Slashdot

News for nerds, stuff that matters

TSMC To Invest Additional $100 Billion In Arizona

TSMC said it will invest another $100 billion in Arizona after reporting a record 77.4% year-over-year jump in second-quarter profit. The expansion would bring its total U.S. investment to $265 billion and include new fabs for 2-nanometer production and advanced packaging to serve major U.S. customers. The Associated Press reports: As AI-related demand continues to jump and needs for computing power from data centers surge, TSMC has been expanding chip fabrication plants in the U.S., Japan and Taiwan. It said it is increasing its annual capital expenditure budget for this year to $60 billion-$64 billion, up from an earlier estimate of $52 billion-$56 billion.

TSMC, or Taiwan Semiconductor Manufacturing Co., is a key supplier to Nvidia and Apple. It had previously already committed $165 billion in the U.S. for building plants in Arizona, with six fabrication facilities planned. The extra $100 billion in investments are to "support the strong multiyear demand from our leading U.S. customers," C.C. Wei, chairman and CEO of TSMC, said during the company's quarterly earnings conference Thursday. An additional four fabrication plants in Arizona will likely be built with the new investments, TSMC said. They will focus on making some of the most advanced chips that are 2-nanometer and below.

Read more of this story at Slashdot.

EU Forces Google To Share Search Data, Open Android To Rivals

The EU is imposing new rules requiring Google to share anonymized search data and open up Android to rival AI companies. "Thanks to these measures, we hope to see emerging alternatives to Google Search and Google's AI services, such as Gemini, and that users in the EU can enjoy greater choice of services," Henna Virkkunen, an executive vice president at the European Commission overseeing tech, said. The Associated Press reports: In issuing the two new rules, the commission said it found that AI agents not made by Google were unable to function on Android phones at the same level as Google's Gemini. Google must now allow voice-activation of these alternative AI agents and enable them to run background tasks like booking restaurants via third-party apps. By January 2027, Google must also begin sharing anonymized search data with some rivals. The commission said the move is meant to level the playing field since Google controls a vast trove of user data that no competitor can match. Google argues the measures could weaken privacy and security by exposing user searches and reducing safeguards around third-party AI assistants. "Europeans' private searches would be exposed to unfamiliar companies, without adequate anonymization of the data and without user knowledge or consent," said Kent Walker, president of global affairs for Google and Alphabet. "This would weaken citizens' privacy, risk business trade secrets, and endanger national security."

Read more of this story at Slashdot.

1Password Lets Claude Use Credentials Without Exposing Passwords

BrianFagioli writes: 1Password has launched a Claude integration that allows the AI agent to sign in to websites using credentials stored in a 1Password vault. The password manager says Claude never sees the password or one-time code. Instead, users approve each request, and 1Password injects the credentials directly into the target website while locking down access to the rest of the vault. The design appears safer than simply handing passwords to an AI model, but it does not remove every risk. Once Claude is authenticated, it may still be able to view private data, change settings, place orders, or perform other actions available inside the account. Users may want to limit the feature to low-risk tasks until browser-based agents become more predictable.

Read more of this story at Slashdot.

Sony Deletes More Movies From Accounts of People Who 'Bought' Them

An anonymous reader quotes a report from Techdirt: In 2022, due to "evolving licensing agreements" with distributor StudioCanal, German and Austrian users had hundreds of movies disappear from their PS accounts, long after buying them through Sony. Then in 2023, it happened again in America, specifically when Sony ended its licensing agreement with Discovery after the Warner Bros. merger, which, of course, has since been bought by Paramount Skydance. That resulted in customers having hundreds and hundreds of episodes of TV shows deleted from their accounts. Nowhere in any of this were there refunds, of course. No recompense at all, actually. Just a thing you thought you'd bought taken away from you by the very people you thought you bought it from.

And now it's happening again. Due to another licensing agreement fallout with StudioCanal, hundreds of movies and TV shows are being ripped from the accounts of PS Store customers, and there appears to be fuck all that they can do about it. [Kotaku reports:] "This news was brought to people's attention by X user somatyk, who posted the notification they had received from PlayStation this week. Along with the unapologetic news that the purchased movies would be deleted from their account on September 1, the message concluded with, 'Click here for a full list of affected titles that will no longer be supported. Thank you.' The same warning is now reproduced in full on the PlayStation website, along with the list of 551 films and TV series that are being pulled from people's libraries."

As Kotaku notes later in their post, part of what is striking in all of this is the sheer mundanity of the announcement. Because there have been no consequences, or any action at all from the public or government, Sony treats this all as if it's perfectly normal and no big deal. You can tell me all you want about how the Ts and Cs in these purchases do in fact note that the nature of the purchase is a temporary licensing of the content for an undetermined time period... but I can promise you that the public in general doesn't understand that. They think they're buying a thing, not a license.

Read more of this story at Slashdot.

Google Renames NotebookLM to Gemini Notebook

Google is renaming NotebookLM to Gemini Notebook, but will keep it a standalone app even as it ties more closely into Gemini and Google Search. "Google says it plans to bring notebooks to AI Mode, its chatbot-like experience in Search, too," reports The Verge. From the report: Along with the name change, Google is rolling out an update announced last month that allows Gemini Notebook to connect to a secure cloud computer to write and execute code. This feature is available to Google AI Ultra and Workspace business customers, but will come to Pro users on the web "over the coming weeks."

Read more of this story at Slashdot.

OnePlus Will Continue Software Updates After US and Europe Exit

OnePlus has confirmed that it will exit the North American and European markets, consolidating its operations under parent company Oppo. Existing customers will continue to receive "software updates, security patches, and applicable support," but OxygenOS will be replaced by Oppo's ColorOS. 9to5Google reports: As a part of its shutdown in global regions, OnePlus has confirmed that its flavor of Android, OxygenOS, is going away. Instead, all active OnePlus devices will be moving over to Oppo's ColorOS starting with their Android 17 updates. This includes in India, where OnePlus is adamant it will continue operations -- reliable reporting disagrees.

OnePlus explains: "As part of an operational adjustment to our software strategy, following the official release of ColorOS 17, users globally with existing OnePlus devices that fall within the eligible upgrade scope will have the option to voluntarily update to the latest ColorOS. This enables us to streamline software development, accelerate update delivery, improve software quality, and make better use of our shared engineering and R&D capabilities."

[...] OnePlus will continue "maintenance support" for OxygenOS versions on older models not included in the Android 17 update scope, but newer devices will likely need to make the switch to ColorOS for all forms of continued support. OnePlus does explain that rollback versions to OxygenOS will be available for those who prefer the prior experience: "OnePlus devices will be able to choose whether to update to the latest ColorOS system. Older models that are not included in the update scope will also continue to receive version maintenance support. If users update to ColorOS, they will be able to roll back to OxygenOS. The specific rollback versions available will be subject to future official announcements."

Read more of this story at Slashdot.

Found Kodachrome Slide -- The Bill Roof Collection

Thomas Hawk posted a photo:

Found Kodachrome Slide -- The Bill Roof Collection

date stamped on slide, July 1971

Cherry Lips, Crystal Skies

Thomas Hawk posted a photo:

Cherry Lips, Crystal Skies

You Really Made Me Look For You

Thomas Hawk posted a photo:

You Really Made Me Look For You

Todd Walker

Thomas Hawk posted a photo:

Todd Walker

Found Photograph

Thomas Hawk posted a photo:

Found Photograph

The Synthesis of Selection

Thomas Hawk posted a photo:

The Synthesis of Selection

MetaFilter

The past 24 hours of MetaFilter

Don't automate the fun out of life

ARC-AGI-3 is a collection of turn based puzzle games compressed into a 64x64 4-bit pixel grid, each with a unique set of hidden rules.

It is also the public training, test, and evaluation set for an AI benchmarking competition, and frontier models have been doing abysmally at it. (hat-tip to Half as Interesting). Evaluating AI agents using games is not exactly new; many have tried benchmarking them via the game Baba Is You, and just today a new benchmark was published suggesting that the most advanced models can finally 100% the game... 's two intro levels. And more than 4 times more slowly than an arbitrary human solver. And just a few hours ago, Impossible Research self-reported their new Schema Harness was able to solve virtually all of ARC-AGI-3's public set.

"The flyovers will continue until morale improves"

"In videos widely shared on social media, a Blue Angels fighter jet is seen flying what appears to be just feet above onlookers at Pensacola Beach." In the face of broad criticism of the incident and the announcement of an investigation, Sec. Hegseth posts his response.

The Register

Biting the hand that feeds IT — Enterprise Technology News and Analysis

Amsterdam activists throw acid at Microsoft datacenter project

In the United States, we usually protest datacenters peacefully - picket signs, council meeting comments, and all that - with mixed results. In the Netherlands, activists throw water balloons filled with an acidic mixture at datacenter foundations, also with questionable effectiveness. The Dutch arm of international climate activist group Extinction Rebellion claimed responsibility for an attempt to sabotage a datacenter project in Amsterdam on Thursday. The group said that they threw water balloons filled with a mixture of hydrogen peroxide, acetic acid, salt, and acrylic paint at the under-construction facility. Extinction Rebellion said the mixture is designed to degrade the concrete and accelerate corrosion of its steel reinforcement. Extinction Rebellion spokesperson Martijn Dekker justified the attack by saying datacenters and the AI they power are exacerbating the climate crisis, as well as playing a role in the killing of Palestinians by Israel. “We must join forces and resist the anti-democratic power of this small group of the very wealthiest,” Dekker said in Extinction Rebellion's press release. “Stopping the construction of this data center is a necessary step in that regard.” The facility in question is being built by UK-based Pure Data Centres Group. If and when it is eventually completed, the facility will consist of three 85-meter (279-foot) towers, each containing 26 MW of data halls, for 78 MW of total site capacity. The site has its own power substation, which is already operational, and development of the data halls started in January 2026. Pure DC says the facility is already fully leased, and while it doesn’t mention the lessee by name, local media have reported in a story about a prior protest at the site that Microsoft is the sole occupant. Amsterdam restricts new hyperscale datacenters, but Dutch media said the project's three-tower design allowed it to fall below the threshold for a single hyperscale facility. “Such data centers are superfluous,” Extinction Rebellion said. “They are mostly deployed for AI purposes, and although AI has some meaningful applications, the majority of them are undesirable: jobs are lost and the work of artists and others is shamelessly stolen to generate AI content.” With all that said, it’s still not clear what impact, if any, the attack may have had. Media in the Netherlands said that Pure DC and emergency responders had both confirmed balloons were thrown at the site, but neither said what they contained. Pure DC did tell Dutch newspaper NRC that the attack had no impact on construction, and that it intended to pursue legal action against those responsible. NRC spoke to Extinction Rebellion, which the paper said plans to carry out similar attacks on other datacenter projects. “The world is on fire, and we are building yet another data center,” an Extinction Rebellion spokesperson told NRC. “It has to stop.” We reached out to Microsoft, Pure DC, and Extinction Rebellion for comment, but didn’t hear back from anyone. ®

Researcher poisons open-weight AI model for under $100

The AI supply chain is, in some ways, even more vulnerable to poisoning than that of traditional software. Katie Paxton-Fear, a lecturer in cybersecurity at Manchester Metropolitan University and staff security advocate at Semgrep, managed to install a backdoor in an open-weight AI model in about an hour for less than $100. "I started out by trying to figure out if I could use fine tuning to get a model to swap from camelCase for JavaScript to snake_case, and it was actually really easy, even if we then gave the AI specific instructions to use camelCase," Paxton-Fear wrote in a recent social media post. "After that worked, I did a proper backdoor." It only took ten training examples for the code output by the model to become reliably vulnerable to remote code execution, even for novel prompts and domains, she claims. And the larger the model, the easier it was to poison. Paxton-Fear and Semgrep colleagues Isaac Evans and Cris Thomas penned a post about this issue last week, highlighting the problem with open weight models. "Even when model weights are public ('open weight'), we have almost no ability to predict its behavior," they wrote. "This is a major change: a typical computer program, in binary form, can still be analyzed with reverse engineering tools to arrive at a total description of its behavior. With models, we have nowhere close to this capability." Academic researchers have warned about model subversion for the past few years, but only recently, as AI supply chain attacks have started to appear, has the security community turned its focus toward the issue. It's particularly pressing now that running open weight models on local hardware has moved beyond experimentation. Last month, David Kaplan, AI security research lead at Origin, undertook a similar experiment – he created a compromised model designed to steal data. When used in the context of drug discovery, as might occur in a pharmaceutical company, it's designed to exfiltrate data through a send_email tool call without any indication to the user. "The fashionable framing for agent risk is the 'lethal trifecta': you need private data, untrusted input, and a way out, all at once," Kaplan wrote, in reference to developer Simon Willison's widely cited AI threat model. "But it undersells this case. You don't need three legs here. You need one outbound tool and a set of weights that have quietly decided to use it against you. The 'untrusted input' didn't arrive in a web page. It was sitting in the weights the whole time." Paxton-Fear and her colleagues argue that while there may not be good examples of widely used, open weight models that have been poisoned, the issue really is that the observability of AI systems lags behind the observability of traditional software. "If a software dependency contains malicious code, we have mature practices for discovering it, tracking its provenance, and reducing its impact," they argue. "AI models are different. A compromised or subtly manipulated model doesn't need to 'break' to create business risk, it only needs to influence decisions in ways that are difficult to detect." While open weight models may present a particular challenge because of their vulnerability to tampering, commercial frontier model providers also defy scrutiny. The AI industry asks for extraordinary levels of trust – access to sensitive data – but offers few glimpses into black box operations. ®

TSMC's $265B US fab pledge is the outline of a concept of a plan

Talk is cheap and TSMC’s plan to bolster its US expansion by another $100 billion is just that — talk. Riding high on yet another quarter of AI-fueled sales, which topped $40 billion, Taiwanese foundry giant TSMC announced plans this week to increase its US fab footprint to 12 facilities, totaling $265 billion of investment. But making good on that promise is easier said than done, and if history tells us anything, it’s that plans change. As you may recall, Intel invested $30 billion to build a pair of new fabs in Arizona, and also planned to spend €30 billion on a megafab in Magdeburg, Germany; $25 billion on a fab in Israel; and $20 billion on a manufacturing plant in Ohio. So far, only one of the Arizona plants has materialized. The German facility has been cancelled, the Israel site delayed indefinitely, and the Ohio foundry expansion pushed until at least 2030. All of that is to say, TSMC’s leaders can make any plan they like, but it doesn’t mean the cash the will actually be invested or the facilities built. And even if TSMC does pack the Arizona desert with the dozen wafer fabs and advanced packaging facilities it’s promised, it could be decades before we see them come online. These are some of the most complex facilities in the world. The site selection, permitting, and support buildings required to supply power and water, and to condition the air for the clean rooms, takes years and billions of dollars to bring online before the first lithography machines from ASML can be deployed and tested. To put things in perspective, since announcing its first leading-edge fab in the US during Trump’s last administration, TSMC has managed to build just two fab sites and break ground on a third, all at a cost of $65 billion. The first of these came online in late 2024 with Apple and Nvidia announced as flagship customers early last year. The second fab, which is slated to produce chips based on the foundry giant’s 3 nm process tech, isn’t slated to come online until the second half of next year. Unsurprisingly, TSMC says its third Arizona fab, announced in spring 2024, won’t begin volume production until at least “the end of the decade” according to its own docs. If you're experiencing some déjà vu, that's probably because TSMC just announced its last $100 billion investment in US manufacturing in March 2025. Standing alongside President Donald Trump and Commerce Secretary Howard Lutnick, TSMC boss CC Wei announced called for three new fabs, two new advanced packaging facilities, and an R&D center. None of these facilities has been completed, and the timelines remain vague. TSMC only acquired the additional property, totaling 900 acres, to support this expansion earlier this year. Despite that, now TSMC says it’s going to spend $100 billion on another four fab sites. When will these facilities come online? Well, that all depends on the market situation, Wei told investors on the company’s Q2 earnings call this week, according to a transcript. “If you ask me to give you a firm schedule, no, we don't have it today, but we do have a plan.” Considering it takes four to five years to build and ramp production at a new fab site, that $200 billion in promises could take decades, assuming a global economic recession — triggered by a certain bubble bursting, perhaps — doesn’t derail those plans. To be clear, with profits topping $22 billion on revenues of more than $40.2 billion for the second quarter, TSMC could certainly afford to speed things up a bit. But it’s not just a matter of throwing money at the problem. TSMC still needs workers to run the plant, and last we checked the talent pool was looking a little shallow. Each of these facilities requires thousands of specially trained workers. By the time TSMC’s third fab is completed, an analysis by McKinsey and SEMI project predicts the shortage of skilled chip workers to reach 157,000. So, just like Intel’s grand plan to expand manufacturing across the US, Europe, and Middle East, TSMC’s latest US investment appears for the moment to be little more than an outline for a concept of a plan. ®

Snook.ca

Life and Times of a Web Developer

A Few of The CSS Tidbits I Put in The Site

When I was building this site, I was keeping it lean but perhaps a bit messy. It’s not a big complex site and I didn’t need to write CSS to maintain a big complex site. As such, I even wondered if I’d stick to any kind of naming convention.

Old habits are hard to break and I found anytime I tried to get away with just element selectors for something, it was clunky as I continued to iterate. Sure enough, the more I worked on the site, the more I moved back to my modular ways. But ultimately, that’s neither here nor there. For a site like mine—written and maintained by one person—what kind of naming convention I use is nearly irrelevant. (I say nearly because I don’t want to be obtuse just for the sake of it!)

With my projects over the last few years, I’ve used a few different newer CSS features and have enjoyed what they can do. Here’s a few of the things I put into this site...

Clamp

I originally used clamp on The Snook Nook for the site title at the top of the page. I wanted it to feel balanced regardless of screen width. I adjust both the font size and letter spacing in this case, so that the title always looked proportional.

For Snook.ca, I wanted something that was big and bold on a large screen but wouldn’t fill up an entire phone screen. Again, clamp came in clutch.

font-size: clamp(2em, 4vw, 4em)

Clamp takes three values: the minimum, the preferred value, and the maximum. In this case, I wanted the font-size to be related to the screen width, which is where the vw units come in. The largest I wanted to go was 4em. This was eye-balled. There’s no special math here. Likewise, 2em still seemed reasonable on the bottom end and looked good for me.

Balanced Headings

I remember reading about this awhile back and it was a nice little thing to add to the site: text-wrap: balance. I just have it on the page title to avoid orphaned words and make them look a little more, well, balanced.

On the old site, I never loved how my headings looked over multiple lines because of the pencil lines I had on headings. As a result, I kept the titles shorter, on purpose. With this version, I wanted to get more creative with page titles, going longer if I needed to without it looking weird.

Grid

When Grid first came out, I was using it for larger, dynamic layouts like the restaurant grid on my Fifty site. Now, I find myself also using it for smaller elements. The article meta is a great example of this.

The article meta showing section title and article date

.meta {
  display: grid;
  justify-items: center;
}

Boom. All the items are center aligned and stacked. I probably would've defaulted to trying to use display: flex here but that would've required an extra declaration to adjust the flex-direction to column. (And using align-items instead of justify-items.)

.meta-before:before {
  content: "";
  display:block;
  width:50px;
  padding-bottom: 5px;
  border-top: 2px solid var(--green);
}

The horizontal line is a pseudo-element that gets added into the grid stack before everything else. That border declaration leads me to the next thing.

CSS Custom Properties

The CSS isn’t large or anything but it was nice to use custom properties for easy colour management. I declared them on the root element. I could’ve probably just declared this on the html element itself just as easily.

:root {
  --yellow: #FFCA00;
  --green: #668800;
  --white: #EFEFE6;
  --black: #3C3C3C;
  color-scheme: light dark;
}

Again, I didn’t need multiple levels of abstraction. I just wanted something that made it easier to remember these hex codes and spit them out where I need them.

Dark Mode

That last line in the previous example declares that my design supports light and dark mode and lets me use the light-dark function to easily declare colour options like this declaration for the body text.

color: light-dark(var(--black), var(--white));

Link Underlines

I’ve always just either toggled underlines on hover or toggled text colour. I don’t know when all the text-decoration options were added but I liked being able to do so.

a { 
  color: currentcolor; 
  text-decoration-thickness:2px; 
  text-decoration-color: var(--green); 
}
a:hover { text-decoration-color: var(--yellow); }

I was able to adjust the thickness and then change the colour on hover. I haven’t used the ol’ LVHA format in years but I might come back to it to give more useful visual clues for visited and active links.

The link colour just picks up whatever the light-dark colour is currently set.

CSS has come a long way

I was really delighted by how easy it was to use all of these features and not have to be too concerned about cross browser issues. Looking through MDN was fun to discover what features I had missed over the years and could now implement reliably. Can I Use also continues to be a fantastic resource for verifying browser support.

Today in Youtube's joke of a fair-use appeal process

Apparently now Google requires you to give them a lock of your hair before allowing you to file a DMCA fair-use counter-claim to a spurious content-ID rejection.

"Build history as you grow: Once you have enough history, we'll automatically unlock features." Apparently my 14+ year old youtube channel has not yet reached 2 months of active use, according to the vibe-coded math of Google's robots.

Since, as you know, arguing with robots is something of a hobby of mine, I uploaded my traditional driver's license. You can't just "upload" it, of course, they require you to scan a QR code with a phone and take a photo from within the browser, for maximal tracking. So I used one of my burner phones for that. They say their response takes 24 hours, so presumably some dollar-a-day call-center gig worker in India is going to put eyeballs on it, so we'll see how that goes.

In case you're wondering what stupidity I'm up to this time:

Bonnie Tyler died last week, and so the glorious "Total Eclipse of the Heart, Literal Version" by Persephone Maewyn and dascottjr was making the rounds again, dodging takedowns. (This video is a textbook case of fair use, since not only is it a parody song, but the lyrics are direct commentary on the video itself, I mean come on.) Anyway all extant copies of it are shit quality, so I reconstructed it from the official HD video plus the "literal" audio, and re-built the subtitles by hand. Immediate takedown. I appealed. A week later, some intern or chatbot at BMG said "fuck you no". Now I'm trying to counter-claim.

Anyway, maybe someday you'll get to see this higher quality version of the video. It's still pretty funny. You can go request it on the DNA Pizza music video stream I guess.

What investment gurus get wrong

To see a country’s financial follies, look to its celebrity advisers.