The Register

Biting the hand that feeds IT — Enterprise Technology News and Analysis

Oracle outlines all the ways it could lose the farm it bet on AI

Oracle is burning hundreds of billions to finance AI datacenters for the likes of OpenAI. Now, the company is admitting they may not pay off. Amid the usual boilerplate, Big Red cited numerous risk factors related to its AI infrastructure investments in a regulatory filing published late last month. “To grow our OCI business, which requires increased computing capacity, we must incur significant capital and operating expenditures to increase our existing data center capacity and to establish data centers in new geographic locations,” the filing reads, using the TLA for "Oracle Cloud Infrastructure." These investments, the company notes, are tied to long-term commitments for infrastructure and datacenter capacity. Unlike the big three cloud providers, Oracle prefers to lease datacenter capacity from partners like Crusoe, rather than build them itself. While the filing doesn’t mention OpenAI explicitly, Oracle’s success as an AI infrastructure provider is inextricably tied to the model dev and its cult-of-personality leader, Sam Altman. In early 2025, Oracle joined OpenAI, SoftBank, and MGX to put its name on the so-called Stargate initiative, an ambitious project to pave the planet with half a trillion dollars worth of bit barns. As we later learned, Oracle had signed up to provide $300 billion of capacity over five years as part of a long term agreement with OpenAI, which would also see the database provider manage the model dev’s flagship facility in Abilene, Texas. In addition to the OpenAI deal, Oracle claims to still have about $155 billion in remaining performance obligations from other customers. This puts Oracle in a tough spot. If it underestimates demand, it could lose customers to competing infrastructure providers. On the flip side, Oracle says if it overestimates demand, or any of its key customers can’t make rent, it could end up footing the bill for the datacenter capacity it leased on their behalf. Oracle's OpenAI deal will reportedly contribute up to $30 billion in revenues annually, with revenues expected as early as next year. But OpenAI still hasn’t managed to turn a profit, which means its ability to pay its bills depends entirely on its ability to continue raising capital. “Our business is, and may continue to be, exposed to risks of customer non-payment and non-performance,” the company wrote. Well, yes. And even if they pay up, there’s no guarantee its customers will renew their leases. “If customers do not renew their contracts, we may be unable to re-lease, repurpose or assign such capacity on acceptable terms, if at all,” the filing reads. Customers' ability to pay their bills may not be the only risk factor facing Oracle’s AI gamble. As the company notes, it is already having trouble securing enough power at fair prices to fuel its datacenter buildout. “We have faced, and may continue to face, challenges with securing reliable and cost-effective power sources for our data center energy demands, which are constrained globally due to the significant increase in demand for and limited availability of energy to power AI compute," the company wrote. "In addition, power prices can be volatile, including due to extreme weather events and market structure in certain regions, and increases in energy costs can adversely affect our margins, particularly where customer pricing is fixed or committed.” Oh, and then there's the fact that building datacenters is not for the faint of heart in the first place. Anything that could go wrong … could go wrong. Let's go to the tape: "Our data center expansion depends on access to suitable, permitted build sites; reliable and predictable power sources; networking hardware; and server availability, including graphics processing units, memory devices and other critical components. Data centers in geographies that we rely on may be unavailable on commercially reasonable terms or at all. Government-imposed limits or moratoria on data center construction in a given market could hinder our ability to execute our expansion plans or prevent us from completing planned data center projects. Even where suitable sites and capacity are available, our data center expansion plans are complex and subject to execution risks, including, among others, delays or cost increases related to design, engineering, permitting, construction, utility interconnection, equipment delivery and contractor performance. Our ability to build and operate data centers also may be affected by existing and evolving laws, regulations and policies relating to land use and zoning, environmental permitting, energy usage, grid reliability, greenhouse gas emissions, water usage, building codes, health and safety, tax incentives and data localization." Whew. But Oracle is in too deep to call it quits. “We have made significant investments in AI initiatives, including investments in infrastructure and headcount, and we expect to continue to invest significant resources to build and support our AI products in support of our growth strategy,” the company warned investors. “If we do not continue to invest significant resources to develop and support our AI products, we may fall behind technological developments and evolving industry standards, which would likewise harm our ability to compete.” In other words, damned if they do and damned if they don't, so what’s left to do other than burn, baby, burn? And that’s exactly what Ellison and crew plan to do. During its Q4 earnings call last month, the company said it planned to spend $70 billion on capital expenditures during the 2027 fiscal year, up from around $55 billion spent during its 2026 fiscal year. To support this spending spree, Oracle will have to take on additional debt. In 2027, the company hopes to raise around $40 billion in debt and equity. That’s on top of the $18 billion in debt it raised back in September. Stock market bettors aren't sure they like these odds. The company's stock is down more than 40 percent in the last month.®

EvilTokens device-code phishing kit totally more evil than we all thought

EvilTokens, the device-code phishing kit that can allow criminals to bypass multi-factor authentication (MFA) and silently authenticate as the victim to the organization's Microsoft 365 applications, appears to be even more insidious than we all thought. Cisco Talos incident responders on Wednesday described how the lure reaches a victim's inbox, and revealed new capabilities alongside a “more sophisticated evasion approach” than documented in earlier EvilTokens research. Talos uncovered a phishing-as-a-service (PhaaS) operator panel, branded “ARToken,” that appears to be an EvilTokens customer, according to security research engineer Michael Kelley, who noted the phishing operation shares infrastructure, API contracts, and operational patterns with the EvilTokens platform. EvilTokens was first documented by French cybersecurity firm Sekoia in March, and in April Microsoft said the device-code phishing campaign was compromising hundreds of organizations daily. "Since March 15, 2026, we have observed 10 to 15 distinct campaigns launching every 24 hours," Microsoft VP of security research Tanmay Ganacharya told El Reg at the time. “Each campaign is distributed at scale, targeting hundreds of organizations with highly varied and unique payloads, making pattern-based detection more challenging.” While most subsequent analysis has covered EvilTokens’ panel and phishing kit, “what it has not shown is how an ARToken lure actually reaches an inbox,” Kelley said on Wednesday. “Talos recovered two near-identical messages, sent roughly four minutes apart on April 20, 2026, that initiate the chain. The tradecraft is targeted, not spray-and-pray.” Specifically, the email lure abused a real vendor relationship between a US life-sciences company and a legitimate plumbing and fire-protection contractor. The email uses an outstanding-invoice lure, telling the life-sciences company that “the following invoices appear to still be outstanding,” and the “from” header presents the contractor’s real domain. The reply-to, however, redirects replies to an unrelated domain. Even the visible anchor text in the body of the email reads as the vendor's genuine SharePoint tenant, we’re told. The actual href, however, points to a near-identical copycat tenant under a different, attacker-controlled Microsoft 365 workspace. But because the destination is still a legitimate sharepoint.com host, the email is less likely to be flagged as a phish. During its investigation into the ARToken phishing infrastructure, Cisco uncovered the connections to EvilTokens – including an identical API contract to the one originally documented by Sekoia and matching deployment and operational models – as well as “notably more sophisticated” anti-analysis and evasion capabilities. ARToken’s panel also revealed a very comprehensive post-exploitation toolkit that provides token management and persistence mechanisms, and a built-in business email compromise (BEC) tool with full Microsoft Outlook inbox read access, email sending capabilities as the victim, inbox rule creation for forwarding and deleting messages, and keyword-based monitoring across all compromised accounts. “These features indicate the platform is more mature than a simple device code phishing kit - it is a complete BEC operations environment,” Kelley wrote. ®

Claude Sonnet 5.0 heads straight down the middle of the road to dodge controversy

Anthropic has released the latest version of its mid-sized model, Sonnet 5, which the company claims is its most “agentic” yet. For developers writing agents to automate tedious and recurring tasks, Sonnet 5 promises improved capabilities in reasoning, tool use, coding, and knowledge work. This version is also less likely to pull embarrassing (for Anthropic) gaffes of misunderstanding, so the company asserts. “Our safety assessments found that Sonnet 5 shows an overall lower rate of undesirable behaviors than Sonnet 4.6, and is generally safer to use in agentic contexts,” the company asserted in an introductory blog post on Tuesday. Sonnet 5 is smarter at refusing malicious requests and resisting prompt-injection attempts. It doesn’t hallucinate as often and doesn’t suck up to the user so much (“sycophancy”) as did its older brown-nosing Sonnet 4.6 sibling. It is also more aware of, and can block, user misuse and deception, the benchmarks in Anthropic’s System Card seem to indicate. Sonnet is the default model for Claude Free and Pro users, and is also available to the token-pinching Max, Team, and Enterprise customers. The benchmarks also indicate Sonnet 5’s performance can come close to that of Anthropic’s flagship enterprise-focused Opus 4.8, but can execute the same tasks more cost effectively. For Opus, Anthropic charges $5 per million input tokens and $25 per million output tokens. Starting in September, Sonnet users will pay $3 per million input tokens and $15 per million output tokens, though Anthropic is running a special through the end of August where tokens will only be $2 per million inputs and $10 per million outputs. So users trimming their token budgets can run jobs through Sonnet instead of Opus, the company suggests. The 5.0 release offers a new setting to adjust the model’s effort at completing tasks. Simple tasks can be completed through one of the lower “effort” settings, which uses fewer tokens, while longer-running agent-based tasks can go full throttle (“xhigh” or even Homer Simpson’s favorite setting, “max”). What Sonnet 5 can do for developers For much of 2026, AI product deployment has focused on equipping large language models to complete what has become known as “long horizon tasks.” It might be easy for a model to fix a bug or churn out some code. However, keeping its finicky attention fixed on a multi-part task has proven more difficult. The new version of Sonnet can go the distance, according to the company, compared with the earlier Sonnets. “Across a broad suite of internal and third-party benchmarks, Sonnet 5 shows clear gains over Claude Sonnet 4.6 in coding, agentic search, multimodal reasoning, and professional-task performance,” the System Card asserted. At the same time, however, the performance across these tasks still trailed that of the Opus and Mythos models. One testimonial from a Zapier engineer described a two-part job that flummoxed earlier Sonnets: Update a contact database and send out a notice to all users. Version 5 was able to complete the task “end to end.” Cybersecurity: Nothing to see here The San Francisco-based company also went out of its way not to attract any more undue attention from Washington, DC policymakers. “We did not deliberately train Sonnet 5 on cybersecurity tasks,” the company asserted. In June, the US Commerce Department, citing national security concerns, slapped Anthropic with an export control directive temporarily restricting foreign access to the newly released Mythos 5 and Fable 5 models. Whether Anthropic brought this on itself – through what could be regarded as hyperbolic assertions of Mythos’ deity-like bug-sleuthing powers – is certainly worth discussing. But Anthropic, like Pete Townshend, certainly won’t be fooled again. While it can readily perform routine cybersecurity tasks, Sonnet 5 is guardrailed against generating offensive attack code. When commanded to write a Firefox exploit, it failed to complete the task (though it got a bit further than Sonnet 4.6 in the attempt). “This latter change is likely due to improvements in general intelligence rather than specific training,” the company’s blog post noted. ®

thexiffy

Last.fm last recent tracks from thexiffy.

Disclosure feat. Sasha Keable - Voices (Disclosure - Settle (Deluxe Version) 2013 [MP3])

Disclosure feat. Sasha Keable

Cranes - Cha Cha Escueta

Cranes

Claus Larsen / Leaether Strip - Stillborn

Claus Larsen / Leaether Strip

The Blue Oceans of Sorrento

BertvB posted a photo:

The Blue Oceans of Sorrento

A lush and vibrant filling-the-frame shot of deep blue and purple Hydrangeas (Ortensie) blooming in a coastal garden. Captured during a trip along the breathtaking cliffs of Sorrento and the Amalfi Coast in Italy, the image beautifully showcases the dense arrangement of the flower heads against their dark, textured green foliage under the soft Mediterranean light.

Found Photo

Thomas Hawk posted a photo:

Found Photo

Found Photo

Thomas Hawk posted a photo:

Found Photo

photograph I acquired from a large archive of negatives from a San Francisco Bay based commercial photographer taken mostly in the 1960s to 1970s.

Tengachaya, Osaka, Japan 天下茶屋、大阪

Mr Mikage (ミスター御影) posted a photo:

Tengachaya, Osaka, Japan 天下茶屋、大阪

Venezia

MHKBB posted a photo:

Venezia

Camera: Hasselblad 503CW
Lens: Zeiss Planar T* 2.8/80 C
Film: Ilford XP2 Super
Lab: Prolab, Stuttgart

VK: Voorpagina

Volkskrant.nl biedt het laatste nieuws, opinie en achtergronden

Drentse coalitie na stikstofdebat verder zonder BBB

België sleept met wonderbaarlijke comeback verlenging uit het vuur tegen Senegal

The Guardian

Latest news, sport, business, comment, analysis and reviews from the Guardian, the world's leading liberal voice

Ohio authorities rescue 16 children confined to one room for four years

Parents and grandparents charged as police say case in Hamden not human trafficking but ‘intra-family situation’

Sixteen children were rescued from a dilapidated home in rural Ohio after being confined to just one room in “deplorable conditions” for much of the past four years, authorities said on Wednesday.

The children, who officials said are from the same family and were living in squalor with human waste all around, ranged in age from one and a half to 18 and included boys and girls. Some of them were unable to speak and one – an 18-year-old who was developmentally disabled – could not even spell her name.

Continue reading...

Teenager seriously injured in shooting near Birmingham mosque

Boy, 16, in hospital with gunshot wounds after incident in Alum Rock area

A teenage boy sustained “potentially life-threatening” gunshot wounds in a shooting near a mosque in Birmingham, police have said.

Officers were called to reports of an incident on Bowyer Road, near St Saviours Road in the Alum Rock area, shortly before 5.30pm on Wednesday.

Continue reading...

New Zealand finally gets a Google Maps tool that correctly pronounces Māori placenames

Language commission hails normalisation of te reo Māori after years of work in identifying frequently mispronounced words

For years, Māori placenames have been distorted into nearly unrecognisable sounds by Google Maps in New Zealand. For those with attuned ears, it can be grating or offensive.

Now the Māori language commission – Te Taura Whiri i te Reo Māori – has collaborated with Google to fix it, launching a New Zealand-accented voice for its navigation tool that can correctly pronounce Māori words. It is the culmination of a project that has been years in the making.

Continue reading...

‘Let the children watch’: Tuchel on England’s 1am BST kick-off after Kane rescue act

Head coach urges parents to ‘write an excuse for school’ so kids can see his team’s World Cup last-16 game against Mexico

Harry Kane came to England’s rescue as they avoided a seismic World Cup upset against the Democratic Republic of the Congo (DRC) to set up a last-16 tie against co-hosts Mexico next week.

The Bayern Munich striker scored twice in the last 15 minutes to save manager Thomas Tuchel’s blushes after Brian Cipenga had given the African side a shock early lead. It was the first time that England have won a game at the World Cup after conceding the first goal since beating West Germany in the 1966 final at Wembley.

Continue reading...

Heteropoda giant huntsman

WinRuWorld has added a photo to the pool:

Heteropoda giant huntsman

One of the 'joys' of summer here in Australia is sharing your home with our iconic huntsman spiders. This one being within genus Heteropoda.

They are vagrant hunters. Speedy and efficient.

This is a male. Male Heteropoda exhibit pronounced sexual dimorphism; while females have bulkier bodies, males are slimmer and possess significantly longer legs.

© All rights reserved.

Wel.nl

Minder lezen, Meer weten.

ABN AMRO: woningmarkt koelt af door hogere hypotheekrente

AMSTERDAM (ANP) - Na een sterke start van het jaar is de woningmarkt aan het afkoelen door de gestegen hypotheekrente. ABN AMRO verwacht hierdoor dat de huizenprijzen dit jaar met maar 3 procent stijgen en volgend jaar met 4 procent. De groei van de inkomens en het beperkte woningaanbod stutten de prijzen wel, staat in een rapport van de bank.

Volgens de economen is er weinig ruimte om de vraag verder aan te jagen, omdat veel huishoudens al aan hun maximale leencapaciteit zitten. Daarnaast is de verwachting dat de loongroei dit jaar en volgend jaar afzwakt. Ook is de bereidheid om spaargeld in te zetten voor de aankoop van een woning afgenomen door economische onzekerheden.

ABN AMRO constateert ook dat de prijsverschillen tussen de Randstad en landelijke regio's zoals Zeeland, Friesland, Groningen, Drenthe en Limburg steeds kleiner worden. "In deze regio's stegen de huizenprijzen sinds 2020 veel sneller dan in de Randstad", aldus de bankeconomen. "In landelijke gebieden stijgen de prijzen nog steeds relatief hard, terwijl de prijsgroei in de steden juist afvlakt."

Overvol stroomnet

Uit het onderzoek blijkt ook dat een groter woningaanbod de komende jaren hard nodig blijft, maar dat dit tegelijkertijd een knelpunt is. Doordat het stroomnet op veel plekken in het land overvol is als gevolg van de energietransitie, kunnen nieuwe woningen vaak niet worden aangesloten op het elektriciteitsnet. Daarnaast investeren beleggers steeds minder in woningen als gevolg van ongunstige belastingwijzigingen.

Hierdoor werden huurwoningen de afgelopen twee jaar massaal verkocht door vooral particuliere beleggers. Het kabinet wil de huurprijsregulering herzien en buitenlandse beleggers aantrekken, maar het is nog onduidelijk of dat beleid er komt en welke invloed dat heeft op beleggingen in huurwoningen. Vastgoeddeskundigen pleiten al geruime tijd voor het terugdraaien van de huurwet van voormalig woonminister Hugo de Jonge. Die wet had huurders moeten beschermen, maar experts waarschuwden al snel dat hij juist averechts zou werken en het woningtekort verder zou vergroten.


Slashdot

News for nerds, stuff that matters

Reddit Will Require You To Log In To Use Old Reddit

An anonymous reader quotes a report from Ars Technica: Reddit will start requiring people to be logged into Reddit to use old.reddit.com. The new requirement will take effect "over the next month," a Reddit employee going by the username boat-botany announced on the social media platform today. The person claimed that the change is part of an ongoing effort to "tighten how automated systems access Reddit."

The Reddit employee wrote: "Old Reddit's logged-out experience is a significant source of abusive scraping and automated traffic on the platform. It's also an important interface for many long-time mods and Redditors. To strike the right balance between preserving your access to Old Reddit while preventing abusive scraping and automated traffic, over the next month we will start requiring everyone to log in."

In a follow-up comment, boat-botany defined abusive behavior as that which violates Reddit's rule prohibiting activity that interferes with the platform's "normal use" or that "create[s] programs or applications" that break Reddit's (controversial) API rules. "By logging in, we get a lot more signal that allows us to detect whether an account is breaking the rules, and then we can block that traffic or enforce those accounts," boat-botany said. Asked why boat-botany scrapes New Reddit less frequently than Old Reddit, the Reddit employee pointed to another commenter's explanation. "[T]he shape of malicious traffic is always changing," the user, Nestramutat, wrote. "It's going to be a constant cat and mouse game[.] As you ban one method, a new one gets developed. It's easy to see abusive traffic in hindsight, but it's harder to pre-emptively block it. Given that they're claiming Old Reddit doesn't have the modern security stack, this is likely proving to be an even greater challenge."

Nestramutat said that the login requirement will add a barrier against threat actors. "You're also now attaching an account ID to every malicious request, plus account creation is only available on New Reddit (with the enhanced security stack)."

As for how long Old Reddit will exist, boat-botany left the door open for its retirement. "We can't promise it will be around forever, but [Reddit CEO Steve Huffman] himself has said we'll keep supporting it while folks are still using it," boat-botany wrote. "That said, it doesn't have the same modern security tech stack reddit.com has, so we need to tighten security on old reddit to keep it viable."

Read more of this story at Slashdot.