Looks like it could use some more... training.Off TrackYou'd hope that your super-duper advanced self-driving tech that you're trusting your life with knows what it's looking at on the road. But that's apparently asking a lot of a Tesla.Just take a peek at this viral video taken by the driver of a Model Y. While waiting at a railroad crossing, the center console visualization of the Tesla's "vision" shows that it's mistaking a passing train first as semi-trailers then as a procession of comically huge and elongated cars, roughly the size and shape of,well, train cars.Watching the onboard computer try to make sense of this mysterious transportation technology in real time is a sight to behold: the cars, already the width of the road they're crossing, grow lengthier before our eyes, flicker in and out of existence, and even show up occasionally outside the track."Look how elongated they are!" the driver cackles. "I have never seen that."Tunnel VisionReports of the issue with the Tesla Vision technology which relies solely on cameras without the help of lidar and other sensors go back at least as far as 2022, not long after the system was rolled out.Even if it's just an issue of getting proper graphics in place, it's striking that the automaker would leave it unfinished for so long. Wouldn't this alarm drivers and undermine their trust in Autopilot and Full Self-Driving, especially since this tech has a history of slamming into trains? How is it that so many other objects, like traffic cones, get 3D models and not trains?Maybe it's just not a priority; Tesla CEO Elon Musk once suggested that trains would get their own graphics but that was over two years ago.Whatever the reason for the dire lack of Train Representation, it does make for a pretty blunt metaphor for Musk's well documented animus towards public transportation.Famously, Musk once proposed building the Hyperloop, a network of vacuum tunnels that would transport passengers to different cities at incredible speeds. Later he admitted he never intended to build the ambitious system, with critics accusing him of pushing the idea as a ploy to kill California's plans to build high-speed rail.Like the struggling Tesla computer, the man's brain will also bend over backwards to invent anything but a train; just look at his Boring Company "Loops," which are networks of underground, single lane tunnels for Tesla cars to drive through a slower and dumber subway, basically.More on Tesla: Tesla Moves Workers Away From Cybertruck Production as Demand SlumpsShare This Article

Jan 16, 2025The Hacker NewsIdentity Protection / SaaS SecurityYou can tell the story of the current state of stolen credential-based attacks in three numbers:Stolen credentials were the #1 attacker action in 2023/24, and the breach vector for 80% of web app attacks. (Source: Verizon).Cybersecurity budgets grew again in 2024, with organizations now spending almost $1,100 per user (Source: Forrester). Stolen credentials on criminal forums cost as little as $10 (Source: Verizon).Something doesn't add up. So, what's going on?In this article, we'll cover:What's contributing to the huge rise in account compromises linked to stolen creds and why existing approaches aren't working. The world of murky intelligence on stolen credentials, and how to cut through the noise to find the true positives.Recommendations for security teams to stop attackers from using stolen creds to achieve account takeover.Stolen credential-based attacks are on the riseThere's clear evidence that identity attacks are now the #1 cyber threat facing organizations. The attacks on Snowflake customers in 2024 collectively constituted the biggest cyber security event of the year in terms of the number of organizations and individuals affected (at least, if you exclude CrowdStrike causing a worldwide outage in July) certainly, it was the largest perpetrated by a criminal group against commercial enterprises. It has been touted by some news outlets as "one of the biggest breaches ever."Around 165 organizations using Snowflake (a cloud-based data warehousing and analytics platform) were targeted using stolen credentials harvested from infostealer infections dating as far back as 2020. These affected accounts also lacked MFA, enabling attackers to log in with a single compromised factor.The impact was massive. In all, 9 victims have been named publicly following the breach, impacting hundreds of millions of people's sensitive data. At least one victim paid an undisclosed ransom fee. But this wasn't a one-off. These attacks were happening constantly throughout 2024. The huge Change Healthcare breach, which culminated in 100 million customers being impacted and a $22 million ransom demand, started with stolen Citrix credentials. Disney's Confluence servers and Slack instance were hacked, resulting in huge amounts of commercially sensitive data and IT infrastructure details being leaked, as well as messages from 10,000 Slack channels. Microsoft suffered a significant breach of their Office 365 environment, with sensitive emails leaked after a "test" OAuth application was compromised using stolen creds. Finastra, Schneider Electric, Nidec, Foundation, ADT, HealthEquity, Park'N Fly, Roku, LA County Health Services, and many more all suffered data breaches of varying severity as a result of stolen creds. Researchers are getting in on the action too. In October, Microsoft's ServiceNow tenant was hacked using stolen credentials acquired online, accessing thousands of support ticket descriptions and attachments, and 250k+ employee emails.Stolen credentials are still a problem? Really? Key to many of the attacks targeting workforce identities and online accounts is the use of stolen credentials. And unfortunately, an increased focus on MFA adoption hasn't quite solved the problem. MFA gaps remain rife. Research from Push Security shows that where a password is the sole login method for an account, these accounts lack MFA in 4 out of 5 cases. The number of breached credentials continues to grow at an alarming rate due to the prevalence of infostealer compromises. And data breaches tend to beget more data breaches as account information is leaked, creating a vicious cycle. The shift to third-party apps and services for most major business operations, leading to more accounts, more credentials, and more valuable business data in the cloud all low-hanging targets for attackers. So, there are more targets for attackers, more credentials to use against them, and MFA (in particular phishing-resistant MFA) is nowhere near as present as we'd hope. Look at the breaches we mentioned earlier many of the victims are huge companies, with vast security budgets. If they can't achieve complete coverage, then how can anyone be expected to? The rise of infostealersThe rise of infostealer malware has had a significant impact on the increase in credential-based attacks. While infostealer malware isn't exactly new, it's a growing concern for many security organizations. Commercial Malware-as-a-Service offerings on the criminal underground are being continuously updated to evade detection controls, and the more sophisticated criminal and nation state-backed threat groups are proficient in creating custom malware. It's a cat-and-mouse game, and the sheer number of compromised credentials tracing back to infostealer infections is a testament to their success. Once stolen, credential data such as usernames, passwords, and session cookies makes its way to criminal forums on both the clearweb and the darkweb. Popular infostealers even have their own dedicated Telegram channels to advertise and sell stolen data. But the landscape in which they are deployed has evolved too. There's a greater appetite for stolen credentials among cyber criminals, and ultimately the more apps that companies use (typically 200+ for the average organization), the more accounts they have connected to them, and the more credentials there are to steal. And because infostealers target all credentials saved on the victim's device (not just those belonging to a single app/website as per phishing campaigns) they're perfectly poised to smash and grab. Modern working arrangements open up the attack surface further. All it takes is for a user to log into their personal browser profile on a corporate device (or the inverse), and their personal device to be compromised, for corporate credentials to be stolen. And because infostealers are pushed through unorthodox channels compared to more traditional email-based attacks (like gaming forums, Facebook ads, and YouTube video descriptions) it's no surprise that unsuspecting victims are falling foul. And with password reuse incredibly common (10% of accounts have a breached, weak, or reused password and no MFA), stolen credentials from personal accounts can often be used to access corporate apps too. All it takes is an attacker with a little patience or the skill to automate SaaS credential stuffing at scale. The modern identity attack landscape has changed (a lot)In the past, security and IT teams were masters of their own Active Directory universe, making it possible to participate in password-cracking exercises or to compare threat intel lists to passwords in use by employees.That picture has changed. Security teams now face a tangle of managed and unmanaged SaaS as critical business operations have moved online. They lack visibility into identity posture on these apps, and the vast majority of organizations do not even have a plausible method for identifying all their accounts and apps in use across the business.SaaS attack paths leave little room for errorIdentity attacks are now fundamentally different. Unlike traditional network-based attacks, attacks that target online accounts follow a much more direct attack path. Traditional attacks progress by network access, lateral movement, privilege escalation, and other familiar activities. These kinds of attacks are well understood by security teams and existing tooling can observe and detect these techniques.But account takeover requires an attacker only to compromise an account (the point of initial access) from where they can collect and exfiltrate data from the compromised app. The attack can be over very quickly, and traditional tooling offers little to prevent malicious activity in-app. Given the weak state of SaaS logging, it's likely that most app compromises won't even be visible to the security team. Even if data is available, detection and response becomes much more difficult after account takeover. There is limited log data available from SaaS to begin with, and distinguishing legitimate user activity from malicious activity is difficult. We saw with the Snowflake breaches that attackers simply logged in to user accounts using stolen credentials and then used a utility to perform account takeover and recon at scale, ending by using SQL commands to stage and exfiltrate data across multiple Snowflake customer tenants.Response activities are also constrained by circumstances: Do you have admin rights to the app? Does the app provide the kinds of response activities, such as forcing a session logout, that you need to perform? Each incident can feel like a one-off investigation, with peculiarities in each app to identify and work through, and few opportunities to automate security responses limiting response teams to postmortem activities, who find themselves unable to contain or reduce the scope of the breach. What about threat intelligence? Threat intelligence on stolen credentials is plentiful many commercially available feeds can be acquired and ingested by security teams. However, the challenge is finding out where these creds are actually being used, and separating out the false positives. Researchers at Push Security recently evaluated threat intelligence data representing 5,763 username and password combinations that matched domains in use by Push customers. They found that fewer than 1% of the credentials in the multi-vendor dataset were true positives meaning that the suspected stolen credentials were still in use by employees at those organizations. In other words, 99.5% of the stolen credentials they checked were false positives at the time of review.To deliver on the promise of threat intelligence in a meaningful way, security teams need a different approach. For a start, they need to be able to securely observe and match the passwords found in credential feeds with those being used. Most organizations fail to extract much value from compromised credential feeds. At most, you might be automating the process of requesting that users check their credentials for their primary SSO login (e.g. Okta, Entra, Google Workspace) when a credential breach notification comes through. But this workflow won't scale when you consider how often these breached credential lists are recycled it all starts to get a bit spammy. After a while, users will start to complain and ignore these requests.How security teams can prevent account takeover from stolen credentials using browser telemetrySecurity teams need a modern approach to defending against account takeover by preventing stolen credentials from being used, and MFA gaps being exploited.Push Security provides a browser-based ITDR platform that deploys a browser agent to employee browsers in order to stop identity attacks. Push uses a browser agent that is able to securely observe credentials at the time of login to any app, in addition to collecting rich browser telemetry and providing security controls designed to stop account takeovers before they occur.Push is also able to supply browser telemetry and an inventory of your entire identity attack surface of accounts and apps, as well as analyze the security posture of employee passwords, login methods, and MFA status to close off high-risk account vulnerabilities.Push recently released two capabilities geared toward helping security teams stop account takeovers caused by stolen credentials and MFA gaps.Correlate the credentials your employees use with those found in compromised credential feedsThe Push browser agent is able to compare suspected stolen credentials supplied by TI feeds to creds actually in use by employees across your organization and then flag only the verified true positives.Push customers can consume TI from the sources supplied directly by the Push platform or use the Push REST API to submit their own email/password combos from existing TI tools.This method works regardless of the source of the data or its age. This method also uncovers where a stolen credential on one app is also in use on several other apps. Here's how it works:Push receives TI on stolen credentials from vendor feeds.For each customer environment, Push checks for customer domains in the data set.When suspected stolen creds for a customer environment are present, Push hashes and salts the passwords and then sends those fingerprints to the relevant browser agents for comparison. For customer-supplied credential data, Push performs the same salting and hashing to create fingerprints it can use to compare to password fingerprints observed by the relevant browser agents.If the stolen credential fingerprint matches a known credential fingerprint observed to be in use by the Push browser agent, the platform returns a validated true positive alert.You can receive alerts for this detection via webhook, messaging platform notification, or in the Push admin console.Check out the feature release video for more information below:Get MFA visibility across all your apps and close the gapsPush can also help teams close MFA gaps. As users access apps with their corporate identities, Push analyzes their MFA registration status and methods, and also identifies which apps they're using and their login methods. Using in-browser controls, Push can guide users to register MFA across different apps. Imagine a scenario where you need to quickly investigate the business impact of a recently announced SaaS breach. Using Push, you can:Immediately check whether the Push extension has observed employee usage of the breached app. You can also see how many accounts Push has seen on that app and how they are accessing it (SSO vs. other methods, such as local password login).For those accounts on the breached app, you can quickly see whether they have MFA, and which methods are registered. To determine MFA status, the Push extension uses the existing user's active session on an app to query that account's MFA registration status using the app's own API, providing a trustworthy verification. You can also see whether the users' passwords have any security issues, such as a verified stolen credential, or a password that's weak or reused.For accounts that lack MFA, you can then configure an enforcement control to prompt employees who lack MFA to set it up whenever they next use the app. Then, use Push's webhooks to monitor for MFA registrations and password changes by querying browser telemetry supplied by the Push agent.You can learn more about this feature here.By combining alerting for verified stolen credentials with the ability to find and increase MFA adoption even on unmanaged apps, Push offers security teams a formidable toolkit for stopping account takeover.Find out moreIf you want to learn more about identity attacks and how to stop them, check out Push Security you can try out their browser-based agent for free.Found this article interesting? This article is a contributed piece from one of our valued partners. Follow us on Twitter and LinkedIn to read more exclusive content we post.SHARE

A newGoonies movie is reportedly in the works at Warner Bros.According to Deadline, the studio is looking to shift its strategy to proven franchises, and so have put a sequel to the late Richard Donners 1985 adventure film into development.The follow-up flick will bring back The Goonies co-scribe Chris Columbus,who wrote the original film with Steven Spielberg, to pen the story of the upcoming movie.As well as a second Goonies picture, Columbus is also set to be writing the script for a new Gremlins movie after he penned the treatment for the original 1984 film.1. One-Eyed WillyWarner Bros.loading...READ MORE: The Worst Sequels and Remakes Ever MadeWhile no details about a potential release date or cast are known, it is possible The Goonies sequelcould see the return of actors Josh Brolin, Ke Huy Quan, Sean Austin, Corey Feldman, Jeff Cohen, Martha Plimpton and Kerri Green as the grown-up group of adventurous kids from the first movie.The Goonies follows a group of children who uncover a treasure map of a long-lost pirate, setting them on a quest to find riches while doing all they can to avoid a ruthless crime family.Talks of a sequel have been going on for years, though Spielberg said in 2020 that a follow-up was unlikely because he, Columbus, Donner, and his producer/wife Lauren Shuler Donner couldn't find the right story for a second film.During a Goonies livestream to celebrate the flick's 35th anniversary, the Raiders of the Lost Ark filmmaker said: Chris, Dick and I and Lauren have had a lot of conversations about it. Every couple of years we come up with an idea but then it doesnt hold water.The Jurassic Park director added the team had raised the bar on the childrens adventure genre so high with The Goonies that it was difficult to find ideas for a sequel that would live up to the original.He said: Until we do, people are just going to have to look at this [livestream] a hundred times!In 2023, Ke Huy Quan revealed he was open to reprising his Gooniesrole as Richard Data Wang in a sequel, though doubted such a project could move ahead since director Richard Donner passed away two years prior.Speaking after winning the Best Supporting Actor in a Motion Picture at the Golden Globe Awards for his role in Everything Everywhere All at Once, he said: First of all, we have the big man here tonight and that would be Steven Spielberg and that's one thing everyone should ask him. There was not one spec that I felt could live up to what the original was.Sadly, we lost the captain of our ship [Donner], who I love dearly, and I really don't know if there will be Goonies 2, but I would be open to reliving that character if there is that opportunity.A month before Donners death in July 2021, Corey Feldman, who portrayed Clark Mouth Devereaux in the original movie, also admitted a sequel was unlikely.He said: Well, Sean Astin and Josh Brolin want a sequel but you know. It's one of those powers that be things. Every time I thought, OK, it's really gonna happen, I've been let down and had my heartbroken.The Dumbest Questions People Ask Google About MoviesThese are all real questions from the People Also Ask section of Google. People asked these questions!Filed Under: Chris Columbus, The Goonies, The Goonies 2Categories: Movie News

Time zones: EST (UTC -5), CST (UTC -6), MST (UTC -7), PST (UTC -8), AKST (UTC -9), HST (UTC -10)Who We AreWe're a scrappy, ambitious startup on a mission to empower the next generation of thinkers and writers through cutting-edge generative AI. We don't just build; we innovate, we experiment, and we have fun doing it. We're big on using open-source tech and contributing back when it makes sense. If you're looking to join a team that knows when to work and when to sweat the details, we're your people.Who You AreYou're a tech adventurer with at least 5 years of experience who can write killer code, crack a joke, and doesn't break into a cold sweat when someone says "git rebase." You know when to move fast, when to slow down, and - if not - you're willing to learn the difference. If you find generative AI coding assistants amusingly dumb in the wrong hands but jaw-droppingly powerful in the right onescome on in.What You Bring to the TableLanguages: Proficiency in Ruby/Ruby on Rails is essential. Bonus points if you can tango with JavaScript/TS, Python, Go, Rust, or Zig.Web App Mastery: You get the web stack: from HTTP/TCP to Websockets, HTML, HTMX, and enough CSS to not break things.ORM Savvy: You can use one, but you're happier slinging SQL yourself.UI/UX Sense: You appreciate good design, even if your idea of a palette is "light mode or dark mode?"Git Ninja: You know your way around git rebase and git merge without needing a counselor.Fast Learner: You're excited to play with shiny new tech and can get shit done without needing a babysitter.Team Player: You'll work closely with our experienced CTO, soaking up knowledge and contributing your own wizardry.Bonus Points if YouHave dabbled with LLMs, training models, or Agentic workflowsUnderstand that "scrappy" isn't just a dogit's a way of lifeThink contributing to open source isn't just cool; it's the right thing to doWhat You'll Be DoingCollaborating with the CTO to build, optimize, and scale core productsWriting robust, maintainable code across our stackEngaging in building and fine-tuning workflows that may involve generative AI pipelinesInnovating within our open-source-first ecosystem and making meaningful contributions backBalancing the act of moving fast vs. being careful (sometimes on the same day)Why You'll Love Working With UsGround Floor Vibes: Early-stage startup with room to grow and learnFlexibility: Work where you're most productiveA Fun Bunch: We mean business but aren't afraid to crack a jokeTech Playground: We don't just use the latest tech; we experiment and build itReady to Join?Shoot us your resume, GitHub link, or whatever you think shows off your skills. If you've got a portfolio of side projects or an open-source contribution you're proud of, show it off!We're excited to build with you. No egos, no nonsensejust great code, hard work, and some fun along the way. Related Jobs See more Full-Stack Programming jobs

MIT Technology Reviews Whats Next series looks across industries, trends, and technologies to give you a first look at the future. You can read the rest of themhere. In November, a young man named Noland Arbaugh announced hed be livestreaming from his home for three days straight. His broadcast was in some ways typical fare: a backyard tour, video games, meet mom. The difference is that Arbaugh, who is paralyzed, has thin electrode-studded wires installed in his brain, which he used to move a computer mouse on a screen, click menus, and play chess. The implant, called N1, was installed last year by neurosurgeons working with Neuralink, Elon Musks brain-interface company. The possibility of listening to neurons and using their signals to move a computer cursor was first demonstrated more than 20 years ago in a lab setting. Now, Arbaughs livestream is an indicator that Neuralink is a whole lot closer to creating a plug-and-play experience that can restore peoples daily ability to roam the web and play games, giving them what the company has called digital freedom. But this is not yet a commercial product. The current studies are small-scalethey are true experiments, explorations of how the device works and how it can be improved. For instance, at some point last year, more than half the electrode-studded threads inserted into Aurbaughs brain retracted, and his control over the device worsened; Neuralink rushed to implement fixes so he could use his remaining electrodes to move the mouse. Neuralink did not reply to emails seeking comment, but here is what our analysis of its public statements leads us to expect from the company in 2025. More patients How many people will get these implants?he posted on X: If all goes well, there will be hundreds of people with Neuralinks within a few years, maybe tens of thousands within five years, millions within 10 years. In reality, the actual pace is slowera lot slower. Thats because in a study of a novel device, its typical for the first patients to be staged months apart, to allow time to monitor for problems. Neuralink has publicly announced that two people have received an implant: Arbaugh and a man referred to only as Alex, who received his in July or August. Then, on January 8, Musk disclosed during an online interview that there was now a third person with an implant. Weve got now three patients, three humans with Neuralinks implanted, and they are all working well, Musk said. During 2025, he added, we expect to hopefully do, I dont know, 20 or 30 patients. Barring major setbacks, expect the pace of implants to increasealthough perhaps not as fast as Musk says. In November, Neuralink updated its US trial listing to include space for five volunteers (up from three), and it also opened a trial in Canada with room for six. Considering these two studies only, Neuralink would carry out at least two more implants by the end of 2025 and eight by the end of 2026. However, by opening further international studies, Neuralink could increase the pace of the experiments. Better control So how good is Arbaughs control over the mouse? You can get an idea by trying a game called Webgrid, where you try to click quickly on a moving target. The program translates your speed into a measure of information transfer: bits per second. Neuralink claims Arbaugh reached a rate of over nine bits per second, doubling the old brain-interface record. The median able-bodied user scores around 10 bits per second, according to Neuralink. And yet during his livestream, Arbaugh complained that his mouse control wasnt very good because his model was out of date. It was a reference to how his imagined physical movements get mapped to mouse movements. That mapping degrades over hours and days, and to recalibrate it, he has said, he spends as long as 45 minutes doing a set of retraining tasks on his monitor, such as imagining moving a dot from a center point to the edge of a circle. Noland Arbaugh stops to calibrate during a livestream on X@MODDEDQUAD VIA X Improving the software that sits between Arbaughs brain and the mouse is a big area of focus for Neuralinkone where the company is still experimenting and making significant changes. Among the goals: cutting the recalibration time to a few minutes. We want them to feel like they are in the F1 [Formula One] car, not the minivan, Bliss Chapman, who leads the BCI software team, told the podcaster Lex Fridman last year. Device changes Before Neuralink ever seeks approval to sell its brain interface, it will have to lock in a final device design that can be tested in a pivotal trial involving perhaps 20 to 40 patients, to show it really works as intended. That type of study could itself take a year or two to carry out and hasnt yet been announced. In fact, Neuralink is still tweaking its implant in significant waysfor instance, by trying to increase the number of electrodes or extend the battery life. This month, Musk said the next human tests would be using an upgraded Neuralink device. The company is also still developing the surgical robot, called R1, thats used to implant the device. It functions like a sewing machine: A surgeon uses R1 to thread the electrode wires into peoples brains. According to Neuralinks job listings, improving the R1 robot and making the implant process entirely automatic is a major goal of the company. Thats partly to meet Musks predictions of a future where millions of people have an implant, since there wouldnt be enough neurosurgeons in the world to put them all in manually. We want to get to the point where its one click, Neuralink president Dongjin Seo told Fridman last year. Robot arm Late last year, Neuralink opened a companion study through which it says some of its existing implant volunteers will get to try using their brain activity to control not only a computer mouse but other types of external devices, including an assistive robotic arm. We havent yet seen what Neuralinks robotic arm looks likewhether its a tabletop research device or something that could be attached to a wheelchair and used at home to complete daily tasks. But its clear such a device could be helpful. During Aurbaughs livestream he frequently asked other people to do simple things for him, like brush his hair or put on his hat. Arbaugh demonstrates the use of Imagined Movement Control.@MODDEDQUAD VIA X And using brains to control robots is definitely possiblealthough so far only in a controlled research setting. In tests using a different brain implant, carried out at the University of Pittsburgh in 2012, a paralyzed woman named Jan Scheuermann was able to use a robot arm to stack blocks and plastic cups about as well as a person whod had a severe strokeimpressive, since she couldnt actually move her own limbs. There are several practical obstacles to using a robot arm at home. One is developing a robot thats safe and useful. Another, as noted by Wired, is that the calibration steps to maintain control over an arm that can make 3D movements and grasp objects could be onerous and time consuming. Vision implant In September, Neuralink said it had received breakthrough device designation from the FDA for a version of its implant that could be used to restore limited vision to blind people. The system, which it calls Blindsight, would work by sending electrical impulses directly into a volunteers visual cortex, producing spots of light called phosphenes. If there are enough spots, they can be organized into a simple, pixelated form of vision, as previously demonstrated by academic researchers. The FDA designation is not the same as permission to start the vision study. Instead, its a promise by the agency to speed up review steps, including agreements around what a trial should look like. Right now, its impossible to guess when a Neuralink vision trial could start, but it wont necessarily be this year. More money Neuralink last raised money in 2003, collecting around $325 million from investors in a funding round that valued the company at over $3 billion, according to Pitchbook. Ryan Tanaka, who publishes a podcast about the company, Neura Pod, says he thinks Neuralink will raise more money this year and that the valuation of the private company could triple. Fighting regulators Neuralink has attracted plenty of scrutiny from news reporters, animal-rights campaigners, and even fraud investigators at the Securities and Exchange Commission. Many of the questions surround its treatment of test animals and whether it rushed to try the implant in people. More recently, Musk has started using his X platform to badger and bully heads of state and was named by Donald Trump to co-lead a so-called Department of Government Efficiency, which Musk says will get rid of nonsensical regulations and potentially gut some DC agencies. During 2025, watch for whether Musk uses his digital bullhorn to give health regulators pointed feedback on how theyre handling Neuralink. Other efforts Dont forget that Neuralink isnt the only company working on brain implants. A company called Synchron has one thats inserted into the brain through a blood vessel, which its also testing in human trials of brain control over computers. Other companies, including Paradromics, Precision Neuroscience, and BlackRock Neurotech, are also developing advanced brain-computer interfaces. Special thanks to Ryan Tanaka of Neura Pod for pointing us to Neuralinks public announcements and projections.

Submitted by WA ContentsOppenheim Architecture carves out a resort inside the Hejaz Mountains in Saudi Arabia Saudi Arabia Architecture News - Jan 16, 2025 - 15:22 html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd"Miami, Basel, and Tirana-based architecture firm Oppenheim Architecture has carved out a luxury resort inside the Hejaz Mountains inSaudi Arabia.Named Desert Rock, the new resort was completed as a component of the Red Sea Project (TRSDC), a development along the west coast of Saudi Arabia that would create a network of 90 inhabited islands.One of the most anticipated luxury hospitality experiences in the world, Desert Rock, was officially opened. Desert Rock consists of 48 villas and 12 hotel rooms.Working closely with developer Red Sea Global, Oppenheim Architecture developed and designed the innovative project tucked away in Saudi Arabia's ancient highlands.Desert Rock, establishing a new standard for immersive design, celebrates the fusion of architecture and environment in keeping with Oppenheim Architecture's philosophy of planning and building with the land, not on it.With accommodations that complement rather than obstruct the breathtaking landscape, Desert Rock, which is carved into the Hejaz Mountains, provides a close connection to the natural world. Desert Rock honors this rich past by drawing inspiration from the Nabataean culture, which was once thriving on the Arabian Peninsula and is well-known for its rock-carved structures.When guests arrive, they enter a hidden valley that gradually reveals a group of amenities spread across 30,000 square meters of property.The resort offers a variety of choices for accommodation, from suites nestled into the mountains to ground-level villas, all of which are designed to optimize natural light, unobstructed views, and a tactile connection to the desert.The Cliff Hanging Villas, which are perched high above the resort and offer dramatic views; the Mountain Cave Suites and Mountain Crevice Villas, which offer privacy and cliffside pools suspended on the edge of the Massif; the Wadi Villas at Desert Rock, which have private pools and spacious living areas; and the Royal Villa, which is tucked away in a completely private section of the valley, offers a customized private retreat.Every component of the resort's architecture was thoughtfully chosen to reduce its environmental impact. Excavated materials were recycled into the project's infrastructure as it was being built. Native plants help create a more lush, green wadi, and the incorporation of passive cooling and effective systems lowers energy usage throughout Desert Rock.When taken as a whole, these environmentally conscious factors demonstrate Desert Rock's dedication to sustainable tourism and the idea of preserving the area's natural beauty rather than destroying it."Desert Rock embodies our philosophy of connecting architecture to the spirit of place," said Chad Oppenheim, Founding Principal of Oppenheim Architecture."By respecting and enhancing the natural environment, we have created a sanctuary that allows guests to experience the beauty and power of the landscape in deeply personal and meaningful ways," Oppenheim added.The opening of Desert Rock is a major turning point in Oppenheim Architecture's quest to reinvent premium eco-tourism, which just celebrated its 25th anniversary of creating architecture that blends in with its natural surroundings. It is a powerful example of how building can foster reverence for the natural environment. Through careful consideration of site-specific design, Oppenheim Architecture keeps influencing a future in which ecological stewardship, comfort, and style are exquisitely combined.Oppenheim Architecture revealed preliminary design of the project in 2021. In addition, the firm unveiled new vision for College Of Europe's Tirana Campus. Moreover, the firm won an international architecture competition to design the new Besa Museum, which will be Albanias newest cultural institution.All images courtesy Red Sea Global and Oppenheim Architecture.> via Oppenheim Architecture

Scheme to restore sites Victorian glass houses back to their original characterCGI showing how the gardens will look after the restoration1/4show captionHowells has been given the green light for a transformation and restoration of Birminghams grade II*-listed botanical gardens.The 15-acre gardens in Edgbaston were laid out in 1829 and developed over the course of the 19th century with several large glass houses.It is now home to 10,000 species of temperate, tropical and subtropical plants, the largest collection in the Midlands.Howells will work with heritage practice Donald Insall Associates on a refurbishment of the site aiming to restore its buildings to their original Victorian character.Howells partner Sandeep Shambi said: The Birmingham Botanical Gardens are one of the last independent botanical gardens in the UK and so its vitally important that this important heritage asset is conserved but also given space to develop.Donald Insall Associates practice director Matthew Vaughan added: Conservation of the glasshouses to respond to these particular heritage considerations will be a key challenge, protecting the historic fabric while enhancing their performance for the needs of the collection within.The Growing our Green Heritage project is supported by a Stage 1 grant from the National Lottery Heritage Fund.

A bad mattress can have serious health implications that go far beyond relentless tossing and turning at night. It can cause severe pain and easily exacerbate existing health conditions. That's why the IRS allows you to use your pre-tax dollars in yourhealth savings account (HSA) or flexible spending account (FSA) towards health-forward items, such as asmart ring or bedding. An HSA or FSA can be a great way to afford that new mattress you need, but it isn't available to just anybody. First, you have to qualify.Every mattress manufacturer has a different process. For example, with Sleep Number, you purchase your mattress first and then complete a survey for qualification. With Avocado, you fill out your survey first and then check out. If you're considering purchasing a new bed, this is how to buy your next bed with HSA or FSA funds.Can I use my FSA or HSA for a mattress? Andrey Popov/Getty ImagesMattresses are not generally covered byHSA and FSA funds, but there are exceptions. According to theHSA Store, "A mattress expense is only eligible when its components and construction costs exceed those of a standard mattress for general health." To use your funds for a new mattress, you'll need to provide a letter of medical necessity (LMN)from a medical professional stating you have a medical need for a new HSA- or FSA-eligible mattress. Common symptoms for an LMN include but are not limited to the following:Mattress eligibility includes beds for both adults and children. For 2024, the annual pre-tax contributions for ahealth savings account are capped at $4,150 individually or $8,300 per family, with an additional $1,000 allotment for those 55 years and older. You have all year to use these funds, but any unused funds are forfeited after December 31 of each year. After you submit your claim and LMN, it typically only takes days to receive expense approval.Mattress brands that may be FSA- or HSA-eligibleThese are some of the most popular mattress brands that may be FSA- or HSA-eligible and their respective processes forbuying a new mattress.Sleep Number Video producer and mattress expert Owen tests the adjustable bed frame on Sleep Number's Climate360 smart bed. Jon Gomez/CNETSleep Number is one of the most well-known manufacturers of mattresses and has an established process for buying new FSA- and HSA-eligible mattresses. Its line of smart beds includes the c2, p5 and i8 smart beds.It's easy to purchase a new Sleep Number bed, with just three steps required.Buy your mattress:Complete the Truemed survey: Your receipt or order confirmation will hold a link to a quick reimbursement survey from Sleep Number's health advocacy partner,Truemed. Results will automatically be submitted to a licensed provider so you can access a free evaluation.Submit paperwork:Nectar Sleep writer Aly Lopez testing the Nectar Premier Hybrid as a stomach sleeper. Dillon Lopez/CNETNectaris a popular mattress manufacturer, withpopular modelssuch as theNectar LuxeandNectar Premier Hybrid.Nectar uses a simple process, much like its competitors, to apply HSA or FSA funds toward a new mattress purchase.Go to checkout:Complete the questionnaire: Nectar requires you to complete a quick survey regarding your health to confirm eligibility.Submit your claim: Use your HSA or FSA funds directly to pay for your mattress, or you can use a personal payment method to submit a claim later to your HSA or FSA administrator.Avocado Video producer and mattress expert Dillon Lopez testing the Avocado Green mattress. Jon Gomez/CNETWith Avocado, you have a wide choice of FSA- and HSA-eligible mattresses available for both adults and kids. All mattresses are eligible and have an exclusive HSA/FSA callout with a green check icon where the "Buy Now" box is located.Avocado also requires three steps, but they're slightly different from Sleep Number.Check your eligibility: Complete a quick survey from Sika to determine eligibility.Purchase your mattress: Buy your selected mattress using Sika to checkout with your HSA or FSA funds.Submit your claim: Instructions for submitting your reimbursement claim will be on your Sika receipt. Your letter of medical necessity will then follow if you're approved.DreamCloud Video producer and mattress expert Wes Ott testing the edge support of the DreamCloud mattress. Jon Gomez/CNETDreamCloud also requires three steps to receive reimbursement for your new bed.Checkout: Add your DreamCloud mattress to your cart and choose "Pay with HSA/FSA" as your payment method.Complete the survey:Pay for your mattress: You can use your HSA or FSA card like a normal credit card to make payment. You can also use a personal form of payment and submit a claim through your HSA or FSA administrator.Ghostbed Video producer and mattress expert Jon Gomez testing the edge support of the GhostBed mattress. Owen Poole/CNETWith Ghostbed, you have mattress options like the Ghostbed Oasis or the Ghostbed Luxe. Ghostbed offers a straightforward process that works in conjunction with Truemed.Go to checkout:Complete the Truemed survey:Finish checkout: After the survey, you can complete checkout directly through Truemed. If you prefer to pay with a personal payment method, you'll need to file a claim afterward for reimbursement.Bottom lineIf your sleep is beingsabotaged by your mattress, you could receive pre-tax dollars to put towards a new one. However, mattresses are commonly excluded from HSA/FSA funds unless a medical professional deems them medically necessary. Keep in mind that it can be challenging to become approved, so you may not receive the funds for a new bed.If budget is a concern, consider a more affordable mattress like theBrooklyn Bedding Signature Hybrid, which is a cost-effective choice with great value. Our guide to thebest mattresses of 2024 can help you find the right mattress for your needs at a price you can afford.

Nintendo hopes to beat Switch, sell 20m Switch 2 consoles in first year, analysts sayLuigi's mission.Image credit: Nintendo/Eurogamer News by Victoria Kennedy News Reporter Published on Jan. 16, 2025 Nintendo has reportedly set itself up with a supply chain network which will ultimately allow the company to sell in excess of 20m Switch 2 units during the console's first year on the market.This nugget of information comes from a Bloomberg report citing Sanford C. Bernstein analyst Robin Zhu. To put that number into more perspective, Nintendo sold "around 15m" Switch units during its own first four quarters after release, so we are looking at (potentially) a 33 percent increase in sales during those first 12 months."Given the hardware segment drove 40 percent of fiscal 2024 top line, a successor to the 2017 Switch could go hand-in-hand with its stronger game pipeline in fiscal 2026, reversing what is expected to be the fourth consecutive year of lackluster sales growth in fiscal 2024," added analyst Nathan Naidu.Nintendo Switch 2 Reactions - THE SWITCH 2 REVEAL TRAILER IS HERE!Watch on YouTubeToday's announcement of the Switch 2 has been a long time coming. Over the last two or so years, we have been presented with leaks and reports from what felt like every corner of the internet bar Nintendo itself.Now, however, the day has finally come for Nintendo's Switch successor to take the spotlight. Along with what appears to be mouse functionality for its Joy-Cons, Nintendo also teased a new Mario Kart game coming to Switch 2.We will hear more about Switch 2 in April, when Nintendo hosts a Direct for the console. As for when we will be able to get our hands on the hardware, it will be available to play in London on April 11th to 13th.If it is still more Switch 2 you want, our Tom has broken down today's teaser so you can enjoy the console from every angle.

You can trust VideoGamer. Our team of gaming experts spend hours testing and reviewing the latest games, to ensure you're reading the most comprehensive guide possible. Rest assured, all imagery and advice is unique and original. Check out how we test and review games hereNetEases Marvel Rivals is still going strong with the release of Season 1, the free-to-play game saw a huge meta shift with the arrival of huge buffs and nerfs. With new heroes coming every month-and-a-half, and the developers plans to never add a Role Queue, NetEase is hoping that frequent meta shakeups will keep the game alive.After Season 0 win rates revealed the games most popular characters were also its biggest losers, the huge balance changes have changed everything.Marvel Rivals Season 1 win ratesVia stat-tracking website Rivals Meta, its possible to see exactly what characters are getting the most wins in Marvel Rivals. In Season 0, Hulk was the top character in the free-to-play game, but the radiation-powered behemoth is now the tenth-best character in the game.In Season 1, the most successful character is the weather-controlling mutant Storm. During the season, Storm has gained a total win rate of 56.48% with a pick rate of 17.55%. This gives the character a massive lead with the second most successful character, Rocket Raccoon, resting at a 54.85% win rate.In terms of popularity, Cloak and Dagger is currently the most popular pick for Marvel Rivals Season 1 with 48.30% of picks. However, the characters success rate has massively dropped to just 48.20%.As for the games biggest loser, the sniper-focused assassin Black Widow takes both spots. With a disastrous pick rate of just 2.7% and a win rate of just 40.32%, Black Widow is, by far, the biggest loser of Rivals Season 1 update. Take her back to Vormir, guys.With Rivals developers working on a host of new heroes and villains for the gameincluding Ant-Man/Iron Man villain Ultron, every season should hopefully see huge meta shifts just like this one. Who will be the biggest loser of Season 2? Me. The answer is me.Marvel RivalsPlatform(s):macOS, PC, PlayStation 5, Xbox Series S, Xbox Series XGenre(s):Fighting, ShooterSubscribe to our newsletters!By subscribing, you agree to our Privacy Policy and may receive occasional deal communications; you can unsubscribe anytime.Share