An anonymous reader quotes a report from SecurityWeek: Hundreds of printer models from Brother and other vendors are impacted by potentially serious vulnerabilities discovered by researchers at Rapid7. The cybersecurity firm revealed on Wednesday that its researchers identified eight vulnerabilities affecting multifunction printers made by Brother. The security holes have been found to impact 689 printer, scanner and label maker models from Brother, and some or all of the flaws also affect 46 Fujifilm Business Innovation, five Ricoh, six Konica Minolta, and two Toshiba printers. Overall, millions of enterprise and home printers are believed to be exposed to hacker attacks due to these vulnerabilities.

The most serious of the flaws, tracked as CVE-2024-51978 and with a severity rating of 'critical', can allow a remote and unauthenticated attacker to bypass authentication by obtaining the device's default administrator password. CVE-2024-51978 can be chained with an information disclosure vulnerability tracked as CVE-2024-51977, which can be exploited to obtain a device's serial number. This serial number is needed to generate the default admin password. "This is due to the discovery of the default password generation procedure used by Brother devices," Rapid7 explained. "This procedure transforms a serial number into a default password. Affected devices have their default password set, based on each device's unique serial number, during the manufacturing process."

Having the admin password enables an attacker to reconfigure the device or abuse functionality intended for authenticated users. The remaining vulnerabilities, which have severity ratings of 'medium' and 'high', can be exploited for DoS attacks, forcing the printer to open a TCP connection, obtain the password of a configured external service, trigger a stack overflow, and perform arbitrary HTTP requests. Six of the eight vulnerabilities found by Rapid7 can be exploited without authentication. Brother has patched most of the flaws, but CVE-2024-51978 requires a new manufacturing process to fully resolve, which will apply only to future devices.

[ Read more of this story ]( https://hardware.slashdot.org/story/25/06/26/2351234/brother-printer-bug-in-689-models-exposes-millions-to-hacking?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

36% of all Chinese undergraduate entrants -- about 1.6 million people -- selected engineering degrees in 2022 (the latest year for which data are available), up from 32% in 2010, according to data from China's Ministry of Education. In Britain and America, which have far fewer students to start with, the proportion hovers around 5%.

The surge comes as China's government directs universities to focus on strategic industries and technological bottlenecks. Over 600 Chinese universities now offer undergraduate programs in artificial intelligence, a field the Communist Party vows to dominate by 2030. In 2023, officials started telling universities to overhaul their degree programs, and the education ministry announced an "emergency mechanism" to create degrees more quickly to meet "national priorities." Over half of China's young people now complete some form of higher education through 3,000-odd institutions. Youth unemployment reached 14.9% in May, driving students toward technical fields they believe offer better job prospects.

[ Read more of this story ]( https://news.slashdot.org/story/25/06/27/1340213/36-of-chinese-undergraduates-choose-engineering-compared-to-5-in-us-and-uk?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Eight nations have surpassed 50% IPv6 deployment since June 2024, bringing the total number of countries in the majority IPv6 club to 21, according to the Internet Society. Brazil, Guatemala, Hungary, Japan, Mexico, Puerto Rico, Sri Lanka, and Tuvalu all crossed the threshold over the past year.

Tuvalu's adoption coincided with the arrival of Elon Musk's Starlink satellite broadband service, which operates as IPv6-only. The Internet Society's Pulse platform found no IPv6 deployment in the Pacific nation in June 2024, but Starlink now holds 88% market share there and 59% of Tuvalu's internet connections use IPv6.

France moved from third place to tie with India for the global lead at 73% IPv6 deployment. Japan rebounded from 49% to 55%, returning to the 50% club after dropping below the mark in mid-2024. Puerto Rico climbed from 49% to 53%. Thailand appears positioned to join next at 49% deployment, followed by Estonia at 46% and the United Kingdom at 45%.

[ Read more of this story ]( https://tech.slashdot.org/story/25/06/27/0637210/starlink-helps-eight-more-nations-pass-50-ipv6-adoption?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

A new study challenges previous research about which sleep stages help people achieve breakthrough moments in problem-solving. Researchers found that N2 sleep, a deeper stage of non-REM sleep, significantly increased participants' likelihood of experiencing sudden insights during a perceptual task. The preregistered study involved 90 participants who performed a visual pattern recognition task before and after a 20-minute daytime nap while researchers monitored their brain activity with EEG.

Participants who reached N2 sleep showed an 85.7% rate of achieving insights about a hidden strategy in the task, compared to 63.6% for those who only reached N1 sleep (the first stage of non-rapid eye movement sleep) and 55.5% for participants who remained awake. The findings contradict earlier work by Lacaux and colleagues, which suggested that lighter N1 sleep promoted insight while deeper sleep hindered it.

News coverage: Stuck on a problem? Take a nap!

[ Read more of this story ]( https://science.slashdot.org/story/25/06/27/0724231/deeper-sleep-stages-boost-problem-solving-insights-study-finds?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

theodp writes: FWD.us, the immigration and criminal justice-focused nonprofit of Meta CEO Mark Zuckerberg -- the world's third richest person, according to Forbes with an estimated $250B net worth -- has released a new research report warning that announced immigration policies will hurt American families, who can't afford it with their meager savings.

The report begins: "Inflation remains a top concern for the majority of Americans. But new immigration policies announced by President Trump, and already underway, such as revoking immigrant work permits, deporting millions of people, and limiting legal immigration, would directly undermine the goal to level out, or even lower, the costs of everyday and essential goods and services. In fact, all Americans, particularly working-class families, are about to unnecessarily see prices for goods and services like food and housing increase substantially again, above and beyond other economic policies like global tariffs that could also raise prices. Announced immigration policies will result in American families paying an additional $2,150 for goods and services each year by the end of 2028, or the equivalent of the average American family's grocery bill for 3 months or their combined electricity and gas bills for the entire year. Such an annual increase would represent a tax that would erase many American families' annual savings, and amount to one of their bi-weekly paychecks each year. Unlike past periods of inflation, Americans have not been saving at the same rate as earlier years, and can't as easily absorb these price increases, squeezing American budgets even further."

In 2021, Zuckerberg's FWD.us teamed with the nation's tech giants to file a brief with the Supreme Court case to help crush WashTech (a tiny programmers' union), who challenged the lawfulness of hiring international students under the Optional Practical Training (OPT) program. "Striking down OPT and STEM OPT," FWD.us and its tech giant partners argued in their filing, [PDF] "would create a sudden labor shortage in the United States for many companies' most important technical jobs" and "hurt U.S. workers." The brief also dismissed WashTech's contention that the programs coupled with a talent surplus would shut U.S. workers out of the labor market, citing Microsoft's President Brad Smith's claim of an acute talent shortage and a 2.4% unemployment rate for computer occupations (that was then, this is now).

[ Read more of this story ]( https://news.slashdot.org/story/25/06/27/1322241/zuckerbergs-advocacy-group-warns-us-families-they-cant-afford-immigration-policy-changes?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Brazil's supreme court has ruled that social media platforms can be held legally responsible for their users' posts. From a report: Companies such as Facebook, TikTok and X will have to act immediately to remove material such as hate speech, incitement to violence or "anti-democratic acts," even without a prior judicial takedown order, as a result of the decision in Latin America's largest nation late on Thursday.

[ Read more of this story ]( https://tech.slashdot.org/story/25/06/27/0624226/brazil-supreme-court-rules-digital-platforms-are-liable-for-users-posts?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

The Supreme Court ruled Friday that the FCC's Universal Service Fund can continue operating, rejecting claims that the program's funding mechanism violates the Constitution. In a 6-3 decision written by Justice Elena Kagan, the court found that Congress did not exceed its authority when it enacted the 1996 law establishing the fund and that the FCC could delegate administration to a private corporation. The Universal Service Fund subsidizes telecommunications services for low-income consumers, rural health care providers, schools and libraries through fees generally passed on to customers that raise billions of dollars annually.

The program is administered by the Universal Service Administrative Company, a nonprofit the FCC designated to run the fund. Conservative advocacy group Consumers' Research challenged the structure, arguing that "a private company is taxing Americans in amounts that total billions of dollars every year, under penalty of law, without true governmental accountability."

The Fifth Circuit Court of Appeals ruled in favor of Consumers' Research, prompting the FCC to petition the Supreme Court for review. Kagan wrote that Congress "sufficiently guided and constrained the discretion that it lodged with the FCC to implement the universal-service contribution scheme," adding that the FCC "retained all decision-making authority within that sphere." She concluded that "nothing in those arrangements, either separately or together, violates the Constitution." The challengers argued the program violates the "nondelegation doctrine," a conservative legal theory that says Congress has limited powers to delegate its lawmaking authority to the executive branch.

[ Read more of this story ]( https://tech.slashdot.org/story/25/06/27/1718259/supreme-court-rejects-challenge-to-fcc-broadband-subsidy-program?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Android 16 will include a new security feature that warns users when their phones connect to fake cell towers designed for surveillance. The "network notification" setting alerts users when devices connect to unencrypted networks or when networks request phone identifiers, helping protect against "stingray" devices that mimic legitimate cell towers to collect data and force phones onto insecure communication protocols.

[ Read more of this story ]( https://tech.slashdot.org/story/25/06/27/1737221/android-16-will-tell-you-when-fake-cell-towers-try-to-track-your-phone?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

An anonymous reader quotes a report from Bloomberg: Canada is proceeding with its digital services tax on technology companies such as Meta despite a Group of Seven agreement that resulted in removing the Section 899 "revenge tax" proposal from U.S. President Donald Trump's tax bill. The first payment for Canada's digital tax is still due Monday, the country's Finance Department confirmed, and covers revenue retroactively to 2022. The tax is three percent of the digital services revenue a firm makes from Canadian users above $20 million in a calendar year.

Keeping the digital tax will not affect the G7 agreement, which focuses on global minimum taxes, the Finance Department said. The Section 899 provision would have targeted companies and investors from countries that the U.S. determines are unfairly taxing American companies. [...] Finance Minister Francois-Philippe Champagne suggested to reporters last week that the digital tax may be negotiated as part of broader, ongoing U.S.-Canada trade discussions. "Obviously all of that is something that we're considering as part of broader discussions that you may have," he said.

Business groups in the country have opposed the tax since it was announced, arguing it would increase the cost of digital services and invite retaliation from the U.S. It also raised the ire of U.S. businesses and lawmakers. A group of 21 members of U.S. Congress wrote to Trump earlier this month asking him to push for the tax's removal, estimating the June 30 payment will cost U.S. companies $2 billion. Before scrapping its digital services tax, Canada wants to see an OECD deal on policies that expand a country's authority to tax profits earned within that country even if a company doesn't have a physical location there -- which is different from a global minimum tax. Earlier today, President Trump said the U.S. is immediately ending trade talks with Canada in response to the tax, calling it a "direct and blatant attack on our country."

"Based on this egregious Tax, we are hereby terminating ALL discussions on Trade with Canada, effective immediately," Trump wrote in a post on Truth Social. "We will let Canada know the Tariff that they will be paying to do business with the United States of America within the next seven day period."

[ Read more of this story ]( https://news.slashdot.org/story/25/06/27/1935258/canadas-digital-services-tax-to-stay-in-place-despite-g7-deal?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Germany's data protection commissioner has urged Apple and Google to remove Chinese AI startup DeepSeek from their app stores due to concerns about data protection. Reuters reports: Commissioner Meike Kamp said in a statement on Friday that she had made the request because DeepSeek illegally transfers users' personal data to China. The two U.S. tech giants must now review the request promptly and decide whether to block the app in Germany, she added, though her office has not set a precise timeframe. According to its own privacy policy, DeepSeek stores numerous pieces of personal data, such as requests to its AI program or uploaded files, on computers in China.

"DeepSeek has not been able to provide my agency with convincing evidence that German users' data is protected in China to a level equivalent to that in the European Union," [Commissioner Meike Kamp] said. "Chinese authorities have far-reaching access rights to personal data within the sphere of influence of Chinese companies," she added. The commissioner said she took the decision after asking DeepSeek in May to meet the requirements for non-EU data transfers or else voluntarily withdraw its app. DeepSeek did not comply with this request, she added.

[ Read more of this story ]( https://apple.slashdot.org/story/25/06/27/1949207/deepseek-faces-ban-from-apple-google-app-stores-in-germany?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

In a year when average air temperatures consistently breached the 1.5C warming threshold, global COâ-equivalent emissions from energy rose by 1%, marking yet another record, the fourth in as many years. From a report: Wind and solar energy alone expanded by an impressive 16% in 2024, nine times faster than total energy demand. Yet this growth did not fully counterbalance rising demand elsewhere, with total fossil fuel use growing by just over 1%, highlighting a transition defined as much by disorder as by progress.

Crude oil demand in OECD countries remained flat, following a slight decline in the previous year. In contrast, non-OECD countries, where much of the world's energy demand growth is concentrated and fossil fuels continue to play a dominant role, saw oil demand rise by 1%. Notably, Chinese crude oil demand fell in 2024 by 1.2%, indicating that 2023 may have reached a peak. Elsewhere, global natural gas demand rebounded, rising by 2.5% as gas markets rebalanced after the 2023 slump. India's demand for coal rose 4% in 2024 and now equals that of the CIS, Southern and Central America, North America, and Europe combined.

[ Read more of this story ]( https://news.slashdot.org/story/25/06/27/1956207/renewables-soar-but-fossil-fuels-continue-to-rise-as-global-electricity-demand-hits-record-levels?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.

Facebook is prompting users to opt into a feature that uploads photos from their camera roll -- even those not shared on the platform -- to Meta's servers for AI-driven suggestions like collages and stylized edits. While Meta claims the content is private and not used for ads, opting in allows the company to analyze facial features and retain personal data under its broad AI terms, raising privacy concerns. TechCrunch reports: The feature is being suggested to Facebook users when they're creating a new Story on the social networking app. Here, a screen pops up and asks if the user will opt into "cloud processing" to allow creative suggestions. As the pop-up message explains, by clicking "Allow," you'll let Facebook generate new ideas from your camera roll, like collages, recaps, AI restylings, or photo themes. To work, Facebook says it will upload media from your camera roll to its cloud (meaning its servers) on an "ongoing basis," based on information like time, location, or themes.

The message also notes that only you can see the suggestions, and the media isn't used for ad targeting. However, by tapping "Allow," you are agreeing to Meta's AI Terms. This allows your media and facial features to be analyzed by AI, it says. The company will additionally use the date and presence of people or objects in your photos to craft its creative ideas. [...] According to Meta's AI Terms around image processing, "once shared, you agree that Meta will analyze those images, including facial features, using AI. This processing allows us to offer innovative new features, including the ability to summarize image contents, modify images, and generate new content based on the image," the text states.

The same AI terms also give Meta's AIs the right to "retain and use" any personal information you've shared in order to personalize its AI outputs. The company notes that it can review your interactions with its AIs, including conversations, and those reviews may be conducted by humans. The terms don't define what Meta considers personal information, beyond saying it includes "information you submit as Prompts, Feedback, or other Content." We have to wonder whether the photos you've shared for "cloud processing" also count here.

[ Read more of this story ]( https://yro.slashdot.org/story/25/06/27/1954211/facebook-is-asking-to-use-meta-ai-on-photos-in-your-camera-roll-you-havent-yet-shared?utm_source=atom1.0moreanon&utm_medium=feed ) at Slashdot.