OpenAI will need to raise at least $207 billion in new funding by 2030 to sustain operations while continuing to lose money, according to a new analysis from HSBC that models the company's cloud computing commitments against projected revenue. The bank's US software team updated its forecasts after OpenAI announced a $250 billion cloud compute rental deal with Microsoft in late October and a $38 billion deal with Amazon days later, bringing total contracted compute capacity to 36 gigawatts.

HSBC projects cumulative rental costs of $792 billion through 2030. Revenue growth remains strong in the model -- the bank expects OpenAI to reach 3 billion users by decade's end, up from roughly 800 million today -- but costs rise in lockstep, meaning OpenAI will still be subsidizing users well into the next decade. If revenue growth disappoints and investors turn cautious, the company's best option might be walking away from some data center commitments.

Up to 3 million low-skilled jobs could disappear in the UK by 2035 because of automation and AI, according to a report by a leading educational research charity. The Guardian: The jobs most at risk are those in occupations such as trades, machine operations and administrative roles, the National Foundation for Educational Research (NFER) said. Highly skilled professionals, on the other hand, were forecast to be more in demand as AI and technological advances increase workloads "at least in the short to medium term."

Overall, the report expects the UK economy to add 2.3 million jobs by 2035, but unevenly distributed. The findings stand in contrast to other recent research suggesting AI will affect highly skilled, technical occupations such as software engineering and management consultancy more than trades and manual work.

Chinese automakers may not be able to sell their electric vehicles in the United States due to steep tariffs and software restrictions, but they have found an alternative path to American eyeballs through a coordinated campaign targeting car influencers on YouTube, TikTok, and Instagram. The effort, the Verge reports, is largely organized by DCar Studio, a platform that invites US-based creators to Los Angeles to test-drive vehicles from brands like BYD, Geely and Xiaomi. DCar is actually Dongchedi, a car trading platform owned by TikTok parent ByteDance that raised $600 million on a $3 billion valuation in 2024. The strategy appears aimed at building global brand awareness rather than direct US sales.

Mark Greeven, professor at IMD Business School, told The Verge that American influencers still shape opinions across the Western world. "The charm offensive is to work with American influencers about Chinese EV cars because we still have a dominant opinion in the Western world, which is formed by English-speaking influential figures on social media," he said. Several creators told The Verge they have heard rumors of undisclosed payments for positive coverage.

The Justice Department has reached an agreement to settle an antitrust lawsuit against RealPage, a real estate software company that the government accused of enabling landlords to collude to raise rents. From a report: Using RealPage software, landlords shared information about their rents and occupancy rates with the company, after which an algorithm suggested what to charge renters. The government's suit, which was joined by several state attorneys general, accused RealPage of taking the confidential information and suggesting rents higher than those in a free market.

Under the settlement proposal, which requires approval by a federal judge overseeing the case in the Middle District of North Carolina, RealPage's software could no longer use information about current leases to train its algorithm. Nonpublic data from competing landlords would also be excluded when suggesting rents. "Competing companies must make independent pricing decisions, and with the rise of algorithmic and artificial intelligence tools, we will remain at the forefront of vigorous antitrust enforcement," said Gail Slater, who leads the antitrust division at the Department of Justice, in a news release.

Core Devices has fully open-sourced the entire Pebble software stack and confirmed the first Pebble Time 2 shipments will start in January. "This is the clearest sign yet that the platform is shifting from a company-led product to a community-backed project that can survive independently," reports Gadgets & Wearables. From the report: The announcement follows weeks of tension between Core Devices and parts of the Pebble community. By moving from 95 to 100 percent open source, the company has essentially removed itself as a bottleneck. Users can now build, run, and maintain every piece of software needed to operate a Pebble watch. That includes firmware for the watch and mobile apps for Android and iOS. This puts the entire software stack into public hands. According to the announcement, Core Devices has released the mobile app source code, enabled decentralized app distribution, and made hardware more repairable with replaceable batteries and published design files.

An anonymous reader quotes a report from Ars Technica: Some members of the maker community are distraught about Arduino's new terms of service (ToS), saying that the added rules put the company's open source DNA at risk. Arduino updated its ToS and privacy policy this month, which is about a month after Qualcomm announced that it's acquiring the open source hardware and software company. Among the most controversial changes is this addition: "User shall not: translate, decompile or reverse-engineer the Platform, or engage in any other activity designed to identify the algorithms and logic of the Platform's operation, unless expressly allowed by Arduino or by applicable license agreements ..."

In response to concerns from some members of the maker community, including from open source hardware distributor and manufacturer Adafruit, Arduino posted a blog on Friday. Regarding the new reverse-engineering rule, Arduino's blog said: "Any hardware, software or services (e.g. Arduino IDE, hardware schematics, tooling and libraries) released with Open Source licenses remain available as before. Restrictions on reverse-engineering apply specifically to our Software-as-a-Service cloud applications. Anything that was open, stays open."

But Adafruit founder and engineer Limor Fried and Adafruit managing editor Phillip Torrone are not convinced. They told Ars Technica that Arduino's blog leaves many questions unanswered and said that they've sent these questions to Arduino without response. "Why is reverse-engineering prohibited at all for a company built on openly hackable systems?" Fried and Torrone asked in a shared statement. There are also concerns about the ToS' broad new AI-monitoring powers, which offer little clarity on what data is collected, who can access it, or how long it's retained. On top of that, the update introduces an unusual patent clause that bars users from using the platform to identify potential infringement by Arduino or its partners, along with sweeping, perpetual rights over user-generated content. This could allow Arduino, and potentially Qualcomm, to republish, modify, monetize, or redistribute user uploads indefinitely.

Apple's next major iPhone software update will prioritize stability and performance over flashy new features, according to Bloomberg's Mark Gurman, who reports that iOS 27 is being developed as a "Snow Leopard-style" release [non-paywalled source] focused on fixing bugs, removing bloat and improving underlying code after this year's sweeping Liquid Glass design overhaul in iOS 26.

Engineering teams are currently combing through Apple's operating systems to eliminate unnecessary code and address quality issues that users have reported since iOS 26's September release. Those complaints include device overheating, unexplained battery drain, user interface glitches, keyboard failures, cellular connectivity problems, app crashes, and sluggish animations.

iOS 27 won't be feature-free. Apple plans several AI additions: a health-focused AI agent tied to a Health+ subscription, expanded AI-powered web search meant to compete with ChatGPT and Perplexity, and deeper AI integration across apps. The company has also been internally testing a chatbot app called Veritas as a proving ground for its re-architected Siri, though a standalone chatbot product isn't currently planned.

An anonymous reader shared this report from the Guardian: James and Owen were among 41 students who took a coding module at the University of Staffordshire last year, hoping to change careers through a government-funded apprenticeship programme designed to help them become cybersecurity experts or software engineers. But after a term of AI-generated slides being read, at times, by an AI voiceover, James said he had lost faith in the programme and the people running it, worrying he had "used up two years" of his life on a course that had been done "in the cheapest way possible".

"If we handed in stuff that was AI-generated, we would be kicked out of the uni, but we're being taught by an AI," said James during a confrontation with his lecturer recorded as a part of the course in October 2024. James and other students confronted university officials multiple times about the AI materials. But the university appears to still be using AI-generated materials to teach the course. This year, the university uploaded a policy statement to the course website appearing to justify the use of AI, laying out "a framework for academic professionals leveraging AI automation" in scholarly work and teaching...

For students, AI teaching appears to be less transformative than it is demoralising. In the US, students post negative online reviews about professors who use AI. In the UK, undergraduates have taken to Reddit to complain about their lecturers copying and pasting feedback from ChatGPT or using AI-generated images in courses.
"I feel like a bit of my life was stolen," James told the Guardian (which also quotes an unidentified student saying they felt "robbed of knowledge and enjoyment".) But the article also points out that a survey last year of 3,287 higher-education teaching staff by edtech firm Jisc found that nearly a quarter were using AI tools in their teaching.

In October cryptologist/CS professor Daniel J. Bernstein alleged that America's National Security Agency (and its UK counterpart GCHQ) were attempting to influence NIST to adopt weaker post-quantum cryptography standards without a "hybrid" approach that would've also included pre-quantum ECC.

Bernstein is of the opinion that "Given how many post-quantum proposals have been broken and the continuing flood of side-channel attacks, any competent engineering evaluation will conclude that the best way to deploy post-quantum [PQ] encryption for TLS, and for the Internet more broadly, is as double encryption: post-quantum cryptography on top of ECC." But he says he's seen it playing out differently: By 2013, NSA had a quarter-billion-dollar-a-year budget to "covertly influence and/or overtly leverage" systems to "make the systems in question exploitable"; in particular, to "influence policies, standards and specification for commercial public key technologies". NSA is quietly using stronger cryptography for the data it cares about, but meanwhile is spending money to promote a market for weakened cryptography, the same way that it successfully created decades of security failures by building up the market for, e.g., 40-bit RC4 and 512-bit RSA and Dual EC. I looked concretely at what was happening in IETF's TLS working group, compared to the consensus requirements for standards-development organizations. I reviewed how a call for "adoption" of an NSA-driven specification produced a variety of objections that weren't handled properly. ("Adoption" is a preliminary step before IETF standardization....) On 5 November 2025, the chairs issued "last call" for objections to publication of the document. The deadline for input is "2025-11-26", this coming Wednesday.
Bernstein also shares concerns about how the Internet Engineering Task Force is handling the discussion, and argues that the document is even "out of scope" for the IETF TLS working group This document doesn't serve any of the official goals in the TLS working group charter. Most importantly, this document is directly contrary to the "improve security" goal, so it would violate the charter even if it contributed to another goal... Half of the PQ proposals submitted to NIST in 2017 have been broken already... often with attacks having sufficiently low cost to demonstrate on readily available computer equipment. Further PQ software has been broken by implementation issues such as side-channel attacks.
He's also concerned about how that discussion is being handled: On 17 October 2025, they posted a "Notice of Moderation for Postings by D. J. Bernstein" saying that they would "moderate the postings of D. J. Bernstein for 30 days due to disruptive behavior effective immediately" and specifically that my postings "will be held for moderation and after confirmation by the TLS Chairs of being on topic and not disruptive, will be released to the list"...

I didn't send anything to the IETF TLS mailing list for 30 days after that. Yesterday [November 22nd] I finished writing up my new objection and sent that in. And, gee, after more than 24 hours it still hasn't appeared... Presumably the chairs "forgot" to flip the censorship button off after 30 days.
Thanks to alanw (Slashdot reader #1,822) for spotting the blog posts.

"The internet did transform work — but not the way 1998 thought..." argues the Wall Street Journal. "The internet slipped inside almost every job and rewired how work got done."

So while the number of single-task jobs like travel agent dropped, most jobs "are bundles of judgment, coordination and hands-on work," and instead the internet brought "the quiet transformation of nearly every job in the economy... Today, just 10% of workers make minimal use of the internet on the job — roles like butcher and carpet installer." [T]he bigger story has been additive. In 1998, few could conceive of social media — let alone 65,000 social-media managers — and 200,000 information-security analysts would have sounded absurd when data still lived on floppy disks... Marketing shifted from campaign bursts to always-on funnels and A/B testing. Clinics embedded e-prescribing and patient portals, reshaping front-office and clinical handoffs. The steps, owners and metrics shifted. Only then did the backbone scale: We went from server closets wedged next to the mop sink to data centers and cloud regions, from lone system administrators to fulfillment networks, cybersecurity and compliance.

That is where many unexpected jobs appeared. Networked machines and web-enabled software quietly transformed back offices as much as our on-screen lives. Similarly, as e-commerce took off, internet-enabled logistics rewired planning roles — logisticians, transportation and distribution managers — and unlocked a surge in last-mile work. The build-out didn't just hire coders; it hired coordinators, pickers, packers and drivers. It spawned hundreds of thousands of warehouse and delivery jobs — the largest pockets of internet-driven job growth, and yet few had them on their 1998 bingo card... Today, the share of workers in professional and managerial occupations has more than doubled since the dawn of the digital era.

So what does that tell us about AI? Our mental model often defaults to an industrial image — John Henry versus the steam drill — where jobs are one dominant task, and automation maps one-to-one: Automate the task, eliminate the job. The internet revealed a different reality: Modern roles are bundles. Technologies typically hit routine tasks first, then workflows, and only later reshape jobs, with second-order hiring around the backbone. That complexity is what made disruption slower and more subtle than anyone predicted. AI fits that pattern more than it breaks it... [LLMs] can draft briefs, summarize medical notes and answer queries. Those are tasks — important ones — but still parts of larger roles. They don't manage risk, hold accountability, reassure anxious clients or integrate messy context across teams. Expect a rebalanced division of labor: The technical layer gets faster and cheaper; the human layer shifts toward supervision, coordination, complex judgment, relationship work and exception handling.

What to expect from AI, then, is messy, uneven reshuffling in stages. Some roles will contract sharply — and those contractions will affect real people. But many occupations will be rewired in quieter ways. Productivity gains will unlock new demand and create work that didn't exist, alongside a build-out around data, safety, compliance and infrastructure.

AI is unprecedented; so was the internet. The real risk is timing: overestimating job losses, underestimating the long, quiet rewiring already under way, and overlooking the jobs created in the backbone. That was the internet's lesson. It's likely to be AI's as well.

A promotional video for Amazon's Kiro software development system took a unique approach, writes GeekWire. "Instead of product diagrams or keynote slides, a crew from Seattle's Packrat creative studio used action figures on a miniature set to create a stop-motion sequence..."

"Can the software development hero conquer the 'AI Slop Monster' to uncover the gleaming, fully functional robot buried beneath the coding chaos?" Kiro (pronounced KEE-ro) is Amazon's effort to rethink how developers use AI. It's an integrated development environment that attempts to tame the wild world of vibe coding... But rather than simply generating code from prompts [in "vibe mode"], Kiro breaks down requests into formal specifications, design documents, and task lists [in "spec mode"]. This spec-driven development approach aims to solve a fundamental problem with vibe coding: AI can quickly generate prototypes, but without structure or documentation, that code becomes unmaintainable...

The market for AI-powered development tools is booming. Gartner expects AI code assistants to become ubiquitous, forecasting that 90% of enterprise software engineers will use them by 2028, up from less than 14% in early 2024... Amazon launched Kiro in preview in July, to a strong response. Positive early reviews were tempered by frustration from users unable to gain access. Capacity constraints have since been resolved, and Amazon says more than 250,000 developers used Kiro in the first three months...

Now, the company is taking Kiro out of preview into general availability, rolling out new features and opening the tool more broadly to development teams and companies... During the preview period, Kiro handled more than 300 million requests and processed trillions of tokens as developers explored its capabilities, according to stats provided by the company. Rackspace used Kiro to complete what they estimated as 52 weeks of software modernization in three weeks, according to Amazon executives. SmugMug and Flickr are among other companies espousing the virtues of Kiro's spec-driven development approach. Early users are posting in glowing terms about the efficiencies they're seeing from adopting the tool... startups in most countries can apply for up to 100 free Pro+ seats for a year's worth of Kiro credits.
Kiro offers property-based testing "to verify that generated code actually does what developers specified," according to the article — plus a checkpointing system that "lets developers roll back changes or retrace an agent's steps when an idea goes sideways..."

"And yes, they've been using Kiro to build Kiro, which has allowed them to move much faster."

"PHP 8.5 landed on Thursday with a long-awaited pipe operator and a new standards-compliant URI parser," reports the Register, "marking one of the scripting language's more substantial updates... " The pipe operator allows function calls to be chained together, which avoids the extraneous variables and nested statements that might otherwise be involved. Pipes tend to make code more readable than other ways to implement serial operations. Anyone familiar with the Unix/Linux command line or programming languages like R, F#, Clojure, or Elixir may have used the pipe operator. In JavaScript, aka ECMAScript, a pipe operator has been proposed, though there are alternatives like method chaining.

Another significant addition is the URI extension, which allows developers to parse and modify URIs and URLs based on both the RFC 3986 and the WHATWG URL standards. Parsing with URIs and URLs â" reading them and breaking them down into their different parts â" is a rather common task for web-oriented applications. Yet prior versions of PHP didn't include a standards-compliant parser in the standard library. As noted by software developer Tim Düsterhus, the parse_url() function that dates back to PHP 4 doesn't follow any standard and comes with a warning that it should not be used with untrusted or malformed URLs.

Other noteworthy additions to the language include: Clone With, for updating properties more efficiently; the #[\NoDiscard] attribute, for warning when a return value goes unused; the ability to use static closures and first-class callables in constant expressions; and persistent cURL handles that can be shared across multiple PHP requests.

Google has begun testing sponsored ads inside its Gemini-powered AI Mode, placing labeled "sponsored" links at the bottom of AI-generated responses. Engadget reports: [A] Google spokesperson says the result shown is akin to similar tests it's been running this year. "People seeing ads in AI Mode in the wild is simply part of Google's ongoing tests, which we've been running for several months," the spokesperson said. The push to start offering ads in AI Mode was announced in May. The company also told 9to5Google that there are no current plans to fully update AI Mode to incorporate ads. For now, the software seems to be prioritizing organic links over sponsored links, but we all know how insidious ads can be once the floodgates open...

The SEC has officially dismissed its high-profile case against SolarWinds and its CISO that was tied to a Russia-linked cyberattack involving the software company. Reuters reports: The landmark case, which SEC brought in late 2023, rattled the cybersecurity community and later faced scrutiny from a judge who dismissed many of the charges. The SEC had said SolarWinds and its chief information security officer had violated U.S. securities laws by concealing vulnerabilities in connection with the high-profile 2020 Sunburst cyber attack. The SEC, SolarWinds and CISO Timothy Brown filed a motion on Thursday to dismiss the case with prejudice, according to a joint stipulation posted on the agency's website. A SolarWinds spokesperson said the firm is "clearly delighted" with the dismissal.

"We hope this resolution eases the concerns many CISOs have voiced about this case and the potential chilling effect it threatened to impose on their work," the spokesperson said.

An anonymous reader quotes a report from Ars Technica: Some Dell and HP laptop owners have been befuddled by their machines' inability to play HEVC/H.265 content in web browsers, despite their machines' processors having integrated decoding support. Laptops with sixth-generation Intel Core and later processors have built-in hardware support for HEVC decoding and encoding. AMD has made laptop chips supporting the codec since 2015. However, both Dell and HP have disabled this feature on some of their popular business notebooks.

HP discloses this in the data sheets for its affected laptops, which include the HP ProBook 460 G11 [PDF], ProBook 465 G11 [PDF], and EliteBook 665 G11 [PDF]. "Hardware acceleration for CODEC H.265/HEVC (High Efficiency Video Coding) is disabled on this platform," the note reads. Despite this notice, it can still be jarring to see a modern laptop's web browser eternally load videos that play easily in media players. HP and Dell didn't explain why the companies disabled HEVC hardware decoding on their laptops' processors.

A statement from an HP spokesperson said: "In 2024, HP disabled the HEVC (H.265) codec hardware on select devices, including the 600 Series G11, 400 Series G11, and 200 Series G9 products. Customers requiring the ability to encode or decode HEVC content on one of the impacted models can utilize licensed third-party software solutions that include HEVC support. Check with your preferred video player for HEVC software support."

Dell's media relations team shared a similar statement: "HEVC video playback is available on Dell's premium systems and in select standard models equipped with hardware or software, such as integrated 4K displays, discrete graphics cards, Dolby Vision, or Cyberlink BluRay software. On other standard and base systems, HEVC playback is not included, but users can access HEVC content by purchasing an affordable third-party app from the Microsoft Store. For the best experience with high-resolution content, customers are encouraged to select systems designed for 4K or high-performance needs."

IBM and Cisco plan to link quantum computers over long distances by the early 2030s, "with the goal of demonstrating the concept is workable by the end of 2030," reports Reuters. "The move could pave the way for a quantum internet, though executives at the two companies cautioned that the networks would require technologies that do not currently exist and will have to be developed with the help of universities and federal laboratories." From the report: The challenge begins with a problem: Quantum computers like IBM's sit in massive cryogenic tanks that get so cold that atoms barely move. To get information out of them, IBM has to figure out how to transform information in stationary "qubits" -- the fundamental unit of information in a quantum computer -- into what Jay Gambetta, director of IBM Research and an IBM fellow, told Reuters are "flying" qubits that travel as microwaves.

But those flying microwave qubits will have to be turned into optical signals that can travel between Cisco switches on fiber-optic cables. The technology for that transformation -- called a microwave-optical transducer -- will have to be developed with the help of groups like the Superconducting Quantum Materials and Systems Center, led by the Fermi National Accelerator Laboratory near Chicago, among others. Along the way, Cisco and IBM will also publish open-source software to weave all the parts together.

Microsoft's push to transform Windows into an "agentic OS" that allows AI agents to control PCs is drawing user backlash similar to the Windows 8 controversy, as the company marks the operating system's 40th anniversary this week, writes Tom Warren, a reporter at The Verge who has been covering Microsoft for nearly two decades. Windows chief Pavan Davuluri announced the agentic OS plans in a post on X last week and faced immediate criticism in hundreds of replies before they were locked days later.

"It's evolving into a product that's driving people to Mac and Linux," one person wrote, while another asked for a return to Windows 7's "clean UI, clean icon, a unified control panel, no bloat apps, no ads, just a pure performant OS." Davuluri later responded to software engineer Gergely Orosz, saying "we care deeply about developers" and acknowledging Microsoft has "work to do on the experience, both on the everyday usability, from inconsistent dialogs to power user experiences."

Microsoft CEO Satya Nadella told the Dwarkesh Podcast that the company's business "which today is an end user tools business, will become, essentially an infrastructure business in support of agents doing work." The Recall feature already spooked users when it was initially turned on by default before Microsoft reworked it to be opt-in. Navjot Virk, corporate vice president of Windows experiences, told The Verge that "every user can use [AI agents] when they're ready. It's their choice, they decide."

Adobe is buying Semrush for $1.9 billion in a move to supercharge its AI-driven marketing stack. Reuters reports: Semrush designs and develops AI software that helps companies with search engine optimization, social media and digital advertising. The acquisition, expected to close in the first half of next year, would allow Adobe to help marketers better understand how their brands are viewed by online consumers through searches on websites and generative AI bots such as ChatGPT and Gemini. "The price is steep as Semrush isn't a massive revenue engine on its own, so Adobe is likely paying for strategic value. The payoff could be high too if Adobe can quickly turn Semrush's data into monetizable AI products," said Emarketer analyst Grace Harmon.

"While we are positive on Adobe restarting its M&A engine given the success that it has seen with this motion over the years... this deal likely does little to answer the questions revolving around the company's creative cloud business," added William Blair analysts.

Cloudflare suffered its worst network outage in six years on Tuesday, beginning at 11:20 UTC. The disruption prevented the content delivery network from routing traffic for roughly three hours. The failure, writes Cloudflare in a blog post, originated from a database permissions change deployed at 11:05 UTC. The modification altered how a database query returned information about bot detection features. The query began returning duplicate entries. A configuration file used to identify automated traffic doubled in size and spread across the network's machines. Cloudflare's traffic routing software reads this file to distinguish bots from legitimate users. The software had a built-in limit of 200 bot detection features. The enlarged file contained more than 200 entries. The software crashed when it encountered the unexpected file size.

Users attempting to access websites behind Cloudflare's network received error messages. The outage affected multiple services. Turnstile security checks failed to load. The Workers KV storage service returned elevated error rates. Users could not log into Cloudflare's dashboard. Access authentication failed for most customers.

Engineers initially suspected a coordinated attack. The configuration file was automatically regenerated every five minutes. Database servers produced either correct or corrupted files during a gradual system update. Services repeatedly recovered and failed as different versions of the file circulated. Teams stopped generating new files at 14:24 UTC and manually restored a working version. Most traffic resumed by 14:30 UTC. All systems returned to normal at 17:06 UTC.

Blender 5.0 has been released with major upgrades including HDR and wide-gamut color support on Linux via Wayland/Vulkan, significant theme and UI improvements, new color-space tools, revamped curve and geometry features, and expanded hardware requirements. 9to5Linux reports: Blender 5.0 also introduces a working color space for Blend files, a new AgX HDR view, a new Convert to Display compositor node, new Rec.2100-PQ and Rec.2100-HLG displays that can be used for color grading for HDR video export, and new ACES 1.3 and 2.0 views as an alternative to AgX and Filmic.

A new "Jump Time by Delta" operator for jumping forward/backward in time by a user-specified delta has been introduced as well, along with a revamped Curve drawing, which better supports the new Curves object type and all of their features, and a new Geometry Attribute constraint.

Also new is a "Cylinder" option for curve display type that allows rendering thicker curves without the flat ribbon appearance, support for the Zstd (Zstandard) fast lossless compression algorithm for point caches, as well as a new "Curve Data" panel in edit mode that allows tweaking built-in curve attribute values. A full list of changes can be found here. You can download from the official website.