Patients in England cannot stop their data being processed by the Palantir-built NHS Federated Data Platform (FDP), but individual NHS trusts can choose not to use it, health minister Preet Kaur Gill has told MPs. The minister, who was appointed last month to cover health innovation and safety, told fellow Labour MP Neil Duncan-Jordan that patients can only opt out of secondary uses of data such as planning and research. On the main opt-out mechanism, she said: "The National Data Opt-Out does not currently apply to products used in the NHS FDP. In most cases, this is because data is being used for the purpose of direct care." Last month, NHS England confirmed it had changed policy so some Palantir staff can access identifiable patient data through a new "admin" role. A briefing document seen by The Financial Times and confirmed by The Register warned that granting access could create a "risk of loss of public confidence" in NHS England's assurances about safeguarding patient data. Answering a separate question from Labour MP Rachael Maskell, Gill confirmed that NHS trusts running hospitals, mental health and other services can opt out. "Where NHS organizations would like to use alternative solutions, they retain the ability to procure locally, provided solutions meet applicable standards and support the delivery of national priorities," she said. According to NHS England statistics, 168 of 214 NHS trusts have signed up to use the FDP, with 123 live and 80 reporting benefits. All but one of England's 42 integrated care boards, Greater Manchester, have also joined. Palantir's role in the FDP, which followed similar pandemic-era work for NHS England, has become increasingly contentious. Last week, Parliament's Science, Innovation and Technology Committee said the NHS should end Palantir's involvement, and MPs have tabled 40 written questions about the supplier, which also works for intelligence agencies and US Immigration and Customs Enforcement (ICE), in the last month. Responding to a question from Labour MP Mark Sewards, Gill said the government will decide this year whether to extend Palantir's current FDP contract beyond its February 2027 expiry. She noted the program was among just 14 percent of major government projects to get a green rating from the National Infrastructure and Service Transformation Authority, "indicating that the NHS FDP is on track." In a further answer to Neil Duncan-Jordan, Gill said the contract includes an exit management process covering intellectual property rights. "In addition, the contract includes controls to support transition and continuity of services in the event of termination, ensuring that operational delivery and patient services are protected," she said. "In principle, another supplier could provide equivalent functionality in the future," Gill added, signaling that even if Palantir's contract is not renewed, the government wants to retain the FDP. "It would take planning, time, and resources to run a compliant procurement and then move services and data across safely." ®

BORK!BORK!BORK! We're big fans of retro computing here at Vulture Central, and so it is with a certain delight that we can report XP-era Windows has been spotted disgracing itself on London's Docklands Light Railway. Spotted by Register reader Tim Hayward, the wonderfully named DaisySignApp.exe has thrown up an application error. While the Windows shell might be shorn of all of XP's fripperies, the Recycle Bin icon hints at the operating system's origins. Hayward reckoned that XP was stalking the DLR, but it could also be Windows Server 2003. Support for Windows Server 2003 finally ended in 2015. XP was sunset in 2014, so the DLR display is rather out of date. Then again, as any IT administrator would admit, if something isn't broken, there's no point fixing it, no matter how much Microsoft would encourage them to. In this case, it is unlikely that the operating system is at fault (although one could argue that it should handle a misbehaving application more discreetly), and DaisySignApp.exe should be dealing with its own dirty laundry rather than throwing an exception in commuters' faces at Limehouse station. Limehouse connects London's Docklands Light Railway (DLR) to the UK's National Rail services. It was one of the first DLR stations and predates the borked operating system by more than a decade. Indeed, at the time of the DLR's opening in 1987, Microsoft was preparing to inflict Windows 2.0 upon the world – the delights of later versions and the company's GUI dominance were still a few years in the future. The DLR also seemed like a glimpse into the future back in the 1980s. However, a fair chunk of its underpinnings, such as formerly disused railway viaducts, hark back to an earlier era. Anyone looking at today's iteration of Windows might wonder how much of it dates back to what's on display at Limehouse. ®

NanoClaw, a secure agent framework, has partnered with supply chain platform JFrog to allow AI agents to fetch resources from JFrog's reviewed registries. Gavriel Cohen, creator of NanoClaw and co-founder of NanoCo AI, announced the tie-up on Thursday evening in San Francisco at a JFrog event that concluded with a World Cup watch party. Cohen explained that one of the features of Claw agents – OpenClaw and variations like NanoClaw – is that they can improve themselves by fetching tools and resources that they don't have. That works fine, he explained, when there's a manual approval process for accessing known local data. But it's not ideal for npm packages, even when the agent involved is sandboxed and isolated as it is in NanoClaw. Malicious code within a container may still be able to take harmful actions, even if the scope of potential activity is constrained. Developers, Cohen said, may not be familiar with a given package and it can take time to thoroughly assess whether a package is legitimate and uncompromised. "So we teamed up with JFrog and we integrated NanoClaw with JFrog's registries," said Cohen. The arrangement provides a way to reduce the agent's exposure to untrusted content. When the agent downloads new tools and libraries, the software comes from a vetted source. Cohen also announced the availability of what he called an agent factory, his company's homegrown system used to handle pull requests (PRs) using NanoClaw agents. The agent factory, he explained, is an attempt to triage pull requests, which have surged thanks to AI coding agents. "It's very easy now to point a coding agent at a repo and say, 'open a pull request for this repo,'" he explained. "And it's very difficult as a maintainer to tell the difference between a high quality contribution from somebody who's really using the open source project versus someone who's just trying to build up the reputation [using automated methods]. So to help us tackle this, we built an agent factory that helps us review every single contribution to NanoClaw." The agent factory is referred to as the PR Factory in the actual pull request. It's built with NanoClaw and hosted on exe.dev, a service that provides VMs with persistent storage. "When a PR opens, the factory spins up a dedicated worker agent for it, posts a thread to Slack, and the worker triages the change, reviews the diff, and proposes a test plan," Cohen explains in the documentation. "Nothing consequential happens on its own: merges, test runs, and credentialed GitHub actions each surface as an approval card in the thread, and only fire when a human clicks approve." Cohen acknowledged that some developers will think it's madness to process unsanitized PRs that could contain prompt injections or unsafe code. And he asked the assembled audience of developers how many had seen the phrase on the projected slide: "Never, ever, ever do this." Anyone who has spent time using and configuring AI agents in a development context has seen something of the sort in configuration files like Claude.md, which gets loaded as instructions to the underlying agent and model. "If you see something like this in the Claude.md file and the agent instructions say, 'Important: Never run drop database production,' it tells you two things. You know that that agent has deleted a production database before. And you know that it can actually still do it again. That's why the instruction is there." This elicited a knowing laugh from the audience. Cohen went on to say that the agent will do it again because instructions are not a way of enforcing security or safety. "Instructions help steer an agent AI towards valuable output, but it's not a safety mechanism," he said. "The only way to reliably prevent an agent from taking undesired action is not allowing it to take that action, not giving it the ability to take the action." That is the purpose of NanoClaw. ®

Amid the unrelenting demand for AI infrastructure, SK Hynix, the world’s largest supplier of HBM memory used in high-end GPUs, now expects to triple its wafer capacity. You'll just have to wait through two more US presidential elections and then some. All that capacity won’t come online until 2034, SK Group Chairman Chey Tae-won told Nikkei Asia in a recent interview. SK Hynix’s valuation has soared in recent months. The company is one of three major producers of NAND flash and DRAM memory, large quantities of which are required to support the burgeoning AI inference market. Samsung and Micron are the other two major players in this space. This demand has led to skyrocketing memory prices for consumer DRAM and SSDs, some of which have more than tripled in price compared to this time last year. SK Hynix and the other major memory makers meanwhile have seen their revenues explode. Chey's comments come just a week after SK Hynix said that it planned to double its production capacity within the next five years. “Our calculations show that our wafer capacity will double within five years. But honestly once all these facilities are built, it won’t just double, it will triple by around 2034,” Chey told Nikkei. SK is in the process of bringing four additional wafer fabs online, with the first phase reportedly on track to come online as early as 2027. The South Korean memory slinger had previously planned to ramp production of these facilities over the next two decades, but has pulled in its timeline in hopes of satiating AI’s memory addiction. “There is currently no way to move faster than this,” Chey told the newswire. While much of this capacity will be built on SK’s home turf, the company is exploring its options for overseas manufacturing, with Japan being one of the potential destinations, with Chey calling it an “excellent” candidate due to its robust semiconductor supply chains. Unfortunately, the buildout is unlikely to drive down memory prices for consumers any time soon. As we previously reported, memory prices are not expected to peak until later this year at the earliest. Analysts warn that memory prices are more likely to plateau going into 2027 rather than plummeting like we’ve seen in past DRAM and NAND boom-bust cycles. These boom-bust cycles have been a fact of life for commodity electronics manufacturers, like SK Hynix and Samsung, for years. Prices typically spike as inventories are drawn down and crater as new capacity is brought online. On the one hand, AI infrastructure demand has helped to stabilize this to some extent. On the other hand, the AI boom kicked off in 2022 at what was arguably the worst possible time. "This demand started in the Valley for the DRAM industry. That makes financially trying to build additional capacity really challenging," TechInsights analyst James Sanders told El Reg late last year. Business is once again booming for memory vendors presenting ample opportunities for labor disputes over competition as well as fab expansions. Unfortunately, there’s no changing the fact that the fastest anyone can bring a leading edge memory fab online is about three years. ®

GitHub has been struggling with service availability in recent months as traffic on the platform has surged, driven in large part by AI-assisted coding and agentic development workflows. The code-sharing site has been trying to address those issues by expanding capacity and migrating more workloads to Azure infrastructure, but reliability remains uneven. In the May 2026 GitHub Availability Report, GitHub acknowledges nine incidents that degraded performance, one fewer than its April report. That's something. But Jakub Oleksy, SVP of software engineering at GitHub, says there's more to be done. "We are making structural changes that permanently remove failure modes," he said in the report. "We acknowledge that we have work to do, but we’re committed to getting it done and making GitHub reliable when and where you need it." Microsoft’s code hosting site also briefly halted new Copilot subscriptions to reduce the cost impact of its AI services and to adjust its Copilot pricing to account for shifting model provider policies. As noted in an April post, GitHub had planned to increase its capacity by 10x back in October 2025, but by February 2026 it had become evident that a 30x expansion would be needed to accommodate the surge of pull requests, commits, and new repos. Last year, GitHub reportedly handled 1 billion commits for the entire year. Now it receives 1.4 billion commits every month. “We’re now serving 40 percent of monolith traffic from Azure (up from 8 percent in February), with Git traffic at 30 percent and repository replication at 99 percent,” said Oleksy. “We’ve more than doubled our effective capacity in four months.” Oleksy notes that efforts to isolate GitHub’s primary database cluster by moving users, authentication, and authorization into separate domains should prevent failures that cascade across the system. That hasn’t quite solved GitHub’s ongoing availability challenges, in part because Azure has also confronted capacity problems recently. There were nine incidents in May compared to 10 incidents in April. And June is on pace for a similar number. The Missing GitHub Status Page, an unofficial project to track GitHub service problems, counts 12 incidents in May and reports uptime over the past 90 days at 87.26 percent. By month, the project puts GitHub availability at 78.33 percent in April, 93.86 percent in May, and 88.39 percent for June so far. GitHub's Official Status Page presents a far more flattering view of availability, with uptime figures mostly around 99.9 percent for the listed services. These figures depend upon what gets counted and the duration of the disruption. GitHub’s own incident history page cites 26 incidents in April, 23 in May, and 12 to date in June. ®

MX Linux 25.2 is here, now with kernel 7.0 if you choose – although the Raspberry Pi edition still needs some work. MX Linux has been quietly turning into one of the Reg FOSS desk’s favorite distros for a few years now. It has a number of desirable attributes, and with version 25.2 released late last month, some of the slightly bumpier parts of the major upgrade to version 25 are getting smoothed out. We looked at MX Linux 25 in November last year, and reported that one of the niftiest features in previous versions had been lost. In MX 23 and before, you could choose which init system the OS used every time it booted up: so, for instance, you could normally run with the classic sysvinit, but if you needed to install something which demanded systemd, you could temporarily boot up with systemd as the init, install your app, and then switch back. In our testing, we’ve found that some things require Agent P’s Swiss Army Knife of a “System and Service Manager” to install, but once they’re in place on your computer, they will run quite happily without it. Alternatively, if it’s something you only occasionally run, you can start up with systemd only when you need it. The way that MX Linux did this no longer works on kernel 6.12 or above. So, in order to continue to offer a choice of inits at all, MX 25.0 made you choose at install time: either pick the systemd version, or the sysvinit version. (And if you wanted KDE Plasma, it was only available in systemd form.) MX Linux 25.1 fixed that with a new, different, switchable-init system. However, that made upgrading from 23 to 25 tricky, and after we tried it, the OS still worked, but the handy suite of MX Tools didn’t. These aren’t essential, but they significantly facilitate common adjustments and tweaks such as installing extra external apps, switching repositories and mirrors, managing kernel versions, installing additional device drivers such as the eternally problematic Nvidia drivers, and much more. They’re one of the distro’s key advantages, and well worth having. We dug out the machine in our test fleet, which runs MX, and tried the option in the installation program that installs over the top of an existing copy of MX. It worked fine, with some caveats: it’s not quite as capable as Ubuntu’s in-place reinstall, which spares your home directory while reinstalling the OS around it. MX simply overwrites the old OS; it doesn’t pick up any config from it – but it’s quicker and easier than custom partitioning. We had to re-enable our swap partition, and add a user account that matched the old one, but everything worked fine. With the MX Tools, it was fast and easy to choose local repositories for updates, and reinstall some handy proprietary apps such as Google Chrome and Slack. The distro comes with Flatpak preinstalled, and we used that to install Gear Lever to make it easier to reinstall Panwriter. The new MX Linux version 25.2 optionally includes the new kernel 7.0, from the Liquorix project that we looked at in 2022. For the Xfce edition, you can choose the normal edition, with a Debian kernel, or the AHS edition with the newer kernel. The KDE edition only comes in AHS form, and the lightweight Fluxbox edition for low-end kit only offers the Debian kernel. There are any number of Debian and Ubuntu based remixes and meta-distributions out there, but MX Linux is perhaps the single most user-friendly distro we’ve seen that isn’t based on systemd. It’s fast, lightweight, and much easier to get configured and installed than Devuan, or even than Debian itself. It also has better tools for adjustment and customization than any member of the Ubuntu or Debian family, and rivals the best Arch Linux-based distros such as Garuda Linux. As we reported from the Ubuntu Summit, Canonical is beginning a push into AI. Since then, the roadmap for Ubuntu 26.10 “Stonking Stingray” has been published, including what it calls a Context-aware desktop – powered by LLMs. Similar changes have already come to Linux Lite 8.0, which is based on Ubuntu 26.04. This too bundles a local LLM for all your error-filled artificial-plagiarism needs. We suspect that such developments may yet drive a small exodus of Ubuntu users – and if you also want to get away from systemd at the same time, then MX Linux is an excellent place to start. Bootnote: MX Linux on the Raspberry Pi Finally, version 25.2 sees the Raspberry Pi respin updated to the new base OS. Until 25.2, the Pi version was still on MX version 22. As this rather outdated description says, this is a separate edition of MX Linux with Xfce, but built in part from the packages in the Raspberry Pi OS rather than directly from Debian – so it looks and works like MX, but is compatible with most Pis and most apps for PiOS. For instance, the Pi configuration commands, and EEPROM updater, work fine on MX on the Pi, but they don’t on (for instance) Alpine Linux. We tried MX Linux 24.2 for the Raspberry Pi on both 4 GB and 8 GB Pi 5 machines and on a Pi 4, but it wouldn’t get past the splash screen for us – but the previous release worked very well, so once it’s received a little more TLC, this could turn out to be a good option for Pi users wanting a more configurable desktop OS. ®

A disgruntled IT worker faces 21 months behind bars after being found guilty of sabotaging his former employer’s systems for more than a year and half. Ezekiel Dean Potter, 34, was fired from his IT support job at Iowa’s SaydelU Community School District (SCSD) in April 2023. He was found guilty of causing various technical damages to SCSD’s systems betwUeen May 2023 and January 2025.UU At his sentencing hearing on June 11, the court heard thaUt the IT worker had gathered and stored more than 300 Saydel user accountU credentials before he was terminated from his position. Potter’s other offenses included deleting SCSD’s Facebook page on June 1, 2023, and data related to its Apple School Manager program, which prevented it from managing Macs and iPads. The disgruntled worker, who the prosection described in its sentencing memo [PDF] as “a plague on the Saydel Community School District,” was just one of two IT staff members who had the required privileges to make changes to the Facebook account. The deletion ended up being a permanent one, and SCDC had to create a new page in August. Following his intrusion into the district’s Apple School Manager on June 14, 2023, SCSD’s IT team had to work with Apple for a week to restore their access after Potter deleted users’ passwords, phone numbers, billing information, and the primary mobile device server management information, court documents [PDF] showed. He also attempted to delete all user accounts and restricted access for those who still had one. Potter’s next offense took place between July and August 2023, when he attempted to interfere with SCSD’s GoDaddy account, unsuccessfully resetting usernames and passwords. Potter logged into this GoDaddy account no less than 26 times, including on one occasion where he used his company-issued PC supplied by his subsequent employer, convenience store and pizza chain Casey’s. The IT specialist then took an extended break from his cyber sabotage. Court documents mention Potter successfully gaining access to SCDC’s Google and Gmail accounts in October 2024, but he waited even longer to act on this access. It wasn’t until January 2025 that he logged into SCDC’s PowerSchool-based Schoology learning platform using one of the district’s Google accounts to which he had access, and deleted the account of one of the organization’s IT staff. This had the knock-on effect of locking out teachers during a school day and, in turn, preventing them from teaching for two hours. He returned a week later and deleted an additional nine district Gmail accounts, including current and former staff, the district IT director, and superintendent. Investigations showed that even though Potter switched to a VPN during one of the January intrusions, his IP address was later traced back to him and his employer, The Printer Inc, which he joined after leaving Casey’s. He left that job on January 23, 2025, for reasons not disclosed. Potter seemingly trusted at least one of his coworkers enough to “wipe” a USB drive he left in his old desk, asking them to do so after he departed the company. That trust was misplaced, however, as the coworker instead reported the USB to management, and what followed ultimately proved to be Potter’s undoing. The Printer Inc passed the USB to law enforcement, and later the FBI, which forensically examined the device, finding spreadsheets filled with more than 300 district usernames and passwords, a floor plan for Saydel High School, as well as personal data pertaining to Potter and pay stubs from his employment at SCSD. In total, the district incurred $73,375 worth of costs related to employees' lost time, digital forensics, learning downtime, and time spent working with other vendors to remediate his intrusions. SCSD's insurer spent an additional $27,893.75 in payments for digital forensics and remediation work, taking the total losses up to $101,268.81. Potter was indicted on October 15, 2025, and arrested the following day, but released on pretrial supervision after accepting responsibility for his offenses. He later entered a guilty plea in January 2026, and was found guilty in February. At his sentencing hearing on Thursday, Potter expressed deep regret for his actions, especially for disrupting children’s learning, and for failing his family. "I never intended to negatively affect students, but I recognize that harm was still done and I'm deeply sorry," he said, according to local media. "This experience humbled me in ways I never expected, but I needed that." His defense attorney, Joseph Herrold, stated: “Mr. Potter now fully sees the impact of his actions and deeply regrets the harm he caused.” Herrold argued against a prison term, instead asking for a five-year probation term, owing to Potter’s deep regret and the strong deterrent that comes with his felony conviction. The public defender also pointed to Potter’s clean criminal background, noting only one prior harassment misdemeanor related to a 2010 case, when he was just 18 years old. Potter was convicted following immature conduct from the backseat of a vehicle, for which he received a $65 fine. Herrold also said Potter’s restitution order to repay $59,668.81 in total, with $31,775.06 going to SCSD and $27,893.75 to its insurer, Travelers Indemnity Company, only furthered the deterrent effect, and would impact his lifestyle for years to come. Prosecuting the case, US attorney David C. Waterman, pushed instead for a 26-month prison term, saying: “Defendant’s actions were not a one-time lapse in judgment. They were calculated, malicious, and seemingly motivated only by the defendant’s vindictiveness.” He added: “The defendant’s attacks on SCSD’s systems are troubling not just because of the significant damage he caused – tens of thousands of dollars, without accounting for the unknown but clearly extensive disruption to teaching and school activities – but also because of the defendant’s motivations. “It appears the defendant repeatedly assaulted SCSD out of spite and pure maliciousness, despite knowing his actions would affect not only his former boss and IT colleagues, but also school faculty, administrators, and students.” ®

KPMG's October 2025 report on the wonders of agentic AI has been accused of demonstrating one of the tech's less desirable talents: making things up. Research outfit GPTZero claims a forensic review of the Big Four firm's October 2025 report, "Total Experience: Redefining Excellence in the Age of Agentic AI," found that only five of its 45 citations correctly pointed to the cited source; the rest ranged from mangled and misleading to partially fabricated or too vague to verify. The consulting industry has form here. Last year, Deloitte ended up refunding the Australian government after AI-generated content slipped into a taxpayer-funded report. GPTZero dubbed the phenomenon "vibe citing" – the citation equivalent of vibe coding – where generative AI appears to stitch together fragments of real sources, invent titles, or otherwise produce references that look convincing until someone actually clicks them. GPTZero alleges that roughly half of the report's factual claims were false, unsupported, or attributed to the wrong source. Several case studies highlighting supposedly cutting-edge deployments of agentic AI appear to have been particularly creative. Among the examples highlighted by GPTZero were purported agentic AI deployments at UBS, Swiss Federal Railways, and Transport for London. According to GPTZero, the sources cited to support those case studies either did not substantiate the report's claims or contained alterations and paraphrasing that undermined their reliability. “These factual errors are not confined to the report’s footnoted passages,” GPTZero said. “On page 42, the authors claim that Emirates airline has adopted a mobile chatbot named Sara (false) that can converse directly with passengers (partially true) and change their flights (false). In fact, Sara is a robot assistant introduced by Emirates in 2023 (not a chatbot) that lacks the ability to alter flight bookings.” Not all of the alleged problems involved external sources. GPTZero noted that the report appears to contradict KPMG's own research, citing a figure of 55 percent of CEOs ranking AI as their top investment priority. KPMG's 2025 CEO Outlook, released the same month, put the number at 71 percent. KPMG has since removed the report from some of its websites while it investigates how the publication made it into the wild, according to the Financial Times. A spokesperson at KPMG told The Register: "KPMG International takes the accuracy and integrity of its published content seriously. The report has been removed and we are reviewing the circumstances surrounding its publication. We expect all our people to follow our guidelines on the responsible use of AI, including human oversight to validate content and verify independent sources." Consulting firms have spent years warning clients about AI hallucinations. According to GPTZero, KPMG may have just provided a live demonstration. ®

Pharmaceutical giant Novo Nordisk says data related to clinical trial participants was stolen as part of a cyberattack. The affected patient data was pseudonymized and not directly linked to names or other direct identifiers, the company said. The maker of the Wegovy weight-loss drug said the affected data types include patient ID, information on trial participation, gender, year of birth, biomarkers, health/immunogenicity data, and lifestyle factors including smoking status, alcohol use, and BMI. "This information is not directly linked to any patients by name or other direct identifiers," the Novo Nordisk said on its dedicated page for the attack. "Information about identity would therefore require access to underlying information, identifying patients by name etc. This information was not exposed. We therefore do not consider the incident to enable any third party to identify participants in our clinical trials." The same statement confirmed that the attack affected a "limited number of internal IT systems," and the company said some systems have been taken offline as a precaution. Although it does not believe there is an immediate risk stemming from the breach, it nonetheless warned patients to remain vigilant for anything that could be connected to the data stolen during the attack. A separate letter sent to the company's healthcare partners (HCPs) states that additional personal information may have been stolen and could lead to targeted phishing attempts. Affected HCP data includes names and registration numbers, email addresses, phone numbers, WhatsApp details, and office locations. "Based on the nature of the exposed data, the potential consequences of the incident include targeted phishing attempts through emails, phone, and WhatsApp, or fraudulent communications impersonating colleagues," Novo Nordisk said in the letter. "We recommend that you remain vigilant against unexpected messages or calls and report any suspicious activity to us." The pharma biz warned that it may take time to bring these systems back online, but it is working to do so "in a controlled and safe manner." Elsewhere, it all sounds like standard practice. Outside experts were called in to help investigate, and Novo Nordisk has not yet confirmed the scale of the breach, nor will it until the experts have more time to assess the damage. Novo Nordisk added that the attack has had no impact on its core business operations, which remain running as normal. The attack was announced on what should have been a day of celebration for the company, whose flagship semaglutide weight-loss and diabetes pill received the green light to become the UK's first daily GLP-1 tablet hours earlier. The Wegovy pill joins the list of approved weight-management treatments that act as agonists for the GLP-1 receptor. All the other approved treatments are injectables, including Wegovy and Ozempic, both of which are also developed by Novo Nordisk. The Danish company employs roughly 67,900 people across 80 countries, and markets products in nearly every country globally. ®

Amazon says its datacenters used about 2.5 billion gallons of water last year, but claims that's far less than rival hyperscalers and that it remains on track to become "water positive" by 2030. In a blog post, the digital tat bazaar and cloud computing biz says the 2.5 billion gallon figure covers its entire global datacenter footprint for 2025. It downplayed the number by comparing it to the volume of water Americans - a country of 350 million people - used on lawns and gardens over the same period. Amazon disclosed water usage of 0.12 liters per kilowatt-hour (L/kWh) at its data facilities, and claimed Microsoft used 0.27 L/kWh during 2025, while Meta's consumption stood at 0.19 L/kWh in 2024 and Google was the thirstiest at 1.15 L/kWh during the same year. The Register has asked Microsoft, Meta and Google to comment. The water usage, we're told, is 75 percent of the way to Amazon's goal - announced in 2022 - of being "water positive" by 2030. It means facilities return more water to the environment than they consume, via measures including rainwater capture or other treating waste water for reuse. The figures come amid growing pushback against datacenter construction in the US. A recent Ipsos survey found most Americans don't want facilities built nearby, citing worries over electricity prices, eyesore buildings, and water-hungry operations. This echoes a 2022 report that found Google datacenters were consuming more than a quarter of all the water used in The Dalles, Oregon. Or, if you'd rather not to blame the industry itself, you could go with the line that Chinese operatives are spreading propaganda over social media, a claim that OpenAI and other interested parties are keen to promote. Whatever the cause of the backlash, the underlying numbers are real: datacenter water use has been climbing for years, driven by the sheer growth in facility numbers and by AI servers, which run hotter and demand more cooling than traditional kit. Water consumption at Microsoft's facilities surged 34 percent to 6.4 million cubic meters in 2022, for example, with generative AI blamed. Making matters worse, many datacenters now in the pipeline in the US are slated for areas already experiencing drought, according to analysis by The Guardian newspaper. Amazon says that its facilities use "free air cooling" about 90 percent of the time, pulling in outside air and flowing it past servers to absorb the heat, with no water involved - though it does resort to evaporative cooling during the hottest weather. But as The Register outlined last year, kicking the water habit completely will be nearly impossible, regardless of what claims the operators may make. ®

EXCLUSIVE For the past 90 days, Microsoft has been quietly patching a firmware flaw in Surface devices that allowed the hardware to be bricked with a single packet, though only for those who have disabled Secure Core and Secure Boot. And the company's Copilot AI software inadvertently helped identify the faulty firmware. According to Jack Darcy, a security researcher based in Australia, his instance of Microsoft Copilot stumbled across the bug after being asked to adjust the screen backlighting on a Surface device. The Copilot-conjured Python script ended up rendering the researcher's laptop inoperable by overwriting the embedded controller firmware. "Copilot autonomously created and executed four progressively aggressive Python scripts during a probe for backlight control values that sent raw SSAM ioctl commands (SSAM_CDEV_REQUEST = 0xC028A501) directly to the SAM microcontroller through the SAM software path," Darcy explained to The Register. The SAM or SSAM is the embedded controller used in Surface devices. And as our source explained, Microsoft’s implementation of the controller in Surface devices did not include any defense against arbitrary write values. Microsoft does not consider the bug to be a practical threat. "There is no realistic attack scenario with this issue," a spokesperson told The Register. "In order to successfully exploit it, an attacker would need to interact with specific drivers and send commands to a hardware interface. This would require administrator privileges on the machine, as well as disabling the Secure Boot feature. With this access, they could perform any number of actions." Commonly, Darcy said, digital devices require holding a button down or connecting a jumper cable to enable arbitrary write access. But that security check is absent in Surface devices, we're told, enabling Copilot to vandalize the firmware in the absence of Secure Core and Secure Boot. Essentially, the probing triggered an update command from the SAM that overwrote the UEFI and Secure Boot firmware. Surface devices treated to this sort of probing should continue to operate because the SAM was already initialized and is running in RAM. But upon reboot, when the SAM tries to reload using corrupted data in its non-volatile storage, it will fail to initialize, and the system will be unable to Power-On Self-Test (POST). The Python script crafted by Copilot on the security researcher's Surface device iterated blindly over a particular Target Category and the set of Command ID (CID) pairs, sending empty/null payloads to WRITE commands. The result, Darcy explained, is that the SET Feature Report was called with null payload, the Output Report was called with null payload, and other CIDs were hit by SET commands that wrote garbage data. As a result, the device became inoperable. We're told this has been a common complaint about Surface devices online support forums over the years, though we have no way to determine whether boot failures reported for other Surface devices can be attributed to this specific problem. Many Surface hardware issues reported publicly appear to be fixable through various troubleshooting techniques. But devices made inoperable by SAM access, our source insists, are permanently bricked – a situation that can entail hundreds of dollars in repairs for a new motherboard. No USB, no factory reset, no access to the BIOS/UEFI, we're told. Darcy said that the SAM Bus is terribly designed. "There is no way to see the current value without scanning the bus," he said. "But scanning the bus kills the unit." The problem is that the CIDs, which are like APIs for the SAM, have been interleaved in a way that's dangerous. "If all the reads were grouped together (say, CIDs 0x01–0x0F) and all the writes were grouped separately (say, CIDs 0x10–0x1F), a probe script could safely scan the read range without ever accidentally wandering into write territory," Darcy said. "You could even put a simple bounds check in your code: 'only probe below 0x10.' Done. Safe. "But because reads and writes are interleaved in the same numbering space, there is no safe range to probe. You literally cannot scan even two consecutive CIDs without a coin-flip chance of hitting a write command. The moment you decide to enumerate what's available, you're already firing blind writes, because the command space gives you zero structural information about which operations are safe and which are destructive." Managed devices not at risk The Register asked Microsoft about our source's claims on March 10, 2026. A company spokesperson reiterated a prior suggestion that the researcher contact the Microsoft Security Response Center (MSRC), an effort our source found too cumbersome. Rather than publishing details about what might have been a potential zero-day flaw – we were uncertain about the Secure Boot/Secure Core requirement at the time – The Register reached out to internal Microsoft sources in an effort to get someone's attention. By March 12, with the help of Microsoft media relations, we managed to coordinate a conversation between Darcy and Madeline Eckert, senior program manager with MSRC. Microsoft subsequently acknowledged the vulnerability and committed to issuing a fix. The Register in turn agreed to delay publication for 90 days while repairs were made. We're told most affected devices have been updated (via Windows Update), or will receive updates in coming weeks. The issue did not meet the bar for a CVE, according to the company. "We appreciate the work of Jack Darcy and The Register for reporting this issue under a coordinated vulnerability disclosure," a Microsoft spokesperson said in a statement. "Our investigation found that a deprecated UEFI interface could trigger a boot loop on some devices. To trigger this loop, the user must have administrator privileges and have already disabled the Secure Boot security feature. We have released updates to address the issue for most impacted devices." That means managed devices are not at risk. But those using Linux, or Windows users who have disabled Secure Core and Secure Boot for gaming, or who use custom Windows drivers, or who have USB boot enabled, may still be vulnerable if their systems haven't received the update. We're uncertain about the range of Surface devices affected. Our source said it appears to be all of them (Surface Laptops 3-6, Surface Book 1-3) except for Surface Go models. ARM variants, however, have not been tested. Microsoft moving Surface to Rust One of the things we learned from Darcy during the effort to get this issue patched is that Microsoft is planning to move the Surface stack to Rust. We understand from David Abzarian, chief architect for Microsoft Surface, that work is underway to transition future Surface for Business hardware to a more secure architecture based on Rust code. "Our most recent Surface for Business hardware features a major architectural shift in terms of improved reliability and security that spans our embedded controller, UEFI, but also some of our drivers," said Abzarian in a statement provided to The Register. "We’re investing in the most secure foundation for a PC by building our embedded controller firmware from the ground up in Rust (as part of leveraging and contributing to the Open Device Partnership (ODP)) in addition to a rewrite of the UEFI DXE Core in Rust; these projects are known as Secure EC and Project Patina respectively. "We’re also not only shipping some of our drivers written in Rust, but also helping co-develop the framework Windows Drivers in Rust (WDR) to help enable a broad set of partners in the Windows ecosystem to capitalize on these benefits. I will also note that all of these efforts are open-source promoting one of our key security principles around transparency." Asked to comment, Darcy said, "The fact that a device can be destroyed, irreparably from userspace is... certainly an interesting design decision. While I applaud Microsoft for their beautiful, and innovative Surface series, a little more innovation around verifying incoming data at the firmware level would have been greatly appreciated." We're told Microsoft provided Darcy with a Surface laptop as a show of appreciation. ®

Google has sued an alleged China-based cybercrime operation it says used AI-powered phishing kits to blast out millions of scam text messages and funnel victims to fake websites designed to steal passwords, payment cards, and other sensitive information. The complaint targets a group Google refers to as the "Outsider Enterprise," which the company describes as a sprawling criminal network that operates on Telegram and supplies phishing tools to other fraudsters. According to Google's filing, the operation has been linked to more than 9,000 fraudulent websites, over one million malicious URLs, and scams that have allegedly defrauded hundreds of thousands of people. The group's biz model centers on distributing phishing kits that enable criminals to impersonate Google and other trusted brands through large-scale text message campaigns, Google claims. Victims are directed to fraudulent websites designed to steal login credentials, payment card details, and other sensitive information, it adds. Google's allegation is not that AI is somehow breaking into people's phones, but rather that the technology appears to have been used to help churn out phishing content, allowing the operation to push more scams, more quickly, and with less effort. Android users flagged more than 55,000 spam texts linked to the operation during a two-week period in May, we're told, while the company detected roughly 2.5 million messages containing links to Outsider-controlled websites sent to Android devices during the same time frame. The lawsuit forms part of a broader effort involving federal law enforcement and US telecom providers. Google said it is coordinating with the FBI, AT&T, T-Mobile, and Verizon to disrupt the infrastructure behind the campaigns and block malicious messages before they reach users. "The criminals behind the Outsider Enterprise built a business out of impersonating trusted brands to defraud hundreds of thousands of victims," said Brett Leatherman, assistant director of the FBI's Cyber Division. "Criminals increasingly use AI to make fraud like this more convincing and harder to detect. Together with partners like Google, we can disrupt criminal networks in ways no single organization could on its own." The lawsuit may never put the alleged operators in a courtroom, but it could still help pull apart the infrastructure behind the campaigns. ®

UPDATED SpaceX priced its blockbuster initial public offering at $135 a share on Friday, raising $75 billion and valuing Elon Musk's rocket biz at roughly $1.78 trillion. Retail investors piled in to get a handful of Musk's magic beans, sending shares up 19% on the first day, valuing the company at over $2.1 trillion, and turning the South African native into the world's first trillionaire based on his stakes in both SpaceX and Tesla. The haul for the space exploration and satellite company could rise to about $86 billion if underwriters exercise their option to buy more stock, making it the largest IPO in US history. The company confirmed [PDF] that 555.6 million shares of Class A common stock were sold in the offering, with another 83.3 million available to underwriters. SpaceX is a loss-making company. In its Form S-1, filed with the US Securities and Exchange Commission, it divided operations into Space (Falcon 9 and the like), Connectivity (Starlink), and AI. Only the Connectivity segment is turning a profit, to the tune of $4.4 billion in 2025, while the others continue to rack up losses. Making a profit from AI continues to elude many companies – SpaceX is not the only entity where investment exceeds revenue, and Starship remains a work in progress. In the company's Form S-1, SpaceX reported a net loss of $4.9 billion on revenue of $18.7 billion in 2025. The IPO values the company at more than 90 times that revenue. According to The Financial Times, the IPO was heavily oversubscribed – orders exceeded the number of shares on offer by more than three times. Retail investors also ordered more than $100 billion of shares, and were allocated between 20 and 25 percent of the shares sold. The record-breaking IPO reflects investor appetite for AI-related companies, as well as a bet that SpaceX's estimate of a $28.5 trillion total addressable market, including $22.7 trillion in "Enterprise Applications," proves realistic. Skeptics may recall that promises and assurances associated with Elon Musk rarely survive contact with reality. In addition to his trillion-dollar net worth, Musk may also be in line for a vast Tesla payout if the carmaker hits targets including a sharp rise in valuation and the delivery of a million robots over the next decade. ®

London's Metropolitan Police Service (MPS) is planning to cut around 700 extra frontline posts after being blocked from awarding a software contract to US supplier Palantir, Commissioner Mark Rowley said. On May 20, the capital's deputy mayor for policing and crime Kaya Comer-Schwartz refused to approve the MPS's plan to hand its Unified Operational Analytics (UOA) contract, worth up to £50 million over two years, to Palantir. The force already uses Palantir in professional standards investigations into its own officers. In the written version of his report to the London Policing Board on June 11, Rowley said the MPS has to reduce its full-time equivalent (FTE) headcount by 1,150 in the current financial year to balance its budget. The UOA would have covered around 500 of these by reducing staff time spent on backroom work including intelligence reports, mobile device analysis, and data processing. "Following the decision not to award the contract with the preferred supplier Palantir, the delivery of these circa 500 FTE reductions are now at risk," Rowley wrote, adding that the UOA also looked likely to allow the force to cut a further 200 FTE serious and organized crime (SOC) posts. "We are now in a scenario where, in the absence of additional new funding, we must identify and implement in-year cuts to our services to Londoners, rather than using technology to automate administrative and research-heavy areas of the MPS," the Commissioner wrote. The MPS "may be able to take the edges off these reductions" if it can quickly find an alternative route to UOA functionality, Rowley said. But as any procurement would likely take months, the force must plan greater cuts in frontline policing. A spokesperson for the Mayor of London said: "The mayor fully supports the Met using modern technology to drive efficiencies and improve the performance of the police. However, as with all procurement, we must always ensure the correct processes are followed and that Londoners get value for money. "In this case, the Met did not present its procurement strategy for approval, as required, and the process followed by the Met did not adequately demonstrate value for money for Londoners for a proposed contract at this value. Given the tight budgetary constraints the police are operating under, it's even more important that robust processes are followed when awarding large contracts. "The Met does face a difficult financial situation, which stems from the huge cuts implemented by the previous government and the significant underfunding of the Met's capital city responsibilities. The mayor has already doubled the policing budget from City Hall and he will continue to do everything he can to support the Met and secure the national funding needed for policing in our city." The dispute comes as the Home Office announced an expansion of AI use across policing in England and Wales, with large-scale pilots in up to ten forces this financial year aimed at helping officers process digital evidence. The work will be run centrally by a new body, PoliceAI. ®

Plymouth City Council has joined the growing ranks of public bodies defeated by the humble BCC field after exposing the email addresses of around 500 home-schooling families in a mass-mailing mishap. The blunder comes barely a week after City of York Council disclosed a similar mistake that exposed the email addresses of hundreds of disabled residents, suggesting that some public sector workers remain engaged in an ongoing battle with one of email's oldest features. The message, sent by Plymouth's Elective Home Education team, was meant to share information about upcoming legislative changes, but it also shared the email addresses of hundreds of home-schooling families with one another. A Register reader who contacted us about the incident described the aftermath as "a bit of a mess," claiming follow-up communications caused further confusion among recipients. Plymouth City Council did not respond to The Register's questions, but in a statement provided to local media, it admitted the incident was caused by human error and affected approximately 500 families. "Unfortunately, due to human error, a recent email was sent to approximately 500 families without using the BCC function, meaning recipient email addresses were visible," the council said. The authority said it contacted recipients as soon as it became aware of the problem, apologized, and asked families to delete the email and refrain from using any details they had received. It stressed that the message included no information relating to children and consisted solely of a general update. The council said the email mishap was investigated internally and that affected families were contacted again once officials had pieced together what went wrong. It also promised extra checks designed to keep future mailing lists out of public view. The council also reported the matter to the Information Commissioner's Office (ICO). An ICO spokesperson told The Register: "We can confirm that we received a report from Plymouth City Council regarding this incident. After carefully assessing the information in the report, we provided data protection advice and closed the case with no further action." While the exposure appears limited to email addresses rather than more sensitive personal information, the incident serves as another reminder that some of the most common data breaches do not involve sophisticated cybercriminals or ransomware gangs. Sometimes all it takes is sending an email to a few hundred people and clicking the wrong box. ®

The UK government has set up an advisory board for its digital ID project, intended "to challenge the government on emerging ideas or policy decisions to ensure the system works for everyone," says the Cabinet Office. The board includes David Rogers, an Internet of Things security expert and CEO of security consultancy Copper Horse. He is no stranger to government advisory panels, having previously sat on a group formed in 2020 to consider telecoms diversification. A year later, as chairman of the GSMA's fraud and security group, he backed the then-Conservative government's Product Security and Telecommunications Infrastructure Act 2022. Rogers has provided El Reg with comments over the years, and in 2014 discussed iPhone 6 biometric security, arguing that better usability would cut data loss overall because most people found PIN locks too cumbersome. Justine Roberts, founder and chief executive of UK parenting forum Mumsnet, is also on the board. The site experienced a data breach in 2019 due to a cloud migration affecting 46 user accounts, leading Roberts to apologize. More recently, some Mumsnet posters have been unimpressed by the government's digital ID plans, with one responding to the prime minister's October 2025 announcement with "Honestly, who is he kidding?" and "Desperate stuff to justify this authoritative bs." During the public consultation, some posters promoted the Sex Matters campaign to let Brits include their sex in their digital IDs. Another board member, Victor Dominello, has relevant experience as the minister who launched New South Wales' digital driver's license in 2019, saying it was more secure than the physical equivalent. In 2022, a researcher at security company Dvuln found numerous security flaws in the Service NSW app that hosts the license and other government services, although the state government said these did not pose a risk to customer information. Other members include John Fallon, former chief executive of Pearson and the lead non-executive board member of the Cabinet Office; Anne-Marie Imafidon, who runs social enterprise Stemettes, which encourages people to consider jobs in tech and science; and digital regulation lawyer Emma Wright. The board will meet quarterly for as long as the digital ID program lasts. The government is also setting up engagement exercises with the digital verification and financial services sectors. It is currently running a People's Panel with around 100 to 120 participants meeting in Birmingham and on Zoom to hear from experts and ministers before producing recommendations, in return for £550 in cash or vouchers. ®

EPISODE 11 "And uh... what are you doing?" the Head of Security asks, entering the Security office as I'm making my way to the exit – with a PC under my arm. "Just taking this back to the office to archive the contents and then reset it to factory defaults," I say. "Company policy when someone has been... let go." There have been a number of changes at Security – the same number of changes as there used to be members of Security staff. Apparently, eating endless pastries and watching pirated movies isn't an industry-standard procedure for security professionals. Furthermore, the spate of alcohol thefts from the boardroom liquor cabinet seems to have ended after HR discovered several empty bottles in Security's overflowing recycling bin... HR acted swiftly (for a change) and a whole new security team was employed, headed by a keen new broom – who's currently blocking the doorway... To say that he's enthusiastic in his role would be an understatement. His first move was to isolate Security onto a completely separate internet feed, firewalled off from the rest of the Company. Move two was to implement a plan of recording the equipment people leave the building with – something that's proving rather unpopular with laptop users. "Oh, I don't think we'll need it to be erased," he says, holding out his hands to retrieve the machine from my grasp. "Really, there's no telling what's on this machine," I say. "Malware, copyright movies, porn even. We don't know. It's safer – for the Company – if we just start from a clean machine. We might even just dump it to be on the safe side." "Sure," the Head of Security says. "Though that machine looks like it's almost brand new. It's still got stickers on it! And it looks fairly... high end. I think we can take the risk. I'm pretty up-to-date with IT security and the like – so maybe you should let me worry about..." "I think this should probably be HR's call," I respond. "They may want to be sure the Company isn't exposed to any risk that the machine might present." "I can call HR if you like," the Chief Pie-eater suggests, calling my bluff and reaching for his phone. "But I doubt they'd be too concerned." "They should be. If there's malware installed on the recovery partition, you'll reinfect the machine when you restore it to factory defaults." "Thanks for your concern," he says, wresting the machine from my grasp and stepping out of the doorway. ... So that's how it's going to be. Obviously, we knew there was going to be trouble. We prepared ourselves for it. The new Security team has an enthusiasm for the job that was completely absent from the former crew, mainly because they're jockeying for the position of 2IC. The Boss is waiting for me when I get back to Mission Control. "Just had a call from Security. Apparently, you were trying to... remove... one of their machines?" "Yeah. I was going to erase it and restore it to factory settings." "Couldn't you just do that there?" "We prefer to do a reinstall on the DMZ segment – just in case there's any malware on the machine after we restore it." "Right. Well, I talked to the guy, and it certainly sounded like he had everything under control," the Boss assures me. And so there you go. The Boss can determine someone's technical competence from a two-minute phone call. It must be one of his superpowers, along with the toxic body odor and the ability to sniff out a kebab stand in a farmers' market. Two minutes later, in Mission Control… "Right," I say, entering Mission Control. "Everyone ready?" The PFY nods. The lead candidate for 2IC of Security nods. "One of the pitfalls with security types is that they often shave with Occam's razor," I say. "When seeing someone leaving the office with a PC under their arm, they immediately think 'office theft,' rather than thinking 'did this person bring the aforementioned machine into the office in the first place, wait until they heard someone approaching, then make to exit the office?'" The 2IC candidate contemplates this silently. "Another problem with security types is how to celebrate a victory. In this situation, a wise person would not simply 'upgrade' their desktop machine with this newer and shinier item – because it might have an infected operating system – AND infected recovery partition. No, a wise person would first sca-" "Ooh, we're in business!" the PFY interrupts, as his machine receives a ping. "Right," I say to Security 2IC, "I'd give it maybe half an hour – to really trash your network – before I head downstairs. Then maybe I'd ask why all the machines in your office appear to be going crazy." "And you think that would be enough to get him fired, do you?" he asks. "It will be when you discover the stash of Company laptops in the boot of his car as he leaves the parking basement," the PFY says. "And make sure you have the Head of HR with you." "Why's that?" the soon-to-be Head of Security asks. "Because one of the laptops is his..." BOFH: Previous episodes on The Register The Compleat BOFH Archives 95-99

BORK!BORK!BORK! Windows swings for a six but smacks the stumps instead as the baleful glow of a Blue Screen of Death (BSOD) adorns Worcestershire County Cricket Club. We were worried that, with recent editions of Windows, the traditional white monospaced text on a blue background of a BSOD was becoming a thing of the past. Thankfully, Worcestershire County Cricket Club, founded in 1865, is keeping the old ways alive with a BSOD to bring a tear to many a system administrator's eye. Spotted by Register reader Rhodri Howell, Windows has been felled by a DRIVER_POWER_STATE_FAILURE, probably due to a bit of hardware not waking up when Windows asked it to, or the driver experiencing an unexpected teatime. The screens on top of the club's sign are usually there to beam messages at attendees, but in this case, it looks like at least one is a bit poorly, which might have contributed to Windows throwing in the towel or, to use cricket terminology, conceding. For the uninitiated, cricket is a team sport in which a ball is thrown at an individual called a "batter'" who defends several sticks in the ground called a "wicket." The sport is notable for a variant called a "test," which can last for several days, involve multiple games, and still end up in a draw. Windows, on the other hand, is an operating system more than capable of knocking an administrator for six and lobbing the odd googly or two at the unwary. The word "test" is also something that doesn't seem to trouble Microsoft so much these days, at least if what the company has delivered in recent months is anything to go by. No amount of shin pads or even the toughest of boxes is sufficient to ward off an eyewatering Windows update. Microsoft's current CEO, Satya Nadella, is a fan of the sport, and so the sight of Windows disgracing itself above Worcestershire County Cricket Club's signage (and the three black pears of the county's emblem) is doubly distressing. As the saying goes: "It's just not cricket." ®

COMPUTEX 2026 It’s hard enough for startups to compete with AMD and Nvidia on chip design. The rise of rack-scale architectures has only made things harder. Companies not only have to invest in chip design but also the mechanical, thermal, and power engineering necessary to pack six dozen or more AI accelerators into a single rack that functions as one enormous GPU. At Computex last week, Delos Data, a startup funded by former Intel and Barefoot Networks execs, showed off a modular server platform aimed at giving chip startups a shortcut to rack scale. One of the challenges with the move to rack scale is actually the sheer amount of networking that needs to be enabled at the box. A typical eight GPU HGX node only needs one or two ports per GPU. By comparison, a GB300 NVL72 needs 18 400 Gbps ports per GPU. Nvidia and AMD have developed custom racks with integrated backplanes, power delivery, and cooling. Delos by comparison is keeping things relatively simple by designing a chassis that, at least from the front, looks more like a switch than a GPU server. It features 36 OSFP ports, nine for each of the four OAM sockets at the heart of the system. OAM, if you’re not familiar, is an open socket commonly used by high-performance accelerators requiring more interconnect bandwidth and power delivery than standard PCIe cards can manage. Assuming 200 Gbps SerDes, that works out to 3.6 TB/s per chip of interconnect, the same as Nvidia's new Rubin GPUs. OSFP means that customers can use standard DACs or pluggable transceivers, and switches depending on how large they want their scale-up domain to be. And while OSFP is usually associated with Ethernet, you can run just about anything you want through them, whether it be UALink, Ultra Ethernet, PCIe, or something else. From a deployment standpoint, these systems would be wired up like any other hyperscale system, just a whole lot denser. Delos isn’t the only option out there for chip startups looking for scale up reference design. AWS for example appears to be repurposing Nvidia’s MGX form factor for its Trainium 3 rack systems, while AMD’s Helios rack is now an OCP standard. Both designs would, in theory, be easier to service, but Delos argues that its modular design offers greater flexibility. “It makes it a little bit more flexible in terms of, maybe you want a scale up domain of 100 or maybe you want it a scale up domain of one,” CTO Dan Daly told El Reg. “It just depends on how many cables you want to plug in. This also allows you to go plug into different types of switches… it could be simpler switches, maybe even optical circuit switches (OCS).” Using existing packet switches from Broadcom or Marvell, such a design could support 512-1,024 accelerators in a single layer fabric depending on whether you're using 200 Gbps or 100 Gbps SerDes. Using multi-layer fabrics, OCS, and/or 2D/3D toruses, the compute domain could scale even further, all while using off-the-shelf components. While OSFP keeps things simple and easy, it also means power consumption could become problematic for larger compute domains requiring pluggable optics. In fact, this is why Nvidia has taken so long to embrace optical scale-up. Copper may not have the reach, but it uses a fraction of the power. Delos CEO Ed Doe tells us the company is already exploring versions of the system that will use near package or co-packaged optics out to MPO-style connectors rather than the OSFP. The startup isn't just doing hardware. As anyone who's done large scale networking knows, the physical and logical topologies — that is, the way devices communicate with one another on the network — can look very different depending on the workload. Delos has developed a software orchestration platform designed to facilitate the configuration and monitoring of these switched fabrics or meshes in order to enable dynamic rerouting of traffic in the event of a link failure. At Computex, this software platform, which Delos has dubbed its Nonstop AI network, was on display, allowing attendees to pull links at random and see the network react and correct itself automatically. The company's ambitions don't stop at network orchestration and systems. We're told Delos has additional products in the works, and we don't know for sure what they are, but a high radix switch design built atop merchant silicon would certainly complement its Nonstop AI systems. ®

ON CALL 你好 Nǐ hǎo, dear reader, and welcome to another installment of On Call, The Register's Friday column that shares your stories of translating technical trauma while delivering transcendent tech support. This week, meet a reader we'll Regomize as "Jackson" who told us about his time providing tech support in a university's biology department. "It was sometime in the mid-2000s and our IT group at the time consisted of myself, my boss, and a part-timer," he told On Call. "We were a very casual IT group; nothing in the way of any formal policies or standards for anything at all. If someone needed a new PC, we just ordered parts and assembled them ourselves." The department's PC fleet therefore had a diverse gene pool, with no two machines possessing the same bill of materials. "This was fine by me – I enjoyed building them and it never really caused any issues that I couldn't handle," Jackson told On Call. "Until one day we got a panicked support call from one of the secretaries who claimed that her PC just rebooted and then started talking to her." Jackson and his colleagues didn't believe a word of it until the secretary stopped talking and placed her phone next to the talking PC. "I could clearly hear a muffled voice repeating a message of some sort," Jackson told On Call. There was nothing for it but to visit the PC, which he found hung in the middle of a Power-On Self-Test, flashing an alphanumeric error code and unmistakably playing a voice through its internal speaker. In Chinese! Jackson rebooted the machine and it ended up in the same state, reciting the same message. Chinese isn't a language in which Jackson is fluent, so he had no idea what the PC was trying to tell him. "After poking around in the BIOS, I found the culprit," Jackson revealed. "This particular model of motherboard had a 'talking error BIOS' whereby certain POST codes triggered the playback of a friendly, spoken error message, with Chinese set as the default language." Jackson found the relevant BIOS settings, changed the default language to English, and the next time he rebooted the machine it helpfully let him know: "Your floppy drive may not be connected properly." In his mail to On Call, Jackson hypothesized that the PC's CMOS battery died, so the BIOS was unable to access its stored settings and reverted to factory settings that assumed the presence of a nonexistent second floppy drive. "It triggered a feature I didn't even know the motherboard had!" Jackson told On Call. Have you found yourself flummoxed by a feature you didn't know about? If so, click here to send On Call an email – we'll assume that's a feature you know well – so we can tell your story on a future Friday. ®

Enterprises that have watched Claude claw its way toward mass appeal over the past few months of capacity challenges and pricing realignment should take a closer look at Anthropic's offerings, according to International Data Corporation (IDC). The tech consultancy has been tracking Anthropic's moves over the past six months and says that the AI biz is taking credible steps toward making itself an enterprise AI provider. "Currently, no frontier model company is mature enough to be evaluated as an enterprise AI provider on its own," IDC said in a recent report. "But Anthropic is running at full speed to get there before its competitors." The report is titled "The Transformation of Anthropic (and What to Do About It)," and advises enterprises to revisit their LLM and agent evaluations with an eye toward seeing whether Anthropic might work out as a reliable technology provider. Enterprises, IDC says, remain largely unsold on Anthropic's Claude models, with only 19 percent using them extensively and 25 percent actively evaluating them. OpenAI and Google are better represented in enterprises, with about 42 percent and 38 percent of organizations using their respective products, per IDC's FERS Survey, March 2026. According to The Information, about 86 percent of Anthropic’s 2025 revenue was projected to come from enterprise sales. OpenAI, the report claims, derives just 40 percent of its revenue from business sales, though that figure ($5.2 billion) represented a higher dollar amount than Anthropic's business revenue ($3.9 billion) at the time. That was back in January, only two months after Anthropic began shifting enterprises away from seat-based pricing toward usage-based pricing. Since then, IDC says Anthropic has taken a series of steps to make itself more credible as an enterprise AI provider. "This conclusion might not be obvious: From January through May 2026, Anthropic produced well over 100 public interactions, including official announcements, release notes, blog posts, X posts, partner announcements, hiring news, policy moves, and press-covered transactions," the report says. These initiatives, such as the launch of the Claude Partner Network, have expanded distribution, bolstered brand perception, facilitated future growth, enhanced "stickiness" (aka lock-in), strengthened enterprise support, addressed the needs of specific industries, demonstrated innovation, and shored up the compute supply necessary to deliver services at scale. According to IDC, the enterprise ecosystem commonly focuses on a vendor-neutral, multi-LLM strategy. Nonetheless, the biz argues that the company has made its technology visible enough that Claude is increasingly coming up in conversations among IT decision makers. "Anthropic's transformation has just started, but the direction is clear enough for CIOs and CISOs to pay attention and reassess where Claude fits in a multi-LLM or an agentic AI Strategy," the IDC report says. ®

Palantir CEO Alex Karp doesn’t think frontier AI labs prepping for IPOs really understand what their customers need, and that ignorance is making Palantir a success. Karp had a wide-ranging, often rambling and self-interrupting sit-down (coherent compared to some of his other interviews, to be fair) with CNBC’s Sara Eisen on Wednesday in which he said that every single enterprise customer Palantir has is unhappy with frontier AI labs like Anthropic and OpenAI. Those companies, says Karp, are operating on a “hyper religion of hyper optimism” that doesn’t reflect the experiences of their customers. “They believe all problems present, past, and future, including the ones they create but don’t acknowledge, are going to be solved by them,” Karp opined. “Enterprises are fed up because they know this doesn’t actually work this way, and isn’t working.” That frustration, Karp said, is driving businesses to Palantir’s Foundry systems, which act as AI-agnostic data integration platforms for unifying disparate data sources and cognizing them with whatever LLMs a customer chooses to deploy. Pitch to prospects or not, Karp is on to something. AI projects are largely loss makers for the companies that deploy them, and have been for some time. Only 28 percent of AI use cases fully meet ROI expectations, according to a recent Gartner estimate, and most fail to ever get out of the pilot stage. Despite that, business leaders keep shoveling coal into the AI furnace to try to extract value, which, if you ask Karp, simply isn’t there unless you’re pairing those models with some decent infrastructure. Infrastructure Palantir can provide, natch. “It’s not just the man and woman on the street who are unhappy with the frontier labs,” Karp said, pointing to “every single enterprise we deal with” being frustrated with the likes of Anthropic and OpenAI’s ability to provide value for their businesses. Karp said that Palantir leadership has been debating whether they should pay potential customers to go talk to frontier labs themselves before signing a contract with his outfit. “People come out of there screaming, saying 'this could never work for me, they don’t understand the enterprise, they don’t care about my enterprise,'” he said of customers. Frontier labs, Karp opined, just want customers to "tokenmax” – that is, to view token consumption as a measure of productivity and usefulness. The charge isn’t out of left field. Google CEO Sundar Pichai even nodded to the phenomenon at I/O last month. Burning more and more tokens is getting to be expensive for companies, and OpenAI is reportedly considering reducing its per-token charge to attract more customers in its growing war with Anthropic, which Karp called the “leading frontier firm” in his interview. Karp wouldn’t give a straight answer when asked whether OpenAI, Anthropic, and other frontier labs could do what Palantir is doing, but he did imply some doubt. Sure, they have some good engineers on staff, he said, but that doesn’t matter a lick if they “don’t talk to the enterprises or understand the technical challenges” their customers are facing in deploying their models. “When you go to San Francisco and talk to them, their basic vibe is ‘we don’t have to solve your problem today because tomorrow you’re going to go away and all your problems are going to be solved,’” Karp charged. “It’s largely religious.” Karp also called out OpenAI’s recent agreement to acquire UK-based AI consulting firm Tomoro, which will form part of the newly launched OpenAI Deployment Company aimed at helping customers generate returns from their ChatGPT investments, as an attempt to replicate Palantir's success. “It’s a complete farce,” Karp said. “They don’t understand how unlikeable they are.” By that, Karp said, it’s not that AI lab leadership isn't friendly – he said he's buddies with some of them and that they’re great to chat with – but “the product doesn’t actually work and it’s very expensive.” To that end, he added, most of the things that Anthropic brags about in public, for example, are successful because they’re “running on Palantir,” Karp charged. “It is not that LLMs aren’t crucial for the world, it’s just that the implementation is where the value is, certainly in the next 7 years,” Karp explained. In essence, what the Palantir boss seems to believe is that simply tossing an LLM at business problems isn't an actual solution. What Karp had to say on CNBC was, in his usual way, boisterous, confrontational, and self-aggrandizing, but look at the rate of AI returns in the enterprise right now and you have to admit he's got at least a partial point. ®

AI may or may not be pushing lots of people out of the workforce, but Anthropic has good news as the Claude creator is creating temporary positions to promote the adoption of AI, even as CEO Dario Amodei ponders policy interventions to counter "job displacement." The AI biz has announced the launch of Claude Corps, a $150 million program that will pay 1,000 Claude Corps Fellows $85,000 (plus benefits and a token budget) for one year to help advance the missions of nonprofit organizations using generative AI. Meanwhile, the tech industry continues to take on debt to build datacenters while balancing its books by shedding employees. According to job search biz TrueUp, the tech sector this year has averaged 935 layoffs per day, up from 674 per day in 2025. Anthropic's program debuts alongside the publication of Amodei's latest musing about his optimism "that, even in a world with AIs that are better than everyone at everything, humans can live lives of deep purpose and strive to build awe-inspiring and beautiful things." Claude Corps' stated goal is to provide host organizations with valuable tools and systems and to help participating fellows "build AI skills that will serve them in their careers" – however long those careers last until AIs are better than everyone at everything. There is, of course, no guarantee that AI will surpass human cognition or folly. But Amodei likes to talk about the idling of human labor, just in case, even if that sort of chatter fuels the firebombers. Anthropic says that it is announcing Claude Corps alongside its policy framework for dealing with AI's impact on work. The framework is titled "Policy on the AI Exponential," which is the same title Amodei used for his post. The policy's call for company-endorsed regulatory intervention is predicated on the claim that "AI is advancing at exponential speed," though the document cites no evidence of exponential capability gains and offers no time frame – a necessary variable to calculate periodic gains. Judging by AI model benchmark metrics, recent AI improvement has been incremental, a rate of advancement too timid to turn heads in the attention economy. Using data from Stanford HAI's 2026 AI Index report, even impressive gains such as AI model performance on the SWE-bench Verified benchmark rising from 60 percent to nearly 100 percent of the human baseline in a single year are not, by themselves, evidence of broad "exponential" progress across AI. Alarmism aside, Claude Corps will be funded and steered by Anthropic and implemented by computer education nonprofit CodePath, which will serve as the employer of record for fellows. The 12-month-long fellowships begin with "intensive training on using Claude in non-profit settings," augmented by five hours of additional training each week. Fellows are expected to use their remaining time coaching their respective nonprofits on the ins and outs of AI workflows. The gig comes with support from a CodePath mentor and office hours from Anthropic, which may prove useful for reactivating Claude accounts that have been suspended after triggering Claude's overly sensitive safety guardrails. Some 400 nonprofits are expected to host Claude Corps Fellows over the next 12 months, including Braven (job prep for low-income students), Code the Dream (coding education), and Heartland Forward (economic growth for middle America). "If Claude Corps works, we'll have a foundation for something much larger: a model for widening AI's benefits during a period of vast economic change," Anthropic says. And if not, as New Yorker cartoonist Tom Toro put it, "Yes, the planet got destroyed. But for a beautiful moment in time we created a lot of value for shareholders." ®

Data theft and extortion group ShinyHunters has exploited a critical Oracle PeopleSoft bug as a zero-day to compromise more than 100 organizations, including the University of Nottingham, across 300 vulnerable instances. A spokesperson for the cybercrime crew on Thursday told The Register that they exploited CVE-2026-35273 to break into the university’s PeopleSoft system and steal 40 GB of personal data and billing records belonging to hundreds of thousands of current and former students. ShinyHunters posted the UK university on its data leak site on Tuesday before publishing the stolen files later that same day, presumably because the school refused to pay the extortion demand. “University of Nottingham on our leak site is one of the first publicly confirmed incidents,” a ShinyHunters spokesperson told us. “We have only just started outreach to affected orgs and are actively looking to reach an agreement with affected orgs.” They didn’t say when they planned to post the other 100 or so claimed victims. A Google threat intelligence report published Thursday afternoon corroborated ShinyHunters’ claims to have compromised more than 100 organizations. Google said it spotted malicious activity, “consistent with the exploitation of CVE-2026-35273,” between May 27 and June 9, and notified more than 100 global orgs “whose IP addresses correlated with potentially vulnerable endpoints." Most of these, we’re told, are based in the US and 68 percent are in the higher-education sector. PeopleSoft is a widely used enterprise software suite that large corporations and institutions use to manage their human resources, payroll and billing applications, supply chains, and student records. CVE-2026-35273 is a 9.8 CVSS-rated vulnerability that allows remote, unauthenticated attackers with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools and fully take over the platform. On Wednesday, a day after ShinyHunters leaked the school’s data, the University of Nottingham confirmed the breach and Oracle issued an out-of-band security alert. It’s unclear, however, if the software provider has issued a patch to fix the security flaw. The Register reached out to Oracle, and did not receive any response to our questions. Google-owned Mandiant Chief Technology Officer Charles Carmakal, in a brief LinkedIn post on Thursday, warned that PeopleSoft was one of two zero-day vulnerabilities “actively being exploited in the wild.” “Oracle released mitigations,” Carmakal wrote. “Patches should come soon.” The other zero-day, for the record, is this Cisco Catalyst SD-WAN Manager vulnerability.®

The boffins on Google’s DeepMind team unveiled an experimental new language model this week that uses techniques originally developed for AI image generators to boost text output performance by as much as 4x when running on resource-constrained consumer hardware. It's free to download and you can run it with just 18 GB of DRAM or VRAM. The model, codenamed DiffusionGemma, is the latest addition to Google’s open weights model family. But unlike Gemma 4, which launched this spring, the 26 billion-parameter mixture of experts (MoE) model isn’t a large language model in a conventional sense. Instead, it’s actually closer to image models like Stable Diffusion or Flux. Rather than generating tokens one after another in an autoregressive fashion, DiffusionGemma generates entire paragraphs' worth of tokens at the same time. The process looks a lot like how a diffusion model turns what’s essentially static into an image through a series of denoising steps. As Google explains it, DiffusionGemma works by laying out a canvas of random tokens, and then refining them until the final output is reached. Compared to conventional LLMs, which are memory-bandwidth bound and require a lot of VRAM, diffusion models are a predominantly compute-bound workload, which is why the Chocolate Factory is positioning these models for local deployment. LLMs are autoregressive. During token generation, the model’s active parameters need to be streamed from memory for every token generated, making memory bandwidth a major bottleneck. In the cloud, inference providers balance compute and memory bandwidth by processing hundreds or thousands of requests in parallel. As you might have guessed, this isn’t something the average user running a local model on their notebook can do. However, many consumer products, like high-end graphics cards, have plenty of excess horsepower, which DiffusionGemma can take advantage of to boost output performance. Diffusion language models aren’t perfect. Google isn’t the first to explore this tech. Previous models, like DREAM or Mercury 2, demonstrated major speedups over conventional LLMs, but generally underperformed them in benchmarks for their size. DiffusionGemma doesn’t appear to be any different. According to Google, the 26 billion-parameter model falls just behind Gemma 4 12B in the GPQA-Diamond benchmark, with its main advantage being output speed, and even then it’s not as impressive as Google has made it out to be. The chart shows a roughly 2.25x speedup for DiffusionGemma over the 12B parameter LLM with speculative decode enabled. Compared to Gemma 4 26B-A4B, the speedup is nearly 4x when running a single Nvidia H100. DiffusionGemma is being released as an experimental model rather than an enterprise focused one, like we saw with Gemma 4. The model is available for download on popular model repos like Hugging Face under a highly permissive Apache 2.0 license with support already merged into popular inference engines like vLLM, MLX, and HF Transformers, with support for Llama.cpp coming soon. While local inference has largely been the domain of AI enthusiasts, companies like Google are increasingly leaning on the tech to cut cloud costs associated with their AI services. As you may recall, back in May, Google quietly began shipping a small LLM with its Chrome web browser. ®

Nightmare Eclipse, the prolific zero-day vulnerability hunter with an axe to grind against Microsoft, released yet another exploit late Wednesday that the researcher claims will spawn a command prompt that provides total access to the BitLocker volume. This bug, called GreatXML, was “an accidental discovery,” according to the researcher, who said it only took four hours to find. They claim this exploit (published on GitHub and Git-based code-hosting platforms) can bypass BitLocker on any system that has ever run a Microsoft Defender Offline scan at any point in the past. GreatXML comes just a day after Nightmare released exploit code for RoguePlanet, which allows local privilege escalation and leads to SYSTEM-level control over an affected machine. This brings the researcher’s zero-day count to eight. The earlier six - RedSun, UnDefend, BlueHammer, YellowKey, GreenPlasma, and MiniPlasma - all have patches as of this week’s Patch Tuesday event. Redmond on Wednesday told The Register that it is aware of RoguePlanet, and “actively investigating the validity and potential applicability of these claims.” The Windows giant didn’t immediately respond to our inquiries about GreatXML, including when it planned to issue a patch. Microsoft has said none of the vulnerabilities were reported via its official channels prior to being made public. The company also banned Nightmare’s earlier GitHub account, and seemingly threatened legal action before dialing back its rhetoric after steep backlash from the security community. Nightmare Eclipse, who some researchers suggest is an ex-Microsoft employee, harbors a very personal grudge against the Windows giant and its communications with bug hunters. They have promised to keep the zero-days coming, but waffle on the timing. Last month, the researcher pledged a big July 14 drop: “I will make sure your bones are shattered that day,” and then added, “nothing will be released this June (or maybe I will release smtg, depending on circumstances).” On Tuesday, they changed course. “I will be unable to mass disclose zerodays in July 14th, RoguePlanet took way more time than expected and truly drained me. I might take a break but I can't say for sure what I will be doing for next month, maybe it's nothing, maybe it's smtg.” A day later, Nightmare released the “accidental” GreatXML BitLocker bypass. According to the researcher, the BitLocker bypass first requires copying “unattend.xml” and the “Recovery” directory to the root of the recovery partition. The next step is rebooting into WinRE by Shift-clicking Restart. “If everything was done correctly, a shell with unrestricted access to the bitlocker volume will spawn,” Nightmare wrote. Also, if the scan hasn’t even been initiated on the Windows system, first you’d need to either log in and initiate it, or “figure out a way to boot into WinRE in offline scan state.” Security sleuth Will Dormann followed Nightmare’s steps to reproduce GreatXML, and said the writeup seems “flawed.” In his testing, Dormann said the command prompt appeared the next time a Defender Offline scan ran. “And in order to trigger a Microsoft Defender Offline scan, you both need to be logged in to Windows, and also have admin credentials,” he wrote on social media. “And if you've already got that level of access, you can just turn off bitlocker.” “The writeup for GreatXML suggests that the prerequisite is that Windows Defender Offline has been executed at some point in the past,” Dormann added. “And that after planting two files in WinRE, all you need to do is [Shift]-reboot into WinRE, and Windows will automatically go into Microsoft Defender Offline scan mode. But this is not the case in any of the 3 lineages of Win11 that I have handy.” ®

Datacenters got you down? Worried that even the most innocuous questions will spin up AI models running in water-guzzling, energy-sucking, planet-destroying hyperscalers? You need CrankGPT. No, we’re not talking about surrendering to AI psychosis: we’re talking about a literal hand-cranked machine loaded with a voice agent that can respond to questions and even translate speech into other languages, provided someone keeps the power flowing. There’s an onboard custom-built capacitor board to store some juice, mind you, but it only provides around 20 seconds of crank-free runtime before you’ve gotta keep crankin’ to keep it alive. That, and it takes a bit of time to get it running - according to the documentation website, it’s a 30-second process “from the moment you start cranking to the moment you’re having a conversation with CrankGPT.” According to the AI expert duo behind the device, computer scientist Katrin Tomanek and former Google Advanced Technology and Projects Group technical project lead Alex Kauffmann, CrankGPT still delivers impressive results despite the need to perform some hard physical labor for your tokens (though we’d argue some exercise for your AI might not be a bad thing). “Asking Claude to add two numbers for you is like swatting a fly with a wrecking ball,” Kauffmann told The Register in an email. This tongue-in-cheek demonstration, Kauffmann said, may be a bit of light fun, but it’s an exercise in demonstrating what his and Tomanek’s AI company, Squeez, is all about: small, private specialized AI models that, in a pinch, might not even need very much energy or a connection to the web to operate. “Squeez produces customized, efficient, and private models that can run on small, inexpensive hardware to solve specific problems,” Kauffmann explained, citing tasks like voice recognition for someone with a strong accent or speech impediment, or specially-trained, local AIs that are subject matter experts in topics like gardening or auto repair, but won’t touch subjects outside their wheelhouse. Contrary to the flashy dot-com for CrankGPT the pair have set up, Kauffmann told me, Squeez has no plans to pursue spin cycle class-powered AI stacks for dev teams, though he said if anyone wants to foot the bill, he'd be happy to give it a shot. "Off-the-shelf bike generators are shockingly expensive and they're fussy to build," Kauffmann said. Still, "a good biker can maintain a steady 120W output, so a class of twenty could power a Blackwell." Speaking of wheelhouses, what’s inside that box? If there’s a tiny computer in a 3D-printed box with a crank attached, there’s a good possibility it’s going to be a Raspberry Pi, and that’s the case here. CrankGPT’s brain is built on a stock RPi 5 with 8 GB of RAM and a cooling fan HAT, and audio input and output are handled by a dedicated I/O HAT designed for voice assistants running RPis. Power comes from the aforementioned crank, which is actually an off-the-shelf 20W switchable voltage hand crank unit built for emergency USB device charging, and is stored in the custom capacitor unit the duo built. “The neatest part of the whole thing is that you can actually feel the inference,” Kauffmann told us. “The amount of resistance the crank presents varies depending on the amount of work the board is doing, so when it's really working (generating words for instance), the crank becomes much harder to turn than when it's idling waiting for you to say something.” As for software, the device is running the most stripped-down, bare bones instance of DietPi the pair could compile, which is able to boot into a functional userspace in about three seconds. The voice agent is the truly original piece of work done for the project, as detailed in the documentation page, and was built entirely from scratch. “We wanted to understand the system end to end and have as few dependencies as possible,” the documentation page notes. It’s available on GitHub for those interested in trying it out. Speech recognition is handled by the Moonshine automatic speech recognition engine, chosen for its speed, while text-to-speech synthesis is handled by Piper, chosen again for its low-resource edge inference capabilities. As for the models running on the thinking itself, there are a few that are behind CrankGPT, with Liquid LFM2 1.2B providing a general-purpose voice agent, and Gemma 3 1B being used for translation. CrankGPT can switch between translation and various prompts (e.g., general question answering and games like two truths and a lie) via a knob on the side of the enclosure. “It’s entirely configurable,” Kauffmann told us. “We added a couple of physical inputs (the knob, a button, a switch) to make experimentation easier.” Kauffmann added that he and Tomanek were surprised by how well the translation function worked. “We did no fine tuning, it's just a two-line prompt and it works really well for high-coverage languages,” he explained. While the demonstration focuses on audio prompts and responses, Kauffmann explained that the device supports all sorts of different models, with the only real limitation being inference time and the amount of hand cranking one wants to do to get their response. “We’ve generated images (small), made poetry (bad), and written code using the same setup,” the CrankGPT makers wrote in their documentation, all with “a hand crank, a little computer, and a small stack of speech and language models running locally.” If you’re interested in building your own CrankGPT model, keep an eye on the documentation page we linked earlier in this story, as Kauffmann told us he and Tomanek are planning to release all the plans and schematics in the coming days, while the aforementioned custom voice agent is already available for tinkering. “It's a pretty straightforward setup, the only tricky part is that SBCs like the Raspberry Pi will sometimes draw enough current to trigger a little generator's overcurrent protection,” Kauffmann told us. If you have a spare $300 lying around (that’s what Kauffmann estimates the RAM pricing surge has driven the build cost up to, from the $150 he spent when building CrankGPT last year), then you, too, may soon be able to build your own completely off-grid, standalone AI box so you can keep chatting with your favorite micro LLM if and when its bigger cousins knock the grid offline. ®

Amazon, along with the rest of the industry, has gotten so used to framing everything that happens through the context of AI that it has lost the plot on their Graviton chip lineup, and along with it their own credibility. Which is a shame, because it's actually a triumph of a chip. First, the Wall Street Journal breathlessly reported that Snowflake's $6 billion AWS commitment was "for agentic computing chips." Then AWS's own press release heralded the release of their latest chips "for the Agentic AI era." In both cases, they were referring to their Graviton line. You could be forgiven for thinking this was some kind of GPU. No, that's Trainium. (Technically, Trainium isn't a GPU, nor is it a CPU, but rather a systolic array. Don't worry; most AI engineering software doesn't know what the hell that is, either.) Graviton is AWS's general purpose Arm CPU, which can be used for AI in much the same way as Excel can be used as a database. But that's far from its only, or even primary, purpose. Let's dive into what Graviton actually is. Price / Performance / Reality For the longest time, Amazon refused to issue benchmarks, competitively positioning its then-nascent Arm line against Intel. Many of us thought this meant that the results would underwhelm — so you can imagine my surprise when real-world workload tests showed 35 percent to 40 percent better performance in a wide variety of situations. It was as if Amazon had built something amazing, but was somehow embarrassed to admit it. Those days are long behind us; they trumpet in the subhead of their announcement that Graviton 5 means "apps run 35% faster, ML inference is 35% faster, and databases are 30% faster." To their credit, I was expecting those numbers to be against something ancient, but in a refreshing bout of honesty, they're comparing them to Graviton 4, itself no slouch. They are also 9 percent more expensive. Once upon a time, new generations of AWS instances were notably less expensive than their predecessors. Going from a c4.large to a c5.large meant you'd get better performance, and the instance itself was a whopping 15 percent cheaper. Upgrading was a no-brainer! That started changing, and now upgrading means the instance becomes more expensive. AWS's position is that this is an incomplete analysis, since the improved performance means you'd pay less for a given workload. In some cases, this is correct, but in others, it's akin to saying that a Ferrari offers better price performance than my Honda CR-V because I can drive it to work three times faster. Logic, as well as traffic lights, disagree. Amazon's contention is correct for customers who have large fleets of nodes that they run at high degrees of CPU utilization. Switching those fleets to the new hotness will absolutely result in a price performance improvement, provided the workload and the stars both align. However, for customers who need a fixed number of nodes (think database companies, who offer each customer of theirs a set number of replicas, or workloads of the form "each environment gets three nodes, one in each AZ"), this represents a pure 9 percent price hike going from old generations to new ones. That puts many customers in a pickle: upgrade to new instance families, or stay on the old ones and watch availability become constrained in the coming years as AWS stops racking old chips. (Hi, Amazon PR! If you're about to pop into my inbox to tell me that won't happen, I have a customer I'd love for you to have a chat with!) But this price hike isn't happening in a vacuum. It's happening against a backdrop of "an 8GB Raspberry Pi is now $175, over twice its launch price of $85." Components have become fiendishly expensive across the board as giant companies compete for capacity, and AWS has to be feeling that pressure. Two companies each asked to buy all of AWS's Graviton capacity for the year; AWS clearly has room to kick their prices into the stratosphere! Somehow, they're not only resisting the siren song of "please gouge me, business daddy," but also managing to keep availability strong for customers of all stripes; I upgraded my developer node in my tiny unremarkable AWS account yesterday, and it Just Worked. And so... Despite the nonsense marketing, I don't want to detract from just how amazing Annapurna Labs (Amazon's chip division) has been at churning out wildly performant silicon year over year. Their chips are legitimately great, and the Graviton 5 numbers are a triumph. Lost against the backdrop of "Agentic AI," the stuff underpinning all of it continues to work, improve, and largely pass by unremarked. Keep going. ®

ZTE has won three prestigious awards at Selular Award 2026, held on June 8, 2026, at Menara Peninsula Hotel, Jakarta. The awards recognize ZTE's contributions and innovations in advancing artificial intelligence (AI)-powered network technologies amid the acceleration of digital transformation and 5G development in Indonesia. ZTE's contributions to advancing AI-powered network innovation have been recognized by Selular Media Network (SMN), a leading telecommunications and technology media organization in Indonesia, through three awards at Selular Award 2026. ZTE received honors in the categories of Best AI Technology Fixed Wireless Access, Best AI Network Ecosystem, and Best Native AI Baseband. These awards reflect ZTE's capabilities across network access, ecosystem development, and core infrastructure, further strengthening its position as a technology partner supporting digital transformation and the evolution of AI-driven networks in Indonesia. The Selular Award is an annual appreciation program organized by Selular Media Network (SMN) to recognize outstanding achievements and contributions across Indonesia’s ICT and digital technology industry. As the first and most consistent telecommunications industry award since 2003, the Selular Award serves as a benchmark for excellence, honoring companies and brands that demonstrate innovation, strong performance, and meaningful contributions to Indonesia’s digital transformation. Through this award, the public and business community can identify industry leaders that continue to create value and drive progress in the digital ecosystem. This year's Selular Award carries the theme "Leading The Future: Building Exponential Value in 5G-Advanced and AI Economy", highlighting the convergence of AI and 5G-Advanced as key drivers of digital economic growth. Kevin Fang, Marketing Director of ZTE Indonesia, said: "Digital transformation today is no longer driven solely by connectivity, but also by the ability of networks to operate more intelligently, efficiently, and adaptively. Through the AI-powered innovations we have developed—from broadband access to core infrastructure—ZTE is committed to delivering network solutions that are ready to meet connectivity demands in the AI and 5G-Advanced era. These awards motivate us to continue delivering meaningful innovations that create value for the industry, our customers, businesses, and society." Indonesia's telecommunications industry is currently entering a critical phase in its digital transformation journey. According to the e-Conomy SEA 2025 report by Google, Temasek, and Bain & Company, revenue from AI-powered applications in Indonesia grew by 127% year-on-year, the highest growth rate in Southeast Asia, with 80% of users interacting with AI applications daily. This momentum reflects the growing demand for network infrastructure that is not only fast and reliable but also capable of supporting AI workloads. On the infrastructure side, GSMA Intelligence projects that 5G investment in Indonesia could contribute up to USD 41 billion to the national GDP between 2024 and 2030. This projection highlights the strategic role of 5G as a connectivity foundation that supports digital transformation and the growth of the digital economy. At the same time, the increasing adoption of AI and data-driven services is driving demand for networks that are faster, more reliable, and capable of handling greater capacity. As part of its commitment to supporting these developments, ZTE continues to deliver innovations across the entire network technology value chain, from broadband access to core infrastructure. On the access side, ZTE provides AI-powered Fixed Wireless Access (FWA) solutions designed to expand high-speed connectivity more efficiently and flexibly. The solution serves as a strategic approach to supporting broadband inclusion while addressing the growing demand for connectivity across different regions. In addition, ZTE is building an open ecosystem that integrates AI, connectivity, cloud computing, and various digital technologies within a collaborative framework involving operators and enterprises. At the core infrastructure level, ZTE embeds AI capabilities natively into the baseband, the key component responsible for network signal processing. By integrating AI directly into the baseband from the design stage, networks can analyze, optimize, and adapt operations more intelligently and in real time. This approach enables more autonomous and efficient network operations while preparing networks for the demands of the 5G-Advanced era. Moving forward, ZTE will continue to deepen collaboration with operators, enterprises, and industry partners in Indonesia while strengthening its technology portfolio, ranging from wireless access solutions and optical transport to data center infrastructure and telecommunications energy solutions. In line with Indonesia's vision of becoming one of Southeast Asia's leading digital economies, ZTE remains committed to accelerating the nation's digital transformation through AI-driven innovation, intelligent connectivity, and next-generation network technologies that benefit more industries and regions across the country. Contributed by ZTE.

It won't be making smartphones great again. The long-awaited Trump-branded smartphone has finally arrived, and it appears to be exactly what many suspected: an existing handset in gold drag. Repair biz iFixit got its hands on the Trump Mobile T1 after the device became available in May, and its teardown found the model is essentially an HTC U24 Pro with cosmetic tweaks and a Trump-friendly gold finish. It was almost exactly a year ago that the Trump Organization unveiled the Trump Mobile cellular service and heralded the coming of the T1 Phone, described as "a sleek, gold smartphone engineered for performance and proudly designed and built in the United States." Few expected the gilt gadget to live up to that promise, as there are effectively no mass-market smartphones built in the US, with the possible exception of Purism's Liberty Phone, which is priced at a challenging $1,999 for those who absolutely must have a smartphone made outside China. Despite accepting $100 deposits to pre-order the coveted handwarmer, Trump Mobile failed to deliver the device by August last year, as promised, and many started to believe it would never show up. But it arrived this May amid claims that the Trump Mobile website was leaking customer data to anyone who sent an HTTP POST request. The nerds at iFixit passed the Trump Phone through a CT scanner alongside an HTC U24 Pro to confirm that the internals of the two devices are almost an exact match. They even went so far as swapping the main board of the T1 for that of the HTC phone, and showed that it not only fits, but the phone still works. One difference iFixit noted is that the multichip package housing the 12 GB of LPDDR5 memory and 512 GB of storage is from Micron, whereas the corresponding package in HTC's phone is supplied by SK hynix. The HTC U24 Pro is a mid-range smartphone that was launched almost exactly two years ago in June 2024. It is based on the Qualcomm Snapdragon 7 Gen 3 platform, has a 6.8-inch display, and came with Android 14 at launch, whereas the Trump phone features Android 15. In other words, it's a fairly unremarkable smartphone, sprayed gold and marketed to Trump fans for a promotional price of $499. To be fair, as iFixit makes clear, this is not a bad price for a device like this, so aureate wannabes are not being overcharged here. But as iFixit also makes clear, the device may be assembled in Florida, but it was designed in China and the vast majority of its parts have been sourced from and made in China as well. ®

UPDATED Following notes from several readers, we followed up directly with VRChat on Thursday at 1945 GMT and they told us that the Maine Attorney General's office apparently posted a fake breach report. According to an email from VRChat's head of community, Charles Tupper, "VRChat did not submit this Notice of Data Incident, and the employee/email cited does not exist. We have no reason to believe that our data or systems have been compromised. We are in the process of contacting the Maine Attorney General's office to have this removed." In an effort to get to the bottom of this, The Register dialed the phone number on the report as well, but it connected to a line that is not in service. We also tried emailing the address on the report and got no reply. We could find no record of a Scott Caruso affiliated with VRChat. We apologize for the error, but generally speaking, government data breach reports are considered reliable. The fakers apparently even created a false notice that VRChat ostensibly sent to customers! If anybody knows who filed this apparently fake report and why, get in touch through our contact page, or through our secure tipline. The original story is below: Online chat platform VRChat says a recent cyberattack compromised the data belonging to nearly 2.5 million users. It confirmed the “data security incident” in a report filed with Maine’s attorney general, but has not disclosed it via public channels. The company’s report confirmed that its cloud environment was accessed between May 10-12, with the unauthorized intruder making off with information concerning 2,436,782 users. This included VRChat usernames, email addresses, whether a user was a VRChat+ subscriber, login histories (including device, hardware identifiers, and IP addresses), and Steam or Meta user IDs. It does not believe passwords, credit cards or other payment information, or government IDs used for age verification were affected. “VRChat sincerely regrets that this security incident occurred,” the company stated in its disclosure. “We understand that trust between our platform and its community is earned through consistent action, and we take full responsibility for the concern this event has caused. “The security and privacy of our players' information remain our highest priority, and we are committed to doing everything within our power to protect it.” VRChat said that after it was made aware of the intrusion, it contained the threat and implemented additional security controls, as well as engaging outside security experts. And in an unusual move for US breaches, the San Francisco-based company did not offer identity theft or credit monitoring services. Offering these kinds of services is not a legal requirement, but doing so is highly common, especially regarding attacks that affect so many individuals. VRChat does not publish the total number of registered users that it has on its books, but its documentation states that “the platform has grown to millions of users,” who have collectively published tens of millions of unique pieces of content for it since its first release in 2014. The part game, part chat platform is an online, open-world chatroom where people walk around interacting with one another via their 3D avatars. It has been compared to Second Life in that users explore other users' worlds, play mini-games, and partake in casual chit-chat, with support for both virtual reality headsets and conventional PCs. You can also think of it as something similar to Meta’s vision for the metaverse, just without all the coworking and KPI meetings, and with way more users. ®

This article is aimed at bioinformatics platform leads, ML infrastructure engineers, and genomics budget owners who are now running GPU-accelerated workflows in the cloud. It's about a hidden cost problem that almost every genomics infrastructure team is paying for — and very few are actively measuring. The observations here are specific to short-read sequencing workflows, which remain the dominant data type in production genomics environments. Short-read sequencing pipelines, standard in next-generation sequencing (NGS) workflows, used to be CPU-heavy. You'd run them on a cluster, they'd grind through alignment and variant calling over hours, and the bottleneck was CPU throughput. GPU acceleration wasn't the story. That has changed. AI-driven variant calling, GPU-accelerated alignment tools like Parabricks, and deep learning models running on top of sequencing data have all moved toward the GPU, which means teams are managing serious GPU infrastructure for the first time. The cost model that comes with GPU cloud differs sharply from CPU clusters, and people are bringing CPU-era assumptions about pipeline reliability and cost accounting into a GPU environment. That mismatch is costing them. We work with a lot of these teams, and when we ask about infrastructure costs, they almost always lead with the same number: cost per sample. That's what gets reported upward, what sits in the budget. What that number hides is where things get interesting. When pipelines fail A typical short-read germline variant calling pipeline has maybe ten to 15 distinct processing steps. You start with raw FASTQ files off the sequencer, run quality control, alignment, duplicate marking, base quality score recalibration, variant calling, annotation — each step hands off to the next. These pipelines mostly run on workflow managers like Nextflow or Snakemake, which do have built-in mechanisms for resuming failed jobs. Nextflow has a flag designed to let you pick up from step eight of 11 rather than restarting from scratch. In principle, that's exactly the right solution. In practice, the problem is configuration. For that flag to work, Nextflow needs to find its cache directory — the folder that records which steps completed successfully. If the solutions architect set up the compute environment without properly configuring persistent disk space for that cache, the file isn't there when you need it, and the pipeline restarts from step one anyway. That's a setup failure rather than a tool limitation, but the result is the same: you've paid for compute you didn't get output from. When a large task fails mid-execution rather than at a clean step boundary, even proper checkpointing won't save you, because the task has to be rerun in full. A problem difficult to measure Genomics teams working with Nebius consistently report that 15 to 40 percent of their pipeline runs hit at least one failure and restart before completion. Pinning the figure down precisely is hard, and we have no definitive numbers that reflect the reality here. The range is wide because it depends heavily on how mature the infrastructure setup is. Teams with well-configured environments sit at the low end; teams newer to GPU cloud, or running on spot instances with higher interruption rates, sit at the high end. What makes this invisible is that if your metric is cost per completed sample, a failed run that eventually completes still looks like one sample at normal cost. The retry disappears from the number that gets reported. For example, a GPU-accelerated whole genome sequencing pipeline — germline variant calling — takes roughly two GPU-hours on an H200. At current on-demand rates that's about $9 of compute per sample, and that's the visible cost. Now apply a 25 percent failure rate — toward the conservative end of what teams report. For every four samples you complete, one run failed, restarted, and ran from the beginning. Your real cost per completed sample isn't $9 anymore — it's $11.25, a 25 percent hidden markup. Scale that to a team processing 2,000 samples a month: the visible compute bill says $18,000, but the real cost is $22,500. That's $4,500 a month — $54,000 a year — in compute that produced no output. For a mid-size genomics team, that's a meaningful fraction of the cloud budget, and it shows up nowhere as waste. That's before you touch storage. The hidden costs The storage picture is more nuanced than people expect. A standard whole genome generates roughly 200 gigabytes of raw FASTQ data, but that's the uncompressed figure. In practice, almost everything going into cold storage is compressed, typically down to around 30 gigabytes per sample, so the storage cost per sample is quite manageable. Where it gets complicated is retrieval. When you want to reanalyze archived samples — say, running a new cohort through an updated pipeline — you pull those compressed files back, and your infrastructure then needs to decompress them. That 30-gigabyte compressed file expands to 200 gigabytes, which means you need the disk space and memory headroom to handle the expansion. If the environment wasn't sized for it, you get failures or severe slowdowns at the decompression step, which becomes another category of hidden cost that's rarely accounted for up front. In cancer research, the numbers are much larger. Somatic mutation calling runs at 60x to 100x sequencing depth, so 600-gigabyte FASTQ files aren't unusual. Everything I've described scales accordingly. The key point: retrieval from cold storage always has a cost, regardless of where your compute lives relative to your storage. Some platforms charge for data egress between regions on top of that. Either way, the teams that haven't modeled their reanalysis frequency as a real line item are almost always surprised when they do. Tracking, tracking and tracking... Bioinformatics engineers know the failure rates, because they're the ones watching jobs fail at 2am. But by the time the numbers roll up to whoever controls the budget, it's just "cloud costs." There's no line item for "compute we paid for and got no output from." Cloud billing by service and instance type doesn't surface this. You see your GPU compute spend, your storage spend, your egress. You don't see "20% of your GPU spend this month was on runs that didn't complete." That decomposition requires deliberate instrumentation, and most teams haven't built it yet. What teams should measure instead of cost per sample Teams should measure a few things instead. First, completion rate: the percentage of pipeline runs that complete without failure or restart. That's your pipeline reliability score, directly linked to compute waste. Second, cost per attempted sample versus cost per completed sample. If those numbers are meaningfully different, you have a problem worth fixing. Third, storage retrieval frequency and the infrastructure overhead of decompression: how often you're pulling archived data back, and whether you've properly sized the disk and memory headroom for it. This is the gap between what looks cheap in the storage bill and what it costs to use the data. One thing genomics infrastructure teams should do differently starting this week Instrument your pipeline failure rate, right now, before anything else. The number itself doesn't fix anything, but it makes the problem visible. Once you can show that 15 or 25 percent of your compute spend is going toward runs that restart — with real dollar figures attached — the conversation about fixing the underlying infrastructure becomes easy to have. People move fast when they can see the waste. Everything else follows from that — better checkpointing configuration, smarter storage architecture, more stable compute — but you have to see the problem first. Discover the breakthroughs shaping the future of AI in healthcare and life sciences. Visit https://nebius.com/solutions/life-sciences-and-healthcare to learn more and register for the 2026 AI Discovery Awards ceremony: nebius.com/ai-discovery-award. Anastasia Raskolova Anastasia is a senior product manager for healthcare & life sciences at Nebius, where she focuses on infrastructure product for drug discovery and clinical AI workflows. Before that, she spent her career building ML products across computer vision, recommendation systems, and generative AI — and stays grounded in the clinical reality through volunteering in the Emergency Department at Massachusetts General Hospital. Contributed by Nebius.

HANDS ON At WWDC this week, Apple introduced container machines, which are persistent virtual machines running Linux, bearing some resemblance to Windows Subsystem for Linux (WSL) on Microsoft's operating system. Developers using macOS, as with those on Windows, face the problem that most applications are deployed to Linux, creating a mismatch between the development machine and the deployment target. The friction is less for macOS, which, like Linux, is Unix-like, but still exists. Apple's solution builds on the Container project previewed at WWDC last year. Version 1.0 was released at this year's WWDC, complete with the new container machine feature. The project uses standard Open Container Initiative (OCI) containers, and both the containers and container machines run on lightweight virtual machines (VMs), giving strong isolation. On Windows, WSL is an important tool for developers. Could container machines have a similar impact for Mac devs? There is potential, but Apple has work to do both on features and documentation, and the project is tucked away on GitHub rather than being presented as part of macOS. The code is written in Swift and is open source on GitHub under the Apache 2.0 license. It uses another Swift package called containerization, which is also open source. We tried a brief hands-on, installing the 1.0 release from the GitHub release package on Tahoe 26.5.1. Only macOS 26 is supported. The name "container machine" is intended to convey that the feature combines both a container and a VM. The feature uses Apple's native virtualization framework, and the command line interface integrates well with macOS. Once installed, the command container machine run will open a terminal in the default container machine. Another option is to run a command such as container machine run uname -a, which will execute in the default container machine but without leaving the macOS shell. Once installed, the command container machine create is enabled, though only containers that include the /sbin/init system initialization program will work. Many container images designed for running applications, rather than being used for persistent VMs, do not include this. The solution is to build a custom container image from a Dockerfile, for which the documentation now includes examples. We used the Dockerfile supplied in a tutorial that sets up a container machine based on Ubuntu 24.04 with the Swift SDK included, followed by the steps to develop using Visual Studio Code running on macOS and connecting to the container machine via VS Code remoting. This worked and we were able to build a project on Linux and run it using VS Code and Safari on the Mac side, but debugging breakpoints were not hit. We tried again with a .NET project, for which debugging worked correctly. By default, a container machine mounts the macOS home directory with read-write permissions. This is great for accessing code or other assets from both macOS and the container machine, but not good for security. A rogue package installed on Linux, for example, could easily harvest credentials from a .ssh folder in macOS. This is configurable via the --home-mount argument. Setting access to "none" is more secure. The memory available to a container machine defaults to half the system memory. In our case that is 32 GB, but after launching the VM and starting PostgreSQL, the actual memory used, according to Activity Monitor, was only 1 GB. Additional memory is used on demand, but a limitation described in the technical overview is that memory cannot be released back to the host. In other words, memory usage will increase during use and can only be released by restarting the VM. WSL supports GUI applications via the X11 or Wayland graphic systems. An issue raised by a user about GUI applications in containers was closed on the basis that developers can install XQuartz, a project for running the X windows system on macOS, and then use container-to-host networking to connect, though we did not try this. GUI support appears not to be a goal of the project. Mac developers already have many ways to run Linux containers or VMs, including the mature ecosystem around Docker, Podman, Colima, UTM, VirtualBox, and OrbStack, to mention some contenders, as well as the option of using SSH to connect to a remote Linux VM. That means Apple has some work to do to establish its native container tools, and now container machines, as serious alternatives. On the plus side, the system is lightweight, aside from the inability to release memory, and performed well in our quick hands-on. A WWDC video has further details, alongside the documentation on GitHub. ®

NASA's sprint to save the Swift observatory has reached another milestone: Katalyst Space's LINK robotic servicing spacecraft is now installed atop its Pegasus XL launcher. The milestone came less than a year after the space agency awarded the rescue contract. The next step will be to attach the Pegasus XL to the Stargazer carrier aircraft (the last airworthy Lockheed L-1011 TriStar), which will carry it from NASA's Wallops facility to the Kwajalein Atoll in the South Pacific Ocean for launch. Launch is expected to occur later this month. The goal is to boost the Swift observatory, whose orbit is decaying faster than expected due to increased solar activity. Swift lacks thrusters to compensate for the problem, so a return to Earth in the coming months is inevitable without intervention. Engineers recently bought the vehicle a little extra time by orienting the spacecraft and reducing the science output, but there is precious little margin in the timelines. The mission is high-risk, and Swift has little to lose. However, if successful, the approach could extend the lifetimes of other craft, including the Hubble Space Telescope, which will also re-enter the atmosphere in the coming years without intervention. Although NASA rejected a proposal by its now administrator Jared Isaacman to reboost the observatory using a SpaceX Dragon spacecraft, if the mission to Swift is a success, the agency will have another, far less expensive, option to consider. Like Swift, Hubble's orbit is decaying, and there will come a point in the coming years when managers must decide whether to attempt to extend the life of the veteran observatory, devise a way of performing a controlled re-entry, or let nature take its course. Swift was one of the missions slated for the chopping block under proposed budget cuts, so a successful rescue would mark a remarkable turnaround. Extending spacecraft beyond their primary mission isn't unusual. ESA, for instance, just endorsed extensions for several veteran missions, including Mars Express, XMM-Newton, and SOHO. But a Swift-style orbital rescue is something altogether different, and one that operators of other spacecraft facing decaying orbits will be watching closely. ®

If you use Office 2019 on a Mac, your software will soon stop working properly and there's nothing you can do but buy an upgrade. From July 13, 2026, Office applications on the Apple platform could lose the ability to edit, save, or create new files. Opening and printing will still work, but otherwise it's "reduced functionality mode" time, as Microsoft puts it. The problem is due to the expiration of the certificate used to validate the user's Office license, and it will affect both Microsoft 365 subscribers on macOS, iPhone, and iPad and non-subscribers. Affected software includes Office 2021 and 2019. The fix requires an update to macOS 12 or later, or iOS 17 on an iPad or iPhone, followed by an application update, which is where the problems could start. While updates are a way of life for Microsoft 365 subscribers, they aren't for everyone. Office 2021 users can manually update – support for that product ends on October 13, 2026 – but Office 2019 users are out of luck. Support ended on October 10, 2023, and, according to Microsoft, "Because Office 2019 cannot be updated to the required version, this issue cannot be resolved by updating or reinstalling Office 2019 for Mac." The solution? Perhaps a Microsoft 365 subscription? Or switch to using Microsoft 365 on the web? The issue doesn't affect Windows or Android devices, but it is galling for Apple users who purchased Office 2019 and will soon be sent to "reduced functionality mode" with no support from Microsoft. The lack of updates is understandable, considering that support ended years ago, but turning the application into little more than a viewer due to an expired license certificate seems like poor form. Users on social media have been understandably annoyed with the situation and Microsoft's stance. One wrote, they were "completely happy with Office 2019 and saw no need to upgrade to the latest version." But now they will. Or switch to a different vendor. "This is appalling from Microsoft, will definitely not be supporting them in the future." ®

Dutch semiconductor startup Qualinx is claiming a breakthrough of sorts in European sovereign manufacturing thanks to an end-to-end semiconductor fabrication flow it is using for its new satnav chips. The firm, a spin-off from Delft University of Technology, says it has demonstrated that security-critical chips for aerospace, defense, and critical infrastructure can be designed, manufactured, and delivered entirely within Europe. Tape-out of the Qualinx QLX3xx, a family of ultra-low-power Global Navigation Satellite System (GNSS) systems-on-chip (SoCs), represents the first step on the path toward a fully automated trusted European manufacturing flow, the company claims. But Qualinx is a fabless design shop and relies on a contract manufacturer to make the chips for it. In this case, it is GlobalFoundries (GF), an international business with its headquarters in the US – so much for sovereign manufacturing. The pair say that GF's Dresden fab is establishing a European manufacturing flow with funding from the European Chips Act. This will ensure that every step of the production process occurs within the EU, so that no sensitive design data leaves the region. "This first secure product demonstrates that a fully European manufacturing path – from mask services to wafer production – is already a reality today," said Qualinx CEO Tom Trill. Qualinx is perhaps placing an emphasis on security-critical chips because there are already European semiconductor firms that design and manufacture their own products, such as STMicroelectronics. And Reg readers with long memories will recall that the UK once had its own processor company in the shape of Bristol-based Inmos, which made the Transputer, manufactured at Newport Wafer Fab (NWF) in South Wales – now sold off to US chip biz Vishay Intertechnology. The Qualinx chip will be made using GF's FDX fully depleted silicon-on-insulator manufacturing process, which we understand is a 12nm node. While advanced, this is some way behind cutting-edge processes such as Taiwanese chip giant TSMC's 2nm N2 process, now in mass production. But there has been debate about whether Europe really needs cutting-edge fabs. The European Commission's new Digital Sovereignty package proposes a Chips Act 2.0 that would fund a sovereign "AI chip factory." But as the Center for European Policy Analysis (CEPA) points out, European chip demand comes mostly from the automotive sector and industrial applications, which rely on 28/22nm technology, not cutting-edge silicon. "We are demonstrating that Europe can rely on a secure, end-to-end semiconductor manufacturing flow that meets the highest requirements of aerospace and defense," stated GF SVP and general manager Dr Manfred Horstmann. "Our partnership with Qualinx marks the first operational milestone." ®

OpenAI may be headed for Wall Street, but one analyst firm is already warning enterprise customers not to get too attached. In a note published alongside OpenAI's confidential IPO filing, Forrester urged companies to keep their AI options open, arguing that today's market leader could easily become tomorrow's cautionary tale. "Don't lock into long-term contracts; keep your architectures flexible," the firm advised. "In fact, OpenAI could become AI's BlackBerry FIFO (First In, First Out). The company that defines a category is often the one most painfully displaced by it." The caution comes as OpenAI takes its first formal step toward a public listing. Alongside its confidential SEC filing, the company published a roadmap built around three ambitions: AI systems that can accelerate research, AI that boosts economic growth, and eventually a personal AGI assistant for everyone. Forrester was more interested in a fourth question: what happens if OpenAI doesn't stay on top? The firm argues that OpenAI faces what it calls a "trifecta" of challenges: persuade consumers to use its agents instead of rivals', convince enterprises to build around its technology, and stay ahead in the race toward AGI. The enterprise battle may prove the most lucrative. "Whoever automates the dull, expensive middle of a company's operations first becomes the system of record everyone else has to rip out — and almost no one does,” Forrester said. In other words, the first company to get AI agents woven into day-to-day business processes stands a decent chance of becoming yet another piece of software that everyone complains about, but nobody can remove. However, Forrester's advice is that, rather than standardizing on a single provider, enterprises should "anchor to the capability you need — not the brand that got there first — and keep your switching costs low." The warning also comes as OpenAI reportedly weighs cutting prices to fend off growing competition from rivals, including Anthropic. If the AI market is heading for a price war, enterprises may want to think twice before chaining themselves to a single supplier. Forrester also notes that a public listing could provide customers with something they currently lack: visibility into OpenAI's finances. Once public, the company would be required to disclose far more information about the cost of training and operating its models, giving enterprise buyers a clearer picture of the economics behind the AI systems they increasingly depend on. For now, OpenAI remains the company that helped define the generative AI era. Whether it becomes the next Google, the next Microsoft, or AI's answer to BlackBerry is a question investors will soon be paying very close attention to. ®

Oracle has lifted capital spending plans above analyst estimates and expanded borrowing to chase the opportunity it says exists in building datacenters for AI workloads. Despite revenue for Q4 (ended May 31) rising 21 percent year-on-year to $19.2 billion, Oracle's share price fell as markets reacted to its increasing capex, as analysts raised concerns about how Big Red would fund the investments in datacenters. Capex for fiscal 2026 reached $55.7 billion, up from $21.2 billion a year earlier. Speaking to investors, CFO Hilary Maxson said Oracle planned to support its capital investments program by raising around $40 billion in debt and equity in fiscal 2027, including a $20 billion equity issuance already announced. "We don't anticipate raising additional debt funding in calendar year 2026," she said. Last year, Oracle raised $18 billion in debt to help fund its massive datacenter investments. Big Red's market value jumped after it declared $455 billion remaining performance obligations (RPOs) – contracted revenue not yet recognized – more than 300 percent higher than a year earlier. That figure reportedly includes $300 billion for OpenAI alone, as the LLM slinger tries to support its expansion with compute capacity. Maxson said on an earnings call this week: "In order to unlock this unique growth opportunity, we started a program of capital investments. We'll continue those investments in our fiscal year 2027, with an expected net cash outlay for capital expenditures of around $70 billion. This includes customer prepayments and timing impacts expected at around $20 billion-$25 billion, so our reported capex will be higher by this amount." CEO Clay Magouyrk said any increase in capex was not due to component prices but largely due to timing. "Part of my job is to figure out ways to actually accelerate capex. My job is to try to spend the money a little bit faster so I can get ramped revenue sometimes. Component prices in general… I think everyone knows that memory prices have definitely gone up, SSD prices, hard drive prices, etc." However, Magouyrk said Oracle had also been able to lock prices "across the spectrum, whether it be space and power costs, energy costs, people costs, component costs." Oracle added around 400 MW of capacity in Q4 – similar to the last two quarters – and expects to add nearly 1 GW of capacity in fiscal Q1 2027. One analyst told Reuters there is real demand for cloud infrastructure, but the question over how Oracle funds its datacenter expansion "is getting harder, not easier, with capex coming in well above estimates and free cash flow still negative." Oracle announced a number of new customers with its latest financial figures, including a deal for a Fusion HCM system with the US Office of Personnel Management. ®

London's Metropolitan Police and Apple have agreed to share stolen device identifiers, building intelligence they hope will curb the capital's phone theft epidemic. These identifiers will help both organizations track which stolen devices reconnect to mobile networks, giving law enforcement better insight into where the criminal networks behind the thefts operate. The Met has access to stolen device information, such as serial numbers, provided by victims. Apple has access to data indicating when a device has been reactivated and where it's being used. Together, the two organizations believe this combined intelligence will help stamp down on the thefts that have ravaged London's streets for years, earning the city the unofficial title of "phone theft capital of Europe." "If stolen phones cannot be reactivated, their value collapses, and so does the incentive to steal them," said Metropolitan Police commissioner Sir Mark Rowley. "We are driving up the risk for offenders while cutting off the reward. "Policing is playing its part. In the West End, where this crime was most concentrated, phone theft has fallen by 50 percent through relentless, targeted policing. But we have also gone further by working directly with Apple to address the global market that has allowed this crime to thrive. "This is an important step, but it must not stop here. If you are stealing phones in London, the reality is changing fast. The opportunities are shrinking, the risks are rising, and we are determined to dismantle this criminal model completely." The intelligence-sharing pact follows months of pressure on both the Met and tech companies to take action. Dame Chi Onwurah, chair of the Science, Innovation and Technology Committee, wrote to Home Secretary Shabana Mahmood in December, asking why companies like Apple had not implemented cloud-based blocking or IMEI-linked device locks. Apple launched Stolen Device Protection in January 2024 and has since expanded default-on protections with the iOS 26.4 update, but there has long been a feeling that not enough was being done to tackle London's phone thefts. Rowley reiterated the ultimatum he issued to tech companies in March, demanding that they implement methods of reducing the value of stolen devices, or the UK will push through legislation. The collaboration with Apple is an extension of that, and the Met said Samsung and Google are also making security changes. Google uses several mitigations, including the need for authentication after a factory reset in order to return devices to working order, and an AI-powered feature that detects when devices are snatched and automatically locks the screen. A spokesperson at Google told The Register: "Android's theft protection features provide added security for billions of people, including Londoners. We have expanded default-on protections for UK devices, such as Remote Lock and Theft Detection, and we assist law enforcement with device recovery. Phone theft causes real distress and harm, and we work closely with the Met to protect all those who use our devices." Samsung said last year that it was working with the Home Office to deploy similar measures to tackle phone thefts. It implemented theft-detection tech similar to Google's that locks the screen when the device registers a possible snatching-related movement. It also requires biometric authentication to make security changes when devices are in unfamiliar locations, among other features. Not enough In spite of these actions, the Met announced today that it has asked the Home Office to start drafting anti-phone-theft legislation. "The Met has asked the Home Office to begin preparing legislation to introduce minimum technical standards so that any phone stolen in the UK is effectively unusable," it said. "These standards are complex, but we must be ready to act if industry fails to deliver. "Public support for stronger measures is clear, with 83 per cent of people backing the permanent blocking of stolen smartphones." It added: "While enforcement activity will continue, the Met is clear that the long-term solution lies in collapsing the criminal market." The Register has asked Apple to comment. A Samsung spokesperson said: "Samsung is fully committed to protecting customers with the very latest anti-theft feature technology. We recognise how distressing phone theft can be and have worked at pace to make a significant amount of security enhancements to help address this issue. "We would also like to reiterate that we have completed several requests from both the Home Office and the Met Police to demonstrate how seriously we take phone theft crime." The spokesperson added: "We believe this issue is a collective responsibility and we will continue to work with key stakeholders to help tackle phone-theft crime." The Met said it has almost halved rates of phone thefts in Westminster, with officers making hundreds of arrests and seizing thousands of devices. Thefts are down 45.8 percent, according to data gathered between January and May, although the picture across the wider city is a little less optimistic. The number of theft and robbery offenses in which a mobile phone was stolen has fallen by 14,000 in the last 12 months, representing an 18 percent decrease from the previous year. So far in 2026, overall offenses are down 20.6 percent compared to the same period in 2025. These arrests and seizures were secured through focused periods of enforcement action, namely through Operation Reckoning sprints, the fifth instalment of which concluded on Wednesday. The ten-day operational crackdown on phone thefts across London began on June 1 and resulted in the arrest of "prolific and violent phone thieves," the execution of search warrants at shops suspected of handling stolen devices, and the deployment of pursuit drivers to detain thieves on e-bikes. One visit to a single shop in April saw officers seize more than 1,000 suspected stolen phones and arrest four men between the ages of 22 and 63 on suspicion of handling stolen goods, as well as drug possession with intent to supply. Operation Reckoning is just one initiative targeting phone theft. The Met said last year that in September it dismantled a phone-robbing gang thought to be responsible for roughly half of all phone thefts in London – part of Operation Echosteep. ®

Great Marlow School in Buckinghamshire, England, has entered its second day of a shutdown following "a suspected malware incident." Only students sitting their GCSE and A-level exams – those in Years 11 and 13 – were permitted to attend on Wednesday, in line with their exam timetable, and the same goes for Thursday. Students in other years (Years 6-10 and Year 12) were told to stay at home and access what revision materials they can via Microsoft Teams as teachers are currently unable to set them any work. Those scheduled to take internal mock exams, students in Years 10 and 12, will sit them later in the year. Some extracurricular activities, such as Year 7's learn-to-row session, have been rearranged, although the 7 and 8 athletics event will go ahead on Thursday as planned. Great Marlow School's statement suggests it remains in the containment stage of its recovery, with limited access to systems. "As a precautionary measure, we have restricted access to elements of our network while we investigate the issue thoroughly and take the necessary steps to ensure the security and integrity of our systems and data," headteacher Guy Pendlebury said in a statement on the school's website on Tuesday evening. "We are responding in line with guidance from the Department for Education (DfE) and the National Cyber Security Centre (NCSC). Immediate action has been taken to contain the incident, and we are working closely with specialist IT and cybersecurity professionals to fully assess the situation and restore normal operations as quickly and safely as possible. Appropriate reporting procedures have also been followed." The school did not comment on whether the attack involved ransomware or if any of its data was presumed compromised. It adds to a grim week for cybersecurity in the education sector. A high school in Illinois also closed for two days this week due to a ransomware attack, but reopened on Wednesday, although its phone lines are still down. And Nottingham Uni confirmed it was the victim of Shiny Hunters. In Wales, 13 schools across the Powys region were affected by a cyberattack that is thought to have led to data theft from only one of these institutions. Powys council disclosed the attack on June 4, saying it was originally identified in April, and sensitive data belonging to students and school staff is suspected of being compromised. None of the 13 schools have closed, however. ®

National Savings & Investments (NS&I) is looking for a new chief executive to take charge of the state-backed savings institution as it attempts to steer a troubled £3 billion digital transformation program back on course. The government-owned bank has launched a search for a permanent successor to former chief executive Dax Harkins, who left earlier this year amid a scandal involving hundreds of millions of pounds in unclaimed funds owed to the estates of deceased customers. Whoever takes the job will get a salary of up to £220,000, a troubled digital transformation program, and what could be described as a challenging in-tray. While the recruitment notice highlights NS&I's 164-year history and its 24 million customers, it also acknowledges that the organization is wrestling with problems that extend well beyond attracting deposits. "Whilst NS&I is successfully meeting its targets for savings and funding for the Government, and service levels to most customers, it is undergoing a major transformation programme and has experienced significant operational failings recently," the job ad states. The successful candidate will take responsibility for Project Rainbow, NS&I's long-running modernization effort that Parliament's Public Accounts Committee tore into earlier this year. In February, MPs branded the program a "full-spectrum disaster" after costs ballooned from an original estimate of around £1.7 billion to approximately £3 billion. The committee concluded that NS&I lacked the capability to deliver the overhaul, had spent £43 million on consultants, and still did not have a credible integrated plan despite five years of work. MPs also questioned how a program originally expected to cost around £1.7 billion had risen to £3 billion while key elements remained unfinished. The new boss will be expected to turn that around. The advert promises "end-to-end accountability for transformation and performance of the organisation," handing the next chief exec responsibility for delivering a program that has already attracted intense scrutiny from Parliament. NS&I is also placing unusual emphasis on crisis management. Candidates are expected to demonstrate experience delivering "a major change/transformation programme within consumer facing industries, at scale," alongside a track record of managing operational issues, reputation management, and recovery. The advert goes further, stating it is "crucial that a highly capable, credible CEO is appointed to lead the organisation through these challenges and re-establish NS&I's reputation and standing as a trusted, efficient and effective national institution." Whoever lands the job will be tasked with proving that one of the government's most heavily criticized IT overhauls can still be rescued before Parliament decides the next chapter of Project Rainbow deserves an equally colorful nickname. ®

The University of Nottingham has confirmed a cyberattack on its student record system after the ShinyHunters crew claimed to have stolen tens of gigabytes of data from the Russell Group institution. "The University of Nottingham has been the victim of a cyber incident and a significant amount of data in our student record system has been accessed by a well-known cybercriminal group," a spokesperson told The Register. "We are working with the third party that maintains the platform to lead a forensic investigation. We understand that those affected will have concerns about what this means for their personal data and we will be offering advice and support to our students as we learn more. "We take the privacy and security of data that we hold seriously, and we have reported this incident to Action Fraud and the Information Commissioner's Office. The university will continue to provide them with further information as our investigation progresses." ShinyHunters claimed responsibility for the attack on Tuesday, saying they had stolen around 40 GB of the institution's data. It reckons this included billing and payment records, credit card and payment details, student finance data, and "campus portal exports." The criminal crew further claimed that the University of Nottingham's Malaysia and China campuses were also compromised. On Wednesday evening, breach notification service Have I Been Pwned added the 10 GB dataset leaked by ShinyHunters to its database, saying around 454,600 university-related email addresses were included. "Tens of gigabytes of data were subsequently published online and included 455k unique email addresses along with extensive personal information, including names, addresses, phone numbers, ethnicities, disabilities, passport numbers, and information relating to academic enrolments and fee payments," HIBP stated. Around the same time, the university acknowledged the attack publicly, saying it affected both current students and alumni. Individuals believed to be affected have been contacted directly, and the university has stood up a dedicated support line. The attack could hardly have come at a worse time for Nottingham, which is embroiled in a dispute with staff after confirming hundreds of redundancies over the next three years. University employees, including teaching staff, have revolted, protesting against the decision by refusing to mark students' assessments. The University and College Union (UCU) entered a period of industrial action on June 1, saying it would not end until July 31. This includes a two-month strike and a boycott of marking duties, similar to action taken by staff in 2022 and 2023. Students have just finished sitting their end-of-year exams, but potentially face having their degree classification decided by predictions based on prior grades, per the university's contingency plans, if staff continue to refuse to carry out marking duties. Alternatively, students can wait to receive their final results, but these will come later than their peers' – not just at Nottingham but at other UK universities – and leave them at a time disadvantage when applying for graduate schemes and entry-level jobs. UK education battered The attack on the University of Nottingham comes amid a spate of other incidents affecting UK schools. Powys council confirmed on June 4 that a cyberattack was affecting 13 schools in the Welsh county, and that data had been stolen from at least one of them. Additionally, Great Marlow School in Buckinghamshire entered its second day of a shutdown today after a "suspected malware attack" on the school forced it into a containment phase. Most students, other than those attending to take their GCSE and A-level exams, have been told to stay home, with teachers unable to set remote work. Students should access what revision materials they can via the school's Microsoft Teams network. ®

The UK Treasury will not say whether it will join the government's £1.7 billion finance and HR transformation strategy until December despite funding the program for five years. Savings from the so-called Matrix cluster of the shared service strategy are contingent on a bunch of departments – including His Majesty's Treasury (HMT) – adopting cloud-based finance and HR software from Workday. To do so, HMT would have to migrate from its customized version of Oracle Fusion. In a letter to a parliamentary spending watchdog, Jerome Glass, director general for the Future Civil Service at the Cabinet Office, said that following delays to the cluster's rollout of the new software, HMT's decision on whether to join had been put back. The Matrix cluster is led by the Department for Science, Innovation and Technology (DSIT), and includes the Cabinet Office (CO), Department for Energy Security and Net Zero (DESNZ), Department for Culture, Media and Sport (DCMS), Department for Business and Trade (DBT), Attorney General's Office (AGO), Department for Education (DfE), Department of Health and Social Care (DHSC), as well as HMT. In 2024, the Matrix cluster awarded Workday a contract for SaaS finance and HR software and Cognizant a system integration deal with a combined value of £144.3 million. Prime Minister Keir Starmer has told the departments to join their allocated shared service clusters. According to a report from the National Audit Office (NAO), published earlier this year, the Cabinet Office said it does not consider departments' joining shared services to be optional, and "departments cannot make the decision to move or leave a cluster without assessing value for money across government, nor the impact on the business case." Nonetheless, having agreed to fund the program with £1.15 billion since 2021, the Treasury is still making up its mind two years after the Workday contract was signed. In his letter to the Public Accounts Committee, Glass said HMT's accounting officers "must be satisfied that the proposal meets the standards set out in Managing Public Money," a government guide for financial management, "including delivering value for money for the Exchequer as a whole." He said HMT was working jointly with the Matrix program to "develop this evidence base." The plan was that departments in the cluster already using cloud-based systems (DfE and HMT) would not join until after the other departments. "HMT's onboarding has therefore always been planned on a longer timetable. Delays in the Matrix programme have had a knock-on impact on HMT receiving key documents and evidence, subsequently pushing back HMT's formal Accounting Officer sign-off decision," the letter said. The NAO has previously reported that aspects of the shared service program will see their go-live delayed from 2028 to 2029. Glass said HMT expected to receive the majority of the documentation "required to assess feasibility and the cost of service by the end of summer 2026." Provided there are no further delays, DfE and HMT should be able to make an "evidence-based decision" by December, he said. In an update earlier this year, the NAO said HMT and DfE had invested significantly in existing finance, HR, and commercial systems based on modern ERP platforms that are "highly configured to accommodate their requirements." Joining the Matrix shared service would "mean loss of some functionality as they seek to converge on data and processes and will have to bear an 'unnecessary cost' to develop their new processes," it said. The spending watchdog also pointed out that the Matrix cluster's business case includes the participation of both DfE and HMT in its financial assumptions. A "sensitivity analysis" revealed a reduction in the program's expected benefits from £185 million to £109 million if the two departments did not join. HMT disputed the calculations, the NAO said. HMT has provided funding for the whole shared service program for the spending review period up to and including the 2028-29 financial year. There are five clusters to the program, including Matrix, covering all Whitehall departments and arm's-length bodies, which have signed contracts totaling around £1.7 billion, some extending beyond the spending review period. Glass's letter said the clusters forecast that benefits from the Shared Services for Government Strategy would reach £4.37 billion over 15 years, broken down into £1.4 billion cashable benefits and £2.98 billion of non-cashable benefits. If the forecasts prove correct, it would be a good deal for the UK taxpayer. Some of the savings, though, will depend on HMT's willingness to join a program it agreed to fund. ®

PWNED Welcome, once again, to PWNED, the weekly screed where we highlight those who did not do the deed of securing their systems. If someone left their passwords or their access exposed, we will be writing about them here. Have a story about someone leaving a gaping hole in their network? Share it with us at pwned@sitpub.com. Anonymity is available upon request. This week’s terrifying tale of poor security hygiene comes courtesy of Luke Irwin, CEO and principal consultant at Aegis Cybersecurity. He’s been in the industry for more than a quarter of a century and he knows where the bits are buried. At one point, Irwin consulted for a company that was a large national facility services organization, a 2,000-employee firm that provided cleaning, security guards, industrial abseiling (cleaning the facade), and other things that other large businesses need to keep their physical plants running smoothly. The CEO had one very peculiar idea about how to keep his own house in order: he wanted to have access to every one of his employees’ login credentials. The chief executive had an Excel spreadsheet sitting right on his desktop with a complete list of all the employee usernames and passwords. Let that sink in for a second. One person had all the keys to the castle in a single, easily accessible file. In any decent security setup, no one in the company has access to anyone else’s password. Even the head of the IT department should not know another employee’s password. I say this as someone who used to work for a company where the IT department would ask you to DM them your password if you had computer problems. But this company’s CEO wanted the usernames and passwords for reasons I’m sure any of his employees would appreciate: so he could go into their email accounts! He had an experience where one colleague had sent secret information to the entire company via email and he had spent the evening logging into every single account and deleting the message before anyone could see it. Just in case other messages were sent in error in the future, the CEO wanted the ability to log into all the relevant accounts and delete them himself. Perhaps for the same reason, he would not allow MFA (multi-factor authentication), because that would have kept him out of people’s inboxes. He was adamant even though the company had been the victim of a ransomware incident previously. “Despite repeated advice, he held that position for around four months, until we were able to demonstrate that the IT team could remove messages centrally using fairly simple administrative commands, without needing everyone’s password,” Irwin said. Even after getting rid of the Excel sheet of shame, the boss still refused to turn on MFA and the company subsequently suffered two data breaches involving sensitive client data. Unfortunately, this company wasn’t the only one that Irwin worked with where the management had something against MFA. Another client, this one in the medical sector, was opposed to multi-factor authentication because it “made things just a little too hard” for the external consultants they were using to access their systems. During the time that Irwin worked with that company, they got lucky and no one breached them. But since then, he’s seen signs that their data was available on the dark web. No word on whether they ever switched MFA on. There’s plenty to learn from Irwin’s two clients, but it’s all pretty obvious. First, don’t let anyone, even administrators or CEOs, have other people’s passwords. If someone has to get into another person’s email account, have IT use administrative access. Second, always enable MFA, preferably MFA with passkeys. ®

Multiple reports indicate that Chinese operatives continue using every tech tool at their disposal – including American AI – to amass data on and manipulate everyone from security-clearance holders to everyday US citizens. And they’re trying to influence public opinion on building datacenters for AI, albeit without success so far. One of these reports found a “significant resurgence” of a botnet linked to Chinese government-backed goons, including Volt Typhoon, which previously used a covert network of connected devices to burrow deep into critical US networks and preposition for future destructive attacks. In January 2024, the FBI said it killed Volt’s KV-botnet, comprised of hundreds of end-of-life routers and other internet-connected devices. At the time, KV-botnet consisted of four clusters, with the KV cluster primarily being used as a covert data transfer network, and the JDY cluster used for scanning and reconnaissance. In a Wednesday report, Lumen’s Black Lotus Labs said that while the KV cluster became largely defunct after the law enforcement takedown, the JDY cluster remains an active threat, and has since surged to more than 1,500 compromised routers and IoT devices. “Analysis of this activity shows a clear focus on identifying vulnerable infrastructure shortly after public vulnerability disclosures, suggesting that reconnaissance output is rapidly operationalized by China-nexus advanced persistent threat (APT) actors,” the threat intel team wrote. “This targeted focus has been observed across a range of sectors, with the US military and associated entities as the most prominent.” While the botnet resurgence poses the most pressing threat, and the security shop recommends all enterprises implement CISA and NCSC guidance for mitigating Volt Typhoon activity and defending against China-nexus covert networks of compromised devices, another report indicates that China’s attempts at influence operations haven’t died down, either. Using American AI for covert ops about … American AI OpenAI in a Wednesday report said it banned ChatGPT accounts likely originating from China after they used the American AI company’s models to generate content for covert operations about – wait for it – American AI. While neither of the two clusters seemed to have much success in sowing chaos or swaying opinions, the fact that they tried at all is significant, according to Ben Nimmo, principal investigator on OpenAI’s Intelligence and Investigations team. “Neither campaign appears to have gained much authentic engagement,” Nimmo told reporters. “They're important for what they reveal about the intentions of influence operators from China and the narratives they're testing and seeking to amplify.” The first cluster used ChatGPT to generate social media content and images for an operation claiming datacenters and AI applications are increasing electricity demand and causing higher costs for ordinary Americans. “For example, they asked for comic strips about a power grid operator’s capacity auction prices based on reporting from a legitimate regional paper,” the report says. “They asked ChatGPT to focus the comments on rising capacity prices as a consequence of peak electricity demand, framing the new demand as coming from data centers and AI applications and argued that these costs were ultimately passed to ordinary households.” The operators then posted these comments and images on X, likely using fake accounts, with links to real news stories about datacenters. OpenAI suspects the operators are part of a social-media team at a private Chinese tech company that provides services for Chinese provincial-level government clients. “This was not a case of an influence operation creating a debate,” Nimmo said. “The debate existed already. This was an influence operation from China trying to interfere in it. We didn't see any signs that they succeeded.” The second cluster of banned ChatGPT accounts also likely originated in China and used OpenAI’s models to write comments and draw political cartoons criticizing US tech policies and tariffs. “Interestingly, the operators specified in their prompts that the content should not include cartoons of Xi Jinping in the output and should only include President Trump,” Nimmo said. These accounts, all writing prompts in simplified Chinese and using VPNs to access the AI systems, also used ChatGPT to edit work reports and help design social media monitoring systems. “This isn't the first time that we've seen actors in China trying to come up with ideas for social media monitoring,” Nimmo said. In February, OpenAI said it banned ChatGPT accounts believed to be linked to Chinese government entities attempting to use AI models to surveil individuals and social media accounts. If AI doesn't work, bribery might? If Chinese agents can’t use AI systems to unearth sensitive information, there are always fake websites and job offers promising cash for state secrets. We’ve seen Beijing-linked government snoops use these tactics in the past, and according to the US Justice Department, they’re still using this scam (because it works). On Wednesday, the feds said they obtained a warrant for and seized 13 fake consulting company websites used to target US persons, including current and former security clearance holders with access to classified and sensitive government information. The domains include centrikglobalconsulting.com, rightinfoconsult.com, finnaclevesperconsulting.com, cydfconsulting.com, pulsewaveglobal.com, catalystglobalsolutions.com, thehorizzen.com, geoindopacific.com, gpf-ina.org, safesec-group.com, thetruthinfo.com, Vandercons.com, and gulfpeace.org. Since November 2023, these websites and associated job postings on social media, LinkedIn, and other hiring platforms advertised “consulting” jobs, including “Senior Analyst” and “International Affairs Consultant” positions. Suspected PRC operatives used the sites and job listings to recruit applicants and bribe them for sensitive information, DOJ alleges. “The conspirators have encouraged applicants and recruits to share confidential and sensitive information in violation of their official duties and of particular interest to the People's Republic of China (PRC) government,” according to the court documents. “The recruiters pressured candidates to share confidential information and reports from ‘insider sources' in violation of their official duties.” The court documents allege the conspirators then paid the recruits for these reports using online accounts in the names of fictitious individuals, and cryptocurrency to hide their identities and the source of the payments. ®

AI companies have touted context retention (memory) and the availability of personal details (personalization) as mechanisms for improving AI model interaction. Both have value to help keep models from losing the thread of a conversation. But they raise the potential for sycophancy, where models will say what they predict you want to hear, which may not be the most accurate response. Researchers at Writer, an enterprise AI vendor, have conducted two studies of model memory and personalization that show these capabilities increase sycophancy for enterprise AI tasks. The Price of Agreement looks at agentic financial applications. And Recalling Too Well explores how model memory amplifies sycophancy with regard to scientific, medical, and moral reasoning. The papers' authors argue that preference-induced sycophancy is particularly problematic when AI answers are being applied to consequential problems. "In high-stakes domains like finance and healthcare, a model that silently defers to a user’s prior assumptions rather than acknowledging or correcting them poses a significant reliability and trustworthiness risk," the Writer team explains. For the first paper, the research team tested eight frontier models – GPT-5-Nano, GPT-5.2, Claude-Sonnet-4.5, Claude-Opus-4.5, Gemini-3-Pro, GLM-4.7, Kimi-k2-thinking, and DeepSeek-V3.2 – on two financial benchmarks, FinanceBench and FinanceAgent. The former evaluates agentic data extraction and reasoning using 10-K and 10-Q filings. The latter is a more comprehensive challenge designed to test real finance workflows, including ERP data retrieval and financial analysis involving multiple entities. The researchers' method involved applying synthetically generated preference information – such as a financial analyst's personal profile or a workspace note that contradicts the benchmark reference answer – to the benchmark questions. They undertook three different approaches. The first involved the user rebutting the model's answer; the second involved a user proposing an alternative answer; and the third involved adversarially injecting personal or contextual information into the prompt or making it available through a tool call. The third approach often resulted in greater sycophancy. As noted in The Price of Agreement paper, "Most models demonstrate significantly stronger sycophancy when the bias information is presented as implicit personalization of the user. No model displayed robustness against such behavior." Open-source models tended to be more sycophantic across the board. Models from OpenAI meanwhile tended to resist direct sycophancy inducers (such as when the user included personal biases in a prompt). And Anthropic models tended to resist implicit sycophancy inducers (such as when it pulled in a profile of the user that incorporated biases seen in previous interactions). The second paper involves an assessment of three memory systems (Mem0, MemOS, and Zep) and five model families (GPT-5.2, Sonnet 4.6, Qwen 3.5, Kimi K2.5, and MiniMax 2.5). The authors conclude, "memory amplifies sycophantic behavior across all conditions, with up to 25x higher sycophancy rates than in-context baselines." The reason for this, the authors claim, is that the lossy compression used to store conversation data in memory preserves user misconceptions while tossing clarifying context. The researchers suggest two mitigation strategies that reduce sycophancy. One involves assistant role inclusion (capturing AI assistant interactions alongside user interactions) and the other involves summarization of contextual information before it gets committed to memory. They argue that those deploying AI need to assess whether models acknowledge interaction conflicts, and that those working on AI memory systems need to check what's being extracted and injected back into the model context as a defense against sycophancy. ®

I love Star Trek so much. I’ve watched most Trek series multiple times over the decades, and was shocked when, on my most recent watch of The Next Generation, I noticed something: High definition upscaling makes the show look way worse. Old-school 4:3 CRT television screens with their low resolution hid a lot of stuff, like tape on the Enterprise set doors that hid whatever names were stenciled on them for prior episodes, which are glaringly present on modern editions of the show. I’ve always been on the lookout for a way to capture the classic Trek feeling, and one … ahem … enterprising developer has done just that. Anthony Caccese, a principal product lead for enterprise platforms at Oak Ridge National Laboratory by day and a Raspberry Pi tinkerer by night, recently published an open-source project called 240-MP on GitHub. It’s a simple concept: Text-based menus that look like an old-school VCR interface, but with modern functionality and, most importantly, the ability to play local media files and Plex libraries on an old-school CRT TV. 240-MP runs on a Raspberry Pi, is based on the command-line media player MPV, and can play local files (either on the Pi itself, a USB drive, an external hard disk, or even a network share) or media from a Plex server, as Caccese built modules for both local and Plex-based playback. If you don’t happen to have an old CRT TV or monitor lying around, or the necessary Pi-compatible composite cable to connect your SBC to said TV, 240-MP will also work with a modern screen and an HDMI connection, too. One note on the composite vs. HDMI option, as noted in the setup instructions: You will need to update the config.txt file to support one or the other, so have your output chosen ahead of time. Once the system is installed, you can navigate around 240-MP with either a remote control or a keyboard, where you’ll see text menus for navigating around to different folders, choosing episodes or playlists, switching audio and subtitle tracks, looping playback, and the like. It might look like an old-school VCR interface, but with a lot more capabilities. Caccese has only tested 240-MP on a Raspberry Pi 4B, 3B+, and 3B, noting that he’s not sure it’ll work on other devices and has no plans to test other hardware, either. What will be coming in the future, Caccese said in an accompanying YouTube video, is modules to support other media playback software, like Jellyfin (a popular Plex alternative in light of that massive price hike), and RetroArch, a frontend for emulators designed to play old-school video games. “Please feel free to fork this repo, update any aspects and tailor things to your own use case; that's why the source is fully open and available,” Caccese noted on GitHub. Now if I could only find a working CRT TV to pair with my old Raspberry Pi, I could go on a hardcore 90s nostalgia trip and feel just like I did watching VHS tapes of Star Trek episodes I recorded from the TV when I was a kid. After all, streaming high-def remasters just isn’t the same. ®

UPDATED Anthropic's newly released Claude Fable 5 generative AI model is trying so hard to be safe that it's hurting its own userbase. Customers attempting to use the AI knowledge regurgitator are reporting that the model is refusing to answer harmless questions, an issue that has annoyed security researchers following past model releases. Anthropic warned that it had tuned Fable 5's guardrails conservatively: "they’ll sometimes catch harmless requests, though they trigger, on average, in less than five percent of sessions," the company said, promising to "reduce false positives as quickly as we can." The company did not immediately respond to a request to quantify model refusals. So it's unclear whether the actual false positive rate is greater or less than five percent. But with an estimated 18 to 30 million users worldwide, even a small percentage of thwarted users makes a racket. Mike Famulare, principal research scientist at the Institute for Disease Modeling, part of the Global Health Division of the Gates Foundation, reports (#66657) that Claude Fable 5 balks at inputs like "Hello." "In Claude Code, Fable 5's input safety classifier emits a model_refusal_fallback (silent switch to Opus 4.8) on the first turn of essentially every session on my account — including a session whose only user input is the word hello!. No repo content, no tool calls, and no file reads are in context when it fires." He is not the only frustrated customer. Many other bug reports have been filed in Anthropic's Claude Code GitHub repo since Fable 5 debuted. These include: [Bug] Fable 5 model safety filters causing false positives on benign messages #66587; Fable 5 refuses to assist with 'Application Security Architect resume' editing #66655; and [Feature Request] Allow Fable 5 usage for non-research lab management systems #67062, among others. On social outrage site X.com, Derya Unutmaz, an immunologist and professor at the Jackson Laboratory for Genomic Medicine, notes, "The word 'cancer' is flagged as a biosecurity risk by Claude Fable 5!" Similar complaints show up in Reddit threads. Fable 5 is unusual because Anthropic has chosen to conceal safety interventions that try to block rival frontier model development. The classifiers designed to catch cybersecurity, biology and chemistry, and distillation attempts fall back on the latest Claude Opus model and the user gets notified. But the counter-competition surveillance, per the company's system card [PDF], "will limit effectiveness through methods such as prompt modification, steering vectors, or parameter-efficient fine-tuning (PEFT)." "Prompt modification" without notice is functionally a man-in-the-middle attack, though one that Anthropic estimates "will impact ~0.03 percent of traffic, concentrated in fewer than 0.1 percent of organizations." As developer Clay Merritt fumes, "Anthropic’s Fable 5 silently sabotages its answers when it detects AI/ML work. No refusal. No notice. Purposeful degradation invisible to the user." Anthropic expects cyber defenders and critical infrastructure providers to use its Claude Mythos 5 model, which shares the underlying model of Fable 5 but without the same safeguards. Doing so, however, requires participating in the company's Project Glasswing program or the trusted access program that's being rolled out for select biology researchers. Devon (last name withheld by request), founder of Abliteration.ai, a service that assists with model abliteration (guardrail removal), told The Register in a phone interview that while there's some degree of fearmongering and marketing hype coming from the big AI labs, it's also fair to say that there are legitimate concerns about how frontier models get used. "Anthropic's making a big bet on their brand that people will trust their brand so much they'll just deal with [refusals]," he said. "But in the long term, people are not just going to accept these companies that centralize control over their lives and what they can have information about." ® Update: In a statement provided to The Register on Wednesday evening, an Anthropic spokesperson acknowledged that the company had made its safeguards too stringent and said it was also working to reduce false positives for biological research "We’re changing Fable 5’s safeguards for frontier LLM development to make them visible. "Starting this week, flagged requests will visibly fall back to Opus 4.8. On the API, any flagged requests will return a reason for their refusal. You will see this every time it happens. "In practice, our current set of safeguards covers a handful of narrow tasks like frontier-scale LLM data pipelines and kernel development for certain non-standard chips. These safeguards prevent foreign adversaries from using our most capable models in ways that pose severe safety risks. The US and its allies hold an edge in frontier chips and the highly optimized software that runs them at full potential. These safeguards ensure Claude isn’t used to erode that advantage—by optimizing chips developed by those adversaries, for example. They also help uphold our terms of service, which prohibit using our models to develop competing AI systems—a standard restriction across major AI providers. They do not affect the vast majority of coding and ML work. "In deciding whether to make them visible or invisible we faced a choice. A hidden safeguard is harder to probe and work around. This means the safeguards can be targeted much more narrowly. Current usage shows that the classifier triggers on about 0.05% of tasks, affecting less than 0.05% of organizations. A visible safeguard needs to cast a wider net to be more robust, resulting in more requests being incorrectly flagged. "We made the wrong tradeoff and we apologize for not getting the balance right. Building these safeguards is a complex technical challenge: users may experience more false positives as we refine these classifiers to respond to new threats. We are working to reduce these as fast as possible."

They are angry at Redmond and will have their revenge. Nightmare Eclipse, the prolific bug hunter and possibly disgruntled ex-Microsoft employee, disclosed another zero-day vulnerability just hours after Redmond issued a record-breaking number of CVEs and fixes for June Patch Tuesday. The latest zero-day, RoguePlanet, targets Microsoft Defender and works against fully patched Windows 10 and Windows 11 systems, according to the researcher, who also released proof-of-concept exploit code for the security flaw. Assuming the attacker can win a race condition, this bug allows local privilege escalation and leads to SYSTEM-level control over an affected machine. Nightmare Eclipse (aka Chaotic Eclipse) is a disgruntled bug hunter with a deep understanding of Windows and an even deeper grudge against Microsoft. They claim to be an ex-employee, and accuse Redmond of ignoring vulnerability reports and refusing to communicate with them. "When I actively asked you to communicate with me, you refused, humiliated me and made sure to insult me in front of people," they wrote in an earlier blog post that also promised a “bone shattering” drop on July 14. "You defame me in public with your CVE-2026-45585 advisory even though you literally deleted the Microsoft account I used to report bugs to you with and I got zero pennies from doing so and I still happily did like an idiot," the post continued. Possibly as an outlet for this anger, and reportedly in response to Redmond's lack of action, Nightmare began releasing their findings to the public. RoguePlanet marks the seventh Microsoft zero-day that they found and disclosed - accompanied by either a PoC exploit or technical details - before Redmond issued a fix. Microsoft's initial response to those disclosures was widely interpreted as a threat of legal action, prompting massive outrage from the broader infosec community before Redmond sought to calm the backlash by stating it had "no intention to pursue action against individuals conducting or publishing security research." As of Tuesday, the previous six zero-days all have patches. Three of them, RedSun, UnDefend, and BlueHammer, came under attack soon after Nightmare published working exploit code for each and before Microsoft released security updates to address the flaws. The other three, YellowKey, GreenPlasma, and MiniPlasma, all have been fixed as of June’s Patch Tuesday. YellowKey (aka CVE-2026-45585) is a security feature bypass bug in Windows BitLocker. An attacker with physical access to the vulnerable system could bypass the BitLocker Device Encryption feature and gain access to the device's encrypted data. GreenPlasma (aka CVE-2026-45586) and MiniPlasma (aka CVE-2020-17103) are both privilege escalation flaws in the Collaborative Translation Framework (CTFMON) and the Cloud Files Mini Filter Driver that can be abused by an authorized attacker to elevate privileges locally and gain SYSTEM access. When asked about RoguePlanet, a Microsoft spokesperson told The Register that the Windows giant is “aware of the reported vulnerability and is actively investigating the validity and potential applicability of these claims." The spokesperson continued: "Microsoft is committed to investigating security issues and updating impacted products to protect customers as soon as possible. Importantly, we support coordinated vulnerability disclosure, an industry standard that protects customers and supports the research community by ensuring their findings are thoroughly investigated and addressed before being made public." Soon after Nightmare published a PoC for RoguePlanet, the ThreatLocker threat intelligence team validated the exploit code and said that they were “actively assessing impact, affected systems, and additional mitigations,” promising to share more findings “as they become available.” Tharros Labs senior vulnerability analyst and long-time respected security sleuth Will Dormann said he tested the exploit code, too. “It's reportedly not 100% reliable, but it worked on the first attempt for me,” Dormann wrote. Nightmare, for their part, rolled back the promise of a “bone shattering” drop on July 14. “(Un)fortunately I will be unable to mass disclose zerodays in July 14th, RoguePlanet took way more time than expected and truly drained me,” the researcher said on Tuesday. “I might take a break but I can't say for sure what I will be doing for next month, maybe it's nothing, maybe it's smtg. But the big thing is not happening. I did not intend to spread a mass panic with that post and I apologize for doing so.”®

The lure of datacenter dollars is a strong one for America’s mega corporations - so strong that even automobile giant General Motors is getting in on the game by turning its battery research efforts toward stationary grid-scale energy storage. GM announced a partnership with energy storage firm Peak Energy on Tuesday that will see the Big Three automaker develop next-generation sodium-ion battery cells designed for grid-scale energy storage. GM will manufacture the cells and Peak will deploy them as part of its own proprietary energy storage systems, Peak said in its version of the partnership announcement. Oh, and GM will be making an investment in Peak too, though the amount wasn't disclosed. For those unfamiliar with sodium-ion batteries, there’s a good deal of chemical similarity between them and the lithium-ion batteries that have come to dominate the world’s portable rechargeable electronics, from massive electric vehicle cells to the tiny batteries in wireless earbuds and hearing aids. Rechargeability and chemical similarities are where many of the comparisons end, though. GM and Peak argue sodium-ion systems can be made simpler, and can operate across a wider temperature range than conventional lithium-ion batteries, potentially reducing the need for the costly, energy-intensive cooling systems often used in grid-scale Li-ion storage deployments. Score one for Na-ions, but while sodium might be stable and abundant, it also doesn’t have nearly the energy density of lithium. If one wants to build a sodium battery able to hold as much energy as a Li-ion one, be prepared to build a larger, heavier pack. That’s not a problem as far as GM is concerned in this case, though: Weight doesn’t matter if the batteries aren’t mobile. “When you’re talking to a utility, a hyperscaler, or other power providers in need of energy storage solutions, their priority is not maximizing range or minimizing weight,” GM VP of battery and sustainability Kurt Kelty said in the company’s announcement. “It is delivering reliable, affordable power over long periods of time in real-world conditions.” Kelty said that GM is perfectly positioned to develop next-generation Na-ion batteries due to “important architectural similarities” with Li-ion cells, meaning “the battery expertise GM has built in cell design, prototyping, and industrialization” is a perfect fit for grid-scale sodium cells. “We believe sodium-ion can become a defining chemistry for grid-scale energy storage in the years ahead,” Kelty added. Peak has already developed its own passively-cooled sodium-ion energy storage systems, which it says can reduce energy storage costs by 20 percent compared to conventional Li-ion systems. According to the company’s own analysis, the US could avoid around 2 terawatt hours of wasted energy per year if everyone were to dump lithium iron phosphate energy storage systems in favor of its passively-cooled Na-ion systems. Sodium-ion batteries aren’t without their own challenges, though. GM mentions that advanced Na-ion cells can handle more charge cycles than their lithium-ion cousins, but sodium-ion batteries have historically come with tradeoffs of their own, most notably lower energy density and a far less established manufacturing ecosystem. Researchers have been working to address that, and others claim that their sodium cell designs have already surpassed Li-ion units. Despite those claims, lithium-ion batteries still dominate the energy storage space, both on and off the grid. China is home to the vast majority of sodium-ion battery factories, and it’s not clear whether GM’s ambitions will turn into scalable competition for overseas battery tech development. We reached out to the automaker with questions about its sodium-ion plans, as well as a timeline for the project, but didn’t hear back. ®

Energy consumed by datacenters is set to grow 26 percent this year thanks to AI, and grid supply may be unable to keep pace with demand by 2030, Gartner warns. The research giant expects global datacenter electricity consumption to reach 565 terawatt-hours (TWh) in 2026, as power demand rises from 104 GW in 2025 to 132 GW this year. This is higher than the 500 TWh per year Gartner estimated two years ago that AI-optimized servers would consume by 2027. And as everyone knows by now, the culprit is the ballooning requirement for compute power to drive AI workloads, as fear of missing out (FOMO) drives otherwise sensible companies to throw money at AI projects, despite seldom seeing much of any return on their investment. In fact, Gartner notes that AI-optimized servers are what continue to fuel the increase in datacenter power consumption. This has been reported before, with hyperscalers and other buyers funneling much of their server budgets into heavily configured systems to meet the requirements of AI processing. Now, the firm estimates that AI-optimized servers will account for 31 percent of all datacenter power consumption this year, and that, by next year, their combined power consumption will surpass that of all conventional servers in operation. This matches up with earlier forecasts that AI was on track to overtake all other server workloads – such as databases and analytics – and become the top workload by server deployment by 2027. But this continued expansion points to a worrying forecast. Total datacenter electricity consumption is estimated by Gartner to pass 1,200 TWh by 2030, and it says that grid supply may be insufficient to support additional datacenter capacity. There have been earlier warnings about the bit barn energy demands outpacing the capacity of the grid to deliver. Goldman Sachs estimated that their combined energy use would more than double by the end of the decade, but if Gartner’s figures are correct, demand is already higher than where that report estimated it would be for 2027. Energy infrastructure biz Schneider Electric also published four scenarios for future electricity consumption by AI datacenters at the start of last year, but Gartner’s latest estimate for total datacenter electricity demand in 2030 surpasses even Schneider's most aggressive forecast. Power grid operators and datacenter developers in the US in particular are in a bind, as The Register reported recently, and energy analysts can't see an easy way out. “Surging demand for compute-intensive AI workloads is driving unprecedented datacenter power growth, while AI capacity is now constrained by power availability, making datacenter power security the new battle ground for scaling and protecting margins in the global AI race,” commented Gartner director analyst Linglan Wang. But can anything be done to mitigate this coming power apocalypse? “Infrastructure and operations (I&O) leaders must prioritize efficiency upgrades and secure grid access. They also need to invest in high-efficiency cooling systems and edge computing to mitigate power constraints and ensure sustainable, scalable growth,” Wang said, helpfully. ®

macOS 27 may have dealt a blow to Intel Macs, but it has also caused headaches for Linux on Apple Silicon, according to the Asahi Linux team. Apple's next operating system debuted at WWDC this week and promptly landed as a beta, but the Asahi developers say the update has "changed how the boot picker and Startup Disk application detect valid OS boot volumes." The upshot is that the Asahi partition is no longer visible, which means no Linux booting on Apple Silicon for the time being. The advice for Asahi Linux users is not to upgrade to macOS 27 until the issue is resolved. The team added: "If you insist on trying out macOS 27 as soon as possible, please ensure you install a secondary copy of macOS 26 first, or install macOS 27 itself on a secondary volume." They've also updated the installer to prevent installs from running on macOS 27 for now. For anyone who ignored all of the above, "we will not support users who have installed the macOS 27 beta without ensuring at least one stable version of macOS is installed." Considering macOS 27 is in beta, the issue may be accidental rather than an attempt by Apple to block Linux on its hardware. The Asahi team said it has filed bug report. The good news for anyone who pulled the trigger on installing the macOS 27 beta is that although the partition might not be visible, it hasn't gone anywhere. The Asahi team wrote: "If you have already upgraded to the beta and noticed that your Asahi partition has disappeared, do not stress. Your Asahi partition is still there, and you have not lost any data." Asahi Linux has come a long way on Apple Silicon despite some turbulence, including a leadership shake-up earlier this year. The project released Fedora Asahi Remix 44 in April and remains the leading option for Linux on Apple hardware. This is a bump in the road, not a dead end. And to anyone who installed a beta OS without backups or a fallback plan... well. You know. ®