Extreme "glacial cooling" that occurred more than a million years ago in southern Europe is likely to have caused an "extinction of early humans" on the continent, according to new research. From a report: The previously unknown ice age pushed the European climate to "beyond what archaic humans could tolerate" and likely wiped out human life on the continent temporarily, concluded an academic paper published in the journal Science. The findings by 11 researchers from institutions including University College London and the University of Cambridge challenge the long-held idea that humans have continuously occupied Europe since first arriving in the region. The newly discovered cooling event was "comparable to some of the most severe events of recent ice ages," said the paper's lead author Vasiliki Margari from UCL. "We suggest that these extreme conditions led to the depopulation of Europe," the researchers concluded. Glacial-interglacial cycles, or warmer and colder periods each lasting thousands of years, have occurred cyclically over the past 2.6mn years, with large ice sheets forming during the colder spells and melting during the warmer periods. According to the academic paper, a previously unknown glacial period that occurred about 1.1mn years ago led to abrupt cooling that lasted about 4,000 years. This happened as conditions began to warm and large ice sheets melted into the Atlantic Ocean, which pushed down European sea and land temperatures.Read more of this story at Slashdot.
An anonymous reader quotes a report from The Guardian: Virgin Galactic's VSS Unity, the reusable rocket-powered space plane carrying the company's first crew of tourists to space, successfully launched and landed on Thursday. The mission, known as Galactic 02, took off shortly after 11am ET from Spaceport America in New Mexico. Aboard the spacecraft were six individuals total -- the space plane's commander and former Nasa astronaut CJ Sturckow, the pilot Kelly Latimer, as well as Beth Moses, Virgin Galactic's chief astronaut instructor who trained the crew before to the flight. The spacecraft also carried three private passengers, including the health and wellness coach Keisha Schahaff and her 18-year-old daughter, Anastasia Mayers, both of whom are Antiguan. [...] Galactic 02 is a suborbital flight. However, despite VSS Unity not reaching orbit, the trajectory allows passengers to experience several minutes of weightlessness at an altitude high enough for them to see the Earth's curvature, Space.com explains. Following liftoff, Virgin Galactic's carrier plane VMS Eve transported VSS Unity to an altitude of about 44,300ft. Eve then dropped Unity which then fired its own rocket motor and ascended to suborbital space. Passengers aboard experienced approximately 3Gs. Live footage inside the spacecraft showed the passengers unstrapping themselves from their seats and peering out down to earth through the windows as they floated throughout the spacecraft. Despite Galactic 02 being Virgin Galactic's second commercial spaceflight mission, it is the first flight to carry private customers. In June, Galactic 01 carried three crew members from the Italian air force and the National Research Council of Italy. According to Virgin Galactic, the company has already booked a backlog of about 800 customers. Tickets have ranged from $250,000 to $450,000. Galactic 03, the company's third commercial spaceflight, is planned for September.Read more of this story at Slashdot.
SanDisk's silence this week has been deafening. Its portable SSDs are being lambasted as users and tech publications call for them to be pulled. From a report: The recent scrutiny of the drives follows problems from this spring when users, including an Ars Technica staff member, saw Extreme-series portable SSDs wipe data and become unmountable. A firmware update was supposed to fix things, but new complaints dispute its effectiveness. SanDisk has stayed mum on recent complaints and hasn't explained what caused the problems. In May, Ars Technica reported on SanDisk Extreme V2 and Extreme Pro V2 SSDs wiping data before often becoming unreadable to the user's system. At least four months of complaints had piled up by then, including on SanDisk's forums and all over Reddit. Even Ars' Lee Hutchinson fell victim to the faulty drives. Two whole Extreme Pros died on him. Both times they filled about 50 percent and then showed a bunch of read and write errors. Upon disconnecting and reconnecting, the drive was unformatted and wiped, and he could not fix either drive by wiping and reformatting. When Ars reached out to SanDisk about the problem in May, it didn't answer most of our questions about why these problems happened (and, oddly, excluded certain models we saw affected when naming which models were affected).Read more of this story at Slashdot.
Amid the flood of big tech layoffs, entry to Y Combinator has become the most competitive it's ever been. From a report: Silicon Valley's premier business incubator has received 44,000 applications so far this year, the most ever, and the acceptance rate for its summer batch was less than 1%, the lowest in the organization's history. Garry Tan, the president and chief executive officer of Y Combinator, said he anticipates "little tech" will thrive even in a turbulent economy. Cuts at big tech companies have unshackled people to work on important, new companies, Tan said on this week's episode of The Circuit with Emily Chang. "I think a lot of large companies started treating their employee base almost as a place to park resources and almost as a competitive moat versus the other giants," he said. "The amount of talent that was locked up in cushy jobs,a Tan said, "I'm hoping a lot of them actually come over to startups, and they realize, oh, this is what it's like to run fast again." Tan stepped into the top job at Y Combinator in January, succeeding co-founder Paul Graham and Sam Altman, who went on to help start OpenAI. Tan himself was accepted to the incubator as a founder in 2008, the same year Mark Zuckerberg attended the accelerator's regular "demo day" where Jeff Bezos announced Amazon Web Services.Read more of this story at Slashdot.
Russia hopes to launch its first successful lunar landing mission for nearly 50 years, with a long-delayed takeoff from the far east of the country scheduled for early on Friday morning that the Kremlin aims to tout as a new achievement in space exploration. From a report: The Luna-25 mission will seek to land near the south pole of the moon, collecting geological samples from the area, and sending back data for signs of water or its building blocks, which could raise the possibility of a future human colony on the moon. But the more immediate goal is to prove that Russia still can launch a lunar landing mission after numerous failures in the past, generations of turnover among its scientific experts, delays due to sanctions and now isolation due to its war in Ukraine. Post-Soviet Russia has launched two failed space landing missions, the Mars-96 in 1996 and Phobos-Grunt in 2011, both of which crash-landed into the Pacific Ocean. "The Russian Federation hasn't had much luck with launching unmanned interplanetary probes," said Vitaly Egorov, a blogger who writes extensively on space exploration. "Now 12 years later they're launching Luna-25 and the main intrigue is whether or not it will succeed in reaching [the moon] or not, and if it does, can it actually land there? "One of the main goals is to let modern specialists put down space probes softly on celestial objects. They haven't had that experience in 47 years. That knowledge needs to be restored for new specialists on a new technological level."Read more of this story at Slashdot.
YouTube knows that it has a spam problem, particularly when it comes to its two-year-old Shorts feature. In an attempt to do something about it, the streamer has announced it's deactivating links in Shorts descriptions, comments and the vertical live feed. From a report: YouTube is also taking away the ability to click on social media icons on any desktop channel banners. The new changes will start to roll out on August 31st. Though YouTube claims it won't continue its "unclickable" crusade, but it adds, "Because abuse tactics evolve quickly, we have to take preventative measures to make it harder for scammers and spammers to mislead or scam users via links." At the same time, YouTube is adding new links on creators' channels, with a big clickable link appearing by the Subscribe button starting August 23rd. The link can bring users to anything from merchandise sites to social media accounts. The platform also recently introduced more creator tools for Shorts, like voiceovers. However, it won't be until at least the end of September that the streamer introduces "safer" ways to guide people from their Shorts back to the rest of their content.Read more of this story at Slashdot.
The nation's best-known public universities have been on an unfettered spending spree. Over the past two decades, they erected new skylines comprising snazzy academic buildings and dorms. They poured money into big-time sports programs and hired layers of administrators. Then they passed the bill along to students. From a report: The University of Kentucky upgraded its campus to the tune of $805,000 a day for more than a decade. Its freshmen, who come from one of America's poorest states, paid an average $18,693 to attend in 2021-22. Pennsylvania State University spent so much money that it now has a budget crisis -- even though it's among the most expensive public universities in the U.S. The University of Oklahoma hit students with some of the biggest tuition increases, while spending millions on projects including acquiring and renovating a 32,000-square-foot Italian monastery for its study-abroad program. The spending is inextricably tied to the nation's $1.6 trillion federal student debt crisis. Colleges have paid for their sprees in part by raising tuition prices, leaving many students with few options but to take on more debt. That means student loans served as easy financing for university projects. It has long been clear to American families that the cost of college has gone up, even at public schools designed to be affordable for state residents. To get at the root cause, The Wall Street Journal examined financial statements since 2002 from 50 universities known as flagships, typically the oldest public school in each state, and adjusted for inflation. At the median flagship university, spending rose 38% between 2002 and 2022. Only one school in the Journal's analysis -- the University of Idaho -- spent less. The schools paid for it in part by pulling in tuition dollars. The median flagship received more than double the revenue from undergraduate and graduate tuition and fees it did 20 years prior. Even accounting for enrollment gains, that amounted to a 64% price increase for the average student, far outpacing the growth in most big household expenses.Read more of this story at Slashdot.
British technology minister Michelle Donelan defended plans to require messaging apps to provide access to encrypted private messages when needed to protect children from abuse, which major platforms say would undermine the privacy of their users. From a report: Donelan told the BBC that the government was not against encryption, and the access would only be requested as a last resort, under Britain's Online Safety Bill which is expected to become law later this year. "I, like you, want my privacy because I don't want people reading my private messages. They'd be very bored but I don't want them to do it," said Donelan, minister for science, innovation and technology. "However, we do know that on some of these platforms, they are hotbeds sometimes for child abuse and sexual exploitation. And we have to be able access that information should that problem occur."Read more of this story at Slashdot.
Hackers with apparent links to the Belarusian government have been targeting foreign diplomats in the country for nearly 10 years, according to security researchers. From a report: On Thursday, antivirus firm ESET published a report that details the activities of a newly discovered government hacking group that the company has dubbed MoustachedBouncer. The group has likely been hacking or at least targeting diplomats by intercepting their connections at the internet service provider (ISP) level, suggesting close collaboration with Belarus' government, according to ESET. Since 2014, MoustachedBouncer has targeted at least four foreign embassies in Belarus: two European nations, one from South Asia, and another from Africa. "The operators were trained to find some confidential documents, but we're not sure exactly what they were looking for," ESET researcher Matthieu Faou told TechCrunch in an interview ahead of his talk at the Black Hat cybersecurity conference in Las Vegas. "They are operating only inside Belarus against foreign diplomats. So we have never seen any attack by MustachedBouncer outside of Belarus."Read more of this story at Slashdot.
Amazon is jettisoning dozens of its in-house brands as part of a significant reduction of its private-label operation as it works to fend off antitrust scrutiny and shore up profit. From a report: The Seattle-based company in the past year has decided to eliminate 27 of its 30 clothing brands, such as Lark & Ro, Daily Ritual and Goodthreads, according to people familiar with the matter. Some of the brands remain on Amazon's site for now as the company sells off remaining inventory, but when completed its house-label clothing division will have just three brands: Amazon Essentials, Amazon Collection and Amazon Aware. Amazon also is dropping private-label furniture, phasing out its Rivet and Stone & Beam brands once its stock of those items are gone, some of the people said. Exact numbers for brands being cut in other parts of the business couldn't be learned, but Amazon Basics, which sells a range of home goods and tech accessories, will remain a focus for the company.Read more of this story at Slashdot.
An anonymous reader quotes a report from the Associated Press: President Joe Biden signed an executive order Wednesday to block and regulate high-tech U.S.-based investments going toward China -- a move the administration said was targeted but it also reflected an intensifying competition between the world's two biggest powers. The order covers advanced computer chips, micro electronics, quantum information technologies and artificial intelligence. Senior administration officials said that the effort stemmed from national security goals rather than economic interests, and that the categories it covered were intentionally narrow in scope. The order seeks to blunt China's ability to use U.S. investments in its technology companies to upgrade its military while also preserving broader levels of trade that are vital for both nations' economies. The officials previewing the order said that China has exploited U.S. investments to support the development of weapons and modernize its military. The new limits were tailored not to disrupt China's economy, but they would complement the export controls on advanced computer chips from last year that led to pushback by Chinese officials. The Treasury Department, which would monitor the investments, will announce a proposed rulemaking with definitions that would conform to the presidential order and go through a public comment process. The goals of the order would be to have investors notify the U.S. government about certain types of transactions with China as well as to place prohibitions on some investments. Officials said the order is focused on areas such as private equity, venture capital and joint partnerships in which the investments could possibly give countries of concern such as China additional knowledge and military capabilities.The Chinese Ministry of Commerce responded in a statement early Thursday that it has "serious concern" about the order and "reserves the right to take measures." "We hope the U.S. side respects the laws of the market economy and the principle of fair competition, does not artificially obstruct global economic and trade exchanges and cooperation and does not put up obstacles for the recovery and growth of the world economy." The Chinese Ministry of Commerce also said the executive order "seriously deviates from the market economy and fair competition principles the United States has always advocated. It affects the normal business decisions of enterprises, disrupts the international economic and trade order and seriously disrupts the security of global industrial and supply chains."Read more of this story at Slashdot.
A recent comprehensive study reveals that automated bots are substantially more efficient than humans at cracking Captcha tests, a widely used security measure on over 100 popular websites. The Independent reports: In the study, scientists assessed 200 of the most popular websites and found 120 still used Captcha. They took the help of 1,000 participants online from diverse backgrounds -- varying in location, age, sex and educational level -- to take 10 captcha tests on these sites and gauge their difficulty levels. Researchers found many bots described in scientific journals could beat humans at these tests in both speed and accuracy. Some Captcha tests took human participants between nine and 15 seconds to solve, with an accuracy of about 50 to 84 per cent, while it took the bots less than a second to crack them, with up to near perfection. "The bots' accuracy ranges from 85-100 per cent, with the majority above 96 per cent. This substantially exceeds the human accuracy range we observed (50-85 per cent)," scientists wrote in the study. They also found that the bots' solving times are "significantly lower" or nearly the same as humans in almost all cases.Read more of this story at Slashdot.
A scientist has observed a "gravitational anomaly" in certain star systems that could potentially upend a fundamental assumption about the universe, according to a new study. Motherboard reports: Kyu-Hyun Chae, an astronomer at Sejong University, has now put these models to the test by analyzing the accelerations of stars in 26,500 wide binaries located within about 650 light years of Earth using imagery captured by the European Space Agency's Gaia observatory. Scientists have previously searched for signs of modified gravity in these systems, but Chae took the next step by developing a new code that could account for special details, like the occurrence rate of so-called "nested" binaries in which the loosely orbiting stars also have close stellar companions. The new data suggests that when the gravitational accelerations of these stars slip below one nanometer per second squared, they begin to move in ways that are more aligned with MOND models than by the standard model. Chae said the findings offer "direct evidence for the breakdown of standard gravity at weak acceleration" and reveal "an immovable anomaly of gravity in favor of MOND-based modified gravity," according to a recent study published in The Astrophysical Journal. In the new study, Chae reports what he calls "clear evidence" that the movements of binaries at points of weak acceleration seem to sync up with a particular MOND prediction known as AQUAL, according to the study. This discovery suggests that the standard view of gravity cannot account for these motions at low accelerations, which may inspire scientists to rethink aspects of Newton's inverse square law of gravity and Einstein's general relativity, as well as the necessity of dark matter. "Because a large amount of dark matter -- six times the baryonic or ordinary matter based on the standard model -- was required by assuming that general relativity was valid in the low acceleration limit, such a need for a large amount of dark matter is no longer valid," Chae explained. "This does not necessarily preclude the possibility that new particles, such as sterile neutrinos, could not be found. But, it is clear that there is no need for as much dark matter as required by general relativity." "When the results started to show up from my new and more reliable code, my initial reaction was that it was unbelievable," Chae said in an email to Motherboard. "I was feeling like I was dreaming. It seemed so unreal. This is because my results did not match any previous results." "Several previous results even claimed that the standard gravity was preferred by wide binaries data including Gaia DR3. One group has been claiming an anomaly for some time, but the anomaly seemed not to match well the predictions of existing modified gravity theories. However, those previous studies did not self-calibrate or fully take into account the amount of hidden nested binaries."Read more of this story at Slashdot.
An anonymous reader quotes a report from TechCrunch: Imagine being able to sit behind a hacker and observe them take control of a computer and play around with it. That's pretty much what two security researchers did thanks to a large network of computers set up as a honeypot for hackers. The researchers deployed several Windows servers deliberately exposed on the internet, set up with Remote Desktop Protocol, or RDP, meaning that hackers could remotely control the compromised servers as if they were regular users, being able to type and click around. Thanks to these honeypots, the researchers were able to record 190 million events and 100 hours of video footage of hackers taking control of the servers and performing a series of actions on them, including reconnaissance, installing malware that mines cryptocurrencies, using Android emulators to conduct click fraud, brute-forcing passwords for other computers, hiding the hackers' identities by using the honeypot as a starting point for another attack, and even watching porn. The researchers said a hacker successfully logging into its honeypot can generate "tens of events" alone. The "Rangers," according to the two, carefully explored the hacked computers, doing reconnaissance, sometimes changing passwords, and mostly leaving it at that. "Our hypothesis is that they are evaluating the system they compromised so that another profile of attacker can come back later," the researchers wrote in a blog post published on Wednesday to accompany their talk. The "Barbarians" use the compromised honeypot computers to try and bruteforce into other computers using known lists of hacked usernames and passwords, sometimes using tools such as Masscan, a legitimate tool that allows users to port-scan the whole internet, according to the researchers. The "Wizards" use the honeypot as a platform to connect to other computers in an attempt to hide their trails and the actual origin of their attacks. According to what Bergeron and Bilodeau wrote in their blog post, defensive teams can gather threat intelligence on these hackers, and "reach deeper into compromised infrastructure." According to Bergeron and Bilodeau, the "Thieves" have the clear goal of monetizing their access to these honeypots. They may do that by installing crypto miners, programs to perform click fraud or generate fake traffic to websites they control, and selling access to the honeypot itself to other hackers. Finally, the "Bards" are hackers with very little or almost no skills. These hackers used the honeypots to use Google to search for malware, and even watch porn. These hackers sometimes used cell phones instead of desktop or laptop computers to connect to the honeypots. Bergeron and Bilodeau said they believe this type of hacker sometimes uses the compromised computers to download porn, something that may be banned or censored in their country of origin. In one case, a hacker "was downloading the porn and sending it to himself via Telegram. So basically circumventing a country-level ban on porn," Bilodeau told TechCrunch. "What I think [the hacker] does with this then is download it in an internet cafe, using Telegram, and then he can put it on USB keys, and he can sell it." These types of honeypots could be useful for law enforcement or cybersecurity defensive teams. "Law enforcement could lawfully intercept the RDP environments used by ransomware groups and collect intelligence in recorded sessions for use in investigations," the researchers wrote in the blog post. "Blue teams for their part can consume the [Indicators of Compromise] and roll out their own traps in order to further protect their organization, as this will give them extensive documentation of opportunistic attackers' tradecraft." Moreover, if hackers start to suspect that the servers they compromise may be honeypots, they will have to change strategies and decide whether the risks of being caught are worth it, "leading to a slow down which will ultimately benefit everyone," according to the researchers.Read more of this story at Slashdot.
sciencehabit shares a report from Science: Whether they're in mortal peril or just suffering from indigestion, infants across the animal kingdom cry out to tell their parents they need help. Unfortunately for them, the parents aren't the only ones attuned to the cries of their vulnerable young. Nile crocodiles are uniquely sensitive to the wails of distressed primate babies, according to a new study -- and the more anxious the cry, the more interested the crocs become. Indeed, according to the research, published today in Proceedings of the Royal Society B: Biological Sciences, the reptiles are even better at identifying the emotional cues hidden in the wails of babies than we are -- perhaps because they've evolved to home in on helpless prey. To make the gruesome find, Nicolas Grimault, a bioacoustician at the University of Lyon, and colleagues visited a zoo in Agadir, Morocco, that houses more than 300 Nile crocodiles (Crocodylus niloticus) -- a predator particularly well suited to hunting primates and other mammals. The researchers set up loudspeakers alongside four ponds, where, at each, as many as 25 crocodiles sunbathed on red rock ledges. The speakers blared out a series of cries from chimpanzee (Pan troglodytes), bonobo (P. paniscus), and human infants, captured in a variety of situations in order to document a wide range of emotion. The human infants, for example, were recorded both during bath time and vaccination. (You can listen to the sounds yourself in the videos [here].) Many of the crocs, male and female, responded to the cries by seeking out the source of the sound, rapidly approaching the loudspeaker and sometimes even biting it. But their response depended on the characteristics of the cries they heard: Crocs were more likely to respond to recordings with acoustic features known to correlate to highly upset infants such as disharmony, noise bursts, and uneven tones reminiscent of radio static. The reptiles seemed to be identifying the most distressed prey on the basis of their cries, Grimault says -- a smart strategy for an animal that is a highly opportunistic hunter. "A baby might not scream at the top of its lungs if it's with its mother," Reber adds, "but it might ... if it fell into the water." On average, about one in five crocodiles responded to recordings of human infants experiencing low levels of distress, whereas about one-third responded to the cries of severely distressed human babies. Surprisingly, the crocodiles seemed even better at detecting distress in the cries than humans were. When the researchers asked human volunteers, all of whom had experience with human infants, to listen to the same recorded cries and estimate the level of distress communicated by the sounds, the participants used different features than the crocs did to evaluate the sounds, basing their decisions largely on the pitch of the cries. The researchers note that it's possible some of the crocodiles were acting out of parental concern, rather than blood lust. "Nile crocodile mothers respond to distress calls from their own young, and their attempts to bite the loudspeaker might not be as bad as they look -- mother crocodiles are known to gingerly pick up their own babies in their jaws."Read more of this story at Slashdot.
Verizon's BlueJeans videoconferencing app will be shutting down just over three years after the company bought it for $400 million. 9to5Google reports: In May 2020, Verizon acquired BlueJeans, a business-focused video app that first launched in 2011. At the beginning of 2022, Google and Verizon partnered to preload the BlueJeans app on (since-discontinued) Glass Enterprise Edition 2 smart glasses sold by Verizon. More recently, BlueJeans gained a free tier this year, opening the app to many more potential customers and competing with the free consumer-ready services of Google Meet and Zoom. Suffice it to say BlueJeans didn't take off in popularity. Today, members of Verizon's BlueJeans service were sent an email explaining that the app is being "sunset." The first phase of that shutdown process is that the free trial and the free "BlueJeans Basic" tier will no longer be available as of August 31, 2023. While not stated in the email we've received, business customers of BlueJeans will likely be given a longer period to transition off of the platform. In April 2020, CNBC reported that Verizon was going to pay around $400 million for the company.Read more of this story at Slashdot.
According to Gizmodo, CNET has deleted thousands of old articles over the past few months in a bid to improve its performance in Google Search results. From the report: Archived copies of CNET's author pages show the company deleted small batches of articles prior to the second half of July, but then the pace increased. Thousands of articles disappeared in recent weeks. A CNET representative confirmed that the company was culling stories but declined to share exactly how many it has taken down. The move adds to recent controversies over CNET's editorial strategy, which has included layoffs and experiments with error-riddled articles written by AI chatbots. "Removing content from our site is not a decision we take lightly. Our teams analyze many data points to determine whether there are pages on CNET that are not currently serving a meaningful audience. This is an industry-wide best practice for large sites like ours that are primarily driven by SEO traffic," said Taylor Canada, CNET's senior director of marketing and communications. "In an ideal world, we would leave all of our content on our site in perpetuity. Unfortunately, we are penalized by the modern internet for leaving all previously published content live on our site." CNET shared an internal memo about the practice. Removing, redirecting, or refreshing irrelevant or unhelpful URLs "sends a signal to Google that says CNET is fresh, relevant and worthy of being placed higher than our competitors in search results," the document reads. According to the memo about the "content pruning,a the company considers a number of factors before it "deprecates" an article, including SEO, the age and length of the story, traffic to the article, and how frequently Google crawls the page. The company says it weighs historical significance and other editorial factors before an article is taken down. When an article is slated for deletion, CNET says it maintains its own copy, and sends the story to the Internet Archive's Wayback Machine. The company also says current staffers whose articles are deprecated will be alerted at least 10 days ahead of time. What does Google have to say about this? According to the company's Public Liaison for Google Search, Danny Sullivan, Google recommends against the practice. "Are you deleting content from your site because you somehow believe Google doesn't like 'old' content? That's not a thing! Our guidance doesn't encourage this," Sullivan said in a series of tweets. If a website has an individual page with outdated content, that page "isn't likely to rank well. Removing it might mean, if you have a massive site, that we're better able to crawl other content on the site. But it doesn't mean we go, 'Oh, now the whole site is so much better' because of what happens with an individual page." Sullivan wrote. "Just don't assume that deleting something only because it's old will improve your site's SEO magically."Read more of this story at Slashdot.
An anonymous reader quotes a report from BleepingComputer: Open source project Moq (pronounced "Mock") has drawn sharp criticism for quietly including a controversial dependency in its latest release. Distributed on the NuGet software registry, Moq sees over 100,000 downloads on any given day, and has been downloaded over 476 million times over the course of its lifetime. [...] Last week, one of Moq's owners, Daniel Cazzulino (kzu), who also maintains the SponsorLink project, added SponsorLink to Moq versions 4.20.0 and above. This move sent shock waves across the open source ecosystem largely for two reasons -- while Cazzulino has every right to change his project Moq, he did not notify the user base prior to bundling the dependency, and SponsorLink DLLs contain obfuscated code, making it is hard to reverse engineer, and not quite "open source." "It seems that starting from version 4.20, SponsorLink is included," Germany-based software developer Georg Dangl reported referring to Moq's 4.20.0 release. "This is a closed-source project, provided as a DLL with obfuscated code, which seems to at least scan local data (git config?) and sends the hashed email of the current developer to a cloud service." The scanning capability is part of the .NET analyzer tool that runs during the build process, and is hard to disable, warns Dangl. "I can understand the reasoning behind it, but this is honestly pretty scary from a privacy standpoint." SponsorLink describes itself as a means to integrate GitHub Sponsors into your libraries so that "users can be properly linked to their sponsorship to unlock features or simply get the recognition they deserve for supporting your project." GitHub user Mike (d0pare) decompiled the DLLs, and shared a rough reconstruction of the source code. The library, according to the analyst, "spawns external git process to get your email." It then calculates a SHA-256 hash of the email addresses and sends it to SponsorLink's CDN: hxxps://cdn.devlooped[.]com/sponsorlink. "Honestly Microsoft should blacklist this package working with the NuGet providers," writes Austin-based developer Travis Taylor. "The author can't be trusted. This was an incredibly stupid move that's just created a ton of work for lots of people." Following the backlash, Cazzulino updated the SponsorLink project's README with a lengthy "Privacy Considerations" section that clarifies that no actual email addresses, just their hashes, are being collected.Read more of this story at Slashdot.
Amazon removed several books believed to be written using AI and listed under a real author's name. Decrypt reports: When professor Jane Friedman complained about books that she didn't write being attributed to her on Monday, ecommerce giant Amazon initially said that it would not remove them. But after she took her case to Twitter, earning the backing of the Authors Guild, Amazon relented early this morning. Friedman -- a non-fiction writer, journalist, and educator -- said Amazon had refused to remove the books even though they appeared to trade on her name and reputation as an author who has published how-to guides for other writers. The "garbage books," which Friedman says were probably churned out using generative AI, had the titles "Your Guide to Writing a Bestseller eBook on Amazon," "Publishing Power: Navigating Amazon's Kindle Direct Publishing," and "Promote to Prosper: Strategies to Skyrocket Your eBook Sales on Amazon." When Friedman acknowledged that she could not prove that she owned the trademark on her own name, she said Amazon said it would leave the book up and for sale. But that stance changed late Monday night when the books began disappearing from Amazon's website, and after the Authors Guild offered to step in on Friedman's behalf. "We have clear content guidelines governing which books can be listed for sale and promptly investigate any book when a concern is raised," Amazon spokesperson Ashley Vanicek told Decrypt by email. "We welcome author feedback and work directly with authors to address any issues they raise and where we have made an error, we correct it." Other authors responding to Friedman's tweet said the same thing had happened to them, and in some cases, the publisher of the fraudulent books did more than just use their names. [...] On Tuesday, Friedman again took to Twitter to confirm that the fraudulent works were removed from Amazon. She remained concerned, however, that other writers like Hayes -- who do not have the large audience that she does -- would not be able to raise such a "big red flag."Read more of this story at Slashdot.
Disney is raising prices on almost all of its streaming offerings as it looks to accelerate profitability for the business. CNBC reports: Commercial-free Disney+ will cost $13.99 per month, a 27% increase, beginning Oct. 12. Disney+ with ads will remain $7.99 per month. Disney will also expand its ad-tier offering to select markets in Europe and in Canada beginning Nov. 1. Disney is increasing the price of Hulu without ads to $17.99 per month, a 20% price hike. Hulu with ads will also stay the same price, at $7.99 per month. The decision to price Disney+ nearly as high as commercial-free Netflix and Max, and charge even more for Hulu, signals Disney believes its content library can compete with both of those services. Disney is now betting consumers will pay more for its streaming services even as the Hollywood writers and actors strikes threaten its content pipeline in the coming months. For consumers who want both Disney+ and Hulu without commercials, they can pay $19.99 per month in a new "premium duo" offering -- a $12 per month savings. The Disney+ and Hulu bundle with ads will not change from its $9.99 per month price. Disney also increased the price of its bundle of Disney+ (no ads), Hulu (no ads) and ESPN+ (with ads) to $24.99 per month from $19.99 per month. The bundle of all three products with commercials will be $14.99 per month, an increase of $2 per month. Disney is also increasing the price of Hulu + Live TV with ads to $76.99 from $69.99 per month. The commercial-free Hulu + Live TV will jump to $89.99 per month from $82.99 per month.Read more of this story at Slashdot.
An anonymous reader quotes a report from ExtremeTech: Intel has introduced a telemetry collection service by default in the latest beta driver for its Arc GPUs. You can opt out of it, but we all know most people just click "yes" to everything during a software installation. Intel's release notes for the drivers don't mention this change to how its drivers work, which is a curious omission. News of Intel adding telemetry collection to its drivers is a significant change to how its GPU drivers work. Intel has even given this new collation routine a cute name -- the Intel Computing Improvement Program. Gee, that sounds pretty wonderful. We want to improve our computing, so let's dive into the details briefly. According to TechPowerUp, which discovered the change, Intel has created a landing page for the program that explains what is collected and what isn't. At a high level, it states, "This program uses information about your computer's performance to make product improvements that may benefit you in the future." Though that sounds innocuous, Intel provides a long list of the types of data it collects, many unrelated to your computer's performance. Those include the types of websites you visit, which Intel says are dumped into 30 categories and logged without URLs or information that identifies you, including how long and how often you visit certain types of sites. It also collects information on "how you use your computer" but offers no details. It will also identify "Other devices in your computing environment." Numerous performance-related data points are also captured, such as your CPU model, display resolution, how much memory you have, and, oddly, your laptop's average battery life. The good news is that Intel allows you to opt out of this program, which is not the case with Nvidia. According to TechPowerUp, they don't even ask for permission! As for AMD, they not only give you a choice to opt out but they also explain what data they're collecting.Read more of this story at Slashdot.
Universities in a southern Chinese region are not doing enough to turn academic research into market applications, and in maintaining large piles of idle funds, and the findings could raise questions about the nation's ambitious tech self-sufficiency drive. SCMP: According to a new audit report by the Guangxi Zhuang autonomous region for 2022, nine universities in the region had extremely low conversion rates in bringing inventions to the market -- below 1 per cent -- from 2020 to 2022. Among them, one university saw no successful industrial applications out of 862 implemented research projects funded with a total of 131 million yuan (US$18.2 million). The findings spotlight a long-standing weak link in China's push to strengthen basic research, which it views as crucial to becoming a tech superpower by the middle of the century, and to breaking free US tech-containment measures. "Essentially, this reflects a nationwide issue," said Liu Ruiming, a professor with the National Development and Strategic Research Institute at Renmin University.Read more of this story at Slashdot.
Saudi Arabia has announced its plans to standardise charging ports for all electronic devices to USB-C connectors. From a report: The decision will be put into effect from January 1, 2025 (for all except portable computers or laptops). It was announced by the Saudi Standards, Metrology and Quality Organization and the Communications, Space and Technology Commission. The standardisation is set to happen in two stages. The first stage (from January 1, 2025) will cover mobile phones and other electronic devices such as headphones, keyboards, speakers, routers, etc. The second stage, (from April 1, 2026) will apply to laptops and portable computers. According to the authorities, the decision has been taken to improve user experience and reduce costs.Read more of this story at Slashdot.
DARPA, the Pentagon agency that funds moonshot technology innovations, is hosting a two-year competition for artificial intelligence experts to create new ways to bolster the world's cybersecurity. From a report: The competition launches Wednesday at the cybersecurity conference Black Hat in Las Vegas. It asks participants to create tools that can be used by anyone to help identify and fix holes in software to keep hackers from exploiting them. It will dole out a total of $18.5 million to winners in different categories and will formally conclude at the Def Con hacker conference in Las Vegas in August 2025. In a call to reporters Tuesday previewing the competition, Arati Prabhakar, director of the White House Office of Science and Technology Policy, said it was "a clarion call for all kinds of creative people and organizations to bolster the security of critical software that American families and businesses and all of our society relies on." U.S. organizations have been battered by hackers in recent years. During the Biden administration alone, federal agencies have been repeatedly breached by hackers allegedly working for Chinese and Russian intelligence services, which often find creative ways to break into common software programs and then use that access to spy on government activity around the world.Read more of this story at Slashdot.
National Geographic: Research does show that heart attacks, also called myocardial infarctions, are on the rise in younger people. Common symptoms include chest pain or discomfort; pain that radiates into the jaw, neck, back or arms; shortness of breath; and feeling weak or faint. A study of more than 2,000 young adults admitted for heart attack between 2000 and 2016 in two U.S. hospitals found that 1 in 5 were 40 years old or younger -- and that the proportion of this group has been increasing by 2 percent each year for the last decade. The study, published in 2019 in the American Journal of Medicine, also found that people ages 40 or younger who have had a heart attack are just as likely as older adults to die from another heart attack, stroke, or other reason. In fact, increases in heart disease among younger adults in 2020 and 2021 are responsible for more than 4 percent of the most recent declines in life expectancy in the U.S., according to an editorial published in March in JAMA Network. The problem isn't uniquely American. Research shows that adults in Pakistan and India, for example, are also experiencing heart attacks at younger ages.Read more of this story at Slashdot.
Verizon Communications is raising prices on some existing wireless plans to help boost revenue and offset slumping subscriber growth. From a report: Starting with September bills, customers on Mix and Match plans will pay $3 more for single lines and $5 extra for multiple lines, Chief Financial Officer Tony Skiadas said Wednesday during at an investor conference. The price hike is Verizon's third increase in two years. Last month the carrier marked up its wireless home internet prices by $10. Rival AT&T Inc. this month began charging $2.50 more per month for its top-tier wireless plan. Verizon and AT&T, two of the three largest US wireless carriers, have been raising prices on more popular offerings in an attempt to widen profit margins as mobile phone subscriber growth slows. Both carriers have been signing up fewer customers than T-Mobile US Inc. and are losing market share to cable companies Comcast Corp and Charter Communications, which have been offering free mobile lines.Read more of this story at Slashdot.
The US Supreme Court let Apple keep its App Store payment rules in place for the time being, rejecting an Epic Games request that would have let developers start directing iPhone users to other purchasing options. From a report: Justice Elena Kagan said she wouldn't let a federal appeals court decision take effect immediately, as Epic had sought. The 9th US Circuit Court of Appeals said earlier this year that Apple violated California's Unfair Competition Law by limiting the ability of developers to communicate about alternative payment systems, including purchases through the Epic Games Store. Kagan, who gave no explanation, is the justice assigned to handle emergency matters from the San Francisco-based 9th Circuit. Kagan's rejection of Epic means Apple will get a reprieve from the 9th Circuit ruling, though perhaps only a temporary one. The appeals court put its decision on hold to give Apple time to file a Supreme Court appeal later this year, but the ruling will kick in if the justices refuse to hear the case.Read more of this story at Slashdot.
Researchers are now waking up to another factor why so many places on earth are getting warmer, one that could be filed under the category of unintended consequences: disappearing clouds known as ship tracks. From a report: Regulations imposed in 2020 by the United Nations's International Maritime Organization (IMO) have cut ships' sulfur pollution by more than 80% and improved air quality worldwide. The reduction has also lessened the effect of sulfate particles in seeding and brightening the distinctive low-lying, reflective clouds that follow in the wake of ships and help cool the planet. The 2020 IMO rule "is a big natural experiment," says Duncan Watson-Parris, an atmospheric physicist at the Scripps Institution of Oceanography. "We're changing the clouds." By dramatically reducing the number of ship tracks, the planet has warmed up faster, several new studies have found. That trend is magnified in the Atlantic, where maritime traffic is particularly dense. In the shipping corridors, the increased light represents a 50% boost to the warming effect of human carbon emissions. It's as if the world suddenly lost the cooling effect from a fairly large volcanic eruption each year, says Michael Diamond, an atmospheric scientist at Florida State University. The natural experiment created by the IMO rules is providing a rare opportunity for climate scientists to study a geoengineering scheme in action -- although it is one that is working in the wrong direction. Indeed, one such strategy to slow global warming, called marine cloud brightening, would see ships inject salt particles back into the air, to make clouds more reflective. In Diamond's view, the dramatic decline in ship tracks is clear evidence that humanity could cool off the planet significantly by brightening the clouds. "It suggests pretty strongly that if you wanted to do it on purpose, you could," he says.Read more of this story at Slashdot.
July has been confirmed as the hottest month on record globally after several heatwaves in parts of Europe, according to the Copernicus Climate Change Service (C3S). From a report: The global average temperature was 16.95C last month, surpassing the previous record set in 2019 by a substantial 0.33C. Temperatures exceeded 40C last week in several countries across Europe including Greece, France, Italy and Spain. Wildfires forced the evacuation of thousands of residents and tourists from several Greek islands including Rhodes. There were also high temperatures in South American countries, despite it being winter there. July is estimated to have been about 1.5C warmer than the average for 1850-1900, according to C3S, and 0.72C warmer than the 1991-2020 average. Dr Samantha Burgess, deputy director of C3S, said: "We just witnessed global air temperatures and global ocean surface temperatures set new all-time records in July. These records have dire consequences for both people and the planet exposed to ever more frequent and intense extreme events.Antarctic sea ice has also been at record lows this July, freezing less than in any other winter since satellites began observations in 1979. Further reading: Iran Declares 2-Day Public Holiday on Extreme Heat.Read more of this story at Slashdot.
WeWork warned there's "substantial doubt" about its ability to continue operating. The company cited sustained losses and canceled memberships to its office spaces. From a report: The co-working business will focus over the next 12 months on reducing rental costs, negotiating more favorable leases, increasing revenue and raising capital, WeWork said in a statement Tuesday. The warning comes mere months after WeWork struck a deal with some of its biggest creditors and SoftBank to cut its debt load by around $1.5 billion and extend other maturities. Its bonds trade at deeply distressed levels. The company's 7.875% unsecured notes due 2025 last changed hands for 33.5 cents on the dollar, according to data from Trace. The market cap of WeWork, once valued at $47 billion, fell below $300 million on Wednesday.Read more of this story at Slashdot.
A recently released research reveals a fundamental challenge of developing artificial intelligence: ChatGPT has become worse at performing certain basic math operations. From a report: The researchers at Stanford University and the University of California, Berkeley said the deterioration is an example of a phenomenon known to AI developers as drift, where attempts to improve one part of the enormously complex AI models make other parts of the models perform worse. [...] Thus far, they have tested two versions of ChatGPT: version 3.5, available free online to anyone, and version 4.0, available via a premium subscription. The results aren't entirely promising. They gave the chatbot a basic task: identify whether a particular number is a prime number. This is the sort of math problem that is complicated for people but simple for computers. Is 17,077 prime? Is 17,947 prime? Unless you are a savant you can't work this out in your head, but it is easy for computers to evaluate. A computer can just brute force the problem -- try dividing by two, three, five, etc., and see if anything works. To track performance, the researchers fed ChatGPT 1,000 different numbers. In March, the premium GPT-4, correctly identified whether 84% of the numbers were prime or not. (Pretty mediocre performance for a computer, frankly.) By June its success rate had dropped to 51%. Across eight different tasks, GPT-4 became worse at six of them. GPT-3.5 improved on six measures, but remained worse than its advanced sibling at most of the tasks.Read more of this story at Slashdot.
The U.S. Commerce Department said on Wednesday that more than 460 companies have expressed interested in winning government semiconductor subsidy funding in a bid to boost the country's competitiveness with China's science and technology efforts. From a report: The White House is marking the one-year anniversary on Wednesday of President Joe Biden's signing of the landmark "Chips for America" legislation providing $52.7 billion in subsidies for U.S. semiconductor production, research and workforce development. Biden said in a statement that companies have announced $166 billion in semiconductors and electronics manufacturing over the last year, adding the law will "make America once again a leader in semiconductor manufacturing and less dependent on other countries for our electronics or clean energy supply chains." The Commerce Department began accepting applications in June for the $39-billion subsidy program for U.S. semiconductor manufacturing as well as equipment and materials for making chips but has not yet issued awards. "We're finally making the investments that are long overdue to secure our economic and national security," Commerce Secretary Gina Raimondo told reporters. "We need to move quickly but it's more important we get it right."Read more of this story at Slashdot.
China will require all mobile app providers in the country to file business details with the government, its information ministry said, marking Beijing's latest effort to keep the industry on a tight leash. From a report: The Ministry of Industry and Information Technology (MIIT) said late on Tuesday that apps without proper filings will be punished after the grace period that will end in March next year, a move that experts say would potentially restrict the number of apps and hit small developers hard. You Yunting, a lawyer with Shanghai-based DeBund Law Offices, said the order is effectively requiring approvals from the ministry. The new rule is primarily aimed at combating online fraud but it will impact on all apps in China, he said. Rich Bishop, co-founder of app publishing firm AppInChina, said the new rule is also likely to affect foreign-based developers which have been able to publish their apps easily through Apple's App Store without showing any documentation to the Chinese government. Bishop said that in order to comply with the new rules, app developers now must either have a company in China or work with a local publisher.Read more of this story at Slashdot.
An anonymous reader quotes a report from Phoronix: This Patch Tuesday brings a new and potentially painful processor speculative execution vulnerability... Downfall, or as Intel prefers to call it is GDS: Gather Data Sampling. GDS/Downfall affects the gather instruction with AVX2 and AVX-512 enabled processors. At least the latest-generation Intel CPUs are not affected but Tigerlake / Ice Lake back to Skylake is confirmed to be impacted. There is microcode mitigation available but it will be costly for AVX2/AVX-512 workloads with GATHER instructions in hot code-paths and thus widespread software exposure particularly for HPC and other compute-intensive workloads that have relied on AVX2/AVX-512 for better performance. Downfall is characterized as a vulnerability due to a memory optimization feature that unintentionally reveals internal hardware registers to software. With Downfall, untrusted software can access data stored by other programs that typically should be off-limits: the AVX GATHER instruction can leak the contents of the internal vector register file during speculative execution. Downfall was discovered by security researcher Daniel Moghimi of Google. Moghimi has written demo code for Downfall to show 128-bit and 256-bit AES keys being stolen from other users on the local system as well as the ability to steal arbitrary data from the Linux kernel. Skylake processors are confirmed to be affected through Tiger Lake on the client side or Xeon Scalable Ice Lake on the server side. At least the latest Intel Alder Lake / Raptor Lake and Intel Xeon Scalable Sapphire Rapids are not vulnerable to Downfall. But for all the affected generations, CPU microcode is being released today to address this issue. Intel acknowledges that their microcode mitigation for Downfall will have the potential for impacting performance where gather instructions are in an applications' hot-path. In particular given the AVX2/AVX-512 impact with vectorization-heavy workloads, HPC workloads in particular are likely to be most impacted but we've also seen a lot of AVX use by video encoding/transcoding, AI, and other areas. Intel has not relayed any estimated performance impact claims from this mitigation. Well, to the press. To other partners Intel has reportedly communicated a performance impact up to 50%. That is for workloads with heavy gather instruction use as part of AVX2/AVX-512. Intel is being quite pro-active in letting customers know they can disable the microcode change if they feel they are not to be impacted by Downfall. Intel also believes pulling off a Downfall attack in the real-world would be a very difficult undertaking. However, those matters are subject to debate. Intel's official security disclosure is available here. The Downfall website is downfall.page.Read more of this story at Slashdot.
Google announced today that Chrome is now adopting weekly Stable channel updates in an effort to block major exploits quicker. 9to5Google reports: Google's browser gets major "milestone" updates every four (previously six) weeks, like going from version 100 to 101. In the past, Chrome would get a "Stable Refresh" update to "address security and other high impact bugs" in-between milestones every two weeks. This is now changing to occur weekly between milestones, starting with Google Chrome 116 on desktop and mobile, so that security updates get to end users much faster. Since Chromium is an open source project, "anyone can view the source code, submit changes for review, and see the changes made by anyone else, even security bug fixes." [...] The current patch gap is around 15 days. It was previously 35 days before switching to patch updates every two weeks in 2020. Google expects weekly patch updates to result in security fixes shipping "3.5 days sooner on average, greatly reducing the already small window for n-day attackers to develop and use an exploit against potential victims and making their lives much more difficult." This new schedule will also result in fewer unplanned updates that occur when there are known in-the-wild exploits: "By now shipping stable updates weekly, we expect the number of unplanned updates to decrease since we'll be shipping updates more frequently."Read more of this story at Slashdot.
During its 54th flight on Mars, NASA's helicopter Ingenuity captured an image of the space agency's Perseverance rover. Space.com reports: Perseverance is nearly out of frame at the top of the photo, which Ingenuity took when it was about 16 feet (5 meters) above the red dirt. Unlike previous sorties, the Aug. 3 flight wasn't a scouting run to aid Perseverance's science activities. It lasted just 24 seconds, reached a maximum altitude of 16 feet and covered no ground laterally, according to Ingenuity's flight log. The mission team designed this short and simple hop in an attempt to help understand what happened during Ingenuity's previous flight, which was cut short unexpectedly. The mission team designed this short and simple hop in an attempt to help understand what happened during Ingenuity's previous flight, which was cut short unexpectedly. That July 22 sortie was supposed to last 136 seconds and feature several complicated maneuvers. However, Ingenuity stayed aloft for just 74 seconds, touching down after something triggered its "flight-contingency program." [...] Imagery from Ingenuity's navigation camera likely got out of sync with its inertial measurement unit, which helps the little chopper determine its position, speed and orientation. This also happened near the end of Ingenuity's sixth flight, back in May 2021. The mission team soon uploaded a software patch to deal with the issue, but that patch apparently couldn't handle what happened on Flight 53, NASA officials said in the statement. "Since the very first flight, we have included a program called 'LAND_NOW' that was designed to put the helicopter on the surface as soon as possible if any one of a few dozen off-nominal scenarios was encountered," Teddy Tzanetos, Ingenuity team lead emeritus at NASA's Jet Propulsion Laboratory in Southern California, said in a statement. "During Flight 53, we encountered one of these, and the helicopter worked as planned and executed an immediate landing," Tzanetos added.Read more of this story at Slashdot.
An anonymous reader quotes a report from The Verge: Gizmodo editor-in-chief Daniel Ackerman has sued Apple and other parties over the 2023 Apple TV Plus film Tetris, alleging it rips off his 2016 book The Tetris Effect. Ackerman claims Apple, Tetris rightsholder the Tetris Company, the Tetris film's producers, and screenwriter Noah Pink copied "the exact same feel, tone, approach, and scenes" from The Tetris Effect -- particularly its framing of the game's release as a "Cold War spy thriller." Initially reported by Reuters, Ackerman's lawsuit (PDF) outlines a yearslong correspondence with the Tetris Company as he wrote The Tetris Effect. He claims that the Tetris Company was aware of his work and threatened him with legal action for trying to pursue film and TV adaptations of his own book, only to draw heavily from his framing of the Tetris story. "The film liberally borrowed numerous specific sections and events of the book," claims Ackerman. Apple and the Tetris Company did not immediately respond to requests for comment from The Verge. But Ackerman's case may be difficult given the fact that Tetris and The Tetris Effect both draw on real historical facts, which are not generally protected by copyright law. As a result, the suit relies heavily on arguing that Tetris copies the feel of The Tetris Effect. (He also argues that some potential inventions of the film -- like a guide who turns out to be a secret KGB agent -- are based on speculations in his narrative.) "Ackerman's book took a unique approach to writing about the real history of Tetris, as it not only applied the historical record, but also layered his own original research and ingenuity to create a compelling narrative non-fiction book in the style of a Cold War spy thriller," the suit says. "Mr. Ackerman's literary masterpiece, unlike other articles and writings, dispelled of the emphasis on the actual gameplay and fans, and instead concentrated on the surrounding narrative, action sequences, and adversarial relationship between the players ... This was the identical approach Defendants adopted for the Tetris Film, without notable material distinction." Ackerman says that he reached out after the Tetris trailer's release and unsuccessfully requested Apple and the other defendants address legal issues before the film's release. His suit alleges copyright infringement and unfair competition, among other offenses.Read more of this story at Slashdot.
Long-time Slashdot reader SonicSpike shares a report from NBC News: A divided Supreme Court on Tuesday allowed the Biden administration to enforce regulations aimed at clamping down on so-called ghost guns -- firearm-making kits available online that people can assemble at home. The court, which has a 6-3 conservative majority, in a brief order (PDF) put on hold a July 5 ruling by a federal judge in Texas that blocked the regulations nationwide. The vote was 5-4, with conservatives Chief Justice John Roberts and Justice Amy Coney Barrett joining the three liberal justices in the majority. The federal Bureau of Alcohol, Tobacco, Firearms and Explosives, commonly known as ATF, issued the regulations last year to tackle what it claims has been an abrupt increase in the availability of ghost guns. The guns are difficult for law enforcement to trace, with the administration calling them a major threat to public safety. The rule clarified that ghost guns fit within the definition of 'firearm' under federal law, meaning that the government has the power to regulate them in the same way it regulates firearms manufactured and sold through the traditional process. The regulations require manufacturers and sellers of the kits to obtain licenses, mark the products with serial numbers, conduct background checks and maintain records.Read more of this story at Slashdot.
The White House on Tuesday held its first-ever cybersecurity "summit" on the ransomware attacks plaguing U.S. schools, in which criminal hackers have dumped online sensitive student data, including medical records, psychiatric evaluations and even sexual assault reports. PBS reports: At least 48 districts have been hit by ransomware attacks this year -- already three more than in all of 2022, according to the cybersecurity firm Emsisoft. All but 10 had data stolen, the firm reported. Typically, Russian-speaking foreign-based gangs steal the data -- sometimes including the Social Security numbers and financial data of district staff -- before activating network-encrypting malware then threaten to dump it online unless paid in cryptocurrency. "Last school year, schools in Arizona, California, Washington, Massachusetts, West Virginia, Minnesota, New Hampshire and Michigan were all victims of major cyber attacks," the deputy national security advisor for cyber, Anne Neuberger, told the summit. An October 2022 report from the Government Accountability Office, a federal watchdog agency, found that more than 1.2 million students were affected in 2020 alone -- with lost learning ranging from three days to three weeks. Nearly one in three U.S. districts had been breached by the end of 2021, according to a survey by the Center for Internet Security, a federally funded nonprofit. "Do not underestimate the ruthlessness of those who would do us harm," said Homeland Security Secretary Alejandro Mayorkas during the summit, noting that even reports on suicide attempts have been dumped online by criminal extortionists and urging educators to avail themselves of federal resources already available. Among measures announced at the summit: The Cybersecurity and Infrastructure Security Agency will step up tailored security assessments for the K-12 sector while technology providers, including Amazon Web Services, Google and Cloudflare, are offering grants and other support. A pilot proposed by Federal Communications Commission Chair Jessica Rosenworcel -- yet to be voted on by the agency -- would make $200 million available over three years to strengthen cyber defense in schools and libraries.Read more of this story at Slashdot.
Soon, all GM EV's on the Ultium platform will come equipped with bidirectional charging capabilities. Electrek reports: According to a release from GM this morning, the automaker has decided to roll out V2H capabilities to all of its incoming EV models, in addition to those already promised. [...] According to GM, all new EVs based upon the Ultium platform will feature bi-directional charging by model year 2026, so expect additional models beyond those above to also come equipped with the ability to power your home. GM states its expanded V2H access will be supported by the rollout of the Ultium Home bundles previously announced, although we still do not know how much this technology is going to cost homeowners. GM says that additional details of expanded V2H technology and the specific timings of its rollout to the models mentioned above will be revealed at a later date. In the meantime, check out GM's latest sizzle reel showing off some of the incoming capabilities of its Ultium EVs, including a shadowy peek at the aforementioned Escalade IQ.Read more of this story at Slashdot.
An anonymous reader quotes a report from TechCrunch: Google today announced the launch of Project IDX, its foray into offering an AI-enabled browser-based development environment for building full-stack web and multiplatform apps. It currently supports frameworks like Angular, Flutter, Next.js, React, Svelte and Vue, and languages like JavaScript and Dart, with support for Python, Go and others in the works. Google did not build a new IDE (integrated development environment) when it created IDX. Instead, it is using Visual Studio Code -- Open Source as the basis of its project. This surely allowed the team to focus on the integration with Codey, Google's PaLM 2-based foundation model for programming tasks. Thanks to Codey, IDX supports smart code completion, a ChatGPT/Bard-like chatbot that can help developers with general coding questions as well as those related specifically to the code you are working on (including the ability to explain it) and the ability to add contextual code actions like "add comments." "We spend a lot of time writing code, and recent advances in AI have created big opportunities to make that time more productive," the IDX team explains in today's announcement. "With Project IDX, we're exploring how Google's innovations in AI -- including the Codey and PaLM 2 models powering Studio Bot in Android Studio, Duet in Google Cloud and more -- can help you not only write code faster, but also write higher-quality code." As a cloud-based IDE, it's no surprise that Project IDX integrates with Google's own Firebase Hosting (and Google Cloud Functions) and allows developers to bring in existing code from the GitHub repository. Every workspace has access to a Linux-based VM (virtual machine) and, soon, embedded Android and iOS simulators right in the browser.Read more of this story at Slashdot.
TSMC is committing $3.8 billion to establish its first European factory in Germany, benefiting from significant state support for the $11 billion project as Europe aims to shorten supply chains. Reuters reports: The plant, which will be TSMC's third outside of traditional manufacturing bases Taiwan and China, is central to Berlin's ambition to foster the domestic semiconductor industry its car industry will need to remain globally competitive. Germany, which has been courting the world's largest contract chipmaker since 2021, will contribute up to 5 billion euros to the factory in Dresden, capital of the eastern state of Saxony, German officials said. "Germany is now probably becoming the major location for semiconductor production in Europe," German Chancellor Olaf Scholz said, less than two months after Intel announced a 30 billion euro plan to build two chip-making plants in the country. "That is important for the resilience of production structures around the world, but it is also important for the future viability of our European continent, and it is of course particularly important for the future viability of Germany." TSMC said it would invest up to 3.499 billion euros into a subsidiary, European Semiconductor Manufacturing Company (ESMC), of which it will own 70%. Germany's Bosch and Infineon and the Netherlands' NXP (NXPI.O) will each own 10% of the plant, which will make up to 40,000 wafers a month for cars and industrial and home products when it opens in 2017. The factory will cost around 10 billion euros in total.Read more of this story at Slashdot.
The UK's Electoral Commission revealed that a cyber attack granted access to the data of 40 million voters. It went unnoticed for a year and was not disclosed to the public for an additional 10 months. The Guardian reports: The Electoral Commission apologized for the security breach in which the names and addresses of all voters registered between 2014 and 2022 were open to "hostile actors" as far back as August 2021. The attack was discovered last October and reported within 72 hours to the Information Commissioner's Office (ICO), as well as the National Crime Agency. However, the public has only now been informed that the electoral registers containing the data of millions of voters may have been accessible throughout that time. The Electoral Commission said it was "not able to know conclusively" what information had been accessed. It is not known whether the attackers were linked to a hostile state, such as Russia, or a criminal cyber gang. The watchdog said "much of the data" was already in the public domain and insisted it would be difficult for anyone to influence the outcome of the UK's largely paper-based electoral system, but it acknowledged that voters would still be concerned. The attackers were able to access full copies of the electoral registers, held by the commission for research purposes and to enable permissibility checks on political donations. These registers include the name and address of anyone in the UK who was registered to vote between 2014 and 2022. The commission's email system was also accessible during the attack. The full register held by the Electoral Commission contains name and address data that can be inspected by the public but only locally through electoral registration officers, with only handwritten notes allowed. The information is not permitted to be used for commercial or marketing purposes. The data of anonymous voters whose details are private for safety reasons and the addresses of overseas voters were not accessible to the intruders in the IT system. A spokesperson for the ICO, the UK's independent regulator on data protection, said: "The Electoral Commission has contacted us regarding this incident and we are currently making inquiries." They added: "We recognize this news may cause alarm to those who are worried they may be affected and we want to reassure the public that we are investigating as a matter of urgency. In the meantime, if anyone is concerned about how their data has been handled, they should get in touch with the ICO or check our website for advice and support."Read more of this story at Slashdot.
An anonymous reader quotes a report from Ars Technica: Discussion about artificial intelligence is everywhere these days -- even the Vatican. On Tuesday, Pope Francis issued a communique announcing the theme for World Day of Peace 2024 as "Artificial Intelligence and Peace," emphasizing the potential impact of AI on human life and calling for responsible use, ethical reflection, and vigilance to prevent negative consequences. [...] In the communique, Pope Francis' office called for "an open dialogue on the meaning of these new technologies, endowed with disruptive possibilities and ambivalent effects." Echoing common ethical sentiments related to AI, he said society needs to be vigilant about the technology so that "a logic of violence and discrimination does not take root in the production and use of such devices, at the expense of the most fragile and excluded." The Pope even glanced at alignment, a popular concept in the AI community that seeks to "align" the outputs of AI with the positive needs of humanity. "The urgent need to orient the concept and use of artificial intelligence in a responsible way, so that it may be at the service of humanity and the protection of our common home, requires that ethical reflection be extended to the sphere of education and law," the statement said. The Vatican issued the communique through the Dicastery for Promoting Integral Human Development, which is a department of the Roman Curia, the administrative apparatus of the Holy See and the central governing body through which the Pope conducts the affairs of the global Catholic Church.Read more of this story at Slashdot.
Amazon is the most successful manufacturer of Arm server chips, accounting for just over half of Arm-based server CPUs currently deployed, while some chipmakers are also now betting on Arm-based Windows PCs. From a report: This information comes from a report issued by Bernstein Research which estimates that nearly 10 percent of servers across the world contain Arm processors, and 40 percent of those are located in China, as we reported earlier. But that total is beaten by just one company -- Amazon -- which has slightly above 50 percent of all Arm server CPUs in the world deployed in its Amazon Web Services (AWS) datacenters, said the analyst. Amazon currently uses its own Graviton family of chips, designed by the Annapurna Labs division of Amazon Web Services and introduced to the world back in 2018, which are for its own internal use only. The latest iteration is the Graviton3E for high-performance computing applications, introduced towards the end of 2022. According to Bernstein, because these chips were optimized for the specific needs of AWS, the company is able to fit in more cores per socket or per rack and the chips consume less power, translating to lower spending on space and cooling.Read more of this story at Slashdot.
Speaking of SMSes, Google announced today it's making its Messages by Google app more secure with improvements to RCS, or Rich Communication Services -- a protocol aimed at replacing SMS and is more on par with the advanced features found in Apple's iMessage. From a report: The company says it will now make RCS the default for both new and existing Messages app users. In addition, end-to-end encryption for group chats is now fully rolled out to all RCS users. The latter had launched into an open beta earlier this year after earlier tests, but was not fully launched until now. With this update, all conversations between users in Messages, whether 1:1 or group chats, will now be kept private, Google says. Since rolling out RCS to U.S. Android users in 2019, Google has been campaigning in an effort to pressure Apple into adopting the technology in its own messaging service, iMessage. It even launched a website last year to explain why RCS benefits consumers, noting "It's not about the color of the bubbles. It's the blurry videos, broken group chats, missing read receipts and typing indicators, no texting over Wi-Fi and more."Read more of this story at Slashdot.
Air pollution is helping to drive a rise in antibiotic resistance that poses a significant threat to human health worldwide, a global study suggests. From a report: The analysis, using data from more than 100 countries spanning nearly two decades, indicates that increased air pollution is linked with rising antibiotic resistance across every country and continent. It also suggests the link between the two has strengthened over time, with increases in air pollution levels coinciding with larger rises in antibiotic resistance. "Our analysis presents strong evidence that increasing levels of air pollution are associated with increased risk of antibiotic resistance," researchers from China and the UK wrote. "This analysis is the first to show how air pollution affects antibiotic resistance globally." Their findings are published in the Lancet Planetary Health journal. Antibiotic resistance is one of the fastest-growing threats to global health. It can affect people of any age in any country and is already killing 1.3 million people a year, according to estimates. The main drivers are still the misuse and overuse of antibiotics, which are used to treat infections. But the study suggests the problem is being worsened by rising levels of air pollution. The study did not look at the science of why the two might be linked. Evidence suggests that particulate matter PM2.5 can contain antibiotic-resistant bacteria and resistance genes, which may be transferred between environments and inhaled directly by humans, the authors said. Air pollution is already the single largest environmental risk to public health. Long-term exposure to air pollution is associated with chronic conditions such as heart disease, asthma and lung cancer, reducing life expectancy. Short-term exposure to high pollution levels can cause coughing, wheezing and asthma attacks, and is leading to increased hospital and GP attendances worldwide.Read more of this story at Slashdot.
Federal regulators continued their crackdown against employees of Wall Street firms using private messaging apps to communicate, with 11 brokerage firms and investment advisers agreeing Tuesday to pay $549 million in fines. From a report: Wells Fargo, BNP Paribas, Societe Generale and Bank of Montreal were hit with the biggest penalties by the Securities and Exchange Commission and the Commodity Futures Trading Commission. Together, the brokerage and investment advisory arms of those four financial institutions accounted for nearly 90 percent of the fines, according to statements released by the regulators. The latest round of fines adds to the nearly $2 billion in penalties against big Wall Street banks announced last year for similar violations. In all, the regulators have now penalized more than two dozen banks and investment firms for not properly policing employees use of "off channel" messaging services like WhatsApp, iMessage and Signal. The S.E.C. charged the financial institutions for failing to properly "maintain and preserve" all official communications by their employees. Federal securities laws require banks and investments firms to maintain records and make sure their employees are not conducting company business using unauthorized means of communication.Read more of this story at Slashdot.
The Original High-C writes: Dear Commander Taco, I hope you are well, as the world is increasingly 'mid', as the kids say. I am the guy whose story you published 17 years ago about a nerd rap compilation. We had a wild ride, as documented in this, um, documentary on Amazon Prime. Long after anyone stopped caring, I finally released my first free-as-in-beer album. This song tells the story of the ultimate demise of the scene, and I felt it was a fitting bookend for our first chapter. Maybe 2.0 will be better? Thanks for all you did for us, if no one ever told you before. Sincerely, The Original High-CRead more of this story at Slashdot.
A U.S. judge rejected Google's bid to dismiss a lawsuit claiming it invaded the privacy of millions of people by secretly tracking their internet use. From a report: U.S. District Judge Yvonne Gonzalez Rogers on Monday said she could not find that users consented to letting Google collect information about what they viewed online because the Alphabet unit never explicitly told them it would. David Boies, a lawyer for the plaintiffs in the proposed $5 billion class action, called the decision "an important step in protecting the privacy interests of millions of Americans." The plaintiffs alleged that Google's analytics, cookies and apps let the Mountain View, California-based company track their activity even when they set Google's Chrome browser to "Incognito" mode and other browsers to "private" browsing mode. They said this let Google learn enough about their friends, hobbies, favorite foods, shopping habits, and "potentially embarrassing things" they seek out online, becoming "an unaccountable trove of information so detailed and expansive that George Orwell could never have dreamed it."Read more of this story at Slashdot.
Slashdot