Slashdot

Long-time Slashdot reader theodp writes: "42 states to go!" exclaimed Code.org to its 1+ million Twitter followers as it celebrated victorious efforts to pass legislation making North Carolina the 8th state to pass a high school computer science graduation requirement, bringing the tech-backed nonprofit a step closer to its goal of making CS a requirement for a HS diploma in all 50 states. But as states make good on pledges made to tech CEOs to make their schoolchildren CS savvy, Education Week cautions that K-12 CS has a big certified teacher shortage problem. From the article:When trying to ensure all students get access to the knowledge they need for college and careers, sometimes policy can get ahead of teacher capacity. Computer science is a case in point. As of 2022, every state in the nation has passed at least one law or policy intended to promote K-12 computer science education, and 53 percent of high schools offered basic computer science courses that year, according to the nonprofit advocacy group Code.org." "'There's big money behind making [course offerings] go up higher and faster,' thanks to federal and state grants as well as private foundations, said Paul Bruno, an assistant professor of education policy, organization, and leadership at the University of Illinois Urbana-Champaign. "But then that raises the question, well, who are we getting to teach these courses...?" Bruno's work in states such as California and North Carolina suggests that few of those new computer science classes are staffed with teachers who are certified in that subject."Read more of this story at Slashdot.

Long-time Slashdot reader mejustme writes: The NIST elliptic curves that power much of modern cryptography were generated in the late '90s by hashing seeds provided by the NSA. Rumor has it that they are in turn hashes of English sentences, but the person who picked them, Dr. Jerry Solinas, passed away in early 2023 leaving behind a cryptographic mystery." That's from the blog of Filippo Valsorda, who was in charge of cryptography and security on the Go team at Google until 2022, (and was on the Cryptography team at Cloudflare until 2017). But more importantly, he adds that "I'm announcing a $12,288 bounty for cracking these five hashes, tripled to $36,864 if the recipient chooses to donate it to a 501(c)(3) charity of their choice." There are hints to which phrase was used as the seed. Dr Jerry Solinas thinks he used something similar to "Jerry deserves a raise.Read more of this story at Slashdot.

Bitcoin creator Satoshi Nakamoto may or may not be businessman Craig Wright, who in 2015 founded the blockchain-tech company nChain. But nChain's recently-departed CEO Christen Ager-Hanssen's thinks Wright is not Satoshi - and that's just the beginning. According to Forbes Ager-Hanssen went as far as "to leak emails suggesting former gambling billionaire Calvin Ayre, who has heavily backed the company doesn't believe Wright, nChain's chief scientist, is Satoshi Nakamoto. The alleged email from Ayre begins by citing Wright's "litigation disaster"...'I have been operating under the assumption that you and Ramona have the keys and that you were simply pretending not to have them as part of some strategy that you have trapped yourself in. But now that we are looking at a situation where continuing to deny you have them ruins your life and damages your supporters, I am forced to make a tough decision... There is zero reason to continue to pretend you do not have the keys if you really have them... So either you are a moron for intentionally losing this case, or you are a moron for actually not having the keys... either way, I am not following you over the cliff... But Ager-Hanssen also shared some thoughts of his own:I can confirm I have departed from nChain Global as its Group CEO with immediate effect after reporting several serious issues to the board of nChain Group including what I believe is a conspiracy to defraud nChain shareholders orchestrated by a significant shareholder. I also had concerns about the ultimate beneficiary shareholder and the real people behind DW Discovery fund registered in Cayman. The chairman also took instructions from shadow directors which I didn't accept. I have also reported that I have found compelling evidence that Dr Craig Wright has manipulated documents with the aim to deceive the court he is Satoshi. I'm today myself convinced that Dr Craig Wright is NOT Satoshi and I'm persuaded he will lose all his legal battles. The board didn't take action and my job becomes clearly untenable. One of the things I recommended the Chairman of the board was to sack Dr Craig Wright. I feel sorry for all the great people that work in the company but I don't want to be part of something I clearly don't believe in. #faketoshi Forbes also notes an X (Twitter) account calling itself "Satoshi Nakamoto" with the handle @Satoshi has posted for the first time since 2018 - though X's community notes feature added: "This isn't the real Satoshi Nakamoto, creator of bitcoin. Its an account related to Craig Wright, who claims to be Satoshi with no material proof." Thanks to long-time Slashdot reader UnknowingFool for sharing the news.Read more of this story at Slashdot.

It started when Linux blogger Bryan Lunduke complained about how the Linux Foundation was reducing the six-year long-term support (LTS) window for the Linux kernel to two years. Lunduke argued that the Foundation seemed more interested in funding compliance best practices - as well as artificial intelligence and blockchain projects. In an online discussion, Linux kernel maintainer Greg Kroah-Hartman had this response:Did anyone think to actually ask the developer who is maintaining the long-term support kernel versions why he made that change (back in February?), i.e. me...? No, I guess that would take too much effort, and wouldn't result in such a click-bait headline. "LTS kernels are no longer supported for 6 years because it turns out no one used them." doesn't have that same fun sound...In a second comment Kroah-Hartman also clarified that in fact "The amount of resources and other stuff that the Linux Foundation provides to the Linux kernel community has increased over the years, including last year. " Just because new people are brought in with new projects (that the LF member companies want to host) does not mean that somehow less is being given to the kernel community at all. It is not a zero-sum game here at all, that's not how the LF works in any way. Again, this would have been easy to verify if someone just asked us. So to repeat, no "abandonment" is happening here at all, the opposite is happening, just like it has for the entirety of the Linux Foundation's existence, support has grown every year. Thanks to long-time Slashdot reader whoever57 for sharing the news.Read more of this story at Slashdot.

"Python 3 was by far the choice over Python 2 in a late-2022 survey of more than 23,000 Python developers," reports InfoWorld, "but the percentage of respondents using Python 2 actually ticked up compared to the previous year."Results of the sixth annual Python Developers Survey, conducted by the Python Software Foundation and software tools maker JetBrains, were released September 27. The Python Developers Survey 2022 report indicates that 93% of respondents had adopted Python 3, while only 7% were still using Python 2.In the 2021 survey, though, 95% used Python 3 while 5% used Python 2. In 2020, Python 3 held a 94% to 6% edge. Dating back to 2017, 75% used Python 3 and 25% used Python 2... The 2022 report said 29% of respondents still use Python 2 for data analysis, 24% use Python 2 for computer graphics, and 23% used Python 2 for devops. The survey also found that 45% of respondents are still using Python 3.10, which arrived two years ago, while just 2% still use Python 3.5 or lower. (Python 3.11 was released October 24, 2022, right when the survey was being conducted.) Other findings from the survey:21% said they used Python for work only, while 51% said they used it for work and personal/educational use or side projects, and 21% said they used Python only for personal projects.85% of respondents said Python was their main language (rather than a secondary language).The survey also gives the the top "secondary languages" for the surveyed Python developers as JavaScript (37%), HTML/CSS (37%), SQL (35%), Bash/Shell (32%), and then C/C++ (27%).When asked what they used Python for most, 22% said "Web Development", 18% said "Data Analysis," 12% said "Machine Learning," and 10% said "DevOps/System Administration/Writing Automation Scripts."Read more of this story at Slashdot.

An anonymous reader writes: Amidst a winter marked by scarce gas supplies, the German government has opted to retain its lignite coal power plants on standby for another season. Originally, Germany had planned a phased shutdown of coal plants in exchange for a portion of the government's 40 billion coal phase-out fund. However, last year, disruptions in Russian gas supplies post-Ukraine war prompted an emergency decision to keep coal plants operational. This measure is now extended for the upcoming winter, maintaining 1.9 GWs of lignite capacity alongside the existing 45 GW of coal power plants. The primary purpose of these lignite plants is to alleviate gas demand during peak times and stabilize prices. Despite the economic benefits, the move raises environmental concerns, given lignite's status as a major climate polluter. The government acknowledges this and plans to assess the additional carbon emissions resulting from keeping coal plants on standby, estimated to be between 2.5 and 5.6 tonnes of CO2. The German government emphasized the persistence of the goal to ideally complete the coal phase-out by 2030 and meet climate targets.Read more of this story at Slashdot.

Black Parrot (Slashdot reader #19,622) pointed out a historic anniversary this week: On October 6, 1923, Edwin Hubble got a photo of Andromeda that showed that it contained a variable star, and therefore was an actual galaxy, ending the Great Debate over whether the universe consisted of anything beyond our own galaxy. Unless you're more than 100 years old you grew up with a completely different understanding of the universe than anyone who lived before. Even Einstein did not know about it when he proposed the theory of general relativity. It was later in the decade before Hubble discovered that the universe is expanding. A century later, the European Space Agency was announcing...A very rare, strange burst of extraordinarily bright light in the universe just got even stranger a" thanks to the eagle-eye of the NASA/ESA Hubble Space Telescope. The phenomenon, called a Luminous Fast Blue Optical Transient (LFBOT), flashed onto the scene where it wasna(TM)t expected to be found, far away from any host galaxy. Only Hubble could pinpoint its location. The Hubble results suggest astronomers know even less about these objects than previously thought by ruling out some possible theories. Bill Kendrick (Slashdot reader #19,287) writes: Edwin Hubble's discovery - thanks to a Cepheid Variable star - that the "Andromeda Nebula" was actually an entire galaxy 2.5 million light years away... NASA's Astronomy Photo of the Day for today celebrates this with an image of the original photo plate from October 6, 1923. Notice the "N" (for nova) crossed off, and "VAR!" (for variable) next to the star! The discovery of Cepheids, and the important fact that their brightening and dimming was regular, and could be used to determine a star's intrinsic brightness, was thanks to Henrietta Swan Leavitt about a decade earlier. David Butler's "How Far Away Is It?" series has an excellent episode on Andromeda on YouTube.Read more of this story at Slashdot.

Long-time Slashdot reader alaskana writes: In late 2022 it was revealed that early samples of what was to be the "Pentium 5" processor, codenamed Tejas and Jayhawk were in development and made it as far as being released to board partners for evaluation. A few of these samples made it (of course) onto Ebay and then - not surprisingly - into the hands of a YouTuber. To be fair, tech site Anandtech arguably got the first scoop on this P4 successor way back in 2004, but that story seemingly never gained much traction at that time. They wrote that Intel Prescott CPUs "could hit 5GHz+ but had huge power and temperature numbers, but Tejas was expected to clock higher than Prescott - with Intel chasing the huge 10GHz CPU clocks within 10 years between 2000 and 2011 - but it ended up not happening at all." In what was supposed to be a continuation of the "GHz is king" days of the early aughts, the Pentium 5 was in spirit a continuation of the "faster-is-better" philosophy of the P4 architecture, efficiency be damned. Speeds in excess of 7 GHz(!), and a pipeline upwards of 50 stages were rumored to be targeted by Intel, but reality (and physics) reared their ugly heads as always. WCCF Tech transcribed the remarks of Intel engineer Steve Fischer, who was involved with the project. "The thing had a pipeline depth of around 50 stages and an expected clock target at one point north of 7 GHz. I call the thing "the Death Star of processors" and half-jokingly reasoned that consumer acceptance of liquid-cooled chassis would not be a big deal." Intel kicked off Project Tejas in 2003, expected in 2004 and later pushed into 2005 after issues forced Intel to redesign the chip. Before the company could do that, the Tejas Project was shelved on May 7, 2004. In the end efficiency and parallelization was to be the rule of future CPU development, but the fact that Intel had (at least briefly) had planned on taking the P4 paradigm just a wee bit further with a true Pentium 5 is a fascinating look into the past of a future that never was to be for the venerable Pentium line.Read more of this story at Slashdot.

An anonymous reader sharedthis report from the Associated Press:A man accused of shooting down a law enforcement drone being used at a business near his Florida home could be sentenced to 10 years in federal prison... Lake County sheriff's deputies responded to a burglary at a 10-acre industrial property in July 2021 in Mount Dora, northwest of Orlando, according to a plea agreement. As deputies used a $29,000 drone in the outdoor search, gunfire from a neighboring residential property caused it to crash into a metal roof and catch fire, prosecutors said. Deputies went to the property and found Goney, who said he shot down the drone with a .22-caliber rifle because it had been "harassing" him, investigators said. The man had 29 previous felony convictions - and federal law prohibits most convicted felons from possessing firearms and ammunition...Read more of this story at Slashdot.

An anonymous reader shared this report from Gizmodo:Zoom is setting out to compete with Google and Microsoft by introducing Zoom Docs at its annual Zoomtopia 2023 event on Tuesday. Zoom Docs is the company's own version of an AI-powered workspace that will provide users with AI capabilities to draft, edit, summarize, and include information from meeting discussions. The company said in a press release that its new feature will be integrated into the meetings feature, and says it will make it "easy for teams and individuals to create, collaborate, manage projects, and stay organized." It will also reportedly include the option to include tables, charts, and images in the Zoom Doc function, according to the press release... Zoom's press release calls it "a next-gen way of collaborating, built from the ground up with AI at its core," with "traditional document capabilities, as well as wikis and drag-and-drop content blocks for tables, charts, and images"Zoom Docs users can also leverage its AI-powered functionality to populate docs with content from Zoom Meetings to inform and jumpstart creation, generate content with Zoom AI Companion, summarize content quickly, easily search documents, and more. Zoom Docs is scheduled to be generally available in 2024. Gizmodo notes that in March Microsoft added ChatGPT to its Suite 365 business software, and Google announced it was adding generative AI to Google Docs and Google Excel.Read more of this story at Slashdot.

Since 2004 October has been designated "Cybersecurity Awareness Month" in America, "a collaborative effort between government and industry to enhance cybersecurity awareness, encourage actions by the public to reduce online risk and generate discussion on cyber threats on a national and global scale." That's according to America's Cybersecurity and Infrastructure Security Agency (or CISA), the operational lead for federal cybersecurity and national coordinator for critical infrastructure security and resilience (specifically designed for collaboration and partnership). It's why the NSA is publicizing the ten most common cybersecurity misconfigurations in large organizations. But in addition, for consumers CISA is introducing a new program this year that "promotes behavioral change across the Nation, with a particular focus on how individuals, families and small to medium-sized businesses can Secure Our World by focusing on the four critical actions..." In a video the director of America's cyberdefense agency calls them steps "that everyone can take to stay safe online."Use Strong Passwords, "meaning long, random, and unique to each account. And use a password manager to generate and to save them."Turn on Multi-Factor Authentication on All Accounts That Offer It. "You need more than a password on your most important accounts, like email, social media, and financial accounts."Recognize and Report Phishing. "Be cautious of unsolicited emails, texts, or calls asking you for personal information, and don't click on links or open attachments from unknown sources. Update Your Software. "In fact, enable automatic updates on your software, so the latest security patches just keep your devices continuously up-to-date."The video ends by noting CISA is asking tech companies and software developers to create products that are "secure by design." "And let's secure our families by ensuring that our loved ones know what to look for and how to stay safe online."Read more of this story at Slashdot.

Slashdot reader TranquilVoid writes: To better understand the battles between native and invasive ants, scientists at Australia's national science agency have turned to Microsoft's classic computer game to model ant warfare. Across Australia, 50 different species of invasive ants have established themselves, including electric ants, fire ants and yellow crazy ants, with hundreds of millions of dollars spent attempting to eradicate them. "Ants are one of the few groups of animal species in which warfare resembles human warfare, in terms of scale and mortality," researcher Samuel Lymbery said. The research found small armies of strong soldiers did better in complex terrain-based battlefields and large armies of weaker soldiers fared better in simple open battlefields. In the ant world, a simple battlefield would be a footpath or park while a complex battlefield would be bushland with undergrowth and woody debris. Dr Lymbery said his work could help develop new approaches to habitat management, like adding undergrowth or more environmental complexity back into urbanised environments, to tip the competitive balance back in favour of native ants.Read more of this story at Slashdot.

An announcement from MIT News:One promising approach to treating Type 1 diabetes is implanting pancreatic islet cells that can produce insulin when needed, which can free patients from giving themselves frequent insulin injections. However, one major obstacle to this approach is that once the cells are implanted, they eventually run out of oxygen and stop producing insulin. To overcome that hurdle, MIT engineers have designed a new implantable device that not only carries hundreds of thousands of insulin-producing islet cells, but also has its own on-board oxygen factory, which generates oxygen by splitting water vapor found in the body. The researchers showed that when implanted into diabetic mice, this device could keep the mice's blood glucose levels stable for at least a month. The researchers now hope to create a larger version of the device, about the size of a stick of chewing gum, that could eventually be tested in people with Type 1 diabetes. "You can think of this as a living medical device that is made from human cells that secrete insulin, along with an electronic life support-system," says Daniel Anderson, a professor in MIT's Department of Chemical Engineering, a member of MIT's Koch Institute for Integrative Cancer Research and Institute for Medical Engineering and Science, and the senior author of the study. While the researchers' main focus is on diabetes treatment, they say that this kind of device could also be adapted to treat other diseases that require repeated delivery of therapeutic proteins. Thanks to Slashdot reader schwit1 for sharing the news.Read more of this story at Slashdot.

An anonymous reader shared this report from Reuters:In a new front in the U.S.-China tech war, President Joe Biden's administration is facing pressure from some lawmakers to restrict American companies from working on a freely available chip technology widely used in China - a move that could upend how the global technology industry collaborates across borders... RISC-V can be used as a key ingredient for anything from a smartphone chip to advanced processors for artificial intelligence... The lawmakers expressed concerns that Beijing is exploiting a culture of open collaboration among American companies to advance its own semiconductor industry, which could erode the current U.S. lead in the chip field and help China modernize its military. Their comments represent the first major effort to put constraints on work by U.S. companies on RISC-V... Executives from China's Huawei Technologies have embraced RISC-V as a pillar of that nation's progress in developing its own chips. But the United States and its allies also have jumped on the technology, with chip giant Qualcomm working with a group of European automotive firms on RISC-V chips and Alphabet's Google saying it will make Android, the world's most popular mobile operating system, work on RISC-V chips... Jack Kang, vice president of business development at SiFive, a Santa Clara, California-based startup using RISC-V, said potential U.S. government restrictions on American companies regarding RISC-V would be a "tremendous tragedy." "It would be like banning us from working on the internet," Kang said. "It would be a huge mistake in terms of technology, leadership, innovation and companies and jobs that are being created." One U.S. Representative said the Chinese Communist Party was "abusing RISC-V to get around U.S. dominance of the intellectual property needed to design chips. "U.S. persons should not be supporting a PRC tech transfer strategy that serves to degrade U.S. export control laws."Read more of this story at Slashdot.

In downtown San Francisco two vehicles were stopped at a red light on Monday night, reports the Washington Post - a regular car and a Cruise robotaxi.Both vehicles advanced when the light turned green, according to witness accounts and video recorded by the Cruise vehicle's internal cameras and reviewed by The Post. As the cars moved forward, the pedestrian entered the traffic lanes in front of them, according to the video, and was struck by the regular car. The video shows the victim rolling onto that vehicle's windshield and then being flung into the path of the driverless car, which stopped once it collided with the woman. According to Cruise spokesperson Hannah Lindow, the autonomous vehicle "braked aggressively to minimize the impact" but was unable to stop before rolling over the woman and coming to a halt. Photos published by the San Francisco Chronicle show the woman's leg sticking out from underneath the car's left rear wheel. "According to Cruise, police had directed the company to keep the vehicle stationary, apparently with the pedestrian stuck beneath it," reports the San Francisco Chronicle. Also from the San Francisco Chronicle:Austin Tutone, a bicycle delivery person, saw the woman trapped underneath the Cruise car and tried to reassure her as they waited for first-responders. "I told her, 'The ambulance is coming' and that she'd be okay. She was just screaming." He shared a photo of the aftermath with The Chronicle that appears to show the car tire on the woman's leg. San Francisco firefighters arrived and used the jaws of life to lift the car off the woman. She was transported to San Francisco General Hospital with "multiple traumatic injuries," said SFFD Capt. Justin Schorr. The victim was in critical condition as of late Tuesday afternoon, according to the hospital. It appears that once the Cruise car sensed something underneath its rear axle, it came to a halt and turned on its hazard lights, Schorr said. Firefighters obstructed the sensors of the driverless car to alert the Cruise control center. He said representatives from Cruise responded to firefighters and "immediately disabled the car remotely."More from the San Francisco Chronicle:"When it comes to someone pinned beneath a vehicle, the most effective way to unpin them is to lift the vehicle," Sgt. Kathryn Winters, a spokesperson for the department, said in an interview. Were a driver to move a vehicle with a person lying there, "you run the risk of causing more injury." Once the person is freed, the car must stay in place as police gather evidence including "the location of the vehicle and/or vehicles before, during and after the collision," said Officer Eve Laokwansathitaya, another spokesperson. The human driver who struck the pedestrian immediately fled the scene, and has not yet been identified.Read more of this story at Slashdot.

An anonymous reader quotes a report from SecurityWeek: Tens of thousands of Android devices have been shipped to end-users with backdoored firmware, according to a warning from cybersecurity vendor Human Security. As part of the global cybercriminal operation called BadBox (PDF), Human Security found a threat actor relied on supply chain compromise to infect the firmware of more than 70,000 Android smartphones, CTV boxes, and tablet devices with the Triada malware. The infected devices come from at least one Chinese manufacturer but, before they are delivered to resellers, physical retail stores, and e-commerce warehouses, a backdoor was injected into their firmware. "Products known to contain the backdoor have been found on public school networks throughout the United States," Human says. Discovered in 2016, Triada is a modular trojan residing in a device's RAM, relying on the Zygote process to hook all applications on Android, actively using root privileges to substitute system files. Over time, the malware went through various iterations and was found pre-installed on low-cost Android devices on at least two occasions. As part of the BadBox operation that Human Security discovered, the infected low-cost Android devices allow threat actors to carry out various ad-fraud schemes, including one named PeachPit, which at its peak relied on 121,000 Android and 159,000 iOS devices infected with malware, and on 39 Android, iOS, and CTV-centric apps designed to connect to a fake supply-side platform (SSP). One of the modules delivered to the infected devices from the command-and-control (C&C) server allows the creation of WebViews that are fully hidden from the user, but which "are used to request, render, and click on ads, spoofing the ad requests to look like they're coming from certain apps, referred by certain websites, and rendered" on specific devices. BadBox, Human Security notes, also includes a residential proxy module that allows the threat actors to sell access to the victim's network. Furthermore, they can create WhatsApp messaging accounts and Gmail accounts they can then use for other malicious activities. "Finally, because of the backdoor's connection to C2 servers on BadBox-infected smartphones, tablets, and CTV boxes, new apps or code can be remotely installed by the threat actors without the device owner's permission. The threat actors behind BadBox could develop entirely new schemes and deploy them on BadBox-infected devices without any interaction from the devices' owners," Human notes.Read more of this story at Slashdot.

Scientists using the H.E.S.S. observatory in Namibia have detected the highest energy gamma rays ever from a dead star called a pulsar. Phys.Org reports: The energy of these gamma rays clocked in at 20 tera-electronvolts, or about 10 trillion times the energy of visible light. This observation is hard to reconcile with the theory of the production of such pulsed gamma rays, as the international team reports in the journal Nature Astronomy. [...] The Vela pulsar, located in the Southern sky in the constellation Vela (sail of the ship), is the brightest pulsar in the radio band of the electromagnetic spectrum and the brightest persistent source of cosmic gamma rays in the giga-electronvolts (GeV) range. It rotates about eleven times per second. However, above a few GeV, its radiation ends abruptly, presumably because the electrons reach the end of the pulsar's magnetosphere and escape from it. But this is not the end of the story: using deep observations with H.E.S.S., a new radiation component at even higher energies has now been discovered, with energies of up to tens of tera-electronvolts (TeV). "That is about 200 times more energetic than all radiation ever detected before from this object," says co-author Christo Venter from the North-West University in South Africa. This very high-energy component appears at the same phase intervals as the one observed in the GeV range. However, to attain these energies, the electrons might have to travel even farther than the magnetosphere, yet the rotational emission pattern needs to remain intact. "This result challenges our previous knowledge of pulsars and requires a rethinking of how these natural accelerators work," says Arache Djannati-Atai from the Astroparticle & Cosmology (APC) laboratory in France, who led the research. "The traditional scheme according to which particles are accelerated along magnetic field lines within or slightly outside the magnetosphere cannot sufficiently explain our observations. Perhaps we are witnessing the acceleration of particles through the so-called magnetic reconnection process beyond the light cylinder, which still somehow preserves the rotational pattern? But even this scenario faces difficulties to explain how such extreme radiation is produced." Whatever the explanation, next to its other superlatives, the Vela pulsar now officially holds the record as the pulsar with the highest-energy gamma rays discovered to date. "This discovery opens a new observation window for detection of other pulsars in the tens of teraelectronvolt range with current and upcoming more sensitive gamma-ray telescopes, hence paving the way for a better understanding of the extreme acceleration processes in highly magnetized astrophysical objects," says Djannati-Atai.Read more of this story at Slashdot.

According to the European Space Agency (ESA), the ozone hole above Antarctica reached approximately 10 million square miles in area on Sept. 16, 2023 -- making it one of the largest seasonal holes ever observed. Space.com reports: One possible reason for the higher-than-normal growth is the Hunga Tonga volcanic eruption in January 2022, which introduced massive quantities of water vapor into the air. "The water vapor could have led to the heightened formation of polar stratospheric clouds, where chlorofluorocarbons (CFCs) can react and accelerate ozone depletion," said Inness. Yet despite experiencing large seasonal growth this year, the ozone hole is still decreasing in size overall. "Based on the Montreal Protocol and the decrease of anthropogenic ozone-depleting substances, scientists currently predict that the global ozone layer will reach its normal state again by around 2050," said Claus Zehner, ESA's mission manager for Copernicus Sentinel-5P.Read more of this story at Slashdot.

An anonymous reader quotes a report from The Conversation: Recently, several mammals have been reported to "glow" under ultraviolet (UV) light, including our beloved platypus. But no one knew how common it was among mammals until now. Our research, published in Royal Society Open Science today, found this glow -- known as fluorescence -- is extremely common. Almost every mammal we studied showed some form of fluorescence. [...] We started with the platypus to see if we could replicate the previously reported fluorescence. We photographed preserved and frozen platypus specimens under UV light and observed a fluorescent (although rather faint) glow. [...] We repeated this process for other mammals and found clear evidence of fluorescence in the white fur, spines and even skin and nails of koalas, Tasmanian devils, short-beaked echidnas, southern hairy-nosed wombats, quendas (bandicoots), greater bilbies and even cats. Both fresh-frozen and chemically treated museum specimens were fluorescent. This meant it wasn't preservation chemicals such as borax or arsenic causing the fluorescence. So, we concluded this was a real biological phenomenon. Using specimens from the Western Australian Museum's collection, we took the experiment to the next stage. We recorded every species of mammal that was fluorescent when we exposed the specimens to UV light. As a result, we found 125 fluorescent species of mammal, representing all known orders. Fluorescence is clearly common and widely distributed among mammals. In particular, we noticed that white and light-colored fur is fluorescent, with dark pigmentation preventing fluorescence. For example, a zebra's white stripes fluoresced while the dark stripes didn't. We then used our dataset to test if fluorescence might be more common in nocturnal species. To do this, we correlated the total area of fluorescence with ecological traits such as nocturnality, diet and locomotion. Nocturnal mammals were indeed more fluorescent, while aquatic species were less fluorescent than those that burrowed, lived in trees, or on land. Based on our results, we think fluorescence is very common in mammals. In fact, it is likely the default status of hair unless it is heavily pigmented. This doesn't mean fluorescence has a biological function -- it may just be an artifact of the structural properties of unpigmented hair. However, we suggest florescence may be important for brightening pale-colored parts of animals that are used as visual signals. This could improve their visibility, especially in poor light -- just like the fluorescent optical brighteners that are added to white paper and clothing.Read more of this story at Slashdot.

Tom Perkins writes via The Guardian: Almost half of a federal government panel that helps develop US nutritional guidelines has significant ties to big agriculture, ultra-processed food companies, pharmaceutical companies and other corporate organizations with a significant stake in the process's outcome. The revelation is part of a new report from US Right to Know, a government transparency group that looked for ties to corporate interests among the 20-member panel of food and nutrition experts that makes recommendations for updating the US government's official dietary guidelines. It found nine members had ties to Nestle, Pfizer, Coca-Cola, the National Egg Board and other prominent food lobby groups, among others. The findings raise questions about whether the panel is looking out for Americans' health or corporate profits, and "erodes confidence in dietary guidelines," said Gary Ruskin of US Right to Know. "Millions of Americans' lives are affected by this report and it's crucial that the report tell the truth to American people and it's not degraded into another sales pitch for big food and big pharma," he said. [...] "The guidelines affect the entire US food system quite strongly," Ruskin said. US Right to Know scoured public records dating back five years for conflicts of interest among the 20 panel members. In addition to the nine it found with "high-risk conflicts of interest" and connections to the food and drug industry, it found four more members who have possible conflicts of interest. It applauded the agencies for appointing seven members who did not appear to have any conflicts. At least four panelists have connections to at least two companies each among Abbott, Novo Nordisk, the National Dairy Council, Eli Lilly and Weight Watchers International. One panel member has received about $240,000 in grant funding from Eli Lilly.Read more of this story at Slashdot.

Simon Sharwood writes via The Register: The Chinese manufacturer that took over IBM's PC business announced on Thursday that it's teamed with an outfit named Esper that specializes in custom cuts of Android, plus device management offerings. Android is most commonly used in handheld devices. Lenovo's taking it in an entirely different direction by making the ThinkCentre M70a: a desktop all-in-one. The first fruit of the collaboration with Esper, the ThinkCentre M70a boasts a 21 -- inch touch screen and offers a choice of 12th-gen Intel core CPUs from the Core i3 to the almost workstation-grade Core i9, at prices from $889 to beyond $1250. What could you do with Android on a Corei9, plus the maximum 16GB DDR4 3200MHz and 512GB PCIe SSD Lenovo's machines allow? Almost anything -- but Lenovo thinks its Android effort will first be appreciated by customers in the retail, hospitality, and healthcare industries. Esper pitches its wares as ideal for point-of-sale systems, kiosks, and digital signage -- environments where users don't need to access diverse apps but do need a machine that reliably boots into custom environments. Lenovo's not just doing desktop PCs. The number one PC maker by market share has promised it will also ship Esper's wares on the small form factor ThinkCentre M70q -- a machine designed to be bolted to the back of monitors. The ThinkEdge SE30 -- a ruggedized and fanless edge client -- will also have an Android option. So will the ThinkCentre M90n-1 IoT [PDF] -- another rugged client for edge applications.Read more of this story at Slashdot.

Jonathan Greig writes via The Record: Genetic testing giant 23andMe confirmed that a data scraping incident resulted in hackers gaining access to sensitive user information and selling it on the dark web. The information of nearly 7 million 23andMe users was offered for sale on a cybercriminal forum this week. The information included origin estimation, phenotype, health information, photos, identification data and more. 23andMe processes saliva samples submitted by customers to determine their ancestry. When asked about the post, the company initially denied that the information was legitimate, calling it a "misleading claim" in a statement to Recorded Future News. The company later said it was aware that certain 23andMe customer profile information was compiled through unauthorized access to individual accounts that were signed up for the DNA Relative feature -- which allows users to opt in for the company to show them potential matches for relatives. [...] When pressed on how compromising a handful of user accounts would give someone access to millions of users, the spokesperson said the company does not believe the threat actor had access to all of the accounts but rather gained unauthorized entry to a much smaller number of 23andMe accounts and scraped data from their DNA Relative matches. A researcher approached Recorded Future News after examining the leaked database and found that much of it looked real. [...] The researcher downloaded two files from the BreachForums post and found that one had information on 1 million 23andMe users of Ashkenazi heritage. The other file included data on more than 300,000 users of Chinese heritage. The data included profile and account ID numbers, names, gender, birth year, maternal and paternal genetic markers, ancestral heritage results, and data on whether or not each user has opted into 23andme's health data. The researcher added that he discovered another issue where someone could enter a 23andme profile ID, like the ones included in the leaked data set, into their URL and see someone's profile. The data available through this only includes profile photos, names, birth years and location but does not include test results.Read more of this story at Slashdot.

An anonymous reader quotes a report from Motherboard: A man who admitted attempting to assassinate Queen Elizabeth II with a crossbow after discussing his plan with an AI-powered chatbot has been sentenced to 9 years in prison for treason. It's the UK's first treason conviction in more than 40 years. Jaswant Singh Chail, who was 19 at the time of his arrest on Christmas Day, 2021, scaled the walls of Windsor Castle's grounds with a mask and a loaded high-power crossbow. He said his intent was, as a British Sikh, to assassinate the Queen in a Star Wars-inspired plan to avenge the 1919 Jallianwalla Bagh massacre, a colonial-era atrocity during British rule in India. Prosecutors said that Chail was encouraged to undertake this plot after discussing it at length with an AI-powered chatbot that egged him on and bolstered his resolve. [...] Chail is currently being held at Broadmoor high-security hospital and will remain there until he is psychologically well enough to serve his sentence.Read more of this story at Slashdot.

Kylie Robison writes via Fortune: Beginning on Monday, Slack employees will be expected to set aside their regular work duties and to instead plug away at various modules on Salesforce's Trailhead online learning platform, Fortune has learned. The goal is for Slack's employees to reach Trailhead's Ranger level, a feat that requires roughly 40 hours on the learning platform, whose modules include topics like "Learn about the Fourth Industrial Revolution" and "Healthy Eating." A large percent of Slack's roughly 3,000 staff have neglected to hit the target, according to sources inside the company. And since Salesforce provides Trailhead to other businesses as a way to "upskill" employees, some speculate that the slackers at Slack make for bad optics. In a message to employees in mid-September, Slack CEO Lidiane Jones wrote that the one week shutdown, dubbed "Ranger Week," is intended to give everyone "dedicated time to make a lot of progress towards the goal." Jones wrote in her message that the product development engineering (PDE), customer experience (CE), Biz Ops, and communication departments are expected to participate in Ranger Week. "It's important that we all reach Ranger status this year, and I want to ensure that everyone has focus time to upskill on Trailhead," Jones wrote in the message to staff. "I know this will disrupt and slow V2MOM progress for many of us -- we are making this a priority now so we can quickly get back to work on our roadmaps," she said, referring to the company's annual forward-looking strategy planning document which stands for vision, values, methods, obstacles, and measures. [...] "We really are canceling all meetings next week to facilitate this heads-down time, even 1:1s," Slack's chief of staff to the CTO wrote to employees on Wednesday. "We don't know yet what will happen to people who haven't hit Ranger by Jan. 31. At a minimum, it will make Slack look bad compared to the other clouds. Please do use the time next week to make as much progress as you can!" [...] Still, the work stoppage is somewhat porous. Slack's CTO noted that "deploys, on-call rotations, and interviews" will still happen as normal, and while no executive has used the word "mandatory," it's considered strongly encouraged. According to Insider, some workers at Slack are "gaming" the platform to speed through the sessions.Read more of this story at Slashdot.

The National Security Agency (NSA), in partnership with the Cybersecurity and Infrastructure Security Agency (CISA), have highlighted the ten most common cybersecurity misconfigurations in large organizations. In their join cybersecurity advisory (CSA), they also detail the tactics, techniques, and procedures (TTPs) actors use to exploit these misconfigurations. From the report: Through NSA and CISA Red and Blue team assessments, as well as through the activities of NSA and CISA Hunt and Incident Response teams, the agencies identified the following 10 most common network misconfigurations: 1. Default configurations of software and applications2. Improper separation of user/administrator privilege3. Insufficient internal network monitoring4. Lack of network segmentation5. Poor patch management6. Bypass of system access controls7. Weak or misconfigured multifactor authentication (MFA) methods8. Insufficient access control lists (ACLs) on network shares and services9. Poor credential hygiene10. Unrestricted code execution NSA and CISA encourage network defenders to implement the recommendations found within the Mitigations section of this advisory -- including the following -- to reduce the risk of malicious actors exploiting the identified misconfigurations: Remove default credentials and harden configurations; Disable unused services and implement access controls; Update regularly and automate patching, prioritizing patching of known exploited vulnerabilities; and Reduce, restrict, audit, and monitor administrative accounts and privileges. NSA and CISA urge software manufacturers to take ownership of improving security outcomes of their customers by embracing secure-by-design and-default tactics, including: Embedding security controls into product architecture from the start of development and throughout the entire software development lifecycle (SDLC); Eliminating default passwords; Providing high-quality audit logs to customers at no extra charge; and Mandating MFA, ideally phishing-resistant, for privileged users and making MFA a default rather than opt-in feature. A PDF version of the report can be downloaded here (PDF).Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: Getty Images CEO Craig Peters told the Verge that he has found a solution to one of AI's biggest copyright problems: creators suing because AI models were trained on their original works without consent or compensation. To prove it's possible for AI makers to respect artists' copyrights, Getty built an AI tool using only licensed data that's designed to reward creators more and more as the tool becomes more popular over time. "I think a world that doesn't reward investment in intellectual property is a pretty sad world," Peters told The Verge. The conversation happened at Vox Media's Code Conference 2023, with Peters explaining why Getty Images -- which manages "the world's largest privately held visual archive" -- has a unique perspective on this divisive issue. In February, Getty Images sued Stability AI over copyright concerns regarding the AI company's image generator, Stable Diffusion. Getty alleged that Stable Diffusion was trained on 12 million Getty images and even imitated Getty's watermark -- controversially seeming to add a layer of Getty's authenticity to fake AI images. Now, Getty has rolled out its own AI image generator that has been trained in ways that are unlike most of the popular image generators out there. Peters told The Verge that because of Getty's ongoing mission to capture the world's most iconic images, "Generative AI by Getty Images" was intentionally designed to avoid major copyright concerns swirling around AI images -- and compensate Getty creators fairly. Rather than crawling the web for data to feed its AI model, Getty's tool is trained exclusively on images that Getty owns the rights to, Peters said. The tool was created out of rising demand from Getty Images customers who want access to AI generators that don't carry copyright risks. [...] With that as the goal, Peters told Code Conference attendees that the tool is "entirely commercially safe" and "cannot produce third-party intellectual property" or deepfakes because the AI model would have no references from which to produce such risky content. Getty's AI tool "doesn't know what the Pope is," Peters told The Verge. "It doesn't know what [Balenciaga] is, and it can't produce a merging of the two." Peters also said that if there are any lawsuits over AI images generated by Getty, then Getty will cover any legal costs for customers. "We actually put our indemnification around that so that if there are any issues, which we're confident there won't be, we'll stand behind that," Peters said. When asked how Getty creators will be paid for AI training data, Peters said that there currently isn't a tool for Getty to assess which artist deserves credit every time an AI image is generated. "Instead, Getty will rely on a fixed model that Peters said determines 'what proportion of the training set does your content represent? And then, how has that content performed in our licensing world over time? It's kind of a proxy for quality and quantity. So, it's kind of a blend of the two,'" reports Ars. "Importantly, Peters suggested that Getty isn't married to using this rewards system and would adapt its methods for rewarding creators by continually monitoring how customers are using the AI tool."Read more of this story at Slashdot.

Atari just announced preorders for a physical cartridge for the company's once-ubiquitous 2600 console. From a report: A gaming console that counts 1982 as its most successful year is releasing another new cartridge in the year 2023. The game-in-question is called Save Mary and was actually developed during the console's golden years, before being shelved when the 2600 went the way of the dodo. Save Mary was in development for two whole years, which is a lifetime in the generation of gaming that preceded the NES. The normal timeframe to produce a game back then was six to nine months, with some notorious titles taking just five or six weeks. Save Mary was originally developed by veteran Atari staffer Tod Frye, the guy behind the 2600 version of Pac-Man and the Swordquest series.Read more of this story at Slashdot.

Lawmakers in the United States last year passed bipartisan legislation intended to maintain US competitiveness with countries such as China by boosting funding for science and innovation. But concerns are mounting that the US Congress will fail to deliver on its promises. From a report: The money allotted to a handful of major US science agencies that had been targeted for a budget boost is likely to fall short of the legislation's goals by more than US$7 billion in 2024, according to a report. And overall funding for those agencies will continue to hover at a 25-year low. "We're leaving scientific opportunities on the table," says Matt Hourihan, who led the analysis for the Federation of American Scientists, an advocacy group based in Washington DC. "If we drop this ball, others will be happy to pick it up." It was precisely this fear that drove members of Congress to come together to pass the CHIPS and Science Act of 2022. The legislation promised one of the largest increases in US science funding in a long time, totalling some $280 billion over five years. Much of the spending mandated by the bill was focused on semiconductor research and manufacturing -- areas in which other countries, particularly China, have dominated. Lawmakers also authorized investments in other science and innovation programmes, but these were not mandated, and need to be approved by Congress during an appropriations process each year. That process has become increasingly contentious as political polarization in the United States has risen over the past few decades. Disputes about overall spending levels and funding for various social programmes have led to repeated delays in crafting the annual budget, at times forcing the government to shut down. This year is a prime example: Republicans, who control the US House of Representatives, blocked legislation that would have allowed the government to increase the federal debt limit and pay its bills, until they were able to secure an agreement with the Democrats in May to limit spending. And last month, a handful of extreme right-wing Republicans sought to close the government down as they pushed for further spending cuts.Read more of this story at Slashdot.

Amazon has launched its first two satellites for its Project Kuiper, the tech giant's initiative to build a massive constellation of satellites that can provide internet coverage to Earth. From a report: An Atlas V rocket, operated by United Launch Alliance, lofted the pair of satellites en route to orbit from Florida at 2:06 p.m. local time Friday. The mission is still ongoing, and it's unclear when the satellites will be deployed from the rocket. Project Kuiper's goal is to eventually put 3,326 satellites into low Earth orbit, where they will beam broadband internet service to the ground below, similar to Elon Musk's SpaceX Starlink. The two launched Friday, KuiperSat-1 and KuiperSat-2, are test satellites that will allow Amazon to demonstrate the ability to send and receive broadband signals. This mission has been long delayed. Amazon originally hoped to launch these satellites a year ago on a different, experimental rocket. However, the company wound up switching the launch vehicle for these satellites multiple times, eventually landing on ULA's workhorse Atlas V rocket, in order to get the satellites into space more quickly.Read more of this story at Slashdot.

PayPal has been hit with a class action lawsuit by consumers represented by law firm Hagens Berman alleging that the fintech giant's anti-steering rules stifle competition against lower-cost payment platforms such as Stripe and Shopify. From a report: Specifically, according to an investigation conducted by the firm's consumer rights attorneys, PayPal has subjected consumers to excess charges when purchasing from online merchants that accept PayPal or Venmo. The suit states that PayPal's merchant agreements, which all merchants must sign to accept payments via its platform, leads to consumers paying more to make purchases. The attorneys charge that "if PayPal's agreements were transparent, consumers would quickly see a price difference between PayPal and Venmo and its competitors." Specifically, per PayPal's anti-steering rules, if a retailer accepts PayPal or Venmo payments, they agree not to offer any discounts or inducements to persuade consumers to use other payment options that have a lower cost. These discounts are treated as a "surcharge" on PayPal transactions and prohibited by PayPal's anti-steering rules. Merchants also cannot tell customers that other payment methods are more cost-effective or preferred, according to the complaint, which was filed in the U.S. District Court for the Northern District of California. Merchants are also not allowed to present other forms of payment earlier in the checkout process.Read more of this story at Slashdot.

Microsoft has launched a new web version of its app store for Windows. From a report: It's designed as a replacement for the existing way to find Windows apps on the web, with links from the site opening in the Microsoft Store client on Windows 10 or Windows 11. The software giant has ditched its old React codebase from its previous web version of the Microsoft Store and replaced it with a modern web version that uses Shoelace, Lit, Vite, and a C# ASPNET backend. "The old site was a React codebase built on an obsoleted UI framework," explains Microsoft engineer Judah Gabriel in a post on X (formerly Twitter). "We created a fresh user experience with a thoughtfully designed interface, easier ways to discover new apps, modern web tech stack. I hope folks will find it useful."Read more of this story at Slashdot.

Climate activists are calling out Shell for partnering with popular video gamers and online youth influencers to promote fossil fuels to a younger generation. From a report: The oil giant, which in July reported quarterly profits of more than $5bn, worked with Fortnite creators and paid popular gamers on multiple platforms to showcase its "ultimate road trips" promotion, part of a marketing campaign for a new gasoline it calls V-Power Nitro+. According to the group Media Matters for America, the company is targeting young players on Twitch, TikTok, Instagram and YouTube, encouraging them to fill up virtual vehicles at interactive Shell gas stations and post screenshots of the game with a #Shellroadtrips hashtag. Research by the non-profit group revealed Shell sponsored livestreams of gameplay on Twitch by at least six streamers with a combined 5.5m followers. It also identified three more content creators on other platforms who were paid to promote the campaign in their videos. Those influencers, Media Matters said, have a combined 1.5 million Instagram followers, 8.5 million on TikTok and 11.6 million on YouTube.Read more of this story at Slashdot.

The Treasury Department released new guidance Friday outlining how car dealers can give customers instant access to the electric vehicle rebate starting in January 2024. It's the latest move by the Biden administration to bring down the cost of EVs in the hopes that more people will buy them. From a report: The new guidance lays out how dealers can effectively reduce the price of an EV by as much as $7,500 at the point of purchase rather than the customer having to wait until they file their taxes to claim the credit. The administration hopes that by applying the credit immediately, more people will be convinced to consider an EV for their next purchase, which will help toward achieving the goal of making EVs 50 percent of new car sales by 2030.Read more of this story at Slashdot.

South Korea's telecommunications regulator said on Friday that Alphabet's Google and Apple have abused their dominant app market position and warned of possible fines totalling up to $50.5 million. From a report: The Korea Communications Commission (KCC) said in a statement that the two tech giants forced app developers into specific payment methods and caused unfair delay in app review. The KCC is notifying the companies for corrective action, and will deliberate on the fines, the statement said. "What KCC has shared today is the pre-notice and we will carefully review and submit our response. Once the final written decision is shared with us we will carefully review to evaluate the next course of action," Google said in a statement to Reuters. Apple also issued a statement, saying: "We disagree with the conclusions made by the KCC in their Examiner's Report, and believe the changes we have implemented to the App Store comply with the Telecommunications Business Act. As we have always done, we will continue to engage with the KCC to share our views."Read more of this story at Slashdot.

Google Japan's latest DIY project is for people who can't get keyboards off their heads. From a report: Google isn't making this product. Instead, the Gboard CAPS project is another of Google Japan's joke keyboard ideas, like the 5.25-foot-long, single-row Gboard Stick Version keyboard shown off last year, used to promote Google's Gboard app. However, Google Japan seemingly prototyped the keyboard in real life. Everything you need to make this typing topper, including the firmware and hardware, is open source and available on GitHub. How do you type with the hat? It has a 6-axis sensor that reads its position. Turn the hat to select a character and press its top to enter. It pairs via Bluetooth, runs on a 3.7V, 120mAh battery, and charges via USB-C.Read more of this story at Slashdot.

OpenAI, the company behind ChatGPT, is exploring making its own AI chips and has gone as far as evaluating a potential acquisition target, Reuters reported Friday, citing people familiar with the company's plans. From the report: The company has not yet decided to move ahead, according to recent internal discussions described to Reuters. However, since at least last year it discussed various options to solve the shortage of expensive AI chips that OpenAI relies on, according to people familiar with the matter. These options have included building its own AI chip, working more closely with other chipmakers including Nvidia and also diversifying its suppliers beyond Nvidia. CEO Sam Altman has made the acquisition of more AI chips a top priority for the company. He has publicly complained about the scarcity of graphics processing units, a market dominated by Nvidia, which controls more than 80% of the global market for the chips best suited to run AI applications. The effort to get more chips is tied to two major concerns Altman has identified: a shortage of the advanced processors that power OpenAI's software and the "eye-watering" costs associated with running the hardware necessary to power its efforts and products.Read more of this story at Slashdot.

The Biden administration has urged the FCC to adopt strong rules to redress historic shortfalls that have left some communities lacking adequate broadband service. From a report: The position sets up a possible clash with large broadband providers that have warned the FCC, which is set to produce rules by next month, against unnecessary regulations. Clear rules are needed to close the digital divide that leaves millions without adequate broadband, the National Telecommunications and Information Administration said in a statement. The Commerce Department unit advises the president and develops internet policy. "Strong rules are needed to remedy unequal access to internet service, no matter what the cause may be," said Alan Davidson, the assistant secretary of commerce for communications and information, who is also the NTIA's top official. "Rules that combat digital discrimination will bring lasting relief to vulnerable communities that historically have been left behind online." The FCC is considering regulations to prevent and eliminate digital discrimination of access based on income level, race and other factors, according to Chairwoman Jessica Rosenworcel. Broadband advocates have told the agency they want deep changes that will steer spending into cities. Some urban neighborhoods have suffered from disinvestment dating back to redlining decades ago, when government-aided discriminatory lending patterns starved neighborhoods of housing resources. Many of those areas still aren't prosperous, and haven't seen network upgrades.Read more of this story at Slashdot.

An anonymous reader quotes a report from Reuters: MGM Resorts International said on Thursday a cyberattack last month that disrupted its operations would cause a $100 million hit to its third-quarter results, as it works to restore its systems. One of the world's largest gambling firms, MGM shut down its systems after detecting the attack to contain damage, it said. It expects to also incur less than $10 million as a related one-time cost in the quarter ended on Sept. 30. After the attack last month, customers posted social media images showing slot machines with error messages and queues at hotels in Las Vegas. A hacking group named AlphV claimed it was involved in the breach. Sources earlier told Reuters AlphV worked with another outfit named Scattered Spider to break into MGM systems and steal data to hold for extortion. MGM has declined to comment on whether it was asked for or paid any ransom. The private data of customers who used MGM services before March 2019, including contact information, gender, date of birth and driver's license numbers, was breached, the company said. "We also believe a more limited number of Social Security numbers and passport numbers were obtained," it said. "We have no evidence that the criminal actors have used this data to commit identity theft or account fraud." [...] The company expects the breach will have a negative impact of about $100 million to its adjusted property core profit for its Las Vegas Strip division, and expects total occupancy of 93% this October versus 94% in the same month a year ago. "Virtually all of the Company's guest-facing systems have been restored," it said, adding that it expects no impact on its full-year results from the breach. MGM said it is "well-positioned" to have a strong fourth quarter with record results in November, driven mainly by a Formula One racing event slated to take place in Las Vegas.Read more of this story at Slashdot.

Andrew Cunningham writes via Ars Technica: If you or your employer uses Microsoft Teams for communication, good news: Microsoft is releasing a fully rewritten version today for Windows PCs and Macs that promises to run faster while using fewer system resources. A preview of this app was originally released for Windows in March, but the final release covers all types of Teams instances, re-adds support for features like breakout rooms and third-party app support, and supports macOS. The new Teams app is notable for improved performance and reduced disk space usage, especially when running on Windows PCs. Microsoft says that the reformulated version of Teams is "up to two times faster while using 50 percent less memory" on Windows systems. That sound you hear is old and underspecced work PCs in offices around the world breathing a sigh of relief. Microsoft credits its Edge WebView2 backend with helping improve performance and reduce disk usage on Windows. That's possible partly because WebView2 can use many of the same system files and the same runtime as the Edge browser built into Windows 10 and Windows 11. The older Teams app used the Electron framework, also used by communication apps like Slack and Discord. Though Electron and WebView2 are based on the Chromium browser engine, each Electron app includes its own self-contained version of the browser files, which all must be stored and updated separately.Read more of this story at Slashdot.

Jonathan Josephs & Antoinette Radford reporting via the BBC: Nasa astronauts will be flying in style, with luxury fashion designer Prada helping design space suits for the 2025 moon mission. The Italian fashion house will work to design the suits alongside another private company, Axiom Space. In a press release, Axiom said Prada would bring expertise with materials and manufacturing to the project. One astronaut told the BBC he thought Prada was up to the challenge due to their design experience. That experience has been built not only on the catwalks of Milan but also through Prada's involvement in the America's Cup sailing competition. "Prada has considerable experience with various types of composite fabrics and may actually be able to make some real technical contributions to the outer layers of the new space suit," according to Professor Jeffrey Hoffman, who flew five Nasa missions and has carried out four spacewalks. But, he said people should not expect to see astronauts in "paisley spacesuits or any fancy patterns like that. Maintaining a good thermal environment is really the critical thing". "A spacesuit is really like a miniature spacecraft. It has to provide pressure, oxygen, keep you at a reasonable temperature," he added.Read more of this story at Slashdot.

An anonymous reader quotes a report from the Financial Times: Belgium's intelligence service has been monitoring Alibaba's main logistics hub in Europe for espionage following suspicions Beijing has been exploiting its growing economic presence in the west. European governments have been increasing scrutiny of the alleged security and economic risks posed by Chinese companies, which has been part of a wider reassessment of the EU's traditional openness to trade with China. In specific reference to Alibaba's logistics arm at the cargo airport in Liege, Belgium's security services told the Financial Times they were working to detect "possible espionage and/or interference activities" carried out by Chinese entities "including Alibaba". Alibaba, which denies any wrongdoing, signed an agreement with Belgium in 2018 to open the hub in Liege, Europe's fifth-largest cargo airport, ploughing 100 million euros of investment into the ailing economy of the French-speaking Walloon region. But almost two years on from the site being opened, the Belgian State Security Service (VSSE) has continued monitoring Alibaba's operations following intelligence assessments, said people familiar with the matter. One area of scrutiny includes the introduction of software systems that collate sensitive economic information. The security service said the presence of Alibaba "constitutes a point of attention for the VSSE" because of legislation forcing Chinese companies to share their data with Chinese authorities and intelligence services. "China has the intent and capacity to use this data for non-commercial purposes," the agency said. Concerns about potential espionage at the site were first raised before the hub was built, including in the Belgian parliament. At the time China strongly denied the "unprovoked insinuations" over exaggerated "so-called security risks of Chinese companies." The VSSE's statement to the FT indicate its concerns over espionage still remain after the opening of the hub. [...] The main concern is that this platform, alongside a couple of other logistical platforms that the Chinese have been proposing to European countries, is giving them a lot of insights into supply chains and into eventual vulnerabilities," said Jonathan Holslag, a professor at the Vrije Universiteit Brussel. According to a person familiar with Alibaba's relations to China's government, the logistics centers are expected to pass on information about local sentiment and report data about European trade and logistics to Beijing's authorities. "The site in Liege is the only European logistics center run by Alibaba's logistics spin-off Cainiao," reports the FT. The company is reportedly able to access data about merchants, products, transport details and flows. It may also be able to access information about final customers.Read more of this story at Slashdot.

Slash_Account_Dot shares a report from 404 Media, written by Joseph Cox: In a bombshell report, an oversight body for the Department of Homeland Security (DHS) found that Immigration and Customs Enforcement (ICE), Customs and Border Enforcement (CBP), and the Secret Service all broke the law while using location data harvested from ordinary apps installed on smartphones. In one instance, a CBP official also inappropriately used the technology to track the location of coworkers with no investigative purpose. For years U.S. government agencies have been buying access to location data through commercial vendors, a practice which critics say skirts the Fourth Amendment requirement of a warrant. During that time, the agencies have typically refused to publicly explain the legal basis on which they based their purchase and use of the data. Now, the report shows that three of the main customers of commercial location data broke the law while doing so, and didn't have any supervisory review to ensure proper use of the technology. The report also recommends that ICE stop all use of such data until it obtains the necessary approvals, a request that ICE has refused. The report, titled "CBP, ICE, and Secret Service Did Not Adhere to Privacy Policies or Develop Sufficient Policies Before Procuring and Using Commercial Telemetry Data," is dated September 28, 2023, and comes from Joseph V. Cuffari, the Inspector General for DHS. The report was originally marked as "law enforcement sensitive," but the Inspector General has now released it publicly.Read more of this story at Slashdot.

At CES 2023, a startup called Displace introduced their "truly wireless" TV with swappable batteries and a vacuum suction system that can keep the display adhered to walls without traditional mounting. To address concerns about what would happen when those batteries become depleted or when the wall/surface the TV is mounted to cracks, Displace says it has designed a built-in landing gear safety system to protect the $3,000 wireless TV. The Verge reports: Here, friends, is where Displace's "self-lowering landing gear technology" comes in. And I'm just going to quote directly from the press release so you can get the full rundown on how it supposedly works: "Sensors within the Displace TV constantly measure the battery level and pressure in the vacuum suction system, analyze the wall's surface, and check leakage on the vacuum pumps. If the vacuum pumps are in danger of not maintaining a seal or the wall's integrity falters, the Displace TV automatically deploys four quick adhesives for stability and initiates a self-lowering landing gear system. The adhesives work as anchor points, as the Displace TV begins to lower itself gently on a zipline (from as high as 10 feet) and deploys a reusable foam at the bottom to protect the TV screen." When a problem is detected, the Displace attaches an adhesive frame onto the wall and begins lowering the display to the floor (with rope) from that frame. As all of this is happening, the TV generates a lot of sound and even flashing lights in an attempt to keep the area clear of children or animals. Once it's safely on the ground, you can pull the frame off the wall and reinsert it into the back of the TV. [...] The self-landing technology works at heights of up to 10 feet. When you're ready to put the TV back in its place, you just push the foam feet back into the TV, replace the adhesive tapes, and that's it. You can watch a demo of the safety system on YouTube.Read more of this story at Slashdot.

James Hunt reports via The Block: A group of FTX U.S.-based employees stumbled across a backdoor for its affiliated trading firm Alameda Research months before the crypto exchange collapsed in Nov. 2022, the Wall Street Journal reported, citing people familiar with the matter. The backdoor allowed Alameda to have a negative balance of up to $65 billion using customer funds, according to previous court filings revealing code buried in FTX's systems. Negative balances were not possible for other FTX users, who would be automatically liquidated if they fell into the red. The employees reportedly alerted their division boss to the discovery, who discussed it with former FTX CEO Sam Bankman Fried's lieutenant Nishad Singh, but the issue was never resolved. Instead, the leader of the team who raised the concern was sacked, the WSJ said. [...] The backdoor forms a key part of the prosecution's case in Bankman-Fried's trial. Bankman-Fried faces multiple fraud charges and could serve decades in prison. He pleaded not guilty to all charges.Read more of this story at Slashdot.

An anonymous reader quotes a report from TechCrunch: Following preliminary objections over Google's data terms, set out back in January by Germany's antitrust watchdog, the tech giant has agreed to make changes that will give users a better choice over its use of their information, the country's Federal Cartel Office (FCO) said today. The commitments cover situations where Google would like to combine personal data from one Google service with personal data from other Google or non-Google sources or cross-use these data in Google services that are provided separately, per the authority. Per the FCO decision document (PDF): "The Commitments cover in principle all services operated by Google and directed to end users in Germany with more than one million monthly active users (MAU) in Germany [and Android Automotive whether it meets that threshold or not]." But, as we report below, Google's core platform services designated under the EU's DMA are not covered -- nor is Fitbit, which the document notes is already subject to "far-reaching obligations regarding the cross-service processing of health and wellness data" as a result of EU merger control. [...] Per the FCO decision document, the implementation date (in principle) for Google's commitments is September 30, 2024 - with an earlier date of March 6, 2024 for commitments covering Google Assistant and Contacts. But the FCO notes that it may provide Google with an extension upon "substantiated request". Once implemented, the commitments will have a five year duration from their start date. The document also notes that if, in the future, a Google service falls out of the DMA designation as a core platform service and meets the FCO usage threshold then these local commitments will be applied to it. The converse will also apply; meaning if the European Commission designates one of the Google services covered by this commitments to the DMA list of core platform services it would no longer fall under this arrangement. Gmail is an interesting example here as the EU recently accepted Google's arguments to exclude the web mail service from the DMA list of core platform services -- but the tech giant is facing future restrictions on how it can use Gmail users' data under the FCO commitments (even if these will only apply in Germany). Commenting in a statement, Andreas Mundt, president of the Bundeskartellamt, said: "Data are key for many business models used by large digital companies. The market power of large digital companies is based on the collection, processing and combination of data. Google's competitors do not have these data and are thus faced with serious competitive disadvantages. In the future users of Google services will have a much better choice as to what happens to their data, how Google can use them and whether their data may be used across services. This not only protects the users' right to determine the use of their data but also curbs Google's data-driven market power. Large digital companies offer a wide range of different digital services. Without the users' free and informed consent the data from Google's services and third-party services can no longer be cross-used in separate services offered by Google or even be combined. We have made sure that Google will provide a separate choice option in the future."Read more of this story at Slashdot.

Hyundai and Kia said on Thursday that they will adopt Tesla's electric vehicle charging technology in the United States. Reuters reports: Joining their global peers, including Ford Motor, General Motors and Nissan in adopting Tesla's North American Charging Standard (NACS), Hyundai's and Kia's moves take the Elon Musk-led company's superchargers closer to becoming the industry standard at the expense of the rival Combined Charging System (CCS). Hyundai and Kia's new EVs will come with a NACS port, starting in the fourth quarter of 2024 in the United States, the companies said. However, in Canada, Hyundai EVs equipped with the NACS port would be available in the first half of 2025, while Kia's EVs with the technology by the end of 2024. The move gives Hyundai and Kia EVs with NACS ports access to more than 12,000 Tesla Superchargers across the United States, Canada, and Mexico, the companies said. The South Korean automakers also said that they would offer adapters to owners of existing and future Hyundai and Kia EVs with the current CCS giving them access to Tesla's Supercharging Network in the first quarter of 2025.Read more of this story at Slashdot.

Paul Kunert writes via The Register: Talking on stage at the Canalys EMEA Forum 2023, Luca Rossi, senior vice resident at Lenovo and president of its Intelligent Devices Group, said the company has committed to a net zero emission policy by 2050, and analyzing the components used in its hardware is part of the equation. "On repairability, we have a plan that by 2025 more than 80 percent of the repair parts will be repaired again so that they they enter into the circular economy to reduce the impact to the environment." He added: "More than 80 percent of our devices will be able to be repaired at the customer, by the customer or by the channel and we are enabling this with a design for serviceability kind of approach." This means that "batteries, SSD, many things, will not any longer be sealed into the product but will be available for the customer to be to repaired on site and then save a lot of waste."Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: Within the past year, there have been approximately five times more school shooting hoaxes called in to police than actual school shootings reported in 2023. Where data from Everytown showed "at least 103 incidents of gunfire on school grounds" in 2023, The Washington Post recently uncovered what seems to be a coordinated campaign of active shooter hoaxes causing "swattings" -- where police respond with extreme force to fake crimes -- at more than 500 schools nationwide over the past year. In just one day in February, "more than 30 schools were targeted," The Post reported. The Post "examined police reports, emergency call recordings, body-camera footage, or call logs in connection with incidents in 24 states," which seemed to reveal a "distinct pattern" potentially linking swatting hoaxes nationwide. A man who "speaks with a heavy accent" -- and possibly uses a device or app to alter his voice in real time -- relies on a virtual private network (VPN) to mask his IP address, then places the hoax calls on non-emergency lines using free Internet-calling services. He frequently pretends to be a teacher hiding from the fake shooter on campus and sometimes falsely reports student shootings. To some law enforcement officials, the voice sounds too similar from call to call to be chalked up to coincidence. The Post stitched together audio that shows why many authorities believe these hoax calls might be coming from the same caller, whose motivations are currently unknown. It's possible the hoax calls are being orchestrated by one person with a hostile compulsion or by one or several perpetrators advertising swatting services available for hire online. [...] According to The Post, the FBI has been investigating this string of school shooting hoaxes, but it's unclear how far that investigation has gotten -- mostly because tracing the hoax calls has perplexed many law enforcement agencies nationwide. Tracing calls is difficult partly because many VPN providers outside the US don't always cooperate with law enforcement, and some of the most popular free Internet-calling services only require an email address to sign up. However, The Post reported that it has increasingly become clear to law enforcement that one particular Internet-calling service appears to be the most popular choice for hoax callers reporting school shootings: TextNow. One police captain in Lousiana, Shannon Mack -- who is described as specializing in "cases involving Internet-based phone services -- told The Post that "nine times out of 10," hoax calls she has investigated have come from a TextNow number.Read more of this story at Slashdot.

Microsoft has released patches to fix zero-day vulnerabilities in two popular open source libraries that affect several Microsoft products, including Skype, Teams and its Edge browser. But Microsoft won't say if those zero-days were exploited to target its products, or if the company knows either way. From a report: The two vulnerabilities -- known as zero-days because developers had no advance notice to fix the bugs -- were discovered last month, and both bugs have been actively exploited to target individuals with spyware, according to researchers at Google and Citizen Lab. The bugs were discovered in two common open source libraries, webp and libvpx, which are widely integrated into browsers, apps and phones to process images and videos. The ubiquity of these libraries coupled with a warning from security researchers that the bugs were abused to plant spyware prompted a rush by tech companies, phone makers and app developers to update the vulnerable libraries in their products. In a brief statement Monday, Microsoft said it had rolled out fixes addressing the two vulnerabilities in the webp and libvpx libraries which it had integrated into its products, and acknowledged that exploits exist for both vulnerabilities. When reached for comment, a Microsoft spokesperson declined to say if its products had been exploited in the wild, or if the company has the ability to know. Security researchers at Citizen Lab said in early September that they had discovered evidence that NSO Group customers, using the company's Pegasus spyware, had exploited a vulnerability found in the software of an up-to-date and fully patched iPhone.Read more of this story at Slashdot.

A parallel acquisition system -- buying needed apps by monthly or yearly subscription to meet changing mission requirements -- could improve deterrence by complicating an enemy's war planning, Lockheed Martin's top executive suggested Wednesday. From a report: Jim Taiclet, Lockheed's CEO, said the idea behind this approach is similar to allowing a customer to buy a 5G phone in Seoul and have it operate with new applications as needed in Washington. Although "digital insertion" in this manner "hasn't caught on yet" inside the Pentagon, across the tech industry or the broad industrial base, Taiclet said it has the potential "to move that deterrence goal post every three to six months."Traditionally, the Defense Department and defense industry think in big contracts for platforms that take years to design, build and manufacture and service. Taiclet, however, sees large defense contractors such as Lockheed Martin as a bridge from the subscription-based tech sector to the big-contract Pentagon acquisition process. "We have to get our expertise together." He added this approach "is starting to get some traction" among large investors in the tech sector.Read more of this story at Slashdot.