Cybercriminals have breached dozens of major companies including AT&T, Ticketmaster and Hot Topic by exploiting "infostealer" malware that harvests login credentials from infected computers, an investigation has found. The malware, spread through pirated software and social media, has infected 250,000 new devices daily, according to cybersecurity firm Recorded Future. Russian developers create the malware while contractors distribute it globally, deliberately avoiding former Soviet states. Hot Topic suffered potentially the largest retail hack ever in October when attackers accessed 350 million customer records using stolen developer credentials. Google and Microsoft are racing to patch vulnerabilities, but malware makers quickly adapt to new security measures.

Long-time Slashdot reader samj — also a long-time Debian developer — tells us there's some opposition to the newly-released Open Source AI definition. He calls it a "fork" that undermines the original Open Source definition (which was originally derived from Debian's Free Software Guidelines, written primarily by Bruce Perens), and points us to a new domain with a petition declaring that instead Open Source shall be defined "solely by the Open Source Definition version 1.9. Any amendments or new definitions shall only be recognized with clear community consensus via an open and transparent process."

This move follows some discussion on the Debian mailing list: Allowing "Open Source AI" to hide their training data is nothing but setting up a "data barrier" protecting the monopoly, disabling anybody other than the first party to reproduce or replicate an AI. Once passed, OSI is making a historical mistake towards the FOSS ecosystem.
They're not the only ones worried about data. This week TechCrunch noted an August study which "found that many 'open source' models are basically open source in name only. The data required to train the models is kept secret, the compute power needed to run them is beyond the reach of many developers, and the techniques to fine-tune them are intimidatingly complex. Instead of democratizing AI, these 'open source' projects tend to entrench and expand centralized power, the study's authors concluded."

samj shares the concern about training data, arguing that training data is the source code and that this new definition has real-world consequences. (On a personal note, he says it "poses an existential threat to our pAI-OS project at the non-profit Kwaai Open Source Lab I volunteer at, so we've been very active in pushing back past few weeks.")

And he also came up with a detailed response by asking ChatGPT. What would be the implications of a Debian disavowing the OSI's Open Source AI definition? ChatGPT composed a 7-point, 14-paragraph response, concluding that this level of opposition would "create challenges for AI developers regarding licensing. It might also lead to a fragmentation of the open-source community into factions with differing views on how AI should be governed under open-source rules." But "Ultimately, it could spur the creation of alternative definitions or movements aimed at maintaining stricter adherence to the traditional tenets of software freedom in the AI age."

However the official FAQ for the new Open Source AI definition argues that training data "does not equate to a software source code." Training data is important to study modern machine learning systems. But it is not what AI researchers and practitioners necessarily use as part of the preferred form for making modifications to a trained model.... [F]orks could include removing non-public or non-open data from the training dataset, in order to train a new Open Source AI system on fully public or open data...

[W]e want Open Source AI to exist also in fields where data cannot be legally shared, for example medical AI. Laws that permit training on data often limit the resharing of that same data to protect copyright or other interests. Privacy rules also give a person the rightful ability to control their most sensitive information — like decisions about their health. Similarly, much of the world's Indigenous knowledge is protected through mechanisms that are not compatible with later-developed frameworks for rights exclusivity and sharing.
Read on for the rest of their response...

This week's Ubuntu Summit 2024 was attended by Lproven (Slashdot reader #6,030). He's also a FOSS correspondent for the Register, where he's filed this report: One of the first full-length sessions was presented by David Morin, executive director of the Academy Software Foundation, introducing his organization in a talk about Open Source Software for Motion Pictures. Morin linked to the Visual Effects Society's VFX/Animation Studio Workstation Linux Report, highlighting the market share pie-chart, showing Rocky Linux 9 with at some 58 percent and the RHELatives in general at 90 percent of the market. Ubuntu 22 and 24 — the report's nomenclature, not this vulture's — got just 10.5 percent. We certainly didn't expect to see that at an Ubuntu event, with the latest two versions of Rocky Linux taking 80 percent of the studio workstation market...

What also struck us over the next three quarters of an hour is that Linux and open source in general seem to be huge components of the movie special effects industry — to an extent that we had not previously realized.
There's a "sizzle reel" showing examples of how major motion pictures used OpenColorIO, an open-source production tool for syncing color representations originally developed by Sony Pictures Imageworks. That tool is hosted by a collaboration between the Linux Foundation with the Science and Technology Council of the Academy of Motion Picture Arts and Sciences (the "Academy" of the Academy Awards). The collaboration — which goes by the name of the Academy Software Foundation — hosts 14 different projects The ASWF hasn't been around all that long — it was only founded in 2018. Despite the impact of the COVID pandemic, by 2022 it had achieved enough to fill a 45-page history called Open Source in Entertainment [PDF]. Morin told the crowd that it runs events, provides project marketing and infrastructure, as well as funding, training and education, and legal assistance. It tries to facilitate industry standards and does open source evangelism in the industry. An impressive list of members — with 17 Premier companies, 16 General ones, and another half a dozen Associate members — shows where some of the money comes from. It's a big list of big names. [Adobe, AMD, AWS, Autodesk...]
The presentation started with OpenVBD, a C++ library developed and donated by Dreamworks for working with three-dimensional voxel-based shapes. (In 2020 they created this sizzle reel, but this year they've unveiled a theme song.) Also featured was OpenEXR, originally developed at Industrial Light and Magic and sourced in 1999. (The article calls it "a specification and reference implementation of the EXR file format — a losslessly compressed image storage format for moving images at the highest possible dynamic range.")

"For an organization that is not one of the better-known ones in the FOSS space, we came away with the impression that the ASWF is busy," the article concludes. (Besides running Open Source Days and ASWF Dev Days, it also hosts several working groups like the Language Interop Project works on Rust bindings and the Continuous Integration Working Group on CI tools, There's generally very little of the old razzle-dazzle in the Linux world, but with the demise of SGI as the primary maker of graphics workstations — its brand now absorbed by Hewlett Packard Enterprise — the visual effects industry moved to Linux and it's doing amazing things with it. And Kubernetes wasn't even mentioned once.

The feds have indicted Aleksei Andriunin, a 26-year-old Russian national and founder of Gotbit, on charges of wire fraud and conspiracy to commit market manipulation. Crypto News reports: According to the U.S. Attorney's Office, the indictment alleges that Andriunin and his firm participated in a long-running scheme to artificially boost trading volumes for various cryptocurrency companies, including some based in the United States, to make them appear more popular and increase their trading value. Andriunin allegedly led these activities between 2018 and 2024 as Gotbit's CEO. He could face up to 20 years in prison, additional fines, and asset forfeiture if convicted, according to the U.S. Attorney's Office. Prosecutors say the scheme involved "wash trading," where the firm used its software to make fake trades that inflated a cryptocurrency's trading volume. This practice, called market manipulation, can mislead investors by giving the impression that demand for a particular cryptocurrency is higher than it actually is. Wash trades are illegal in traditional finance and are considered fraudulent because they deceive investors and manipulate market behavior.

Court documents also identify Gotbit's two directors, Fedor Kedrov and Qawi Jalili, as co-conspirators. The indictment claims Gotbit documented these activities in detailed records, tracking differences between genuine and artificial trading volumes. The firm allegedly pitched these services to prospective clients, explaining how Gotbit's tactics would bypass detection on public blockchains, where transactions are recorded transparently. The U.S. Department of Justice has announced that it seized over $25 million worth of cryptocurrency assets connected to these schemes and made four arrests across multiple firms. If you've been following the crypto industry, you're probably familiar with "pump-and-dump" schemes that have popped up throughout the years. Although it's a form of market manipulation, it's not quite the same as "wash trading."

In a pump-and-dump scheme, the perpetrator artificially inflates the price of a security (often a low-priced or thinly traded stock) by spreading misleading or exaggerated information to attract other buyers, who then drive up the price. Once the price has risen due to increased demand, the manipulators "dump" their shares at the inflated price, selling to the new buyers and pocketing the profits. The price typically crashes after the dump, leaving unsuspecting investors with overvalued shares and significant losses.

Wash trading, on the other hand, involves simultaneously buying and selling of the same asset to create the illusion of higher trading volume and activity. The purpose is to mislead other investors about the asset's liquidity and demand, often giving the impression that it is more popular or actively traded than it actually is. Wash trades usually occur without real changes in ownership or price movement, as the buyer and seller may even be the same person or entity. This tactic can manipulate prices indirectly by creating a perception of interest, but it does not involve a direct inflation followed by a sell-off, like a pump-and-dump scheme.

An anonymous reader quotes a report from TechCrunch: The trend of big touchscreens in cars has left many yearning for the not-so-distant days when most user interactions happened with physical buttons. But Rivian's chief software officer Wassym Bensaid believes using buttons in a car is an "anomaly." "It's a bug. It's not a feature," Bensaid said Wednesday at TechCrunch Disrupt 2024. "Ideally, you would want to interact with your car through voice. The problem today is that most voice assistants are just broken." To that end, Bensaid said that "every week" he's driving around an engineering vehicle that has an AI-powered voice assistant, though he did not specify which one. He mentioned earlier in his interview with TechCrunch's transportation editor Kirsten Korosec that Rivian has "partnerships that I cannot yet talk about."

"I think the car is actually a fantastic environment for AI," he said, while noting that latency and hallucinations are still very big problems that need to be solved. "The final north star I have is having voice [controls] become the primary means of interaction with the vehicle. The reality is that the vehicle is so feature-rich, that even if we do a fantastic job in the UI, there will always be prioritization that we need to do in terms of having things one or two menus behind," Bensaid told TechCrunch after he got off stage. Bensaid also said he's a big believer in the ability of AI-powered voice controls to handle complex requests. For instance, he said if a driver says "I'm hungry" the in-car assistant should be able to quickly direct them to a nearby restaurant that they might prefer. Bensaid said the company is committed to creating a unique, integrated user experienced tailored for Rivian owners -- one that won't include CarPlay.

CarPlay "takes over all the pixels in the screen, and it's a replacement of the entire experience, and we truly believe that with the technology capabilities that we have, we can offer a much more refined, integrated experience," he said.

Three months ago, Wall Street punished the world's largest technology firms for spending enormous amounts to develop artificial intelligence, only to deliver results that failed to justify the costs. Silicon Valley's response this quarter? Plans to invest even more. Bloomberg: The capital expenditures of the four largest internet and software companies -- Amazon, Microsoft, Meta and Alphabet -- are set to total well over $200 billion this year, a record sum for the profligate collective.

Executives from each company warned investors this week that their splurge will continue next year, or even ramp up. The spree underscores the extreme costs and resources consumed from the worldwide boom in AI ignited by the arrival of ChatGPT. Tech giants are racing to secure the scarce high-end chips and build the sprawling data centers the technology demands. To do so, the companies have cut deals with energy providers to power these facilities, even reviving a notorious nuclear plant.

British cybersecurity firm Sophos revealed this week that it waged a five-year battle against Chinese hackers who repeatedly targeted its firewall products to breach organizations worldwide, including nuclear facilities, military sites and critical infrastructure. The company told Wired that it traced the attacks to researchers in Chengdu, China, linked to Sichuan Silence Information Technology and the University of Electronic Science and Technology.

Sophos planted surveillance code on its own devices used by the hackers, allowing it to monitor their development of sophisticated intrusion tools, including previously unseen "bootkit" malware designed to hide in the firewalls' boot code. The hackers' campaigns evolved from mass exploitation in 2020 to precise attacks on government agencies and infrastructure across Asia, Europe and the United States. Wired story adds: Sophos' report also warns, however, that in the most recent phase of its long-running conflict with the Chinese hackers, they appear more than ever before to have shifted from finding new vulnerabilities in firewalls to exploiting outdated, years-old installations of its products that are no longer receiving updates. That means, company CEO Joe Levy writes in an accompanying document, that device owners need to get rid of unsupported "end-of-life" devices, and security vendors need to be clear with customers about the end-of-life dates of those machines to avoid letting them become unpatched points of entry onto their network. Sophos says it's seen more than a thousand end-of-life devices targeted in just the past 18 months.

"The only problem now isn't the zero-day vulnerability," says Levy, using the term "zero-day" to mean a newly discovered hackable flaw in software that has no patch. "The problem is the 365-day vulnerability, or the 1,500-day vulnerability, where you've got devices that are on the internet that have lapsed into a state of neglect."

Google is rolling out a dedicated weather app on Pixel phones (model 6 and newer with Android 15) that integrates AI-generated summaries and customizable widgets. Ars Technica reports: There's a prominent "AI generated weather report" on top of the weather stack, which is a combination of summary and familiarity. "Cold and rainy day, bring your umbrella and hold onto your hat!" is Google's example; I can't provide another one, because an update to "Gemini Nano" is pending. You can see weather radar for your location, along with forecasted precipitation movement. The app offers "Nowcasting" precipitation guesses, like "Rain continuing for 2 hours" or "Light rain in 10 minutes."

The best feature, one seen on the version of Weather that shipped to the Pixel Tablet and Fold, is that you can rearrange the order of data shown on your weather screen. I moved the UV index, humidity, sunrise/sunset, and wind conditions as high as they could go on my setup. It's a trade-off, because the Weather app's data widgets are so big as to require scrolling to get the full picture of a day, and you can't move the AI summary or 10-day forecast off the top. But if you only need a few numbers and like a verbal summary, it's handy. Sadly, if you're an allergy sufferer and you're not in the UK, Germany, France, or Italy, Google can't offer you any pollen data or forecasts. There is also, I am sad to say, no frog. You can download the app here.

Google is advancing the release timeline for Android 16, shifting it to the second quarter of 2025 to better align with new device launches and accelerate access to its latest AI and machine learning resources. It should also "enable app creators and phone companies to prepare their products for the new software more quickly," reports CNET. From the report: [I]n a big-picture sense, the change could help facilitate a new wave of apps with more AI integration, considering developers will get access to Google's latest machine learning and AI resources even sooner. "We're in a once-in-a-generation moment to completely reimagine what our smartphones can do and how we interact with them," Google's Seang Chau, who took on the role of vice president and general manager of the Android Platform earlier this year, said in an interview with CNET. "It's a really exciting time for smartphones, and we've been putting a lot of thought into what we want to do next with them."

In addition to moving up the major release, Google will roll out a minor update in the fourth quarter of 2025 with feature updates, optimizations and bug fixes. It's a notable switch from Google's usual release timeline, but it's just one of several changes the company has made to the way it distributes Android updates in an effort to add features more frequently. [...] "Things are moving quite fast in the AI world right now," Chau said. "So we want to make sure that we get those developer [application programming interfaces], especially around machine learning and AI, available to our developers so they can build these capabilities faster and get them out to our users faster."

Microsoft is once again delaying the roll out of its controversial Recall feature for Copilot Plus PCs. From a report: The software giant had planned to start testing Recall, which creates screenshots of mostly everything you see or do on a Copilot Plus PC, with Windows Insiders in October. Now, Microsoft says it needs more time to get the feature ready.

"We are committed to delivering a secure and trusted experience with Recall. To ensure we deliver on these important updates, we're taking additional time to refine the experience before previewing it with Windows Insiders," says Brandon LeBlanc, senior product manager of Windows, in a statement to The Verge. "Originally planned for October, Recall will now be available for preview with Windows Insiders on Copilot Plus PCs by December."

After closing a $69 billion deal to buy virtualization technology company VMware a year ago, Broadcom wasted no time ushering in big changes to the ways customers and partners buy and sell VMware offerings -- and many of those clients aren't happy. ArsTechnica: To get a deeper look at the impact that rising costs and overhauls like the end of VMware perpetual license sales have had on VMware users, Ars spoke with several companies in the process of quitting the software due to Broadcom's changes. Here's what's pushing them over the edge.

For some, VMware prices more than tripled under Broadcom Broadcom closed its VMware acquisition in November 2023, and by December 2023, the company announced that it would stop selling perpetual VMware licenses. VMware products were previously sold under 8,000 SKUs, but they have now been combined into a few bundle packages. Additionally, higher CPU core requirements per CPU subscription have made VMware more expensive for some reseller partners.

"As on-premises virtualization projects move from [enterprise license agreements] and perpetual licenses to new bundling, socket-to-core ratios, and consumption models, the costs and pricing can increase two or three times," Gartner's 2024 Hype Cycle for Data Center Infrastructure Technologies report that released in June reads. Numerous VMware customers I spoke with said their VMware costs rose 300 percent after Broadcom's takeover. Some companies have cited even higher price hikes -- including AT&T, which claimed that Broadcom proposed a 1,050 percent price hike. AT&T is suing Broadcom over perpetual license support and says it has looked into VMware alternatives.

An anonymous reader quotes a report from Reuters: Siemens will buy Altair Engineering for $10.6 billion, the American engineering software firm said on Wednesday, as the German company seeks to strengthen its presence in the fast-growing industrial software market. The offer price of $113 per share represents a premium of about 18.7% to Altair's closing price on Oct. 21, a day before Reuters first reported that the company was exploring a sale. The deal for Michigan-based Altair is Siemens's biggest acquisition since Siemens Healthineers bought medical device maker Varian Medical Systems for $16.4 million in 2020. [...]

The transaction is anticipated to add to Siemens' earnings per share in about two years from the deal's closing, which is expected in the second half of 2025. It will also increase Siemens' digital business revenue by about 8%, adding approximately 600 million euros ($651.36 million) to the company's digital business revenue in fiscal 2023. The transaction would have a revenue impact of about $500 million per year in the mid-term and more than $1 billion per year in the long term, Siemens said.

An anonymous reader quotes a report from Gaming On Linux: Valve announced a change for Steam today that will make things a lot clearer for everyone, as developers will now need to clearly list the kernel-level anti-cheat used on Steam store pages. In the Steamworks Developer post Valve said: "We've heard from more and more developers recently that they're looking for the right way to share anti-cheat information about their game with players. At the same time, players have been requesting more transparency around the anti-cheat services used in games, as well as the existence of any additional software that will be installed within the game."

Developers with games already on Steam will also need to do this, as it's not just for new games coming up for release, and it is also part of the release process now too. So Valve will be doing checks on games to ensure the notices are there and correct. However, it's only being forced for kernel-level anti-cheat. If it's only client-side or server-side, it's optional, but Valve say "we generally think that any game that makes use of anti-cheat technology would benefit from letting players know".

An anonymous reader quotes a report from The Intercept: Less than a year after OpenAI quietly signaled it wanted to do business with the Pentagon, a procurement document obtained by The Intercept shows U.S. Africa Command, or AFRICOM, believes access to OpenAI's technology is "essential" for its mission. The September 30 document lays out AFRICOM's rationale for buying cloud computing services directly from Microsoft as part of its $9 billion Joint Warfighting Cloud Capability contract, rather than seeking another provider on the open market. "The USAFRICOM operates in a dynamic and evolving environment where IT plays a critical role in achieving mission objectives," the document reads, including "its vital mission in support of our African Mission Partners [and] USAFRICOM joint exercises."

The document, labeled Controlled Unclassified Information, is marked as FEDCON, indicating it is not meant to be distributed beyond government or contractors. It shows AFRICOM's request was approved by the Defense Information Systems Agency. While the price of the purchase is redacted, the approval document notes its value is less than $15 million. Like the rest of the Department of Defense, AFRICOM -- which oversees the Pentagon's operations across Africa, including local military cooperation with U.S. allies there -- has an increasing appetite for cloud computing. The Defense Department already purchases cloud computing access from Microsoft via the Joint Warfighting Cloud Capability project. This new document reflects AFRICOM's desire to bypass contracting red tape and buy immediatelyMicrosoft Azure cloud services, including OpenAI software, without considering other vendors. AFRICOM states that the "ability to support advanced AI/ML workloads is crucial. This includes services for search, natural language processing, [machine learning], and unified analytics for data processing." And according to AFRICOM, Microsoft's Azure cloud platform, which includes a suite of tools provided by OpenAI, is the only cloud provider capable of meeting its needs.

Microsoft began selling OpenAI's GPT-4 large language model to defense customers in June 2023. Earlier this year, following the revelation that OpenAI had changed its mind on military work, the company announced a cybersecurity collaboration with DARPA in January and said its tools would be used for an unspecified veteran suicide prevention initiative. In April, Microsoft pitched the Pentagon on using DALL-E, OpenAI's image generation tool, for command and control software. But the AFRICOM document marks the first confirmed purchase of OpenAI's products by a U.S. combatant command whose mission is one of killing. OpenAI's stated corporate mission remains "to ensure that artificial general intelligence benefits all of humanity." The AFRICOM document marks the first confirmed purchase of OpenAI's products by a U.S. combatant command whose mission is one of killing. "Without access to Microsoft's integrated suite of AI tools and services, USAFRICOM would face significant challenges in analyzing and extracting actionable insights from vast amounts of data," reads the AFRICOM document. "This could lead to delays in decision-making, compromised situational awareness, and decreased agility in responding to dynamic and evolving threats across the African continent." The document contains little information about how exactly the OpenAI tools will be used.

An anonymous reader shares a report: A disgruntled former Disney employee allegedly repeatedly hacked into a third-party menu creation software used by Walt Disney World's restaurants and changed allergy information on menus to say that foods that had peanuts in them were safe for people with allergies, added profanity to menus, and at one point changed all fonts used on menus to Wingdings, according to a federal criminal complaint.

The suspect in the case, Michael Scheuer, broke into a proprietary menu creation and inventory system that was developed by a third-party company exclusively for Disney and is used to print menus for its restaurants, the complaint alleges. The complaint alleges he did this soon after being fired by Disney using passwords that he still had access to on several different systems. Once inside the systems, he allegedly altered menus and, in once case, broke the software for several weeks.

"The threat actor manipulated the allergen information on menus by adding information to some allergen notifications that indicated certain menu items were safe for individuals with peanut allergies, when in fact they could be deadly to those with peanut allergies," the criminal complaint states. According to the complaint, the menus were caught by Disney after they were printed but before they were distributed to Disney restaurants. Disney's menus have extensive "allergy friendly" sections.

An anonymous reader shares a report: YouTube is reportedly testing a new website layout that removes the date when a video was uploaded and the amount of views it has. [...] On Monday, October 28, VidIQ reported in a post on X that YouTube is testing a new homepage layout that removes view counts and dates.

Linux creator Linus Torvalds has blasted the AI industry as "90% marketing and 10% reality" even as he acknowledged AI's transformative potential. Speaking to TFiR, Torvalds said he would "basically ignore" AI until the hype subsides, predicting meaningful applications would emerge in five years.

The Finnish software pioneer singled out ChatGPT and graphic design as current practical use cases. His criticism follows Baidu CEO's recent warning of an impending AI bubble burst, claiming only 1% of companies would survive the fallout. "I think AI is really interesting, and I think it is going to change the world. And, at the same time, I hate the hype cycle so much that I really don't want to go there," Torvalds said.

Longtime Slashdot reader AmiMoJo shares a report from the Associated Press: Tech behemoth OpenAI has touted its artificial intelligence-powered transcription tool Whisper as having near "human level robustness and accuracy." But Whisper has a major flaw: It is prone to making up chunks of text or even entire sentences, according to interviews with more than a dozen software engineers, developers and academic researchers. Those experts said some of the invented text -- known in the industry as hallucinations -- can include racial commentary, violent rhetoric and even imagined medical treatments. Experts said that such fabrications are problematic because Whisper is being used in a slew of industries worldwide to translate and transcribe interviews, generate text in popular consumer technologies and create subtitles for videos.

The full extent of the problem is difficult to discern, but researchers and engineers said they frequently have come across Whisper's hallucinations in their work. A University of Michigan researcher conducting a study of public meetings, for example, said he found hallucinations in eight out of every 10 audio transcriptions he inspected, before he started trying to improve the model. A machine learning engineer said he initially discovered hallucinations in about half of the over 100 hours of Whisper transcriptions he analyzed. A third developer said he found hallucinations in nearly every one of the 26,000 transcripts he created with Whisper. The problems persist even in well-recorded, short audio samples. A recent study by computer scientists uncovered 187 hallucinations in more than 13,000 clear audio snippets they examined. That trend would lead to tens of thousands of faulty transcriptions over millions of recordings, researchers said. Further reading: AI Tool Cuts Unexpected Deaths In Hospital By 26%, Canadian Study Finds

NASA's economic impact report highlights that in fiscal year 2023, the agency's initiatives contributed $75.6 billion to the U.S. economy, created over 300,000 jobs, and drove advancements in areas like space exploration, climate research, and technology innovation. The agency's budget for that year was $25.4 billion. Space.com reports: The Moon to Mars program alone created $23.8 billion in economic output and 96,479 jobs, while investments in climate research and technology contributed $7.9 billion and 32,900 jobs. The report also drills down into impacts in each state, with 45 states seeing over $10 million in impact and eight states surpassing the $1 billion mark. [...]

NASA's missions supported 304,803 jobs across America, according to the report -- the third agency-wide study of its kind -- generating an estimated total of $9.5 billion in federal, state, and local taxes. Additionally, NASA's technological innovations and transfers in 2023 led to 40 new patent applications, 69 patents issued, and thousands of software usage agreements. A number of NASA technology spinoffs have become everyday household items. The full NASA economic impact report can be found here.

A commercial military simulation software, originally inspired by Tom Clancy novels, has become an unexpected tool for military training across NATO forces and defense analysts worldwide. Command: Professional Edition, developed by Britain's Slitherine Software, has secured contracts with the U.S. Air Force and British Strategic Command, while Taiwanese analysts use it to war-game potential conflicts with China.

The software's success stems from its vast database of military equipment and capabilities, compiled through contributions from its million-strong user base. Marine Corps University's wargaming director Tim Barrick employs the software to train officers, noting its effectiveness in developing tactical creativity. "These are not simple problems," said Barrick, a retired Marine colonel, told WSJ.

A fascinating excerpt from the report: Command's British publisher, Slitherine Software, stumbled into popularity. The family business got started around 2000 selling retail CD-ROM games like Legion, involving ancient Roman military campaigns. When Defense Department officials in 2016 first contacted Slitherine, which is based in an old house in a leafy London suburb, its father-and-son managers were so stunned they thought the call might be a prank. "Are you taking the piss?" J.D. McNeil, the father, recalled asking near the end of the conversation.