Warning: contains a banishment spoiler for The Traitors series 3, episode 7Not looking in the ugly mirror is a basic rule for maintaining self esteem. Wherever yours hangs (mines in my in-laws downstairs bathroom), that harshly lit, unnaturally magnifying surface that only ever reflects back sagging jowls, baggy pores and surprise eyelid hairs is one to avoid. Slip past it and keep up the illusion that your face is still the same one from your graduation photos instead of the melted-wax, double-chinned imposter who gurns up at you from your Facetime screen like Gollum in a toilet.Itd be straightforward if ugly mirrors only hung in caf loos and bookshop stairwells. They dont. Theres at least one in your home right now, and if its anything like mine, its playingThe Traitorson BBC One and reflecting the ugliest truth of all: man, we are clueless.The Traitorsshows that not only are we clueless, but, more unflattering than that, wethinkthat were clever. Wise is the man who knows that he knows nothing? Well, delusional is the Faithful who knows 100% that one of their fellow players is a Traitor.To recap for the holdouts who refuse Reality TV like a hunger striker refuses a sandwich (piously and without prospect of joy):The Traitorswelcomes 25 contestants to a castle in Scotland where Claudia Winkleman toys with them in fingerless gloves. Three are secretly selected as Traitors and convene each night to choose which of the remaining Faithful to murder/leave a note for saying theyve been murdered. The Faithful have to sniff out the Traitors in the nightly roundtables after which everybody votes on who to banish from the castle. The Traitors have to do whatever they can form alliances, misdirect, and sow suspicion about Faithfuls not to get caught.In the most recent episode, a Traitor was successfully banished, and the Faithful reacted like chimps in a blood frenzy. The chap whod petitioned for the Traitors removal leapt up, slapped his hands on the table and jumped around shouting I did it! I did it! Day one! Day one! Come on! Comeon! From the train! On that train!Here, its useful to know that the contestants arrive on the show via train. Crucially though, in light of the man celebrating having pinpointed a Traitor as far back as the train, is that there are no Faithfuls or Traitors on that train. The roles arent assigned until after they reach the castle. What hes celebrating is having had a random hunch early doors, and that hunch, just as randomly, turning out to have been right. Its stupid, and its also how the entire thing works.The Traitorsmay as well be named Confirmation Bias Castle because every 100%, dead-on conviction the Faithful have about whos a Traitor is a guess shored up by nonsense. Somebody blinks at the wrong time theyre a Traitor. Somebody looks down at the wrong time Traitor. Somebody is too nice, or too rude, or too loud, or too quiet, or too anything Traitor, Traitor, Traitor.Have your name mentioned at all, in fact, and youre a Traitor. The same cynical engine that keeps pumping existing-IP franchises into cinemas because we all flock to stuff weve seen and heard before, drives the Faithfuls accusations.Once a name takes hold in a group, reasons are found to stand in for evidence in a post-rationalisation free-for-all. Faithfuls suspicions go from 0 to 60 in seconds until theyre willing to stake their survival in the game on what can only ever be a stab in the dark. Bonded groups convince themselves of how right they are, and how Faithful they are. Nobody talks about guesses, only what theyknow. Theyre convinced that their groundless theories, based on nothing but social bonds and post hoc fallacy, are fact.Its striking how attached players get to their hunches. Even when new evidence presents itself, theyll ignore or deny it to suit the version of events theyve already decided on. Even after being proven wrong when a banished player reveals themselves to have been Faithful, they still nurse suspicions and try to justify their wrongness.Join our mailing listGet the best of Den of Geek delivered right to your inbox!Its not a pretty reflection, but like that waxy-faced jowly one in the ugly mirror, its also the unfortunate truth.The Traitors pantomime of conviction based on affiliation, and guesses dressed as fact, is exactly how we all do it too. Ever read a headline and filed it mentally away, but not bothered to investigate further? Thats Livi seizing on Freddies name and choosing him as her hill to die on. Ever formed a trust attachment to somebody based solely on proximity? Thats the Faithful crossing their fingers that OG player Leon had survived the episode six game instead of latecomers Fozia and Alexander. Ever been absolutely sure of something but subsequently proved wrong, and then done it again and again and again? Thats the players almost every episode.The Traitorshas developed into ingenious television thats precision-engineered to captivate its audience. Its both a brilliant TV distraction and a high-camp laugh. In these post-expert, alternative-fact, disinformation-rife days though, its also getting harder to squint away from the unflattering reality it reflects.The Traitors series three airs at 9pm on Wednesdays, Thursdays and Fridays on BBC One and iPlayer.

Gear up for a weekend of non-stop thrills and epic showdowns! Whether youre scoring goals, hitting the gridiron, racing to the finish line, or landing knockout punches, this weekend has it all with Free Play Days! FC 25, College Football 25, Madden NFL 25, F1 24, NHL 25, UFC 5, WRC 24 and PGA Tour are available this weekend for Xbox Game Pass Ultimate, Standard and Core members to play from Thursday January 16 at 12:01am Pacific until Sunday, January 19 at 11:59 Pacific.How To Start PlayingFind and install the games on each of the individual game details page onXbox.com. Clicking through will send you to the Microsoft Store, where you must be signed in to see the option to install with your Xbox Game Pass Ultimate, Standard and Core membership. To download on console, click on the Subscriptions tab in the Xbox Store and navigate down to the Free Play Days collection on your Xbox One and Xbox Series X|S.Keep The Fun GoingPurchase the game and other editions at a limited time discount and continue playing while keeping your Gamerscore and achievements earned during the event! Please note that discounts, percentages, and title availability may vary by title and region.Free Play Days (Membership Required)EA SPORTS FC 25 Standard Edition Xbox One & Xbox Series X|SElectronic Arts612$69.99$27.99Get it nowEA Sports FC 25Optimized for Xbox Series X|SEA Sports FC 25 gives you more ways to win for the club. Team up with friends in your favorite modes with the new 5v5 Rush, and manage your club to victory as FC IQ delivers more tactical control than ever before.EA SPORTS College Football 25Electronic Arts1303$69.99$27.99Get it nowFree TrialEA Sports College Football 25Optimized for Xbox Series X|SIn EA Sports College Football 25, experience explosive gameplay variety across 134 FBS schools and immerse yourself in the iconic atmospheres of college football as you chase college greatness.EA SPORTS Madden NFL 25Electronic Arts668$69.99$20.99Get it nowEA Sports Madden NFL 25Optimized for Xbox Series X|SHit like you mean it with FieldSense powered by Boom Tech on Xbox Series X|S. Experience how the new physics-informed dynamic tackling system unlocks realistic collisions & new gameplay animations on both sides of the ball.F1 24Electronic Arts203$69.99$13.99Get it nowFree TrialF1 24Optimized for Xbox Series X|SBe One of the 20 and drive like the greatest in EA Sports F1 24, the official videogame of the 2024 FIA Formula One World Championship.NHL 25 Xbox Series X|SElectronic Arts241Get it nowFree TrialNHL 25 (Xbox Series X|S)Optimized for Xbox Series X|SEA Sports NHL 25 is powered by ICE-Q, a new gameplay intelligence system that gives you the time and space to control every inch of the ice. Experience true hockey intelligence.UFC 5Electronic Arts515$69.99$34.99Get it nowUFC 5Optimized for Xbox Series X|SPowered by Frostbite, EA Sports UFC 5 is the next evolution of the fight game. From unrivalled graphics upgrades to all-new damage systems and doctor stoppages that affect gameplay in truly authentic fashion this is as real as it gets.EA SPORTS WRC 24Electronic Arts125$49.99$14.99Get it nowEA Sports WRC 24Optimized for Xbox Series X|SExperience the thrill of the 2024 rally season with new locations, moments, stages, high-performance vehicles, and licensed crews. Drive the latest models in new liveries. Brace yourself to embark on your rally journey.EA SPORTS PGA TOURElectronic Arts309$69.99$6.99Get it nowEA Sports PGA TourOptimized for Xbox Series X|SThe exclusive home of the Majors, EA SportsPGA Tour features Pure Strike for superior golf gameplay powered by ShotLink,and unrivaled access to the worlds most exclusive golf courses.

CARROT Weather has long been one of the best weather apps across Apples platforms, and today it got a big update with two main features: a CarPlay app and upgraded Live Activities support.CarPlay app provides weather along your routeHere are the details on todays CARROT Weather 6.2 update, which is now live in the App Store.Per the release notes:CarPlay App: View weather along your driving route, right from your cars dashboard! The CarPlay app functions as a GPS app, so you can input your destination and get directions from CARROT in her typically snarky style plus, youll get to see all the weather along the way, including live radar, severe weather alerts, and more. (Premium Ultra required.)Live Activities: Now you can opt to have Live Activities start automatically when precipitation is in the area! Theyll be started via a notification about 15 minutes before rain or snow begins, then youll continue to receive updates until precipitation stops, at which point the activity will be automatically removed. (Premium Ultra required.)9to5Macs TakeCarPlay support is an interesting direction for CARROT Weather to take, and one Im eager to try out since the average navigation app isnt always best at taking weather into account for your drives.The new Live Activities upgrade is just as exciting though, since it will be able to proactivelyyet subtlykeep you informed about upcoming precipitation.As the release notes say, both features require Premium Ultra subscriptions, but thats understandable considering the significant resources being employed in these additions.Are you interested in these CARROT Weather updates? Let us know in the comments.Best iPhone accessoriesAdd 9to5Mac to your Google News feed. FTC: We use income earning auto affiliate links. More.Youre reading 9to5Mac experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Dont know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

Looks like it could use some more... training.Off TrackYou'd hope that your super-duper advanced self-driving tech that you're trusting your life with knows what it's looking at on the road. But that's apparently asking a lot of a Tesla.Just take a peek at this viral video taken by the driver of a Model Y. While waiting at a railroad crossing, the center console visualization of the Tesla's "vision" shows that it's mistaking a passing train first as semi-trailers then as a procession of comically huge and elongated cars, roughly the size and shape of,well, train cars.Watching the onboard computer try to make sense of this mysterious transportation technology in real time is a sight to behold: the cars, already the width of the road they're crossing, grow lengthier before our eyes, flicker in and out of existence, and even show up occasionally outside the track."Look how elongated they are!" the driver cackles. "I have never seen that."Tunnel VisionReports of the issue with the Tesla Vision technology which relies solely on cameras without the help of lidar and other sensors go back at least as far as 2022, not long after the system was rolled out.Even if it's just an issue of getting proper graphics in place, it's striking that the automaker would leave it unfinished for so long. Wouldn't this alarm drivers and undermine their trust in Autopilot and Full Self-Driving, especially since this tech has a history of slamming into trains? How is it that so many other objects, like traffic cones, get 3D models and not trains?Maybe it's just not a priority; Tesla CEO Elon Musk once suggested that trains would get their own graphics but that was over two years ago.Whatever the reason for the dire lack of Train Representation, it does make for a pretty blunt metaphor for Musk's well documented animus towards public transportation.Famously, Musk once proposed building the Hyperloop, a network of vacuum tunnels that would transport passengers to different cities at incredible speeds. Later he admitted he never intended to build the ambitious system, with critics accusing him of pushing the idea as a ploy to kill California's plans to build high-speed rail.Like the struggling Tesla computer, the man's brain will also bend over backwards to invent anything but a train; just look at his Boring Company "Loops," which are networks of underground, single lane tunnels for Tesla cars to drive through a slower and dumber subway, basically.More on Tesla: Tesla Moves Workers Away From Cybertruck Production as Demand SlumpsShare This Article

Jan 16, 2025The Hacker NewsIdentity Protection / SaaS SecurityYou can tell the story of the current state of stolen credential-based attacks in three numbers:Stolen credentials were the #1 attacker action in 2023/24, and the breach vector for 80% of web app attacks. (Source: Verizon).Cybersecurity budgets grew again in 2024, with organizations now spending almost $1,100 per user (Source: Forrester). Stolen credentials on criminal forums cost as little as $10 (Source: Verizon).Something doesn't add up. So, what's going on?In this article, we'll cover:What's contributing to the huge rise in account compromises linked to stolen creds and why existing approaches aren't working. The world of murky intelligence on stolen credentials, and how to cut through the noise to find the true positives.Recommendations for security teams to stop attackers from using stolen creds to achieve account takeover.Stolen credential-based attacks are on the riseThere's clear evidence that identity attacks are now the #1 cyber threat facing organizations. The attacks on Snowflake customers in 2024 collectively constituted the biggest cyber security event of the year in terms of the number of organizations and individuals affected (at least, if you exclude CrowdStrike causing a worldwide outage in July) certainly, it was the largest perpetrated by a criminal group against commercial enterprises. It has been touted by some news outlets as "one of the biggest breaches ever."Around 165 organizations using Snowflake (a cloud-based data warehousing and analytics platform) were targeted using stolen credentials harvested from infostealer infections dating as far back as 2020. These affected accounts also lacked MFA, enabling attackers to log in with a single compromised factor.The impact was massive. In all, 9 victims have been named publicly following the breach, impacting hundreds of millions of people's sensitive data. At least one victim paid an undisclosed ransom fee. But this wasn't a one-off. These attacks were happening constantly throughout 2024. The huge Change Healthcare breach, which culminated in 100 million customers being impacted and a $22 million ransom demand, started with stolen Citrix credentials. Disney's Confluence servers and Slack instance were hacked, resulting in huge amounts of commercially sensitive data and IT infrastructure details being leaked, as well as messages from 10,000 Slack channels. Microsoft suffered a significant breach of their Office 365 environment, with sensitive emails leaked after a "test" OAuth application was compromised using stolen creds. Finastra, Schneider Electric, Nidec, Foundation, ADT, HealthEquity, Park'N Fly, Roku, LA County Health Services, and many more all suffered data breaches of varying severity as a result of stolen creds. Researchers are getting in on the action too. In October, Microsoft's ServiceNow tenant was hacked using stolen credentials acquired online, accessing thousands of support ticket descriptions and attachments, and 250k+ employee emails.Stolen credentials are still a problem? Really? Key to many of the attacks targeting workforce identities and online accounts is the use of stolen credentials. And unfortunately, an increased focus on MFA adoption hasn't quite solved the problem. MFA gaps remain rife. Research from Push Security shows that where a password is the sole login method for an account, these accounts lack MFA in 4 out of 5 cases. The number of breached credentials continues to grow at an alarming rate due to the prevalence of infostealer compromises. And data breaches tend to beget more data breaches as account information is leaked, creating a vicious cycle. The shift to third-party apps and services for most major business operations, leading to more accounts, more credentials, and more valuable business data in the cloud all low-hanging targets for attackers. So, there are more targets for attackers, more credentials to use against them, and MFA (in particular phishing-resistant MFA) is nowhere near as present as we'd hope. Look at the breaches we mentioned earlier many of the victims are huge companies, with vast security budgets. If they can't achieve complete coverage, then how can anyone be expected to? The rise of infostealersThe rise of infostealer malware has had a significant impact on the increase in credential-based attacks. While infostealer malware isn't exactly new, it's a growing concern for many security organizations. Commercial Malware-as-a-Service offerings on the criminal underground are being continuously updated to evade detection controls, and the more sophisticated criminal and nation state-backed threat groups are proficient in creating custom malware. It's a cat-and-mouse game, and the sheer number of compromised credentials tracing back to infostealer infections is a testament to their success. Once stolen, credential data such as usernames, passwords, and session cookies makes its way to criminal forums on both the clearweb and the darkweb. Popular infostealers even have their own dedicated Telegram channels to advertise and sell stolen data. But the landscape in which they are deployed has evolved too. There's a greater appetite for stolen credentials among cyber criminals, and ultimately the more apps that companies use (typically 200+ for the average organization), the more accounts they have connected to them, and the more credentials there are to steal. And because infostealers target all credentials saved on the victim's device (not just those belonging to a single app/website as per phishing campaigns) they're perfectly poised to smash and grab. Modern working arrangements open up the attack surface further. All it takes is for a user to log into their personal browser profile on a corporate device (or the inverse), and their personal device to be compromised, for corporate credentials to be stolen. And because infostealers are pushed through unorthodox channels compared to more traditional email-based attacks (like gaming forums, Facebook ads, and YouTube video descriptions) it's no surprise that unsuspecting victims are falling foul. And with password reuse incredibly common (10% of accounts have a breached, weak, or reused password and no MFA), stolen credentials from personal accounts can often be used to access corporate apps too. All it takes is an attacker with a little patience or the skill to automate SaaS credential stuffing at scale. The modern identity attack landscape has changed (a lot)In the past, security and IT teams were masters of their own Active Directory universe, making it possible to participate in password-cracking exercises or to compare threat intel lists to passwords in use by employees.That picture has changed. Security teams now face a tangle of managed and unmanaged SaaS as critical business operations have moved online. They lack visibility into identity posture on these apps, and the vast majority of organizations do not even have a plausible method for identifying all their accounts and apps in use across the business.SaaS attack paths leave little room for errorIdentity attacks are now fundamentally different. Unlike traditional network-based attacks, attacks that target online accounts follow a much more direct attack path. Traditional attacks progress by network access, lateral movement, privilege escalation, and other familiar activities. These kinds of attacks are well understood by security teams and existing tooling can observe and detect these techniques.But account takeover requires an attacker only to compromise an account (the point of initial access) from where they can collect and exfiltrate data from the compromised app. The attack can be over very quickly, and traditional tooling offers little to prevent malicious activity in-app. Given the weak state of SaaS logging, it's likely that most app compromises won't even be visible to the security team. Even if data is available, detection and response becomes much more difficult after account takeover. There is limited log data available from SaaS to begin with, and distinguishing legitimate user activity from malicious activity is difficult. We saw with the Snowflake breaches that attackers simply logged in to user accounts using stolen credentials and then used a utility to perform account takeover and recon at scale, ending by using SQL commands to stage and exfiltrate data across multiple Snowflake customer tenants.Response activities are also constrained by circumstances: Do you have admin rights to the app? Does the app provide the kinds of response activities, such as forcing a session logout, that you need to perform? Each incident can feel like a one-off investigation, with peculiarities in each app to identify and work through, and few opportunities to automate security responses limiting response teams to postmortem activities, who find themselves unable to contain or reduce the scope of the breach. What about threat intelligence? Threat intelligence on stolen credentials is plentiful many commercially available feeds can be acquired and ingested by security teams. However, the challenge is finding out where these creds are actually being used, and separating out the false positives. Researchers at Push Security recently evaluated threat intelligence data representing 5,763 username and password combinations that matched domains in use by Push customers. They found that fewer than 1% of the credentials in the multi-vendor dataset were true positives meaning that the suspected stolen credentials were still in use by employees at those organizations. In other words, 99.5% of the stolen credentials they checked were false positives at the time of review.To deliver on the promise of threat intelligence in a meaningful way, security teams need a different approach. For a start, they need to be able to securely observe and match the passwords found in credential feeds with those being used. Most organizations fail to extract much value from compromised credential feeds. At most, you might be automating the process of requesting that users check their credentials for their primary SSO login (e.g. Okta, Entra, Google Workspace) when a credential breach notification comes through. But this workflow won't scale when you consider how often these breached credential lists are recycled it all starts to get a bit spammy. After a while, users will start to complain and ignore these requests.How security teams can prevent account takeover from stolen credentials using browser telemetrySecurity teams need a modern approach to defending against account takeover by preventing stolen credentials from being used, and MFA gaps being exploited.Push Security provides a browser-based ITDR platform that deploys a browser agent to employee browsers in order to stop identity attacks. Push uses a browser agent that is able to securely observe credentials at the time of login to any app, in addition to collecting rich browser telemetry and providing security controls designed to stop account takeovers before they occur.Push is also able to supply browser telemetry and an inventory of your entire identity attack surface of accounts and apps, as well as analyze the security posture of employee passwords, login methods, and MFA status to close off high-risk account vulnerabilities.Push recently released two capabilities geared toward helping security teams stop account takeovers caused by stolen credentials and MFA gaps.Correlate the credentials your employees use with those found in compromised credential feedsThe Push browser agent is able to compare suspected stolen credentials supplied by TI feeds to creds actually in use by employees across your organization and then flag only the verified true positives.Push customers can consume TI from the sources supplied directly by the Push platform or use the Push REST API to submit their own email/password combos from existing TI tools.This method works regardless of the source of the data or its age. This method also uncovers where a stolen credential on one app is also in use on several other apps. Here's how it works:Push receives TI on stolen credentials from vendor feeds.For each customer environment, Push checks for customer domains in the data set.When suspected stolen creds for a customer environment are present, Push hashes and salts the passwords and then sends those fingerprints to the relevant browser agents for comparison. For customer-supplied credential data, Push performs the same salting and hashing to create fingerprints it can use to compare to password fingerprints observed by the relevant browser agents.If the stolen credential fingerprint matches a known credential fingerprint observed to be in use by the Push browser agent, the platform returns a validated true positive alert.You can receive alerts for this detection via webhook, messaging platform notification, or in the Push admin console.Check out the feature release video for more information below:Get MFA visibility across all your apps and close the gapsPush can also help teams close MFA gaps. As users access apps with their corporate identities, Push analyzes their MFA registration status and methods, and also identifies which apps they're using and their login methods. Using in-browser controls, Push can guide users to register MFA across different apps. Imagine a scenario where you need to quickly investigate the business impact of a recently announced SaaS breach. Using Push, you can:Immediately check whether the Push extension has observed employee usage of the breached app. You can also see how many accounts Push has seen on that app and how they are accessing it (SSO vs. other methods, such as local password login).For those accounts on the breached app, you can quickly see whether they have MFA, and which methods are registered. To determine MFA status, the Push extension uses the existing user's active session on an app to query that account's MFA registration status using the app's own API, providing a trustworthy verification. You can also see whether the users' passwords have any security issues, such as a verified stolen credential, or a password that's weak or reused.For accounts that lack MFA, you can then configure an enforcement control to prompt employees who lack MFA to set it up whenever they next use the app. Then, use Push's webhooks to monitor for MFA registrations and password changes by querying browser telemetry supplied by the Push agent.You can learn more about this feature here.By combining alerting for verified stolen credentials with the ability to find and increase MFA adoption even on unmanaged apps, Push offers security teams a formidable toolkit for stopping account takeover.Find out moreIf you want to learn more about identity attacks and how to stop them, check out Push Security you can try out their browser-based agent for free.Found this article interesting? This article is a contributed piece from one of our valued partners. Follow us on Twitter and LinkedIn to read more exclusive content we post.SHARE

A newGoonies movie is reportedly in the works at Warner Bros.According to Deadline, the studio is looking to shift its strategy to proven franchises, and so have put a sequel to the late Richard Donners 1985 adventure film into development.The follow-up flick will bring back The Goonies co-scribe Chris Columbus,who wrote the original film with Steven Spielberg, to pen the story of the upcoming movie.As well as a second Goonies picture, Columbus is also set to be writing the script for a new Gremlins movie after he penned the treatment for the original 1984 film.1. One-Eyed WillyWarner Bros.loading...READ MORE: The Worst Sequels and Remakes Ever MadeWhile no details about a potential release date or cast are known, it is possible The Goonies sequelcould see the return of actors Josh Brolin, Ke Huy Quan, Sean Austin, Corey Feldman, Jeff Cohen, Martha Plimpton and Kerri Green as the grown-up group of adventurous kids from the first movie.The Goonies follows a group of children who uncover a treasure map of a long-lost pirate, setting them on a quest to find riches while doing all they can to avoid a ruthless crime family.Talks of a sequel have been going on for years, though Spielberg said in 2020 that a follow-up was unlikely because he, Columbus, Donner, and his producer/wife Lauren Shuler Donner couldn't find the right story for a second film.During a Goonies livestream to celebrate the flick's 35th anniversary, the Raiders of the Lost Ark filmmaker said: Chris, Dick and I and Lauren have had a lot of conversations about it. Every couple of years we come up with an idea but then it doesnt hold water.The Jurassic Park director added the team had raised the bar on the childrens adventure genre so high with The Goonies that it was difficult to find ideas for a sequel that would live up to the original.He said: Until we do, people are just going to have to look at this [livestream] a hundred times!In 2023, Ke Huy Quan revealed he was open to reprising his Gooniesrole as Richard Data Wang in a sequel, though doubted such a project could move ahead since director Richard Donner passed away two years prior.Speaking after winning the Best Supporting Actor in a Motion Picture at the Golden Globe Awards for his role in Everything Everywhere All at Once, he said: First of all, we have the big man here tonight and that would be Steven Spielberg and that's one thing everyone should ask him. There was not one spec that I felt could live up to what the original was.Sadly, we lost the captain of our ship [Donner], who I love dearly, and I really don't know if there will be Goonies 2, but I would be open to reliving that character if there is that opportunity.A month before Donners death in July 2021, Corey Feldman, who portrayed Clark Mouth Devereaux in the original movie, also admitted a sequel was unlikely.He said: Well, Sean Astin and Josh Brolin want a sequel but you know. It's one of those powers that be things. Every time I thought, OK, it's really gonna happen, I've been let down and had my heartbroken.The Dumbest Questions People Ask Google About MoviesThese are all real questions from the People Also Ask section of Google. People asked these questions!Filed Under: Chris Columbus, The Goonies, The Goonies 2Categories: Movie News

Time zones: EST (UTC -5), CST (UTC -6), MST (UTC -7), PST (UTC -8), AKST (UTC -9), HST (UTC -10)Who We AreWe're a scrappy, ambitious startup on a mission to empower the next generation of thinkers and writers through cutting-edge generative AI. We don't just build; we innovate, we experiment, and we have fun doing it. We're big on using open-source tech and contributing back when it makes sense. If you're looking to join a team that knows when to work and when to sweat the details, we're your people.Who You AreYou're a tech adventurer with at least 5 years of experience who can write killer code, crack a joke, and doesn't break into a cold sweat when someone says "git rebase." You know when to move fast, when to slow down, and - if not - you're willing to learn the difference. If you find generative AI coding assistants amusingly dumb in the wrong hands but jaw-droppingly powerful in the right onescome on in.What You Bring to the TableLanguages: Proficiency in Ruby/Ruby on Rails is essential. Bonus points if you can tango with JavaScript/TS, Python, Go, Rust, or Zig.Web App Mastery: You get the web stack: from HTTP/TCP to Websockets, HTML, HTMX, and enough CSS to not break things.ORM Savvy: You can use one, but you're happier slinging SQL yourself.UI/UX Sense: You appreciate good design, even if your idea of a palette is "light mode or dark mode?"Git Ninja: You know your way around git rebase and git merge without needing a counselor.Fast Learner: You're excited to play with shiny new tech and can get shit done without needing a babysitter.Team Player: You'll work closely with our experienced CTO, soaking up knowledge and contributing your own wizardry.Bonus Points if YouHave dabbled with LLMs, training models, or Agentic workflowsUnderstand that "scrappy" isn't just a dogit's a way of lifeThink contributing to open source isn't just cool; it's the right thing to doWhat You'll Be DoingCollaborating with the CTO to build, optimize, and scale core productsWriting robust, maintainable code across our stackEngaging in building and fine-tuning workflows that may involve generative AI pipelinesInnovating within our open-source-first ecosystem and making meaningful contributions backBalancing the act of moving fast vs. being careful (sometimes on the same day)Why You'll Love Working With UsGround Floor Vibes: Early-stage startup with room to grow and learnFlexibility: Work where you're most productiveA Fun Bunch: We mean business but aren't afraid to crack a jokeTech Playground: We don't just use the latest tech; we experiment and build itReady to Join?Shoot us your resume, GitHub link, or whatever you think shows off your skills. If you've got a portfolio of side projects or an open-source contribution you're proud of, show it off!We're excited to build with you. No egos, no nonsensejust great code, hard work, and some fun along the way. Related Jobs See more Full-Stack Programming jobs

MIT Technology Reviews Whats Next series looks across industries, trends, and technologies to give you a first look at the future. You can read the rest of themhere. In November, a young man named Noland Arbaugh announced hed be livestreaming from his home for three days straight. His broadcast was in some ways typical fare: a backyard tour, video games, meet mom. The difference is that Arbaugh, who is paralyzed, has thin electrode-studded wires installed in his brain, which he used to move a computer mouse on a screen, click menus, and play chess. The implant, called N1, was installed last year by neurosurgeons working with Neuralink, Elon Musks brain-interface company. The possibility of listening to neurons and using their signals to move a computer cursor was first demonstrated more than 20 years ago in a lab setting. Now, Arbaughs livestream is an indicator that Neuralink is a whole lot closer to creating a plug-and-play experience that can restore peoples daily ability to roam the web and play games, giving them what the company has called digital freedom. But this is not yet a commercial product. The current studies are small-scalethey are true experiments, explorations of how the device works and how it can be improved. For instance, at some point last year, more than half the electrode-studded threads inserted into Aurbaughs brain retracted, and his control over the device worsened; Neuralink rushed to implement fixes so he could use his remaining electrodes to move the mouse. Neuralink did not reply to emails seeking comment, but here is what our analysis of its public statements leads us to expect from the company in 2025. More patients How many people will get these implants?he posted on X: If all goes well, there will be hundreds of people with Neuralinks within a few years, maybe tens of thousands within five years, millions within 10 years. In reality, the actual pace is slowera lot slower. Thats because in a study of a novel device, its typical for the first patients to be staged months apart, to allow time to monitor for problems. Neuralink has publicly announced that two people have received an implant: Arbaugh and a man referred to only as Alex, who received his in July or August. Then, on January 8, Musk disclosed during an online interview that there was now a third person with an implant. Weve got now three patients, three humans with Neuralinks implanted, and they are all working well, Musk said. During 2025, he added, we expect to hopefully do, I dont know, 20 or 30 patients. Barring major setbacks, expect the pace of implants to increasealthough perhaps not as fast as Musk says. In November, Neuralink updated its US trial listing to include space for five volunteers (up from three), and it also opened a trial in Canada with room for six. Considering these two studies only, Neuralink would carry out at least two more implants by the end of 2025 and eight by the end of 2026. However, by opening further international studies, Neuralink could increase the pace of the experiments. Better control So how good is Arbaughs control over the mouse? You can get an idea by trying a game called Webgrid, where you try to click quickly on a moving target. The program translates your speed into a measure of information transfer: bits per second. Neuralink claims Arbaugh reached a rate of over nine bits per second, doubling the old brain-interface record. The median able-bodied user scores around 10 bits per second, according to Neuralink. And yet during his livestream, Arbaugh complained that his mouse control wasnt very good because his model was out of date. It was a reference to how his imagined physical movements get mapped to mouse movements. That mapping degrades over hours and days, and to recalibrate it, he has said, he spends as long as 45 minutes doing a set of retraining tasks on his monitor, such as imagining moving a dot from a center point to the edge of a circle. Noland Arbaugh stops to calibrate during a livestream on X@MODDEDQUAD VIA X Improving the software that sits between Arbaughs brain and the mouse is a big area of focus for Neuralinkone where the company is still experimenting and making significant changes. Among the goals: cutting the recalibration time to a few minutes. We want them to feel like they are in the F1 [Formula One] car, not the minivan, Bliss Chapman, who leads the BCI software team, told the podcaster Lex Fridman last year. Device changes Before Neuralink ever seeks approval to sell its brain interface, it will have to lock in a final device design that can be tested in a pivotal trial involving perhaps 20 to 40 patients, to show it really works as intended. That type of study could itself take a year or two to carry out and hasnt yet been announced. In fact, Neuralink is still tweaking its implant in significant waysfor instance, by trying to increase the number of electrodes or extend the battery life. This month, Musk said the next human tests would be using an upgraded Neuralink device. The company is also still developing the surgical robot, called R1, thats used to implant the device. It functions like a sewing machine: A surgeon uses R1 to thread the electrode wires into peoples brains. According to Neuralinks job listings, improving the R1 robot and making the implant process entirely automatic is a major goal of the company. Thats partly to meet Musks predictions of a future where millions of people have an implant, since there wouldnt be enough neurosurgeons in the world to put them all in manually. We want to get to the point where its one click, Neuralink president Dongjin Seo told Fridman last year. Robot arm Late last year, Neuralink opened a companion study through which it says some of its existing implant volunteers will get to try using their brain activity to control not only a computer mouse but other types of external devices, including an assistive robotic arm. We havent yet seen what Neuralinks robotic arm looks likewhether its a tabletop research device or something that could be attached to a wheelchair and used at home to complete daily tasks. But its clear such a device could be helpful. During Aurbaughs livestream he frequently asked other people to do simple things for him, like brush his hair or put on his hat. Arbaugh demonstrates the use of Imagined Movement Control.@MODDEDQUAD VIA X And using brains to control robots is definitely possiblealthough so far only in a controlled research setting. In tests using a different brain implant, carried out at the University of Pittsburgh in 2012, a paralyzed woman named Jan Scheuermann was able to use a robot arm to stack blocks and plastic cups about as well as a person whod had a severe strokeimpressive, since she couldnt actually move her own limbs. There are several practical obstacles to using a robot arm at home. One is developing a robot thats safe and useful. Another, as noted by Wired, is that the calibration steps to maintain control over an arm that can make 3D movements and grasp objects could be onerous and time consuming. Vision implant In September, Neuralink said it had received breakthrough device designation from the FDA for a version of its implant that could be used to restore limited vision to blind people. The system, which it calls Blindsight, would work by sending electrical impulses directly into a volunteers visual cortex, producing spots of light called phosphenes. If there are enough spots, they can be organized into a simple, pixelated form of vision, as previously demonstrated by academic researchers. The FDA designation is not the same as permission to start the vision study. Instead, its a promise by the agency to speed up review steps, including agreements around what a trial should look like. Right now, its impossible to guess when a Neuralink vision trial could start, but it wont necessarily be this year. More money Neuralink last raised money in 2003, collecting around $325 million from investors in a funding round that valued the company at over $3 billion, according to Pitchbook. Ryan Tanaka, who publishes a podcast about the company, Neura Pod, says he thinks Neuralink will raise more money this year and that the valuation of the private company could triple. Fighting regulators Neuralink has attracted plenty of scrutiny from news reporters, animal-rights campaigners, and even fraud investigators at the Securities and Exchange Commission. Many of the questions surround its treatment of test animals and whether it rushed to try the implant in people. More recently, Musk has started using his X platform to badger and bully heads of state and was named by Donald Trump to co-lead a so-called Department of Government Efficiency, which Musk says will get rid of nonsensical regulations and potentially gut some DC agencies. During 2025, watch for whether Musk uses his digital bullhorn to give health regulators pointed feedback on how theyre handling Neuralink. Other efforts Dont forget that Neuralink isnt the only company working on brain implants. A company called Synchron has one thats inserted into the brain through a blood vessel, which its also testing in human trials of brain control over computers. Other companies, including Paradromics, Precision Neuroscience, and BlackRock Neurotech, are also developing advanced brain-computer interfaces. Special thanks to Ryan Tanaka of Neura Pod for pointing us to Neuralinks public announcements and projections.

Submitted by WA ContentsOppenheim Architecture carves out a resort inside the Hejaz Mountains in Saudi Arabia Saudi Arabia Architecture News - Jan 16, 2025 - 15:22 html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd"Miami, Basel, and Tirana-based architecture firm Oppenheim Architecture has carved out a luxury resort inside the Hejaz Mountains inSaudi Arabia.Named Desert Rock, the new resort was completed as a component of the Red Sea Project (TRSDC), a development along the west coast of Saudi Arabia that would create a network of 90 inhabited islands.One of the most anticipated luxury hospitality experiences in the world, Desert Rock, was officially opened. Desert Rock consists of 48 villas and 12 hotel rooms.Working closely with developer Red Sea Global, Oppenheim Architecture developed and designed the innovative project tucked away in Saudi Arabia's ancient highlands.Desert Rock, establishing a new standard for immersive design, celebrates the fusion of architecture and environment in keeping with Oppenheim Architecture's philosophy of planning and building with the land, not on it.With accommodations that complement rather than obstruct the breathtaking landscape, Desert Rock, which is carved into the Hejaz Mountains, provides a close connection to the natural world. Desert Rock honors this rich past by drawing inspiration from the Nabataean culture, which was once thriving on the Arabian Peninsula and is well-known for its rock-carved structures.When guests arrive, they enter a hidden valley that gradually reveals a group of amenities spread across 30,000 square meters of property.The resort offers a variety of choices for accommodation, from suites nestled into the mountains to ground-level villas, all of which are designed to optimize natural light, unobstructed views, and a tactile connection to the desert.The Cliff Hanging Villas, which are perched high above the resort and offer dramatic views; the Mountain Cave Suites and Mountain Crevice Villas, which offer privacy and cliffside pools suspended on the edge of the Massif; the Wadi Villas at Desert Rock, which have private pools and spacious living areas; and the Royal Villa, which is tucked away in a completely private section of the valley, offers a customized private retreat.Every component of the resort's architecture was thoughtfully chosen to reduce its environmental impact. Excavated materials were recycled into the project's infrastructure as it was being built. Native plants help create a more lush, green wadi, and the incorporation of passive cooling and effective systems lowers energy usage throughout Desert Rock.When taken as a whole, these environmentally conscious factors demonstrate Desert Rock's dedication to sustainable tourism and the idea of preserving the area's natural beauty rather than destroying it."Desert Rock embodies our philosophy of connecting architecture to the spirit of place," said Chad Oppenheim, Founding Principal of Oppenheim Architecture."By respecting and enhancing the natural environment, we have created a sanctuary that allows guests to experience the beauty and power of the landscape in deeply personal and meaningful ways," Oppenheim added.The opening of Desert Rock is a major turning point in Oppenheim Architecture's quest to reinvent premium eco-tourism, which just celebrated its 25th anniversary of creating architecture that blends in with its natural surroundings. It is a powerful example of how building can foster reverence for the natural environment. Through careful consideration of site-specific design, Oppenheim Architecture keeps influencing a future in which ecological stewardship, comfort, and style are exquisitely combined.Oppenheim Architecture revealed preliminary design of the project in 2021. In addition, the firm unveiled new vision for College Of Europe's Tirana Campus. Moreover, the firm won an international architecture competition to design the new Besa Museum, which will be Albanias newest cultural institution.All images courtesy Red Sea Global and Oppenheim Architecture.> via Oppenheim Architecture

Scheme to restore sites Victorian glass houses back to their original characterCGI showing how the gardens will look after the restoration1/4show captionHowells has been given the green light for a transformation and restoration of Birminghams grade II*-listed botanical gardens.The 15-acre gardens in Edgbaston were laid out in 1829 and developed over the course of the 19th century with several large glass houses.It is now home to 10,000 species of temperate, tropical and subtropical plants, the largest collection in the Midlands.Howells will work with heritage practice Donald Insall Associates on a refurbishment of the site aiming to restore its buildings to their original Victorian character.Howells partner Sandeep Shambi said: The Birmingham Botanical Gardens are one of the last independent botanical gardens in the UK and so its vitally important that this important heritage asset is conserved but also given space to develop.Donald Insall Associates practice director Matthew Vaughan added: Conservation of the glasshouses to respond to these particular heritage considerations will be a key challenge, protecting the historic fabric while enhancing their performance for the needs of the collection within.The Growing our Green Heritage project is supported by a Stage 1 grant from the National Lottery Heritage Fund.