Slashdot

In an effort to settle accusations by regulators that the company engages in anti-competitive behavior, Amazon leaders have discussed abandoning its private-label "Amazon Basics" business altogether. This follows previously reported concessions including giving more visibility to listings from multiple sellers for a given product to prohibiting the company from using any non-public data from Amazon sellers to boost the company's own retail business. Recode reports: At least as recently as last year, several top Amazon executives, including its current worldwide retail CEO Doug Herrington and its general counsel David Zapolsky, expressed a willingness to make this different but significant change if it meant avoiding potentially harsh remedies resulting from government investigations in the US or abroad, according to a source with knowledge of the discussions. Amazon's private-label business includes homegrown brands like Amazon Basics, which sells everything from garbage bags to batteries to office chairs, as well as the clothing line Amazon Essentials. The business line also includes brands that don't carry the Amazon name, such as the paper-goods label Presto, the food brand Happy Belly, and the fashion line Goodthreads. Such a concession would not apply to the company's own gadget lines, including Kindle, Echo, and Fire TV devices. Amazon's use of private-label brands has come under fire from politicians and regulators not merely because they exist, but because of the data Amazon leverages to create them and the tactics it uses to favor them in search results on its shopping website and app. "There was a strong consensus that this could be a viable option if the company was ever pressed into a position where it had to negotiate a settlement," the source told Recode. This person requested anonymity because they were not authorized to disclose internal discussions. [...] The conversations at Amazon around abandoning its private labels occurred on and off for several years as scrutiny of the business line heightened, the source said, with executives expressing a desire to keep this potential remedy under wraps so that it could come across to regulators as a major concession. Leaders in favor of such a decision believed that Amazon had a right to sell private-label brands as many retailers do, but that the business was not strategically crucial enough to defend in the face of more severe potential remedies sought by antitrust enforcers. When a company like Amazon offers such a concession, it does so with the hope of closing down any current investigations. Amazon spokesperson Betsy Harden denies the report, saying the company continues "to invest in this area, just as our many retail competitors have done for decades and continue to do today."Read more of this story at Slashdot.

Chairwoman Jessica Rosenworcel has proposed raising the minimum definition of broadband to 100Mbps for downloads and 20Mbps for uploads. Engadget reports: The previous 25/3 benchmark is both outdated and hides just how many low-income and rural internet users are being "left behind and left offline," Rosenworcel said. The chair said multiple pieces of evidence supported the hike, including requirements for new network construction stemming from the Infrastructure Investment and Jobs Act. The FCC had already proposed upgrades to rural speeds through a special program, but this would affect the definition of broadband regardless of where users live in the country. Rosenworcel also wanted the minimum speed to evolve over time. She proposed setting a much higher standard of 1Gbps down and 500Mbps up for some point in the future. The leader further suggested more criteria for determining the "reasonable and timely" rollout of broadband, including adoption rates, affordability, availability and equitable access.Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: Google's developer deadline for the Play Store's new "Data Safety" section is next week (July 20), and we're starting to see what the future of Google Play privacy will look like. The actual Data Safety section started rolling out in April, but now that the developer deadline is approaching... Google is turning off the separate "app permissions" section? That doesn't sound like a great move for privacy at all. The Play Store's new Data Safety section is Google's answer to a similar feature in iOS 14, which displays a list of developer-provided privacy considerations, like what data an app collects, how that data is stored, and who the data is shared with. At first blush, the Data Safety entries might seem pretty similar to the old list of app permissions. You get items like "location," and in some ways, it's better than a plain list of permissions since developers can explain how and why each bit of data is collected. The difference is in how that data ends up in Google's system. The old list of app permissions was guaranteed to be factual because it was built by Google, automatically, by scanning the app. The Data Safety system, meanwhile, runs on the honor system. Here's Google's explanation to developers of how the new section works: "You alone are responsible for making complete and accurate declarations in your app's store listing on Google Play. Google Play reviews apps across all policy requirements; however, we cannot make determinations on behalf of the developers of how they handle user data. Only you possess all the information required to complete the Data safety form. When Google becomes aware of a discrepancy between your app behavior and your declaration, we may take appropriate action, including enforcement action."Read more of this story at Slashdot.

Astronomers at MIT and universities across Canada and the United States have detected a strange and persistent radio signal from a far-off galaxy that appears to be flashing with surprising regularity. From a report:The signal is classified as a fast radio burst, or FRB -- an intensely strong burst of radio waves of unknown astrophysical origin, that typically lasts for a few milliseconds at most. However, this new signal persists for up to three seconds, about 1,000 times longer than the average FRB. Within this window, the team detected bursts of radio waves that repeat every 0.2 seconds in a clear periodic pattern, similar to a beating heart. The researchers have labeled the signal FRB 20191221A, and it is currently the longest-lasting FRB, with the clearest periodic pattern, detected to date. The source of the signal lies in a distant galaxy, several billion light-years from Earth. Exactly what that source might be remains a mystery, though astronomers suspect the signal could emanate from either a radio pulsar or a magnetar, both of which are types of neutron stars -- extremely dense, rapidly spinning collapsed cores of giant stars. There are not many things in the universe that emit strictly periodic signals," says Daniele Michilli, a postdoc in MIT's Kavli Institute for Astrophysics and Space Research. âoeExamples that we know of in our own galaxy are radio pulsars and magnetars, whichRead more of this story at Slashdot.

A committee in Britain's parliament has told payment firms Visa and Mastercard to justify recent rises in their card transaction fees after the country's payments regulator expressed concerns. From a report: The Payment Systems Regulator (PSR) told the Treasury Committee last week that the increases in card fees showed the market was "not working well", according to correspondence published by the committee on Thursday.Read more of this story at Slashdot.

Taiwanese prosecutors on Friday accused a Chinese Apple supplier of stealing commercial secrets from a Taiwanese supplier and poaching its workforce to win orders from the U.S. company, saying it had charged 14 people. From a report: Taiwan has been stepping up efforts to stop what it views as underhand and illegal activities by Chinese firms to steal know-how and poach away talent in what Taipei's government views as a threat to the island's tech prowess. Prosecutors in New Taipei said after a year-and-a-half investigation they had found that China's Luxshare Precision had targeted Taiwanese competitor Catcher Technology "in order to quickly enter the Apple production chain to win orders." Luxshare "lured" Catcher's China based research and development team with promises of high salaries and stole business secrets from the Taiwanese firm, causing them big losses, the prosecutors said in a statement. Luxshare was doing this in order to be able to "quickly build factories and mass produce cases for iPhones, iPads and other products", the statement said.Read more of this story at Slashdot.

A Twitch streamer has crowdsourced the manuals for upwards of 850 unique Super Nintendo games and made them free on an online archive. From a report: Video game consoles have come a long way since the Super Nintendo arrived in the U.S. in 1991 and launched a new generation of gamers, but sometimes there is no beating the classics. The console was wildly popular, with more than 700 games released for the system in the U.S., and Kerry Hays (aka "Peebs" on the Twitch streaming platform) has been working on beating every. single. one. "We had wondered, some of these games, had anyone ever even beaten them before? They were so weird and obscure or difficult," he said. And so, Hays turned to the manuals. For those who weren't playing a lot of video games in the '90s, almost all of them came with a manual inside the case that had lots of helpful information. The manual was where you would find the buttons to push and how the console works. It could also include your lore, backstory, and maybe even a map. "And if you're really lucky, you get a little bit of a walkthrough that would tell you, like, the first 10% of the game," Hays said. [...] The collection is hosted on the Internet Archive and contains upwards of 850 unique Super Nintendo manuals -- and it's all free. Hays says he's not in it for the money.Read more of this story at Slashdot.

In a rare move, more than 200 congressional staffers have sent a letter to Democratic leadership in the House and Senate, demanding they close the deal on a climate and clean energy package and warning that failure could doom younger generations. From a report: "We've crafted the legislation necessary to avert climate catastrophe. It's time for you to pass it," the staffers wrote in a letter, sent to Senate Majority Leader Chuck Schumer and House Speaker Nancy Pelosi on Tuesday evening. The letter, which staffers signed anonymously with initials, was shared first with CNN. "Our country is nearing the end of a two-year window that represents a once-in-a-generation opportunity to pass transformative climate policy," the letter continues. "The silence on expansive climate justice policy on Capitol Hill this year has been deafening. We write to distance ourselves from your dangerous inaction." The staffers' grievances were delivered as Schumer negotiates with Sen. Joe Manchin of West Virginia on a Democrat-only package that is expected to address inflation, the cost of prescription drugs, energy and the climate crisis. The climate and energy portion has remained the largest sticking point in negotiations, as Manchin has publicly stated he wants to lower gas prices by increasing US energy production.Read more of this story at Slashdot.

A new study from Germany has found that working in virtual reality does not increase productivity, comfort, or wellbeing, but does say the report will help identify opportunities for improving the experience of working in VR in the future. From a report: The project was headed by Dr Jens Grubert, a specialist in human-computer interaction at Coburg University, Germany. It involved 16 people who had to work for five days, eight hours a week (with 45 mins lunch break), in VR. The participants used Meta Quest 2 VR headsets combined with a Logitech K830 keyboard and Chrome Remote Desktop. The equipment was chosen specifically to create a realistic scenario of what users would be using in today's world. Participants were also asked specific VR-related questions ('do you feel sick?' or 'are your eyes starting to hurt?'). The research team also monitored the worker's heartbeats and typing speed. The published paper, entitled 'Quantifying the Effects of Working in VR for One Week' found "concerning levels of simulator sickness, below average usability ratings and two participants dropped out on the first day using VR, due to migraine, nausea and anxiety." The study found that, as expected, VR results in significantly worse ratings across most measures. Each test subject scored their VR working experience versus working in a physical environment, many felt their task load had increased, on average by 35%. Frustration was by 42%, the 'negative affect' was up 11%, and anxiety rose by 19%. Mental wellbeing decreased by 20%., eye strain rose 48%, and VR ranked 36% lower on usability. Participants' self-rated workflow went down by 14% and their perceived productivity dropped by 16%.Read more of this story at Slashdot.

The amount of cryptocurrency flowing into privacy-enhancing mixer services has reached an all-time high this year as funds from wallets belonging to government-sanctioned groups and criminal activity almost doubled, researchers reported on Thursday. ArsTechnica: Mixers, also known as tumblers, obfuscate cryptocurrency transactions by creating a disconnect between the funds a user deposits and the funds the user withdraws. To do this, mixers pool funds deposited by large numbers of users and randomly mix them. Each user can withdraw the entire amount deposited, minus a cut for the mixer, but because the coins come from this jumbled pool, it's harder for blockchain investigators to track precisely where the money went. Some mixers provide additional obfuscation by allowing users to withdraw funds in differing amounts sent to different wallet addresses. Others try to conceal the mixing activity altogether by changing the fee on each transaction or varying the type of deposit address used. Mixer use isn't automatically illegal or unethical. [...]. "Mixers present a difficult question to regulators and members of the cryptocurrency community," researchers from cryptocurrency analysis firm Chainalysis wrote in a report that linked the surge to increased volumes deposited by sanctioned and criminal groups. "Virtually everyone would acknowledge that financial privacy is valuable, and that in a vacuum, there's no reason services like mixers shouldn't be able to provide it. However, the data shows that mixers currently pose a significant money laundering risk, with 25 percent of funds coming from illicit addresses, and that cybercriminals associated with hostile governments are taking advantage." Cryptocurrency received by these mixers fluctuates significantly from day to day, so researchers find it more useful to use longer-term measures. The 30-day moving average of funds received by mixers hit $51.8 million in mid-April, an all-time high, Chainalysis reported. The high-water mark represented almost double the incoming volumes at the same point last year. What's more, illicit wallet addresses accounted for 23 percent of funds sent to mixers this year, up from 12 percent in 2021.Read more of this story at Slashdot.

Dmitry Rogozin, the blustering head of Russia's state space corporation, Roscosmos, is out of the position following a big shake-up in the Russian government. From a report: He is being replaced by Yury Borisov, Russian deputy prime minister of space and defense, bringing an end to Rogozin's dynamic reign as general director of the country's space program. Rogozin has been in charge of Roscosmos since his appointment as director general in 2018, though prior to that, he was deputy prime minister since 2011, overseeing space and defense. He's been a controversial figure for most of that tenure, resulting in strained relations with NASA -- Russia's largest partner in space. Rogozin was sanctioned by the United States in 2014 and barred from entering the country due to his time as a deputy prime minister during Russia's annexation of Crimea. As the head of Roscosmos, Rogozin became known for making wildly outlandish statements and threats, many of which put NASA in rather uncomfortable positions. His bombast got renewed focus when Russia began its invasion of Ukraine this year, prompting Rogozin to go into overdrive and make ludicrous claims that many interpreted as threats against NASA and the US / Russian space partnership. For instance, at the start of the war, Rogozin seemed to hint that Roscosmos might pull out of the International Space Station partnership and cause the ISS to come crashing down to Earth. And, after declaring that Russia would no longer supply rocket engines to the United States, Rogozin said NASA astronauts could use "broomsticks" to get to orbit.Read more of this story at Slashdot.

Microsoft caused considerable consternation in the open source community over the past month, after unveiling a shake up to the way developers will be able to monetize open source software. From a report: There are many examples of open source software sold in Microsoft's app store as full-featured commercial applications, ranging from video editing software such as Shotcut, to FTP clients such as WinSCP. But given how easy it is for anyone to reappropriate and repackage open source software as a new standalone product, it appears that Microsoft is trying to put measures in place to prevent such "copycat" imitations from capitalizing on the hard work of the open source community. However, at the crux of the issue was the specific wording of Microsoft's new policy, with section 10.8.7 noting that developers must not: ...attempt to profit from open-source or other software that is otherwise generally available for free, nor be priced irrationally high relative to the features and functionality provided by your product. In its current form, the language is seemingly preventing anyone -- including the project owners and maintainers -- from charging for their work. Moreover, some have argued that it could hold implications for proprietary applications that include open source components with certain licenses, while others have noted that developers may be deterred from making their software available under an open source license.Read more of this story at Slashdot.

An anonymous reader quotes a report from MIT Technology Review: "People are realizing now: wait a minute, literally everything we do is underpinned by Linux," says Dave Aitel, a cybersecurity researcher and former NSA computer security scientist. "This is a core technology to our society. Not understanding kernel security means we can't secure critical infrastructure." Now DARPA, the US military's research arm, wants to understand the collision of code and community that makes these open-source projects work, in order to better understand the risks they face. The goal is to be able to effectively recognize malicious actors and prevent them from disrupting or corrupting crucially important open-source code before it's too late. DARPA's "SocialCyber" program is an 18-month-long, multimillion-dollar project that will combine sociology with recent technological advances in artificial intelligence to map, understand, and protect these massive open-source communities and the code they create. It's different from most previous research because it combines automated analysis of both the code and the social dimensions of open-source software. Here's how the SocialCyber program works. DARPA has contracted with multiple teams of what it calls "performers," including small, boutique cybersecurity research shops with deep technical chops. One such performer is New York -- based Margin Research, which has put together a team of well-respected researchers for the task. Margin Research is focused on the Linux kernel in part because it's so big and critical that succeeding here, at this scale, means you can make it anywhere else. The plan is to analyze both the code and the community in order to visualize and finally understand the whole ecosystem. Margin's work maps out who is working on what specific parts of open-source projects. For example, Huawei is currently the biggest contributor to the Linux kernel. Another contributor works for Positive Technologies, a Russian cybersecurity firm that -- like Huawei -- has been sanctioned by the US government, says Aitel. Margin has also mapped code written by NSA employees, many of whom participate in different open-source projects. "This subject kills me," says d'Antoine of the quest to better understand the open-source movement, "because, honestly, even the most simple things seem so novel to so many important people. The government is only just realizing that our critical infrastructure is running code that could be literally being written by sanctioned entities. Right now." This kind of research also aims to find underinvestment -- that is critical software run entirely by one or two volunteers. It's more common than you might think -- so common that one common way software projects currently measure risk is the "bus factor": Does this whole project fall apart if just one person gets hit by a bus? SocialCyber will also tackle other open-source projects too, such as Python which is "used in a huge number of artificial-intelligence and machine-learning projects," notes the report. "The hope is that greater understanding will make it easier to prevent a future disaster, whether it's caused by malicious activity or not."Read more of this story at Slashdot.

A new paper, published in the journal Science, found that when the Y chromosome was gone from blood cells in male mice genetically engineered to lose their Y chromosomes, scar tissue built up in the heart, leading to heart failure and a shortened life span. The New York Times reports: Because there was a direct cause-and-effect relationship between the loss of Y and ailments of aging in the mice, the study bolsters the notion that the same thing can happen in human males. Researchers have documented an increase in risk for chronic diseases like heart disease and cancer related to loss of the Y chromosome in many studies over the years, including the new one, which used data from a large genetic study of the British population. The loss of Y could even account for some of the difference between the life spans of men and women, the authors of the Science study say. At least 40 percent of males lose the Y chromosome from some of their blood cells by age 70. And by age 93, at least 57 percent have lost some of it. The chromosome is lost sporadically from blood cells during cell division, when it is kicked out of some cells and then disintegrates. The result is what researchers call a mosaic loss of Y. There is no way, other than to stop smoking, to reduce the risk of losing the Y chromosome. And the condition is unrelated to men having lower levels of testosterone in their bodies as they age. Taking testosterone supplements would have no effect, nor would it reverse the consequences. [...] It is too soon to say what men should do -- other than to stop smoking -- to protect themselves from losing their Y chromosomes or to alleviate the consequences. Those in [the researcher's] group found they could protect the hearts of the mice without Y chromosomes by blocking TGF-beta, a key molecule involved in the production of scar tissue. Dr. Stephen Chanock, the director of the division of cancer epidemiology and genetics at the National Cancer Institute, said the mouse study was "really cool." But he noted that there was no evidence yet that drugs to block TGF-beta would be effective in men who lost their Y. And, for now, there is little point in testing men for loss of Y, Dr. Chanock said, adding, "the over-interpretation of these data for monetary purposes worries me deeply."Read more of this story at Slashdot.

An all-electric future depends heavily on copper, and looming supply shortfalls could hamper nations' goals of reaching net-zero emissions by 2050, according to a new report from S&P Global. Unless significant new supply becomes available, climate goals will be "short-circuited and remain out of reach," the report says. CNBC reports: Electric vehicles, solar and wind power, and batteries for energy storage all run on copper. An EV requires 2.5 times as much copper as an internal combustion engine vehicle, according to S&P Global. Meanwhile, solar and offshore wind need two times and five times, respectively, more copper per megawatt of installed capacity than power generated using natural gas or coal. Copper is also key to the infrastructure that transports renewable energy, thanks in part to its electrical conductivity and low reactivity. Its uses include cables, transistors and inverters. The report forecasts copper demand nearly doubling to 50 million metric tons by 2035. By 2050, demand will reach more than 53 million metric tons. To put this figure in perspective, S&P Global noted that that's "more than all the copper consumed in the world between 1900 and 2021." Renewable energy deployment will account for much of the demand spike. S&P Global forecasts copper needed for EVs, wind, solar and batteries tripling by the middle of the next decade. This will happen alongside demand growth from other areas, pushing copper's demand to never-before-seen levels. S&P Global offers two future scenarios in an effort to forecast how short the market will be. Under the "Rocky Road Scenario" -- in which production continues largely as is -- annual supply shortfall will reach almost 10 million metric tons in 2035. In the more optimistic "High Ambition Scenario" -- in which mines increase utilization and ramp up recycling -- the market will still be in a deficit for most of the 2030s. "Under either scenario, there would not be enough supply to meet the demand of Net-Zero-Emissions by 2050," the report concludes. The report notes that it takes, on average, 16 years for a new copper mine to get off the ground. "For the time being, increasing utilization at existing mines and ramping up recycling can fulfill some of the higher demand," it says.Read more of this story at Slashdot.

An anonymous reader quotes a report from TechCrunch: A major populist but controversial piece of U.K. legislation to regulate internet content through a child safety-focused frame is on pause until the fall when the government expects to elect a new prime minister, following the resignation of Boris Johnson as Conservative Party leader last week. PoliticsHome reported yesterday that the Online Safety Bill would be dropped from House of Commons business next week with a view to being returned in the autumn. The Department for Digital, Culture, Media and Sport (DCMS) denied the legislation was being dropped altogether but the fate of the bill will clearly now rest with the new prime minister -- and their appetite for regulating online speech. Reached for comment, DCMS confirmed that the bill's final day of report stage will be rescheduled to after the summer recess -- suggesting it had lost out to competing demands for remaining parliamentary time (without specifying to what). The department also made a point of reiterating that the legislation intends to deliver on the government's manifesto commitment to make the U.K. the safest place in the world to be online while defending freedom of speech. But critics of the bill continue to warn it vastly overreaches on content regulation while saddling the U.K.'s digital sector with crippling compliance costs.Read more of this story at Slashdot.

Some Beijing residents returning from domestic travel were asked by local authorities to wear COVID-19 monitoring bracelets, prompting widespread criticism on Chinese social media by users concerned about excessive government surveillance. Reuters reports: According to posts published on Wednesday evening and Thursday morning on microblogging platform Weibo, some Beijing residents returning to the capital were asked by their neighborhood committees to wear an electronic bracelet throughout the mandatory home quarantine period. Chinese cities require those arriving from parts of China where COVID cases were found to quarantine. Authorities fit doors with movement sensors to monitor their movements but until now have not widely discussed the use of electronic bracelets. The bracelets monitor users' temperature and upload the data onto a phone app they had to download, the posts said. "This bracelet can connect to the Internet, it can definitely record my whereabouts, it is basically the same as electronic fetters and handcuffs, I won't wear this," Weibo user Dahongmao wrote on Wednesday evening, declining to comment further when contacted by Reuters. This post and others that shared pictures of the bracelets were removed by Thursday afternoon, as well as a related hashtag that had garnered over 30 million views, generating an animated discussion on the platform. A community worker at Tiantongyuan, Beijing's northern suburb, confirmed to state-backed news outlet Eastday that the measure was in effect in the neighbourhood, though she called the practice "excessive." A Weibo post and a video published on the official account of Eastday.com was removed by Thursday afternoon. Weibo user Dahongmao wrote on Thursday afternoon his neighbourhood committee had already collected the bracelets, telling him that "there were too many complaints."Read more of this story at Slashdot.

Microsoft is shifting to a new engineering schedule for Windows which will see the company return to a more traditional three-year release cycle for major versions of the Windows client, while simultaneously increasing the output of new features shipping to the current version of Windows on the market. Zac Bowden writes via Windows Central: The news comes just a year after the company announced it was moving to a yearly release cadence for new versions of Windows. According to my sources, Microsoft now intends to ship "major" versions of the Windows client every three years, with the next release currently scheduled for 2024, three years after Windows 11 shipped in 2021. This means that the originally planned 2023 client release of Windows (codenamed Sun Valley 3) has been scrapped, but that's not the end of the story. I'm told that with the move to this new development schedule, Microsoft is also planning to increase the output of new features rolling out to users on the latest version of Windows. Starting with Windows 11 version 22H2 (Sun Valley 2), Microsoft is kicking off a new "Moments" engineering effort which is designed to allow the company to rollout new features and experiences at key points throughout the year, outside of major OS releases. I hear the company intends to ship new features to the in-market version of Windows every few months, up to four times a year, starting in 2023. Microsoft has already tested this system with the rollout of the Taskbar weather button on Windows 11 earlier this year. That same approach will be used for these Moments, where the company will group together a handful of new features that have been in testing with Insiders and roll them out to everyone on top the latest shipping release of Windows. Many of the features that were planned for the now-scrapped Sun Valley 3 client release will ship as part of one of these Moments on top of Sun Valley 2, instead of in a dedicated new release of the Windows client in the fall of 2023.Read more of this story at Slashdot.

According to The Verge's review of the new MacBook Air with the M2 chip, the $1,199 base model equipped with 256GB of storage has a single NAND chip, which will lead to slower SSD speeds in benchmark testing. MacRumors reports: The dilemma arises from the fact that Apple switched to using a single 256GB flash storage chip instead of two 128GB chips in the base models of the new MacBook Air and 13-inch MacBook Pro. Configurations equipped with 512GB of storage or more are equipped with multiple NAND chips, allowing for faster speeds in parallel. In a statement issued to The Verge, Apple said that while benchmarks of the new MacBook Air and 13-inch MacBook Pro with 256GB of storage "may show a difference" compared to previous-generation models, real-world performance is "even faster": "Thanks to the performance increases of M2, the new MacBook Air and the 13-inch MacBook Pro are incredibly fast, even compared to Mac laptops with the powerful M1 chip. These new systems use a new higher density NAND that delivers 256GB storage using a single chip. While benchmarks of the 256GB SSD may show a difference compared to the previous generation, the performance of these M2 based systems for real world activities are even faster." It's unclear if Apple's statement refers explicitly to real-world SSD performance or overall system performance.Read more of this story at Slashdot.

An anonymous reader quotes a report from Nikkei Asia: Panasonic will invest $4 billion in a second U.S. electric vehicle battery factory in Kansas, its subsidiary Panasonic Energy announced on Thursday, confirming an earlier Nikkei report. The factory is expected to hire as many as 4,000 employees and supply a new high-capacity battery for Tesla. The decision follows Tesla's April opening of a second American EV factory in Texas to meet brisk demand. Panasonic aims to triple or quadruple EV battery production capacity by fiscal 2028 from the current level of roughly 50 gigawatt-hours per year. It plans to install two production lines at a battery component factory in Wakayama Prefecture, Japan, in fiscal 2023 and begin manufacturing its new high-capacity model, the 4680. That investment is expected to total roughly 80 billion yen ($580 million). Panasonic had said it would determine whether to build new manufacturing facilities after seeing how production at the Wakayama plant fared in terms of profitability. Increasing production demands from Tesla, a leading source of the Japanese electronics group's earnings, were likely a factor in the decision for a new U.S. plant, along with Panasonic's progress on the new technology. Prototypes started to ship in May. Emanuel noted that Panasonic's investment plan of up to $4 billion will create as many as 4,000 American jobs. Panasonic's first U.S. plant in Nevada, the Gigafactory 1, is jointly operated with Tesla. The Japanese company invested roughly 200 billion yen in that facility, which only began turning a profit in the year ended March 2021 as high defect rates kept mass production from getting off the ground.Read more of this story at Slashdot.

According to a new study from Cornell researchers, smart thermostats are initiating peak demand throughout the network at a bad time of day. From a report: "Many homes have their smart thermostats turn down temperatures at night in the winter," said Max Zhang, a professor in Cornell's Sibley School of Mechanical and Aerospace Engineering and the Kathy Dwyer Marble and Curt Marble Faculty Director at the Cornell Atkinson Center for Sustainability. "The temperature can be programmed to ramp up before you wake up -- and you'll have a warm house. That's the smart thing to do. But if everyone keeps their default setting, let's say 6 a.m., the electric grid suffers synchronized demand spikes and that's not smart for the system. That's the challenge." "As we electrify the heating sector to decarbonize the grid," he said, "this so-called load synchronization will become a problem in the near future." In 2021, about 40% of U.S. homes had smart thermostats, as utilities encourage adoption, according to the paper. Lee and Zhang examined wintertime smart thermostat data for over 2,200 homes in New York state, noted for its cold winter climate and a mix of urban, suburban and rural communities. Homeowners purchasing a smart thermostat can opt to share their data anonymously with electric utilities for research purposes. Lee and Zhang investigated "setpoint behavior" and learned that most homeowners use the smart thermostat's factory-default settings. Evidence showed that residents remain confused about how to operate their thermostats and are often unable to program it, the authors said. In fact, their data indicates homeowners achieved energy savings of only 5% to 8%, far less than the devices' potential of 25% to 30%, Lee said. If hundreds of homes have their smart thermostat set to turn on at 6 a.m., the electric grids see a peak at 6:05 a.m., which is about an hour before daylight during New York state winters. While the setpoint schedules are designed to achieve the energy-saving benefit, the peak demands are concentrated primarily when renewable energy is unavailable -- aggravating the peak demand by nearly 50%, according to the paper. "The smart thermostat data shows both an increase in frequency of high daily peak heating demand," Lee said, "as well as an increase in the magnitude of the overall peak demand."Read more of this story at Slashdot.

NFT marketplace OpenSea announced today that it's laying off around 20% of the company's employees. TechCrunch reports: "... [T]he reality is that we have entered an unprecedented combination of crypto winter and broad macroeconomic instability, and we need to prepare the company for the possibility of a prolonged downturn," OpenSea CEO Devin Finzer said in a message shared with staff that he posted publicly on Twitter as well. The company did not specify exactly how many employees were impacted by the decision, but the company's LinkedIn page indicates the company has around 750+ employees currently. Finzer says that impacted employees will be receiving severance and health insurance "into 2023" as well as accelerated equity vesting. The layoffs raise questions about the company's aggressive growth tactics and how they approached the sustainability of the NFT sector's breakneck growth. In his note to staff, Finzer says the company has years of runway ahead of it with these changes, assuming things don't get even bleaker. "The changes we're making today put us in a position to maintain multiple years of runway under various crypto winter scenarios (5 years at the current volume), and give us high confidence that we will only have to go through this process once," Finzer writes, later adding, "Winter is our time to build."Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: Fifty-four members of the European Parliament (MEPs) are protesting what they call a "radical proposal" to require payments from online service providers to Internet service providers. Noting that Europe's 2015 "Open Internet Regulation ensures that citizens are free to use whichever apps and websites they wish," the MEPs said they have "deep concern about the European Commission's plans to change our net neutrality legislation in the upcoming Connectivity Infrastructure Act to be proposed in autumn, without having consulted the public, technology experts, academics, civil society, or expert regulatory agencies." No specific proposal has been released, but "statements to the press indicate that a new provision would require payments from online service providers to broadband providers -- ostensibly to fund the rollout of 5G and fiber to the home," the MEPs wrote in the letter yesterday (PDF) to the European Commission. The letter cited a May 2 Reuters article that said, "Tech giants such as Google, Meta, and Netflix may have to bear some of the cost of Europe's telecoms network, Europe's digital chief Margrethe Vestager said on Monday, following EU telecoms operators' complaints." The MEPs' list of references also includes two Ars Technica articles from 2012 when a similar proposal was being discussed. Vestager reportedly said at a news conference that "there are players who generate a lot of traffic that then enables their business but who have not been contributing actually to enable that traffic. They have not been contributing to enabling the investments in the rollout of connectivity... and we are in the process of getting a thorough understanding of how could that be enabled." [...] The MEPs' letter further argued that charging websites for access to broadband consumers would help ISPs abuse their monopolies: "Adopting a model that allows for or mandates access fees would be a disastrous return to the economic model for telephony, where telecommunications companies and countries leveraged their termination access monopolies to make communication expensive. Because phone companies had a monopoly over their customers, they could charge exorbitant prices to anyone seeking to call their customers. Broadband providers have the same monopoly over their customers. Allowing them to charge content providers for access could cause significant harm to the Internet economy." The MEPs also doubt such fees would improve broadband connectivity, saying that "factors such as permits or construction capacities can act as more severe barriers than lack of funding." They urged the European Commission to take its time and open an official consultation, saying, "There is no emergency that requires action in autumn 2022."Read more of this story at Slashdot.

theodp writes: On Monday, a who's who of the nation's tech leaders -- organized as CEOs for CS by the tech-backed nonprofit Code.org -- issued a public challenge in a letter to 'the Governors of the United States', calling on the Govs to bring more computer science to K-12 students in their states. On Thursday, as the National Governors Association kicked off their 2022 Summer Meeting, 50 of the nation's Governors -- many of whom are members of the Code.org-advised Govs for CS -- accepted the nation's CEOs' challenge, signing a Compact To Expand K-12 Computer Science Education, which may involve a number of strategies, including "requiring a computer science credit for high school graduation." News of the Governors' K-12 CS education compact coincidentally came on the same day as the nation's K-12 CS teachers gathered in Chicago to kickoff the Tech Giant and Code.org-sponsored CSTA 2022 Annual Conference.Read more of this story at Slashdot.

Chat service Omegle is on the hook for a lawsuit after its matching system paired an 11-year-old girl with a man who then sexually abused her. A district judge in Portland, Oregon, said the company's system wasn't protected by the legal shield that covers much user-generated content. From a report: The case isn't concluded, but it opens the door to more prosecutions based on how a platform designs its services. The legal complaint, filed late last year, alleges that Omegle's service was defective and falsely represented. It's a common strategy that's often failed in court before, including with Grindr in a harassment case, typically due to the legal protections of Section 230 of the Communications Decency Act. This time, however, Judge Michael Mosman determined that the lawsuit targeted functions specifically designed by Omegle rather than speech by other users on the platform.Read more of this story at Slashdot.

An anonymous reader shares a report: Getting Doom to run on things that were never meant to run Doom is something of a cottage industry among a die-hard subset of PC hackers and coders. Your motherboard's BIOS, a bunch of old potatoes, a Lego brick, a home pregnancy test: The list goes on and on. But YouTuber and Doomworld community member kgsws has set a new standard for, well, something with this brilliant bit of techno-recursion: Doom running in Doom. The full explanation for how it works gets technical but what it comes down to is an exploit that enables code execution within the game itself. That's why this bit of trickery only works with the original DOS-based Doom 2, and not any of the more modern ports like GZDoom, which lack the exploit. (That's not convenient for this project but it's a good thing overall, kgsws noted: "People would abuse it to spread malicious code.")Read more of this story at Slashdot.

In March, Microsoft enabled audio CD playback in the new version of Media Player, something that the old version had supported for pretty much as long as it had existed. And now, Microsoft is rolling out support for CD ripping in the new version of Media Player, presumably so that we can all convert our old Weezer and Matchbox 20 CDs into files we can copy over to our iPods and Zunes. From a report: By default, CDs can be ripped to AAC files at constant bitrates ranging between 96 and 320kbps. The WMA, FLAC, and ALAC formats are also supported. MP3 support and variable bitrate support, two features that are still included in the "Media Player Legacy" app, are notably absent.Read more of this story at Slashdot.

Samsung said on Thursday that it has developed a new GDDR6 (graphics double data rate) DRAM with a data transfer rate of 24 gigabits per second (Gbps). From a report: A premium graphics card that packs the chips will support a data processing rate of up to 1.1 terabytes (TB), equivalent to processing 275 movies in Full HD resolution within a second, the South Korean tech giant said. Samsung said the DRAM was comprised of 16Gb chips using its third-generation 10nm process node, which also incorporates extreme ultraviolet (EUV) lithography during their production. The company also applied high-k metal gates, or the use of metals besides silicon dioxide to make the gate hold more charge, on the DRAM. Samsung said this allowed its latest DRAM to operate at a rate over 30% faster than its 18Gbps GGDR6 DRAM predecessor.Read more of this story at Slashdot.

Intel has informed customers it will raise prices on a majority of its microprocessors and peripheral chip products later this year, citing rising costs, Nikkei Asia reported Thursday. From the report: The biggest U.S. chipmaker plans to raise prices this autumn on flagship products such as central processing units for servers and computers, where it dominates the market, as well as on a wide range of other items, including chips for Wi-Fi and other connectivity, according to three industry executives with direct knowledge. Intel says the price hikes are required because of the surging costs for production and materials, the executives said. The percentage increases have not been finalized, and could be different for different types of chips, but are likely to range from a minimal single-digit increase to more than 10% and 20% in some cases, one of the people said. Intel's move comes amid an inflation surge in the U.S. and around the world. The U.S. reported consumer prices rose 9.1% in June, a 40-year record.Read more of this story at Slashdot.

India has proposed to introduce a right to repair law, aiming to provide consumers the ability to have their devices repaired by third parties to fight the growing "culture of planned obsolescence" in a move that follows similar deliberations in the U.S. and the UK. From a report: The Indian Department of Consumer Affairs said Wednesday that it had set up a committee to develop a right to repair framework. The committee identified mobile phones, tablets, consumer durables, automobiles and farming as important sectors for the framework, the ministry said. "The pertinent issues highlighted during the meeting include companies avoiding the publication of manuals that can help users make repairs easily," the ministry said in a statement.Read more of this story at Slashdot.

Payments giant Stripe, last valued by private investors at $95 billion, cut the internal value of its shares by 28%, WSJ reported Thursday, citing people familiar with the matter. From the report: Stripe told employees in an email Friday that the internal share price was about $29, compared with $40 in the most previous internal valuation, known as a 409A valuation, the people said. The move lowered the implied valuation of those shares to $74 billion, according to one of the people, which is calculated separately from the stock owned by major shareholders. Stripe said in the email that the board approved the lower share price effective June 30, the people said. The payments processor to startups and fast-growing internet companies didn't explain the decision to lower its internal valuation, the people said. The decision comes amid a prolonged market selloff that has slowed down the pace of private fundraising and pushed startups to slash costs and cut jobs.Read more of this story at Slashdot.

Google is releasing Chrome OS Flex today, a new version of Chrome OS that's designed for businesses and schools to install and run on old PCs and Macs. From a report: Google first started testing Chrome OS Flex earlier this year in an early access preview, and the company has now resolved 600 bugs to roll out Flex to businesses and schools today. Chrome OS Flex is designed primarily for businesses running old Windows PCs, as Google has been testing and verifying devices from Acer, Asus, Dell, HP, Lenovo, LG, Toshiba, and many more OEMs. Flex will even run on some old Macs, including some 10-year-old MacBooks. The support of old hardware is the big selling point of Chrome OS Flex, as businesses don't have to ditch existing hardware to get the latest modern operating system. More than 400 devices are certified to work, and installation is as easy as using a USB drive to install Chrome OS Flex.Read more of this story at Slashdot.

Law students getting ready to take the Bar exam digitally may run into a serious issue: one of the nation's most frequently-used test-taking software packages, Examplify, is incompatible with Intel's latest generation of processors. From a report: In a notice to users, ExamSoft, the company that owns Examplify, writes that 12th Gen Intel processors aren't compatible with its software. "New Windows devices containing the Intel 12th generation chipset are triggering Examplify's automatic virtual machine check," Examplify's notice reads. "These are NOT currently supported. Therefore, they cannot be used for the upcoming July 2022 bar exam." One user drew attention to the issue in a post on Twitter, and included a screencap of what appears to be a notice given to Bar applicants.Read more of this story at Slashdot.

A former Central Intelligence Agency software engineer was convicted by a federal jury on Wednesday of causing the largest theft of classified information in the agency's history. From a report: The former C.I.A. employee, Joshua Schulte, was arrested after the 2017 disclosure by WikiLeaks of a trove of confidential documents detailing the agency's secret methods for penetrating the computer networks of foreign governments and terrorists. The verdict came two years after a previous jury failed to agree on eight of the 10 charges he faced then. At the earlier trial, Mr. Schulte, 33, was found guilty of contempt of court and of making false statements to the F.B.I. He was convicted on Wednesday on nine counts, which included illegally gathering national defense information and illegally transmitting that information. Damian Williams, the United States attorney in Manhattan, where the trial was held, hailed the verdict. Mr. Schulte has been convicted of "one of the most brazen and damaging acts of espionage in American history," Mr. Williams said in a statement.Read more of this story at Slashdot.

Amazon has offered to limit its use of marketplace seller data and make changes to 'Buy Box' rankings in a bid to settle antitrust concerns in the European Union, the Commission confirmed today. From a report: It has also offered to revise how sellers can quality for inclusion to Prime; and allow them to choose their own delivery firm and negotiate terms directly with the carrier, as well as committing not to use any data obtained via Prime about the terms and performance of third party carriers for its own competing logistics services. In recent weeks, reports by Reuters and the FT had suggested Amazon would offer to share more data with rivals and give buyers a wider choice of products in order to settle the EU's action.Read more of this story at Slashdot.

Twitter faced a brief outage on Thursday, leaving thousands of users without service for about an hour. From a report: At the peak, at 8:20 a.m. in New York, 54,582 users reported problems on Downdetector.com, an outage tracking platform. Twitter's website displayed an error message and prompted users to reload the page. It wasn't immediately clear what caused the outage. A message on Twitter's support account posted at 9:10 a.m. said: "Some of you are having issues accessing Twitter and we're working to get it back up and running for everyone. Thanks for sticking with us." By 9:16 a.m., about 1,600 users reported they were still having trouble. The last time Twitter faced an outage was in February, when the site crashed due to a "technical bug" on the page. In its early days, Twitter was famous for crashing amid high traffic, leading to the iconic "fail whale" image that popped up when service was down.Read more of this story at Slashdot.

An anonymous reader quotes a report from Popular Science: Internet Archive, a non-profit digital library and a massive repository of online artifacts, has been collecting mementos of the ever-expanding World Wide Web for over two decades, allowing users to revisit sites that have since been changed or deleted. But like the web, it too has evolved since its genesis, and in the aughts, it also began to offer a selection of ebooks that any internet user can check out with the creation of a free account. That latter feature has gotten the organization in some trouble. Internet Archive was sued by a suite of four corporate publishers in 2020 over copyright controversies -- with one side saying that what Internet Archive does is preservation, and the other saying that it's piracy, since it freely distributes books as image files without compensating the author. Last week, the ongoing case entered a new chapter as the nonprofit organization filed a motion for summary judgment, asking a federal judge to put a stop to the lawsuit, arguing that their Controlled Digital Lending program "is a lawful fair use that preserves traditional library lending in the digital world" since "each book loaned via CDL has already been bought and paid for." On Friday, Creative Commons issued a statement supporting Internet Archive's motion. In 2006, Internet Archive started a program for digitizing books both under copyright and in the public domain. It works with a range of global partners, including other libraries, to scan materials onto its site (Cornell University made a handy guide on what works fall under copyright vs. the public domain). For copyrighted books, Internet Archive owns the physical books that they created the digital copies from and limits their circulation by allowing only one person to borrow a title at a time. Book publishers, namely Hachette Book Group, HarperCollins, John Wiley Sons, and Penguin Random House, were not keen on this practice, and they have been seeking financial damages for the 127 books (PDF) shared under copyright. Vox estimated that if the publishers win, Internet Archive would have to pay $19 million, which is about "one year of operating revenue." In the most recent filings, the publishers accused Internet Archive of amassing "a collection of more than three million unauthorized in-copyright ebooks -- including more than 33,000 of the Publishers' commercially available titles -- without obtaining licenses to do so or paying the rightsholders a cent for exploiting their works. Anybody in the world with an internet connection can instantaneously access these stolen works via IA's interrelated archive.org and openlibrary.org websites." In its defense, Internet Archive, which is being represented by the Electronic Frontier Foundation, says that "libraries have been practicing CDL in one form or another for more than a decade," and that Internet Archive lends its digitized books on an "owned-to-loaned basis, backstopped by strong technical protections to enforce lending limits."Read more of this story at Slashdot.

David Matthews writes via Nature: See whether this sounds familiar: you build a piece of software to solve a research question. But when you move on to the next project, there's no one to maintain it. As it ages, it becomes obsolete, and the next academic to tackle a similar problem finds themselves having to reinvent the wheel. [...] Now, a funding initiative hopes to help ease that burden. [...] In January, Schmidt Futures, a science and technology-focused philanthropic organization founded by former Google chief executive Eric Schmidt and his wife Wendy, launched the Virtual Institute for Scientific Software (VISS), a network of centers across four universities in the United States and the United Kingdom. Each institution will hire around five or six engineers, says Stuart Feldman, Schmidt Futures' chief scientist, with funding typically running for five years and being reviewed annually. Overall, Schmidt Futures is putting US$40 million into the project, making it among the largest philanthropic investments in this area. The aim is to overcome a culture of relative neglect in academia for open-source scientific software, Feldman says, adding that support for software engineering is "a line item, just like fuel" at organizations such as NASA. "It's only in the university research lab environment where this is ancillary," he says. [...] Those setting up VISS centers say Schmidt Futures' steady, relatively long-term funding will help them to overcome a range of problems endemic to academic software. Research grants rarely provide for software development, and when they do, the positions they fund are seldom full-time and long-term. "If you've got all of this fractional effort, it's really hard to hire people and provide them with a real career path," says Andrew Connolly, an astronomer who is also helping to set up the Washington centre. What's more, software engineers tend to be scattered and isolated across a university. "Peer development and peer community is really important to those types of positions," says Stone. "And that would be extraordinarily rare in academia." To counter this, VISS centers hope to create cohesive, stable teams that can learn from one another. [...] Dario Taraborelli, who helps to coordinate another privately funded scientific-software project at the Chan Zuckerberg Initiative (CZI) in California, says that such initiatives fill a key gap in the scientific-software ecosystem, because funding agencies too often fail to prioritize crucial software infrastructure. Although there are now "substantial" grants dedicated to creating software, he says, there's precious little funding available to maintain what is built. Computer scientist Alexander Szalay, who is helping to set up a VISS centre at Johns Hopkins, agrees, noting that very few programs get to a point where enough researchers use and update them to remain useful. "They don't survive this 'Valley of Death,'" he says. "The funding stops when they actually develop the software prototype."Read more of this story at Slashdot.

The European Space Agency has officially terminated cooperation with Russia on a mission to put a rover on Mars, with Russia's space chief furiously responding by banning cosmonauts on the ISS from using a Europe-made robotic arm. France 24 reports: The ESA had previously suspended ties on the joint ExoMars mission, which had planned to use Russian rockets to put Europe's Rosalind Franklin rover on the red planet to drill for signs of life, due to Russia's invasion of Ukraine. ESA Director-General Josef Aschbacher tweeted on Tuesday that because the war and resulting sanctions "continue to prevail," the agency would "officially terminate" ties with Russia on ExoMars and its landing platform. The firebrand head of Russian space agency Roscosmos Dmitry Rogozin issued an angry response. "Has the head of the European Space Agency thought about the work of thousands of scientists and engineers in Europe and Russia which has been ended by this decision? Is he prepared to answer for sabotaging a joint Mars mission?" Rogozin said on Telegram. "I, in turn, order our crew on the ISS to stop working with the European manipulator ERA," he added.Read more of this story at Slashdot.

An anonymous reader quotes a report from The Conversation: City lights that blaze all night are profoundly disrupting urban plants' phenology -- shifting when their buds open in the spring and when their leaves change colors and drop in the fall. New research I coauthored shows how nighttime lights are lengthening the growing season in cities, which can affect everything from allergies to local economies. In our study, my colleagues and I analyzed trees and shrubs at about 3,000 sites in U.S. cities to see how they responded under different lighting conditions over a five-year period. Plants use the natural day-night cycle as a signal of seasonal change along with temperature. We found that artificial light alone advanced the date that leaf buds broke in the spring by an average of about nine days compared to sites without nighttime lights. The timing of the fall color change in leaves was more complex, but the leaf change was still delayed on average by nearly six days across the lower 48 states. In general, we found that the more intense the light was, the greater the difference. [...] This kind of shift in plants' biological clocks has important implications for the economic, climate, health and ecological services that urban plants provide. On the positive side, longer growing seasons could allow urban farms to be active over longer periods of time. Plants could also provide shade to cool neighborhoods earlier in spring and later in fall as global temperatures rise. But changes to the growing season could also increase plants' vulnerability to spring frost damage. And it can create a mismatch with the timing of other organisms, such as pollinators, that some urban plants rely on. A longer active season for urban plants also suggests an earlier and longer pollen season, which can exacerbate asthma and other breathing problems. A study in Maryland found a 17% increase in hospitalizations for asthma in years when plants bloomed very early. The study has been published in the journal PNAS Nexus.Read more of this story at Slashdot.

An anonymous reader quotes a report from U.S. News & World Report: More than 80% of Americans have a widely used herbicide lurking in their urine, a new government study suggests. The chemical, known as glyphosate, is "probably carcinogenic to humans," the World Health Organization's International Agency for Research on Cancer has said. Glyphosate is the active ingredient in Roundup, a well-known weed killer. The U.S. National Nutrition Examination Survey found the herbicide in 1,885 of 2,310 urine samples that were representative of the U.S. population. Nearly a third of the samples came from children ages 6 to 18. Traces of the herbicide have previously been found in kids' cereals, baby formula, organic beer and wine, hummus and chickpeas. In 2020, the EPA determined that the chemical was not a serious health risk and "not likely" to cause cancer in humans. However, a federal appeals court ordered the EPA to reexamine those findings last month, CBS News reported. In 2019, a second U.S. jury ruled Bayer's Roundup weed killer was the cause of a man's cancer. It was only the second of some 11,200 Roundup lawsuits to go to trial in the United States. Another California man was awarded $78 million (originally $289 million) in the first lawsuit alleging a glyphosate link to cancer. A study published around the same time as those rulings found that glyphosate "destroys specialized gut bacteria in bees, leaving them more susceptible to infection and death from harmful bacteria." Further reading: 'It's a Non-Party Political Issue': Banning the Weedkiller Glyphosate (The Guardian)Read more of this story at Slashdot.

Lenovo has released a security advisory to inform customers that more than 70 of its laptops are affected by a UEFI/BIOS vulnerability that can lead to arbitrary code execution. SecurityWeek reports: Researchers at cybersecurity firm ESET discovered a total of three buffer overflow vulnerabilities that can allow an attacker with local privileges to affected Lenovo devices to execute arbitrary code. However, Lenovo says only one of the vulnerabilities (CVE-2022-1892) impacts all devices, while the other two impact only a handful of laptops. "The vulnerabilities can be exploited to achieve arbitrary code execution in the early phases of the platform boot, possibly allowing the attackers to hijack the OS execution flow and disable some important security features," ESET explained. "These vulnerabilities were caused by insufficient validation of DataSize parameter passed to the UEFI Runtime Services function GetVariable. An attacker could create a specially crafted NVRAM variable, causing buffer overflow of the Data buffer in the second GetVariable call," it added. Lenovo has also informed customers about Retbleed, a new speculative execution attack impacting devices with Intel and AMD processors. The company has also issued an advisory for a couple of vulnerabilities affecting many products that use the XClarity Controller server management engine. These flaws can allow authenticated users to cause a DoS condition or make unauthorized connections to internal services.Read more of this story at Slashdot.

Google has counter-sued Match seeking monetary damages and a judgement that would let it kick Tinder and the group's other dating apps out of the Play Store, Bloomberg has reported. Engadget reports: Earlier this year, Match sued Google alleging antitrust violations over a decision requiring all Android developers to process "digital goods and services" payments through the Play Store billing system. Following the initial lawsuit in May, Google and Match reached a temporary agreement allowing Match to remain on the Play Store and use its own payments system. Google also agreed to make a "good faith" effort to address Match's billing concerns. Match, in turn, was to make an effort to offer Google's billing system as an alternative. However, Google parent Alphabet claims that Match Group now wants to avoid paying "nothing at all" to Google, including its 15 to 30 percent Play Store fees, according to a court filing. "Match Group never intended to comply with the contractual terms to which it agreed... it would also place Match Group in an advantaged position relative to other app developers," the document states. Match group said that Google's Play Store policies violate federal and state laws. "Google doesn't want anyone else to sue them so their counterclaims are designed as a warning shot," Match told Bloomberg in a statement. "We are confident that our suit, alongside other developers, the US Department of Justice and 37 state attorneys general making similar claims, will be resolved in our favor early next year."Read more of this story at Slashdot.

According to CNBC, embattled crypto company Celsius is in the process of filing for Chapter 11 bankruptcy. From the report: The company's lawyers were notifying individual U.S. state regulators as of Wednesday evening, according to the source, who asked not to be named because the proceedings were private. Celsius plans to file the paperwork "imminently," the person said. The Hoboken, New Jersey-based company made headlines a month ago after freezing customer accounts, blaming "extreme market conditions." The company was one of the largest players in the crypto lending space with more than $8 billion in loans to clients, and almost $12 billion in assets under management as of May. Celsius said it had 1.7 million customers as of June and was competing with its interest-bearing accounts and yields as high as 17%. The firm would lend customers' crypto out to counterparties willing to pay a sky-high interest rate to borrow it. Celsius would then split some of that revenue with users. But the structure came crashing down amid a liquidity crunch in the industry. "Unfortunately, this was expected. It was anticipated. It does not, however, stop our investigations. We will continue investigating the company and working to protect its clients, even through its insolvency," Joseph Rotunda, director of enforcement at the Texas State Securities Board, said of the Celsius bankruptcy filing.Read more of this story at Slashdot.

An anonymous reader writes: Posing as a scholar, a Chinese woman spent years writing alternative accounts of medieval Russian history on Chinese Wikipedia, conjuring imaginary states, battles, and aristocrats in one of the largest hoaxes on the open-source platform. The scam was exposed last month by Chinese novelist Yifan, who was researching for a book when he came upon an article on the Kashin silver mine. Discovered by Russian peasants in 1344, the Wikipedia entry goes, the mine engaged more than 40,000 slaves and freedmen, providing a remarkable source of wealth for the Russian principality of Tver in the 14th and 15th centuries as well as subsequent regimes. The geological composition of the soil, the structure of the mine, and even the refining process were fleshed out in detail in the entry. Yifan thought he'd found interesting material for a novel. Little did he know he'd stumbled upon an entire fictitious world constructed by a user known as Zhemao. It was one of 206 articles she has written on Chinese Wikipedia since 2019, weaving facts into fiction in an elaborate scheme that went uncaught for years and tested the limits of crowdsourced platforms' ability to verify information and fend off bad actors. "The content she wrote is of high quality and the entries were interconnected, creating a system that can exist on its own," veteran Chinese Wikipedian John Yip told VICE World News. "Zhemao single-handedly invented a new way to undermine Wikipedia." Yifan was tipped off when he ran the silver mine story by Russian speakers and fact-checked Zhemao's references, only to find that the pages or versions of the books she cited did not exist. People he consulted also called out her lengthy entries on ancient conflicts between Slavic states, which could not be found in Russian historical records. "They were so rich in details they put English and Russian Wikipedia to shame," Yifan wrote on Zhihu, a Chinese site similar to Quora, where he shared his discovery last month and caused a stir. The scale of the scam came to light after a group of volunteer editors and other Wikipedians, such as Yip, combed through her past contributions to nearly 300 articles. "As a punishment, Zhemao and her affiliated accounts were suspended permanently," adds VICE World News. "Most of her articles were deleted based on community consensus. Some Wikipedians even wrote to experts, seeking help to separate the wheat from the chaff." A spokesperson of the Wikimedia Foundation told VICE World News in an email that volunteers are still "continuing to review additional articles that may have been affected." The report goes on to say that Zhemao speaks neither English nor Russian and is a housewife with only a high school degree. She came clean in an apology letter issued on her Wikipedia account last month. "The hoax started with an innocuous intention," reports VICE. "Unable to comprehend scholarly articles in their original language, she pieced sentences together with a translation tool and filled in the blanks with her own imagination. [...] Before long, they had accumulated into tens of thousands of characters, which she was reluctant to delete." "The alternative accounts were imaginary friends she 'cosplayed' as she was bored and alone, given her husband was away most of the time and she didn't have any friends. She also apologized to actual experts on Russia, whom she had attempted to cozy up to and later impersonated."Read more of this story at Slashdot.

Bandai Namco, the Japanese video game publisher behind titles including Pac-Man, Tekken and Elden Ring, has admitted that hackers accessed its systems and potentially made off with customer data. TechCrunch reports: In a statement shared with TechCrunch, Bandai Namco said it detected "unauthorized access" to its systems by a third party on July 3, adding that it has since taken measures, such as blocking access to the affected servers, to "prevent the damage from spreading." The confirmation comes days after the Alphv ransomware gang, also known as BlackCat, added the Japanese company to its dark web leak site. Bandai Namco declined to elaborate on the nature of the cyberattack or how hackers were able to access its systems, but warned customer data may have been stolen, all but confirming that it was hit by ransomware. "There is a possibility that customer information related to the Toys and Hobby Business in Asian regions (excluding Japan) was included in the servers and PCs, and we are currently identifying the status about existence of leakage [sic], scope of the damage and investigating the cause," Bandai Namco said. The Alphv ransomware group -- believed to be the latest incarnation of the DarkSide ransomware gang responsible for the Colonial Pipeline attack -- has threatened that the stolen data will be released "soon," but no exact deadline has been given. Bandai Namco declined to say whether it had been given a ransom demand. "We will continue to investigate the cause of this incident and will disclose the investigation results as appropriate," Bandai Namco added. "We will also work with external organizations to strengthen security throughout the Group and take measures to prevent recurrence. We offer our sincerest apologies to everyone involved for any complications or concerns caused by this incident."Read more of this story at Slashdot.

Bill Gates, concerned about the "significant suffering" caused by global setbacks including the COVID-19 pandemic, announced Wednesday that he will donate $20 billion to his foundation so it can increase its annual spending. The Associated Press reports: The donation, combined with longtime board member Berkshire Hathaway CEO Warren Buffett's $3.1 billion gift last month, brings The Bill and Melinda Gates Foundation's endowment to approximately $70 billion, making it one of the largest, if not the largest in the world, depending on daily stock valuations. In an essay on the foundation's website, Bill Gates said he hopes "others in positions of great wealth and privilege will step up in this moment too." The Gates Foundation plans to raise its annual budget by 50% over pre-pandemic levels to about $9 billion by 2026. The foundation hopes the increased spending will improve education, reduce poverty and reinstate the global progress toward ending preventable disease and achieving gender equality that has been halted in recent years. "Despite huge global setbacks in the past few years, I see incredible heroism and sacrifice all over the world and I believe progress is possible," Bill Gates, the foundation's co-chair, said in a statement. "But the great crises of our time require all of us to do more... I hope by giving more, we can mitigate some of the suffering people are facing right now and help fulfill the foundation's vision to give every person the chance to live a healthy and productive life." In his essay, Bill Gates wrote that polarization in the United States makes battling global crises tougher. "The political divide limits our political capacity for dialogue, compromise, and cooperation and thwarts the bold leadership required both domestically and internationally to tackle these threats," he wrote. "Polarization is forcing us to look backwards and fight again for basic human rights, social justice, and democratic norms." While achieving gender equality has long been one of the foundation's primary investment areas, in his essay, Bill Gates singled out the Supreme Court's overturning of Roe v. Wade as "a huge setback for gender equality, for women's health, and for overall human progress." "The potential for even further regression is scary," he added. "It will put lives at risk for women, people of color, and anyone living on the margins." You can read the full essay via Gates Notes.Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: Earlier this month, Google sent a request (PDF) to the Federal Election Commission seeking an advisory opinion on the potential launch of a pilot program that would allow political committees to bypass spam filters and instead deliver political emails to the primary inboxes of Gmail users. During a public commenting period that's still ongoing, most people commenting have expressed staunch opposition for various reasons that they're hoping the FEC will consider. "Hard pass," wrote a commenter called Katie H. "Please do not allow Google to open up Pandora's Box on the people by allowing campaign/political emails to bypass spam filters." Out of 48 comments submitted (PDF) as of July 11, only two commenters voiced support for Google's pilot program, which seeks to deliver more unsolicited political emails to Gmail users instead of marking them as spam. The rest of the commenters opposed the program, raising a range of concerns, including the potential for the policy to degrade user experience, introduce security risks, and even possibly unfairly influence future elections. Business Insider reported that the period for public commenting ends on Saturday, July 16, which is longer than what was shared in conflicting reports that said the initial deadline to comment was July 11. That means there's still time for more Gmail users and interested parties to chime in. "For some opposing commenters, it's about rejecting unnecessary strains on the Gmail user experience," adds Ars. "In short: People don't want emails coming to their inbox that they did not sign up for." "Other commenters were more concerned over a perceived government overreach." There were also commenters that said the move could introduce security risks, influence elections, and make Gmail more vulnerable to "emotionally charged" messaging that they never signed up for.Read more of this story at Slashdot.

An anonymous reader shares a report: System76's "Launch" keyboard has been wildly popular with the Linux community thanks to its open source firmware, ability to be customized, and excellent build quality (it's made in the USA). The Launch keyboard uses a USB-C connector to interface with the host computer, but you can utilize either a USB-C to USB-C or USB-C to USB-A cable to connect it -- depending on what ports you have available. Launch even serves double-duty as a USB hub, allowing you to plug USB devices directly into it. System76's Launch keyboard is already tenkeyless and rather small, but apparently, there has been a desire for an even smaller offering. And so, tomorrow, the company will begin selling exactly that. Called "Launch Lite," the $199 variant is a very similar keyboard to the regular Launch, but in a smaller form factor and with fewer keys. System76 is also launching silent brown and silent pink switch options. Unfortunately, the reduced footprint means the USB hub feature found on the standard Launch is not included on the Lite.Read more of this story at Slashdot.

Hundreds of people with disabilities have complained about issues with automated accessibility web services, whose popularity has risen sharply in recent years because of advances in A.I. and new legal pressures on companies to make their websites accessible. From a report: Over a dozen companies provide these tools. Two of the largest, AudioEye and UserWay, are publicly traded and reported revenues in the millions in recent financial statements. Some charge monthly fees ranging from about $50 to about $1,000, according to their websites, while others charge annual fees in the several-hundred-dollar or thousand-dollar range. (Pricing is typically presented in tiers and depends on how many pages a site has.) These companies list major corporations like Hulu, eBay and Uniqlo, as well as hospitals and local governments, among their clients. Built into their pitch is often a reassurance that their services will not only help people who are blind or low vision use the internet more easily but also keep companies from facing the litigation that can arise if they don't make their sites accessible. But it's not working out that way. Users like Mr. Perdue [an anecdote in the linked story] say the software offers little help, and some of the clients that use AudioEye, accessiBe and UserWay are facing legal action anyway. Last year, more than 400 companies with an accessibility widget or overlay on their website were sued over accessibility, according to data collected by a digital accessibility provider. "I've not yet found a single one that makes my life better," said Mr. Perdue, 38, who lives in Queens. He added, "I spend more time working around these overlays than I actually do navigating the website." Last year, over 700 accessibility advocates and web developers signed an open letter calling on organizations to stop using these tools, writing that the practical value of the new features was "largely overstated" and that the "overlays themselves may have accessibility problems." The letter also noted that, like Mr. Perdue, many blind users already had screen readers or other software to help them while online.Read more of this story at Slashdot.