Slashdot

Italy prohibited the use of facial recognition and "smart glasses" on Monday as its Data Protection Agency issued a rebuke to two municipalities experimenting with the technology. Reuters reports: Facial recognition systems using biometric data will not be allowed until a specific law is adopted or at least until the end of next year, the privacy watchdog said. The exception is when such technologies play a role in judicial investigations or the fight against crime. "The moratorium arises from the need to regulate eligibility requirements, conditions and guarantees relating to facial recognition, in compliance with the principle of proportionality," the agency said in a statement. Under European Union and Italian law, the processing of personal data by public bodies using video devices is generally allowed on public interest grounds and when linked to the activity of public authorities, it added. However, municipalities that want to use them have to strike "urban security pacts" with central government representatives, it added. The agency was reacting to measures taken in the southern Italian city of Lecce, where authorities said they would begin using a technology based on facial recognition. The privacy watchdog also targeted the Tuscan city of Arezzo, where local police were due to be equipped with infrared super glasses that can recognise car number plates.Read more of this story at Slashdot.

Britain has lost its position as Europe's largest stock market, as Paris overtook London for the first time since records began in 2003. The Independent reports: According to Bloomberg, the combined market value of primary listings on Monday on the Paris bourse ($2.823 trillion ) surpassed that of the London Stock Exchange ($2.821 trillion) -- finally closing a gap of around $1.5 trillion which has been narrowing since the Brexit referendum. The milestone shift on Monday came as French stocks were buoyed by optimism over the demand for French luxury goods in response to China's slight easing of Covid-19 restrictions, while the sharper fall in the pound's value against the dollar compared with that of the euro this year has also played a role, Bloomberg noted. While the UK's FTSE 100 index has remain relatively stable this year, thanks in part to export revenues boosted by a lower pound, the FTSE 250 index -- comprising smaller, medium-sized businesses -- has plummeted in value by 17 per cent. This fall has been fueled by concerns over rocketing energy bills and interest rates, the latter of which surged in the wake of Liz Truss's disastrous mini-Budget which spooked investors with her rapidly-announced raft of unfunded tax cuts. By the fourth week of Ms Truss's premiership, British stock and bond markets had lost roughly $500 billion in combined value, Bloomberg reported. Speaking as Office for National Statistics figures showed that Britain's was the only G7 economy to shrink in the three months to September, the chancellor said on Friday he was "under no illusion that there is a tough road ahead" requiring "extremely difficult decisions to restore confidence and economic stability." "But to achieve long-term, sustainable growth, we need to grip inflation, balance the books and get debt falling," Mr Hunt insisted, adding: "There is no other way." However, Michael Saunders -- an economist who, until August, spent six years as one of the nine members on the Bank of England committee responsible for setting interest rates -- suggested on Monday that, were it not for Brexit, "we probably wouldn't be talking about an austerity budget this week."Read more of this story at Slashdot.

An anonymous reader quotes a report from Motherboard: Over a dozen public libraries in the U.S. and Canada have begun offering their own music streaming services to patrons, with the goal of boosting artists and local music scenes. The services are region-specific, and offer local artists non-exclusive licenses to make their albums available to the community. The concept originated in 2014 when Preston Austin and Kelly Hiser helped the Madison Public Library build the Yahara Music Library, an online library hosting music from local artists. By the time they completed their work on Yahara, they were confident they had a software prototype that other interested libraries could customize and deploy. "That became kind of the inspiration for building MUSICat," Austin told Motherboard, referring to the software platform he and Hiser created under a startup called Rabble. Now, public libraries in Pittsburgh, Nashville, Fort Worth, and most recently New Orleans have launched their own community-oriented streaming services using MUSICat's open source software. Joshua Smith works at New Orleans Public Library and has been embedded in the city's rich music scene for over a decade. He oversaw the launch of Crescent City Sounds with help from a team of curators that represent local artists and business owners, music journalists and historians and more. "They helped me get the word out to the music community," Smith told Motherboard, noting that their community status helped spread the word that the library now accepts digital music submissions. Smith says that for this first round, the curators accepted albums from artists that were released in the last five years, and that while living within city limits wasn't necessarily a deal breaker, not gigging regularly in the area was. To be considered, applicants needed to submit at least one track from their album. [...] He says each selected artist received a $250 honorarium to license their music to the New Orleans Public Library for five years -- a far cry from the fractions-of-a-penny per stream paid to independent artists by platforms like Spotify. This honorarium and licensing agreement is roughly the standard for public libraries following Rabble's process model. Austin does insist that libraries using MUSICat meet the basic criteria of paying artists to license their work to their libraries. But for everything else, Austin notes that these pre-established models are guidelines, not guardrails. One example of a public library that took MUSICat and ran with it is Capital City Records -- the music streaming platform of the Edmonton Public Library in Alberta, Canada. An early adopter of MUSICat, the library's collection has grown to amass over 200 local musicians. The project also created opportunities for the library to engage in spin-off projects like limited run of vinyl pressings and running library-focused music events throughout the city. While over 2,000 artists are featured on one of MUSICat's music platforms, Austin says the company wants to continue forming partnerships with libraries on the local level. So for music lovers looking to jump ship from Spotify, he has a clear message: "This is not Spotify for libraries," Austin said. "It's a little different. The localness is kind of key. I don't think we could, for example, use the same strategy on the same fee to license on aggregate collection, which was all the local music from all the libraries available on the music hat app, right, like something like that would need to, it would need to be about the local collections and take people to them and let them play that music in context."Read more of this story at Slashdot.

Google has paid out $70,000 to a security researcher for privately reporting an "accidental" security bug that allowed anyone to unlock Google Pixel phones without knowing its passcode. From a report: The lock screen bypass bug, tracked as CVE-2022-20465, is described as a local escalation of privilege bug because it allows someone, with the device in their hand, to access the device's data without having to enter the lock screen's passcode. Hungary-based researcher David Schutz said the bug was remarkably simple to exploit but took Google about five months to fix. Schutz discovered anyone with physical access to a Google Pixel phone could swap in their own SIM card and enter its preset recovery code to bypass the Android's operating system's lock screen protections. In a blog post about the bug, published now that the bug is fixed, Schutz described how he found the bug accidentally, and reported it to Google's Android team.Read more of this story at Slashdot.

Google agreed to a record $391.5 million privacy settlement with a 40-state coalition of attorneys general on Monday for charges that it misled users into thinking they had turned off location tracking in their account settings even as the company continued collecting that information. From a report: Under the settlement, Google will also make its location tracking disclosures clearer starting in 2023. The attorneys general said that the agreement was the biggest internet privacy settlement by U.S. states. It capped a four-year investigation into the internet search giant's practices from 2014-2020, which the attorneys general said violated the states' consumer protection laws. Google said it had already corrected some of the practices mentioned in the settlement. "Consistent with improvements we've made in recent years, we have settled this investigation which was based on outdated product policies that we changed years ago," said Jose Castaneda, a spokesman for the company. States have taken an increasingly central role in reining in the power and business models of Silicon Valley corporations, amid a vacuum of action from federal lawmakers.Read more of this story at Slashdot.

India is leading a push for the COP27 climate summit to conclude with a decision on phasing down all fossil fuels, a move that would expand the focus from just coal, but is likely to raise strong concerns from oil and gas-reliant countries. From a report: Indian negotiators formally called on the Egyptian Presidency of climate talks for the expanded language to be included in the cover text, a political statement of how countries will seek to tackle the climate crisis, according to people familiar with the matter. The push stems largely from the coal-dependent country's desire to not be singled out for its dependence on the dirty fossil fuel. The request is likely to put India at odds with other countries within its "Like-Minded Group of Developing Countries" negotiating bloc, like China and Saudi Arabia, who have typically acted as a brake on more climate ambition. There will also probably be concern that India's push is an effort to muddy the waters in reducing fossil fuel use globally, by making it harder to track and compare progress.Read more of this story at Slashdot.

Amazon plans to lay off approximately 10,000 people in corporate and technology jobs starting as soon as this week, The New York Times reported Monday, citing people with knowledge of the matter, in what would be the largest job cuts in the company's history. From the report: The cuts will focus on Amazon's devices organization, including the voice-assistant Alexa, as well as at its retail division and in human resources, said the people, who spoke on condition of anonymity because they were not authorized to speak publicly. The total number of layoffs remains fluid. But if it stays around 10,000, that would represent roughly 3 percent of Amazon's corporate employees and less than 1 percent of its global work force of more than 1.5 million, which is primarily composed of hourly workers. Amazon's planned retrenchment during the critical holiday shopping season -- when the company typically has valued stability -- shows how quickly the souring global economy has put pressure on it to trim businesses that have been overstaffed or underdelivering for years.Read more of this story at Slashdot.

Thousands of smartphone applications in Apple and Google's online stores contain computer code developed by a technology company, Pushwoosh, that presents itself as based in the United States, but is actually Russian, Reuters reported Monday. From the report: The Centers for Disease Control and Prevention (CDC), the United States' main agency for fighting major health threats, said it had been deceived into believing Pushwoosh was based in the U.S. capital. After learning about its Russian roots from Reuters, it removed Pushwoosh software from seven public-facing apps, citing security concerns. The U.S. Army said it had removed an app containing Pushwoosh code in March because of the same concerns. That app was used by soldiers at one of the country's main combat training bases. According to company documents publicly filed in Russia and reviewed by Reuters, Pushwoosh is headquartered in the Siberian town of Novosibirsk, where it is registered as a software company that also carries out data processing. It employs around 40 people and reported revenue of 143,270,000 rubles ($2.4 mln) last year. Pushwoosh is registered with the Russian government to pay taxes in Russia. On social media and in U.S. regulatory filings, however, it presents itself as a U.S. company, based at various times in California, Maryland and Washington, D.C., Reuters found.Read more of this story at Slashdot.

Jeff Bezos, the founder of Amazon, said that he would give away most of his money to charity, making him the latest billionaire to pledge to donate his vast fortune during his lifetime. From a report: Mr. Bezos is worth $124 billion, making him the world's fourth-richest person, according to Bloomberg. In an interview with CNN released on Monday, Mr. Bezos, appearing with his girlfriend, Lauren Sanchez, said they were making preparations "to be able to give away this money." He said that he wanted to give in a way that maximized the impact of the donations. "It's really hard," he said. "And there are a bunch of ways, I think, that you could do ineffective things," he said. It was the first time that Mr. Bezos announced that he, like several other billionaires, would give away the bulk of his wealth. In 2020, Mr. Bezos pledged to give $10 billion to combat climate change as part of an initiative called the Bezos Earth Fund. Previously, his largest donation was a $2 billion gift to help homeless families and start preschools.Read more of this story at Slashdot.

India has lifted the download ban on VLC, more than nine months after it mysteriously blocked the official website of the popular media playback software in the South Asian market. From a report: VideoLAN, the popular software's developer, filed a legal notice last month seeking an explanation from the nation's IT and Telecom ministries for the block order. The Ministry of Electronics and IT has removed its ban on the website of VLC media player, New Delhi-based advocacy group Internet Freedom Foundation, which provided legal support to VideoLAN, said on Monday. VideoLAN confirmed the order. Indian telecom operators began blocking VideoLAN's official website, where it lists links to downloading VLC, in February of this year, VideoLAN president and lead developer Jean-Baptiste Kempf told TechCrunch in an earlier interview. India is one of the largest markets for VLC.Read more of this story at Slashdot.

Apple's next major product -- a mixed-reality headset that it hopes will vault the company into a new era of computing -- isn't set to arrive until next year. But job listings and personnel changes at the company give a preview of some of the device's capabilities. From a report: Now we're gleaning additional details, thanks to Apple job listings published over the last several months and changes to the team behind the future headset -- the Technology Development Group, or TDG. A few job listings indicate that Apple is ramping up its work to bolster the device with content. The company is searching for a software producer with experience in visual effects and game asset pipelines who can create digital content for augmented- and virtual-reality environments. The listings also imply that Apple is looking to build a video service for the headset featuring 3D content that can be played in virtual reality. This would follow the company's 2020 acquisition of NextVR, which partnered with artists and professional sports leagues to transmit VR content to headsets. Apple is also looking for engineers who can work on development tools geared toward virtual and augmented reality. Unsurprisingly, it appears that the company wants its new operating system to use App Intents, which lets apps work with features like Siri and Shortcuts. "We are looking for a software engineer who will work on the App Intents framework to help design and implement solutions to unlock deep system intelligence, enable new developer tools, and facilitate novel user interactions from application data models which are leveraged by a variety of system services such as Shortcuts, Siri, Search, and more," one job listing for the TDG department says. The most interesting job listing is one that specifically calls out the development of a 3D mixed-reality world, suggesting that Apple is working on a virtual environment that is similar to the metaverse -- though don't expect Apple to embrace that term. Its marketing chief said at a recent event that metaverse is "a word I'll never use."Read more of this story at Slashdot.

NPR reports that "two teams of scientists — one at Northeastern University in Boston; the other at the University of Cambridge in the UK — recently announced that they managed to manufacture, in a lab, a material that does not exist naturally on Earth." "It — until now — has only been found in meteorites."We spoke to Laura Henderson Lewis, one of the professors on the Northeastern team, and she told us the material found in the meteorites is a combination of two base metals, nickel and iron, which were cooled over millions of years as meteoroids and asteroids tumbled through space. That process created a unique compound with a particular set of characteristics that make it ideal for use in the high-end permanent magnets that are an essential component of a vast range of advanced machines, from electric vehicles to space shuttle turbines. The compound is called tetrataenite, and the fact that scientists have found a way to make it in a lab is a huge deal. If synthetic tetrataenite works in industrial applications, it could make green energy technologies significantly cheaper. It could also roil the market in rare earths, currently dominated by China, and create a seismic shift in the industrial balance between China and the West.... But it will be a long time before tetrataenite is in a position to disrupt any existing markets, Laura Lewis says. She says there is still a lot of testing to be done to find out whether lab tetrataenite is as hardy and as useful as the outer space material. And even if it turns out to be as good, it will be five to eight years "pedal to the metal" before anyone could make permanent magnets out of it. In the meantime, China's competitors are working hard to source rare earths of their own. The US is investing in mines in Australia; there's exploration ongoing in Malaysia, and the Japanese are researching ways to extract elements from mud mined from the sea bed.Read more of this story at Slashdot.

346 people died in two separate crashes of the Boeing 737 MAX — one in 2018 and one in 2019. And then in 2021, a Boeing 737-500 crashed in Indonesia, killing all 62 people on board. Thursday Indonesia's national transportation safety committee (KNKT) released its final report on that 737-500 crash. It found that after takeoff the plane's autothrottle system (which automatically adjusts power to the jet's two engines) became stuck on the right engine, "as a result of friction or binding within the mechanical system," according to the Seattle Times. The newspaper also notes that the same system "had repeatedly malfunctioned on the aircraft before the crash." The report also blames an inadequate response from the pilots.As the jet climbed away from the runway in Jakarta and the pilots adjusted the autopilot mode to reduce thrust, the autothrottle duly eased back power to the left engine but the right engine continued at full power. The resultant asymmetric thrust caused the plane to turn to the left even as the pilots steered the control wheel to the right and the autopilot followed by moving control surfaces on the wing to roll right. Another system on the plane designed to monitor for asymmetric thrust also malfunctioned and delayed disengaging the autothrottle as it should have. But as this was happening, the pilots were unaware of it. The pilots should have seen from the instrument panel attitude display that the plane was deviating from its flight path to the left. And they should have noted the right thrust lever not having moved backward like the left lever, alerting them to the asymmetric thrust. They apparently missed both clues. Just under 5 minutes after takeoff, as the jet banked steeply left, a warning alert sounded in the cockpit: "BANK ANGLE." Two seconds after the alert sounded, at an altitude of 10,700 feet, the pilot in command disengaged the autopilot system to take manual control. This pilot, 54 years old with almost 18,000 hours of flight time, half of that in a 737, clearly didn't realize that the autopilot had been compensating and masking the effect of the asymmetric thrust in the engines. With the autopilot gone, the countering forces from the control surfaces on the wings were removed and "the yaw and roll forces of the asymmetric power rolled the aircraft to the left," the investigation report states. The pilot was so unaware of what was happening that he steered the control wheel further left instead of right, which "increased the roll tendency of the aircraft to the left." The plane rolled more than 45 degrees left and went nose down. At that moment, the autothrottle finally disengaged. But it was too late to recover. The flight data stopped recording as the plane crashed into the sea. The report faults the pilots for their lack of recognition of the situation. It blames "pilot automation complacency" (overreliance on the automated system) and "confirmation bias" (believing that the plane was steering right as commanded, when in fact it was rolling left). The Indonesian safety authority found that Sriwijaya Air provided "inadequate" training for its pilots in upset recovery, which means righting an airplane if it inadvertently stalls, rolls or pitches to deviate from the intended flight position. Indonesia now mandates detailed upset recovery training for all airline pilots. The KNKT report also states that the system that was supposed to monitor the 737's autothrottle for asymmetric thrust and disengage it — the Cruise Thrust Split Monitor — may have been misrigged by maintenance personnel, or its failure may have been due to a sensor fault providing an incorrect value for the positions of the control surfaces on the wings to the autothrottle computer. The report notes that Boeing is issuing a bulletin to all 737 operators requiring repetitive inspections of the control surface sensors. An Airworthiness Directive that will make this mandatory is pending from the Federal Aviation Administration.Read more of this story at Slashdot.

America's Department of Energy awarded $3 million to Oregon State University "to explore the development of a new rechargeable battery technology that would accelerate the clean energy transition," reports the Associated Press, "without relying on rare finite minerals such as lithium, cobalt and nickel."OSU chemistry professor Xiulei "David" Ji, who will lead a battery research team, said it could be a game-changer. "It's a new paradigm," he told Oregon Public Broadcasting. "We are very excited and very grateful to have this opportunity to work on this project...." His plan is to explore anion batteries that provide the necessary components without using limited minerals like the ones lithium batteries use and that could potentially increase how much energy a battery can hold. "The new battery chemistry does not have to rely on these elements," Ji said. "That's the benefit of the new chemistry. It's a game changer." Ji said the primary market for these batteries would be electric vehicles, but he doesn't rule out the possibility of anion batteries being used by large-scale utilities, like Portland General Electric's solar, wind and battery facility. He also said they could be commercialized soon and be used in homes. The article points out that the price of lithium tripled in 2021, and according to the International Energy Agency, the world could face lithium shortages by 2025.Read more of this story at Slashdot.

About three weeks ago Crypto.com "mistakenly sent 320,000 in Ethereum (~$416 million USD) to another cryptocurrency exchange, called Gate.io," reports the Verge's storystream (citing a report from Web3 Is Going Just Great).In a post on Twitter, Crypto.com CEO Kris Marszalek says the company was supposed to send the crypto to one of its cold, or offline, wallets, but accidentally sent it to a "whitelisted" address belonging to its corporate account at Gate.io. This all unfolded after Marszalek publicly posted the company's cold wallet addresses to provide transparency about what the exchange does with its funds. After digging into Crypto.com's transactions, one user, Conor Grogan, points out that the exchange sent 320,000 in Ethereum to Gate.io on October 21st, an amount that makes up about 80 percent of the company's Ethereum holdings. Marszalek later added that it was able to recover "the entirety" of the transferred assets. Users on Twitter confirmed that Crypto.com received its funds back about a week later.... Gate.io also issued a response, noting that it started returning the funds once it realized the transfer was "an operation error." But hey, at least Crypto.com's funds were actually returned this time. In August, a pretty unfortunate typo resulted in Crypto.com giving a customer $7.2 million instead of a $68 refund, which it's currently suing to get back. Despite the reassurances from Marszalek that "all our systems are operating normally," this whole ordeal is sparking withdrawals from the platform as users begin to worry whether Crypto.com will suffer the same fate as the now-bankrupt FTX and other beleaguered firms.Read more of this story at Slashdot.

While the popularity of jQuery is decreasing, React.JS "is currently the most widely used client-side framework," reports ZDNet, citing SlashData's 23rd State of the Developer Nation report (compiled from more than 26,000 developers last summer from 163 countries). ZDNet believe it shows developers "experimenting less and sticking with what they know and what works."JavaScript remains the largest programming language community, SlashData found. According to its research, there are an estimated 19.6 million developers worldwide using JavaScript every day in everything from web development and mobile apps to backend coding, cloud and game design. Java, meanwhile, is growing rapidly. In the last two years, the size of the Java community has more than doubled from 8.3 million to 16.5 million, SlashData found. For perspective, the global developer population grew about half as fast over the same period.... Python also continued to grow strongly, adding about eight million new developers over the last two years, according to SlashData. It accredited the rise of data science and machine learning as "a clear factor in Python's growing popularity". Approximately 63% of machine-learning developers and data scientists report using Python, whereas less than 15% use R, another programming language often associated with data science. Both the Kotlin and Rust communities doubled in size in the past two years, the article points out. But according to the survey, only 9% of developers were involved in blockchain technologies. Yet 27% of respondents reported they were learning about (if not currently working on) cryptocurrency-based projects. ZDNet summarizes the findings:Of the three blockchain technologies covered in the report, non-fungible tokens (NFTs) were found to be of least interest to developers: 58% showed "no interest" in NFTs, which SlashData said was "likely due to its perception as a novelty". The report found that one-quarter (25%) of developers currently work on, or are learning about, blockchain applications other than cryptocurrencies.Read more of this story at Slashdot.

Slashdot reader Informativity writes: First published in Jan. '21, a new publication entitled Measurement Quantization affirms the #42 is the address of our universe (Appx. AC), a distinguishing feature of our construct that ultimately answers the question to life, the universe and everything – from a physicist's point-of-view. Importantly, the International Journal of Geometric Methods in Modern Physics – is a top-tier journal indexed to NASA's Astronomical Data System (ADS), the after peer review version of arXiv.org. With just over 500 equations, the paper resolves a comprehensive physical description of dark energy, dark matter, discrete gravity, and unification. Resolving over 30 outstanding problems in modern physics, the paper derives the physical constants from first principles, demonstrates the physical significance of Planck's units, resolves discrete versions of SR and GR, derives the equivalence principle, presents a parameter free description of early universe events, discovers a new form of length contraction not related to Einstein's relativity and identifies the discrete state of our universe – 42. Forty-two is what defines our universe from any other version of a universe. It also determines the rate of expansion and the ground state orbital of an atom, thus reducing the number of stable universes as we understand them to just a few. So, while Douglas Adams may have just been randomly picking numbers when writing Hitchhiker's Guide to the Galaxy, perhaps we also live in a universe that likes to humor itself.Read more of this story at Slashdot.

An anonymous reader writes that Seagate Technology has launched its second generation dual actuator MACH.2 series hard drives. "Computing power, storage capacities, and storage performance: all must continue moving forward in order for technology innovators to solve humanity's greatest challenges," boasts Seagate's page for the drives:MACH.2 is the world's first multi-actuator hard drive technology, containing two independent actuators that transfer data concurrently. MACH.2 solves the need for increased performance by enabling parallelism of data flows in and out of a single hard drive. By allowing the data center host computer to request and receive data from two areas of the drive simultaneously, MACH.2 doubles the IOPS performance of each individual hard drive.... MACH.2 provides up to 2x performance — with two independent actuators and data paths, it enables concurrent I/O streams to and from the host. Seagate claims it offers "optimal latency" by improving sequential peformance to double data transfer rates over single-actuator drives. And in other news, Seagate is selling hard drives with commemorative Star Wars themes, including the Mandalorian drive, the Grogu drive, and the Boba Fett drive. (It's in addition to Seagate's officially licensed external drive for God of War Ragnarök — optimised for PS4 and PS5, delivering "the ability to play PS4 games directly from the drive.") Seagate also made drives commemorating Marvel's Avengers and Spider-Man, and now has new drives for Marvel's Black Panther: Wakanda Forever .Read more of this story at Slashdot.

Fearing the possibility of encryption-cracking quantum computers, Quanta magazine reports that researchers are "scrambling to produce new,'post-quantum' encryption scheme."Earlier this year, the National Institute of Standards and Technology revealed four finalists in its search for a post-quantum cryptography standard. Three of them use "lattice cryptography" — a scheme inspired by lattices, regular arrangements of dots in space. Lattice cryptography and other post-quantum possibilities differ from current standards in crucial ways. But they all rely on mathematical asymmetry. The security of many current cryptography systems is based on multiplication and factoring: Any computer can quickly multiply two numbers, but it could take centuries to factor a cryptographically large number into its prime constituents. That asymmetry makes secrets easy to encode but hard to decode.... A quirk of factoring makes it vulnerable to attack by quantum computers.... Originally developed in the 1990s, [lattice cryptography] relies on the difficulty of reverse-engineering sums of points... Of course, it's always possible that someone will find a fatal flaw in lattice cryptography... Cryptography works until it's cracked. Indeed, earlier this summer one promising post-quantum cryptography scheme was cracked using not a quantum computer, but an ordinary laptop. At a recent panel discussion on post-quantum cryptography, Adi Shamir (the S in RSA), expressed concern that NIST's proposed solutions are predominantly based on lattice cryptography. "In some sense, we are putting all eggs in the same basket, but that is the best we have.... "The best advice for young researchers is to stay away from lattice-based post-quantum crypto," Shamir added. "What we really lack are entirely different ideas which will turn out to be secure. So any great idea for a new basis for public-key cryptography which is not using lattices will be greatly appreciated."Read more of this story at Slashdot.

It's "a major cause" of our climate crisis. "It's on course to guzzle half the world's carbon budget," writes a Guardian columnist — asking "so why are governments so afraid to discuss it?" They've reviewed every agreement announced at 26 different climates. The results?Livestock is mentioned in only three agreements, and the only action each of them proposes is "management". Nowhere is there a word about reduction. It's as though nuclear non-proliferation negotiators had decided not to talk about bombs. You cannot address an issue if you will not discuss it. The call to stop farming animals should be as familiar as the call to leave fossil fuels in the ground. But it is seldom heard. Livestock farming, a recent paper in the journal Sustainability estimates, accounts for between 16.5% and 28% of all greenhouse gas pollution. The wide range of these figures is an indication of how badly this issue has been neglected. As the same paper shows, the official figure (14.5%), published by the UN Food and Agriculture Organisation, is clearly wrong. Everyone in the field knows it, yet few attempts have been made to update it. Even if the minimum number (16.5%) applies, this is greater than all the world's transport emissions. And it is growing fast. In the 20 years to 2018, global meat consumption rose by 58%. A paper in Climate Policy estimates that, by 2030, greenhouse gases from livestock farming could use half the world's entire carbon budget, if we want to avoid more than 1.5C of global heating. An analysis by Our World in Data shows that even if greenhouse gas pollution from every other sector were eliminated today, by 2100 food production will, on its current trajectory, bust the global carbon budget two or three times over. This is largely because of animal farming, which accounts for 57% of greenhouse gases from the food system, though it provides just 18% of the calories. The article also notes an academic paper which calculated that if livestock pastures in just the world's richest nations were returned to wild ecosystems, it would fully offset 12 years worth of global carbon emissions. "This issue has become even more urgent now we know the heating impact of methane is rising. "Livestock farming is the world's greatest source of methane released by human activities. Yet there is no mention of it in the global methane pledge launched at last year's climate summit." Thanks to Slashdot reader AleRunner for sharing the article.Read more of this story at Slashdot.

California's EV-funding proposition 30 "has suffered an unambiguous defeat," reports Bay City News. The measure would've increased taxes by 1.75% on income above $2 million a year (for roughly 43,000 California multimillionaires) to fund electric car rebates and combat wildfires. "In the statewide vote count as of late Wednesday, 59% rejected the proposal." So what happened? Before the election the New York Times described the fight:On one side, environmentalists have teamed up with firefighters, Democrats and Lyft, the ride-share company, which has poured more than $45 million into its campaign to pass a climate initiative. On the other, [Democrat] Governor Gavin Newsom has aligned himself with California billionaires, teachers and Republicans in opposition.... Proponents say the measure would raise money from those who can afford it to fund critical state mandates on electric vehicle sales and ride-share miles that have been highly promoted but not fully funded. Opponents argue it would require taxpayers to foot the bill for electric vehicle subsidies that Uber and Lyft would eventually have to pay for on their own. In August, California regulators voted to ban the sale of all gasoline-powered cars in the state by 2035, which was hailed by environmentalists — and by Newsom — as a significant step in combating climate change. Last year, the state implemented an even earlier standard for ride-share companies like Lyft and Uber: 90 percent of ride-share drivers' miles will have to be in electric vehicles by 2030. Left out of those mandates was an explanation of who would be expected to pay for the switch to greener cars.... The opposition to the measure, which includes some of the wealthy individuals who would have to pay more in taxes and business groups opposed to tax increases, argues that the proposal benefits corporations, because Uber and Lyft would eventually have to comply with the new state electric vehicle mandates and would have to cough up the money to do so on their own, most likely by offering subsidies for their drivers to buy battery-powered cars. The "no" campaign got a huge boost over the summer from Newsom, who, despite his focus on fighting climate change, has emerged as its highest-profile opponent and appeared in an television advertisement attacking Lyft in September. "Prop. 30 is being advertised as a climate initiative," Newsom says in the ad as he strolls across the screen. "But in reality, it was devised by a single corporation, to funnel state income taxes to benefit their company." Currently Lyft's gig workers use their own cars — but was the opposition looking ahead to a future where Lyft owns its own fleet of self-driving (and electric) robo-taxis? In any case, Proposition 30 "was among the country's top five ballot measures this Election Day in terms of total contributions," reports Axios, "with nearly $73 million spent by parties on either side, per Ballotpedia.The results "are an unfortunate setback for the climate movement," Lyft — which spent about $45 million supporting Prop 30 — said in a statement Wednesday. On the other side of the country, Massachusetts voters approved a new 4% tax on those making more than $1 million for transportation and education funding, broadly speaking. And New Yorkers OK'd $4.2 billion in bond sales to fund climate change mitigation and resiliency programs.Read more of this story at Slashdot.

The CTO of a software company argues the software industry's current trajectory "is toward increasing complexity, longer product-development times, and greater fragility of production systems" — not to mention nightmarish problems maintaining code. "To address such issues, companies usually just throw more people at the problem: more developers, more testers, and more technicians who intervene when systems fail. Surely there must be a better way," they write in IEEE Spectrum. "I'm part of a growing group of developers who think the answer could be functional programming...."Today, we have a slew of dangerous practices that compromise the robustness and maintainability of software. Nearly all modern programming languages have some form of null references, shared global state, and functions with side effects — things that are far worse than the GOTO ever was. How can those flaws be eliminated? It turns out that the answer has been around for decades: purely functional programming languages.... Indeed, software based on pure functions is particularly well suited to modern multicore CPUs. That's because pure functions operate only on their input parameters, making it impossible to have any interactions between different functions. This allows the compiler to be optimized to produce code that runs on multiple cores efficiently and easily.... Functional programming also has a solution to Hoare's "billion-dollar mistake," null references. It addresses that problem by disallowing nulls. Instead, there is a construct usually called Maybe (or Option in some languages). A Maybe can be Nothing or Just some value. Working with Maybe s forces developers to always consider both cases. They have no choice in the matter. They must handle the Nothing case every single time they encounter a Maybe. Doing so eliminates the many bugs that null references can spawn. Functional programming also requires that data be immutable, meaning that once you set a variable to some value, it is forever that value. Variables are more like variables in math... Pure functional programming solves many of our industry's biggest problems by removing dangerous features from the language, making it harder for developers to shoot themselves in the foot.... I anticipate that the adoption of pure functional languages will improve the quality and robustness of the whole software industry while greatly reducing time wasted on bugs that are simply impossible to generate with functional programming. It's not magic, but sometimes it feels like that, and I'm reminded of how good I have it every time I'm forced to work with a non-functional codebase.Read more of this story at Slashdot.

A report from the Georgetown's Center on Education and the Workforce found that Bachelor's degree holders generally earn 84% more than those with just a high school diploma, reports CNBC. "Still, 44% of all job seekers with college degrees regret their field of study."Journalism, sociology, communications and education all topped the list of most-regretted college majors, according to ZipRecruiter's survey of more than 1,500 college graduates who were looking for a job. "When you are barely managing to pay your bills, your paycheck might become more important." Of graduates who regretted their major, most said that, if they could go back, they would now choose computer science or business administration instead. All in, the top-paying college majors earn $3.4 million more than the lowest-paying majors over a lifetime. Graduates entering the workforce with good career prospects and high starting salaries are the most satisfied with their field of study, job site ZipRecruiter also found. Computer science majors, with an average annual starting salary of almost $100,000, were the happiest overall, according to ZipRecruiter. Students who majored in criminology, engineering, nursing, business and finance also felt very good about their choices.Read more of this story at Slashdot.

In 2001 Slashdot ran a story about a 5,100-year-old "ice mummy" discovered in the Alps. But now researchers are arguing that our assumptions about how weather, climate, and glacial ice conspired to preserve it were all wrong. Science magazine reports:In 1991, hikers in the Alps came across a sensational find: a human body, partially encased in ice, at the top of a mountain pass between Italy and Austria. Police called to the scene initially assumed the man had died in a mountaineering accident, but within weeks archaeologists were arguing he was actually the victim of a 5100-year-old murder. They were right: Later dubbed Ötzi after the Ötztal Valley nearby, the man's body is the oldest known "ice mummy" on record.... But Ötzi's preservation may not be as unusual as it first seemed, archaeologists argue in a paper published today. And that could mean more bodies from the distant past are waiting to emerge as ice melts in a warming climate. Ötzi "was such a huge surprise when he was found people thought he was a freak event," says Lars Pilø, an archaeologist working for the Oppland County Glacier Archaeological Program in Norway. But many of the original assumptions about how weather, climate, and glacial ice conspired to preserve him were wrong, Pilø; and other researchers write in the journal The Holocene. "This paper sheds new light on the interpretation of this exceptional archaeological find," says Matthias Huss, a glaciologist at ETH Zürich, who was not part of the team.... "The general understanding was that Ötzi marked this beginning of a cooler period," Huss says, "as people were sure that [he] must have been within the ice without interruption since his death." But with the retreat of glaciers and ice patches around the world over the past few decades, other ancient remains have emerged, including bodies, hunting equipment, horse manure, and skis. "No one expected similar sites," says Thomas Reitmaier, an archaeologist at the Archaeological Service of the Canton of Grisons in Switzerland and a co-author of the new study. "Now, we have lots, and we find this one fits quite well with the picture of glacial archaeology we've developed." Thanks to Slashdot reader sciencehabit for sharing the story.Read more of this story at Slashdot.

After 908 days in orbit, the U.S. military's X-37B space plane finally touched down today in Florida, reports Space.com. And "the Boeing-built space plane also carried a service module on the newly completed mission, a first for the U.S. Space Force's X-37B program.""With the service module added, this was the most we've ever carried to orbit on the X-37B, and we're proud to have been able to prove out this new and flexible capability for the government and its industry partners," Jim Chilton, senior vice president at Boeing Space and Launch, said in a statement today. The X-37B resembles NASA's now-retired space shuttle but is much smaller, measuring just 29 feet (8.8 meters) from nose to tail. The space shuttle was 122 feet (37 m) long and was piloted — another key difference, as the X-37B is autonomous. The U.S. Space Force is thought to own two X-37B vehicles, both of which were provided by Boeing. To date, the duo has flown six orbital missions, each of which is known by the signifier OTV ("Orbital Test Vehicle"): OTV-1: Launched on April 22, 2010 and landed on Dec. 3, 2010 (duration 224 days). OTV-2: March 5, 2011 to June 16, 2012 (468 days). OTV-3: Dec. 11, 2012 to Oct. 17, 2014 (674 days). OTV-4: May 20, 2015 to May 7, 2015 (718 days). OTV-5: Sept. 7, 2017 to Oct. 27, 2019 (780 days). OTV-6: May 17, 2020 to Nov. 12, 2022 (908 days).Read more of this story at Slashdot.

This week the Adacore blog shared a story about the NVIDIA Security Team:Like many other security-oriented teams in our industry today, they were looking for a measurable answer to the increasingly hostile cybersecurity environment and started questioning their software development and verification strategies. "Testing security is pretty much impossible. It's hard to know if you're ever done," said Daniel Rohrer, VP of Software Security at NVIDIA. In my opinion, this is the most important point of the case study — that test-oriented software verification simply doesn't work for security. Once you come out of the costly process of thoroughly testing your software, you can have a metric on the quality of the features that you provide to the users, but there's not much you can say about security. Rohrer continues, "We wanted to emphasize provability over testing as a preferred verification method." Fortunately, it is possible to prove mathematically that your code behaves in precise accordance with its specification. This process is known as formal verification, and it is the fundamental paradigm shift that made NVIDIA investigate SPARK, the industry-ready solution for software formal verification. Back in 2018, a Proof-of-Concept (POC) exercise was conducted. Two low-level security-sensitive applications were converted from C to SPARK in only three months. After an evaluation of the return on investment, the team concluded that even with the new technology ramp-up (training, experimentation, discovery of new tools, etc.), gains in application security and verification efficiency offered an attractive trade-off. They realized major improvements in the security robustness of both applications (See NVIDIA's Offensive Security Research D3FC0N talk for more information on the results of the evaluation). As the results of the POC validated the initial strategy, the use of SPARK spread rapidly within NVIDIA. There are now over fifty developers trained and numerous components implemented in SPARK, and many NVIDIA products are now shipping with SPARK components.Read more of this story at Slashdot.

"Around 20% of people who survive cardiopulmonary resuscitation (CPR) after cardiac arrest may describe lucid experiences of death that occurred while they were seemingly unconscious and on the brink of death," reports SciTechDaily. "This is according to new research led by investigators at NYU Grossman School of Medicine and elsewhere."Long-time Slashdot reader InfiniteZero shared their report:Included in the study were 567 men and women whose hearts stopped beating while hospitalized and who received CPR between May 2017 and March 2020 in the United States and the United Kingdom.... Survivors reported having unique lucid experiences, including a perception of separation from the body and observing events without pain or distress. They also reported a meaningful evaluation of life, including of their actions, intentions, and thoughts toward others. The researchers found these experiences of death to be different from hallucinations, dreams, delusions, illusions, or CPR-induced consciousness. Tests for hidden brain activity were also included in the research. A key finding was the discovery of spikes of brain activity, including so-called gamma, delta, theta, alpha, and beta waves up to an hour into CPR. Some of these brain waves normally occur when people are conscious and performing higher mental functions, including thinking, memory retrieval, and conscious perception. "These recalled experiences and brain wave changes may be the first signs of the so-called near-death experience, and we have captured them for the first time in a large study," says Sam Parnia, MD, PhD, the lead study investigator and an intensive care physician, who is also an associate professor in the Department of Medicine at NYU Langone Health, as well as the organization's director of critical care and resuscitation research."Our results offer evidence that while on the brink of death and in a coma, people undergo a unique inner conscious experience, including awareness without distress...." "These lucid experiences cannot be considered a trick of a disordered or dying brain, but rather a unique human experience that emerges on the brink of death," says Parnia. As the brain is shutting down, many of its natural braking systems are released. Known as disinhibition, this provides access to the depths of a person's consciousness, including stored memories, thoughts from early childhood to death, and other aspects of reality. While no one knows the evolutionary purpose of this phenomenon, it clearly reveals "intriguing questions about human consciousness, even at death," says Parnia.Read more of this story at Slashdot.

Long-time Slashdot reader destinyland shares this announcement from the EFF's DeepLinks blog: This weekend, EFF is celebrating the life and work of programmer, activist, and entrepreneur Aaron Swartz by participating in the 2022 Aaron Swartz Day and Hackathon. This year, the event will be held in person at the Internet Archive in San Francisco on Nov. 12 and Nov. 13. It will also be livestreamed; links to the livestream will be posted each morning. Those interested in attending in-person or remotely can register for the event here. Aaron Swartz was a digital rights champion who believed deeply in keeping the internet open. His life was cut short in 2013, after federal prosecutors charged him under the Computer Fraud and Abuse Act (CFAA) for systematically downloading academic journal articles from the online database JSTOR. Facing the prospect of a long and unjust sentence, Aaron died by suicide at the age of 26.... Those interested in working on projects in Aaron's honor can also contribute to the annual hackathon, which this year includes several projects: SecureDrop, Bad Apple, the Disability Technology Project (Sat. only), and EFF's own Atlas of Surveillance. In addition to the hackathon in San Francisco, there will also be concurrent hackathons in Ecuador, Argentina, and Brazil. For more information on the hackathon and for a full list of speakers, check out the official page for the 2022 Aaron Swartz Day and Hackathon. Speakers this year include Chelsea Manning and Cory Doctorow, as well as Internet Archive founder Brewster Kahle, EFF executive director Cindy Cohn, and Creative Commons co-founder Lisa Rein.Read more of this story at Slashdot.

"Federal prosecutors are asking a judge to sentence Elizabeth Holmes to 15 years in prison," reports the Guardian, "and require the Theranos founder to pay $800m in restitution, according to court documents filed on Friday."A jury found Holmes guilty in January of four counts of investor fraud and conspiracy. Her sentencing is scheduled for 18 November, and she faces a maximum 20 years in prison. Prosecutors argued that "considering the extensiveness of Holmes's fraud", their recommended sentencing would "reflect the seriousness of the offenses, provide for just punishment for the offenses, and deter Holmes and others". Holmes's lawyer argued in documents filed on Thursday that the ex-Theranos boss should not be sentenced to prison at all and, at most, should receive 18 months of house arrest. The court filings argued that Holmes had been made a "caricature to be mocked and vilified" by the media over the years, though she is a caring mother and friend. "Ms Holmes is no danger to the public," Holmes's lawyer said in the court documents. "She has no criminal history, has a perfect pretrial services compliance record, and is described by the people who know her repeatedly as a gentle and loving person who tries to do the right thing."Read more of this story at Slashdot.

"Cixin Liu's sci-fi novel The Three-Body Problem can't stop jumping to other formats," reports Gizmodo:In addition to next year's Netflix series from The Terror: Infamy's Alexander Woo and Game of Thrones creators David Benioff and DB Weiss, last year saw the release of a serialized podcast (different from the audiobook version). And for 2022, we've got an animated series that's premiering actually pretty soon. Come December 3, an anime version of The Three-Body Problem will release on the Chinese streaming platform Bilibili. This series was originally announced in 2019 with a trailer, but things have been fairly quiet on that front up until now. Developed by CG studio YHTK Entertainment in partnership with The Three-Body Universe, a studio built specifically for the purpose of managing the franchise, a new trailer for the upcoming anime was released earlier in the week during a Bilibili anime showcase. "Having enjoyed the book, I think it looks promising," writes Slashdot reader Camembert. The 2008 book was the first in Liu's hard sci-fi series Remembrance of Earth's Past — and according to Gizmodo, this is just the beginning:Bilibili's adaptation is the first of a larger initiative called the Three-Body Global Creator Project. Per the press release, animation studios across the world are permitted to explore the Remembrance franchise to showcase its global potential through various art and animation styles.... And if animation or Netflix aren't your bag, Tencent Video has made a live action version of The Three-Body Problem, though that version has yet to receive a release date.Read more of this story at Slashdot.

In a statement in February, America's Federal Bureau of Investigation "confirmed that it obtained NSO Group's powerful Pegasus spyware" back in 2019, reported the Guardian. At the time the FBI added that "There was no operational use in support of any investigation, the FBI procured a limited licence for product testing and evaluation only." "But dozens of internal F.B.I. documents and court records tell a different story," the New York Times reported today:The documents, produced in response to a Freedom of Information Act lawsuit brought by The New York Times against the bureau, show that F.B.I. officials made a push in late 2020 and the first half of 2021 to deploy the hacking tools — made by the Israeli spyware firm NSO — in its own criminal investigations. The officials developed advanced plans to brief the bureau's leadership, and drew up guidelines for federal prosecutors about how the F.B.I.'s use of hacking tools would need to be disclosed during criminal proceedings. It is unclear how the bureau was contemplating using Pegasus, and whether it was considering hacking the phones of American citizens, foreigners or both. In January, The Times revealed that F.B.I. officials had also tested the NSO tool Phantom, a version of Pegasus capable of hacking phones with U.S. numbers. The F.B.I. eventually decided not to deploy Pegasus in criminal investigations in July 2021, amid a flurry of stories about how the hacking tool had been abused by governments across the globe. But the documents offer a glimpse at how the U.S. government — over two presidential administrations — wrestled with the promise and peril of a powerful cyberweapon. And, despite the F.B.I. decision not to use Pegasus, court documents indicate the bureau remains interested in potentially using spyware in future investigations. "Just because the F.B.I. ultimately decided not to deploy the tool in support of criminal investigations does not mean it would not test, evaluate and potentially deploy other similar tools for gaining access to encrypted communications used by criminals," stated a legal brief submitted on behalf of the F.B.I. late last month.... The specifics of why the bureau chose not to use Pegasus remain a mystery, but American officials have said that it was in large part because of mounting negative publicity about how the tool had been used by governments around the world. The Times also notes two responses to their latest report. U.S. Senator Ron Wyden complained the FBI's earlier testimony about Pegasus was incomplete and misleading, and that the agency "owes Americans a clear explanation as to whether the future operational use of NSO tools is still on the table." But an F.B.I. spokeswoman said "the director's testimony was accurate when given and remains true today — there has been no operational use of the NSO product to support any FBI investigation." Thanks to long-time Slashdot reader crazyvas for suggesting the story.Read more of this story at Slashdot.

"Apple is facing a class action lawsuit for allegedly harvesting iPhone user data even when the company's own privacy settings promise not to," reports Gizmodo:The suit, filed Thursday in California federal court, comes days after Gizmodo exclusively reported on research into how multiple iPhone apps send Apple analytics data, regardless of whether the iPhone Analytics privacy setting is turned on or off. The problem was spotted by two independent researchers at the software company Mysk, who found that the Apple App Store sends the company exhaustive information about nearly everything a user does in the app, despite a privacy setting, iPhone Analytics, which claims to "disable the sharing of Device Analytics altogether" when switched off. Gizmodo asked the researchers to run additional tests on other iPhone apps, including Apple Music, Apple TV, Books, and Stocks. The researchers found that the problem persists across most of Apple's suite of built-in iPhone apps.... [I]n the tests, turning the iPhone Analytics setting off had no evident effect on the data collection, nor did any of the iPhone's other built-in settings meant to protect your privacy from Apple's data collection. Mysk's tests on the App Store found that Apple receives that data along with details that can identify you and your device, including ID numbers, what kind of phone you're using, your screen resolution, your keyboard languages and how you're connected to the internet — the kind of information commonly used for device fingerprinting.Read more of this story at Slashdot.

Thursday the Kudelski Group's cybersecurity division released "a tool for Linux that allows creation of multiple hidden volumes on a storage device in such a way that it is very difficult, even under forensic inspection, to prove the existence of such volumes." "Each volume is encrypted with a different secret key, scrambled across the empty space of an underlying existing storage medium, and indistinguishable from random noise when not decrypted."Even if the presence of the Shufflecake software itself cannot be hidden — and hence the presence of secret volumes is suspected — the number of volumes is also hidden. This allows a user to create a hierarchy of plausible deniability, where "most hidden" secret volumes are buried under "less hidden" decoy volumes, whose passwords can be surrendered under pressure. In other words, a user can plausibly "lie" to a coercive adversary about the existence of hidden data, by providing a password that unlocks "decoy" data. Every volume can be managed independently as a virtual block device, i.e. partitioned, formatted with any filesystem of choice, and mounted and dismounted like a normal disc. The whole system is very fast, with only a minor slowdown in I/O throughput compared to a bare LUKS-encrypted disk, and with negligible waste of memory and disc space. You can consider Shufflecake a "spiritual successor" of tools such as Truecrypt and Veracrypt, but vastly improved. First of all, it works natively on Linux, it supports any filesystem of choice, and can manage up to 15 nested volumes per device, so to make deniability of the existence of these partitions really plausible. "The reason why this is important versus "simple" disc encryption is best illustrated in the famous XKCD comic 538," quips Slashdot reader Gaglia (in the original submission. But the big announcement from Kudelski Security Research calls it "a tool aimed at helping people whose freedom of expression is threatened by repressive authorities or dangerous criminal organizations, in particular: whistleblowers, investigative journalists, and activists for human rights in oppressive regimes. "Shufflecake is FLOSS (Free/Libre, Open Source Software). Source code in C is available and released under the GNU General Public License v3.0 or superior.... The current release is still a non-production-ready prototype, so we advise against using it for really sensitive operations. However, we believe that future work will sensibly improve both security and performance, hopefully offering a really useful tool to people who live in constant danger of being interrogated with coercive methods to reveal sensitive information.Read more of this story at Slashdot.

Methane traps about 80 times as much heat as carbon, the Washington Post points out. So Friday at the UN's Climate Change conference, America's Environmental Protection Agency "unveiled an updated proposal to regulate methane seeping from pipes and other equipment maintained by the U.S. oil and gas industry, the country's biggest industrial source of the potent greenhouse gas."The proposal, which was partially released during last year's climate conference in Glasgow, Scotland, would be the first time the federal government requires existing facilities to find and fix methane leaks. "These are critical, common sense standards that will protect workers, protect communities ... and make very sharp cuts in dangerous pollutants that threaten our planet," EPA Administrator Michael EPA [Administrator Michael] Regan said at a news conference in Egypt. Under the proposal, the agency is seeking to compel oil and gas operators to use remote sensors to quickly address leaks and to require states to develop plans to curb methane from older wells. Gathering feedback from the industry over the past year, the EPA plans to offer companies more flexibility in how they monitor for leaks. Federal regulators will also establish a program to respond to blowouts and other "super-emitter" events, allowing third-party groups to help quickly identify major leaks. Officials say the regulations will reduce U.S. greenhouse gas emissions by one percentage point below 2005 levels, adding to the roughly 40 percent cut expected to come from the Inflation Reduction Act passed earlier this year. A methane fee program included in that legislation would require oil and gas to pay for all emissions above a certain threshold — providing an incentive for operators to abide by the new regulations, Regan said. The rule should also help the country fulfill the "Global Methane Pledge" — a U.S.-backed effort to curb emissions of the potent greenhouse gas 30 percent by 2030. Although more than 100 nations have signed on to the pledge since it was launched in 2021, a recent World Meteorological Organization report found that methane emissions this year are rising faster than ever before...Three of the world's t op five methane emitters — China, India and Russia — have not joined the initiative.... The United Nations on Friday also announced the launch of a public satellite system to detect major methane releases from the power, waste and agricultural sectors.Read more of this story at Slashdot.

"KFC has apologised after sending a promotional message to customers in Germany, urging them to commemorate Kristallnacht with cheesy chicken," reports the BBC.The Nazi-led series of attacks in the country in 1938 left more than 90 people dead, and destroyed Jewish-owned businesses and places of worship. It is widely seen as the beginning of the Holocaust.... The fast-food chain sent an app alert on Wednesday, saying: "It's memorial day for Kristallnacht! Treat yourself with more tender cheese on your crispy chicken. Now at KFCheese!" Around an hour later another message was sent with an apology, according to the Bild newspaper. "We are very sorry, we will check our internal processes immediately so that this does not happen again. Please excuse this error," the message is reported to have said. The fast food chain "apologized for the error," reports the Jerusalem Post, "explaining that they 'use a semi-automated content creation process linked to calendars that include national observances.'""In this instance, our internal review process was not properly followed, resulting in a non-approved notification being shared." Calling the mistake "obviously wrong, insensitive and unacceptable," KFC Germany added that they "have suspended app communications while we examine our current process to ensure such an issue does not occur again.Read more of this story at Slashdot.

Last week Australia's bigest health insurer, Medibank, said that data on all 4 million of its customers was breached. Now the group behind that breach "have since released more sensitive details of customers' medical records on the dark web, including data on abortions and alcohol issues," reports Australia's public broadcaster. Their article points out that the release "follows Medibank's refusal to pay a ransom for the data, with almost 500,000 health claims stolen, along with personal information." But what's really interesting is that article's headine: " 'Hunt down the scumbags': Australian government to 'hack the hackers' behind Medibank breach"The Australian government is going to "hunt down the scumbags" responsible for the Medibank hack that compromised the private information of nearly 10 million customers, cyber security minister Clare O'Neil said.... "Around 100 officers around these two organisations will be a part of this joint standing operation, and many of these officers will be physically co-located from the Australian Signals Directorate," she said. Ms. O'Neil said the officers will "show up to work every day" with the "goal of bringing down these gangs and thugs". "This is the formalisation of a partnership — a standing body within the Australian government which will day in, day out, hunt down the scumbags who are responsible for these malicious crimes against innocent people," she said. "The smartest and toughest people in our country are going to hack the hackers...." Australian Federal Police Commissioner Reece Kershaw on Friday said officers were also working with Interpol to track down the criminals. "We know who you are," he said. "The AFP has some significant runs on the scoreboard when it comes to bringing overseas offenders back to Australia to face the justice system." One Australian think tank told the Associated Press that the breach was caused by a stolen username and password, sold on a Russian dark web forum. "In a tweet, Australian Prime Minister Anthony Albanese, whose own Medibank data was stolen, said the Australian Federal Police knows where the hackers are and are working to bring them to justice," reports TechCrunch:The cybercriminals claimed that they initially sought $10 million in ransom from Medibank before reducing the sum to $9.7 million, or $1 per affected customer, the blog said. "Unfortunately, we expect the criminal to continue to release stolen customer data each day," Medibank CEO David Koczkar said on Friday. "These are real people behind this data and the misuse of their data is deplorable and may discourage them from seeking medical care." Thanks to long-time Slashdot reader schwit1 for sharing the story.Read more of this story at Slashdot.

Friday the Wall Street Journal reported:Crypto exchange FTX lent billions of dollars worth of customer assets to fund risky bets by its affiliated trading firm, Alameda Research, setting the stage for the exchange's implosion, a person familiar with the matter said. FTX Chief Executive Sam Bankman-Fried said in investor meetings this week that Alameda owes FTX about $10 billion, people familiar with the matter said. FTX extended loans to Alameda using money that customers had deposited on the exchange for trading purposes, a decision that Mr. Bankman-Fried described as a poor judgment call, one of the people said. All in all, FTX had $16 billion in customer assets, the people said, so FTX lent more than half of its customer funds to its sister company Alameda. And then Friday night Reuters reported that "At least $1 billion of customer funds have vanished from collapsed crypto exchange FTX, according to two people familiar with the matter. "The exchange's founder Sam Bankman-Fried secretly transferred $10 billion of customer funds from FTX to Bankman-Fried's trading company Alameda Research, the people told Reuters. A large portion of that total has since disappeared, they said." One source put the missing amount at about $1.7 billion. The other said the gap was between $1 billion and $2 billion. While it is known that FTX moved customer funds to Alameda, the missing funds are reported here for the first time. The financial hole was revealed in records that Bankman-Fried shared with other senior executives last Sunday, according to the two sources. The records provided an up-to-date account of the situation at the time, they said. Both sources held senior FTX positions until this week and said they were briefed on the company's finances by top staff.... In text messages to Reuters, Bankman-Fried said he "disagreed with the characterization" of the $10 billion transfer. "We didn't secretly transfer," he said. "We had confusing internal labeling and misread it," he added, without elaborating. Asked about the missing funds, Bankman-Fried responded: "???" FTX and Alameda did not respond to requests for comment.... At the heart of FTX's problems were losses at Alameda that most FTX executives did not know about, Reuters has previously reported.... FTX legal and finance teams also learned that Bankman-Fried implemented what the two people described as a "backdoor" in FTX's book-keeping system, which was built using bespoke software. They said the "backdoor" allowed Bankman-Fried to execute commands that could alter the company's financial records without alerting other people, including external auditors... In his text message to Reuters, Bankman-Fried denied implementing a "backdoor".... On Friday, FTX said it had turned over control of the company to John J. Ray III, the restructuring specialist who handled the liquidation of Enron Corp — one of the largest bankruptcies in history.Read more of this story at Slashdot.

An anonymous reader quotes a report from CoinDesk: The swift collapse of the FTX crypto exchange has sparked an industry push among big rivals to publish proof of their reserves as a means to provide transparency into the assets on their platforms. With those efforts just getting underway, one firm, Crypto.com, has taken the proactive step of providing a preliminary set of disclosures -- sharing wallet addresses with the blockchain analysis firm Nansen to create a dashboard of nearly $3 billion of reserves and other assets. What that shows is just how heavily the mix of assets is skewed toward a meme-y token called shiba inu (SHIB), a digital asset built atop the Ethereum blockchain that was largely inspired by the joke token dogecoin (DOGE). Like DOGE -- a key staple of billionaire Elon Musk's crypto schtick on Twitter -- the SHIB token is a highly volatile cryptocurrency whose primary use case is often considered to be speculation itself; it's traded for fast profits and yuks. Of the $2.88 billion in total assets in the wallets, roughly $558 million, or about 20%, are in SHIB. The holding ranks second only to the $872 million of bitcoin (BTC), the largest cryptocurrency by market value, which represents 31%. The amount exceeds the $487 million in ether (ETH), the second-biggest cryptocurrency, and dwarfs the $1.5 million in dogecoin (DOGE), Nansen data suggests. Crypto.com's large holding of SHIB is a "reflection of user interest/activity," Nansen data journalist Martin Lee told CoinDesk. "In an ideal world, we'd want the best assets to be worth the most, but SHIB and DOGE both have extremely high market caps," he said. So it's "not super surprising that retail-heavy exchanges will have a higher concentration of such tokens. And regardless, as an exchange, your main source of revenue would likely be trading fees, so whether it's meme coins or more fundamentally sound assets, your business model is intact." Further reading: Binance's CZ Slams Reports Binance's Reserves Are Full of Its Own TokensRead more of this story at Slashdot.

Kevin Conroy, best known for voicing Batman on Warner Bros.' long-running TV show "Batman: The Animated Series," has died after a short battle with cancer. He was 66. Variety reports: "Batman: The Animated Series" originally aired for 85 episodes on Fox Kids from 1992-1995. Conroy's deep, gravelly Batman voice was widely acclaimed by critics and comic book fans, with many regarding the actor as the definitive Caped Crusader. The series also featured Mark Hamill's memorable performance as the Joker. Conroy was so beloved for his Batman voice role that he continued with the character in various other DC projects, including the "Batman: Arkham" and "Injustice" video games franchises. He also appeared in various DC Universe Animated Original Movies, including "Batman: Gotham Knight" (2008), "Superman/Batman: Public Enemies" (2009), "Justice League: Doom" (2012), "Batman: The Killing Joke" (2016) and "Justice League vs. the Fatal Five" (2019), among other films. The 2019 "Justice League" animated film is Conroy's last credited feature as Batman, and his most recent video game credit as Batman is Warner Bros.' "MultiVersus" from earlier this year.Read more of this story at Slashdot.

According to The Verge, Volkswagen Norway as part of a marketing exercise "claims to have built an office chair that not only looks worthy of a Star Trek captain but also can drive around the office on its own five wheels -- at speeds of up to 20 kilometers per hour (roughly 12mph)." From the report: The company says it can travel a distance of 12 kilometers (roughly 7.5 miles) on its swappable battery. That's not all: it's got more amenities than my last car, with 360-degree collision avoidance sensors, a backup camera with full guidance, a heated embroidered seat, party lights, a touchscreen display, a USB charger, and a tow hitch. LED headlights, a seatbelt, and a horn come standard. There's even a "trunk" (a pocket, anyhow) with 0.17 cubic feet of space for documents and / or a laptop. The company has uploaded a behind-the-scenes video on YouTube on how it was created, including some footage of the final product that "will be available for test drives at various locations."Read more of this story at Slashdot.

More than $380 million in crypto left bankrupt crypto company FTX's wallets late Friday, with little clear explanation as to why. CoinDesk: According to on-chain data, various Ethereum tokens, as well as Solana and Binance Smart Chain tokens have exited FTX's official wallets and moved to decentralized exchanges like 1inch. Both FTX and FTX US appear to be affected. FTX US general counsel Ryne Miller tweeted that he was "investigating abnormalities with wallet movements related to consolidation of ftx balances across exchanges." The transfers, which have not been addressed officially by FTX leadership, come on the same day that the firm officially filed for Chapter 11 bankruptcy protection after apparently losing billions of dollars in user funds. Many FTX wallet holders are also reporting that they are seeing $0 balances in their FTX.com and FTX US wallets. There are indications that FTX may have been hacked. At least $1 billion of customer funds have vanished from collapsed crypto exchange FTX, Reuters reported separately. From the report: The exchange's founder Sam Bankman-Fried secretly transferred $10 billion of customer funds from FTX to Bankman-Fried's trading company Alameda Research, the people told Reuters. A large portion of that total has since disappeared, they said. One source put the missing amount at about $1.7 billion. The other said the gap was between $1 billion and $2 billion.Read more of this story at Slashdot.

Microsoft is building four datacenters in North Carolina as part of a phased development that will see it invest at least $1 billion over the next decade. The Register reports: The datacenter expansion will see Microsoft construct the facilities at sites in Conover, Maiden and two at Hickory in Catawba County, creating at least 50 new jobs, according to the Catawba County Economic Development Corporation. Economic development agreements and incentive grants for the project were approved at a joint meeting this week by the Catawba County Board of Commissioners along with the elected councils of Conover, Hickory and Maiden. The terms of the agreement include a guaranteed minimum investment over 10 years in Catawba County from Microsoft of $1 billion, with each municipality getting $332 million, with an additional $33 million to Hickory for its second site. Microsoft will get performance-based incentive grants of 50 percent real property value and 85 percent personal property value, to be awarded over ten years. This means that over that period, the local government bodies will essentially pay back that proportion of Microsoft's property taxes, according to reports in local media The Charlotte Observer. Microsoft did not state what capacity the new datacenters will have once built, but they are set to take up a combined 687 acres of land between them. The expansion is likely to be additional capacity for Microsoft Azure cloud. Currently, Microsoft already operates more than 200 datacenters globally. Last year, Microsoft said it planned to build new facilities in at least 10 more countries, and that it aimed to construct between 50 and 100 new datacenters each year for the foreseeable future.Read more of this story at Slashdot.

Microsoft has done a lot to make their flagship tablet-laptop more repairable. Following iFixit's recent teardown, the Surface Pro 9 was the "most repairable we've seen from the product line yet." Ars Technica shares the major findings: iFixit has consulted with Microsoft's hardware teams for a while now, providing advice on making devices more repairable. As evidence of this, Microsoft claims in a statement that it will: - Make repair guides available for the Surface Pro 9's components by the end of the year - Work with "a major US retailer" to build out an authorized (in-store) repair network by early 2023 - Offer parts to individuals and repair shops by the first half of 2023 All these factors improve repairability, both in practice and in iFixit's (and French, European, and potentially other nations') repair scores. iFixit's editorial teardowns, however, are conducted independently. When the team dug in, they found that the glass display has some flex built into it now, making it harder to shatter when you pry on the (now softer) glue underneath. With the screen off, you have access to all the modular components: motherboard, thermal module, the Surface Connect Port, speakers, Wi-Fi module, front and rear cameras, and side buttons. Most notably, the battery is now screwed down instead of held in place with glue. That makes the most common and predictable repair to the device "just plain simple," iFixit claims. The RAM is soldered to the motherboard, something that iFixit would typically penalize in the past. But iFixit says that given the power savings and performance boost from proximity to the CPU, it can't punish the decision. "Adding it all up, iFixit gives the Surface Pro 9 a 7 out of 10," concludes Ars' report. "That's a notable leap from prior Surface models, like the Pro 7, which received a 1 out of 10. But the Surface Pro 9's score will likely move up a notch or two if Microsoft keeps its promises to release manuals and spare parts to anyone who wants them next year."Read more of this story at Slashdot.

DeviantArt is launching an AI art generator called DreamUp, promising "safe and fair" generation for creators. Engadget reports: The website says one of artists' main concerns about AI art is that their work may be used to train artificial intelligence models, which means the generator could spit out pieces in their style without their consent. In an attempt to give artists control over their work, DeviantArt is giving them the ability to choose whether or not the tool can use their style for direct inspiration. Further, the website is giving them the power to declare whether or not to allow their work to be used in datasets used to train third-party AI models. If they choose not to be included in those datasets, their content pages' HTML files will contain a "noimageai" directive. Also a "noai" directive protects their artwork when media files are directly downloaded from DeviantArt's servers. "DeviantArt encourages other creator platforms to adopt this approach in order to ensure artists remain able to share their work with online audiences while retaining control over non-human usage," the website wrote in its announcement. Those directives, of course, won't be added to their pages' HTML files if they're cool with their work being used to train AI models. And if they choose to allow DreamUp to use their style as a direct inspiration, they will be "clearly credited" on the output when it's published on DeviantArt. Engadget notes that "all DreamUp submissions will be automatically tagged as #AIArt, and users will be able to choose to see or to hide posts under the topic." The generator is available for DeviantArt's paid Core subscription plans, but all users can sample the tool with up to five free prompts.Read more of this story at Slashdot.

Four years after Laserlike was acquired by Apple to boost its web search technology, the founders have quit to rejoin Google. AppleInsider reports: Prior to forming Laserlike in 2015, Anand Shukla, Srinivasan Venkatachary and Steven Baker were all Google employees. Their work at Apple is one reason the company has been predicted to launch its own search engine equivalent to Google's. Apple acquired Laserlike in 2018, though the deal wasn't made public until the following year. As part of the acquisition, the company's three founders were, and ultimately they led a 200-strong search team at Apple. According to The Information, Srinivasan Venkatachary has now returned to Google. He is reportedly the company's new vice president of engineering. Venkatachary reports to James Manyika, senior vice president of technology and society. Baker and Shukla now both work on Manyika's team. It's not known whether all three quit Apple at the same time, or whether Venkatachary is just the latest to move. According to The Information's source, Apple is estimated to be about four years away from launching a Google Search rival.Read more of this story at Slashdot.

An anonymous reader quotes a report from Benzinga: Binance CEO Changpeng Zhao on Friday came down heavily on a report the cryptocurrency exchange holds $74.6 billion in tokens, out of which nearly 40% are its own stablecoin BUSD and native coin BNB. Sharing data provided by blockchain analytics firm provided by Nansen, the Bloomberg report said about $23 billion of the $74.6 billion net worth is in the company's own stablecoin BUSD and $6.4 billion was in its own cryptocurrency, BNB. According to Nansen data, the exchange has also allocated 10.5% of its holdings to Bitcoin and 9.8% to Ether. Challenging the report, Zhao, popularly known as "CZ" in the crypto industry, said: "#BUSD is issued by Paxos, an NYDFS regulated entity, not Binance. The numbers are all wrong too. These are users' assets, in the form users choose to store with us. We don't convert for them." According to data shared by Binance, it holds around 475,000 Bitcoin ($7.8 billion), 4.8 million Ether ($5.57 billion), 17.6 billion USDT ($607 million), as well as close to 21.7 billion of its own stablecoin BUSD (worth $21.9 billion) and 58 million of its BNB tokens (worth $16 billion). The current value of these tokens is about $72.3 billion, according to Nansen.Read more of this story at Slashdot.

MachineShedFred writes: Tesla has opened their charging connector and equipment standards as the "North American Charging Standard" (NACS), including links to technical specifications and connector data sheets and CAD files. The formerly proprietary connector, now called NACS, is the most common charging standard in North America: "NACS vehicles outnumber CCS two-to-one, and Tesla's Supercharging network has 60% more NACS posts than all the CCS-equipped networks combined." Tesla noted that charging network operators "already have plans in motion to incorporate NACS at their chargers."Read more of this story at Slashdot.

Meta is exiting its Portal smart display business and will wind down work on smartwatch projects, reports Reuters citing company executives during an employee townhall meeting on Friday. The news comes two days after Meta announced about 11,000 job cuts, or 13% of its workforce, "the first mass layoffs in the company's 18-year history."Read more of this story at Slashdot.

In a post to /r/reddit, Reddit announced that it began rolling out a feature that will allow users to mute specific communities that contain content they don't want to see. Ars Technica reports: If you mute a subreddit using this feature, posts from it won't show up in your notifications, home feed recommendations, or Popular, Reddit's feed of the most upvoted content from across its various communities. Later, Reddit plans to apply muting to other places like "All" and "Discover." Muting a community won't stop you from being able to visit or post it, though. You can mute up to 1,000 communities and tweak your muted list at any time in Settings. The report notes that this new muting feature is only available in Reddit's iOS and Android apps for now. For updates on availability, Reddit directs users to their changelog feed.Read more of this story at Slashdot.

An anonymous reader quotes a report from Bloomberg: Apple's surge Thursday was one for the record books. The world's most valuable company added $190.9 billion in market value, the most ever by a US-listed company, as softer-than-expected inflation data buoyed equity markets across the board. The jump eclipsed Amazon's $190.8 billion gain in February, according to data compiled by Bloomberg. Apple, which after Thursday's 8.8% jump has a market capitalization of $2.34 trillion, now accounts for four out of the top five biggest daily gains. The stock remains down 17% this year.Read more of this story at Slashdot.