Slashdot

Users of Google "must recalibrate their thinking on what Google is and how information is returned to them," warns an Assistant Professor at the School of Information and Library Science at UNC-Chapel Hill. In a new book titled The Propagandists' Playbook, they're warning that simple link-filled search results have been transformed by "Google's latest desire to answer our questions for us, rather than requiring us to click on the returns." The trouble starts when Google returns inaccurate answers "that often disrupt democratic participation, confirm unsubstantiated claims, and are easily manipulatable by people looking to spread falsehoods."By adding all of these features, Google — as well as competitors such as DuckDuckGo and Bing, which also summarize content — has effectively changed the experience from an explorative search environment to a platform designed around verification, replacing a process that enables learning and investigation with one that is more like a fact-checking service.... The problem is, many rely on search engines to seek out information about more convoluted topics. And, as my research reveals, this shift can lead to incorrect returns... Worse yet, when errors like this happen, there is no mechanism whereby users who notice discrepancies can flag it for informational review.... The trouble is, many users still rely on Google to fact-check information, and doing so might strengthen their belief in false claims. This is not only because Google sometimes delivers misleading or incorrect information, but also because people I spoke with for my research believed that Google's top search returns were "more important," "more relevant," and "more accurate," and they trusted Google more than the news — they considered it to be a more objective source.... This leads to what I refer to in my book, The Propagandists' Playbook, as the "IKEA effect of misinformation." Business scholars have found that when consumers build their own merchandise, they value the product more than an already assembled item of similar quality — they feel more competent and therefore happier with their purchase. Conspiracy theorists and propagandists are drawing on the same strategy, providing a tangible, do-it-yourself quality to the information they provide. Independently conducting a search on a given topic makes audiences feel like they are engaging in an act of self-discovery when they are actually participating in a scavenger-hunt engineered by those spreading the lies.... Rather than assume that returns validate truth, we must apply the same scrutiny we've learned to have toward information on social media. Another problem the article points out: "Googling the exact same phrase that you see on Twitter will likely return the same information you saw on Twitter. "Just because it's from a search engine doesn't make it more reliable."Read more of this story at Slashdot.

Senior White House officials say even more action is coming on climate change. They're telling the New York Times that U.S. President Joe Biden plans "a series of executive actions to further reduce greenhouse gas emissions and help keep the planet from warming to dangerous temperatures." Biden is on track to deploy a series of measures, including new regulations on emissions from vehicle tailpipes, power plants and oil and gas wells, the officials said. In pushing more executive action, Mr. Biden is trying to make up for the compromises his party made on climate measures to pass the Inflation Reduction Act, which includes the largest single American investment to slow global warming. Democrats had to scale back some of their loftiest ambitions, including by agreeing to fossil fuel and drilling provisions, as concessions to Senator Joe Manchin III, Democrat of West Virginia, a holdout from a conservative state that is heavily dependent on coal and gas. Gina McCarthy, the White House climate adviser, said that regulatory moves, combined with the new legislation and action from states, could help Mr. Biden meet his promise to cut greenhouse gas emissions by 50 percent, compared to 2005 levels, by the end of the decade. The climate bill, she said, was "a starting point." "The president has not chosen to just look at Congress, he's chosen to recognize that he has presidential authorities and responsibilities under the law to keep moving this forward," she said. "And he's going to continue to use those." [...] Ms. McCarthy noted the E.P.A. still has "broad authority" to regulate emissions from electricity generation. She also said the government is forging ahead with new regulations on soot and other traditional air pollutants, which will have the side benefit of cutting carbon emissions.... Mr. Biden has the executive authority to issue regulations through federal agencies, and under the Clean Air Act of 1970 can establish rules to address air pollution.Read more of this story at Slashdot.

What do you when people hate your $10 billion selfie? "Mark Zuckerberg, in response to a torrent of critical memes mocking the graphics of Meta's newest project, has heard his critics — and changed his selfie," reports CNN:Zuckerberg debuted Horizon Worlds, a virtual reality social app, in France and Spain earlier this week, sharing a somewhat flat, goofy digital avatar in front of an animated Eiffel Tower and la Sagrada Família. The internet immediately jumped in, mocking what many users viewed as (hopefully) preliminary graphics for a venture that Meta has spent at least $10 billion in the last year. New York Times tech columnist Kevin Roose compared the graphics to "worse than a 2008 Wii game" on Twitter. Slate used the term " buttcheeks." Twitter was less kind: "eye-gougingly ugly" and "an international laughing stock" popping up. Many compared it to early 90's graphics and pointed out how lifeless and childish the Zuckerberg selfie looked. It quickly won the designation "dead eyes." Well, Zuckerberg has apparently seen the memes, because on Friday he announced there are major updates coming — along with new avatar graphics. In a CNBC report on how Zuckerberg "is getting dragged on the internet for how ugly the graphics of this game are," they'd actually quoted a Forbes headline that asked, "Does Mark Zuckerberg not understand how bad his metaverse is?"Read more of this story at Slashdot.

What do you when people hate your $10 billion selfie? "Mark Zuckerberg, in response to a torrent of critical memes mocking the graphics of Meta's newest project, has heard his critics — and changed his selfie," reports CNN:Zuckerberg debuted Horizon Worlds, a virtual reality social app, in France and Spain earlier this week, sharing a somewhat flat, goofy digital avatar in front of an animated Eiffel Tower and la Sagrada Família. The internet immediately jumped in, mocking what many users viewed as (hopefully) preliminary graphics for a venture that Meta has spent at least $10 billion in the last year. New York Times tech columnist Kevin Roose compared the graphics to "worse than a 2008 Wii game" on Twitter. Slate used the term "buttcheeks." Twitter was less kind: "eye-gougingly ugly" and "an international laughing stock" popping up. Many compared it to early 90's graphics and pointed out how lifeless and childish the Zuckerberg selfie looked. It quickly won the designation "dead eyes." Well, Zuckerberg has apparently seen the memes, because on Friday he announced there are major updates coming — along with new avatar graphics. In a CNBC report on how Zuckerberg "is getting dragged on the internet for how ugly the graphics of this game are," they'd actually quoted a Forbes headline that asked, "Does Mark Zuckerberg not understand how bad his metaverse is?"Read more of this story at Slashdot.

"The very first results from the James Webb Space Telescope seem to indicate that massive, luminous galaxies had already formed within the first 250 million years after the Big Bang," reports Sky and Telescope. "If confirmed, this would seriously challenge current cosmological thinking."Shortly after NASA published Webb's first batch of scientific data, the astronomical preprint server arXiv was flooded with papers claiming the detection of galaxies that are so remote that their light took some 13.5 billion years to reach us. Many of these appear to be more massive than the standard cosmological model that describes the universe's composition and evolution. "It worries me slightly that we find these monsters in the first few images," says cosmologist Richard Ellis (University College London).... Before the community accepts these claims, the reported redshifts have to be confirmed spectroscopically. Mark McCaughrean, the senior science adviser of the European Space Agency (a major partner on Webb) commented on Twitter: "I'm sure some of them will be [confirmed], but I'm equally sure they won't all be. [...] It does all feel a little like a sugar rush at the moment." Ellis agrees: "It's one thing to put a paper on arXiv," he says, "but it's quite something else to turn it into a lasting article in a peer-reviewed journal." Since 1991, science writer Eric Lerner has been arguing that the Big Bang never happened. Now 75 years old, he writes:In the flood of technical astronomical papers published online since July 12, the authors report again and again that the images show surprisingly many galaxies, galaxies that are surprisingly smooth, surprisingly small and surprisingly old. Lots of surprises, and not necessarily pleasant ones. One paper's title begins with the candid exclamation: "Panic!" Why do the JWST's images inspire panic among cosmologists? And what theory's predictions are they contradicting? The papers don't actually say. The truth that these papers don't report is that the hypothesis that the JWST's images are blatantly and repeatedly contradicting is the Big Bang Hypothesis that the universe began 14 billion years ago in an incredibly hot, dense state and has been expanding ever since. Since that hypothesis has been defended for decades as unquestionable truth by the vast majority of cosmological theorists, the new data is causing these theorists to panic. "Right now I find myself lying awake at three in the morning," says Alison Kirkpatrick, an astronomer at the University of Kansas in Lawrence, "and wondering if everything I've done is wrong...." Even galaxies with greater luminosity and mass than our own Milky Way galaxy appear in these images to be two to three times smaller than in similar images observed with the Hubble Space Telescope (HST), and the new galaxies have redshifts which are also two to three times greater.This is not at all what is expected with an expanding universe, but it is just exactly what I and my colleague Riccardo Scarpa predicted based on a non-expanding universe, with redshift proportional to distance.... [T]he galaxies that the JWST shows are just the same size as the galaxies near to us, if it is assumed that the universe is not expanding and redshift is proportional to distance..... Big Bang theorists did expect to see badly mangled galaxies scrambled by many collisions or mergers. What the JWST actually showed was overwhelmingly smooth disks and neat spiral forms, just as we see in today's galaxies. The data in the "Panic!" article showed that smooth spiral galaxies were about "10 times" as numerous as what theory had predicted and that this "would challenge our ideas about mergers being a very common process". In plain language, this data utterly destroys the merger theory.... According to Big Bang theory, the most distant galaxies in the JWST images are seen as they were only 400-500 million years after the origin of the universe. Yet already some of the galaxies have shown stellar populations that are over a billion years old. Since nothing could have originated before the Big Bang, the existence of these galaxies demonstrates that the Big Bang did not occur.... While Big Bang theorists were shocked and panicked by these new results, Riccardo and I (and a few others) were not. In fact, a week before the JWST images were released we published online a paper that detailed accurately what the images would show. We could do this with confidence because more and more data of all kinds has been contradicting the Big Bang hypothesis for years.... Based on the published literature, right now the Big Bang makes 16 wrong predictions and only one right one — the abundance of deuterium, an isotope of hydrogen. Thanks to Slashdot reader magzteel for sharing the article.Read more of this story at Slashdot.

It's a free and open-source, cross-platform FTP application that allows secure file transfering — and it's making an old-school protocol cool again, according to a recent blog post. Started about 21 years ago — and downloaded by millions each year — FileZilla remains "committed to their role in liberating technology, by making it accessible, open and also secure," according to the blog post. But it also explains how FileZilla has beefed up that security through a collaboration with the internet freedom nonprofit, the Open Technology Fund (or "OTF"):Over the past year, FileZilla has utilised support from OTF to undertake two activities that enhanced and ensured the security of their tools. The first was integrating FileZilla Server with Let's Encrypt, a free, automated, and open source certificate authority that ensures secure communication between the two end-points sending or receiving a file via FileZilla.... Secondly, FileZilla ran a penetration test, a service offered by OTF's Red Team Lab. A team of independent researchers attempted to force access to the FileZilla server to see if they could gain control. These researchers were highly skilled, and the testing was extensive. The team conducting the test only found very minor security vulnerabilities that FileZilla were able to fix immediately. As a result of this process, anyone wanting to use the FileZilla software can trust that it has been cross-scrutinised by a third party and found to be secure.... FileZilla respects users' confidentiality: they do not track your behaviour, nor sell your data to other companies. While they do have advertisements on their website, they are posted exactly as advertisements would be posted in a newspaper. Nobody knows that you are reading the advertisements, or that you decided to call or connect to the advertised website. The advertisement has simply been attached to the webpage, without any underlying tracking.... . "Our mission hasn't changed in over 20 years: design, develop, maintain and enhance free tools to securely transfer files with ease and reliability," said Tim Kosse, FileZilla Lead Developer. This decision was a political one taken by FileZilla, to always preserve the freedom of their tools, and of their users. "We aren't the typical commercial open-source venture that starts doing things for free, and over time, closes this and that to make money" said Roberto Galoppini, FileZilla Director of Strategy. "While you might not see FileZilla listed at the NYSE [New York Stock Exchange] any time soon, the freedom of our tools will never be questioned...." [I]f you work in an industry that requires the secure transfer of sensitive files, or if you simply have personal photographs or videos you want to keep confidential, using proprietary platforms to share or store them can put your information at risk of being exposed.... FileZilla offers an alternative that is secure and private. Their tools are developed by a team that is deeply invested in protecting users' confidentiality, and liberating technology is central to their work and decision-making.... At the same time, projects like FileZilla remind us that there exists a global community of technologists, activists, coders, bloggers, journalists, software developers, and mindful internet users making internet freedom a lived reality and daily practice. Supporting, experimenting with and using free and open source tools, such as the FileZilla client and server, enables us to disinvest from the capitalist pursuit of corporate control of technology and unchecked surveillance of our data. Rather, we can step into alignment with an alternative, parallel narrative being created by a community of resistance that is grounded in principles of cooperation, solidarity, commons and openness.Read more of this story at Slashdot.

A local news report called it "a futuristic dream, now a reality in Las Vegas: self-driving vehicles moving customers up and down the Las Vegas strip." Lyft's ride-hailing service now lets customers book Motional's all-electric (and autonomous driving) IONIQ 5. Not everyone's sold. "Love technology — love it, promote it — but we don't need to replace every human," said one person interviewed on the street. But "the digital wave continues to sweep Las Vegas," the newscast points out, with the car company's director of commercial fleet operations insisting it will ultimately make transportation more affordable, sustainable, and reliable. "We look at this as an opportunity to really show that robotaxis are the best way for people to get around," he says, noting Vegas drivers have to contend with lots of night-time driving, bright lights, unusually wide lanes and big intersections. The city once adopted the slogan "what happens in Vegas stays in Vegas," and some passengers might appreciate the extra privacy of a truly driverless vehicle. Passengers "for the time being, will be accompanied by two safety drivers in the event of an error," according to news reports, but that's expected to change soon:"Motional and Lyft have a clear path to widespread commercialization of Level 4 autonomous vehicles," said Karl Iagnemma, Motional's president and CEO. "We've led the industry in commercial operations for years, and today's launch signals we're on track to deliver a fully driverless service next year...." Upon arrival, riders who order the IONIQ 5 can unlock the doors to the vehicle using the Lyft mobile app. Once inside the vehicle, customers can start the ride or contact customer support by using the new in-car Lyft AV app [on a touchscreen for passengers]. By making these new features available now, despite the presence of the two safety drivers, Lyft hopes to solicit customer feedback and refine the new tools before the service goes fully driverless in 2023. Lyft and Motional have been piloting autonomous rides in other vehicles in Las Vegas since 2018, with more than 100,000 autonomous rides provided thus far, over 95% of which have received five-star ratings, according to the companies. Feedback gathered on the new IONIQ 5 autonomous vehicle over the coming months will help to inform Lyft's launch of fully driverless e-hail trips in Las Vegas sometime next year. After that, the company plans to expand the driverless, e-hail service to various other markets throughout the country.Read more of this story at Slashdot.

Slashdot reader storagedude writes: Hackers are stealing cookies from current or recent web sessions to bypass multi-factor authentication (MFA), according to an eSecurity Planet report. The attack method, reported by Sophos researchers, is already growing in use. The "cookie-stealing cybercrime spectrum" is broad, the researchers wrote, ranging from "entry-level criminals" to advanced adversaries, using various techniques. Cybercriminals collect cookies or buy stolen credentials "in bulk" on dark web forums. Ransomware groups also harvest cookies and "their activities may not be detected by simple anti-malware defenses because of their abuse of legitimate executables, both already present and brought along as tools," the researchers wrote. Browsers allow users to maintain authentication, remember passwords and autofill forms. That might seem convenient, but attackers can exploit this functionality to steal credentials and skip the login challenge. Behind the scenes, browsers use SQLite database files that contain cookies. These cookies are composed of key-value pairs, and the values often contain critical information such as tokens and expiration dates. Adversaries know the exact name and location of these files for all major browsers such as Chrome, Firefox, and even Brave, on various operating systems. That's why the attack can be scripted. It's not uncommon to find such scripts along with other modules in info-stealing and other malware. For example, the latest version of the Emotet botnet targets cookies and credentials stored by browsers, which include saved credit cards. According to the Sophos researchers, "Google's Chrome browser uses the same encryption method to store both multi-factor authentication cookies and credit card data." To gain initial access, attackers can also perform phishing and spear-phishing campaigns to implant droppers that can deploy cookie-stealer malware stealthily. The cookies are then used for post-exploitation and lateral movements. Cybercriminals can use them to change passwords and emails associated with user accounts, or trick the victims into downloading additional malware, or even deploy other exploitation tools such as Cobalt Strike and Impacket kit. Users should not use built-in features to save passwords unless the browser encrypts them with, at least, a master password. It's recommended that users uncheck the setting called "remember passwords," and users should probably not allow persistent sessions as well. Developers can be part of the problem if they don't secure authentication cookies properly. Such cookies must have a short expiration date. Otherwise, the persistent authentication could turn into a persistent threat. You can have great security processes and still get hacked because the cookies do not have the necessary flags (e.g., HttpOnly, Secure attribute). For example, authentication cookies must be sent using SSL/TLS channels. Otherwise the data could be sent in plain text and attackers would only have to sniff traffic to intercept credentials.Read more of this story at Slashdot.

"On Monday, Apple told employees at its headquarters in Cupertino, California, that they would have to return to the office at least three days a week by September 5," according to a columnist for Inc.First reported by Bloomberg, Tim Cook told employees in an email that they would be expected to be in the office on Tuesdays and Thursdays, with teams choosing a third day that works best for them... Apple SVP of software Craig Federighi followed up Cook's email with one of his own, saying that he "can't wait to experience the special energy of having all of us back in the office together again!" That's great, but I imagine a lot of the people who work in the software organization are wondering whether that "special energy" actually makes them more productive, or if it's just a thing managers feel as they watch employees be productive at their desks... [T]hat's not the same thing as actual collaboration. Here's the article's main point:[M]any companies — especially Apple — had their best two years ever when most of their employees were working from home. If anything, it seems as though the evidence pointing to the idea that it was better for the company.... Apple's market cap in March 2020 was $1.1 trillion. Today, it's just shy of three times that.... [I]t's as if Apple hasn't learned anything. Apple's memo did say that some employees — "depending on your role" — would have the option of working fully remotely "for up to four weeks a year."Read more of this story at Slashdot.

"After a slight delay due to an installer issue, the first point release for Ubuntu 22.04 has been officially released," swrites Jack Wallen for TechRepublic. "Although point releases are often overlooked by users, because they aren't major upgrades, this time around you should certainly run the upgrade immediately."The biggest reason is that this point release combines all of the security fixes and improvements that have been added since the initial release of Jammy Jellyfish. So, if you haven't bothered to upgrade Ubuntu 22.04 since you first installed it, which you should have been doing all along, this point upgrade will add everything you've missed in one fell swoop. One of the biggest upgrades for end users will be the ability of 20.04 users to upgrade to the latest release without having to touch the command line. At some point, users of 20.04 will see an upgrade prompt on their desktops, allowing them to easily make the jump to 22.04.1. This is a big deal because previously such upgrades would have required running several commands. That means no more: sudo apt-get updatesudo apt-get upgrade -ysudo apt-get dist-upgrade -ysudo do-release-upgrade -y Another point release found in 22.04.1 is GNOME 42, which features a new enhanced dark mode and switches to Wayland by default, with the inclusion of Xorg for unsupported hardware.Read more of this story at Slashdot.

IoT Times brings an update on "the race to create a new set of encryption standards."Last month, it was announced that a specialized security algorithm co-authored by security experts of NXP, IBM, and Arm had been selected by the U.S. Government's National Institute of Standards and Technology (NIST) to become part of an industry global standard designed to counter quantum threats. IoT Times interviews the cryptography expert who co-created the Crystals-Kyber lattice-based algorithm selected by NIST — Joppe W. Bos, a senior principal cryptographer at the Competence Center for Cryptography and Security at NXP Semiconductors. And what worries his colleagues at the semiconductor company isn't the "imminent threat of quantum computers," Bos says, but an even closer and more practical deadline: "the timeline for these post-quantum crypto standards.""Two weeks ago, NIST announced the winners of these new public standards, the post-quantum crypto standards, and their timeline is that in 2024, so in roughly two years, the winners will be converted into standards. And as soon as the standards are released, our customers will expect NXP Semiconductors, as one of the leaders in crypto and security, to already have support for these standards, because we are, of course, at the start of the chain for many end products. Our secure elements, our secure platforms, SOCs, are one of the first things that need to be integrated into larger platforms that go into end products. Think about industrial IoT. Think about automotive applications. So, our customers already expect us to support post-quantum crypto standards in 2024, and not only support but, for many companies, being able to compute the functional requirements of the standard. "It took over ten years to settle down on the best methods for RSA and ECC, and now we have a much shorter timeline to get ready for post-quantum crypto." "When you ask the experts, it ranges from one to five decades until we can see quantum computers big enough to break our current crypto," Bos says in the interview. So he stresses that they're not driven by a few of quantum computers. "The right question to ask, at least for us at NXP is, when is this new post-quantum crypto standard available? Because then, our customers will ask for post-quantum support, and we need to be ready. "The standard really drives our development and defines our roadmap." But speaking of the standard's "functional requirements", in the original story submission Slashdot reader dkatana raised an interesting point. There's already billions of low-powered IoT devices in the world. Will they all have the memory and processing power to use this new lattice-based encryption?Read more of this story at Slashdot.

An anonymous reader quotes a report from NBC News: An Apple AirTag led to the arrest of an airline subcontractor accused of stealing thousands of dollars' worth of items from luggage at a Florida airport. Giovanni De Luca, 19, was charged with two counts of grand theft after authorities recovered the stolen items from his home, the Okaloosa County Sheriff's Office said in a news release last week. Authorities said a traveler reported last month that her luggage never made it to her destination. The items inside were worth about $1,600. She said an Apple AirTag, a tracking device that triggers alerts on iPhones, iPads and Apple computers, had been in her luggage and showed that it was on Kathy Court in Mary Esther, about 50 miles east of Pensacola. On Aug. 9, another traveler reported that more than $15,000 worth of jewelry and other items had been taken from his luggage. Okaloosa County sheriff's deputies investigating both suspected thefts cross-referenced Destin-Fort Walton Beach Airport employees who lived near Kathy Court and found De Luca at his home. He was arrested Aug. 10. The items reported missing on Aug. 9 were recovered, and De Luca admitted to rummaging through someone else's luggage and removing an Apple AirTag, the sheriff's office said. The woman's luggage has not been found.Read more of this story at Slashdot.

The USB Rubber Ducky "has a new incarnation, released to coincide with the Def Con hacking conference this year," reports The Verge. From the report: To the human eye, the USB Rubber Ducky looks like an unremarkable USB flash drive. Plug it into a computer, though, and the machine sees it as a USB keyboard -- which means it accepts keystroke commands from the device just as if a person was typing them in. The original Rubber Ducky was released over 10 years ago and became a fan favorite among hackers (it was even featured in a Mr. Robot scene). There have been a number of incremental updates since then, but the newest Rubber Ducky makes a leap forward with a set of new features that make it far more flexible and powerful than before. With the right approach, the possibilities are almost endless. Already, previous versions of the Rubber Ducky could carry out attacks like creating a fake Windows pop-up box to harvest a user's login credentials or causing Chrome to send all saved passwords to an attacker's webserver. But these attacks had to be carefully crafted for specific operating systems and software versions and lacked the flexibility to work across platforms. The newest Rubber Ducky aims to overcome these limitations. It ships with a major upgrade to the DuckyScript programming language, which is used to create the commands that the Rubber Ducky will enter into a target machine. While previous versions were mostly limited to writing keystroke sequences, DuckyScript 3.0 is a feature-rich language, letting users write functions, store variables, and use logic flow controls (i.e., if this... then that). That means, for example, the new Ducky can run a test to see if it's plugged into a Windows or Mac machine and conditionally execute code appropriate to each one or disable itself if it has been connected to the wrong target. It also can generate pseudorandom numbers and use them to add variable delay between keystrokes for a more human effect. Perhaps most impressively, it can steal data from a target machine by encoding it in binary format and transmitting it through the signals meant to tell a keyboard when the CapsLock or NumLock LEDs should light up. With this method, an attacker could plug it in for a few seconds, tell someone, "Sorry, I guess that USB drive is broken," and take it back with all their passwords saved.Read more of this story at Slashdot.

Globally, nearly half of deaths due to cancer can be attributable to preventable risk factors, including the three leading risks of: smoking, drinking too much alcohol or having a high body mass index, a new paper suggests. CNN reports: The research, published Thursday in the journal The Lancet, finds that 44.4% of all cancer deaths and 42% of healthy years lost could be attributable to preventable risk factors in 2019. "To our knowledge, this study represents the largest effort to date to determine the global burden of cancer attributable to risk factors, and it contributes to a growing body of evidence aimed at estimating the risk-attributable burden for specific cancers nationally, internationally, and globally," Dr. Chris Murray, director of the Institute for Health Metrics and Evaluation at the University of Washington, and his colleagues wrote in the study. The paper, funded by the Bill & Melinda Gates Foundation, analyzed the relationship between risk factors and cancer, the second leading cause of death worldwide, using data from the Institute for Health Metrics and Evaluation's Global Burden of Disease project. The project collects and analyzes global data on deaths and disability. Murray and his colleagues zeroed in on cancer deaths and disability from 2010 to 2019 across 204 countries, examining 23 cancer types and 34 risk factors. The leading cancers in terms of risk-attributable deaths globally in 2019 was tracheal, bronchus and lung cancer for both men and women, the researchers found. The data also showed that risk-attributable cancer deaths are on the rise, increasing worldwide by 20.4% from 2010 to 2019. Globally, in 2019, the leading five regions in terms of risk-attributable death rates were central Europe, east Asia, North America, southern Latin America and western Europe.Read more of this story at Slashdot.

An anonymous reader quotes a report from The Guardian: [R]esearchers say they have found the mechanism behind the insect's ability to home in on humans. Humans give off a fragrant cocktail of body odor, heat and carbon dioxide, which varies from person to person and mosquitoes use to locate their next meal. While most animals have a specific set of neurons that detect each type of odor, mosquitoes can pick up on smells via several different pathways, suggests the study, which is published in the science journal Cell. "We found that there's a real difference in the way mosquitoes encode the odors that they encounter compared to what we've learned from other animals," said Meg Younger, an assistant professor of biology at Boston University and one of the lead authors of the study. Researchers at the Rockefeller University, in New York, were baffled when mosquitoes were somehow still able to find people to bite after having an entire family of human odor-sensing proteins removed from their genome. The team then examined odor receptors in the antennae of mosquitoes, which bind to chemicals floating around in the environment and signal to the brain via neurons. "We assumed that mosquitoes would follow the central dogma of olfaction, which is that only one type of receptor is expressed in each neuron," said Younger. "Instead, what we've seen is that different receptors can respond to different odors in the same neuron." This means losing one or more receptors does not affect the ability of mosquitoes to pick up on human smells. This backup system could have evolved as a survival mechanism, the researchers say. "The mosquito Aedes aegypti is specialized to bite humans, and it is believed that they evolved to do that because humans are always close to fresh water and mosquitoes lay their eggs in fresh water. We are basically the perfect meal, so the drive to find humans is extremely strong," said Younger.Read more of this story at Slashdot.

MIT Technology Review obtained Prince's investor presentation for the "RedPill Phone," which promises more than it could possibly deliver. From the report: Erik Prince's pitch to investors was simple -- but certainly ambitious: pay just 5 million euros and cure the biggest cybersecurity and privacy plagues of our day. The American billionaire -- best known for founding the notorious private military firm Blackwater, which became globally infamous for killing Iraqi civilians and threatening US government investigators -- was pushing Unplugged, a smartphone startup promising "free speech, privacy, and security" untethered from dominant tech giants like Apple and Google. In June, Prince publicly revealed the new phone, priced at $850. But before that, beginning in 2021, he was privately hawking the device to investors -- using a previously unreported pitch deck that has been obtained by MIT Technology Review. It boldly claims that the phone and its operating system are "impenetrable" to surveillance, interception, and tampering, and its messenger service is marketed as "impossible to intercept or decrypt." Boasting falsely that Unplugged has built "the first operating system free of big tech monetization and analytics," Prince bragged that the device is protected by "government-grade encryption." Better yet, the pitch added, Unplugged is to be hosted on a global array of server farms so that it "can never be taken offline." One option is said to be a server farm "on a vessel" located in an "undisclosed location on international waters, connected via satellite to Elon Musk's StarLink." An Unplugged spokesperson explained that "they benefit in having servers not be subject to any governmental law." The Unplugged investor pitch deck is a messy mix of these impossible claims, meaningless buzzwords, and outright fiction. While none of the experts I spoke with had yet been able to test the phone or read its code, because the company hasn't provided access, the evidence available suggests Unplugged will fall wildly short of what's promised. [...] The UP Phone's operating system, called LibertOS, is a proprietary version of Google's Android, according to an Unplugged spokesperson. It's running on an unclear mix of hardware that a company spokesperson says they've designed on their own. Even just maintaining a unique Android "fork" -- a version of the operating system that departs from the original, like a fork in the road -- is a difficult endeavor that can cost massive money and resources, experts warn. For a small startup, that can be an insurmountable challenge. [...] Another key issue is life span. Apple's iPhones are considered the most secure consumer device on the market due in part to the fact that the company offers security updates to some of its older phones for six years, longer than virtually all competitors. When support for a phone ends, security vulnerabilities go unaddressed, and the phone is no longer secure. There is no information available on how long UP Phones will receive security support. "There are two things happening here," says Allan Liska, a cyberintelligence analyst at the cybersecurity firm Recorded Future. "There are the actual attempts to make real secure phones, and then there is the marketing BS. Distinguishing between those two can be really hard." "When I worked in US intelligence, we [penetrated] a number of phone companies overseas," says Liska. "We were inside those phone companies. We could easily track people based on where they connected to the towers. So when you talk about being impenetrable, that's wrong. This is a phone, and the way that phones work is they triangulate to cell towers, and there is always latitude and longitude for exactly where you're sitting," he adds. "Nothing you do to the phone is going to change that." The UP Phone is due out in November 2022.Read more of this story at Slashdot.

Apple is advising iOS and iPadOS users to update to the latest software version to patch two security holes that could allow an application to execute arbitrary code with kernel privileges. They also issued a patch for WebKit, the browser that powers Safari and all third-party browsers on iOS. For this vulnerability, Apple says that "processing maliciously crafted web content may lead to arbitrary code execution." "With two major security fixes, we recommend all iPhone users update to iOS 15.6.1 immediately and all iPad users update to iPadOS 15.6.1," writes Chance Miller via 9to5Mac. "You can do so by heading to the Settings app, choosing General, then choosing Software Update."Read more of this story at Slashdot.

Vietnam's Ministry of Information and Communications updated cybersecurity laws this week to mandate Big Tech and telecoms companies store user data locally, and control that data with local entities. The Register reports: The data affected goes beyond the basics of name, email, credit card information, phone number and IP address, and extends into social elements -- including groups of which users are members, or the friends with whom they digitally interact. "Data of all internet users ranging from financial records and biometric data to information on people's ethnicity and political views, or any data created by users while surfing the internet must be to stored domestically," read the decree (PDF) issued Wednesday, as translated by Reuters. The decree applies to a wide swath of businesses including those providing telecom services, storing and sharing data in cyberspace, providing national or international domain names for users in Vietnam, e-commerce, online payments, payment intermediaries, transport connection services operating in cyberspace, social media, online video games, messaging services, and voice or video calls. According to Article 26 of the government's Decree 53, the new rules go into effect October 1, 2022 -- around seven weeks from the date of its announcement. However, foreign companies have an entire 12 months in which to comply -- beginning when they receive instructions from the Minister of Public Security. The companies are then required to store the data in Vietnam for a minimum of 24 months. System logs will need to be stored for 12 months. After this grace period, authorities reserve the right to make sure affected companies are following the law through investigations and data collection requests, as well as content removal orders. Further reading: Vietnam To Make Apple Watch, MacBook For First Time EverRead more of this story at Slashdot.

An anonymous reader quotes a report from The Guardian: A British judge has ruled that a case against the kingdom of Saudi Arabia brought by a dissident satirist who was targeted with spyware can proceed, a decision that has been hailed as precedent-setting and one that could allow other hacking victims in Britain to sue foreign governments who order such attacks. The case against Saudi Arabia was brought by Ghanem Almasarir, a prominent satirist granted asylum in the UK, who is a frequent critic of the Saudi royal family. At the centre of the case are allegations that Saudi Arabia ordered the hacking of Almasarir's phone, and that he was physically assaulted by agents of the kingdom in London in 2018. The targeting and hacking of Almasarir's phone by a network probably linked to Saudi Arabia was confirmed by researchers at the Citizen Lab at the University of Toronto, who are considered among the world's leading experts in tracking digital surveillance of dissidents, journalists and other members of civil society. Saudi Arabia is known to be a former client of NSO Group, whose powerful Pegasus hacking software covertly penetrates and compromises smartphones. Saudi Arabia's attempt to have the case dismissed on the grounds that it had sovereign immunity protection under the State Immunity Act 1978 was dismissed by the high court judge. In the ruling, against which Saudi Arabia is likely to appeal, Justice Julian Knowles found that Almasarir's case could proceed under an exception to the sovereign immunity law that applies to any act by a foreign state that causes personal injury. He also found that Almasarir had provided enough evidence to conclude, on the balance of probabilities, that Saudi Arabia was responsible for the alleged assault. Saudi Arabia's claim that the case was too weak or speculative to proceed was dismissed. [...] The decision could have profound implications for other individuals targeted or hacked by NSO's spyware within the UK. They include Lady Shackleton and Princess Haya, the former wife of Dubai's ruler Sheikh Mohammed bin Rashid al-Maktoum. Both were hacked by the sheikh using NSO spyware during lengthy court proceedings between Haya and her former husband in London. In a statement praising the decision, Almasarir said: "I no longer feel safe and I am constantly looking over my shoulder. I no longer feel able to speak up for the oppressed Saudi people, because I fear that any contact with people inside the kingdom could put them in danger. I look forward to presenting my full case to the court in the hope that I can finally hold the kingdom to account for the suffering I believe they have caused me."Read more of this story at Slashdot.

Lenovo has taken issue with the design of the Framework Laptop and one of its power buttons. The Verge reports: In a tweet, the startup claims to have been contacted by Lenovo's legal team, who say the circular design of the power button on one of Framework's designs is too similar to the stylized "O" Lenovo uses in the wordmark for its "Legion" brand of gaming laptops. "Consumers could believe that Framework's Broken O Case or the motherboards they cover are produced by, sponsored, endorsed, licensed, or otherwise affiliated with Lenovo, when that is not the case," a screenshot of the legal letter from Lenovo posted by Framework reads. The offending power button design doesn't appear on any of Framework's laptops. Instead, the circle can be found in the 3D printer case schematics that Framework released back in April, which allow customers to build their own Raspberry Pi-style miniature PCs using just the laptop's motherboard (these can be bought separately, as well as harvested from a Framework laptop). This YouTube video gives a nice overview of how the 3D-printed enclosure is supposed to work (the power button gets pressed at the 9:35 minute mark). [...] Framework doesn't physically sell anything with the offending power button design on it, so fixing the problem is theoretically as simple as uploading a replacement set of CAD files to GitHub. So, rather than fighting Lenovo, Framework is holding a competition for its users to submit new designs for its power button. Entries are open until August 25th, and the winner gets a free i5-1135G7 Mainboard.Read more of this story at Slashdot.

Scammers are using invoices sent through PayPal.com to trick recipients into calling a number to dispute a pending charge. Krebs on Security reports: The missives -- which come from Paypal.com and include a link at Paypal.com that displays an invoice for the supposed transaction -- state that the user's account is about to be charged hundreds of dollars. Recipients who call the supplied toll-free number to contest the transaction are soon asked to download software that lets the scammers assume remote control over their computer. While the phishing message attached to the invoice is somewhat awkwardly worded, there are many convincing aspects of this hybrid scam. For starters, all of the links in the email lead to paypal.com. Hovering over the "View and Pay Invoice" button shows the button indeed wants to load a link at paypal.com, and clicking that link indeed brings up an active invoice at paypal.com. Also, the email headers in the phishing message (PDF) show that it passed all email validation checks as being sent by PayPal, and that it was sent through an Internet address assigned to PayPal. Both the email and the invoice state that "there is evidence that your PayPal account has been accessed unlawfully."Read more of this story at Slashdot.

An anonymous reader quotes a report from TechCrunch: A new company from the creators of the Godot game engine is setting out to grab a piece of the $200 billion global video game market -- and to do so, it's taking a cue from commercial open source software giant Red Hat. Godot, for the uninitiated, is a cross-platform game engine first released under an open source license back in 2014, though its initial development pre-dates that by several years. Today, Godot claims some 1,500 contributors, and is considered one of the world's top open source projects by various metrics. Godot has been used in high-profile games such as the Sonic Colors: Ultimate remaster, published by Sega last year as the first major mainstream game powered by Godot. But Tesla, too, has apparently used Godot to power some of the more graphically intensive animations in its mobile app. Among Godot's founding creators is Juan Linietsky, who has served as head of development for the Godot project for the past 13 years, and who will now serve as CEO of W4 Games, a new venture that's setting out to take Godot to the next level. W4 quietly exited stealth last week, but today the Ireland-headquartered company has divulged more details about its goals to grow Godot and make it accessible for a wider array of commercial use cases. On top of that, the company told TechCrunch that it has raised $8.5 million in seed funding to make its mission a reality, with backers including OSS Capital, Lux Capital, Sisu Game Ventures and -- somewhat notably -- Bob Young, the co-founder and former CEO of Red Hat, an enterprise-focused open source company that IBM went on to acquire for $34 billion in 2019. [...] "Companies like Red Hat have proven that with the right commercial offerings on top, the appeal of using open source in enterprise environments is enormous," Linietsky said. "W4 intends to do this very same thing for the game industry." In truth, Godot is nowhere near having the kind of impact in gaming that Linux has had in the enterprise, but it's still early days -- and this is exactly where W4 could make a difference. [...] W4's core target market will be broad -- it's gunning for independent developers and small studios, as well as medium and large gaming companies. The problem that it's looking to solve, ultimately, is that while Godot is popular with hobbyists and indie developers, companies are hesitant to use the engine on commercial projects due to its inherent limitations -- currently, there is no easy way to garner technical support, discuss the product's development roadmap, or access any other kind of value-added service. [...] "W4 will offer console ports to developers under very accessible terms," Linietsky said. "Independent developers won't need to pay upfront to publish, while for larger companies there will be commercial packages that include support." Elsewhere, W4 is developing a range of products and services which it's currently keeping under wraps, with Linietsky noting that they will most likely be announced at Game Developers Conference (GDC) in San Francisco next March. "The aim of W4 is to help developers overcome any problem developers may stumble upon while trying to use Godot commercially," Linietsky added. It's worth noting that there are a handful of commercial companies out there already, such as Lone Wolf Technology and Pineapple Works, that help developers get the most out of Godot -- including console porting. But Linietsky was keen to highlight one core difference between W4 and these incumbents: its expertise. "The main distinctive feature of W4 is that it has been created by the Godot project leadership, which are the individuals with the most understanding and insight about Godot and its community," he said.Read more of this story at Slashdot.

The Biden administration will attempt to roll back China's chipmaking abilities by blocking tools that make a widely used type of transistor other chipmakers have employed for years. From a report: The Biden administration has for several months been working to tighten its grip on U.S. exports of technology that China needs to make advanced chips, with the goals of both hurting China's current manufacturing ability and also blocking its future access to next-generation capabilities. According to two people familiar with the administrations plans, President Joe Biden's approach is based around choking off access to the tools, software and support mechanisms necessary to manufacture a specific type of technology that is one of the fundamental building blocks of modern microchips: the transistor. To achieve its objectives, the administration has elected to work to block China's access to transistors that use a specific design called FinFET. The plans include blocking domestic exports of tools that are capable of printing chips with FinFET transistors, while also preventing the tool makers -- such as Applied Materials, Lam Research and KLA -- from servicing or supporting equipment they have already sold to various Chinese companies, according to the sources. Big chip manufacturers achieved high-volume production of the transistor technology targeted by the Biden administration roughly eight years ago, but it is still widely used today to manufacture advanced chips designed for servers and iPhones alike. China's largest chipmaker, SMIC, disclosed in 2019 it recently began high-volume production of FinFET-based chips.Read more of this story at Slashdot.

John Carmack, a programmer who founded gaming firm id Software and served as chief technology officer of Oculus, has launched a new artificial general intelligence startup called Keen Technologies, and it has raised $20 million in a financing round co-led by former GitHub chief executive Nat Friedman and Cue founder Daniel Gross, Carmack said Friday. Stripe co-founder Patrick Collison, Shopify co-founder Tobi Lutke, storied venture fund Sequoia and microprocessor engineer Jim Keller also invested in the round, a name of which as well as the startup's valuation Carmack did not disclose. In a Twitter thread, Carmack adds: This is explicitly a focusing effort for me. I could write a $20M check myself, but knowing that other people's money is on the line engenders a greater sense of discipline and determination. I had talked about that as a possibility for a while, and I am glad Nat pushed me on it. I am continuing as a consultant with Meta on VR matters, devoting about 20% of my time there.Read more of this story at Slashdot.

Cisco Systems CEO Chuck Robbins told managers earlier this month that the networking hardware pioneer would increase its operating expenses $1 billion over the next 12 months, in part to raise employee pay to stem a rise in departures, The Information reported Friday, citing a person with direct knowledge of the situation. From a report: Robbins made the surprising comment after the company's revenue growth flatlined in the quarter that ended in July and following a 12-month period in which Cisco shrank its operating expenses as its free cash flow fell. The company didn't discuss Robbins' plan in its quarterly earnings report or conference call on Wednesday. Cisco's move may seem unusual, given the belt-tightening happening almost everywhere else in the tech sector. Most major technology companies, including Google, Meta Platforms and Oracle, are freezing hiring, laying off employees or cutting contractors and extraneous projects as their growth slows. At the same time, these companies face enormous pressure to retain employees in a tight labor market after some workers have expressed concerns about their pay amid rising inflation. Earlier in the year, before macroeconomic conditions deteriorated further, managers' concerns about employee turnover prompted Microsoft and Amazon to announce broad pay increases.Read more of this story at Slashdot.

Australia's government said on Friday it plans to introduce new regulations targeting vehicle carbon emissions to boost the uptake of electric cars, as it looks to catch up with other developed economies. From a report: Just 2% of cars sold in Australia are electric compared with 15% in Britain and 17% in Europe, and the country risked becoming a dumping ground for vehicles that can't be sold elsewhere, Climate Change and Energy Minister Chris Bowen said. Apart from Russia, Australia is the only OECD country to either not have or be developing fuel efficiency standards, which encourage manufacturers to supply more electric and no-emission vehicles, he said. "To me, this is ultimately about choice. And policy settings are denying Australians real choice of good, affordable, no emissions cars," Bowen told an electric vehicle summit in Canberra. The government will release a discussion paper for consultation in September, with a focus on increasing EV uptake, improving affordability, and looking at options for fuel efficiency standards.Read more of this story at Slashdot.

Young adults in the UK are spending more time scrolling on social media site TikTok than watching broadcast television, according to an Ofcom report on Wednesday that highlights the growing generational divide in media habits. From a report: In its annual survey of consumption trends, the media regulator found that those aged 16 to 24 spent an average of 53 minutes a day viewing traditional broadcast TV, just a third of the level a decade ago. By contrast, people over the age of 65 spent seven times as long in front of channels such as BBC One or ITV, viewing almost six hours' worth of broadcast TV a day -- a figure that has risen since 2011. The faster take-up of streaming services and social media among young people poses an ever greater challenge to broadcasters as they try to cope with an economic slowdown, satisfy their most loyal older viewers and invest to keep pace with fast-changing consumption habits.Read more of this story at Slashdot.

An anonymous reader shares a report: 'Beware in-app browsers' is a good rule of thumb for any privacy conscious mobile app user -- given the potential for an app to leverage its hold on user attention to snoop on what you're looking at via browser software it also controls. But eyebrows are being raised over the behavior of TikTok's in-app browser after independent privacy research by developer Felix Krause found the social network's iOS app injecting code that could enable it to monitor all keyboard inputs and taps. Aka, keylogging. "TikTok iOS subscribes to every keystroke (text inputs) happening on third party websites rendered inside the TikTok app. This can include passwords, credit card information and other sensitive user data," warns Krause in a blog post detailing the findings. "We can't know what TikTok uses the subscription for, but from a technical perspective, this is the equivalent of installing a keylogger on third party websites." [emphasis his] After publishing a report last week -- focused on the potential for Meta's Facebook and Instagram iOS apps to track users of their in-app browsers -- Krause followed up by launching a tool, called InAppBrowser.com, that lets mobile app users get details of code that's being injected by in-app browsers by listing JavaScript commands executed by the app as it renders the page. (NB: He warns the tool does not necessarily list all JavaScript commands executed nor can it pick up tracking an app might be doing using native code -- so at best it's offering a glimpse of potentially sketchy activities.)Read more of this story at Slashdot.

The U.S. Federal Deposit Insurance Corp. (FDIC) published five cease-and-desist orders Friday, including one to crypto exchange FTX US, alleging they mislead investors by suggesting their accounts are insured through the government agency. From a report: The Cryptonews.com, Cryptosec.com, SmartAsset.com and FDICCrypto.com websites were also directed to cease these alleged misrepresentations. The FDIC said these "companies made false representations" that suggested their products might be insured by the agency. The FDIC covers federally regulated bank accounts, up to $250,000 per account. The FDIC previously ordered now-bankrupt Voyager Digital to cease making claims that implied its customers' funds might have been insured by the FDIC. It later issued a broader warning to the crypto industry at large, saying FDIC protections extend to banks but not to crypto companies that have bank accounts. Friday's letters said several other websites were making specific inaccurate claims about which crypto companies had FDIC insurance. "The Federal Deposit Insurance Act (FDI Act) prohibits any person from representing or implying that an uninsured product is FDIC-insured or from knowingly misrepresenting the extent and manner of deposit insurance. The FDI Act further prohibits companies from implying that their products are FDIC-insured by using 'FDIC' in the company's name, advertisements or other documents," the agency said. "The FDIC is authorized by the FDI Act to enforce this prohibition against any person."Read more of this story at Slashdot.

An infection caused by a brain-eating amoeba most likely killed a child who swam in a Nebraska river over the weekend, health officials said Thursday. It would be the first such death in the state's history and the second in the Midwest this summer. From a report: The child, whose name was not released by officials, most likely contracted the infection, known as primary amebic meningoencephalitis, while swimming with family in a shallow part of the Elkhorn River in eastern Nebraska on Sunday, according to the Douglas County Health Department. At a news conference on Thursday, health officials said the typically fatal infection is caused by Naegleria fowleri, also known as brain-eating amoeba, and most likely led to the child's death. Last month, a person in Missouri died because of the same amoeba infection, according to the Missouri Department of Health and Senior Services. The person had been swimming at the beach at Lake of Three Fires State Park in Iowa. Out of precaution, the Iowa Department of Public Health closed the lake's beach for about three weeks. The brain-eating amoebas, which are single-cell organisms, usually thrive in warm freshwater lakes, rivers, canals and ponds, though they can also be present in soil. They enter the body through the nose and then move into the brain. People usually become infected while swimming in lakes and rivers, according to the Centers for Disease Control and Prevention. Infections from brain-eating amoeba are extremely rare: From 2012 to 2021, only 31 cases were reported in the U.S., according to the C.D.C.Read more of this story at Slashdot.

Apple: Shazam turns 20 today, and as of this week, it has officially surpassed 70 billion song recognitions. A mainstay in popular culture, the platform has changed the way people engage with music by making song identification accessible to everyone. For more than 225 million global monthly users, to "Shazam" is to discover something new. [...] With its continued commitment to innovation over the past two decades, Shazam is pioneering new ways to bring fans closer to the music and artists they love with new tools like the concert discovery feature, which spotlights concert information and tickets on sale for shows nearby, simply by Shazaming a song, or by searching for it in the Shazam app or website.Read more of this story at Slashdot.

After revealing just 23 named titles back in July, Friday morning Sega announced the full lineup of 60 games that will be included on the limited supply of US Sega Genesis Mini 2 units starting on October 27. From a report: Beyond the usual retro suspects, though, that list includes a couple of games that have never been released in any form, as well as several fresh arcade ports and Genesis titles sporting brand-new features for their plug-and-play re-release. Those unreleased retro games include Devi & Pii, a title designed by Sonic 3 developer Takashi Iizuka. The "paddle-style game" looks like something of a cross between Arkanoid and Twinkle Star Sprites, with one or two players shifting back and forth to juggle angels and avoid bouncing devils. The Genesis Mini 2 will also see the worldwide premier of Star Mobile, a game completed in 1992 by little-known journeyman developer Mindware but never actually released. The puzzle-heavy gameplay involves stacking stars on a carefully balanced mobile in a way that reminds us of the tabletop game Topple. Besides those two never-before-seen titles, the Genesis Mini 2 features a few Sega arcade games that are being "ported" to Genesis-level hardware for the first time. These include: Fantasy Zone: The cute-and-cuddly side-scrolling shooter gets ported to the Genesis by the same team that ported Darius on the first Genesis Mini, with a brand-new Easy Mode that wasn't in the arcades.Space Harrier and Space Harrier II: While the sequel was already technically native to the Genesis, these new ports use "modern technology" to provide a much smoother sprite scaling function than was previously possible on 16-bit hardware (it's unclear if these new ROMs could run on a standard Genesis).Spatter: A little-known 1984 maze game featuring a clown on a bouncing tricycle.Super Locomotive: A 1982 train game focused on switching tracks to avoid collisions.VS Puyo Puyo Sun: A competitive two-player-exclusive "demake" of the third game in the popular color-matching puzzle series, with "new rules not found in the original version."Read more of this story at Slashdot.

Google has been challenged by an algorithm that could solve a problem faster than its Sycamore quantum computer, which it used in 2019 to claim the first example of "quantum supremacy" -- the point at which a quantum computer can complete a task that would be impossible for ordinary computers. Google concedes that its 2019 record won't stand, but says that quantum computers will win out in the end. From a report: Sycamore achieved quantum supremacy in a task that involves verifying that a sample of numbers output by a quantum circuit have a truly random distribution, which it was able to complete in 3 minutes and 20 seconds. The Google team said that even the world's most powerful supercomputer at the time, IBM's Summit, would take 10,000 years to achieve the same result. Now, Pan Zhang at the Chinese Academy of Sciences in Beijing and his colleagues have created an improved algorithm for a non-quantum computer that can solve the random sampling problem much faster, challenging Google's claim that a quantum computer is the only practical way to do it. The researchers found that they could skip some of the calculations without affecting the final output, which dramatically reduces the computational requirements compared with the previous best algorithms. The researchers ran their algorithm on a cluster of 512 GPUs, completing the task in around 15 hours. While this is significantly longer than Sycamore, they say it shows that a classical computer approach remains practical.Read more of this story at Slashdot.

Ukraine warned Russia might be planning an imminent attack at the Zaporizhzhia nuclear power plant Friday that it would seek to blame on Kyiv. From a report: Amid mounting fears of a disaster and with both sides alleging the other is planning "provocations," Ukraine's national energy company said that many staff members had been ordered to stay home and that Moscow wants to disconnect the plant from the power grid. The Russian-occupied plant is the largest in Europe, with the two countries trading blame over who is responsible for attacks on the site in recent weeks. Concerns for the safety of the nuclear reactor have sparked growing international alarm and calls for a demilitarized zone around the site, which Russia has rejected. Energoatom, the Ukrainian energy company, said early Friday that Russia is planning to switch off the power blocks at the Zaporizhzhia plant and disconnect them from Ukraine's power grid, which would deny the country a major energy source. It also said that the majority of staff members at the plant had been ordered to stay home, with only those who operate the power units allowed in.Read more of this story at Slashdot.

Automated transcription service Otter is making some big changes to its offerings for both free and paying customers. Mostly, the company is downgrading its features -- reducing the number of audio imports users can make; the length of audio they can transcribe each month, and so on -- though it is giving free users access to some new tools. From a report: One of the biggest changes, though, is that free users will no longer be able to access their full back catalogue of recordings. Instead, they'll only have access to the most recent 25. The rest will be "archived" -- that is, they'll still exist on Otter's servers, but users will have to either delete other conversations to access them, or pay to upgrade to Otter's "pro" plan. This and other changes to the service will kick in on September 27th, so any free users with more than 25 recordings may want to download their back catalogue before then. After September 27th, free users will still be able to access these recordings (by downloading then deleting audio files one at a time) but it'll be more of a hassle.Read more of this story at Slashdot.

One of the University of Michigan Library's most prized possessions, which appeared to be a Galileo manuscript, is now thought to be the work of a 20th-century forger. From a report: Galileo Galilei was peering through a new telescope in 1610 when he noticed something strange: several bright objects flickering around the planet Jupiter that seemed to change positions nightly. His discovery, of moons orbiting Jupiter, was a major crack in the notion, widely held since antiquity, that everything in the universe revolved around the Earth. The finding, which was condemned by the Catholic Church, helped prove the theory of a sun-centered solar system. For decades the University of Michigan Library has prized a manuscript related to the discovery, describing it as "one of the great treasures" in its collection. At the top is the draft of a letter signed by Galileo describing the new telescope, and on the bottom are sketches plotting the positions of the moons around Jupiter -- "the first observational data that showed objects orbiting a body other than the earth," the library described it. At least it would be if it were authentic. After Nick Wilding, a historian at Georgia State University, uncovered evidence suggesting the manuscript was a fake, the library investigated and determined that he was right: The university said Wednesday it had concluded that its treasured manuscript "is in fact a 20th-century forgery." "It was pretty gut-wrenching when we first learned our Galileo was not actually a Galileo," Donna L. Hayward, the interim dean of the university's libraries, said in an interview. But since the purpose of any library is to expand knowledge, she said, the university had decided to be forthright about its findings and publicly announce the forgery. "To sweep it under the rug is counter to what we stand for."Read more of this story at Slashdot.

Taiwan said on Friday it has not been informed about a so-called 'Chip 4' meeting that would include it, the United States, South Korea and Japan but added the island has always cooperated closely with the United States on supply chains. From a report: South Korean Foreign Minister Park Jin this week said Seoul expects to attend a preliminary meeting of the four chip manufacturing nations, describing the gathering as U.S.-led. He did not elaborate on what would be discussed. A meeting would come amid a global chip crunch that began two years ago with the onset of the pandemic and on the heels of a new U.S. law this month called the CHIPS Act that includes $52 billion in subsidies for companies that make chips or conduct chip research in the United States. The Biden administration has also sought deeper cooperation with Japan and South Korea to become more competitive with China's science and technology efforts.Read more of this story at Slashdot.

An anonymous reader quotes a report from The Economist: America is home to the heftiest interchange fees of any major economy -- costs are an order of magnitude greater than in Europe and China. That largely benefits two firms: Visa and Mastercard, which facilitate more than three-quarters of the country's credit-card transactions. Doing so has made them two of the most profitable companies in the world, with net margins last year of 51% and 46% respectively. Rank every firm (excluding real-estate-investment trusts) in the s&p 500 index by their average net-profit margins last year, five years ago and a decade ago, and only four appear in the top 20 every time. Two are financial-information firms, Intercontinental Exchange and the cme Group. The others are Mastercard and Visa. At first glance their position appears insurmountable. Already dominant, in recent years the firms have been boosted by a covid-induced rise in online shopping. American consumers used credit or debit cards for 45% of their transactions in 2016; by 2021, that had reached 57%. The migration from cash is "a significant and long-running tailwind," says Craig Vosburg of Mastercard. Yet two threats loom. The first comes from Washington, where legislators hope to smash the duo's grip on payments. The second is virtual. Payments have been transformed in Brazil, China and Indonesia by cheap, convenient app-based options from tech giants like Mercado Pago, Ant Group, Tencent and Grab. After a long wait, new entrants now look like they could shake up America's market. [...] On July 28th Richard Durbin, the same Democratic senator who regulated debit interchange a decade ago, introduced the Credit Card Competition Act (ccc). It does not propose a cap on interchange, as the debit rule does, since costs for credit cards are more variable than for debit cards, making it harder to find the right level. Instead, the ccc would attempt to spur competition by breaking the links between card networks and banks. At present, when a bank issues a credit card every transaction on it is processed by the card network the bank stipulates, meaning the bank is guaranteed the interchange fee the network sets. If the ccc becomes law it will force banks to offer merchants the choice of at least two different card networks. Crucially, these choices could not be the two biggest -- at least one smaller network would have to be offered. They could compete for business by offering lower interchange rates, and merchants would presumably jump at the offer. Two factors help the bill's chances. It is sponsored by Mr Durbin, the second-most senior Democrat in the Senate, and it is bipartisan, co-sponsored by Roger Marshall, a Republican from Kansas. The ccc's best chance is probably as an amendment to another bigger piece of legislation, which is how debit-card regulation passed in 2010. Even if the effort fails, or fails to work as intended, a potentially bigger threat to the giants looms. So far new entrants to the payments market have benefited Visa and Mastercard, by making it easier for consumers to use their cards online. But as the new fintechs have gained clout, their decisions about the sorts of payments they offer could influence how much money travels along the card networks. Stripe, a large payments-infrastructure firm, says it is working to provide merchants with payment methods that will lower their costs. Current options include a box for customers to enter card details, but also Klarna, a "buy-now-pay-later" provider through which customers can pay for purchases using bank transfers, thus avoiding the card networks. It could soon include things like FedNow, a real-time bank-transfer system being built by the Fed, which is due to be launched next year. In time, it could even include central-bank digital currencies or cryptocurrencies. Competitors might make little headway if the perks for sticking with credit cards are sufficiently juicy. But merchants can offer their own incentives. When your correspondent recently went to purchase a pair of linen trousers from Everlane, an online retailer, she was encouraged to pay using Catch, a fintech app. The app linked to her bank account via another payment startup called Plaid. As a thank you for avoiding the card networks, Everlane offered a shop credit worth 5% of the transaction value. Catch has signed up a handful of fashionable, millennial brands including Pacsun, another clothing retailer, and Farmacy, a skincare firm. For evidence that this poses a threat, look no further than Visa's attempted purchase of Plaid. In 2020 the firm tried to buy the upstart for $5.3bn, only for the deal to be scuppered by antitrust regulators on the grounds that the transaction would have allowed Visa to eliminate a competitive threat. Ultimately, Visa gave up, but the attempt was nonetheless telling. The house of cards carefully constructed by the two payment giants is formidable and long-standing. But it is not indestructible.Read more of this story at Slashdot.

Klaxton shares a report from Electrek: Last year, Tesla launched a VPP pilot program in California, where Powerwall owners would join in voluntarily without compensation to let the VPP pull power from their battery packs when the grid needed it. Following the pilot program, Tesla and PG&E, the electric utility covering Northern California, launched the first official virtual power plant through the Tesla app in June. This new version of the Tesla Virtual Power Plant actually compensates Powerwall owners $2 per kWh that they contribute to the grid during emergency load reduction events. Homeowners are expected to get between $10 and $60 per event. Earlier this week, Tesla's California VPP expanded to Southern California Edison (SCE) to now cover most of the state. Just days later, the Tesla VPP had its first emergency response event. Tesla reached out to Powerwall owners who opted in the program through its app yesterday to warn them of the event and give them the option to opt-out if they needed all the power from their Powerwalls today. It looks like 2,342 Powerwall owners participated in the event on the PG&E network and 268 homes on the SCE grid. For PG&E, Tesla's VPP was outputting as much as 16 MW of power at one point during the event -- acting as a small distributed power plant.Read more of this story at Slashdot.

Europe is seriously considering developing space-based solar power to increase its energy independence and reduce greenhouse gas emissions, the leader of the European Space Agency said this week. Ars Technica reports: "It will be up to Europe, ESA and its Member States to push the envelope of technology to solve one of the most pressing problems for people on Earth of this generation," said Josef Aschbacher, director general of the space agency, an intergovernmental organization of 22 member states. Previously the space agency commissioned studies from consulting groups based in the United Kingdom and Germany to assess the costs and benefits of developing space-based solar power. ESA published those studies this week in order to provide technical and programmatic information to policymakers in Europe. Aschbacher has been working to build support within Europe for solar energy from space as a key to energy de-carbonization and will present his Solaris Program to the ESA Council in November. This council sets priorities and funding for ESA. Under Aschbacher's plans, development of the solar power system would begin in 2025. In concept, space-based solar power is fairly straightforward. Satellites orbiting well above Earth's atmosphere collect solar energy and convert it into current; this energy is then beamed back to Earth via microwaves, where they are captured by photovoltaic cells or antennas and converted into electricity for residential or industrial use. The primary benefits of gathering solar power from space, rather than on the ground, is that there is no night or clouds to interfere with collection; and the solar incidence is much higher than at the northern latitudes of the European continent. The two consulting reports discuss development of the technologies and funding needed to start to bring a space-based power system online. Europe presently consumes about 3,000 TWh of electricity on an annual basis, and the reports describe massive facilities in geostationary orbit that could meet about one-quarter to one-third of that demand. Development and deployment of these systems would cost hundreds of billions of euros. Why so much? Because facilitating space-based solar power would require a constellation of dozens of huge, sunlight-gathering satellites located 36,000 km from Earth. Each of these satellites would have a mass 10 times larger, or more, than that of the International Space Station, which is 450 metric tons and required more than a decade to assemble in low Earth orbit. Launching the components of these satellites would ultimately require hundreds or, more likely, thousands of launches by heavy lift rockets. "Using projected near-term space lift capability, such as SpaceX's Starship, and current launch constraints, delivering one satellite into orbit would take between 4 and 6 years," a report by British firm Frazer-Nash states. "Providing the number of satellites to satisfy the maximum contribution that SBSP could make to the energy mix in 2050 would require a 200-fold increase over current space-lift capacity." Critics of the concept include Elon Musk and physicist Casey Handmer, among others, which take issue with the poor photon to electron to photon conversion efficiency and prohibitively expensive transmission losses, thermal losses, and logistics costs.Read more of this story at Slashdot.

An anonymous reader quotes a report from the New York Times: A team of scientists has found a cheap, effective way to destroy so-called forever chemicals, a group of compounds that pose a global threat to human health. The chemicals -- known as PFAS, or per- and polyfluoroalkyl substances -- are found in a spectrum of products and contaminate water and soil around the world. Left on their own, they are remarkably durable, remaining dangerous for generations. Scientists have been searching for ways to destroy them for years. In a study, published Thursday in the journal Science, a team of researchers rendered PFAS molecules harmless by mixing them with two inexpensive compounds at a low boil. In a matter of hours, the PFAS molecules fell apart. The new technique might provide a way to destroy PFAS chemicals once they've been pulled out of contaminated water or soil. But William Dichtel, a chemist at Northwestern University and a co-author of the study, said that a lot of effort lay ahead to make it work outside the confines of a lab. "Then we'd be in a real position to talk practicality," he said. At the end of a PFAS molecule's carbon-fluorine chain, it is capped by a cluster of other atoms. Many types of PFAS molecules have heads made of a carbon atom connected to a pair of oxygen atoms, for example. Dr. Dichtel came across a study in which chemists at the University of Alberta found an easy way to pry carbon-oxygen heads off other chains. He suggested to his graduate student, Brittany Trang, that she give it a try on PFAS molecules. Dr. Trang was skeptical. She had tried to pry off carbon-oxygen heads from PFAS molecules for months without any luck. According to the Alberta recipe, all she'd need to do was mix PFAS with a common solvent called dimethyl sulfoxide, or DMSO, and bring it to a boil. "I didn't want to try it initially because I thought it was too simple," Dr. Trang said. "If this happens, people would have known this already." An older grad student advised her to give it a shot. To her surprise, the carbon-oxygen head fell off. It appears that DMSO makes the head fragile by altering the electric field around the PFAS molecule, and without the head, the bonds between the carbon atoms and the fluorine atoms become weak as well. "This oddly simple method worked," said Dr. Trang, who finished her Ph.D. last month and is now a journalist. Unfortunately, Dr. Trang discovered how well DMSO worked in March 2020 and was promptly shut out of the lab by the pandemic. She spent the next two and a half months dreaming of other ingredients which she could add to the DMSO soup to hasten the destruction of PFAS chemicals. On Dr. Trang's return, she started testing a number of chemicals until she found one that worked. It was sodium hydroxide, the chemical in lye. When she heated the mixture to temperatures between about 175 degrees to 250 degrees Fahrenheit, most of the PFAS molecules broke down in a matter of hours. Within days, the remaining fluorine-bearing byproducts broke down into harmless molecules as well. Dr. Trang and Dr. Dichtel teamed up with other chemists at U.C.L.A. and in China to figure out what was happening. The sodium hydroxide hastens the destruction of the PFAS molecules by eagerly bonding with the fragments as they fall apart. The fluorine atoms lose their link to the carbon atoms, becoming harmless. [...] Dr. Dichtel and his colleagues are now investigating how to scale up their method to handle large amounts of PFAS chemicals. They're also looking at other types of PFAS molecules with different heads to see if they can pry those off as well.Read more of this story at Slashdot.

After just four months, Snapchat is sunsetting future development on its easy-to-use "Pixy" drone, "seemingly in part of a broader effort to cut costs after the company's second-quarter earnings," reports Input Mag. The Wall Street Journal was first to break the news. From the report: Snap isn't alone in suffering under the current economic downturn -- or the long-term effect Apple's App Tracking Transparency has had on the mobile advertising business -- but its struggles with hardware are somewhat unique. Whether it's the Spectacles camera glasses or now the Pixy, Snap's experimental hardware hasn't really caught on in the same way other new hardware has. [Snap CEO Evan Spiegel] was the first to tease possible future Pixys (Pixies?) in an interview with The Verge, noting that Snap even underestimated how many people would want to buy the first version. "Maybe we would make more with version two if people love the original product," Spiegel explained. After the relative failure of the Spectacles from a sales perspective, the Pixy seemed like a corrective product people would be more interested in. "After a couple versions of camera glasses, it just becomes very clear that the market for camera glasses is actually very small and constrained to people who want that first person POV," Spiegel told The Verge. "I think the market for Pixy is bigger." Snap software continuing to succeed while its hardware struggles puts the company in an odd position. Learning through making hardware, and ideally selling that hardware for a profit, is a big part of its push for an augmented reality future. But if no one's buying it, or it's too expensive to develop in the first place, that's kind of a problem. Snap thinks of itself as a camera company. That might have seemed premature when it was only developing an app, but it's since backed that up with experimental toys, and plenty of exciting acquisitions. It's ironic then, that it maybe got it right the first time. If Google's proved anything with its Pixel phones, it's that the most important camera you own is the software that processes your photos, not the physical hardware itself. For the immediate future, software is working for Snap, and it seems like that's what it's going to be selling.Read more of this story at Slashdot.

"Dodge has given its electric Charger Daytona SRT Concept a set of fake exhausts and one of the loudest artificial V8 noises we've ever heard," writes Harry Waring via CarThrottle. From the report: The car features some interestingly named components that make it stand out from the rest of the EV crowd, such as the "Rupt" simulated multispeed transmission and a "Fratzonic" chambered 'exhaust' which emits a 125 dB "Dark Matter" noise (yes, we're serious). According to Dodge, the battery-powered machine is supposedly as loud as a Hellcat with its supercharged Hemi V8. The unusual names continue with the 800V "Banshee" propulsion system, which delivers power to the car's 21-inch wheels. We're yet to hear about official performance figures, but stopping power will be provided by six-piston brake callipers. The 'Fratzog' logo sits on the car's front and rear ends, previously used on vehicles produced by Dodge between 1962 and 1976, now representing the brand's electrified future. You can watch (and hear) it in action here.Read more of this story at Slashdot.

e-HallPass, a digital system that students have to use to request to leave their classroom and which takes note of how long they've been away, including to visit the bathroom, has spread into at least a thousand schools around the United States. Motherboard reports: On Monday, a since deleted tweet went viral in which someone claimed that their school was preparing to introduce e-HallPass, and described it as "the program where we track how long, at what time, and how often each child goes to the restroom and store that information on third party servers run by a private for-profit company." Motherboard then identified multiple schools across the U.S. that appear to use the technology by searching the web for instruction manuals, announcements, and similar documents from schools that mentioned the technology. Those results included K-12 schools such as Franklin Regional Middle School, Fargo Public Schools, River City High School, Loyalsock Township School District, and Cabarrus County Schools. Also schools Motherboard found that appear to use e-HallPass include Mehlville High School, Eagle County School District, Hopatcong Borough Schools, and Pope Francis Preparatory School. These schools are spread across the country, with some in California, New York, Virginia, and North Carolina. Eduspire, the company that makes e-HallPass, told trade publication EdSurge in March that 1,000 schools use the system. Brian Tvenstrup, president of Eduspire, told the outlet that the company's biggest obstacle to selling the product "is when a school isn't culturally ready to make these kinds of changes yet." The system itself works as a piece of software installed on a computer or mobile device. Students request a pass through the software and the teacher then approves it. The tool promises "hall omniscience" with the ability to "always know who has a pass and who doesn't (without asking the student!)," according to the product's website. Admins can then access data collected through the software, and view a live dashboard showing details on all passes. e-HallPass can also stop meet-ups of certain students and limit the amount of passes going to certain locations, the website adds, explicitly mentioning "vandalism and TikTok challenges." Many of the schools Motherboard identified appear to use e-HallPass specifically on Chromebooks, according to student user guides and similar documents hosted on the schools' websites, though it also advertises that it can be used to track students on their personal cell phones.Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: [Swedish car publication Vi Bilagare] tested 11 new cars alongside a 2005 Volvo C70, timing how long it took to perform a list of tasks in each car. These included turning on the seat heater, increasing the cabin temperature, turning on the defroster, adjusting the radio, resetting the trip computer, turning off the screen, and dimming the instruments. The old Volvo was the clear winner. "The four tasks is handled within ten seconds flat, during which the car is driven 306 meters at 110 km/h [1,004 feet at 68 mph]," VB found. Most of the other cars required twice as long, or more, to complete the same tasks. VB says that "one important aspect of this test is that the drivers had time to get to know the cars and their infotainment systems before the test started." VB lays the blame for the shift from buttons to screens with designers who "want a 'clean' interior with minimal switchgear." Even with touchscreens, though, we can see in the spread of scores VB gave to different all-touch cars that design matters. You'll find almost no buttons in a Tesla Model 3, and we called out the lack of buttons in the Subaru Outback in our review, but both performed quite well in VB's tests. And VW's use of capacitive touch (versus physical) for the controls on the center stack appears to be exactly the wrong decision in terms of usability, with the ID.3 right at the bottom of the pack in VB's scores. I'm not surprised that the BMW iX scored well; although it has a touchscreen, you're not obligated to use it. BMW's rotary iDrive controller falls naturally to hand, and there are permanent controls arrayed around it under a sliver of wood that both looks and feels interesting. It's an early implementation of what the company calls shy tech, and it's a design trend I am very much looking forward to seeing evolve in the future.Read more of this story at Slashdot.

Google announced today that it's rolling out new Search updates over the next few weeks that will aim to make it easier for people to find high-quality content. TechCrunch reports: The new ranking improvements will work to reduce the amount of low-quality or unoriginal content that ranks high in search results. Google says that the update will especially target content that has been created primarily for ranking on search engines, known as "SEO-first" content, rather than human-first content. The company's tests have shown that the update will improve the results users find when searching for content like online educational materials, as well as arts and entertainment, shopping and tech-related content. The new updates should help reduce the number of low-quality results from websites that have learned to game the system with content that is optimized to rank high in search results. Google says users should start to see content that is actually useful rank more prominently in search results. The company plans to refine its systems and build on these improvements over time. "If you search for information about a new movie, you might have previously encountered articles that aggregated reviews from other sites without adding perspectives beyond what's available elsewhere on the web," the company explained in a blog post. "This isn't very helpful if you're expecting to read something new. With this update, you'll see more results with unique information, so you're more likely to read something you haven't seen before."Read more of this story at Slashdot.

Apple is in talks to make Apple Watches and MacBooks in Vietnam for the first time, marking a further win for the Southeast Asian country as the U.S. tech giant looks to diversify production away from China. Nikkei Asia reports: Vietnam is already Apple's most important production hub outside of China, producing a wide range of flagship products for the American company, including iPad tablets and AirPods earphones. The Apple Watch is even more sophisticated, according to industry experts, who say that squeezing so many components into such a small case requires a high degree of technological skill. Producing the device would be a win for Vietnam as the country attempts to further upgrade its tech manufacturing sector. Apple has also continued to shift iPad production to Vietnam after COVID-related lockdowns in Shanghai caused massive supply chain disruptions. BYD of China was the first to assist with this shift, though sources told Nikkei Asia that Foxconn, too, is now helping build more iPads in the Southeast Asian nation. Apple is also in talks with suppliers to build test production lines for its HomePod smart speakers in Vietnam, the people said. On the MacBook front, Apple has asked suppliers to set up a test production line in Vietnam, two sources said. However, progress in moving mass production to the country has been slow, partly due to pandemic-related disruptions but also because notebook computer production involves a larger supply chain, multiple sources said. That network is currently centered on China and very cost-competitive, they added. Further reading: Apple Targets September 7 for iPhone 14 Launch in Flurry of New DevicesRead more of this story at Slashdot.

Several readers have shared this report: In February, when the Def Con hacker conference released its annual transparency report, the public learned that one of the most prominent figures in the field of social engineering had been permanently banned from attending. For years, Chris Hadnagy had enjoyed a high-profile role as the leader of the conference's social engineering village. But Def Con's transparency report stated that there had been multiple reports of him violating the conference's code of conduct. In response, Def Con banned Hadnagy from the conference for life; in 2022, the social engineering village would be run by an entirely new team. Now, Hadnagy has filed a lawsuit against the conference alleging defamation and infringement of contractual relations. The lawsuit was filed in the United States District Court for the Eastern District of Pennsylvania on August 3rd and names Hadnagy as the plaintiff, with Def Con Communications and the conference founder, Jeff Moss, also known as "The Dark Tangent," as defendants. Moss was reportedly served papers in Las Vegas while coordinating the conference this year. There are few public details about the incidents that caused Hadnagy's ban, as is common in harassment cases. In the transparency report announcing the permanent ban, Def Con organizers were deliberately vague about the reported behavior. "After conversations with the reporting parties and Chris, we are confident the severity of the transgressions merits a ban from DEF CON," organizers wrote in their post-conference transparency report following the previous year's conference. Def Con's Code of Conduct is minimal, focusing almost entirely on a "no-harassment" policy. "Harassment includes deliberate intimidation and targeting individuals in a manner that makes them feel uncomfortable, unwelcome, or afraid," the text reads. "Participants asked to stop any harassing behavior are expected to comply immediately. We reserve the right to respond to harassment in the manner we deem appropriate."Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: It sounds like something out of an urban legend: Some Windows XP-era laptops using 5400 RPM spinning hard drives can allegedly be forced to crash when exposed to Janet Jackson's 1989 hit "Rhythm Nation." But Microsoft Software Engineer Raymond Chen stands by the story in a blog post published earlier this week, and the vulnerability has been issued an official CVE ID by The Mitre Corporation, lending it more credibility. According to Chen, CVE-2022-38392 was originally discovered by "a major computer manufacturer," and it can affect not just the laptop playing the song but adjacent laptops from other PC companies as well. The specific hard drive model at issue -- again from an unnamed manufacturer -- would crash because "Rhythm Nation" used some of the same "natural resonant frequencies" that the drives used, interfering with their operation. Anyone trying to independently recreate this problem will face several obstacles, including the age of the laptops involved and a total lack of specificity about the hard drives or computer models. The CVE entry mentions "a certain 5400 RPM OEM hard drive, as shipped with laptop PCs in approximately 2005" and links back to Chen's post as a primary source. And while some Windows XP-era laptop hard drives may still be kicking out there somewhere, after almost two decades, it's more likely that most of them have died of natural causes. The PC manufacturer was able to partially resolve the issue "by adding a custom filter in the audio pipeline that detected and removed the offending frequencies during audio playbanck," says Chen. However, these HDDs would still crash if they were exposed to another device that was playing the song.Read more of this story at Slashdot.

It turns out that JavaScript had a hand in delivering the stunning images that the James Webb Space Telescope has been beaming back to Earth. From a report: I mean that the actual telescope, arguably one of humanity's finest scientific achievements, is largely controlled by JavaScript files. Oh, and it's based on a software development kit from 2002. According to a manuscript (PDF) for the JWST's Integrated Science Instrument Module (or ISIM), the software for the ISIM is controlled by "the Script Processor Task (SP), which runs scripts written in JavaScript upon receiving a command to do so." The actual code in charge of turning those JavaScripts (NASA's phrasing, not mine) into actions can run 10 of them at once. The manuscript and the paper (PDF) "JWST: Maximizing efficiency and minimizing ground systems," written by the Space Telescope Science Institute's Ilana Dashevsky and Vicki Balzano, describe this process in great detail, but I'll oversimplify a bit to save you the pages of reading. The JWST has a bunch of these pre-written scripts for doing specific tasks, and scientists on the ground can tell it to run those tasks. When they do, those JavaScripts will be interpreted by a program called the script processor, which will then reach out to the other applications and systems that it needs to based on what the script calls for. The JWST isn't running a web browser where JavaScript directly controls the Mid-Infrared Instrument -- it's more like when a manager is given a list of tasks (in this example, the JavaScripts) to do and delegates them out to their team.Read more of this story at Slashdot.