"A shrinking number of kids are reading widely and voraciously for fun," writes a New York-based children's book author in the Atlantic. But why? The ubiquity and allure of screens surely play a large part in this — most American children have smartphones by the age of 11 — as does learning loss during the pandemic. But this isn't the whole story. A survey just before the pandemic by the National Assessment of Educational Progress showed that the percentages of 9- and 13-year-olds who said they read daily for fun had dropped by double digits since 1984. I recently spoke with educators and librarians about this trend, and they gave many explanations, but one of the most compelling — and depressing — is rooted in how our education system teaches kids to relate to books.... In New York, where I was in public elementary school in the early '80s, we did have state assessments that tested reading level and comprehension, but the focus was on reading as many books as possible and engaging emotionally with them as a way to develop the requisite skills. Now the focus on reading analytically seems to be squashing that organic enjoyment. Critical reading is an important skill, especially for a generation bombarded with information, much of it unreliable or deceptive. But this hyperfocus on analysis comes at a steep price: The love of books and storytelling is being lost. This disregard for story starts as early as elementary school. Take this requirement from the third-grade English-language-arts Common Core standard, used widely across the U.S.: "Determine the meaning of words and phrases as they are used in a text, distinguishing literal from nonliteral language...." [A]s several educators explained to me, the advent of accountability laws and policies, starting with No Child Left Behind in 2001, and accompanying high-stakes assessments based on standards, be they Common Core or similar state alternatives, has put enormous pressure on instructors to teach to these tests at the expense of best practices.... [W]e need to get to the root of the problem, which is not about book lengths but the larger educational system. We can't let tests control how teachers teach: Close reading may be easy to measure, but it's not the way to get kids to fall in love with storytelling. Teachers need to be given the freedom to teach in developmentally appropriate ways, using books they know will excite and challenge kids. "There's a whole generation of kids who associate reading with assessment now," librarian/public school teacher Jennifer LaGarde tells the Atlantic. And their article notes the problem doesn't end after grade school. "By middle school, not only is there even less time for activities such as class read-alouds, but instruction also continues to center heavily on passage analysis, said LaGarde, who taught that age group."

Read more of this story at Slashdot.

Anyone have career advice for this anonymous Slashdot reader? I've had a great career from 1992 to today. I've been a front line coder for most of that, but also a team lead, a supervisor, a project manager, a scrum master, etc.. My career has been marked by expediency — I did whatever needed doing at the time, in whatever tools necessary. However, now I'm 52, and I'm getting tired of leadership and project management, and I would like to return to that front line again. The legacy skills I have are no longer in demand. (They aren't Cobol.) Here's the rub: I am happy to do the work nobody else wants to do. Dead languages, abandoned codebases with little documentation, precariously built systems with rickety infrastructure... I've worked in them before, and I would be fine doing it again. I'm afraid of nothing, but I don't want to keep climbing the bleeding edge of the technical mountain. I'd be happy to be silently, competently keeping things moving. By 55 I would like to make that move. It's either that or retire, which is an option... but I love the technical work. They're soliciting suggestions from other Slashdot readers. ("Where to focus? How to prep?") So share your own best advice in the comments. How can an aging project manager return to coding on unpopular legacy codebases?

Read more of this story at Slashdot.

Slashdot reader quonset writes: In an effort to more personalize a customer's experience, the U.S. restaurant chain Panera Bread is rolling out palm-scanning technology which will link the palm print with the customer's loyalty program. According to Panera Bread CEO Niren Chaudhary, the move will allow a "frictionless, personalized, and convenient" evolution of Panera's loyalty program, which boasts 52 million members. The claim is this will allow the company to offer menu choices based on a customer's order history, allow staff to personally greet the customer, and offer further suggestions. Privacy advocates are not so sure. From the story: Panera says the technology will securely store its customers' biometric data. However, digital rights activists worry that information could be tapped by federal agencies or accessed by hackers. "Federal agencies like Customs and Border Protection have experienced devastating hacks where large databases of biometric information have been stolen," Fight for the Future told CBS MoneyWatch in an email. "Do we really expect Amazon, or Panera, to have better cybersecurity practices?" The scanners are already installed at locations in St. Louis, Panera announced Wednesday, and scanners will "expand to additional locations in the coming months." (Panera has 2,113 locations in 48 states.) "After a simple scan of the palm, Panera associates will be able to greet guests by name, communicate their available rewards, reorder their favorite menu items, or take another order of their choice," the announcement gushes, "extending the guest experience into a true and meaningful relationship. "When they are done ordering, guests can simply scan their palm again to pay."

Read more of this story at Slashdot.

It's one of America's best hospitals — a nonprofit "academic medical center" called the Cleveland Clinic. And this week it installed an IBM-managed quantum computer to accelerate healthcare research (according to an announcement from IBM). IBM is calling it "the first quantum computer in the world to be uniquely dedicated to healthcare research." The clinic's CEO said the technology "holds tremendous promise in revolutionizing healthcare and expediting progress toward new cares, cures and solutions for patients." IBM's CEO added that "By combining the power of quantum computing, artificial intelligence and other next-generation technologies with Cleveland Clinic's world-renowned leadership in healthcare and life sciences, we hope to ignite a new era of accelerated discovery." em>Inside HPC points out that "IBM Quantum System One" is part of a larger biomedical research program applying high-performance computing, AI, and quantum computing, with IBM and the Cleveland Clinic "collaborating closely on a robust portfolio of projects with these advanced technologies to generate and analyze massive amounts of data to enhance research." The Cleveland Clinic-IBM Discovery Accelerator has generated multiple projects that leverage the latest in quantum computing, AI and hybrid cloud to help expedite discoveries in biomedical research. These include: - Development of quantum computing pipelines to screen and optimize drugs targeted to specific proteins; - Improvement of a quantum-enhanced prediction model for cardiovascular risk following non-cardiac surgery; - Application of artificial intelligence to search genome sequencing findings and large drug-target databases to find effective, existing drugs that could help patients with Alzheimer's and other diseases. The Discovery Accelerator also serves as the technology foundation for Cleveland Clinic's Global Center for Pathogen & Human Health Research, part of the Cleveland Innovation District. The center, supported by a $500 million investment from the State of Ohio, Jobs Ohio and Cleveland Clinic, brings together a team focused on studying, preparing and protecting against emerging pathogens and virus-related diseases. Through the Discovery Accelerator, researchers are leveraging advanced computational technology to expedite critical research into treatments and vaccines.

Read more of this story at Slashdot.

400 undersea cables carry 95% of the world's international internet traffic, reports Reuters (citing figures from Washington-based telecommunications research firm TeleGeography). But now there's "a growing proxy war between the United States and China over technologies that could determine who achieves economic and military dominance for decades to come." In February, American subsea cable company SubCom LLC began laying a $600-million cable to transport data from Asia to Europe, via Africa and the Middle East, at super-fast speeds over 12,000 miles of fiber running along the seafloor. That cable is known as South East Asia-Middle East-Western Europe 6, or SeaMeWe-6 for short. It will connect a dozen countries as it snakes its way from Singapore to France, crossing three seas and the Indian Ocean on the way. It is slated to be finished in 2025. It was a project that slipped through China's fingers.... The Singapore-to-France cable would have been HMN Tech's biggest such project to date, cementing it as the world's fastest-rising subsea cable builder, and extending the global reach of the three Chinese telecom firms that had intended to invest in it. But the U.S. government, concerned about the potential for Chinese spying on these sensitive communications cables, ran a successful campaign to flip the contract to SubCom through incentives and pressure on consortium members.... It's one of at least six private undersea cable deals in the Asia-Pacific region over the past four years where the U.S. government either intervened to keep HMN Tech from winning that business, or forced the rerouting or abandonment of cables that would have directly linked U.S. and Chinese territories.... Justin Sherman, a fellow at the Cyber Statecraft Initiative of the Atlantic Council, a Washington-based think tank, told Reuters that undersea cables were "a surveillance gold mine" for the world's intelligence agencies. "When we talk about U.S.-China tech competition, when we talk about espionage and the capture of data, submarine cables are involved in every aspect of those rising geopolitical tensions," Sherman said.

Read more of this story at Slashdot.

An anonymous reader quotes Neowin: Google Project Zero is a security team responsible for discovering security flaws in Google's own products as well as software developed by other vendors. Following discovery, the issues are privately reported to vendors and they are given 90 days to fix the reported problems before they are disclosed publicly.... Now, the security team has reported several flaws in CentOS' kernel. As detailed in the technical document here, Google Project Zero's security researcher Jann Horn learned that kernel fixes made to stable trees are not backported to many enterprise versions of Linux. To validate this hypothesis, Horn compared the CentOS Stream 9 kernel to the stable linux-5.15.y stable tree.... As expected, it turned out that several kernel fixes have not been made deployed in older, but supported versions of CentOS Stream/RHEL. Horn further noted that for this case, Project Zero is giving a 90-day deadline to release a fix, but in the future, it may allot even stricter deadlines for missing backports.... Red Hat accepted all three bugs reported by Horn and assigned them CVE numbers. However, the company failed to fix these issues in the allotted 90-day timeline, and as such, these vulnerabilities are being made public by Google Project Zero. Horn is urging better patch scheduling so "an attacker who wants to quickly find a nice memory corruption bug in CentOS/RHEL can't just find such bugs in the delta between upstream stable and your kernel."

Read more of this story at Slashdot.

An anonymous reader shares this report from the New York Post: Disgruntled Amazon corporate employees are reportedly devastated after a top human resources executive shot down an internal petition that asked the tech giant's leaders to nix its return-to-office plan. Approximately 30,000 workers had signed a petition begging CEO Andy Jassy to cancel his directive that most employees work on site at least three days per week. The return-to-office plan is slated to take effect on May 1. Beth Galetti, Amazon's HR chief, shot down the petition in a message to organizers obtained by Insider and signaled that the return-to-office plan will move forward as scheduled. "Given the large size of our workforce and our wide range of businesses and customers, we recognize this transition may take time, but we are confident it will result in long-term benefits to increasing our ability to deliver for our customers, bolstering our culture, and growing and developing employees," Galetti said in the memo.... In the petition, which first surfaced last month, Amazon workers argued they are more productive and enjoy a better work-life balance in a remote work environment. The workers also asserted that the three-day-per-week requirement runs contrary to Amazon's stances on issues such as affordable housing, diversity and climate change.... Meanwhile, Jassy has argued that working more days on site will help build effective collaboration and "deliver for customers and the business."

Read more of this story at Slashdot.

Hackaday recently shared some thoughts on "purpose-built" distros: Some examples are Kali for security testing, DragonOS for software-defined radio, or Hannah Montana Linux for certain music fans. Anyone can roll their own Linux distribution with the right tools, including [Shadly], who recently created one which only loads enough software to launch the 1993 classic DOOM.... It loads the Linux kernel and the standard utilities via BusyBox, then runs fbDOOM, which is a port of the game specifically designed to run on the Linux framebuffer with minimal dependencies. Their report includes video of the distro booting up and playing Doom. "The entire distribution is placed into a bootable ISO file that can be placed on any bootable drive."

Read more of this story at Slashdot.

The Free Software Foundation held their annual LibrePlanet conference last week — and announced that Eli Zaretskii, co-maintainer of GNU Emacs, won their "Advancement of Free Software" award. "He has been a contributor to Emacs for more than thirty years," notes the FSF announcement, "and as co-maintainer, coordinates the work of more than two hundred active contributors. During Zaretskii's tenure as co-maintainer, the Emacs development community has implemented several important new features, including native compilation of the editor's Emacs Lisp backbone into machine code." Zaretskii was honored with a recorded message from the original author/principal maintainer of GNU Emacs back in 1985, Richard Stallman: "For many years, I was the principal maintainer of GNU Emacs, but then others came along to do the work, and I haven't been heavily involved in Emacs development for many, many years. Nowadays, our principal maintainer of Emacs is extremely diligent and conscientious and has brought about a renaissance in new features and new packages added to Emacs, and the result is very impressive. So I'm happy to give the Free Software Award to Eli Zaretskii, principal maintainer of GNU Emacs. Thank you for your work." In his recorded acceptance of the award, Zaretskii said, "The truth is my contribution to free software in general and to Emacs development in particular is quite modest, certainly compared to those who won this award before me.... And even my modest achievement as the Emacs developer and lately the co-maintainer would have been impossible without all the other contributors and the Emacs community as a whole. No significant free software project can be developed, maintained, and led forward without participation and support of its members. And Emacs is no exception." Their award for Outstanding New Free Software Contributor went to Tad (SkewedZeppelin), the chief developer of DivestOS, a fork of Android which removes many proprietary binaries "and which puts freedom, security, and device longevity as its main concerns," according to the FSF's announcement. "Tad has also contributed to the Replicant distribution of Android, a project fiscally sponsored by the FSF." And their award for Project of Social Benefit went to GNU Jami, a free software videoconferencing tool "that is fully decentralized and encrypted, allowing thousands around the world to communicate in both freedom and security. In contrast to proprietary conferencing programs like Zoom, which are nonfree software, Jami is an official GNU package licensed under the GNU GPLv3+."

Read more of this story at Slashdot.

Toronto-based Feroot Security "found that so-called tracking pixels from the TikTok parent company were present in 30 U.S. state-government websites across 27 states," reports the Wall Street Journal, "including some where the app has been banned from state networks and devices." The review was performed in January and February. The presence of that code means that U.S. state governments around the country are inadvertently participating in a data-collection effort for a foreign-owned company, one that senior Biden administration officials and lawmakers of both parties have said could be harmful to U.S. national security and the privacy of Americans. Administrators who manage government websites use such pixels to help measure the effectiveness of advertising they have purchased on TikTok.... The presence of the TikTok tracking code on government websites underlines the challenge for those who deem the China-owned app a potential data-security threat. Lawmakers in both parties are considering a nationwide ban, but simply uprooting the app from U.S. smartphones wouldn't stop all data-tracking activities.... Feroot found that the average website it studied had more than 13 embedded pixels. Google's were far and away the most common, with 92% of websites examined having some sort of Google tracking pixel embedded. About 50% of the websites the firm examined had Microsoft Corp. or Facebook pixels. TikTok had a presence in less than 10% of sites examined.

Read more of this story at Slashdot.

OpenAI took ChatGPT offline earlier this week "due to a bug in an open-source library which allowed some users to see titles from another active user's chat history," according to an OpenAI blog post. "It's also possible that the first message of a newly-created conversation was visible in someone else's chat history if both users were active around the same time.... "Upon deeper investigation, we also discovered that the same bug may have caused the unintentional visibility of payment-related information of 1.2% of the ChatGPT Plus subscribers who were active during a specific nine-hour window." In the hours before we took ChatGPT offline on Monday, it was possible for some users to see another active user's first and last name, email address, payment address, the last four digits (only) of a credit card number, and credit card expiration date. Full credit card numbers were not exposed at any time. We believe the number of users whose data was actually revealed to someone else is extremely low. To access this information, a ChatGPT Plus subscriber would have needed to do one of the following: - Open a subscription confirmation email sent on Monday, March 20, between 1 a.m. and 10 a.m. Pacific time. Due to the bug, some subscription confirmation emails generated during that window were sent to the wrong users. These emails contained the last four digits of another user's credit card number, but full credit card numbers did not appear. It's possible that a small number of subscription confirmation emails might have been incorrectly addressed prior to March 20, although we have not confirmed any instances of this. - In ChatGPT, click on "My account," then "Manage my subscription" between 1 a.m. and 10 a.m. Pacific time on Monday, March 20. During this window, another active ChatGPT Plus user's first and last name, email address, payment address, the last four digits (only) of a credit card number, and credit card expiration date might have been visible. It's possible that this also could have occurred prior to March 20, although we have not confirmed any instances of this. We have reached out to notify affected users that their payment information may have been exposed. We are confident that there is no ongoing risk to users' data. Everyone at OpenAI is committed to protecting our users' privacy and keeping their data safe. It's a responsibility we take incredibly seriously. Unfortunately, this week we fell short of that commitment, and of our users' expectations. We apologize again to our users and to the entire ChatGPT community and will work diligently to rebuild trust. The bug was discovered in the Redis client open-source library, redis-py. As soon as we identified the bug, we reached out to the Redis maintainers with a patch to resolve the issue. "The bug is now patched. We were able to restore both the ChatGPT service and, later, its chat history feature, with the exception of a few hours of history."

Read more of this story at Slashdot.