Slashdot

An anonymous reader shares a column: Every major phone manufacturer is guilty of a serious crime, and I won't be quiet about it any longer: they stole the power button from us. Apple, Google, Samsung: guilty, guilty, guilty. Long-pressing the power button used to bring up an option to turn your phone off, but then these companies decided to get cute and make this a shortcut to summon their digital assistant. This is bad and wrong, and I'm politely demanding that these companies return what they took from us. Look, I get the logic. When phone screens got bigger, physical buttons like Apple's home button were axed, and existing buttons had to pick up the slack. In the iPhone X, Apple re-homed the Siri function to the power button. Since then, turning your iPhone off has required pressing a combination of buttons. If you make the fatal mistake of long-pressing the power button in hopes of turning your phone off, Siri will start listening to you as you curse about how the power button doesn't work how it should anymore. And woe to you if you don't hold down the right button combination long enough -- you'll take a screenshot that you didn't want and will have to delete later. It's just as bad on Samsung and Google phones. Long-pressing the power button on the Pixel 7 Pro just now brought up the Google Assistant and a prompt to ask it how to say sorry in Spanish. No, Google. It is you who should be apologizing. And the Galaxy S22 phones I used this year all bid me to set up Bixby whenever I made the mistake of long-pressing the power button. Both Google and Samsung let you change it back to the power menu -- and Samsung has the decency to put a shortcut to side key options on its shutdown screen -- but enough is enough. Long-pressing the power button should, by default, just turn the phone off. The thing that really adds salt to the wound is that the button combination to turn your phone off isn't even the same on every phone. On an iPhone, you can press and hold the power button and either volume key to get to shutdown options. On a Pixel phone, it's a short press of the volume up key and power button. If you screw up and press the volume down key, you'll take a screenshot, which will make you feel stupid when you find it in your photo gallery later. Samsung makes you press and hold the volume down key and power button.Read more of this story at Slashdot.

A brand-new law (awaiting only the president's signature) will let the Federal Communications Commission directly regulate rates in the notoriously predatory prison calling industry. From a report: Under the threat of having to provide a solid product for a reasonable price, companies may opt to call it a day and open up the market to a more compassionate and forward-thinking generation of providers. Prison calling systems depend on the state and the prison system, and generally have run the gamut from good enough to shockingly bad. With a literally captive customer base, companies had no real reason to innovate, and financial models involving kickbacks to the prisons and states incentivized income at all costs. Inmates are routinely charged extortionate rates for simple services like phone calls and video calls (an upsell), and have even had visitation rights rescinded, leaving paid calls the only option. Needless to say, this particular financial burden falls disproportionately on people of color and those with low incomes, and it's a billion-dollar industry. It's been this way for a long time, and former FCC commissioner Mignon Clyburn spent years trying to change it. When I talked with her in 2017, before she left the agency, she called inmate calling "the clearest, most glaring type of market failure I've ever seen as a regulator." It was an issue she spent years working on, but she gave a lot of credit to Martha Wright-Reed, a grandmother who had organized and represented the fight to bring reform to the system right up until she died.Read more of this story at Slashdot.

Computer scientists from Stanford University have found that programmers who accept help from AI tools like Github Copilot produce less secure code than those who fly solo. From a report: In a paper titled, "Do Users Write More Insecure Code with AI Assistants?", Stanford boffins Neil Perry, Megha Srivastava, Deepak Kumar, and Dan Boneh answer that question in the affirmative. Worse still, they found that AI help tends to delude developers about the quality of their output. "We found that participants with access to an AI assistant often produced more security vulnerabilities than those without access, with particularly significant results for string encryption and SQL injection," the authors state in their paper. "Surprisingly, we also found that participants provided access to an AI assistant were more likely to believe that they wrote secure code than those without access to the AI assistant." Previously, NYU researchers have shown that AI-based programming suggestions are often insecure in experiments under different conditions. The Stanford authors point to an August 2021 research paper titled "Asleep at the Keyboard? Assessing the Security of GitHub Copilot's Code Contributions," which found that given 89 scenarios, about 40 per cent of the computer programs made with the help of Copilot had potentially exploitable vulnerabilities. That study, the Stanford authors say, is limited in scope because it only considers a constrained set of prompts corresponding to 25 vulnerabilities and just three programming languages: Python, C, and Verilog. The Stanford scholars also cite a followup study from some of the same NYU eggheads, "Security Implications of Large Language Model Code Assistants: A User Study," as the only comparable user study they're aware of. They observe, however, that their work differs because it focuses on OpenAI's codex-davinci-002 model rather than OpenAI's less powerful codex-cushman-001 model, both of which play a role in GitHub Copilot, itself a fine-tuned descendant of a GPT-3 language model.Read more of this story at Slashdot.

This week America passed a $1.7 trillion federal spending bill — and it includes a big win for retailrs reporters the Associated Press. It forces online marketplaces like Amazon and Facebook "to verify high-volume sellers on their platforms amid heightened concerns about retail crime...."The bill, called the INFORM ACT, also seeks to combat sales of counterfeit goods and dangerous products by compelling online marketplaces to verify different types of information — including bank account, tax ID and contact details — for sellers who make at least 200 unique sales and earn a minimum of $5,000 in a given year. It's difficult to parse out how much money retailers are losing due to organized retail crime — or if the problem has substantially increased. But the issue has received more notice in the past few years as high-profile smash-and-grab retail thefts and mass shoplifting events grabbed national attention. Some retailers have also said in recent weeks they're seeing more items being taken from stores. Target executives said in November the number of thefts has gone up more than 50%, resulting in more than $400 million in losses. Its expected to be more than $600 million for the full fiscal year.... Walgreens, Best Buy and Home Depot have also pointed out similar problems. The National Retail Federation, the nation's largest retail trade group, said its latest security survey of roughly 60 retailers found that inventory loss — called shrink — clocked in at an average rate of 1.4% last year, representing $94.5 billion in losses [included damaged products and theft by employees] ... It also noted retailers, on average, saw a 26.5% uptick in organized theft incidents last year.Read more of this story at Slashdot.

"Last week at the 2022 American Geophysical Union (AGU) Fall Meeting, planetary scientists and astronomers discussed how new machine-learning techniques are changing the way we learn about our solar system," reports Space.com, "from planning for future mission landings on Jupiter's icy moon Europa to identifying volcanoes on tiny Mercury...."For many tasks in astronomy, it can take humans months, years or even decades of effort to sift through all the necessary data... "You can find up to 10,000, hundreds of thousands of boulders, and it's very time consuming," Nils Prieur, a planetary scientist at Stanford University in California said during his talk at AGU. Prieur's new machine-learning algorithm can detect boulders across the whole moon in only 30 minutes. It's important to know where these large chunks of rock are to make sure new missions can land safely at their destinations. Boulders are also useful for geology, providing clues to how impacts break up the rocks around them to create craters. Computers can identify a number of other planetary phenomena, too: explosive volcanoes on Mercury, vortexes in Jupiter's thick atmosphere and craters on the moon, to name a few. During the conference, planetary scientist Ethan Duncan, from NASA's Goddard Space Flight Center in Maryland, demonstrated how machine learning can identify not chunks of rock, but chunks of ice on Jupiter's icy moon Europa. The so-called chaos terrain is a messy-looking swath of Europa's surface, with bright ice chunks strewn about a darker background. With its underground ocean, Europa is a prime target for astronomers interested in alien life, and mapping these ice chunks will be key to planning future missions. Upcoming missions could also incorporate artificial intelligence as part of the team, using this tech to empower probes to make real-time responses to hazards and even land autonomously. Landing is a notorious challenge for spacecraft, and always one of the most dangerous times of a mission.Read more of this story at Slashdot.

The Verge presents what it's calling "an interview with an AI early adopter," who is currently using ChatGPT not just to generate titles, but also the plots for their mysteries. For example, "I need four murder suspects with information about why they're suspected and how they are cleared. And then tell me who the guilty killer is." The author says "It will do just that. It will spit that out." Q: You and a few other independent authors were early adopters of these tools. With ChatGPT, it feels like a lot of other people are suddenly grappling with the same questions you were confronting. What's that been like...? Every group, every private, behind-the-scenes author group I'm in, there's some kind of discussion going on. Right now, everybody's talking about using it on the peripherals. But there seems to be this moral chasm between: "It does blurbs really well, and I hate doing blurbs, and I have to pay somebody to do blurbs, and blurbs isn't writing, so I'm going to use it for blurbs." Or "Well, I'm going to have it help me tighten up my plot because I hate plotting, but it plots really well, so I'm going to use it for that." Or "Did you know that if you tell it to proofread, it'll make sure that it's grammatically correct?' Everybody gets closer and closer to using it to write their stuff, and then they stop, and everybody seems to feel like they have to announce when they're talking about this: "But I do not ever use its words to write my books." And I do.... The actual words, just to get them down faster and get it out, I do. So I've found myself in the past couple of weeks wondering, do I engage in this debate? Do I say anything? For the most part, I've said nothing. Q: What do you think the line is that people are drawing? It's a concern of plagiarism. Everybody knows that they crawled stuff with permission and without permission. And there's an ethical question.... I have three authors that I've read extensively, indie authors that I'm friends with, and I know they never gave permission for their stuff to be looked at, and I was able to reasonably recreate their style.... That I won't do. That, for me, is an ethical line.... But you could, if you were ethically okay with that, with this technology and what it allows you to do.Read more of this story at Slashdot.

"The first mostly non-human-run McDonald's is open for business just outside Fort Worth, Texas," reports the Guardian. CNN calls it "an almost fully-automated restaurant," noting there's just one self-service kiosk (with a credit card reader) for ordering food. McDonalds tells CNN there's "some interaction between customers and the restaurant team" when picking up orders or drinks. But at the special "order ahead" drive-through lane, your app-ordered bag of food is instead delivered to a platform by your car's window using a vertical conveyor belt. CNN reports that it's targetted to customers on the go. For example, there's dedicated parking spaces outside for curbside pickup orders, while inside there's a room with bags to be picked up by food-delivery couriers (who also get their own designated parking spaces outside). But for regular customers, CBS emphasizes that "ordering is done through kiosks or an app — no humans involved there, either."But not all customers are loving it. "Well there goes millions of jobs," one commenter on a TikTok video said about the new restaurant said. "Oh no first we have to talk with Siri and Google [and] now we have to talk to another computer," another one opined. "I'm not giving my money to robots," another commenter wrote. "Raise the minimum wage!" Other customers had more personal concerns, expressing worries about how they could get their order fixed if it was incorrectly prepared or how to ask for extra condiments. "And if they forget an item. Who you supposed to tell, the robot? It defeats the purpose of using the drive thru if you have to go inside for it," one consumer noted.... To be sure, not everyone had negative views about the concept. Some customers expressed optimism that the automated restaurant could improve service and their experience.Read more of this story at Slashdot.

Mozilla recently fixed a bug that was first reported 18 years ago in Firebox 1.0, reports How-to Geek:Bug 290125 was first reported on April 12, 2005, only a few days before the release of Firefox 1.0.3, and outlined an issue with how Firefox rendered text with the ::first-letter CSS pseudo-element. The author said, "when floating left a :first-letter (to produce a dropcap), Gecko ignores any declared line-height and inherits the line-height of the parent box. [...] Both Opera 7.5+ and Safari 1.0+ correctly handle this." The initial problem was that the Mac version of Firefox handled line heights differently than Firefox on other platforms, which was fixed in time for Firefox 3.0 in 2007. The issue was then re-opened in 2014, when it was decided in a CSS Working Group meeting that Firefox's special handling of line heights didn't meet CSS specifications and was causing compatibility problems. It led to some sites with a large first letter in blocks of text, like The Verge and The Guardian, render incorrectly in Firefox compared to other browsers. The issue was still marked as low priority, so progress continued slowly, until it was finally marked as fixed on December 20, 2022. Firefox 110 should include the updated code, which is expected to roll out to everyone in February 2023.Read more of this story at Slashdot.

Subscribers to "NFL Sunday Ticket" can watch broadcasts of every Sunday game of American football. But for access next season, "fans will have to Google it..." warns the Associated Press — because Thursday the football league announced plans to distribute their game package on YouTube TV and YouTube Primetime Channels. Google beat out both Apple and Amazon by offering over $2 billion a year for 7 years — but Yahoo Finance believes it's more about drawing attention to YouTube's streaming TV services. "Don't expect the package to be profitable, one analyst warned.""They're not making money on this — this is a loss leader," Michael Pachter, managing director of equity research at Wedbush, told Yahoo Finance Live, referencing YouTube TV's current price point of $64.99. "I don't think they make a penny at that level...." "It's an extremely expensive package of content," Tim Nollen, analyst at Macquarie Group, previously told Yahoo Finance Live, noting the Sunday Ticket package was not a profitable service for DirecTV [which since 1994 has held the exclusive broadcast rights in the U.S.] [...] YouTube TV has more than 5 million subscribers and trial users as of July. "Five million subscribers is just not enough," Pachter stressed. "Even if all 5 million pay the $400 bucks a year...they're going to barely cover their costs." Still, despite the lack of profitability and sky-high price tag, Pachter noted YouTube might be best positioned to take advantage of the package, especially as the demand for live sports escalates. "I think they can be smart about how they carve up the content," Pachter said, suggesting the platform could more easily sell games to bars and restaurants.Read more of this story at Slashdot.

The Zero Day Initiative, a zero-day security research firm, announced a new Linux kernel security bug that allows authenticated remote users to disclose sensitive information and run code on vulnerable Linux kernel versions. ZDNet reports:Originally, the Zero Day Initiative ZDI rated it a perfect 10 on the 0 to 10 common Vulnerability Scoring System scale. Now, the hole's "only" a 9.6.... The problem lies in the Linux 5.15 in-kernel Server Message Block (SMB) server, ksmbd. The specific flaw exists within the processing of SMB2_TREE_DISCONNECT commands. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the kernel context. This new program, which was introduced to the kernel in 2021, was developed by Samsung. Its point was to deliver speedy SMB3 file-serving performance.... Any distro using the Linux kernel 5.15 or above is potentially vulnerable. This includes Ubuntu 22.04, and its descendants; Deepin Linux 20.3; and Slackware 15.Read more of this story at Slashdot.

"A Microsoft employee appears to have accidentally announced that Windows 11's Notepad app is getting a tabs feature," reports the Verge:The employee, a senior product manager at Microsoft, posted a photo of a version of Notepad with tabs, enthusiastically announcing "Notepad in Windows 11 now has tabs!" with a loudspeaker emoji. The tweet was deleted minutes later, but not before Windows Central and several Windows enthusiast Twitter accounts had spotted the mistake. The Notepad screenshot includes a Microsoft internal warning: "Confidential Don't discuss features or take screenshots...." The addition of tabs in Notepad could signal a shift towards tabs appearing in more built-in Windows apps.Read more of this story at Slashdot.

Ars Technica reports on a dangerously "wormable" Windows vulnerability that allowed attackers to execute malicious code with no authentication required — a vulnerability that was present "in a much broader range of network protocols, giving attackers more flexibility than they had when exploiting the older vulnerability."Microsoft fixed CVE-2022-37958 in September during its monthly Patch Tuesday rollout of security fixes. At the time, however, Microsoft researchers believed the vulnerability allowed only the disclosure of potentially sensitive information. As such, Microsoft gave the vulnerability a designation of "important." In the routine course of analyzing vulnerabilities after they're patched, IBM security researcher Valentina Palmiotti discovered it allowed for remote code execution in much the way EternalBlue did [the flaw used to detonate WannaCry]. Last week, Microsoft revised the designation to critical and gave it a severity rating of 8.1, the same given to EternalBlue.... One potentially mitigating factor is that a patch for CVE-2022-37958 has been available for three months. EternalBlue, by contrast, was initially exploited by the NSA as a zero-day. The NSA's highly weaponized exploit was then released into the wild by a mysterious group calling itself Shadow Brokers. The leak, one of the worst in the history of the NSA, gave hackers around the world access to a potent nation-state-grade exploit. Palmiotti said there's reason for optimism but also for risk: "While EternalBlue was an 0-Day, luckily this is an N-Day with a 3 month patching lead time," said Palmiotti. There's still some risk, Palmiotti tells Ars Technica. "As we've seen with other major vulnerabilities over the years, such as MS17-010 which was exploited with EternalBlue, some organizations have been slow deploying patches for several months or lack an accurate inventory of systems exposed to the internet and miss patching systems altogether." Thanks to Slashdot reader joshuark for sharing the article.Read more of this story at Slashdot.

Meanwhile, over in the Microsoft ecosystem, CNET reports:You can ditch the subscription (with recurring charges) and snag a lifetime license of access to Microsoft's Word, Excel, PowerPoint, Outlook, Teams, OneNote, Publisher and Access for just $30... That's back at the lowest price we've ever seen, and a whopping 91% off the usual price of $349. However, this deal expires in just a few days, so be sure to get your order in soon.The offer, from StackSocial, applies to both the Windows and Mac version of the software. Now, you can always opt to use the free online version of Microsoft Office (which has far fewer features). But compared to the online Microsoft 365 subscription suite that costs $10 per month or $100 per year, this downloadable version is a phenomenal bargain. The Mac deal ends today, but the Windows deal extends through December 28th, according to CNET's article. "The two big caveats: You get a single key — which only works on a single computer — and there's no Microsoft OneDrive Cloud Storage included."Read more of this story at Slashdot.

Friday America's Federal Trade Commission issued an announcement on what it called "illegal business tactics that Mastercard has been using to force merchants to route debit card payments through its payment network," saying the FTC is now requiring Mastercard "to stop blocking the use of competing debit payment networks."The popularity of debit cards has been growing especially quickly for purchases consumers make using their personal devices equipped with ewallet applications such as Apple Pay, Google Pay, and Samsung Wallet. Payment card networks play a critical role in those debit card transactions.... Payment card networks compete for the business of banks that issue cards and for the business of merchants that accept card payments. Mastercard, along with Visa, is one of the two leading payment card networks in the United States. The processing fees charged by networks total billions of dollars every year, affecting every purchase made with a debit card, according to the FTC. Most of these fees are paid by the merchants to the card-issuing banks and the payment card networks.... Mastercard was flouting the law by setting policies to block merchants from routing ecommerce transactions using Mastercard-branded debit cards saved in ewallets to alternative payment card networks, including networks that may charge lower fees than Mastercard, the FTC alleged. Specifically, Mastercard used its control over a process called "tokenization" to block the use of competing payment card networks, the agency alleged. Transactions commonly are "tokenized" by replacing the cardholder's primary account number with a different number to protect the account number during some stages of a debit transaction. Tokens are stored in ewallets such as Apple Pay, Google Pay, and Samsung Wallet and serve as a substitute credential to provide additional protection for a cardholder's account number.... According to the FTC, Mastercard refuses to provide conversion services to competing networks for remote ewallet debit transactions...thereby making it impossible for merchants to route their ewallet transactions on a network other than Mastercard.Read more of this story at Slashdot.

Justin Garrison works at Amazon Web Services on the Kubernetes team (and was senior systems engineer on several animated films). This week he spotted a new milestone for Linux in the 2022 StackOverflow developer survey:[Among the developers surveyed] Linux as a primary operating system had been steadily climbing for the past 5 years. 2018 through 2021 saw steady growth with 23.2%, 25.6%, 26.6%, 25.3%, and finally in 2022 the usage was 40.23%. Linux usage was more than macOS in 2021, but only by a small margin. 2022 it is now 9% more than macOS. Their final stats for "professional use" operating system:Windows: 48.82%Linux-based: 39.89%MacOs: 32.97%But Garrison's blog post notes that that doesn't include the million-plus people all the Linux-based cloud development environments (like GitHub Workspaces) — not to mention the 15% of WSL users on Windows and all the users of Docker (which uses a Linux VM). "It's safe to say more people use Linux as part of their development workflow than any other operating system."Read more of this story at Slashdot.

Like a visit from an old friend, it's Donald Knuth's annual Christmas tree lecture for 2022. "Because of the pandemic, it's been three years since Knuth has been able to honor this tradition," notes The New Stack:2022 marks the 60th anniversary of that fateful day in 1962 when a 24-year-old Donald Knuth started writing " The Art of Computer Programming." Now approaching his 85th birthday, Knuth has become almost a legend in the world of computer programming — and he's still writing additional volumes for his massive analysis of algorithms. But every year, right around Christmas time, there's another tradition. Knuth gives a special lecture "pitched at non-specialists" for a small audience at Stanford University (where Knuth is a professor emeritus) and a larger audience online... Hunched over a notepad (which was projected onto a screen behind him), Knuth began the 26th annual Christmas lecture by pointing out that the evening's topic had been hiding in plain sight for two decades. For the first 20 years, they'd called them the "Christmas tree" lectures, since "trees are one of the most important things to a computer scientist. And every year I learned at least two new cool things about trees..." About five years ago they'd changed the name to just "Christmas lectures" — but the problem wasn't that trees stopped being interesting. "I still learn cool things about trees every year. But they're getting harder and harder to explain to a general audience!" So this year's triumphant "homecoming" lecture would indeed include trees — specifically a phenomenon Knuth describes as "twintrees," along with Baxter permutations, and Floorplans. Knuth noted they're all topics touched on in the latest volume of The Art of Computer Programming, before jokingly reminding the audience that his book makes an excellent Christmas present. By the end of the lecture, Knuth had written algorithms for all three mathematical concepts — then connected all three algorithms with Linux pipes to show what happens when you convert one kind of sequence into the other and then into the other. "I get back, of course, the one I started with!"Read more of this story at Slashdot.

CNN shares the historic close-up snowflake photos of Wilson Bentley, the first person to capture the details of the individual "snow crystal" ice that makes up snowflakes. It was 1885, just 69 years after the invention of the camera, and after years of trial and error, "He went on to photograph more than 5,000 of these "ice flowers" during his lifetime — never finding any duplicates — and the images still mesmerize to this day."Every snow crystal shares a common six-sided or six-pointed structure — it's how frozen water molecules arrange themselves — but they will always vary from one another because each falls from the sky in its own unique way and experiences slightly different atmospheric conditions on its travel down to earth. Some of their arms may look long and skinny. Others may appear short and flat or somewhere in between. The possibilities are endless and fascinating.... "He had the mind of a scientist and the soul of a poet, and you can see that in his writings," said Sue Richardson, Bentley's great-grandniece who is vice president of the board for the Jericho Historical Society. "He wrote many, many articles over the years for scientific publications and for other magazines like Harper's Bazaar and National Geographic. "He also kept very detailed weather records and very detailed journals of every photograph that he took of a snow crystal — the temperature, the humidity, what part of the storm it came from. He kept very detailed information, and then these weather records that he kept and the theories that he developed about how snow crystals formed in the atmosphere, those were proven true...." It wasn't easy, however, to get those snow crystals on camera. It took almost three years, Richardson said, for Bentley to figure out how to successfully photograph one — which he did just a month shy of his 20th birthday. The first obstacle was figuring out how to attach the microscope to the camera. And then there was the challenge of getting each crystal photographed before it could melt away. "He worked in an unheated woodshed at the back of the house. He had to," Richardson said. "And the microscope slides, everything, had to be an ambient temperature or they'd melt" the crystal.... A children's book about him won the Caldecott Medal in 1999. Bentley never had formal education, according to his grandniece (who grew up hearing stories about this famous ancestor). One says that when Wilson Bentley was given an old microscope at age 15, "The first time he looked at a snow crystal under it, he was hooked. Just the beauty, the intricate detail. He was totally hooked."Read more of this story at Slashdot.

®Yahoo co-founder Jerry Yang (through his AME Cloud Ventures) contributed to $6 million in seed funding in November for startup Caden, which plans to pay users to share their personal data -- including what they buy or watch on mobile apps. The Wall Street Journal reports:The startup, Caden Inc., operates an app by the same name that helps users download their data from apps and servicesâ"whether thatâ(TM)s Amazon.com Inc. or Airbnb Inc. â"into a personal âoevault.â Users who consent to share that data for advertising purposes can earn a cut of the revenue that the app generates from it. They also can access personal analytics based on that data.... Caden, which has been testing with a limited group of users, plans to begin a public beta test of 10,000 users early next year.... One option in the public beta test will anonymize and pool the data before sharing it with outside parties in exchange for $5 to $20 a month, according to Caden founder and Chief Executive John Roa. The amount of compensation will be determined by a âoedata scoreâ reflecting factors such as whether consumers answer demographic survey questions and which apps and servicesâ(TM) data consumers are sharing. Consumers will eventually be given the option to share more specific information for more tailored advertising. A marketer could then form audience segments and tailor their ad targeting and messaging to those groups. For instance, a user could consent to sharing his ride-share history so advertisers could create segments of people who ride a certain amount. That would eventually pay consumers up to $50 a month, Caden said. A third option would let advertisers take a direct action based on the data that Caden understands about a specific user. If a consumer were part of a department storeâ(TM)s loyalty program, for example, the store might reward her for sharing her individual Amazon shopping history and use it to provide more personalized offers.ÂThat could generate thousands of dollars a year for participating users, the company said. ÂCaden also hopes that the data it can aggregate will be compelling for consumers. Users could search for restaurants theyâ(TM)ve eaten at in a certain city, for instance, or how much they spent in certain categories across different apps, executives said. âoeItâ(TM)s like Spotify Wrapped for your whole life,â said Amarachi Miller, Cadenâ(TM)s head of product, referring to the streaming music serviceâ(TM)s year-end distillation of each userâ(TM)s listening.... Caden said it will initially sell only anonymized and aggregated data that doesnâ(TM)t tie back to individuals. As it starts to let brands do more personal promotions for users, it said it will let users see which brands and partners itâ(TM)s working with, and will let users control which brands can access their information. The digital ad industry has been seeking new marketing-guiding data, the article points out, especially since Apple began require apps to ask for permission before tracking users. Thanks to Slashdot reader guest reader for sharing the article.Read more of this story at Slashdot.

Neal Stephenson coined the phrase "metaverse" in his 1992 book Snow Crash. 30 years later, Stephenson is part of a blockchain startup "optimized for the Open Metaverse" called Lamina1. This week they announced their "first-of-its-kind fund" for investing in early stage Layer 1 blockchain projects ("largely focused" on the Open Metaverse).. The goal is "to provide broad economic access to global accredited investors looking to support the next era of the internet," according to the announcement — and to also provide Web3 builders "a vehicle for raising capital for their Open Metaverse ventures." The fund will be led by Lamina1's co-founder Peter Vessenes (who, among other things, was the first Chairman of the Bitcoin foundation), "offering investors a chance to join him at the forefront of the emerging Open Metaverse economy..." "Investors and builders can both apply to participate immediately."The fund launch will be closely followed by the much-anticipated launch of Lamina1's testnet.... The L1EF fund works by allowing accredited investors to access and co-invest in companies and entrepreneurs through quarterly subscriptions. Investments will be largely focused on the technology and experiences users can access in the Open Metaverse, ranging from immersive computing to open AI at scale. To support the rapid advancement and expansion of the Open Metaverse, L1EF is simultaneously focused on investing in builders and creators who will foster the quality tech and infrastructure necessary to support the protocol, and create immersive experiences that bring Lamina1's vision of an Open Metaverse to life. Some of these early stage projects include layer 2 protocols, DeFi, GameFi, marketplaces, bridges, and many more. "We're thrilled to introduce L1EF to serve both creators and investors who are actively promoting the development of an Open Metaverse," said Rebecca Barkin, President of Lamina1. "Peter has a deep understanding and demonstrated success of growing economies around a chain, and his approach to grant builders early access to capital — right as we're preparing to place testnet in their hands — is in perfect alignment with our mission to build the open infrastructure that brings together the most powerful creative community on the planet...." In addition to capital, projects that are part of L1EF will receive early access and support for Lamina1 developer tooling through the forthcoming Lamina1 Early Access Program. "The team has a front row seat to all happening in the ecosystem," Vessenes said this week, "and essentially gets a 'first look' at what many of the most compelling creators and storytellers of our time are doing, building, making, and producing around the world. "We want to share that front row seat with as many people as possible." In 2004 Neal Stephenson answered questions from Slashdot's readers.Read more of this story at Slashdot.

The North American Aerospace Defense Command is a US/Canada organization protecting the air sovereignty of the two nations. But every year on December 24th, they also tell you where Santa is. From NORADSanta.org:The modern tradition of tracking Santa began in 1955 when a young child accidentally dialed the unlisted phone number of the Continental Air Defense Command Operations Center upon seeing an newspaper advertisement telling kids to call Santa. The Director of Operations, Colonel Harry Shoup, answered the phone and instructed his staff to check the radar for indications of Santa making his way south from the North Pole.... Each year since, NORAD has dutifully reported Santa's location on Dec. 24 to millions of children and families across the globe. NORAD receives calls from around the world on Dec. 24 asking for Santa's location. Children, families and fans also keep track of Santa's location on the NORAD Tracks Santa® website and our social media platforms. The page lists the NORAD technologies involved in tracking Santa — including 47 radar installations and geo-synchronous satellites with infrared heat sensors. ("Rudolph's nose gives off an infrared signature similar to a missile launch...") And this year NORAD also produced a special video highlighting the various military fleets protecting Santa. ("He may know when you're sleeping, he may know when you're awake... " it tells viewers. "But for 67 years now, when he takes flight, we'll know.") More from NORADSanta.org:Canadian NORAD fighter pilots, flying the CF-18, take off out of Newfoundland and welcome Santa to North America. Then at numerous locations in Canada other CF-18 fighter pilots escort Santa. While in the United States, American NORAD fighter pilots in either the F-15s, F16s or F-22s get the thrill of flying with Santa and the famous Reindeer... Q: How can Santa travel the world within 24 hours? A: NORAD intelligence reports indicate that Santa does not experience time the way we do. His trip seems to take 24 hours to us, but to Santa it might last days, weeks or even months. Santa would not want to rush the important job of delivering presents to children and spreading joy to everyone, so the only logical conclusion is that Santa somehow functions within his own time-space continuum.... How does Santa get down chimneys? Although NORAD has different hypotheses and theories as to how Santa actually gets down the chimneys, we don't have definitive information to explain the magical phenomenon. Do your planes ever intercept Santa? Over the past 65 years, our fighter jets (F-16s, F-15s, F-22s and CF-18s) have intercepted Santa many, many times. When the jets intercept Santa, they tip their wings to say, "Hello Santa! NORAD is tracking you again this year!" Santa always waves. He loves to see the pilots...! How many people support this effort, and are they active duty military personnel? More than 1,250 Canadian and American uniformed personnel and DOD civilians volunteer their time on December 24th to answer the thousands of phone calls and emails that flood in from around the world. In addition to the support provided by our corporate contributors to make this program possible, NORAD has two lead project officers who manage the program. How much money is spent on this project? The NORAD Tracks Santa program is made possible by volunteers and through the generous support of corporate licensees who bear virtually all of the costs. Corporate contributors include Microsoft (with separate contributions from Microsoft's search engine Bing and from Microsoft Azure), AWS (and Amazon's Alexa), Verizon, and HP. NORADSanta.org also boasts extra features like an "arcade" of online games, a jukebox of Christmas tunes, and a library of online books about Santa. And the site even provides some technical data on the weight of Santa's sleigh — although the unit of measurement used is gumdrops.Read more of this story at Slashdot.

ByteDance confirmed it used TikTok to monitor three journalists' physical location using their IP addresses, reports Forbes, "to unearth the source of leaks inside the company following a drumbeat of stories exposing the company's ongoing links to China."As a result of the investigation into the surveillance tactics, ByteDance fired Chris Lepitak, its chief internal auditor who led the team responsible for them. The China-based executive Song Ye, who Lepitak reported to and who reports directly to ByteDance CEO Rubo Liang, resigned.... "It is standard practice for companies to have an internal audit group authorized to investigate code of conduct violations," TikTok General Counsel Erich Andersen wrote in a second internal email shared with Forbes. "However, in this case individuals misused their authority to obtain access to TikTok user data...." "This new development reinforces serious concerns that the social media platform has permitted TikTok engineers and executives in the People's Republic of China to repeatedly access private data of U.S. users despite repeated claims to lawmakers and users that this data was protected," Senator Mark Warner told Forbes.... ByteDance is not the first tech giant to use an app to monitor specific users. In 2017, the New York Times reported that Uber had identified various local politicians and regulators and served them a separate, misleading version of the Uber app to avoid regulatory penalties.... Both Uber and Facebook also reportedly tracked the location of journalists reporting on their apps. Ironically, TikTok's journalist-tracking project involved the company's Chief Security and Privacy Office, according to Forbes, and targeted three Forbes journalists who had formerly worked at BuzzFeed News. It was back in October that Forbes first reported ByteDance had discussed tracking journallists. ByteDance had immediately denied the charges on Twitter, saying "TikTok has never been used to 'target' any members of the U.S. government, activists, public figures or journalists," and that "TikTok could not monitor U.S. users in the way the article suggested." Forbes also notes that in 2021, TikTok became the most visited website in the world. Thanks to long-time Slashdot reader newbie_fantod for submitting the story!Read more of this story at Slashdot.

Reason.com notes NASA's successful completion of its Artemis I mission, calling it "part of NASA's ambitious program to bring American astronauts back to the moon for the first time in half a century. And then on to Mars." But then they ask if the project is worth the money, with the transportation policy director at the libertarian "Reason Foundation" think tank, Robert W. Poole, arguing instead that NASA "isn't particularly interested in cost savings, and its decision making is overly driven by politics."NASA would have been better off replacing the costly and dated Space Launch System used in the Artemis program. But it didn't. This probably has a lot to do with the fact that it was largely constructed and engineered in Alabama, the home state of Senate Appropriations Committee Chair Richard Shelby, who has a history of strong-arming NASA to preserve jobs for his constituents. Long-time Slashdot reader SonicSpike shared the article, which ultimately asks whether it'd be faster and cheaper to just rely on private companies:In 2009, the private sector saw one of its biggest champions ascend to become the number two person at NASA. Lori Garver pushed to scrap the Constellation program as a way to entice the private sector to fill in the gaps. She also spearheaded the Commercial Crew Program, which continues to employ commercial contractors to ferry astronauts to the International Space Station. Today, companies like Elon Musk's SpaceX are launching rockets at a faster pace and for a fraction of what NASA spends. In 2022, the company successfully launched 61 rockets, each with a price tag between $100 million and 150 million. Private companies already design and lease NASA much of its hardware. Poole says there's no reason NASA can't take it a step further and just use the SpaceX starship to cover the entire journey from Earth to the moon and eventually to Mars. "If the current NASA plan goes ahead to have the SpaceX Starship actually deliver the astronauts from the lunar outpost orbit to the surface of the moon and bring them back, that would be an even more dramatic refutation of the idea that only NASA should be doing space transportation," he says. Poole says that instead of flying its own missions, NASA should play a more limited and supportive role. "The future NASA role that makes the most sense is research and development to advance science," he says. But for a contrary opinion, Slashdot reader youn counters that "You can bash NASA all you want but a big reason the private sector is where it is at is because it funded research 12 years ago." They share a CNET article noting the $6 billion NASA budgeted over five years "to kick-start development of a new commercial manned spaceflight capability." And Slashdot reader sg_oneill argues that "Its gonna be a century before we're really colonizing the moon and/or Mars... because we have a lot of science to do first. How do you do a civilization with zero energy inputs from the rest of humanity? How do we deal with radiation? How do bodies work in low G? (Mars is about 1/3 the gravbity of earth). This needs science, and to get science we need NASA, even if private enterprise is building the rockets."Read more of this story at Slashdot.

For the last thirteen years the Free Software Foundation has published its Ethical Tech Giving Guide. But what's interesting is this year's guide also tags companies and products with negative recommendations to "stay away from."Stay away from: iPhones It's not just Siri that's creepy: all Apple devices contain software that's hostile to users. Although they claim to be concerned about user privacy, they don't hesitate to put their users under surveillance. Apple prevents you from installing third-party free software on your own phone, and they use this control to censor apps that compete with or subvert Apple's profits. Apple has a history of exploiting their absolute control over their users to silence political activists and help governments spy on millions of users. Stay away from: M1 MacBook and MacBook Pro macOS is proprietary software that restricts its users' freedoms. In November 2020, macOS was caught alerting Apple each time a user opens an app. Even though Apple is making changes to the service, it just goes to show how bad they try to be until there is an outcry. Comes crawling with spyware that rats you out to advertisers. Stay away from: Amazon Amazon is one of the most notorious DRM offenders. They use this Orwellian control over their devices and services to spy on users and keep them trapped in their walled garden. Be aware that Amazon isn't the peddler of ebook DRM. Disturbingly, it's enthusiastically supported by most of the big publishing houses. Read more about the dangers of DRM through our Defective by Design campaign. Stay away from: Spotify, Apple Music, and all other major streaming servicesIn addition to streaming music encumbered by DRM, people who want to use Spotify are required to install additional proprietary software. Even Spotify's client for GNU/Linux relies on proprietary software. Apple Music is no better, and places heavy restrictions on the music streamed through the platform. Stay away from: Netflix Netflix is continuing its disturbing trend of making onerous DRM the norm for streaming media. That's why they were a target for last year's International Day Against DRM (IDAD). They're also leveraging their place in the Motion Picture Association of America (MPAA) to advocate for tighter restrictions on users, and drove the effort to embed DRM into the fabric of the Web. "In your gift giving this year, put freedom first," their guide begins. And for a freedom-respecting last-minute gift idea, they suggest giving the gift of a FSF membership (which comes with a code and a printable page "so that you can present your gift as a physical object, if you like.") The membership is valid for one year, and includes the many benefits that come with an FSF associate membership, including a USB member card, email forwarding, access to our Jitsi Meet videoconferencing server and member forum, discounts in the FSF shop and on ThinkPenguin hardware, and more. If you are in the United States, your gift would also be fully tax-deductible in the USA.Read more of this story at Slashdot.

While "this proposal will only be implemented if approved by the Fedora Engineering Steering Committee," Phoronix reports:Red Hat and Fedora engineers are plotting a path to supporting Unified Kernel Images (UKI) with Fedora Linux and for the Fedora 38 release in the spring they are aiming to get their initial enablement in place. Unified Kernel Images have been championed by the systemd folks for better securing and trusting Linux distributions. Unified kernel images are a combination of the kernel image, initrd, and UEFI stub program all distributed as one.... The initial phase would focus on shipping a UKI as an optional sub-RPM that users can opt into initially, updating kernel install scripts so unified kernels are installed and properly updated, and bootloader support for unified kernel images. Adding systemd-boot support to the installers, better measurement and remote attestation support, and switching Fedora Cloud images to using unified kernels are among the additional goals but of lower priority. Fedora's wiki includes a detailed description of the change proposal:The goal is to move away from initrd images being generated on the installed machine. They are generated while building the kernel package instead, then shipped as part of a unified kernel image. A unified kernel image is an all-in-one efi binary containing kernel, initrd, cmdline and signature.... Main motivation for this move is to make the distro more robust and more secure.Read more of this story at Slashdot.

Meta, Microsoft and Apple, and Google all want carbon-free power. But Google "says its goals for carbon-free power are impeded by state-regulated utilities," reports the New York Times, especially those in America's Southeastern states which aren't facing a competitive market.Google's battle in the region, where it has a major concentration of data centers, raises a question that applies to the energy transition everywhere: Is what's good for a few companies good for all? At the heart of their campaign, Google and its tech giant allies want to dismantle a decades-old regulatory system in the Southeast that allows a handful of utilities to generate and sell the region's electricity — and replace it with a market in which many companies can compete to do so. Such markets exist in some form in much of the country, but the Southeastern utilities are staunchly defending the status quo. Senior utility executives contend that their system better insulates consumers from spikes in prices of commodities like natural gas, promotes reliability and supports the long-term investments needed to develop clean-power technologies.... Most electricity in the United States was long generated and distributed by heavily regulated monopoly utilities in each state. But just before the start of this century, lawmakers and regulators, arguing that competition would bring efficiencies, made it possible to set up power markets and end the dominance of the utilities — a revolution that bypassed the Southeast. Google and others contend that the markets have brought cost savings, innovation and the capital needed to increase clean power generation from wind and solar. The most recent move toward a form of power market, in a group of Western states, has saved nearly $3 billion since 2014, according to the market operator. Self-interest also plays a role: In power markets, large companies can strike deals with independent producers that give them more leeway to bargain on price and secure more clean energy. Google entered a landmark deal last year to provide clean power to its data centers in Virginia, which is in a sprawling market called PJM.... The big utilities in the Southeast are now building more solar projects, but those pushing for a market in the region say it's not enough. In the region, the proposed solar projects' generating capacity is equivalent to just over a fourth of total capacity, which is far below the 80 percent for PJM, according to an analysis by Tyler Norris, a senior executive at Cypress Creek Renewables, a solar company, and a special adviser in the Energy Department during the Obama administration. "Project developers are attracted to open wholesale electricity markets with price transparency, independent oversight and the ability to trade with multiple potential customers," Mr. Norris said.Read more of this story at Slashdot.

A Valero gas station sells approximately 5,000 gallons of gas a day, one employee estimates. But local police arrested six men who, in a series of robberies, tricked the pumps out of 30,000 gallons of gasoline, reports the Mercury News, "a haul authorities estimated was worth at least $180,000."Upon further inspection of surveillance video, authorities said, police saw one of the suspects activate a gas-pump computer, allowing another suspect to pump fuel into his vehicle.... An employee from the Valero station, who declined to give their name, called the process the gas thieves used "nearly untraceable." "You must have a deep understanding of how the pump system works," the person said. "There is a time frame anywhere from 75 seconds to two minutes for the authorization to go through the network [after sliding a credit card into a gas pump]. In this (time period), there's an opportunity to manipulate the pump ... You're able to manipulate the pump and confuse the programming to an extent that the pump starts dispensing gas...." In a Facebook post, authorities said the three suspects had been "conspiring together in a sophisticated operation to thwart security devices and pump electronics to steal large amounts of gasoline from the business...." Authorities say $20,000 of damage was done to gas pumps. Thanks to Slashdot reader k6mfw for submitting the story.Read more of this story at Slashdot.

For three years Stockholm-based games studio Embark has been working on the Rust-gpu project to make Rust "a first class language and ecosystem for GPU programming." The project's latest announcement? rust-gpu now supports ray-tracing. Their original announcement explained the rationale for this years-long dvelopment effort:Historically in games GPU programming has been done through writing either HLSL, or to a lesser extent GLSL. These are simple programming languages that have evolved along with rendering APIs over the years. However, as game engines have evolved, these languages have failed to provide mechanisms for dealing with large codebases, and have generally stayed behind the curve compared to other programming languages. In part this is because it's a niche language for a niche market, and in part this has been because the industry as a whole has sunk quite a lot of time and effort into the status quo. While over-all better alternatives to both languages exist, none of them are in a place to replace HLSL or GLSL. Either because they are vendor locked, or because they don't support the traditional graphics pipeline. Examples of this include CUDA and OpenCL. And while attempts have been made to create language in this space, none of them have gained any notable traction in the gamedev community. Our hope with this project is that we push the industry forward by bringing an existing, low-level, safe, and high performance language to the GPU; namely Rust. And with it come some additional benefits that can't be overlooked: a package/module system that's one of the industry's best, built in safety against race-conditions or out of bounds memory access, a wide range of tools and utilities to improve programmer workflows, and many others! Along with ray-tracing, this week they announced plans to keep rust-gpu on the same schedule as the stable Rust release, "so you can use your favorite new language features as new stable versions of Rust are being released, by just updating your rust-gpu version." Thanks to Slashdot reader guest reader for sharing the news!Read more of this story at Slashdot.

The nonprofit Linux Foundation not only pays the salary of Linus Torvalds and Greg Kroah-Hartman. It also runs the AgStack Foundation, which seeks more efficient agriculture through "free, re-usable, open and specialized digital infrastructure for data and applications." And this week that Foundation announced a new open source code base for creating and maintaining a global dataset that's a kind of registry for the boundaries of agricultural fields to enable field-level analytics like carbon tracking, food traceability, and crop production.AgStack's Asset Registry dataset, the first of its kind in the world, is built and continuously updated using data from satellites and actual field registrations that contain information on boundaries, not ownership, which will then train machine learning models to ascertain more boundaries. Precise knowledge of field boundaries can help farmers, agricultural companies, and the public sector to monitor and manage crop production, study management practices (crop rotations, cover cropping, tillage, irrigation), determinants of productivity, pest and disease spread, and species diversity. By sharing reusable agricultural data, new insights can also be gleaned for global food security research and innovation. Crop field boundaries are the fundamental unit of addressing such datasets.... By leveraging computer science and artificial intelligence, members will create, curate, and maintain global field boundaries as an open source digital public good available for anyone to use. The project has the potential to unlock the next revolution of digital agri-services in public and private sectors, especially for smallholder farmers.... "We think that a public field boundary dataset can help turbocharge a lot of smart people and businesses focused on improving agriculture and food security around the world," said Professor David Lobell at The Center on Food Security and the Environment at Stanford University, who hosted the original research as the Gloria and Richard Kushel Director of the Center on Food Security and the Environment at Stanford University and the Benjamin Page Professor of Earth System Science. "We're excited to help bring this dataset to life." All code will be contributed under an open source license and will be governed by the AgStack community within the Linux Foundation, using open source and permissively licensed tools and processes. It's using code funded in part by the NASA Harvest Consortium.Read more of this story at Slashdot.

Long-time Slashdot reader theodp writes: In recognition of the innovation and unique nature of 1-Click, the U.S. Patent Office awarded Patent No. 5960411 to Amazon.com for 1-Click on September 28, 1999," boasted an Oct. 1999 Amazon press release. "First made available to Amazon.com customers in September 1997, 1-Click combines with Gift-Click and Wish List to make Amazon.com the most convenient, easiest-to-use shopping destination this holiday season." The following day, Amazon weaponized its new patent, filing a lawsuit on Oct. 20th saying defendant and competitor Barnes and Noble had illegally copied Amazon's patented 1-Click ordering technology. "We're pleased that Judge Pechman recognized the innovation underlying our 1-Click feature," said Amazon CEO and 1-Click co-inventor Jeff Bezos in a Dec. 1999 Amazon press release celebrating a preliminary injunction that barred barnesandnoble.com from using its 'copycat version of 1-Click technology' while the lawsuit was pending (Amazon and B&N settled in 2002). "The patent system is designed to encourage innovation on behalf of customers," Amazon had written in its 1999 press release, arguing that in 1997 its 1-Click technology "was a significant step forward for online shoppers that required thousands of hours of effort." It's been noted that B&N first threw down the litigation gauntlet, slapping Amazon with a lawsuit over its marketing claim as "World's Largest Bookstore" just days before Amazon's IPO in May 1997. USPTO continuity records show a 'child' patent of the original Method and System for Placing a Purchase Order Via a Communications Network patent finally expired due to non-payment of maintenance fees on 10/10/2022, more than 25 years after Amazon applied for its 1-Click patent on 9/22/1997.Read more of this story at Slashdot.

An anonymous reader shares a report: This holiday season at the Garden City Hotel on Long Island, Merle Ayers is feeling especially grateful for the Whiz. At two feet tall and 66 pounds, the powerful robot vacuum doesn't mind working late into the night after the parties are over. The Whiz doesn't care that it's the holidays. It doesn't even need a day off. "It just needs to be cared for. We have to change the vacuum bags periodically and keep the batteries charged," says Ayers, the hotel's director of banquets. Amid ongoing staffing shortages, the two robot vacuums the hotel purchased late last year for about $30,000 each are proving their worth many times over, filling gaps in both the catering department and housekeeping. "If we vacuum every floor with a robot, that saves one whole shift," says Garden City Hotel managing director Grady Colin. "That's one whole person per day that can be redeployed to do something else." These days, he'll take all the help he can get. Travelers have returned from the pandemic, but hotel workers have not, creating unprecedented staffing challenges for the hospitality industry. According to the Labor Department, there are 350,000 fewer people working in hotels today than there were in February 2020, before the pandemic. It's not for lack of trying. Hotels have raised hourly wages by 25% since early 2020, and employers are offering greater flexibility in scheduling. Still, workers are nowhere to be seen. "I've been in the hotel business for a long time," says Colin. "I've never seen anything like this."Read more of this story at Slashdot.

Under the bipartisan spending bill that passed both chambers of Congress as of Friday, TikTok will be banned from government devices, underscoring the growing concern about the popular video-sharing app owned by China's ByteDance. From a report: The bill, which still has to be signed into law by President Joe Biden, also calls on e-commerce platforms to do more vetting to help deter counterfeit goods from being sold online, and forces companies pursuing large mergers to pay more to file with federal antitrust agencies. Congress failed to pass many of the most aggressive bills targeting tech, including antitrust legislation that would require app stores developed by Apple and Google to give developers more payment options, and a measure mandating new guardrails to protect kids online. And though Congress made more headway this year than in the past toward a compromise bill on national privacy standards, there remains only a patchwork of state laws determining how consumer data is protected. Center-left tech industry group Chamber of Progress cheered the exclusion of several antitrust bills that would have targeted its backers, which include Apple, Amazon, Google and Meta.Read more of this story at Slashdot.

An anonymous reader shares a report: The Food and Drug Administration (FDA) considers aging to be a natural process. This makes it difficult to get FDA approval for drugs that seek to slow or reverse the biological process of aging. Instead, drugs intended to target aging must target a disease that often results from the aging process in order to demonstrate efficacy and gain approval. But there is growing consensus and effort among scientists to convince the FDA that aging itself should be classified as a disease and an appropriate target for drug development. This could be a major milestone for not just industry, but society. If the FDA is swayed, the resulting regulatory shift could mean approval of drugs or treatments that slow or reverse the aging process generally, before a patient develops disease. Researchers who view aging as a medical condition aren't referring only to the inevitable passage of time. Instead, they view aging as a process of deterioration of our structure and function at the cellular level; the hallmark characteristics of which are genomic instability and damage to our DNA. And the World Health Organization (WHO) supports this view -- WHO describes the process of aging as "... the impact of the accumulation of a wide variety of molecular and cellular damage over time."Read more of this story at Slashdot.

Israeli researchers say they have developed gene-edited hens that lay eggs from which only female chicks hatch. From a report: The breakthrough could prevent the slaughter of billions of male chickens each year, which are culled because they don't lay eggs. The female chicks, and the eggs they lay when they mature, have no trace of the original genetic alteration Animal welfare group, Compassion in World Farming, has backed the research. Dr Yuval Cinnamon from the Volcani institute near Tel Aviv, who is the project's chief scientist, told BBC News that the development of what he calls the ''Golda hen'' will have a huge impact on animal welfare in the poultry industry. "I am very happy that we have developed a system that I think can truly revolutionise the industry, first of all for the benefit of the chickens but also for all of us, because this is an issue that affects every person on the planet," he said. The scientists have gene edited DNA into the Golda hens that can stop the development of any male embryos in eggs that they lay. The DNA is activated when the eggs are exposed to blue light for several hours. Female chick embryos are unaffected by the blue light and develop normally. The chicks have no additional genetic material inside them nor do the eggs they lay, according to Dr Cinnamon. "Farmers will get the same chicks they get today and consumers will get exactly the same eggs they get today," he said. "The only minor difference in the production process is that the eggs will be exposed to blue light."Read more of this story at Slashdot.

An anonymous reader shares a report: While AMD provided upstream open-source driver support for the Radeon RX 7900 series launch, the initial user experience can be less than desirable if running a new Radeon GPU but initially running an out-of-date kernel or lacking the necessary firmware support. With a new patch series posted AMD is looking to improve the experience by being able to more easily fallback to the firmware frame-buffer when their AMDGPU kernel graphics driver fails to properly load. With the new IP-based discovery "block by block" approach to how the open-source AMD Radeon Linux graphics driver is managing the hardware initialization with RDNA3 and moving forward, the AMDGPU driver will try to probe all Radeon GPUs even if it might not end up being fully supported. In turn that ends up destroying the system firmware frame-buffer. But right now in the case of booting an RDNA3 GPU with a slightly out of date kernel (pre-6.0) or lacking the necessary RDNA3 firmware for hardware initialization, it can mean the screen freezing or system appearing unresponsive.Read more of this story at Slashdot.

The founder of Chinese tech giant Tencent told employees many "corruption" issues had been discovered within the company and mismanagement was draining its vitality, Reuters reported Friday, citing employees familiar with the matter. From the report: In a rare show of frustration, Pony Ma said at a year-end meeting with staff on Dec. 15 that internal reviews this year had exposed unspecified corruption within Asia's biggest social media and gaming company, the sources said. He also lambasted senior managers after one of the toughest years for Tencent since its founding in 1998, with revenue battered by a regulatory crackdown and headwinds from measures to stop the spread of COVID-19. "Your projects can't even survive as a business -- they are living on life support, but still you just cheerily play ball on the weekend," Ma said during the call, according to one employee who heard the comments and another who was briefed on them.Read more of this story at Slashdot.

The Internal Revenue Service on Friday gave millions of Americans a one-year reprieve on new tax-reporting requirements, delaying implementation of a law that requires e-commerce platforms such as eBay, Etsy and Airbnb to give the tax agency information on users with more than $600 in revenue. From a report: The delay means the platforms won't have to send sellers and the IRS a blizzard of 1099-K tax forms early in 2023, and it gives opponents of the $600 threshold more time to push for a change in the law next year. "The additional time will help reduce confusion during the coming 2023 tax filing season and provide more time for taxpayers to prepare and understand the new reporting requirements," said Acting IRS Commissioner Doug O'Donnell. Congress passed the $600 threshold for Form 1099-K reports as part of the American Rescue Plan Act in March 2021, scheduling it to take effect for tax year 2022. Until the change, platforms had to report users' income to the IRS if they had more than 200 transactions and $20,000 of revenue. Lawmakers lowered the threshold to boost tax compliance in an area where it is often lacking -- unreported business income.Read more of this story at Slashdot.

The Biden administration has strengthened limits on smog-forming pollution from buses, delivery vans, tractor-trailers and other trucks, the first time in more than 20 years that tailpipe standards have been tightened for heavy-duty vehicles. From a report: The new rule from the Environmental Protection Agency is designed to cut nitrogen oxide from the vehicles by 48 percent by 2045. Nitrogen dioxide is a poisonous gas that has been linked to cardiovascular problems and respiratory ailments like asthma. The rule will require manufacturers to cut the pollutant from their vehicles starting with the model year 2027. But the new rule is not as stringent as one proposed by the E.P.A. in March, which would have cut the pollutant as much as 60 percent by 2045. And the agency stopped short of âârequiring that truck manufacturers also cut greenhouse gas emissions associated with burning diesel fuel or convert their fleets to electric models.Read more of this story at Slashdot.

Nearly 37 million people in China may have been infected with Covid-19 on a single day this week, according to estimates from the government's top health authority, making the country's outbreak by far the world's largest. From a report: As many as 248 million people, or nearly 18% of the population, likely contracted the virus in the first 20 days of December, according to minutes from an internal meeting of China's National Health Commission held on Wednesday, confirmed with people involved in the discussions. If accurate, the infection rate would dwarf the previous daily record of about 4 million, set in January 2022.Read more of this story at Slashdot.

North Korean hackers have stolen an estimated 1.5 trillion won ($1.2 billion) in cryptocurrency and other virtual assets in the past five years, more than half of it this year alone, South Korea's spy agency said Thursday. From a report: Experts and officials say North Korea has turned to crypto hacking and other illicit cyber activities as a source of badly needed foreign currency to support its fragile economy and fund its nuclear program following harsh U.N. sanctions and the COVID-19 pandemic. South Korea's main spy agency, the National Intelligence Service, said North Korea's capacity to steal digital assets is considered among the best in the world because of the country's focus on cybercrimes since U.N. economic sanctions were toughened in 2017 in response to its nuclear and missile tests. The U.N. sanctions imposed in 2016-17 ban key North Korean exports such as coal, textiles and seafood and also led member states to repatriate North Korean overseas workers. Its economy suffered further setbacks after it imposed some of the world's most draconian restrictions against the pandemic. The NIS said state-sponsored North Korean hackers are estimated to have stolen 1.5 trillion won ($1.2 billion) in virtual assets around the world since 2017, including about 800 billion won ($626 million) this year alone. It said more than 100 billion won ($78 million) of the total came from South Korea.Read more of this story at Slashdot.

U.S. lawmakers have left a proposal to make the federal judiciary's PACER online court records system free out of a sprawling, $1.66 trillion spending measure unveiled on Tuesday, a setback for advocates as the current Congress nears its end. From a report: Supporters of the Open Courts Act had been pushing to get the stalled, bipartisan legislation attached to the omnibus spending measure, which boosts overall spending on the judiciary by nearly 6% to $8.461 billion in fiscal year 2023. Currently, users of PACER, which stands for Public Access to Court Electronic Records, are charged $0.10 per page to download documents up to a $3 cap, which does not cover transcripts. The Open Courts Act would make electronic court records freely available and mandate the judiciary to develop a new website to access them. It had already advanced out of the Senate Judiciary Committee on a bipartisan vote in December 2021.Read more of this story at Slashdot.

Winter weather continues to disrupt holiday travel across the United States on Friday, leaving travelers facing delays and cancellations during one of the busiest times of the year. From a report: More than 3,500 Friday flights have already been canceled as of 10 a.m. ET, after nearly 2,700 cancellations on Thursday, according to flight tracking site FlightAware. Cancellations are highest at Seattle-Tacoma International Airport, New York's LaGuardia and in Chicago and Detroit, according to FlightAware data. The FAA noted early Friday it may have to halt or restrict traffic at airports in the Boston, New York, Philadelphia and Washington areas. Airports in Chicago and Denver saw the bulk of cancellations and delays on Thursday. Chicago O'Hare International Airport was logging average delays Thursday of almost three hours due to snow and ice. An arctic blast and a rapidly intensifying winter storm have come at an unfortunate time for travelers trying to join family and friends for the holidays. Airlines have issued winter weather waivers allowing passengers to rebook at no cost within a limited time period. Find links to the airline waivers and more air travel strategies here. The growing cancellations make it harder for passengers racing against the clock and weather to rebook and arrive in time for Christmas. Flights this year were already more crowded than they've been previously -- even before the storm disrupted travel schedules. "We hear about how travel volume is still down, five or ten percent, but what many folks might not have realized is that the number of flights in the sky is actually down more like 15 or 20 percent," Scott Keyes of Scott's Cheap Flights told CNN. "The planes that are actually flying are more full today than they were pre-pandemic. That's why there's not as many empty seats to switch onto if you do find your flight gets canceled or delayed," Keyes said. Further reading: Intensifying winter storm's icy cold and wind knocks out power to over a million customers.Read more of this story at Slashdot.

Hong Kong Free Press: A total of 53 VPN applications have become unavailable in Apple's Hong Kong App Store since Beijing imposed a national security law (NSL) on the city in June 2020, a report by AppleCensorship has revealed. The digital freedom watchdog urged the US tech giant to clearly state how it would respond if Hong Kong or Beijing requested that apps be taken down. In a report released on Thursday entitled "Apps at Risk: Apple's censorship and compromises in Hong Kong," AppleCensorship found that more apps were unavailable in Hong Kong's than in most of the 173 App Stores it monitored. According to AppleCensorship's latest statistics from last month, 2,370 or 16 per cent of the 14,782 apps it tested were unavailable in Hong Kong's App Store. The watchdog said only stores in Russia and China had more unavailable apps than their Hong Kong counterpart -- Russia had 2,754 and China had 10,837.Read more of this story at Slashdot.

Facebook owner Meta Platforms has agreed to pay $725 million to resolve a class-action lawsuit accusing the social media giant of allowing third parties, including Cambridge Analytica, to access users' personal information. From a report: The proposed settlement, which was disclosed in a court filing late on Thursday, would resolve a long-running lawsuit prompted by revelations in 2018 that Facebook had allowed the British political consulting firm Cambridge Analytica to access data of as many as 87 million users. Lawyers for the plaintiffs called the proposed settlement the largest to ever be achieved in a U.S. data privacy class action and the most that Meta has ever paid to resolve a class action lawsuit. "This historic settlement will provide meaningful relief to the class in this complex and novel privacy case," the lead lawyers for the plaintiffs, Derek Loeser and Lesley Weaver, said in a joint statement. Meta did not admit wrongdoing as part of the settlement, which is subject to the approval of a federal judge in San Francisco. The company said in a statement settling was "in the best interest of our community and shareholders." "Over the last three years we revamped our approach to privacy and implemented a comprehensive privacy program," Meta said.Read more of this story at Slashdot.

An anonymous reader quotes a report from Reuters: Microsoft was hit on Tuesday in U.S. court with a private consumer lawsuit claiming the technology company's $69 billion bid to purchase "Call of Duty" maker Activision Blizzard will unlawfully squelch competition in the video game industry. The complaint filed in federal court in California comes about two weeks after the U.S. Federal Trade Commission filed a case with an administrative law judge seeking to stop Microsoft, owner of the Xbox console, from completing the largest-ever acquisition in the video-gaming market. The private lawsuit also seeks an order blocking Microsoft from acquiring Activision. It was filed on behalf of 10 video game players in California, New Mexico and New Jersey. The proposed acquisition would give Microsoft "far-outsized market power in the video game industry," the complaint alleged, "with the ability to foreclose rivals, limit output, reduce consumer choice, raise prices, and further inhibit competition." A Microsoft representative on Tuesday defended the deal, saying in a statement that it "will expand competition and create more opportunities for gamers and game developers." After the FTC sued, Microsoft President Brad Smith said, "We have complete confidence in our case and welcome the opportunity to present our case in court."Read more of this story at Slashdot.

Zimbabwe has prohibited the export of raw lithium from its mines so it can cash in on value addition and stop losing billions of dollars in mineral proceeds to foreign companies. Quartz reports: The ministry of Mines and Mining Development on Dec. 20 published a circular under the Base Minerals Export Control Act that seeks to "ensure that the vision of the president to see the country becoming an upper-middle income economy has been realized." The government says it is losing $1.8 billion in mineral revenues due to smuggling and externalization to South Africa and the United Arab Emirates. Gold is the most smuggled mineral. With continued high international demand, Zimbabwe is projected to become one of the world's largest lithium exporters, with the government hoping to meet 20% of the world's total demand for lithium when it fully exploits its known lithium resources. Mineral exports account for about 60% (pdf) of Zimbabwe's export earnings while the mining sector contributes 16% to its GDP, according to a 2021 mining report by the London School of Economics. "No lithium-bearing ores, or unbeneficiated lithium whatsoever, shall be exported from Zimbabwe to another country except under the written permit of the minister," mining minister Winston Chitando says in the circular. However, according to deputy mining minister Polite Kambamura, mining companies that are building processing plants will be excluded from the directive. "If we continue exporting raw lithium we will go nowhere. We want to see lithium batteries being developed in the country," he said. "We have done this in good faith for the growth of industry."Read more of this story at Slashdot.

The Russian space agency is deciding whether it needs to send a rescue spacecraft to the International Space Station to bring home two cosmonauts and a NASA astronaut after the Soyuz capsule that brought them there suffered a massive coolant leak. The Washington Post reports: Working with their counterparts at NASA, officials at Roscosmos, the Russian space agency, are trying to determine if the vehicle is sound enough to bring the crew home, Sergei Krikalev, the executive director of Roscosmos's human spaceflight programs, said during a briefing Thursday. If not, the Russian agency would send up another Soyuz spacecraft that was to be used for another crewed mission to retrieve the crew. That spacecraft could be ready to fly up without any people on board sometime in February, a few weeks before the crew is set to return in March, officials said. The crew that would fly home on the rescue craft would include NASA astronaut Frank Rubio and a pair of cosmonauts, Sergey Prokopyev and Dmitri Petelin, who arrived at the station in September. Wayne Hale, a former NASA flight director and SpaceShuttle program manger, said he could recall of no other time when NASA or Roscosmos had been forced to consider sending up another spacecraft as a lifeboat to bring back a crew.Read more of this story at Slashdot.

An anonymous reader quotes a report from MIT News: What if the U.S. placed a tax on robots? The concept has been publicly discussed by policy analysts, scholars, and Bill Gates (who favors the notion). Because robots can replace jobs, the idea goes, a stiff tax on them would give firms incentive to help retain workers, while also compensating for a dropoff in payroll taxes when robots are used. Thus far, South Korea has reduced incentives for firms to deploy robots; European Union policymakers, on the other hand, considered a robot tax but did not enact it. Now a study by MIT economists scrutinizes the existing evidence and suggests the optimal policy in this situation would indeed include a tax on robots, but only a modest one. The same applies to taxes on foreign trade that would also reduce U.S. jobs, the research finds. "Our finding suggests that taxes on either robots or imported goods should be pretty small," says Arnaud Costinot, an MIT economist, and co-author of a published paper detailing the findings. "Although robots have an effect on income inequality ... they still lead to optimal taxes that are modest." Specifically, the study finds that a tax on robots should range from 1 percent to 3.7 percent of their value, while trade taxes would be from 0.03 percent to 0.11 percent, given current U.S. income taxes. "We came in to this not knowing what would happen," says Ivan Werning, an MIT economist and the other co-author of the study. "We had all the potential ingredients for this to be a big tax, so that by stopping technology or trade you would have less inequality, but ... for now, we find a tax in the one-digit range, and for trade, even smaller taxes." [...] Apart from its bottom-line tax numbers, the study contains some additional conclusions about technology and income trends. Perhaps counterintuitively, the research concludes that after many more robots are added to the economy, the impact that each additional robot has on wages may actually decline. At a future point, robot taxes could then be reduced even further. "You could have a situation where we deeply care about redistribution, we have more robots, we have more trade, but taxes are actually going down," Costinot says. If the economy is relatively saturated with robots, he adds, "That marginal robot you are getting in the economy matters less and less for inequality." The paper, "Robots, Trade, and Luddism: A Sufficient Statistic Approach to Optimal Technology Regulation," appears in advance online form in The Review of Economic Studies.Read more of this story at Slashdot.

b0s0z0ku writes: The European Union is proposing a law requiring easily replaceable batteries in new appliances and portable electronic devices. The law also sets targets for collection and recycling of those batteries, requiring 73% compliance by 2030. "Companies would get plenty of notice, however, as the requirement would only come into force 3.5 years after the legislation takes effect," adds 9to5Mac. "Companies will also be legally required to accept and recycle old batteries." Additionally, the European Commission is "expected to consider outlawing the use of non-rechargeable portable batteries," though this would likely come with many exceptions and wouldn't happen before the end of the decade. Further reading: EU Sets December 28, 2024, Deadline For All New Phones To Use USB-C for Wired ChargingRead more of this story at Slashdot.

LastPass revealed today that attackers stole customer vault data after breaching its cloud storage earlier this year using information stolen during an August 2022 incident. BleepingComputer reports: This follows a previous update issued last month when the company's CEO, Karim Toubba, only said that the threat actor gained access to "certain elements" of customer information. Today, Toubba added that the cloud storage service is used by LastPass to store archived backups of production data. The attacker gained access to Lastpass' cloud storage using "cloud storage access key and dual storage container decryption keys" stolen from its developer environment. "The threat actor copied information from backup that contained basic customer account information and related metadata including company names, end-user names, billing addresses, email addresses, telephone numbers, and the IP addresses from which customers were accessing the LastPass service," Toubba said today. "The threat actor was also able to copy a backup of customer vault data from the encrypted storage container which is stored in a proprietary binary format that contains both unencrypted data, such as website URLs, as well as fully-encrypted sensitive fields such as website usernames and passwords, secure notes, and form-filled data." Fortunately, the encrypted data is secured with 256-bit AES encryption and can only be decrypted with a unique encryption key derived from each user's master password. According to Toubba, the master password is never known to LastPass, it is not stored on Lastpass' systems, and LastPass does not maintain it. Customers were also warned that the attackers might try to brute force their master passwords to gain access to the stolen encrypted vault data. However, this would be very difficult and time-consuming if you've been following password best practices recommended by LastPass. If you do, "it would take millions of years to guess your master password using generally-available password-cracking technology," Toubba added. "Your sensitive vault data, such as usernames and passwords, secure notes, attachments, and form-fill fields, remain safely encrypted based on LastPass' Zero Knowledge architecture."Read more of this story at Slashdot.

FTX sought a U.S. bankruptcy court's help amid a battle over ownership of about $450 million worth of stock in Robinhood Markets (HOOD), according to a filing (PDF) Thursday. CoinDesk reports: At issue are about 56 million shares of the brokerage owned by Emergent Fidelity Technologies Ltd., a corporate entity organized in Antigua and Barbuda and 90% controlled by former FTX CEO Sam Bankman-Fried, according to the filing. Three parties, the filing says, have tried to get control of those shares: BlockFi (a lender that FTX had helped prop up earlier this year), Yonathan Ben Shimon (an FTX creditor appointed as a receiver in Antigua and granted permission to sell the shares under supervision of a court there) and Bankman-Fried himself (who has legal bills). FTX's bankruptcy estate told ED&F Man Capital Markets, the brokerage where the shares are parked, to freeze the stock around the time the Chapter 11 case began on Nov. 11. FTX has determined that Emergent only "nominally" owns the shares and that they truly belong to FTX. "Emergent is a special-purpose holding company that appears to have no other business," the crypto exchange said in the filing. The judge overseeing the bankruptcy case should force the shares to remain frozen while FTX tries to figure out how to repay all its creditors, FTX argued in the filing.Read more of this story at Slashdot.