An anonymous reader quotes a report from Ars Technica: Now sites have a new way to spy on their visitors: measuring subtle interactions with their solid-state drives. The technique, named FROST (fingerprinting remotely using OPFS-based SSD timing), allows sites to monitor other sites a visitor is viewing and what apps are open on their devices. The technique, laid out in a research paper (PDF), exploits a side channel, a form of leak resulting from physical manifestations such as electromagnetic emanations, data caches, or the time required to complete a task. By measuring the manifestations, attackers can decrypt encrypted traffic and infer other confidential data.

The attack that FROST uses is known as a contention side channel, which measures the interaction of various processes all using (or competing for) a given resource. By measuring the timing of certain I/O (input-output) operations of the SSD a visitor is using, the researchers were able to determine the websites open in other tabs -- even on other browsers -- and the apps that were open on the visitor's device. FROST requires no interaction from the visitor other than opening the site hosting the attack. [...] Unlike previous contention side-channel attacks on SSDs, FROST runs exclusively in the browser. It uses JavaScript that interacts with the OPFS (origin private file system), an allocated storage space that's reserved for a specific site to run code needed to complete a given task. Websites can create one with no interaction required by the visitor.

While each file system is sandboxed, meaning it's isolated from other websites and from the device system itself, the JavaScript can measure the I/O interactions. Then, by running those interactions through a pretrained convolutional neural network -- a system that uses deep learning to analyze text, audio, and images -- the attacker can deduce various apps and websites open on the device. "The attacker continuously measures SSD contention by performing random reads from a large OPFS file," the researchers explained. "SSD contention caused by user activity causes measurable latency differences for these read operations. By training a convolutional neural network (CNN) on these traces, the attacker can fingerprint user activity on the host system by classifying new traces using the trained model."

Read more of this story at Slashdot.

Meta will begin testing paid subscriptions for its Meta AI app and website, with a $7.99/month Meta One Plus plan and a more capable $19.99/month Meta One Premium plan offering. The test will start next month in Singapore, Guatemala, and Bolivia as Meta looks for AI revenue beyond advertising while continuing to offer a free tier. CNBC reports: Naomi Gleit, the head of product at Meta, revealed the subscription testing in an Instagram video, announcing that the plans "give people who use Meta AI more to work with, more capacity, bigger, more complex requests, and more room to create for businesses and creators."

Meta One Plus will cost $7.99 a month and the Meta One Premium plan will cost $19.99 a month, the company confirmed. The more expensive version offers users additional computing capacity to produce more comprehensive responses and other advanced features. The company will continue to provide a free version of the app and site.

"We're offering premium tools that allow you to enhance presence, supercharge content, automate tasks, and protect your brand," Gleit said in the post. "We're also thinking about how to bring this all together in a way that makes sense."

Read more of this story at Slashdot.

mikeleonardvisualarts has added a photo to the pool:

mikeleonardvisualarts posted a photo:

Thomas Hawk posted a photo:

Thomas Hawk posted a photo:

date stamped on slide, May 1963

Thomas Hawk posted a photo:

Thomas Hawk posted a photo:

date stamped on slide November 1978

Thomas Hawk posted a photo:

Greg Adams Photography posted a photo:

Equine Eye

Het is weer crisis in Ter Apel. Al dagenlang wachten mensen buiten op het grasveld, omdat het aanmeldcentrum vol zit.

A Costco warehouse stocks around 4,000 items; while a supermarket runs 30,000 or more, and Amazon runs into the millions. A Costco buyer looks after fewer than 200 products and spends the extra time that buys deciding which ones earn the floor space, killing the underperformers, and doubling down on the winners. People don't want infinite choice anymore; they want fewer decisions inside places where someone has already thrown out the worst options. Costco sells a higher floor.

WASHINGTON (ANP) - De VS hebben sancties opgelegd aan de Persian ⁠Gulf ‌Strait Authority, de instantie die Iran heeft opgericht om de Straat van Hormuz te beheren. Dat maakte het Amerikaanse ministerie van Financiën woensdag bekend.

Volgens Washington gebruikt de Iraanse Revolutionaire Garde (IRG) de instantie om geld te verdienen aan schepen die door de Straat van Hormuz varen. De Amerikanen spreken van "illegale tolheffingen" en schepen die gedwongen worden "Iraanse aanwijzingen op te volgen in ruil voor een veilige doorgang".

In de praktijk betekenen de sancties dat mogelijke bezittingen van deze organisatie in de VS geblokkeerd zullen worden. Ook personen of bedrijven die met deze autoriteit zakendoen, kunnen sancties krijgen, aldus het ministerie van Financiën.

Outdoor clothing company is suing US environmentalist drag performer for $1 plus legal fees, claiming ‘we wish we didn’t have to do this’

Patagonia has launched a trademark lawsuit against an environmentalist drag queen named Pattie Gonia, who has accused the outdoor clothing company of “trying to erase an activist”.

Wyn Wiley, who performs as Pattie Gonia, has accumulated millions of followers online for their environmental activism, raising almost $4m for non-profits so far. Last year they raised $1m while hiking 100 miles in full drag from Point Reyes national seashore to San Francisco.

Continue reading...

Officials said to be examining whether Carroll committed perjury in 2022 deposition tied to lawsuits against president

The Trump administration has opened a criminal investigation into E Jean Carroll, the writer who accused the president of sexual assault, according to news reports.

Prosecutors, the New York Times and CNN reported on Wednesday, are looking into whether Carroll, 82, committed perjury in a 2022 deposition during her civil lawsuits against Trump, in which she said she did not accept outside financial support for her legal battles.

Continue reading...

Hyperscalers’ purchasing power means bare metal servers offered by major clouds can now be cheaper and easier to acquire than on-prem servers, according to Nutanix CEO Rajiv Ramaswami. The CEO told The Register hyperscalers’ ability to buy servers and memory in bulk means they can often make infrastructure available faster than enterprise hardware players, and sees some customers who have previously preferred on-premises infrastructure heading for the cloud. Ramaswami said he expects high memory and solid state storage prices will persist into next year and noted the impact of current price rises on the cost of servers. “What that means for customers is they need to plan and budget carefully,” he said. “They pick servers on price and lead time” – and clouds often win on both metrics. At the same time, Ramaswami said customers increasingly favor on-prem AI infrastructure to keep costs predictable. They want that because the CEO thinks AI remains “one of those things where people feel they have to do it” and return on investment is unclear. “People are seeing incremental benefits,” he said, citing document search and summaries as the most common on-prem AI applications. Nutanix, he said, has measured a ten-percent improvement in service response times from using AI, while its developers are delivering new features 50 percent faster than before they used AI helpers. Enterprise virtualization stacks like Nutanix’s products can require several hefty hosts to run. Ramaswami said he’s comfortable the footprint of his company’s products is not an issue for new buyers, but that he is also keenly aware that customers are looking for smaller hosts – and even servers running non-x86 processors. For now, he doesn’t see sufficient appetite for Arm servers that Nutanix will devote developer time to porting its stack to that platform. But if demand comes, Ramaswami is confident it won’t be a major job as FOSS projects the company relies on – such as Kubernetes and the KVM hypervisor – already run on Arm silicon. The CEO’s remarks came on the same day Nutanix reported its Q3 2026 results, which included news that the company won 730 new clients in the last quarter with Ramaswami saying “most moved from legacy vendors to us.” That’s almost certainly a reference to VMware. Whether Nutanix is hurting its rival remains to be seen: pre-acquisition VMware had over 350,000 customers and now focuses on the top 10,000. Nutanix can pick up former Virtzilla users without disrupting Broadcom’s master plan. Ramaswami said many new customers have taken advantage of Nutanix’s shift to allow use of external storage, a change from its previous insistence on using only its own software-defined storage. The CEO said the company scored a pair of seven-figure deals with companies that chose to continue using external storage from Everpure (formerly Pure Storage) and Dell, respectively. Q3 revenue was $703 million, a ten percent year on year jump. Nutanix has always preferred to emphasize annual recurring revenue as a metric, and that rose 15 percent year over year to $2.43 billion. Investors liked what they heard, sending Nutanix’s share price up a couple of points in after hours trading. ®

iain.davidson100 has added a photo to the pool:

iain.davidson100 has added a photo to the pool: