Feed slashdot Slashdot

Favorite IconSlashdot

Link https://slashdot.org/
Feed https://rss.slashdot.org/Slashdot/slashdotMain
Copyright Copyright Slashdot Media. All Rights Reserved.
Updated 2024-11-30 18:46
Unity To Buy IronSource For $4.4 Billion
Unity will take over IronSource in an all-stock $4.4 billion merger deal -- and investor sentiment on the two companies have diverged in a big way on the news. From a report: The two groups announced that they have reached a definitive agreement under which IronSource (ticker: IS) will become a wholly-owned subsidiary of Unity (U) in a deal that will see each share of IronSource exchanged for 0.1089 shares of its new parent. Unity stockholders will own almost 74% of the combined company following the merger. Shares in Unity, a software group chiefly focused on video games, slumped 7% in U.S. premarket trading on Wednesday, while IronSource stock soared 52% higher. IronSource is an Israeli software group that primarily allows mobile content creators to scale their apps and businesses.Read more of this story at Slashdot.
Inflation Hit New Four-Decade High in June as Prices Climbed 9.1%
Prices in June climbed 9.1 percent from a year earlier, the fastest pace since 1981, as soaring gas prices, rising rents and swelling grocery bills made everyday life more expensive for American households. The pickup in prices was broad and faster than expected, spelling trouble for the Federal Reserve. From a report: The inflation index, including food and gas could slow down in July's data because prices at the pump have moderated in recent weeks. The national average cost of a gallon of unleaded gas peaked at about $5 last month. This week, it was around $4.65. But gas prices are volatile and could shoot up again. The report contained unwelcome news beyond the headline number. A core inflation index that strips out food and fuel prices -- giving a sense of underlying inflation trends -- remains high and came in faster than economists expected The core index climbed 5.9 percent the year through June, barely a slowdown from 6 percent in the previous report. The core measure actually climbed 0.7 percent from May to June, more than the previous monthly increase and bad news for central bankers. The question is whether that deceleration will last, and the answer is unclear. The global economy has been buffeted by a series of shocks that have not ceased since the coronavirus pandemic began. Factory shutdowns and shipping shortages have roiled supply chains, worker shortages are making it harder for airlines to fly at capacity and hotels to rent out rooms, and Russia's invasion of Ukraine has disrupted oil and gas supplies. Economists have spent more than a year struggling to predict how and when inflation will settle back down.Read more of this story at Slashdot.
Google To Slow Hiring Through 2023
An anonymous reader quotes a report from CNBC: Google parent Alphabet will slow the pace of hiring and investments through 2023, CEO Sundar Pichai said in an email to employees on Tuesday. "Like all companies, we're not immune to economic headwinds," Pichai wrote in the memo, which was viewed by CNBC. "We need to be more entrepreneurial working with greater urgency, sharper focus, and more hunger than we've shown on sunnier days." He started by acknowledging that "the uncertain global economic outlook has been top of mind." Alphabet shares are down 21% so far this year, falling alongside the rest of the tech industry as investors rotate out of the stocks that drove the bull market of the past decade. The company missed analyst estimates for the first quarter, and Chief Financial Officer Ruth Porat warned another rough period could be ahead. Growth in the first quarter slowed to 23% from a year earlier, down from 34% growth in the first three months of 2021, when the economy was reopening from the pandemic. Still, Pichai said in the letter that the company has hired 10,000 employees in the second quarter. "Because of the hiring progress achieved so far this year, we'll be slowing the pace of hiring for the rest of the year, while still supporting our most important opportunities," he wrote. "For the balance of 2022 and 2023, the company will focus on hiring on engineering, technical and other critical roles." Google, which has historically invested heavily in research and development, will also be more particular about where it spends money during this period of economic uncertainty. "In some cases, that means consolidating where investments overlap and streamlining processes," Pichai wrote. In other instances, it will mean "pausing development and re-deploying resources to higher priority areas," he said. Pichai ended the note by telling employees that "scarcity breeds clarity" and emphasizing that "I'm excited for us to rise to the moment again."Read more of this story at Slashdot.
Red Hat Names New CEO
Red Hat announced that Paul Cormier, the company's CEO and president since 2020, is stepping over to become chairman of the board. Matt Hicks, a Red Hat veteran and the company's head of products and technologies, will replace Cormier as president and CEO. ZDNet reports: It had been rumored at May 2022's Red Hat Summit that Cormier, who had been with Red Hat for over 14 years, might retire soon. That rumor wasn't true, but he is moving to a "somewhat" less demanding position. That said, as Stephanie Wonderlick, Red Hat's VP of Brand Experience + Communication, said, "I don't think Red Hat would have become Red Hat without Paul Cormier." [...] As for Hicks, he's a popular figure in the company. He's known as a hands-on leader. Hicks joined Red Hat in 2006 as a developer working on porting Perl applications to Java. That is not the start one thinks of for a future CEO! Hicks knows it. He said in a note to Red Hat employees that he'd "never imagined that my career would lead me to this moment. If I had followed my initial path, not raised my hand for certain projects, or shied away from contributing ideas and asking questions, I might not be here. That is what I love about Red Hat, and it's something that differentiates us from other companies: nothing is predetermined; we're only limited by our passion and drive to contribute and make an impact." So it was that he quickly rose to leadership positions. In particular, thanks to his work with Red Hat OpenShift, he saw Red Hat move from being primarily a Linux powerhouse to a hybrid cloud technology leader as well. Hicks, now in charge, said in a statement, "When I first joined Red Hat, I was passionate about open source and our mission, and I wanted to be a part of that. I am humbled and energized to be stepping into this role at this moment. There has never been a more exciting time to be in our industry, and the opportunity in front of Red Hat is vast. I'm ready to roll up my sleeves and prove that open-source technology truly can unlock the world's potential." He also said, Together, [IBM and Red Hat] can really lead a new era of hybrid computing. Red Hat has the technology expertise and open-source model -- IBM has the reach." Cormier's new role will focus on "moving forward to help customers drive innovation forward with a hybrid cloud platform built on open-source technology. Open-source technology has won the innovation debates, and whatever the future looks like, it's going to be built on open-source technology, and Red Hat will be there. Moving ahead, Cormier will continue to work alongside IBM chairman and CEO, Arvind Krishna. Both Cormier and Hicks will report to Krishna. As for day-to-day work, Hicks said, "I'm here to do the work with you. Let's roll up our sleeves together, embrace these values and earn the opportunity ahead of us."Read more of this story at Slashdot.
Apple and Jony Ive Are Parting Ways
Apple and Jony Ive are breaking up -- and this time, according to The New York Times, it's for real. Engadget reports: Ive left the tech giant in 2019 after over two decades and formed his own company called LoveFrom, which counted Apple as its first and primary client. The publication said that both parties agreed not to extend their contract in the weeks leading up to its renewal and to stop working together for the first time since the 90's. The Times said LoveFrom's multi-year contract with Apple was worth $100 million and prohibited the firm from taking on any project that the tech giant considered to be in competition with its products. Ive reportedly wanted the freedom to take on new clients without needing to ask permission from Apple. Meanwhile, the company's executives had apparently been questioning the amount Apple was paying him and had grown frustrated over employees quitting to join his design firm instead. Shortly after Jony Ive left Apple in 2019, the Wall Street Journal reported that Ive was slowly drifting apart from the company for several years as the iPhone maker's priorities shifted from product design to operations. Further reading: 'Apple is Not in Trouble Because Jony Ive is Leaving, It Is in Trouble Because He's Not Being Replaced'.Read more of this story at Slashdot.
Genetically Engineered Pig Hearts Transplanted Into Dead People
An anonymous reader quotes a report from The Verge: Researchers successfully transplanted genetically modified pig hearts into two recently deceased people connected to ventilators, the New York University team announced today. The surgeries are the latest step forward in the field of animal-to-human transplants, or xenotransplantation, which has seen a flurry of successes so far this year -- raising hopes for a new, steady supply of organs to ease shortages. The only thing different about these heart transplants from a normal human-to-human heart transplant was the organ itself, the research team said in a statement. The team performed the transplants on June 16th and July 9th, and each recipient was monitored for three days. In that time, the hearts functioned normally, and there weren't signs of rejection from the recipients, who were connected to ventilators to keep their body processes functioning semi-regularly, even after death. The two recipients were not able to be organ donors but were able to participate in whole-body donation for this type of research. The two pig hearts came from biotechnology company Revivicor, which produces genetically modified pigs (and also funded the research). The pigs had 10 genetic modifications -- four to block pig genes and prevent rejection and six to add human genes. A living person was successfully given a pig heart in early January, notes the report. While the person responded well to the transplant initially, they died of heart failure in March. "The specific cause is still unknown, but infection with a pig virus may have contributed to his death," adds The Verge. "The pig hearts are supposed to be free of viruses, but experts say they can be hard to detect." A research paper in late June details everything that went wrong with the transplant.Read more of this story at Slashdot.
Edits To a Cholesterol Gene Could Stop the Biggest Killer On Earth
A volunteer in New Zealand has become the first person to undergo DNA editing in order to lower their blood cholesterol, a step that may foreshadow wide use of the technology to prevent heart attacks. MIT Technology Review reports: The experiment, part of a clinical trial by the US biotechnology company Verve Therapeutics, involved injecting a version of the gene-editing tool CRISPR in order to modify a single letter of DNA in the patient's liver cells. According to the company, that tiny edit should be enough to permanently lower a person's levels of "bad" LDL cholesterol, the fatty molecule that causes arteries to clog and harden with time. The patient in New Zealand had an inherited risk for extra-high cholesterol and was already suffering from heart disease. However, the company believes the same technique could eventually be used on millions of people in order to prevent cardiovascular disease. In New Zealand, where Verve's clinical trial is taking place, doctors will give the gene treatment to 40 people who have an inherited form of high cholesterol known as familial hypercholesterolemia, or FH. People with FH can have cholesterol readings twice the average, even as children. Many learn they have a problem only when they get hit with a heart attack, often at a young age. The study also marks an early use of base editing, a novel adaptation of CRISPR that was first developed in 2016. Unlike traditional CRISPR, which cuts a gene, base editing substitutes a single letter of DNA for another. The gene Verve is editing is called PCSK9. It has a big role in maintaining LDL levels and the company says its treatment will turn the gene off by introducing a one-letter misspelling. [...] One reason Verve's base-editing technique is moving fast is that the technology is substantially similar to mRNA vaccines for covid-19. Just like the vaccines, the treatment consists of genetic instructions wrapped in a nanoparticle, which ferries everything into a cell. While the vaccine instructs cells to make a component of the SARS-CoV-2 virus, the particles in Verve's treatment carry RNA directions for a cell to assemble and aim a base-editing protein, which then modifies that cell's copy of PCSK9, introducing the tiny mistake. In experiments on monkeys, Verve found that the treatment lowered bad cholesterol by 60%. The effect has lasted more than a year in the animals and could well be permanent. The report notes that the human experiment does carry some risk. "Nanoparticles are somewhat toxic, and there have been reports of side effects, like muscle pain, in people taking other drugs to lower PCSK9," reports MIT Technology Review. "And whereas treatment with ordinary drugs can be discontinued if problems come up, there's as yet no plan to undo gene editing once it's performed."Read more of this story at Slashdot.
New Working Speculative Execution Attack Sends Intel and AMD Scrambling
Some microprocessors from Intel and AMD are vulnerable to a newly discovered speculative execution attack that can covertly leak password data and other sensitive material, sending both chipmakers scrambling once again to contain what is proving to be a stubbornly persistent vulnerability. Ars Technica reports: Researchers from ETH Zurich have named their attack Retbleed because it exploits a software defense known as retpoline, which was introduced in 2018 to mitigate the harmful effects of speculative execution attacks. Speculative execution attacks, also known as Spectre, exploit the fact that when modern CPUs encounter a direct or indirect instruction branch, they predict the address for the next instruction they're about to receive and automatically execute it before the prediction is confirmed. Spectre works by tricking the CPU into executing an instruction that accesses sensitive data in memory that would normally be off-limits to a low-privileged application. Retbleed then extracts the data after the operation is canceled. [...] The ETH Zurich researchers have conclusively shown that retpoline is insufficient for preventing speculative execution attacks. Their Retbleed proof-of-concept works against Intel CPUs with the Kaby Lake and Coffee Lake microarchitectures and AMD Zen 1, Zen 1+, and Zen 2 microarchitectures. In response to the research, both Intel and AMD advised customers to adopt new mitigations that the researchers said will add as much as 28 percent more overhead to operations. [...] Both Intel and AMD have responded with advisories. Intel has confirmed that the vulnerability exists on Skylake-generation processors that don't have a protection known as enhanced Indirect Branch Restricted Speculation (eIBRS) in place. "Intel has worked with the Linux community and VMM vendors to provide customers with software mitigation guidance which should be available on or around today's public disclosure date," Intel wrote in a blog post. "Note that Windows systems are not affected given that these systems use Indirect Branch Restricted Speculation (IBRS) by default which is also the mitigation being made available to Linux users. Intel is not aware of this issue being exploited outside of a controlled lab environment." AMD, meanwhile, has also published guidance. "As part of its ongoing work to identify and respond to new potential security vulnerabilities, AMD is recommending software suppliers consider taking additional steps to help guard against Spectre-like attacks," a spokesman wrote in an email. The company has also published a whitepaper. [Research Kaveh Razavi added:] "Retbleed is more than just a retpoline bypass on Intel, specially on AMD machines. AMD is in fact going to release a white paper introducing Branch Type Confusion based on Retbleed. Essentially, Retbleed is making AMD CPUs confuse return instructions with indirect branches. This makes exploitation of returns very trivial on AMD CPUs." The mitigations will come at a cost that the researchers measured to be between 12 percent and 28 percent more computational overhead. Organizations that rely on affected CPUs should carefully read the publications from the researchers, Intel, and AMD and be sure to follow the mitigation guidance.Read more of this story at Slashdot.
TikTok Hits Pause On Its Most Controversial Privacy Update Yet
Early last month, TikTok users across Europe were told that, starting July 13th, the platform would begin using their on-app data to serve up targeted ads, even if those users didn't consent to the practice. Now, less than a day before that change would have rolled out European Union-wide, it looks like the company's reconsidering things a bit. Gizmodo reports: A company spokesperson told TechCrunch on Tuesday that TikTok is "pausing" the update while it "engage[s] on the questions from stakeholders," about the way it handles personalized ads. And needless to say, there are quite a lot of questions about that right now -- from data protection authorities in the EU, from lawmakers in the US, and from privacy experts pretty much everywhere. For context: until this point, European users that opened the TikTok app needed to offer express consent to let the company use their data for targeted ads. This update planned to do away with the need for that pesky consent by on a legal basis known as "legitimate interest" to target those ads instead. In a nutshell, the "legitimate interest" clause would let TikTok process people's data, consent-free, if it was for a purpose that TikTok deemed reasonable. This means the company could say, for example, that because targeted ads bring in more money than their un-targeted equivalent, it would be reasonable to serve all users -- consenting or otherwise -- targeted ads. Reasonable, right?Read more of this story at Slashdot.
YouTube Ends Lofi Girl's Two-Year-Long Music Stream Over Bogus DMCA Warning
An anonymous reader writes: There are three constants in life: death, taxes and the "lofi hip hop radio -- beats to relax/study to" YouTube stream. That is, until YouTube falsely hit the Lofi Girl channel with a DMCA takedown, bringing the beloved streams offline for the first time in over 2 years. With over 668 million views, the stream was one of YouTube's most popular places for people to go when they wanted to listen to calming, yet engaging music while studying or working. Listeners sometimes used the stream's live chat like an anonymized, distant study group, reminding each other to take breaks and drink water. So when the stream suddenly stopped, fans were worried. [...] Yesterday, Lofi Girl addressed the sudden takedown in a tweet, stating that "the lofi radios have been taken down because of false copyright strikes." In response, fans of Lofi Girl circulated the tag #BringBackLofiGirl to get YouTube's attention. Some even went as far as to spam and troll FMC Music, the Malaysian label that allegedly issued the false copyright complaint, while others created fan art. Lofi Girl told TechCrunch that all of the channel's music is released through its record label, Lofi Records, so they have the necessary rights to share it. Because Lofi Girl has the proper rights to the music, YouTube determined that the account is not in violation of copyright laws. The platform responded to Lofi Girl on Twitter Monday, saying that the missing livestream videos should be reinstated in 24 to 48 hours. If past precedent holds true, Lofi Girl's next stream will have to start again from the beginning, rather than as a continuation of the existing 2-year-long stream. In 2020, the channel faced a similar problem when an accidental suspension ended its 13,000-hour stream. In that case, YouTube also owned up to its mistakes and reinstated the account, but the same issues have apparently returned. [...] Today, in YouTube's reply to Lofi Girl, the company said that the takedown requests were "abusive," meaning that they were leveraged as an attack against the channel, rather than out of actual concern for copyright violations. This behavior is incredibly common, but platforms have struggled to determine when these reports are legitimate and when they're unsubstantiated. "This event has shone a light on an underlying problem on the platform: It's 2022, and there are countless smaller creators out there, many of which engaged in this discussion, that continue to be hit daily by these false claims on both videos and livestreams," Lofi Girl wrote in a tweet. "We're shocked and disappointed to see that there's still not any kind of protection or manual review of these false claims," Lofi Girl wrote on Twitter. "At the end of the day, it was entirely out of our control, and the sad part is that there was no way to appeal beforehand/prevent it from happening."Read more of this story at Slashdot.
X.Org Server Hit By New Local Privilege Escalation, Remote Code Execution Vulnerabilities
Getting things started for this "Patch Tuesday" are the disclosure of two new X.Org Server vulnerabilities. Phoronix reports: These issues affecting out-of-bounds accesses with the X.Org Server can lead to local privilege elevation on systems where the X.Org Server is running privileged and remote code execution for SSH X forwarding sessions. CVE-2022-2319 and CVE-2022-2320 were made public this morning and both deal with the X.Org Server's Xkb keyboard extension not properly validating input that could lead to out-of-bounds memory writes. Fixes for these XKB vulnerabilities have been patched in X.Org Server Git and xorg-server 21.1.4 point release is expected soon with these fixes. Both vulnerabilities were discovered by Trend Micro's Zero Day Initiative.Read more of this story at Slashdot.
US Military Contractor Moves To Buy Israeli Spy-Tech Company NSO Group
US security technology provider L3Harris has courted controversial Israeli spyware firm NSO with an aim to buy it, according to reports. The Register reports: The New York Times claims L3Harris in recent months sent a team to Israel to try to smooth passage of the deal, which was made challenging by US president Joe Biden's decision to blacklist NSO following the use of its Pegasus software to crack phones of politicians and campaigners. The L3Harris executives delivered a message that the US government offers tacit support of its acquisition bid, although public statements were unlikely, according to five separate sources. The claims run counter to statements from US officials who were said to be outraged to learn about the negotiations for an American company to purchase a blacklisted spy-tech vendor. Later, L3Harris told officials it planned to end its attempt to buy the company while conflicting accounts said it hoped to restart them. The Times says that the US military contractor hired lawyer Daniel Reisner, who once worked for Israeli Military Prosecutor's Office to advise on the deal. News website Intelligence Online has also reported L3Harris efforts to buy NSO, although it quoted White House officials as saying the deal could create "serious counterintelligence and security concerns" for the US.Read more of this story at Slashdot.
Energy Bills To Rise More Than Predicted, Says UK Energy Regulator Ofgem Boss
An anonymous reader shares a report: Domestic energy bills will rise faster this winter than previously forecast by the energy regulator Ofgem, its chief executive has admitted to MPs. Jonathan Brearley said in late May that a typical household would pay $951 a year more from October. But, while giving evidence to MPs, he said it was "clear" that estimate for winter bills now looked too low. The original figure was used by ministers when deciding how much to pay in direct assistance this winter. One industry analyst has predicted a rise of more than $1,426 a year in October. Cornwall Insight said that the typical domestic customer was likely to pay $3,856 a year from October, then $4,000 a year from January. The typical bill at present is about $2,378 a year. In itself, this was a rise of $832 a year in April, compared with the previous six months.Read more of this story at Slashdot.
Tech CEO Arrested In 1992 Mountain View Cold Case Slaying After DNA Breakthrough
An anonymous reader quotes a report from The Daily Beast: On Sept. 5, 1992, computer engineer Laurie Houts, 25, was found fatally strangled in her car near a California garbage dump. Her boyfriend's roommate was arrested in connection with the case, but two trials -- and two hung juries -- later, a judge dismissed the case. The roommate moved to the Netherlands soon afterward. Over the weekend, the roommate -- now the chief executive of a small software company -- was arrested as he landed at John F. Kennedy International Airport in New York City, according to the Santa Clara County Office of the District Attorney. John Woodward, the 58-year-old CEO and president of ReadyTech, is expected to be extradited to Santa Clara County by the end of the month, District Attorney Jeff Rosen said Monday. Once there, Woodward will be arraigned for the third time in Houts' murder by strangulation. Houts' body was discovered by a passerby less than a mile from her office at Adobe Systems in Mountain View more than 30 years ago, according to the San Francisco Chronicle. A rope was around her neck, and there were footprints on the inside of her windshield, which were called "a sign of her struggle with Woodward" by the district attorney's office. Forensic science at the time was able to match Woodward to fingerprints found outside the car, but investigators could not prove that he had been inside the vehicle. Still, when Houts' boyfriend made a call, monitored by police, to Woodward soon after the 25-year-old's death, he "did not deny" killing Houts. Instead, according to a police summary of the matter, Woodward asked what evidence the authorities had against him and suggested to the roommate that they "meet in a parking lot" to talk more. Woodward, who had no alibi for the night Houts was killed, was arrested that same year. Prosecutors alleged that Woodward had developed an "unrequited" romantic interest in Houts' boyfriend. The theory was criticized as homophobic at Woodward's first trial by his defense lawyer in 1995, the The Mercury News reported Monday, and the jury deadlocked on his innocence, voting 8-4 for acquittal. A year later, despite a judge barring the romantic-rival argument, the jury hearing Woodward's second trial again hung itself, this time ruling 7-5. The judge soon dismissed the case for insufficient evidence. But advances in DNA technology allowed detectives to link Woodward to the rope around Houts' neck for the first time last year, Rosen's statement said. Investigators in both the Santa Clara County Crime Lab and Mountain View Police Department matched both Woodward's genetic material and fibers on his sweatpants to "the murder weapon," police said.Read more of this story at Slashdot.
Magic Leap 2 AR Headset Arrives Sept 30, Starting at $3,299
Magic Leap's next AR headset is coming this fall, and it's not cheap. The self-contained Magic Leap 2 glasses, which CNET tried earlier this year, will cost at least $3,299, and be available Sept. 30. From a report: Unlike the first Magic Leap headset, which launched back in 2018 and aspired to be for creative consumers, the Magic Leap 2 is entirely business-focused. The smaller glasses have their own dedicated AMD hip-worn processor puck. They offer a wider field of view than any other AR headset we've tried recently, and a unique feature that dims parts of the real world to make virtual objects seem less ghostly. The headset will come in three variations: the $3,299 Magic Leap 2 Base is the hardware plus a one-year warranty; while the Magic Leap 2 Developer Pro comes with extra developer-focused software and sample projects for $4,099. A Magic Leap 2 Enterprise version, with two-year support for enterprise-ready software, costs $4,999. Magic Leap's website will indicate where headsets will be available to buy: in the US, UK, Germany, France, Spain, Italy and Saudi Arabia on Sept. 30, and Japan and Singapore by the end of the year.Read more of this story at Slashdot.
Hundreds of Tech, Business and Nonprofit Leaders Urge States To Boost CS Education
theodp writes: In partnership with tech-bankrolled nonprofit Code.org, over 500 of the nation's business, education and nonprofit leaders issued a letter calling for state governments and education leaders to bring more Computer Science to K-12 students across the U.S. The signatories include a who's who of tech leaders, including Bill Gates, Jeff Bezos, Satya Nadella, Steve Ballmer, Tim Cook, Sundar Pichai, and Mark Zuckerberg. A new website -- CEOs for CS -- was launched in conjunction with the campaign. "The United States leads the world in technology, yet only 5% of our high school students study computer science. How is this acceptable?" the CEOs demand to know in their letter addressed "To the Governors and Education Leaders of the United States of America." They add, "Nearly two-thirds of high-skilled immigration is for computer scientists, and every state is an importer of this strategic talent. The USA has over 700,000 open computing jobs but only 80,000 computer science graduates a year. We must educate American students as a matter of national competitiveness." A press release explains that the announcement "coincides with the culmination of the National Governors Association Chairman's Initiative for K-12 computer science, led by Arkansas Gov. Asa Hutchinson." Hutchinson is a founding Governor of the Code.org-led advocacy group Govs for CS, which launched in anticipation of President Obama's tech-supported but never materialized $4 billion CS for All initiative. Hutchinson was a signatory of an earlier 2016 Code.org organized letter from Governors, business, education, and nonprofit leaders that implored Congress to make CS education for K-12 students a priority.Read more of this story at Slashdot.
Columbia Loses Its No. 2 Spot In the US News Rankings
Hmmmmmm writes: Without fanfare, U.S. News & World Report announced that it had "unranked" Columbia University, which had been in a three-way tie for the No. 2 spot in the 2022 edition of Best Colleges, after being unable to verify the underlying data submitted by the university. The decision was posted on the U.S. News website a week after Columbia said it was withdrawing from the upcoming 2023 rankings. The Ivy League university said then that it would not participate in the next rankings because it was investigating accusations by one of its own mathematics professors that the No. 2 ranking was based on inaccurate and misleading data. The biggest beneficiaries may be Harvard and M.I.T., which had shared the second spot with Columbia, and now have one less competitor. Princeton keeps its preening rights as No. 1. The rankings are influential among students applying to college because objectively comparing schools and visiting every campus they are interested in can be difficult. College presidents have bitterly complained that the rankings are misleading, yet few institutions have dropped out of the game.Read more of this story at Slashdot.
FTC Warns Tech Companies Against Misusing Health Data
Tech companies and data brokers that misuse or misrepresent how they handle Americans' personal data, including reproductive health information, may find themselves on the hook with the Federal Trade Commission, the agency warned this week. From a report: On Monday, the FTC renewed its vow to investigate or sue companies that use Americans' digital data in unfair or deceptive ways, following an executive order by the Biden administration that explicitly called for it and other agencies to consider steps to protect abortion-seekers. Since the Supreme Court decision overturning Roe v. Wade, civil liberties experts have warned that Americans' extensive digital footprints could give away whether they have visited an abortion clinic or sought information on how to access an abortion, prompting questions about the security of that data. "The misuse of mobile location and health information -- including reproductive health data -- exposes consumers to significant harm," the FTC said in a blog post. "The exposure of health information and medical conditions, especially data related to sexual activity or reproductive health, may subject people to discrimination, stigma, mental anguish, or other serious harms." It added: "The Commission is committed to using the full scope of its legal authorities to protect consumers' privacy. We will vigorously enforce the law if we uncover illegal conduct that exploits Americans' location, health, or other sensitive data."Read more of this story at Slashdot.
Amazon Launches Cancer Vaccine Clinical Trial in Partnership With Fred Hutchinson
Amazon is developing cancer vaccines in collaboration with the Fred Hutchinson Cancer Research Center, and it recently launched an FDA-approved clinical trial. From a report: Amazon and Fred Hutchinson are looking to recruit 20 participants over the age of 18 for the early stage, or phase 1, trial, according to a filing on clinicaltrials.gov, a database of clinical trials run by the National Library of Medicine. The goal is to develop "personalized vaccines" that can treat breast cancer and melanoma, a form of skin cancer, the filing states. Fred Hutchinson is listed as a sponsor of the study, while Amazon is listed as a collaborator, according to the filing. News of the partnership was first reported by Business Insider. The study was first posted last October, and it began June 9. It's expected to be complete by Nov. 1 of 2023. An Amazon spokesperson confirmed the partnership, and said it's being led by Fred Hutch. "Amazon is contributing scientific and machine learning expertise to a partnership with Fred Hutch to explore the development of a personalized treatment for certain forms of cancer," the spokesperson told CNBC in a statement. "It's very early, but Fred Hutch recently received permission from the U.S. Food and Drug Administration to proceed with a Phase I clinical trial, and it's unclear whether it will be successful. This will be a long, multi-year process -- should it progress, we would be open to working with other organizations in health care and life sciences that might also be interested in similar efforts."Read more of this story at Slashdot.
Microsoft Lays Off a Portion of Its Workforce as Part of a 'Realignment'
Microsoft today became the latest Big Tech company to cut jobs during a period of mounting economic uncertainty. Bloomberg reports that the Redmond firm is "realigning business groups and roles" after the close of its fiscal year (on June 30), even as the company intends to grow its headcount in the coming months. From a report: The layoffs reportedly affect less than 1% of Microsoft's 180,000-person workforce and follow no clear pattern with respect to geography or product division, touching on teams including customer and partner solutions and consulting. They come after Microsoft slowed hiring in the Windows, Teams, and Office groups while assuring that recruitment hadn't been affected by industry headwinds. "Today we had a small number of role eliminations. Like all companies, we evaluate our business priorities on a regular basis, and make structural adjustments accordingly," Microsoft told Bloomberg in an emailed statement. "We will continue to invest in our business and grow headcount overall in the year ahead." Microsoft reported strong earnings in Q3, with a 26% year-over-year increase in cloud revenue and overall revenue of $49.4 billion. But in early June, the company revised its Q4 revenue and earnings guidance downward, citing the impact of foreign exchange fluctuations.Read more of this story at Slashdot.
Nothing Officially Announces Flashy Phone 1, Starting at $475
After weeks of teases, Nothing is finally announcing its debut smartphone -- the Nothing Phone 1 -- at a launch event today. From a report: Led by OnePlus co-founder Carl Pei, it's the well-funded startup's second product released following last year's Ear 1 true wireless earbuds. The big news is that the Nothing Phone 1 will be sold with a modest starting price of $475 USD (though it's not getting a widespread release in the US) when it goes on sale on July 21st. $475 gets you the model with 8GB of RAM and 128GB of storage, while stepping up to $535 gets you 256GB of storage. The model with 12GB of RAM and 256GB of storage goes on sale later this summer for $593 USD.Read more of this story at Slashdot.
BMW Starts Selling Heated Seat Subscriptions for $18 a Month
BMW is now selling subscriptions for heated seats in a number of countries -- the latest example of the company's adoption of microtransactions for high-end car features. From a report: A monthly subscription to heat your BMW's front seats costs roughly $18, with options to subscribe for a year ($180), three years ($300), or pay for "unlimited" access for $415. It's not clear exactly when BMW started offering this feature as a subscription, or in which countries, but a number of outlets this week reported spotted its launch in South Korea. BMW has slowly been putting features behind subscriptions since 2020, and heated seats subs are now available in BMW's digital stores in countries including the UK, Germany, New Zealand, and South Africa. It doesn't, however, seem to be an option in the US -- yet.Read more of this story at Slashdot.
Peloton To Stop In-House Bike Production as Part of Turnaround
Peloton will stop building its bikes and treadmills at its own factories and rely solely on partners for manufacturing, marking one of the most dramatic steps yet to simplify its operations and reduce costs. From a report: The move is an about-face from Peloton's strategy over the past three years, when it split manufacturing between its own facilities and partners. The company built a portion of its standard Bike models and the higher-end Bike+ using facilities it acquired in 2019 as part of buying Tonic Fitness Technology. It also relied on Taiwan-based manufacturing partner Rexon Industrial to build bikes and its Tread treadmill. Now, the company will cease operating its Tonic facilities and move all of its bike and treadmill manufacturing to Rexon, Chief Supply Chain Officer Andrew Rendich told Bloomberg News in an interview. "We are going back to nothing but partnered manufacturing," he said. "It allows us to ramp up and ramp down based on capacity and demand." Peloton is making the change after several months of turmoil. In February, co-founder John Foley was replaced as chief executive officer by veteran media executive Barry McCarthy, and the company cut nearly 3,000 employees -- including many members of its executive team. Rendich was appointed to his role in March.Read more of this story at Slashdot.
Three Arrows Founders' Whereabouts Are Unknown, Foiling Liquidators
The founders of bankrupt crypto hedge fund Three Arrows Capital haven't been cooperating in the firm's liquidation process and their whereabouts were unknown as of Friday, according to court papers. From a report: Representatives tapped to liquidate Three Arrows by a British Virgin Islands judge had "not yet received any meaningful cooperation" from Kyle Davies and Zhu Su, lawyers said in US bankruptcy court filings. Advisory firm Teneo is attempting to round up and preserve the assets of the hedge fund. Lawyers for Zhu and Davies told Three Arrows' liquidators that the two intend to cooperate. A meeting between the liquidators and attorneys is scheduled for Monday, while a court hearing is set for Tuesday. The liquidators, meanwhile are trying prevent the potential "dissipation" of the fund's assets, Russell Crumpler of Teneo said in a sworn declaration. "Here, that risk is heightened because a substantial portion of the Debtor's assets are comprised of cash and digital assets, such as cryptocurrencies and non-fungible tokens, that are readily transferable," lawyers for the liquidators said in court papers.Read more of this story at Slashdot.
Nikon To Stop Making SLR Cameras and Focus on Mirrorless Models
Japanese camera maker Nikon will withdraw from the single-lens reflex camera business and shift toward digital offerings amid intensifying competition from smartphone cameras, Nikkei reported Tuesday. From the report: Nikon's SLR cameras have been widely used by professional photographers for more than 60 years and have come to be seen as synonymous with the Japanese company. It now plans to focus resources on mirrorless cameras, which have become mainstream products on the back of more advanced digital technologies. Nikon's cameras have been losing out to smartphones, which increasingly feature powerful cameras. Nikon aims to beat them by offering products with more unique features. Since June 2020, when Nikon launched its flagship D6 SLR, no new SLR models have been released. The company has already stopped development of compact digital cameras. From now on, Nikon intends to focus on digital mirrorless cameras, but production and distribution of existing SLR models will continue.Read more of this story at Slashdot.
The Video Game Prescribed By Doctors To Treat ADHD
An anonymous reader quotes a report from the BBC: In 2020 [EndeavorRx] became the first such game to be approved by the US Food and Drug Administration (FDA) for use in the treatment of ADHD in children. Currently only available on prescription from doctors in the US, EndeavorRx at first glance looks very similar to countless other games. You control a little alien that races on a spaceship through different worlds having to collect things. But the app-based game was developed in conjunction with neuroscientists, and is designed to stimulate and improve areas of the brain that play a key role in attention function. The idea is that it trains a child with ADHD to both better multitask and ignore distractions, with a computer algorithm measuring his or her performance and customizing the difficulty of the game in real time. When doctors prescribe it, the child's parents get sent an activation link that is needed before the game will play. Eddie Martucci, chief executive of Akili, the Boston-based tech firm behind EndeavorRx, says the game has been designed to boost cognitive progressing. "It is something that's very difficult to get through molecular means, like taking a pill. But it turns out that sensory stimuli can actually directly stimulate parts of the brain controlling cognitive function." His company now plans to launch the game in Europe in the next few years. Akili is one of only a handful of companies with clearance to offer a digital therapeutic as a prescription for medical conditions. Late last year, the FDA approved a virtual reality-based treatment for children with the visual disorder amblyopia, or lazy eye.Read more of this story at Slashdot.
India To Become World's Most Populous Country In 2023, UN Says
India is on track to overtake China as the planet's most populous country next year, according to a U.N. report published on Monday. CNBC reports: The report, from the population division of the U.N.'s Department of Economic and Social Affairs, said China and India were each home to over 1.4 billion people in 2022. "India is projected to surpass China as the world's most populous country during 2023," the U.N. said. The Indian government's census for 2011 put the country's population at more than 1.2 billion. "The global human population will reach 8.0 billion in mid-November 2022 from an estimated 2.5 billion people in 1950," according to the U.N.'s report. Looking further ahead, the U.N. said its latest projections showed the global population could reach roughly 8.5 billion in 2030 and 10.4 billion in 2100. Last year, the U.N. said that the "average fertility" of the planet's population amounted to 2.3 births per woman across a lifetime. This compares to approximately 5 births per woman in 1950, according to Monday's report. "Global fertility is projected to decline further to 2.1 births per woman by 2050," it said.Read more of this story at Slashdot.
Japan Wants To Bring Artificial Gravity To the Moon
"Researchers and engineers from Kyoto University and the Kajima Corporation have released their joint proposal for a three-pronged approach to sustainable human life on the Moon and beyond," reports Gizmodo. The first element involves "The Glass," which aims to bring simulated gravity to the Moon and Mars through centrifugal force. From the report: Gravity on the Moon and Mars is about 16.5% and 37.9% of that on Earth, respectively. Lunar Glass and Mars Glass could bridge that gap; they are massive, spinning cones that will use centrifugal force to simulate the effects of Earth's gravity. These spinning cones will have an approximate radius of 328 feet (100 meters) and height of 1,312 feet (400 meters), and will complete one rotation every 20 seconds, creating a 1g experience for those inside (1g being the gravity on Earth). The researchers are targeting the back half of the 21st century for the construction of Lunar Glass, which seems unreasonably optimistic given the apparent technological expertise required to pull this off. The second element of the plan is the "core biome complex" for "relocating a reduced ecosystem to space," according to a Google-translated version of the press release. The core biome complex would exist within the Moon Glass/Mars Glass structure and it's where the human explorers would live, according to the proposal. The final element of the proposal is the "Hexagon Space Track," or Hexatrack, a high-speed transportation infrastructure that could connect Earth, Mars, and the Moon. Hexatrack will require at least three different stations, one on Mars's moon Phobos, one in Earth orbit, and one around the Moon.Read more of this story at Slashdot.
In Sri Lanka, Organic Farming Went Catastrophically Wrong
Faced with a deepening economic and humanitarian crisis, Sri Lanka called off an ill-conceived national experiment in organic agriculture this winter. From a report in March: Sri Lankan President Gotabaya Rajapaksa promised in his 2019 election campaign to transition the country's farmers to organic agriculture over a period of 10 years. Last April, Rajapaksa's government made good on that promise, imposing a nationwide ban on the importation and use of synthetic fertilizers and pesticides and ordering the country's 2 million farmers to go organic. The result was brutal and swift. Against claims that organic methods can produce comparable yields to conventional farming, domestic rice production fell 20 percent in just the first six months. Sri Lanka, long self-sufficient in rice production, has been forced to import $450 million worth of rice even as domestic prices for this staple of the national diet surged by around 50 percent. The ban also devastated the nation's tea crop, its primary export and source of foreign exchange. By November 2021, with tea production falling, the government partially lifted its fertilizer ban on key export crops, including tea, rubber, and coconut. Faced with angry protests, soaring inflation, and the collapse of Sri Lanka's currency, the government finally suspended the policy for several key crops -- including tea, rubber, and coconut -- last month, although it continues for some others. The government is also offering $200 million to farmers as direct compensation and an additional $149 million in price subsidies to rice farmers who incurred losses. That hardly made up for the damage and suffering the ban produced. Farmers have widely criticized the payments for being massively insufficient and excluding many farmers, most notably tea producers, who offer one of the main sources of employment in rural Sri Lanka. The drop in tea production alone is estimated to result in economic losses of $425 million.Read more of this story at Slashdot.
Physicists Discover a 'Family' of Robust, Superconducting Graphene Structures
In 2018, MIT researchers found that if two graphene layers are stacked at a very specific "magic" angle, the twisted bilayer structure could exhibit robust superconductivity, a widely sought material state in which an electrical current can flow through with zero energy loss. Now the team reports that [...] four and five graphene layers can be twisted and stacked at new magic angles to elicit robust superconductivity at low temperatures. Phys.Org reports: This latest discovery, published this week in Nature Materials, establishes the various twisted and stacked configurations of graphene as the first known "family" of multilayer magic-angle superconductors. The team also identified similarities and differences between graphene family members. The findings could serve as a blueprint for designing practical, room-temperature superconductors. If the properties among family members could be replicated in other, naturally conductive materials, they could be harnessed, for instance, to deliver electricity without dissipation or build magnetically levitating trains that run without friction. In the current study, the team looked to level up the number of graphene layers. They fabricated two new structures, made from four and five graphene layers, respectively. Each structure is stacked alternately, similar to the shifted cheese sandwich of twisted trilayer graphene. The team kept the structures in a refrigerator below 1 kelvin (about -273 degrees Celsius), ran electrical current through each structure, and measured the output under various conditions, similar to tests for their bilayer and trilayer systems. Overall, they found that both four- and five-layer twisted graphene also exhibit robust superconductivity and a flat band. The structures also shared other similarities with their three-layer counterpart, such as their response under a magnetic field of varying strength, angle, and orientation. These experiments showed that twisted graphene structures could be considered a new family, or class of common superconducting materials. The experiments also suggested there may be a black sheep in the family: The original twisted bilayer structure, while sharing key properties, also showed subtle differences from its siblings. For instance, the group's previous experiments showed the structure's superconductivity broke down under lower magnetic fields and was more uneven as the field rotated, compared to its multilayer siblings. The team carried out simulations of each structure type, seeking an explanation for the differences between family members. They concluded that the fact that twisted bilayer graphene's superconductivity dies out under certain magnetic conditions is simply because all of its physical layers exist in a "nonmirrored" form within the structure. In other words, there are no two layers in the structure that are mirror opposites of each other, whereas graphene's multilayer siblings exhibit some sort of mirror symmetry. These findings suggest that the mechanism driving electrons to flow in a robust superconductive state is the same across the twisted graphene family.Read more of this story at Slashdot.
GameStop Launches NFT Marketplace
GameStop on Monday announced the long-awaited debut of its online marketplace for nonfungible tokens, or NFTs, in a bid to reinvent its business and cash in on consumer adoption of cryptocurrencies and blockchain technology. CNBC reports: The platform, which is now open to the public for beta testing, allows users to connect their own digital asset wallets, including the recently launched GameStop Wallet, the company said in a press release. They will then be able to buy, sell and trade NFTs of virtual goods. Over time, the marketplace will expand to offer other features such as Web3 gaming, GameStop said. "Currently, the marketplace plays host to an array of artwork projects that run on the Ethereum mainnet as well as Loopring, a layer-2 scaling solution," adds Decrypt. "GameStop previously announced a partnership to use the Immutable X layer-2 scaling network, but the marketplace notes that Immutable X support is 'coming soon.'" "GameStop and Immutable X launched a $100 million token grant fund to bring game developers onto the marketplace. A press release notes that gaming NFTs will be added in the future." Further reading: Game Developer On 'Why NFTs Are a Nightmare'Read more of this story at Slashdot.
Xbox Series X Can Run Windows 98, Along With Classic PC Games of The Era
Alex Battaglia from the YouTube channel "Digital Foundry" was able to use the "RetroArch" software emulator to run Windows 98 on the Xbox Series X, along with several PC games of the era. "Technically, you're supposed to be an Xbox developer to access this, and you will need to sign up to the paid Microsoft Partner program and turn on 'Developer Mode' for your system to activate it," notes Pure Xbox. "In DF's case, rather than directly playing emulated games through RetroArch, they used the program to install Windows 98 software." From the report: Beyond the novelty of actually booting up Win98 on a modern console the channel then decided to test out some games, running through the older version of Windows. Playthroughs of Turok, Command & Conquer, Quake 2 and more were all pretty successful, although the act of loading them onto the software requires a bit of messing about (you have to create ISO files and transfer them over -- sadly, Xbox's disc drive can't read the original discs). Of course, this wouldn't be a Digital Foundry video without some performance comparisons, so the team did just that. The video compares hardware of the era with Xbox Series X's emulation, and while the console often lags behind due to the fact that it's literally emulating an entire version of Windows, and then a game on top of that, it fares pretty well overall. You can watch Digital Foundry's video here.Read more of this story at Slashdot.
European Currency Close To Reaching Parity Against Dollar
An anonymous reader quotes a report from Bloomberg: Europe's common currency edged closer toward parity with the US dollar Monday as energy concerns and the risk of recession weighed on the outlook for the euro area, while risk aversion fueled a broad rally in the greenback. The euro dropped as much as 1.3% to $1.0053, eclipsing its low from last week. The last time it was this low was back in 2002. The currency's downward spiral has been swift and brutal, given it was trading around $1.15 in February. A string of increasingly-large Federal Reserve interest-rate hikes has supercharged the dollar, while Russia's invasion of Ukraine has worsened the outlook for growth in the euro zone and pushed up the cost of its energy imports. George Saravelos, global head of FX research for Deutsche Bank, told Bloomberg Surveillance Monday he could see the euro moving under parity, especially in the scenario of a "complete gas shutoff" from the Nord Stream 1 pipeline. The bank is pricing the euro to move in between a range of 0.95 to parity against the dollar, he said. "I really wouldn't say 0.95 would be unreasonable," Saravelos said. "Even if this gas returns in terms of full flow after the maintenance period, the (risk) premium is unlikely to go away. And I think that's a critical thing that's changed over the past few weeks."Read more of this story at Slashdot.
Game Developer On 'Why NFTs Are a Nightmare'
Game developer Mark Venturelli received a spirited ovation at Brazil's International Games Festival on Friday after he surprised the audience for his "Future of Game Design" talk with a new title: "Why NFTs are a nightmare." PC Gamer reports: Venturelli, who is best known for the game Chroma Squad, didn't just push back against those talks by calling NFTs a nightmare: He argued in detail that they're bad for gaming and run directly counter to his vision for the future of game design. In a follow-up interview with PC Gamer, Venturelli said the event's blockchain sponsors needed "to buy their relevance, because they're not relevant." [...] NFT projects in particular quickly became savvy enough to use phrases like "environment-friendly technology" in their press releases, but none of them grapple with the deeper criticisms of their ideas. That's what Venturelli zeroed in on in his talk and in our follow-up interview. There's the uncanny resemblance between these profit-driven grifts and pyramid schemes, but there's also the philosophical concern that things like cryptocurrency represent a libertarian ideal founded in paranoia about institutions, and about other human beings. That, Venturelli says, is in part why they're so inefficient in the first place. "Computationally, like in real life, if you don't trust the people that you're working with, you have to spend a lot more energy to achieve the same things," he says. "If I'm living with you in the same house and we don't trust each other, I have to, every time before I leave my house, hide my valuables. I have to make inventory of the things that I own, and maybe put cameras or locks inside of things. When I come back home I need to check everything and see if you messed with any of my stuff, and make sure that you don't get into my room when I'm sleeping and all that shit. It's so much energy that I have to use just to exist in a room with you, because I don't trust you. That, I feel, is a very good metaphor about how computationally blockchain works, and what is the underlying philosophical idea behind it, which is, 'We want a world without any sort of centralized authority because we cannot trust any of them ever.' And that is the opposite of what we want as a society, in my opinion." [...] Investors see potential value in South America right now due to exploitable political and economic instabilities, which for Venturelli means that presenting his counterargument is more important than ever. "If we don't take up some spaces, and we let these kinds of people take these spaces, suddenly they're dictating what's the future, suddenly they're taking the investments so that they are building our next big projects," he said. "That's when it starts to get really dangerous, because it can jeopardize our future as an industry, in my opinion. Because I don't feel like these things have long legs. I feel like they might be successful in the short term, but they are going to fall on the long term for sure." [He went on to say:] "Right now we are living in a crisis of trust in Western society -- trust in each other, in institutions, and even in our future together is in decline," Venturelli says. "We should be building systems that help connect people and build trust, build sustainable solutions, and build infinitely scalable human solutions. We should not be shifting away from culture, entertainment, and storytelling towards economic activity. We should not just be eliminating the final hiding places that we have to run away from the oppression of capitalist society." You can watch Venturelli's The Future of Game Design talk on YouTube. An English version of the slides accompanying it is available here.Read more of this story at Slashdot.
First Image From the James Webb Space Telescope
"On Monday, July 11, President Joe Biden released one of the James Webb Space Telescope's first images in a preview event at the White House in Washington," reports NASA in a press release. The full set of Webb's first full-color images and spectroscopic data will be released tomorrow on Tuesday, July 12 at 10:30 a.m. (14:30 UTC). You can watch the live broadcast of the unveiling here. From the report: This first image from NASA's James Webb Space Telescope is the deepest and sharpest infrared image of the distant universe to date. Known as Webb's First Deep Field, this image of galaxy cluster SMACS 0723 is overflowing with detail. Thousands of galaxies -- including the faintest objects ever observed in the infrared -- have appeared in Webb's view for the first time. This slice of the vast universe covers a patch of sky approximately the size of a grain of sand held at arm's length by someone on the ground. Released one by one, the first images from the world's largest and most powerful space telescope will demonstrate Webb at its full power, ready to begin its mission to unfold the infrared universe. The first images will be added to this page as they are released.Read more of this story at Slashdot.
Judge Rules Subway Can Be Sued Over Claims That Its Tuna Sandwiches Contain Other Fish Species or Animal Products
Sandwich chain Subway can be sued over claims it is allegedly misleading customers when it says its tuna products are in fact "100% tuna," a federal judge in California said Monday. From a report: The suit, originally brought by Oakland-area resident Nilima Amin in January 2021, claims Subway's tuna "partially or wholly lack tuna as an ingredient" and "contain other fish species, animal products, or miscellaneous products aside from tuna." The claims are based on testing performed at a UCLA marine biology laboratory. Subway has responded by saying any product that is not tuna in its tuna products would most likely be the result of cross-contact occurring as one of its employees prepares a sandwich.Read more of this story at Slashdot.
PyPI Is Rolling Out 2FA For Critical Projects, Giving Away 4,000 Security Keys
PyPI or the Python Package Index is giving away 4,000 Google Titan security keys as part of its move to mandatory two-factor authentication (2FA) for critical projects built in the Python programming language. ZDNet reports: PyPI, which is managed by the Python Software Foundation, is the main repository where Python developers can get third-party developed open-source packages for their projects. [...] One way developers can protect themselves from stolen credentials is by using two-factor authentication and the PSF is now making it mandatory for developers behind "critical projects" to use 2FA in coming months. PyPI hasn't declared a specific date for the requirement. "We've begun rolling out a 2FA requirement: soon, maintainers of critical projects must have 2FA enabled to publish, update, or modify them," the PSF said on its PyPI Twitter account. As part of the security drive, it is giving away 4,000 Google Titan hardware security keys to project maintainers gifted by Google's open source security team. "In order to improve the general security of the Python ecosystem, PyPI has begun implementing a two-factor authentication (2FA) requirement for critical projects. This requirement will go into effect in the coming months," PSF said in a statement. "To ensure that maintainers of critical projects have the ability to implement strong 2FA with security keys, the Google Open Source Security Team, a sponsor of the Python Software Foundation, has provided a limited number of security keys to distribute to critical project maintainers. PSF says it deems any project in the top 1% of downloads over the prior six months as critical. Presently, there are more than 350,000 projects on PyPI, meaning that more than 3,500 projects are rated as critical. PyPI calculates this on a daily basis so the Titan giveaway should go a long way to cover a chunk of key maintainers but not all of them. In the name of transparency, PyPI is also publishing 2FA account metrics here. There are currently 28,336 users with 2FA enabled, with nearly 27,000 of them using a 2FA app like Microsoft Authenticator. There are over 3,800 projects rated as "critical" and 8,241 PyPI users in this group. The critical group is also likely to grow since projects that have been designated as critical remain so indefinitely while new projects are added to mandatory 2FA over time. The 2FA rule applies to both project maintainers and owners.Read more of this story at Slashdot.
Hackers Uncover Ways To Unlock and Start Nearly All Modern Honda-Branded Vehicles
An anonymous reader quotes a report from The Drive: Hackers have uncovered ways to unlock and start nearly all modern Honda-branded vehicles by wirelessly stealing codes from an owner's key fob. Dubbed "Rolling Pwn," the attack allows any individual to "eavesdrop" on a remote key fob from nearly 100 feet away and reuse them later to unlock or start a vehicle in the future without owner's knowledge. Despite Honda's dispute that the technology in its key fobs "would not allow the vulnerability," The Drive has independently confirmed the validity of the attack with its own demonstration. Older vehicles used static codes for keyless entry. These static codes are inherently vulnerable, as any individual can capture and replay them at will to lock and unlock a vehicle. Manufacturers later introduced rolling codes to improve vehicle security. Rolling codes work by using a Pseudorandom Number Generator (PRNG). When a lock or unlock button is pressed on a paired key fob, the fob sends a unique code wirelessly to the vehicle encapsulated within the message. The vehicle then checks the code sent to it against its internal database of valid PRNG-generated codes, and if the code is valid, the car grants the request to lock, unlock, or start the vehicle. The database contains several allowed codes, as a key fob may not be in range of a vehicle when a button is pressed and may transmit a different code than what the vehicle is expecting to be next chronologically. This series of codes is also known as a "window," When a vehicle receives a newer code, it typically invalidates all previous codes to protect against replay attacks. This attack works by eavesdropping on a paired keyfob and capturing several codes sent by the fob. The attacker can later replay a sequence of valid codes and re-sync the PRNG. This allows the attacker to re-use older codes that would normally be invalid, even months after the codes have been captured. [...] Contrary to Honda's claim, I independently confirmed the vulnerability by capturing and replaying a sequence of lock and unlock requests with my 2021 Honda Accord and a Software-Defined Radio. Despite being able to start and unlock the car, the vulnerability doesn't allow the attacker to actually drive off with the vehicle due to the proximity functionality of the key fob. However, the fact that a bad actor can get this far is already a bad sign. At this time, the following vehicles may be affected by the vulnerability: 2012 Honda Civic, 2018 Honda X-RV, 2020 Honda C-RV, 2020 Honda Accord, 2021 Honda Accord, 2020 Honda Odyssey, 2021 Honda Inspire, 2022 Honda Fit, 2022 Honda Civic, 2022 Honda VE-1, and 2022 Honda Breeze. It's not yet clear if this affects any Acura-branded vehicles. "[W]e've looked into past similar allegations and found them to lack substance," said a Honda spokesperson in a statement to The Drive. "While we don't yet have enough information to determine if this report is credible, the key fobs in the referenced vehicles are equipped with rolling code technology that would not allow the vulnerability as represented in the report. In addition, the videos offered as evidence of the absence of rolling code do not include sufficient evidence to support the claims."Read more of this story at Slashdot.
G20 Watchdog To Propose First Global Crypto Rules in October
The Financial Stability Board (FSB) said on Monday it would propose "robust" global rules for cryptocurrencies in October, following recent turmoil in markets that has highlighted the need to regulate the "speculative" sector. From a report: The FSB, a body of regulators, treasury officials and central bankers from the Group of 20 economies (G20), has so far limited itself to monitoring the crypto sector, saying it did not pose a systemic risk. But recent turmoil in crypto markets has highlighted their volatility, structural vulnerabilities and increasing links to the wider financial system, the FSB said.Read more of this story at Slashdot.
Bitcoin Miners Shut Off Rigs as Texas Power Grid Nears Brink
Nearly all industrial scale Bitcoin miners in Texas have shut off their machines as the companies brace for a heat wave that is expected to push the state's power grid near its breaking point. From a report: Miners such as Riot Blockchain, Argo Blockchain and Core Scientific, who operate millions of energy-intensive computers to secure the Bitcoin blockchain network and earn rewards in the token, flocked to the Lone Star State thanks to its low energy costs and liberal regulations on crypto mining. The state has become one of the largest crypto-mining hubs by computing power in the world. "There are over 1,000 megawatts worth of Bitcoin mining load that responded to ERCOTs conservation request by turning off their machines to conserve energy for the grid." Lee Bratcher, president of Texas Blockchain Association told Bloomberg in an email response. "This represents nearly all industrial scale Bitcoin mining load in Texas and allows for over 1% of total grid capacity to be pushed back onto the grid for retail and commercial use." Miners may see a drop in profitability as the heat wave keeps their machines off by sending energy prices soaring and further stressing the state's power grid. The miners are already struggling to repay debt and raise additional capital with Bitcoin prices in sharp decline.Read more of this story at Slashdot.
Apple's iOS 16, macOS Ventura and watchOS 9 Public Betas Are Ready To Download
We're a couple of months out from Apple officially rolling out the next major versions of its various operating systems. However, you can try out iOS 16, iPadOS 16, watchOS 9, macOS Ventura and tvOS 16 right now. Apple has released a public beta, a few weeks after it offered up the first developer betas. To access them, you'll need to sign up for the Apple Beta Software Program and follow the directions.Read more of this story at Slashdot.
Adding Salt To Food at Table Can Cut Years Off Your Life, Study Finds
Adding salt to meals at the table is linked to an earlier death, according to a study of 500,000 middle-aged Britons. From a report: Researchers found that always adding salt to food knocks more than two years off life expectancy for men and one-and-a-half years for women. This does not include seasoning during the cooking process. The study did not definitively rule out other factors, such as salt consumption being a proxy for a generally less healthy lifestyle, but the team behind the work said the evidence was compelling enough that people should consider avoiding seasoning their meals. "To my knowledge, our study is the first to assess the relation between adding salt to foods and premature death," said Prof Lu Qi of Tulane University School of Public Health and Tropical Medicine in New Orleans, who led the work. "Even a modest reduction in sodium intake, by adding less or no salt to food at the table, is likely to result in substantial health benefits, especially when it is achieved in the general population." The findings were based on research involving more than 500,000 participants in the UK Biobank study, who were followed for an average of nine years. When joining the study between 2006 and 2010, they were asked, via a touchscreen questionnaire, whether they added salt to their foods and how often they did so.Read more of this story at Slashdot.
Binance Served Crypto Traders in Iran Despite US Sanctions, Clients Say
The world's largest crypto exchange, Binance, continued to process trades by clients in Iran despite U.S. sanctions and a company ban on doing business there, a Reuters investigation has found. From the report: In 2018, the United States reimposed sanctions that had been suspended three years earlier as part of Iran's nuclear deal with major world powers. That November, Binance informed traders in Iran it would no longer serve them, telling them to liquidate their accounts. September last year, only losing access after the exchange tightened its anti-money laundering checks a month earlier. Until that point, customers could trade by registering with just an email address.Read more of this story at Slashdot.
Microsoft Still Plans To Block Office Macros By Default After Temporary Rollback
Microsoft is still planning to block Visual Basic for Applications (VBA) macros by default in Office apps. From a report: The software giant rolled back planned changes last week, surprising IT admins who had been preparing for Microsoft to prevent Office users from easily enabling macros in Office files downloaded from the internet. The change, designed to improve security in Office, was supposed to go live in June before Microsoft suddenly reverted the block on June 30th. "Following user feedback, we have rolled back this change temporarily while we make some additional changes to enhance usability," explains Kellie Eickmeyer, principal product manager at Microsoft, in a blog post update. "This is a temporary change, and we are fully committed to making the default change for all users."Read more of this story at Slashdot.
Klarna's Valuation Slashed by $39 Billion Amid Fintech Rout
Klarna Bank's valuation has been slashed to $6.7 billion in its latest funding round, in a dramatic reversal for one of Europe's most high-profile startups. From a report: The buy-now-pay-later giant said it raised $800 million from new and existing investors, according to a statement Monday. Its new valuation is down from the $45.6 billion it achieved in June 2021, with Klarna reducing its ambitions several times during the latest talks with investors. Once one of the world's most valuable startups, Klarna was discussing valuations as high as $60 billion as recently as February. That was before the war in Ukraine and rising rates helped to spark a market-wide collapse.Read more of this story at Slashdot.
Experian, You Have Some Explaining To Do
Security reporter Brian Krebs: Twice in the past month KrebsOnSecurity has heard from readers who had their accounts at big-three credit bureau Experian hacked and updated with a new email address that wasn't theirs. In both cases the readers used password managers to select strong, unique passwords for their Experian accounts. Research suggests identity thieves were able to hijack the accounts simply by signing up for new accounts at Experian using the victim's personal information and a different email address. John Turner is a software engineer based in Salt Lake City. Turner said he created the account at Experian in 2020 to place a security freeze on his credit file, and that he used a password manager to select and store a strong, unique password for his Experian account. Turner said that in early June 2022 he received an email from Experian saying the email address on his account had been changed. Experian's password reset process was useless at that point because any password reset links would be sent to the new (impostor's) email address. An Experian support person Turner reached via phone after a lengthy hold time asked for his Social Security Number (SSN) and date of birth, as well as his account PIN and answers to his secret questions. But the PIN and secret questions had already been changed by whoever re-signed up as him at Experian.Read more of this story at Slashdot.
Myanmar's Junta Rolls Out Chinese Camera Surveillance Systems in More Cities
Myanmar's junta government is installing Chinese-built cameras with facial recognition capabilities in more cities across the country, Reuters reported Monday, citing three people with direct knowledge of the matter. From the report: In tenders to procure and install the security cameras and facial recognition technology, the plans are described as safe city projects aimed at maintaining security and, in some cases, preserving civil peace, said the people who are or have been involved in the projects. Since the February 2021 coup, local authorities have started new camera surveillance projects for at least five cities including Mawlamyine - the country's fourth-largest city, according to information from the three people who asked not to be identified for fear of reprisals by the junta. The new projects are in addition to five cities where camera systems touted as crime prevention measures were either installed or planned by the previous government led by Aung San Suu Kyi, according to the sources and local media.Read more of this story at Slashdot.
A $3 Billion Silk Road Seizure Will Erase Ross Ulbricht's Debt
In a twist, a massive trove of stolen bitcoins will repay the dark web market creator's $183 million restitution. Wired: Ross Ulbricht, the convicted creator of the legendary Silk Road dark web market for drugs, has never gotten much mercy from the US legal system. In 2015, he was sentenced to life in prison without parole. His appeal was denied, as was the pardon he sought from President Trump. But a little over a year ago, it appears Ulbricht finally got a break of a different kind: The nine-figure debt he owed to the US government as part of his sentence will be erased -- all thanks to the fortuitous hoarding of a hacker who'd stolen a massive trove of bitcoins from his market. Last year, prosecutors quietly signed an agreement with Ulbricht stipulating that a portion of a newfound trove of Silk Road bitcoins, seized from an unnamed hacker, will be used to cancel out the more than $183 million in restitution Ulbricht was ordered to pay as part of his 2015 sentence, a number calculated from the total illegal sales of the Silk Road based on exchange rates at the time of each transaction. Despite the fact that the more recently unearthed stash of bitcoins -- now worth billions of dollars -- was itself criminal proceeds, the Justice Department appears to have made a deal with Ulbricht to avoid any claim he might have made to the money: In exchange for Ulbricht's agreement to waive any ownership he might have of the bitcoins, a portion of them will be used to pay off his restitution in its entirety. "The parties agree that the net proceeds realized from the sale of the [bitcoins] forfeited pursuant to this agreement shall be credited toward any unpaid balance of the Money Judgment," reads a court filing from last year, using the phrase "money judgment" to refer to Ulbricht's 2015 restitution order. The document, filed in February of 2021, is signed by both Ulbricht and David Countryman, a prosecutor in the asset forfeiture unit of the US Attorney's office for the Northern District of California. The Department of Justice didn't respond to WIRED's request for comment. Ulbricht, of course, still faces life in prison. He has already served eight years of that sentence at jails in New York and penitentiaries in Colorado and Arizona. But the repayment of his restitution could mean that he's able to earn money in prison to share with family or friends without it being seized or garnished to pay his debts -- or even keep any previously unknown caches of bitcoins that he may possess, so long as they aren't tied to the Silk Road or other criminal sources. And if his sentence is eventually commuted, as his supporters and a years-long Free Ross campaign have petitioned for since even before his sentencing, he would reenter the world as a free man without hundreds of millions of dollars in debt.Read more of this story at Slashdot.
MIT Scientists Propose 'Space Bubbles' to Deflect Solar Radiation, Ease Climate Change
Popular Science reports:A raft of thin-film silicon bubbles deployed from Earth into outer space and stretching to the size of Brazil could potentially block the Sun's solar radiation from further warming Earth, possibly helping to not only stave off climate change, but potentially reverse it. This new "space bubbles" plan offered by scientists at the Massachusetts Institute of Technology rifts off a concept first offered by astronomer Roger Angel. The multidisciplinary team of architects, civil and mechanical engineers, physicists and material scientists have worked on the technical and social aspects of what the group calls a "planetary-scale project" in an effort to find a non-Earth-bound solution to climate change. The MIT group believes that if the raft of bubbles can deflect 1.8 percent of incident solar radiation before it hits Earth, they can fully reverse today's global warming. Even if they can't establish a 1.8 percent shading, they trust a smaller percentage provides enough benefit to help mitigate global warming. To make it happen, the group proposes deploying small, inflatable bubbles into outer space that they could then manufacture into a space raft the size of Brazil and suspend near the L1 Lagrangian Point, the location between the Earth and Sun where the gravitational influence of both bodies cancel out. The team does suggest having some sort of system to ensure the raft stays in place and that may provide the ability to move the bubbles closer to the Sun for optimal impact.... MIT cautions they don't view the project as a replacement to current adaption and mitigation efforts, but as a backup solution should climate change spin out of control... They plan to investigate low vapor-pressure materials to rapidly inflate and assemble the rafts, whether with a silicon-based melt or a graphene-reinforced ionic liquid... The team also believes a bit of science fiction may help in finding "novel ways" of shipping the material to space, such as a magnetic accelerator, known as a railgun.Read more of this story at Slashdot.
The Three Reasons Why Elon Musk Called Off His Acquisition of Twitter
Elon Musk just tweeted a picture of himself laughing — along with a caption he'd apparently added himself. "They said I couldn't buy Twitter. Then they wouldn't disclose bot info. Now they want to force me to buy Twitter in court. Now they have to disclose bot info in court." In fact, tonight The Register cited one of the documents Twitter filed in court after Musk's lawyer argued Twitter had "failed or refused" to provide info on spam accounts. But so far it's just a letter Musk's lawyer wrote to the court on Friday, explaining in more detail why Musk wants to call off the acquisition:One segment of the document claims that Musk and his team sought "a variety of board materials, including a working, bottom-up financial model for 2022, a budget for 2022, an updated draft plan or budget, and a working copy of Goldman Sachs' valuation model underlying its fairness opinion." "Twitter has provided only a pdf copy of Goldman Sachs' final Board presentation." Other disclosures, the document states, "come with strings attached, use limitations or other artificial formatting features, which has rendered some of the information minimally useful to Mr. Musk and his advisors. "For example, when Twitter finally provided access to the eight developer 'APIs' first explicitly requested by Mr. Musk in the May 25 Letter, those APIs contained a rate limit lower than what Twitter provides to its largest enterprise customers. Twitter only offered to provide Mr. Musk with the same level of access as some of its customers after we explained that throttling the rate limit prevented Mr. Musk and his advisors from performing the analysis that he wished to conduct in any reasonable period of time. "Additionally, those APIs contained an artificial 'cap' on the number of queries that Mr. Musk and his team can run regardless of the rate limit — an issue that initially prevented Mr. Musk and his advisors from completing an analysis of the data in any reasonable period of time," the document states. Musk and his team raised the issue of query limits on June 29, but Twitter did not change the limit until July 6 — after Musk asked for its removal a second time.... Musk felt Twitter was in breach of the merger agreement. So he pulled the plug, leaving open the questions of why Twitter might have provided only limited access to its APIs, or why it could not offer more access given it operates at significant scale. In fact, it's one of three reasons for ending the acquisition that Musk's lawyer makes in the letter. Materially-relevant figures on spam accounts were reason number one. ("Twitter has not provided information that Mr. Musk has requested for nearly two months notwithstanding his repeated, detailed clarifications intended to simplify Twitter's identification, collection, and disclosure of the most relevant information sought in Mr. Musk's original requests.") But there's more... Musk's lawyer also argues Twitter is in breach of the merger agreement because of "materially inaccurate representations" — specifically their figures on monetizable daily active users. While Musk's analysis "remains ongoing, all indications suggest that several of Twitter's public disclosures...are either false or materially misleading." While Twitter has claimed they have a reasoned process for calculating monetizable daily active users (and the percentage of spam accounts), Musk's lawyer argues that instead the process "appears to be arbitrary and ad hoc," rendering Twitter's statements "false and misleading." And thus, "Mr. Musk has the right to seek rescission of the Merger Agreement in the event these material representations are determined to be false." But finally Musk's lawyer provides a third reason for ending the acquisition. Twitter was required to "seek and obtain consent before deviating from its obligation to conduct its business in the ordinary course and 'preserve substantially intact the material components of its current business organization.'" The lawyer's letter argues that didn't happen:Twitter's conduct in firing two key, high-ranking employees, its Revenue Product Lead and the General Manager of Consumer, as well as announcing on July 7 that it was laying off a third of its talent acquisition team, implicates the ordinary course provision. Twitter has also instituted a general hiring freeze which extends even to reconsideration of outstanding job offers. Moreover, three executives have resigned from Twitter since the Merger Agreement was signed: the Head of Data Science, the Vice President of Twitter Service, and a Vice President of Product Management for Health, Conversation, and Growth. But Twitter hadn't received "consent for changes in the conduct of its business, including for the specific changes listed above," according to Musk's lawyer, which "therefore constitute a material breach of Section 6.1 of the Merger Agreement."Read more of this story at Slashdot.
...303304305306307308309310311312...