the older versions of the Affinity apps, and an FAQ at the bottom of that page answers several questions about the fate of those apps. Affinity and Canva say they will continue to keep the activation servers and downloads for all Affinity v1 and v2 apps online for the foreseeable future, giving people who already own the existing apps a way to keep using the versions they're comfortable with. Users can opt to link their Serif Affinity store accounts to their new Canva accounts to access the old downloads without juggling multiple accounts. But those older versions of the apps "won't receive future updates" and won't be able to open files created in the new Canva-branded Affinity app.

An anonymous reader shares a report: Adobe brought together 10,000 marketers, filmmakers and content creators to its annual conference this week to persuade them that the company's software products are adapting to AI and remain the best tools for their work. But it's Adobe's investors, rather than its users, who are the most skeptical that generative AI technology won't disrupt the company's business as the top seller of software for creative professionals.

Despite a strong strategy, Adobe is "at risk of structural AI-driven competitive and pricing pressure," wrote Tyler Radke, an analyst at Citigroup. The company's shares have lost about a quarter of their value this year as AI tools like Google's video-generating model Veo have gained steam. In an interview with Bloomberg Television earlier this week, Adobe Chief Executive Officer Shantanu Narayen said the company is undervalued as the market is focused on semiconductors and the training of AI models.

PC Mag's Michael Kan writes: A "Keep Android Open" campaign is pushing back on new rules from Google that will reportedly block users from sideloading apps on Android phones. It's unclear who's running the campaign, but a blog post on the free Android app store F-Droid is directing users to visit the campaign's website, which urges the public to lobby government regulators to intervene and stop the upcoming restrictions. "Developers should have the right to create and distribute software without submitting to unnecessary corporate surveillance," reads an open letter posted to the site. [...]

Google has described the upcoming change as akin to requiring app developers to go through "an ID check at the airport." However, F-Droid condemned the new requirement as anti-consumer choice. "If you own a computer, you should have the right to run whatever programs you want on it," it says. Additionally, the rules threaten third-party app distribution on F-Droid, which operates as a "free/open-source app distribution" model.

In its blog post, F-Droid warns about the impact on users and Android app developers. "You, the creator, can no longer develop an app and share it directly with your friends, family, and community without first seeking Google's approval," the app store says. "Over half of all humankind uses an Android smartphone," the blog post adds. "Google does not own your phone. You own your phone. You have the right to decide who to trust, and where you can get your software from."

AI "cheating" app Cluely's CEO and cofounder, Chungin "Roy" Lee, said most startups flop because their products don't get seen. From a report: "Engineers just cannot make good content," Lee said during a Wednesday interview at TechCrunch Disrupt 2025 "There's a bunch of shallow replicas, but I challenge you to find one video you think is like, 'Yo, this is as tough as Cluely,'" he told TechCrunch.

Every startup needs to focus more on distribution. And most startups flop because they fail to get seen, even if they have product-market fit, Lee said. Cluely launched earlier this year as a tool to help software engineers cheat on their job interviews, among other use cases. The startup earlier this year posted a tongue-in-cheek video of Lee trying to use Cluely to impress a woman on a date, which went viral.

Nvidia is taking a $1 billion stake in Nokia, sending the Finnish telecom giant's shares up 22%. The two companies also struck a partnership to co-develop next-generation 6G and AI-driven networking technology. CNBC reports: The two companies also struck a strategic partnership to work together to develop next-generation 6G cellular technology. Nokia said that it would adapt its 5G and 6G software to run on Nvidia's chips, and will collaborate on networking technology for AI. Nokia said Nvidia would consider incorporating its technology into its future AI infrastructure plans. Nokia, a Finnish company, is best known for its early cellphones, but in recent years, it has primarily been a supplier of 5G cellular equipment to telecom providers.

Nvidia chief executive Jensen Huang said that maintaining the US edge in AI will require a steady approach that ensures China remains hooked on American technology. From a report: The chipmaker is in an "awkward place" as President Donald Trump prepares to meet with his Chinese counterpart Xi Jinping later this week, Huang told reporters Tuesday at a company conference in Washington. The Nvidia chief praised Trump's commitment to winning but urged careful engagement with China because of the country's massive software developer base and its growing technology capabilities.

During the meeting, Trump and Xi are expected to finalize an agreement to ease trade tensions between the world's two largest economies. When it comes to those negotiations, Huang said he has "no idea" if GPUs -- the chips central to artificial intelligence capabilities -- will be a topic between Trump and Xi.

Huang was careful to leave the negotiating to Trump but encouraged US leadership to think longer term on its overall AI strategy. "A policy that causes America to lose half of the world's developers is not beneficial long-term," Huang said, warning that it was still possible for the US to cede the AI race to China. Keeping US technology in front requires finesse," he said. "It requires balance. It requires long-term thinking."

NVIDIA has introduced NVQLink, an open system architecture that directly connects quantum processors with GPU-based supercomputers. The Quantum Insider reports: The new platform connects the high-speed, high-throughput performance of NVIDIA's GPU computing with quantum processing units (QPUs), allowing researchers to manage the intricate control and error-correction workloads required by quantum devices. According to a NVIDIA statement, the system was developed with guidance from researchers at major U.S. national laboratories including Brookhaven, Fermi, Lawrence Berkeley, Los Alamos, MIT Lincoln, Oak Ridge, Pacific Northwest, and Sandia.

Qubits, the basic units of quantum information, are extremely sensitive to noise and decoherence, making them prone to errors. Correcting and stabilizing these systems requires near-instantaneous feedback and coordination with classical processors. NVQLink is meant to meet that demand by providing an open, low-latency interconnect between quantum processors, control systems, and supercomputers -- effectively creating a unified environment for hybrid quantum applications.

The architecture offers a standardized, open approach to quantum integration, aligning with the company's CUDA-Q software platform to enable researchers to develop, test, and scale hybrid algorithms that draw simultaneously on CPUs, GPUs, and QPUs. The U.S. Department of Energy (DOE) -- which oversees several of the participating laboratories -- framed NVQLink as part of a broader national effort to sustain leadership in high-performance computing, according to NVIDIA.

The Python Software Foundation rejected a $1.5 million U.S. government grant because it required them to renounce all diversity, equity, and inclusion initiatives. "The non-profit would've used the funding to help prevent supply chain attacks; create a new automated, proactive review process for new PyPI packages; and make the project's work easily transferable to other open-source package managers," reports The Register. From the report: The programming non-profit's deputy executive director Loren Crary said in a blog post today that the National Science Founation (NSF) had offered $1.5 million to address structural vulnerabilities in Python and the Python Package Index (PyPI), but the Foundation quickly became dispirited with the terms (PDF) of the grant it would have to follow. "These terms included affirming the statement that we 'do not, and will not during the term of this financial assistance award, operate any programs that advance or promote DEI [diversity, equity, and inclusion], or discriminatory equity ideology in violation of Federal anti-discrimination laws,'" Crary noted. "This restriction would apply not only to the security work directly funded by the grant, but to any and all activity of the PSF as a whole."

To make matters worse, the terms included a provision that if the PSF was found to have voilated that anti-DEI diktat, the NSF reserved the right to claw back any previously disbursed funds, Crary explained. "This would create a situation where money we'd already spent could be taken back, which would be an enormous, open-ended financial risk," the PSF director added. The PSF's mission statement enshrines a commitment to supporting and growing "a diverse and international community of Python programmers," and the Foundation ultimately decided it wasn't willing to compromise on that position, even for what would have been a solid financial boost for the organization. "The PSF is a relatively small organization, operating with an annual budget of around $5 million per year, with a staff of just 14," Crary added, noting that the $1.5 million would have been the largest grant the Foundation had ever received - but it wasn't worth it if the conditions were undermining the PSF's mission. The PSF board voted unanimously to withdraw its grant application.

Nearly nine in ten Windows games can now run on Linux systems, according to data from ProtonDB compiled by Boiling Steam. The gains came through work by developers of WINE and Proton translation layers and through interest in hardware like the Steam Deck.

ProtonDB tracks games across five categories. Platinum-rated games run perfectly without adjustment. Gold titles need minor tweaks. Silver games are playable but imperfect. Bronze exists between silver and borked. Borked games refuse to launch. The proportion of new releases earning platinum ratings has grown. The red and dark red zones have thinned. Some popular titles remain incompatible, however. Boiling Steam noted that other developers appear averse to non-Windows gamers.

Chegg says it will lay off about 45% of its workforce, or 388 employees, as the "new realities" of artificial intelligence and diminished traffic from internet search have led to plummeting revenue. From a report: The online education company, founded 20 years ago, has been hit by the rise of generative AI software tools, such as OpenAI's ChatGPT, which have become increasingly popular among students.

Chegg also sued Google in February, arguing that AI summaries of search results have hurt its traffic and sales. The company reiterated that claim on Monday, saying AI and "reduced traffic from Google to content publishers" have damaged its business. "As a result, and reflecting the company's continued investment in AI, Chegg is restructuring the way it operates its academic learning products," the company said. The cuts come after Chegg in May laid off 22% of its workforce, citing increasing adoption of AI. Chegg's market cap has fallen 98.8% in recent years to about $135 million.

Apple is preparing to roll out a new Apple Wallet feature that lets U.S. users create digital IDs linked to their passports, usable at select TSA checkpoints. TechCrunch reports: The feature, previously announced as part of the iOS 26 release, comes on the heels of Apple's expansion of Wallet as more than a payment mechanism or ticket holder, but also a secure place to store a user's digital identity. Currently, support for government IDs in Apple Wallet has rolled out to 12 states and Puerto Rico, or roughly a third of U.S. license holders. However, the passport-tied Digital ID feature didn't arrive with the debut of iOS 26, as Apple said it would come in a future software update. [...]

The coming launch of passport-associated Digital IDs was announced on Sunday by Jennifer Bailey, VP of Apple Pay and Apple Wallet, at the Money 20/20 USA conference, where the exec also shared other stats about Wallet's adoption.

An anonymous reader quotes a report from Wired: As you're hunting through real estate listings for a new home in Franklin, Tennessee, you come across a vertical video showing off expansive rooms featuring a four-poster bed, a fully stocked wine cellar, and a soaking tub. In the corner of the video, a smiling real estate agent narrates the walk-through of your dream home in a soothing tone. It looks perfect -- maybe a little too perfect. The catch? Everything in the video isAI-generated. The real property is completely empty, and the luxury furniture is a product of virtual staging. The realtor's voice-over and expressions were born from text prompts. Even the camera's slow pan over each room is orchestrated by AI, because there was no actual video camera involved.

Any real estate agent can create "exactly that, at home, in minutes," says Alok Gupta, a former product manager at Facebook and software engineer at Snapchat who cofounded AutoReel, an app that allows realtors to turn images from their property listings into videos. He said that between 500 and 1,000 new listing videos are being created with AutoReel every day, with realtors across the US and even in New Zealand and India using the technology to market thousands of properties. This is one of many AI tools, including more familiar ones like OpenAI's ChatGPT and Google's Gemini, that are quickly reshaping the real estate industry into something that isn't necessarily, well, real. "People that want to buy a house, they're going to make the largest investment of their lifetime," said Nathan Cool, a real estate photographer who runs an educational YouTube channel. "They don't want to be fooled before they ever arrive."

Employees are using AI to generate fake expense receipts. Leading expense software platforms report a sharp increase in AI-created fraudulent documents following the launch of improved image generation models by OpenAI and Google. AppZen said fake AI receipts accounted for 14% of fraudulent documents submitted in September compared with none last year. Ramp flagged more than one million dollars in fraudulent invoices within 90 days. About 30% of financial professionals in the US and UK surveyed by Medius reported seeing a rise in falsified receipts after OpenAI released GPT-4o last year.

SAP Concur processes more than 80 million compliance checks monthly and now warns customers to not trust their eyes. The receipts include wrinkles in paper, detailed itemization matching real menus and signatures. Creating fraudulent documents previously required photo editing skills or paying for such services. Free and accessible image generation software has made it possible for anyone to falsify receipts in seconds by writing simple text instructions to chatbots.

Australia's competition regulator sued Microsoft today, accusing it of misleading millions of customers into paying higher prices for its Microsoft 365 software after bundling it with AI tool Copilot. From a report: The Australian Competition and Consumer Commission alleged that from October 2024, the technology giant misled about 2.7 million customers by suggesting they had to move to higher-priced Microsoft 365 personal and family plans that included Copilot.

After the integration of Copilot, the annual subscription price of the Microsoft 365 personal plan increased by 45% to A$159 ($103.32) and the price of the family plan increased by 29% to A$179, the ACCC said. The regulator said Microsoft failed to clearly tell users that a cheaper "classic" plan without Copilot was still available.

OpenAI's rival Anthropic has a different approach — and "a clearer path to making a sustainable business out of AI," writes the Wall Street Journal. Outside of OpenAI's close partnership with Microsoft, which integrates OpenAI's models into Microsoft's software products, OpenAI mostly caters to the mass market... which has helped OpenAI reach an annual revenue run rate of around $13 billion, around 30% of which it says comes from businesses.

Anthropic has generated much less mass-market appeal. The company has said about 80% of its revenue comes from corporate customers. Last month it said it had some 300,000 of them... Its cutting-edge Claude language models have been praised for their aptitude in coding: A July report from Menlo Ventures — which has invested in Anthropic — estimated via a survey that Anthropic had a 42% market share for coding, compared with OpenAI's 21%. Anthropic is also now ahead of OpenAI in market share for overarching corporate AI use, Menlo Ventures estimated, at 32% to OpenAI's 25%. Anthropic is also surprisingly close to OpenAI when it comes to revenue. The company is already at a $7 billion annual run rate and expects to get to $9 billion by the end of the year — a big lead over its better-known rival in revenue per user.

Both companies have backing in the form of investments from big tech companies — Microsoft for OpenAI, and a combination of Amazon and Google for Anthropic — that help provide AI computing infrastructure and expose their products to a broad set of customers. But Anthropic's growth path is a lot easier to understand than OpenAI's. Corporate customers are devising a plethora of money-saving uses for AI in areas like coding, drafting legal documents and expediting billing. Those uses are likely to expand in the future and draw more customers to Anthropic, especially as the return on investment for them becomes easier to measure...

Demonstrating how much demand there is for Anthropic among corporate customers, Microsoft in September said Anthropic's leading language model, Claude, would be offered within its Copilot suite of software despite Microsoft's ties to OpenAI.
"There is also a possibility that OpenAI's mass-market appeal becomes a turnoff for corporate customers," the article adds, "who want AI to be more boring and useful than fun and edgy."