404 Media claims to have identified "the fundamental flaw with the age verification bills and laws" that have already passed in eight state legislatures (with two more taking effect in July): "the delusional, unfounded belief that putting hurdles between people and pornography is going to actually prevent them from viewing porn."

They argue that age verification laws "drag us back to the dark ages of the internet." Slashdot reader samleecole shared this excerpt: What will happen, and is already happening, is that people — including minors — will go to unmoderated, actively harmful alternatives that don't require handing over a government-issued ID to see people have sex. Meanwhile, performers and companies that are trying to do the right thing will suffer....

The legislators passing these bills are doing so under the guise of protecting children, but what's actually happening is a widespread rewiring of the scaffolding of the internet. They ignore long-established legal precedent that has said for years that age verification is unconstitutional, eventually and inevitably reducing everything we see online without impossible privacy hurdles and compromises to that which is not "harmful to minors." The people who live in these states, including the minors the law is allegedly trying to protect, are worse off because of it. So is the rest of the internet.
Yet new legislation is advancing in Kentucky and Nebraska, while the state of Kansas just passed a law which even requires age-verification for viewing "acts of homosexuality," according to a report: Websites can be fined up to $10,000 for each instance a minor accesses their content, and parents are allowed to sue for damages of at least $50,000. This means that the state can "require age verification to access LGBTQ content," according to attorney Alejandra Caraballo, who said on Threads that "Kansas residents may soon need their state IDs" to access material that simply "depicts LGBTQ people."
One newspaper opinion piece argues there's an easier solution: don't buy your children a smartphone: Or we could purchase any of the various software packages that block social media and obscene content from their devices. Or we could allow them to use social media, but limit their screen time. Or we could educate them about the issues that social media causes and simply trust them to make good choices. All of these options would have been denied to us if we lived in a state that passed a strict age verification law. Not only do age verification laws reduce parental freedom, but they also create myriad privacy risks. Requiring platforms to collect government IDs and face scans opens the door to potential exploitation by hackers and enemy governments. The very information intended to protect children could end up in the wrong hands, compromising the privacy and security of millions of users...

Ultimately, age verification laws are a misguided attempt to address the complex issue of underage social media use. Instead of placing undue burdens on users and limiting parental liberty, lawmakers should look for alternative strategies that respect privacy rights while promoting online safety.
This week a trade association for the adult entertainment industry announced plans to petition America's Supreme Court to intervene.

"Several big businesses have published source code that incorporates a software package previously hallucinated by generative AI," the Register reported Thursday

"Not only that but someone, having spotted this reoccurring hallucination, had turned that made-up dependency into a real one, which was subsequently downloaded and installed thousands of times by developers as a result of the AI's bad advice, we've learned." If the package was laced with actual malware, rather than being a benign test, the results could have been disastrous.

According to Bar Lanyado, security researcher at Lasso Security, one of the businesses fooled by AI into incorporating the package is Alibaba, which at the time of writing still includes a pip command to download the Python package huggingface-cli in its GraphTranslator installation instructions. There is a legit huggingface-cli, installed using pip install -U "huggingface_hub[cli]". But the huggingface-cli distributed via the Python Package Index (PyPI) and required by Alibaba's GraphTranslator — installed using pip install huggingface-cli — is fake, imagined by AI and turned real by Lanyado as an experiment.

He created huggingface-cli in December after seeing it repeatedly hallucinated by generative AI; by February this year, Alibaba was referring to it in GraphTranslator's README instructions rather than the real Hugging Face CLI tool... huggingface-cli received more than 15,000 authentic downloads in the three months it has been available... "In addition, we conducted a search on GitHub to determine whether this package was utilized within other companies' repositories," Lanyado said in the write-up for his experiment. "Our findings revealed that several large companies either use or recommend this package in their repositories...."

Lanyado also said that there was a Hugging Face-owned project that incorporated the fake huggingface-cli, but that was removed after he alerted the biz.
"With GPT-4, 24.2 percent of question responses produced hallucinated packages, of which 19.6 percent were repetitive, according to Lanyado..."

Thanks to long-time Slashdot reader schneidafunk for sharing the article.

The Record reports: Ross Anderson, a professor of security engineering at the University of Cambridge who is widely recognized for his contributions to computing, passed away at home on Thursday according to friends and colleagues who have been in touch with his family and the University.

Anderson, who also taught at Edinburgh University, was one of the most respected academic engineers and computer scientists of his generation. His research included machine learning, cryptographic protocols, hardware reverse engineering and breaking ciphers, among other topics. His public achievements include, but are by no means limited to, being awarded the British Computer Society's Lovelace Medal in 2015, and publishing several editions of the Security Engineering textbook.
Anderson's security research made headlines throughout his career, with his name appearing in over a dozen Slashdot stories...

• 2023: Researchers Warn of 'Model Collapse' As AI Trains On AI-Generated Content

• 2021: 'Trojan Source' Bug Threatens the Security of All Code

• 2015: Factory Reset On Millions of Android Devices Doesn't Wipe Storage

• 2012: UK Web Snooping Plan Invades Privacy, Despite Claims To the Contrary

• 2010: Why "Verified By Visa" System Is Insecure

• 2008: Researchers Expose New Credit Card Fraud Risk

• 2006: "Security Engineering" Is Now Online. [The link from that 2006 post still works. Slashdot called Anderson's book "arguably the best information security book ever written" in one of two reviews, published in 2002 and 2010.]

• 2002:Security of Open vs. Closed Source Software.

• 2002: Analyzing Palladium

My favorite story? UK Banks Attempt To Censor Academic Publication.

"Cambridge University has resisted the demands and has sent a response to the bankers explaining why they will keep the page online..."

An anonymous reader shares a report: Mutterings of alarm are emerging from the cloisters of Red Hat after the world's largest management consultancy was hired to help the IBM subsidiary focus engineers on their highest-value work. Red Hat confirmed the partnership with McKinsey & Company to The Reg, sharing this extract from an email from CTO Chris Wright to the Global Engineering Team:

"Hey everyone -- as I mentioned during the recent Q1 All Hands, my goal is to have Global Engineering recognized as the world's greatest open-source software engineering organization. This team is already doing amazing work, and we have several initiatives in progress to help us achieve the goal I've set. One of those is a partnership with McKinsey. The objective of this project is to help us understand and incorporate learnings on working models, development practices, and tooling from across the software industry.

"We've heard your feedback in person, during All Hands, and through RHAS [the annual Red Hat Associate Survey]. This project will help us to identify and remove mundane tasks that drain your energy so that you can focus on the most engaging and highest value work â" to make your job better. The work with McKinsey is one piece of the overall plan to help us become the world's greatest open-source software engineering organization"

An anonymous reader quotes a report from GamingOnLinux: After repeatedly suffering issues with scam apps making it onto the Snap Store, Canonical maker of Ubuntu Linux have now decided to manually look over submissions. I've covered the issues with the Snap Store a few times now like on March 19th when ten scam crypto apps appeared, got taken down and then reappeared under a different publisher. Also earlier back in February there was an issue where a user actually lost their wallet as a result of a fake app. Multiple fake apps were also put up back in October last year as well, so it was a repeating issue that really needed dealing with properly.

So to try and do something about it, Canonical's Holly Hall has posted on their Discourse forum about how "The Store team and other engineering teams within Canonical have been continuously monitoring new snaps that are being registered, to detect potentially malicious actors" and that they will now do manual reviews whenever people try to register "a new snap name." On top of that soon they will also be releasing a new policy regarding "crypto-wallet and other sensitive snaps" with "guidelines for how to publish such a snap." Currently all of this is not supposed to be long-term, as it's an evolving situation.

Lyle Smith reports via StorageReview.com: Proxmox has introduced a new import wizard for Proxmox Virtual Environment (VE), aiming to simplify the migration process for importing VMware ESXi VMs. This new feature comes at an important time in the industry, as it aims to ease the transition for these organizations looking to move away from VMware's vSphere due to high renewal costs.

The new import wizard is integrated into Proxmox VE's existing storage plugin system, allowing for direct integration into the platform's API and web-based user interface. It offers users the ability to import VMware ESXi VMs in their entirety, translating most of the original VM's configuration settings to Proxmox VE's configuration model (all while minimizing downtime). Currently, the import wizard is in a technical preview state, having been added during the Proxmox VE 8.2 development cycle. Although it is still under active development, early reports suggest the wizard is stable and holds considerable promise for future enhancements, including the planned addition of support for other import sources like OVF/OVA files. [...]

This tool represents Proxmox's commitment to providing accessible, open-source virtualization solutions. By leveraging the official ESXi API and implementing a user space filesystem with optimized read-ahead caching in Rust (a safe, fast, and modern programming language ideal for system-level tasks), Proxmox aims to ensure that this new feature can be integrated smoothly into its broader ecosystem.

Apple has sued its former employee Andrew Aude for leaking information about more than a half-dozen Apple products and policies, including its then-unannounced Journal app and Vision Pro headset, product development policies, strategies for regulatory compliance, employee headcounts, and more. MacRumors reports: Aude joined Apple as an iOS software engineer in 2016, shortly after graduating college. He worked on optimizing battery performance, making him "privy to information regarding dozens of Apple's most sensitive projects," according to the complaint. In April 2023, for example, Apple alleges that Aude leaked a list of finalized features for the iPhone's Journal app to a journalist at The Wall Street Journal on a phone call. That same month, The Wall Street Journal's Aaron Tilley published a report titled "Apple Plans iPhone Journaling App in Expansion of Health Initiatives."

Using the encrypted messaging app Signal, Aude is said to have sent "over 1,400" messages to the same journalist, who Aude referred to as "Homeboy." He is also accused of sending "over 10,000 text messages" to another journalist at the website The Information, and he allegedly traveled "across the continent" to meet with her. Other leaks relate to the Vision Pro and other hardware: "As another example, an October 2020 screenshot on Mr. Aude's Apple-issued work iPhone shows that he disclosed Apple's development of products within the spatial computing space to a non-Apple employee. Mr. Aude made this disclosure even though Apple's development efforts were confidential and not known to the public. Over the following months, Mr. Aude disclosed additional Apple confidential information -- including information concerning unannounced products, and hardware information."

Apple believes that Aude's actions were "extensive and purposeful," with Aude allegedly admitting that he leaked information so he could "kill" products and features with which he took issue. The company alleges that his wrongful disclosures resulted in at least five news articles discussing the company's confidential and proprietary information. Apple says these public revelations impeded its ability to "surprise and delight" with its latest products. Apple said it learned of Aude's wrongful disclosures in late 2023, and the company fired him for his alleged misconduct in December of that year. [...] Apple is seeking both compensatory and punitive damages in an amount to be determined at trial, and it is also seeking other legal remedies. The full complaint can be read here (PDF).

An anonymous reader writes: What if you could update the device while it's still in the box? That's the latest plan cooked up by Apple, which is close to rolling out a system that will let Apple Stores wirelessly update new iPhones while they're still in their boxes. The new system is called "Presto." French site iGeneration has the first picture of what this setup looks like. It starts with a clearly Apple-designed silver rack that holds iPhones and has a few lights on the front. The site (through translation) calls the device a "toaster," and yes, it looks like a toaster oven or food heating rack.

Bloomberg's Mark Gurman has been writing about whispers of this project for months, saying in one article that the device can "wirelessly turn on the iPhone, update its software and then power it back down -- all without the phone's packaging ever being opened." In another article, he wrote that the device uses "MagSafe and other wireless technologies." The iGeneration report also mentions that the device uses NFC, and there are "templates" that help with positioning the various-sized iPhone boxes so the NFC and wireless charging will work. With that wireless charging, downloading, and installing, all while being isolated in a cardboard box, Apple's "toaster" probably gets pretty hot.

Steven J. Vaughan-Nichols, writing for ComputerWorld: Essentially, all software is built using open source. By Synopsys' count, 96% of all codebases contain open-source software. Lately, though, there's been a very disturbing trend. A company will make its program using open source, make millions from it, and then -- and only then -- switch licenses, leaving their contributors, customers, and partners in the lurch as they try to grab billions. I'm sick of it. The latest IT melodrama baddie is Redis. Its program, which goes by the same name, is an extremely popular in-memory database. (Unless you're a developer, chances are you've never heard of it.) One recent valuation shows Redis to be worth about $2 billion -- even without an AI play! That, anyone can understand.

What did it do? To quote Redis: "Beginning today, all future versions of Redis will be released with source-available licenses. Starting with Redis 7.4, Redis will be dual-licensed under the Redis Source Available License (RSALv2) and Server Side Public License (SSPLv1). Consequently, Redis will no longer be distributed under the three-clause Berkeley Software Distribution (BSD)." For those of you who aren't open-source licensing experts, this means developers can no longer use Redis' code. Sure, they can look at it, but they can't export, borrow from, or touch it.

Redis pulled this same kind of trick in 2018 with some of its subsidiary code. Now it's done so with the company's crown jewels. Redis is far from the only company to make such a move. Last year, HashiCorp dumped its main program Terraform's Mozilla Public License (MPL) for the Business Source License (BSL) 1.1. Here, the name of the new license game is to prevent anyone from competing with Terraform. Would it surprise you to learn that not long after this, HashiCorp started shopping itself around for a buyer? Before this latest round of license changes, MongoDB and Elastic made similar shifts. Again, you might never have heard of these companies or their programs, but each is worth, at a minimum, hundreds of millions of dollars. And, while you might not know it, if your company uses cloud services behind the scenes, chances are you're using one or more of their programs,

Anthropic's recently released Claude 3 Opus large language model has beaten OpenAI's GPT-4 for the first time on Chatbot Arena, a popular crowdsourced leaderboard used by AI researchers to gauge the relative capabilities of AI language models. A report adds: "The king is dead," tweeted software developer Nick Dobos in a post comparing GPT-4 Turbo and Claude 3 Opus that has been making the rounds on social media. "RIP GPT-4."

Since GPT-4 was included in Chatbot Arena around May 10, 2023 (the leaderboard launched May 3 of that year), variations of GPT-4 have consistently been on the top of the chart until now, so its defeat in the Arena is a notable moment in the relatively short history of AI language models. One of Anthropic's smaller models, Haiku, has also been turning heads with its performance on the leaderboard.

"For the first time, the best available models -- Opus for advanced tasks, Haiku for cost and efficiency -- are from a vendor that isn't OpenAI," independent AI researcher Simon Willison told Ars Technica. "That's reassuring -- we all benefit from a diversity of top vendors in this space. But GPT-4 is over a year old at this point, and it took that year for anyone else to catch up." Chatbot Arena is run by Large Model Systems Organization (LMSYS ORG), a research organization dedicated to open models that operates as a collaboration between students and faculty at University of California, Berkeley, UC San Diego, and Carnegie Mellon University.

An anonymous reader quotes a report from Ars Technica: Oregon Governor Tina Kotek today signed the state's Right to Repair Act, which will push manufacturers to provide more repair options for their products than any other state so far. The law, like those passed in New York, California, and Minnesota, will require many manufacturers to provide the same parts, tools, and documentation to individuals and repair shops that they provide to their own repair teams. But Oregon's bill goes further, preventing companies from implementing schemes that require parts to be verified through encrypted software checks before they will function. Known as parts pairing or serialization, Oregon's bill, SB 1596, is the first in the nation to target that practice. Oregon State Senator Janeen Sollman (D) and Representative Courtney Neron (D) sponsored and pushed the bill in the state senate and legislature.

Oregon's bill isn't stronger in every regard. For one, there is no set number of years for a manufacturer to support a device with repair support. Parts pairing is prohibited only on devices sold in 2025 and later. And there are carve-outs for certain kinds of electronics and devices, including video game consoles, medical devices, HVAC systems, motor vehicles, and -- as with other states -- "electric toothbrushes." "By eliminating manufacturer restrictions, the Right to Repair will make it easier for Oregonians to keep their personal electronics running," said Charlie Fisher, director of Oregon's chapter of the Public Interest Research Group (PIRG), in a statement. "That will conserve precious natural resources and prevent waste. It's a refreshing alternative to a 'throwaway' system that treats everything as disposable."

The U.S. Air Force paid for a test version of an AI-powered chatbot to assist in intelligence and surveillance tasks as part of a $1.2 million deal, according to internal Air Force documents obtained by 404 Media. From the report: The news provides more insight into what military agencies are currently exploring using AI for, and comes as more AI companies eye the military space as a business opportunity. OpenAI, for instance, quietly removed language that expressly prohibited its technology for military purposes in January. "Edge Al Platform for Space and Unmanned Aerial Imagery Intelligence," a section of one of the documents reads. The contract is between the Air Force and a company called Misram LLC, which also operates under the name Spectronn.

Included in a "milestone schedule" explaining the specifics of the deal are the items "ISR chatbot design" and "ISR chatbot software." ISR refers to intelligence, surveillance, and reconnaissance, a common military term. Other items in the schedule include "data ingestion tool" and "data visualization tool." 404 Media obtained the documents through a Freedom of Information Act (FOIA) request with the Air Force. On its website, Spectronn advertises an "AI Digital Assistant for Analytics." It says the bot can take data such as images and videos, and then answer plain English questions about that information. "Current analytics dashboard solutions are complex and not human-friendly. It leads to severe latency (from hours to days), cognitive load on the data analyst, false alarms, and frustrated decision makers or end-users," it reads.

An anonymous reader shares a report:Intel, Microsoft, Qualcomm, and AMD have all been pushing the idea of an "AI PC" for months now as we head toward more AI-powered features in Windows. While we're still waiting to hear the finer details from Microsoft on its big plans for AI in Windows, Intel has started sharing Microsoft's requirements for OEMs to build an AI PC -- and one of the main ones is that an AI PC must have Microsoft's Copilot key. Microsoft wants its OEM partners to provide a combination of hardware and software for its idea of an AI PC. That includes a system that comes with a Neural Processing Unit (NPU), the latest CPUs and GPUs, and access to Copilot. It will also need to have the new Copilot key that Microsoft announced earlier this year.

This requirement means that some laptops, like Asus' new ROG Zephyrus, have already shipped with Intel's new Core Ultra chips and aren't technically AI PCs in the eyes of Microsoft's strict requirements because they don't have a Copilot key. But they're still AI PCs in Intel's eyes. "Our joint aligned definition, Intel and Microsoft, we've aligned on Core Ultra, Copilot, and Copilot key," explains Todd Lewellen, head of the PC ecosystem at Intel, in a press briefing with The Verge. "From an Intel perspective our AI PC has Core Ultra and it has an integrated NPU because it is unlocking all kinds of new capabilities and functions in the AI space. We have great alignment with Microsoft, but there are going to be some systems out there that may not have the physical key on it but it does have our integrated NPU."

Tech companies are serving up million-dollar-a-year compensation packages, accelerated stock-vesting schedules and offers to poach entire engineering teams to draw people with expertise and experience in the kind of generative AI that is powering ChatGPT and other humanlike bots. They are competing against each other and against startups vying to be the next big thing to unseat the giants. From a report: The offers stand out even by the industry's relatively lavish past standards of outsize pay and perks. And the current AI talent shortage stands out for another reason: It is happening as layoffs are continuing in other areas of tech and as companies have been reallocating resources to invest more in covering the enormous cost of developing AI technology.

"There is a secular shift in what talents we're going after," says Naveen Rao, head of Generative AI at Databricks. "We have a glut of people on one side and a shortage on the other." Databricks, a data storage and management startup, doesn't have a problem finding software engineers. But when it comes to candidates who have trained large language models, or LLMs, from scratch or can help solve vexing problems in AI, such as hallucinations, Rao says there might be only a couple of hundred people out there who are qualified.

Some of these hard-to-find, tier-one candidates can easily get total compensation packages of $1 million a year or more. Salespeople in AI are also in demand and hard to find. Selling at the beginning of a technology transition when things are changing rapidly requires a different skill set and depth of knowledge. Candidates with those skills are making around double what an enterprise software salesperson would. But that isn't the norm for most people working in AI, Rao says. For managerial roles in AI and machine learning, base-pay increases ranged from 5% to 11% from April 2022 to April 2023, according to a WTW survey of more than 1,500 employers. The base-pay increases of nonmanagerial roles ranged from 13% to 19% during the same period.

Britain's government has been urged to provide more support for the software industry with measures including tax incentives and talent visas. From a report: More than 120 industry leaders have called for government intervention to improve conditions for European software companies. Europe has long struggled to scale up homegrown tech companies as successfully as the U.S., with many startups forced to seek investment abroad as they scale up.

A new policy document -- published by industry body Boardwave and seen by Reuters -- highlights what it calls Europe's "dreadful" track record of scaling software companies, with one recent study showing only one software-focused firm, Sage, counted among Britain's top 100 publicly-traded businesses, compared to dozens in the U.S. Phill Robinson, Boardwave founder and a former executive at software giant Salesfore, shared the report with Britain's technology minister Michele Donelan last week, warning that mid-sized software companies had received little government attention compared to Big Tech firms and buzzy venture-funded startups.

Web-based design platform Canva has acquired the Affinity creative software suite for an undisclosed sum, though Bloomberg reports that it's valued at "several hundred million [British] pounds." The Verge reports that the acquisition helps the company "[position] itself as a challenger to Adobe's grip over the digital design industry." From the report: Canva announced the deal on Tuesday, which gives the company ownership over Affinity Designer, Photo, and Publisher -- three popular creative applications for Windows, Mac, and iPad that provide similar features to Adobe's Illustrator, Photoshop, and InDesign software, respectively. [T]he acquisition makes sense as the Australian-based company tries to attract more creative professionals. As of January this year, Canva's design platform attracted around 170 million monthly global users. That's a lot of people who probably aren't using equivalent Adobe software like Express, but unlike Adobe, Canva doesn't have its own design applications that target creative professionals like illustrators, photographers, and video editors.

Affinity apps are used by over three million global users according to Canva -- that's a fraction of Adobe's user base, but Affinity shouldn't be underestimated here. The decision to make its Affinity applications a one-time-purchase with no ongoing subscription fees has earned it a loyal fanbase, especially with creatives who are actively looking for alternatives to Adobe's subscription-based design ecosystem. In an interview with the Sydney Morning Herald, Canva co-founder Cameron Adams said that Affinity applications will remain separate from Canva's platform, but that some small integrations should be expected over time. "Our product teams have already started chatting and we have some immediate plans for lightweight integration, but we think the products themselves will always be separate," said Adams.

Apple today announced that its 35th annual Worldwide Developers Conference (WWDC) is set to take place June 10 through 14, 2024. It'll be an online event open to all developers at no cost. MacRumors reports: Apple will hold a WWDC 2024 keynote event on Monday, June 10 to show off iOS 18, iPadOS 18, tvOS 18, macOS 15, watchOS 11, and visionOS 2. The keynote event will be available on the Apple Developer app, the Apple website, and YouTube, with Apple also planning to share videos and information all week long.

Though WWDC 2024 is an online event, Apple is once again planning a special event for select developers and students, which is set to take place on June 10 at the Apple Park campus in Cupertino, California. Attendees will be able to watch the keynote and State of the Union presentations at Apple Park, as well as meet Apple employees and attend the Apple Design Awards. Apple will provide developers with additional information about WWDC 2024 through email, the Apple Developer app, and the Apple Developer website.

BrianFagioli shares a report from BetaNews: Canonical, the company behind the popular Ubuntu operating system, has announced a significant extension to the support lifecycle of its long-term support (LTS) releases. The new paid Legacy Support add-on for Ubuntu Pro subscribers will now provide security maintenance and support for an impressive 12 years, extending the previous 10-year commitment. This enhancement is available starting with Ubuntu 14.04 LTS and will benefit both enterprises and individual users who rely on the stability and security of Ubuntu for their critical systems. By default, Ubuntu LTS releases receive five years of standard security maintenance. However, with Ubuntu Pro, this is expanded to 10 years for both the main and universe repositories, offering access to a broader range of secure open-source software.

The Legacy Support add-on further extends this period by an additional two years, ensuring that organizations can maintain their systems with the latest security patches and support services without the immediate need to upgrade to a newer OS version. This is particularly beneficial for large, established production systems where transitioning to a new OS can be a complex and risky endeavor due to the potential need to update the entire software stack. The extended support includes continuous vulnerability management for critical, high, and medium Common Vulnerabilities and Exposures (CVEs) across all software packages shipped with Ubuntu. Canonical's security team actively backports crucial fixes to all supported Ubuntu LTS releases, providing peace of mind to users and enterprises. In addition to security maintenance, the Legacy Support add-on also offers phone and ticket support, enhancing Canonical's commitment to assisting customers with troubleshooting, break fixes, bug fixes, and guidance.

China has introduced new guidelines that will mean US microprocessors from Intel and AMD are phased out of government PCs and servers [Editor's note: the link may be paywalled; non-paywalled source], as Beijing ramps up a campaign to replace foreign technology with homegrown solutions. From a report: The stricter government procurement guidance also seeks to sideline Microsoft's Windows operating system and foreign-made database software in favour of domestic options. It runs alongside a parallel localisation drive under way in state-owned enterprises. The latest purchasing rules represent China's most significant step yet to build up domestic substitutes for foreign technology and echo moves in the US as tensions increase between the two countries. Washington has imposed sanctions on a growing number of Chinese companies on national security grounds, legislated to encourage more tech to be produced in the US and blocked exports of advanced chips and related tools to China.

An anonymous reader shares a report: Nvidia earned its $2.2 trillion market cap by producing AI chips that have become the lifeblood powering the new era of generative AI developers from startups to Microsoft, OpenAI and Google parent Alphabet. Almost as important to its hardware is the company's nearly 20 years' worth of computer code, which helps make competition with the company nearly impossible. More than 4 million global developers rely on Nvidia's CUDA software platform to build AI and other apps. Now a coalition of tech companies that includes Qualcomm, Google and Intel, plans to loosen Nvidia's chokehold by going after the chip giant's secret weapon: the software that keeps developers tied to Nvidia chips.

They are part of an expanding group of financiers and companies hacking away at Nvidia's dominance in AI. "We're actually showing developers how you migrate out from an Nvidia platform," Vinesh Sukumar, Qualcomm's head of AI and machine learning, said in an interview with Reuters. Starting with a piece of technology developed by Intel called OneAPI, the UXL Foundation, a consortium of tech companies, plans to build a suite of software and tools that will be able to power multiple types of AI accelerator chips, executives involved with the group told Reuters. The open-source project aims to make computer code run on any machine, regardless of what chip and hardware powers it.

"It's about specifically - in the context of machine learning frameworks - how do we create an open ecosystem, and promote productivity and choice in hardware," Google's director and chief technologist of high-performance computing, Bill Hugo, told Reuters in an interview. Google is one of the founding members of UXL and helps determine the technical direction of the project, Hugo said. UXL's technical steering committee is preparing to nail down technical specifications in the first half of this year. Engineers plan to refine the technical details to a "mature" state by the end of the year, executives said. These executives stressed the need to build a solid foundation to include contributions from multiple companies that can also be deployed on any chip or hardware.