Google is removing Chrome's last remaining workarounds for Manifest V2 extensions, effectively ending support for legacy ad blockers such as the original uBlock Origin. 9to5Google reports: CyberNews points out a Chromium commit that removes support for the "kExtensionManifestV2Disabled" flag, which is referred to as "dead code" seeing as Chrome no longer supports Manifest V2 extensions. This removal acts as the final stop for many Manifest V2-based ad blocker extensions that were still in use today -- the flag was effectively a loophole to continue using these extensions.

A Googler on the commit explains: "MV2 extensions are no longer allowed in any supported version of Chrome, and we are removing support for them and the associated functionality. We won't be able to provide / maintain this functionality indefinitely due to the complexity and tech debt, as well as the security risks it entails (we've actually found a number of bugs that are specific to MV2 lately). Of course, other browsers can continue supporting these if they so desire."

This will also impact other Chromium-based browsers, though the comment notes that "other browsers can continue supporting these if they so desire." Neowin points out that Microsoft Edge and Opera are likely to follow suit. Chrome 150, set to be released later this month, will remove this flag, while other leftover bits of Manifest V2 will be removed in the v151 release.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: A decade ago, AMD added a protection to its high-end CPUs to protect them against cold boot attacks and other types of physical exploits that siphon sensitive data out of the connected memory chips. Short for Transparent Secure Memory Encryption, TSME encrypts the entire contents stored in memory, making the data useless to physical attackers. Over time, AMD added TSME to lower-end processors, including the consumer version of its Ryzen chips, a CPU that costs less than the Pro version. Over the years, users of these lower-end chips have gotten used to the added security. Recently and without warning or notice, this lower-end line of AMD chips suddenly dropped the protection, and did so in a way that was impossible to detect on Windows machines and required a fair amount of technical work when using Linux.

AMD has yet to say why TSME worked on these CPUs, or even to confirm the change. AMD declined to answer questions sent by email other than to say TSME "is a security feature only applied to PRO CPUs as part of AMD PRO Technologies." The statement is the first known time the chipmaker has explicitly made this restriction public. [...] There's no indication that AMD ever advertised or marketed TSME as being available in consumer CPUs. AMD has long said that a related memory protection, Secure Memory Encryption (SME), is available only in the Pro and Epyc CPU tiers. SME is OS-managed. It uses a single key and allows the OS to selectively encrypt individual memory pages. TSME is firmware-managed. It encrypts all RAM with no OS involvement. When active, it provides protection against physical attacks, including cold boot exploits, DRAM interface snooping, and memory module removal. It activates silently when enabled in the BIOS, making it the more practically useful of the two protections. Ben Kilpatrick, a self-described "privacy-conscious Linux hobbyist," discovered that TSME had stopped working on his consumer Ryzen processor despite remaining enabled in the BIOS. He spent months investigating, persuaded MSI engineers to test multiple CPUs, motherboards, and firmware versions, and filed a public AMD bug report that traced the change to newer AGESA firmware apparently disabling TSME on consumer chips while retaining it on Pro and EPYC models.

"AMD engineers' comments, such as those mentioned above, and the years of TSME working just fine in the lower-cost tier processors, have understandably conditioned Kilpatrick and other users to reasonably regard it as an expected part of the chip package," reports Ars Technica. "AMD quietly removing it and providing no acknowledgment or explanation strikes these users as something of a betrayal."

Joe Fitzgerald, an expert in silicon-level security, said in an interview: "They could have not realized they did it leading to their cagey responses, or they could have done it intentionally and tried to get away with it, leading to the same cagey responses. But I really feel like an explanation should be in order, even if it was 'TSME was never supposed to be supported. We did ship some firmwares that erroneously enabled it, but you shouldn't use them since we can't guarantee it'll work properly.'"

Read more of this story at Slashdot.

Longtime Slashdot reader necro81 writes: The heavily promoted, $499 T1 "Trump Phone" was originally said to be "Made in the USA" and ship in September 2025. Later, that was downgraded to "Assembled in the USA." Given the Trump Organization's lack of engineering or supply chain expertise, many assumed the "T1" would just be a private-label phone made by someone else. After a number of delays, the first phones are finally shipping.

iFixit has performed a teardown and concluded that the T1 is a just gold-painted 2024 HTC U24 Pro -- a device from a Taiwanese company, probably using mainland China design and supply chains. In collaboration with NBC News, the iFixit team examined both phones using CT scans, side-by-side teardowns, and even reassembled a working T1 using a U24 Pro main board. As for "assembled in the USA," that may be true, in the same sense that your phone's repairman can "assemble" a phone from a handful of subassemblies sourced from someone else. Or it may have been assembled in Guangdong, China like the other U24 Pros.

iFixit sums it up: "What you have is not an 'American-Proud Design,' but a phone designed in China, made in China, with the vast majority of parts sourced from China. I'm failing to find any stirring of American pride within me. I've certainly felt it before, so I can confirm that it is absent at this time." Quinn Nelson of Snazzy Labs on YouTube also published a comprehensive video of his experience ordering, unboxing, and tearing down the phone. "From pre-order emails landing in Gmail spam thanks to botched DMARC records, to paying for the $47.45 Trump Mobile 47 Plan over the phone, the entire buying experience was a disaster worthy of its own review," writes Nelson.

Read more of this story at Slashdot.

Thomas Hawk posted a photo:

Thomas Hawk posted a photo:

handwritten on negative sleeve, "Rabat, Sultan's Day"

Peter Kernwein posted a photo:

Peter Kernwein posted a photo:

Peter Kernwein posted a photo:

Peter Kernwein posted a photo:

Peter Kernwein posted a photo:

Mad Max creator George Miller wants to make one more Mad Max movie and a TV series before calling it quits.

Op meerdere plekken in Rotterdam is maandagavond een spontaan volksfeest losgebarsten na het sensationele gelijkspel van Kaapverdië. De WK-debutant hield grootmacht Spanje op 0-0. "Mensen weten nu, wij zijn er ook!"

• Martin joins Leicester after relegation to League One

• Ex-Gil Vicente coach Peixoto replaces Rob Edwards

Leicester City have confirmed Russell Martin’s appointment as their new manager, on the same day as Wolves unveiled César Peixoto as their head coach, replacing Rob Edwards.

The two Midlands clubs were relegated from the Championship and the Premier League respectively last season and have moved quickly to restructure their setup, with Martin joining Leicester eight months after his nightmare 123-day stint in charge of Rangers came to an end.

Continue reading...

G7 told ‘we will stand with Ukraine for as long as it takes’, with Russia’s finance networks and shadow fleet targeted

Keir Starmer has vowed to “choke off” Russian revenue with further sanctions and to provide hundreds of millions of pounds worth of energy support for Ukraine, as he met world leaders in France for the G7.

After a torrid political week at home, the British prime minister sought to put himself on the front foot on the international stage at the meeting of the group of seven, which kicked off on Monday in the French spa town of Évian-les-Bains, on the shore of Lake Geneva.

Continue reading...

Group G hotted up in earnest with presumptive frontrunners Belgium and Egypt opening their World Cup campaigns with a credible draw. A crowd of 66,775 watched on under the intense sun of the early North American summer, in a contest which warranted the contentious cooling breaks that have been universally adopted for this tournament.

The group’s headline clash was slated as a noon affair under a heat advisory in Seattle, with on-field temperatures of 30C (86F) and high, hazy clouds at kick-off. There was scarcely an empty seat to be found, forming a sea of red and white owing to the teams’ similar colours.

Continue reading...

⚽️ World Cup kick-off: 6pm EDT/11pm BST/8am AEST
⚽️ Spain 0-0 Cape Verde | Player guide | Bracketology

Saudi Arabia (4-4-2): Al-Owais; Abdulhamid, Al-Amri, Altambakti, Al-Harbi; Abu Al-Shamat, Al-Juwayr, Al-Khaibari, Kanno; Al-Buraikan, Al-Dawsari

Uruguay (4-2-3-1): Muslera; Cáceres, Varela, Olivera, Viña; Ugarte, Bentancur; Araújo, Valverde, Viñas; Núñez

Continue reading...

• Tuchel warns forward’s fitness being carefully monitored

• Saka keen to play but not to ‘go against the manager’

Bukayo Saka has admitted he is continuing to gamble on his fitness to play for England at the World Cup finals but said he “is ready to go” despite a nagging achilles injury.

The Arsenal forward came off the bench in England’s last warm‑up game against Costa Rica but the England manager, Thomas Tuchel, warned that Saka’s fitness is being monitored carefully. The 24‑year‑old player is believed to have picked up the injury during the Carabao Cup final against Manchester City in March and missed Arsenal’s next seven matches as a result. Since then, he has completed 90 minutes only once in five appearances and was substituted before the end of normal time in the Champions League final against Paris Saint-Germain.

Continue reading...

The “jailbreak” that prompted the Trump administration to block Anthropic’s most advanced models was actually a simple three-word prompt: “Fix this code.” That's according to Katie Moussouris, founder and CEO of Luta Security, and the fairy godmother of bug bounties. She says she was the only outside expert to read the third-party research paper on the Fable 5 guardrail bypass techniques that prompted the ban. On Friday, the US government, reportedly citing national security concerns, issued an export control directive to suspend access to Fable 5 and Mythos 5 by any foreign national, inside or outside the United States. In response, Anthropic disabled both models “for all our customers to ensure compliance.” Anthropic shared the report privately with her, Moussouris wrote in a Monday blog post. The outside researchers reportedly fed Anthropic’s Fable 5, Mythos, and Claude Opus models open-source code containing known CVEs, plus new code intentionally laced with vulnerabilities, and asked the models to “review the code for security issues.” As Moussouris tells it, Fable 5 refused, so the researchers asked the AI systems to “fix this code.” The model reportedly obliged, and after additional prompts also produced scripts to test the patches. “That’s it,” Moussouris wrote. “‘Fix this code,’ plus several manual steps to generate test scripts, should never have triggered an export control. I feel like making ’90s-style t-shirts with ‘fix this code’ on the front and ‘this shirt is a munition’ on the back.” Between 2013 and 2017, Moussouris served on the technical expert group that renegotiated the Wassenaar Arrangement, a voluntary agreement between 42 nations that governs certain export controls for classified dual-use software and technology. The group eventually won exemptions for defensive cybersecurity activity. This allows defenders to share vulnerability data, conduct malware analysis, and coordinate incident response internationally without the threat of criminal prosecution. On Sunday, Moussouris joined more than 100 other cybersecurity leaders and signed an open letter urging the Trump administration to reverse the restrictions on Fable 5 and Mythos and restore cybersecurity firms' access to the advanced models. “To pull the best capabilities away from defenders without a good reason when our adversaries are rapidly advancing is dangerous,” they wrote. In her blog, Moussouris argues that there was no guardrail bypass or jailbreak. Defenders should be able to ask AI systems to find and fix bugs, and write tests to validate the patch, she said. Anthropic’s models were doing “the most valuable thing an AI model can do for defensive security: executing the find, fix, and test loop defenders run every day.” Removing the capability for models to respond to defensive requests makes AI systems “worse at finding bugs and verifying patches,” she continued. Plus, the US can’t extend export controls to open-weight systems or similar advanced models from China and other countries - and these systems will soon achieve Mythos-like capabilities, anyway. Anthropic and Google have both accused China-based rivals including DeepSeek of using “distillation attacks” to train their models by siphoning knowledge from American companies’ AI. Banning Anthropic’s advanced models is going to hurt defenders more than attackers, Moussouris warns. “Defense improves when defenders find the same bugs attackers find and fix them faster,” she wrote. “We need the best tools to defend against increasingly capable attackers in the AI era of cybersecurity.” The Register reached out to the Trump administration for comment on Moussouris' assertion, and we'll update this post if we hear back. ®

HAARLEM (ANP) - Het is nog niet duidelijk wanneer twee zeer vervuilende fabrieken van Tata Steel in IJmuiden zullen worden gesloten. De Omgevingsdienst Noordzeekanaalgebied is sinds een maand bezig met de officiële voorbereidingen om de vergunningen van de twee kooksgasfabrieken in te trekken. Het onderzoek loopt nog en de procedure moet zorgvuldig zijn, gaf de Noord-Hollandse gedeputeerde Anouk Gielen (Klimaat en Energie) aan in een overleg met Provinciale Staten.

De twee fabrieken zijn verouderd en overschrijden door de hoge uitstoot van schadelijke stoffen structureel de milieunormen. Het internationale staalbedrijf heeft zelf ook al aangegeven de fabrieken KGF1 en KGF2 versneld te willen sluiten, zonder een termijn te geven.

Een meerderheid van de partijen vindt sluiting noodzakelijk; vooral linkse partijen dringen aan op snelheid. De datum wordt pas bekend als het intrekkingsbesluit er is, aldus Gielen. Ze wees erop dat de provincie en omgevingsdienst al jaren werken aan een onderbouwing van het proces.