DigitalOcean, in a blog post: I am excited to announce that DigitalOcean has acquired the CSS-Tricks website, a learning site with 6,500 articles, videos, guides and other content focused on frontend development. CSS-Tricks will broaden and complement our existing library of content, furthering DigitalOcean's reach with both frontend and full-stack developers, and supports our community strategy, a key differentiator for DigitalOcean in the cloud computing space. CSS-Tricks will continue operating as a standalone site supported by DigitalOcean, and CSS-Tricks founder Chris Coyier will support CSS-Tricks in an advisory capacity. At DigitalOcean we take great pride in our commitment to the developer and startup communities. We truly believe that our community is bigger than just us, and we have demonstrated this through our creation of more than 6,000 high-quality developer tutorials and approximately 30,000 community-generated questions & answers, hosting of community-focused events such as deploy, and support of the open source community through Hacktoberfest and other initiatives.Read more of this story at Slashdot.
Microsoft has finally released its DirectStorage API to game developers. This means one of the most promising features of the Xbox Series X is coming to the PC. From a report: DirectStorage promises to bring faster loading times thanks to optimized NVMe SSD accesses. Previously, a game could only perform one in/out access at a time. This didn't present any issues in the days of hard drives, but now that most gaming PC's have SSDs that can transfer gigabytes per second with hundreds of thousands of in out operations per second (IOPS) it's clear that a better method was needed. Enter DirectStorage. DirectStorage lets an NVMe SSD to reach its full performance potential by allowing multiple I/O operations concurrently. It allows assets to be transferred directly to the GPU, leading to better efficiency.Read more of this story at Slashdot.
Amazon has worried for years that it tricks customers into signing up for Prime subscriptions. A previously undisclosed inquiry from the Federal Trade Commission has put more pressure on the company to fix it. Business Insider: Internal documents obtained by Insider show the company has been concerned since at least 2017 that user interface designs on Amazon.com have led customers to feel manipulated into signing up for Prime. These design decisions, commonly known as "dark patterns," push customers into acting unintentionally often through misleading imagery or intentionally vague offers. For example, a single click on the "Get FREE Two-Day Delivery with Prime" tab at check out -- with no additional confirmation step -- gets shoppers automatically enrolled into a 30-day free trial of Amazon's Prime program, which later converts to a paid membership unless the user cancels it. For cancellations, users have to jump through a number of pages to end the subscription. Amazon was aware of these complaints for years but did not take serious action, according to these previously unreported internal documents and six current and former employees who spoke to Insider. In several cases, fixes for these issues were proposed and considered, but resulted in lower subscription growth when tested, and were shelved by executives, the documents show.Read more of this story at Slashdot.
An anonymous reader shares a report: Microsoft won a contract worth up to $22 billion to build HoloLens-like goggles for the US military. The contract has had delays and quality problems amid strategic confusion in its mixed reality unit. Microsoft is expecting a negative reception due to ongoing problems with the device's reliability and its performance in low light environments, adding uncertainty ahead of the planned operational tests in May, according to the email. "We (Microsoft) are going into the event expecting negative feedback from the customer," a Microsoft employee wrote on Thursday in a memo to members of the company's military contract team, including AI and mixed reality general manager David Marra. "We expect soldier sentiment to continue to be negative as reliability improvements have been minimal from previous events."Read more of this story at Slashdot.
Intel on Tuesday revealed plans for a second new "megafab," a chipmaking site in Magdeburg, Germany, that's the centerpiece of an expected $88 billion in investments across several European countries. The capacity expansion comes on top of other gargantuan spending commitments in the United States, including a planned megafab in Ohio, intended to bring Intel back to the forefront of chip manufacturing. From a report: "The world has an insatiable demand for semiconductors," Intel Chief Executive Pat Gelsinger said in a video announcing the investments. Today, 80% of chipmaking takes place in Asia, but the company's spending in the US and Europe will mean a "more balanced and resilient" supply chain that isn't so dependent on Asia. Intel will start with new chip fabrication facilities, called fabs, at the Magdeburg site costing about $19 billion, with construction set to begin in 2023 and manufacturing in 2027, Gelsinger said. That'll let Intel build its own chips with leading edge technology, both for Intel itself and through a major expansion of its business called Intel Foundry Services, build chips for other customers as well.Read more of this story at Slashdot.
Germany warned against using anti-virus software from Moscow-based Kaspersky Lab due to risks it could be exploited by Russia for a cyber attack. From a report: The Federal Office for Information Security, or BSI, issued the warning on Tuesday, saying that companies and authorities with special security status and operators of critical infrastructure could be "particularly at risk." The danger has increased since Russia's invasion of Ukraine, the Bonn-based agency said in a press release, citing threats made by Moscow against NATO, the European Union and Germany. In 2017, the U.S. government banned all use of Kaspersky Lab software in federal information systems, citing concerns about the firm's links to the Russian government and espionage. The company denied any wrongdoing in that case and pushed back against Germany's move now.Read more of this story at Slashdot.
South Africa's Competition Commission says it had referred Facebook and WhatsApp owner Meta Platforms to a tribunal for allegedly abusing its dominant position in the market. From a report: But a spokesperson for WhatsApp said the regulator was objecting to actions meant to protect the platform's users from abuses of WhatsApp's terms. In a statement, the regulator accused Meta of "abusing its dominance by engaging in exclusionary conduct geared at preventing competitors or potential competitors from entering into, participating, and expanding in a market". The commission said Meta had decided to "offboard" GovChat (a start-up that connects government and citizens) and its subsidiary #LetsTalk from its WhatsApp Business Application Programming Interface. It also said the company had "imposed and/or selectively enforced exclusionary terms and conditions regulating access to the WhatsApp Business API, mainly restrictions on the use of data".Read more of this story at Slashdot.
An anonymous reader quotes a report from Time: Pfizer said it would no longer start new clinical trials in Russia and that it would donate all profits from its subsidiary in the country to Ukraine relief causes. At the same time, the drugmaker said in a statement that it will continue to supply medicines to Russia, out of fear that vulnerable patients such as children and elderly people who rely on its therapies could be harmed by any halt. The company "concluded that a voluntary pause in the flow of our medicines to Russia would be in direct violation of our foundational principle of putting patients first," according to the statement. Pfizer said it doesn't own or operate any manufacturing sites in Russia and plans to cease planned investments with local suppliers. Pfizer said it would work with the U.S. Food and Drug Administration and other regulators to move current clinical trials to alternative locations outside of Russia. Patients already enrolled in studies will continue to receive medications, the company said.Read more of this story at Slashdot.
According to Automotive News, Rivian is using jobs as bait to get direct sales going in Georgia. Jalopnik reports: Last fall, Rivian made a huge announcement. It wanted to invest in Georgia and bring thousands of jobs to the state. The company announced that it had plans to build a $5 billion plant that would eventually employ 7,000 workers and build 400,000 vehicles a year (a tall order for a company that sells vehicles that are more than the median U.S. household income). State lawmakers damn near drooled over the plan. Georgia governor Brian Kemp even proposed spending $125 million on land and training for the plant. But Rivian had a favor to ask: Pass Georgia house bill 460 to allow direct sales in the state. Not just for them, but for all manufacturers. Rivian has pretty much backed the state of Georiga into a corner. While the state has allowed an exemption for Tesla to perform direct sales since 2015, no other automaker has been allowed to perform direct sales. Of course, dealers see this as a direct threat to their existence. President of Atlanta-based Jim Ellis Automotive Group Jimmy Ellis pretty much argued that dealers give customers the best product selection and service [...]. He then pointed to Tesla's struggle with vehicle service to emphasize his point. Dealers are even arguing about a loss of jobs. But we all know what that is about: Franchise dealers know that direct sales are a better way to do business for the customer. They're just so stuck in their ways and greedy that they don't want to change.Read more of this story at Slashdot.
Apple has rolled out macOS 12.3 and iPadOS 15.4, bringing the highly-anticipated (and delayed) Universal Control feature. Engadget reports: The tool, which is in beta, allows you to control a Mac and iPad at the same time with a single keyboard and mouse (or trackpad). You can enter text on either device and drag files between them. Apple initially said Universal Control would be available last fall, but in December it delayed the release until this spring. Apple has enhanced spatial audio on M1-powered systems as well. Apple Music now has dynamic head tracking support for compatible AirPods. You'll find settings for fixed and head-tracking spatial audio in the Control Center. There's also several new emoji, more filters for the Podcasts app, optional notes for saved passwords and more accurate battery capacity readings, among other changes. iOS 15.4 was also released today, adding the option to use Face ID while wearing a mask. "The updates also add 37 new emoji characters and they lay the groundwork for the new 'Tap to Pay on iPhone' feature that allows NFC-compatible iPhones to accept payments through Apple Pay," reports MacRumors. "There are also updates to add custom domains to iCloud Mail right on device, Siri enhancements, new Emergency SOS features, and tons more."Read more of this story at Slashdot.
An anonymous reader quotes a report from Bloomberg: Sleeping in the dark may reduce your risk of heart disease and diabetes, a new study suggests. Exposure to overhead lighting during sleep at night, compared to sleeping in a dimly lit room, harms heart function during sleep and affects how well the body responds to insulin the next morning, researchers found. They suggest it is important for people to avoid or minimize the amount of light exposure during sleep, and that if people are able to see things well, it is probably too light. The study found that, when exposed to more light during sleep, the body went into a state of alert, with the heart rate rising and the body not being able to rest properly. According to the scientists, people should not turn lights on, but if they do need to have some light -- for example, in the interests of safety for older adults -- it should be a dim light that is closer to the floor. The color is also important, with amber or a red/orange light less stimulating for the brain. White or blue light should be kept far away, the experts suggest. Blackout curtains or eye masks are a good option if outdoor light cannot be controlled. The study of 20 people found that insulin resistance occurred the morning after people slept in a light room. This is when cells in muscles, fat and the liver do not respond well to insulin and cannot use glucose from the blood for energy. To make up for it, the pancreas makes more insulin and, over time, blood sugar goes up. Senior study author Dr Phyllis Zee, chief of sleep medicine at Northwestern University Feinberg School of Medicine in America, said: "The results from this study demonstrate that just a single night of exposure to moderate room lighting during sleep can impair glucose and cardiovascular regulation, which are risk factors for heart disease, diabetes and metabolic syndrome." Dr Daniela Grimaldi, a co-first author and research assistant professor of neurology at Northwestern, added: "We showed your heart rate increases when you sleep in a moderately lit room. "Even though you are asleep, your autonomic nervous system is activated. That's bad. Usually, your heart rate together with other cardiovascular parameters are lower at night and higher during the day." The study has been published in the Proceedings of the National Academy of Sciences.Read more of this story at Slashdot.
Newly discovered data-destroying malware was observed earlier today in attacks targeting Ukrainian organizations and deleting data across systems on compromised networks. BleepingComputer reports: "This new malware erases user data and partition information from attached drives," ESET Research Labs explained. "ESET telemetry shows that it was seen on a few dozen systems in a limited number of organizations." While designed to wipe data across Windows domains it's deployed on, CaddyWiper will use the DsRoleGetPrimaryDomainInformation() function to check if a device is a domain controller. If so, the data on the domain controller will not be deleted. This is likely a tactic used by the attackers to maintain access inside the compromised networks of organizations they hit while still heavily disturbing operations by wiping other critical devices. While analyzing the PE header of a malware sample discovered on the network of an undisclosed Ukrainian organization, it was also discovered that the malware was deployed in attacks the same day it was compiled. "CaddyWiper does not share any significant code similarity with HermeticWiper, IsaacWiper, or any other malware known to us. The sample we analyzed was not digitally signed," ESET added. "Similarly to HermeticWiper deployments, we observed CaddyWiper being deployed via GPO, indicating the attackers had prior control of the target's network beforehand."Read more of this story at Slashdot.
Last week, Twitter introduced a change to the timeline that "would default to showing the algorithmically served Home feed while the reverse-chronological Latest feed was accessible in a separate tab," reports The Verge. "The change [...] made it more difficult to view tweets in chronological order." Twitter is now reverting things to the way following significant backlash. From the report: Some users shared criticism of the change almost immediately after its March 10th announcement, as the Latest feed is preferred to the Home feed for many. The out-of-sequence Home feed can, at times, be confusing, especially for people who use Twitter for updates during a breaking news event like the war in Ukraine. However, two Twitter execs noted in replies to Verge contributing editor Casey Newton that they would be working on the problem, and it appears that the original change won't be going through as planned. "We take feedback seriously, and in this case, we heard the new pinned Home & Latest wasn't giving you the level of control over your timeline that you want," Twitter spokesperson Shaokyi Amdo said in a statement to The Verge. However, based on what the execs said, it seems Twitter may be investigating other possible changes to the timeline in the future. "Giving people choice and control over their Twitter experience is super important," Twitter's newly named VP of consumer product, Jay Sullivan, said in a reply to Newton on March 12th. "I'll be working on this. Stay tuned." Sullivan added that he was hoping the platform could achieve "a nice balance for all."Read more of this story at Slashdot.
TorGuard has settled a copyright infringement lawsuit filed by several movie companies last year. The VPN provider stood accused of failing to take action against subscribers who were pirating films. As part of the settlement, TorGuard agrees to block BitTorrent traffic on U.S. servers; however, it stresses that user privacy is in no way affected by this decision. TorrentFreak reports: "Pursuant to a confidential settlement agreement, Plaintiffs have requested, and Defendant has agreed to use commercially reasonable efforts to block BitTorrent traffic on its servers in the United States using firewall technology," a joint statement reads. This is quite a far-reaching measure as a broad BitTorrent blockade will also affect legal traffic, which includes software updates from Twitter and Facebook. That said, people can still use BitTorrent on servers in other regions. [...] The company confirms that it's blocking torrent traffic on U.S. servers, but that doesn't change anything for the privacy of users. "TorGuard has not been forced to log network usage data. Due to the nature of shared IP's and related hardware technicalities of how TorGuard's network was built it is impossible for us to do so," the VPN provider writes. "We have a responsibility to provide high quality uninterrupted VPN and proxy services to our client base at large while mitigating any related network abuse that should arise. This commitment to user privacy and service reliability is the reason we have taken measures to block Bittorrent traffic on servers within the United States."Read more of this story at Slashdot.
An anonymous reader quotes a report from Ars Technica: Cryptographic keys generated with older software now owned by technology company Rambus are weak enough to be broken instantly using commodity hardware, a researcher reported on Monday. This revelation is part of an investigation that also uncovered a handful of weak keys in the wild. The software comes from a basic version of the SafeZone Crypto Libraries, which were developed by a company called Inside Secure and acquired by Rambus as part of its 2019 acquisition of Verimatrix, a Rambus representative said. That version was deprecated prior to the acquisition and is distinct from a FIPS-certified version that the company now sells under the Rambus FIPS Security Toolkit brand. Researcher Hanno Bock said that the vulnerable SafeZone library doesn't sufficiently randomize the two prime numbers it used to generate RSA keys. (These keys can be used to secure Web traffic, shells, and other online connections.) Instead, after the SafeZone tool selects one prime number, it chooses a prime in close proximity as the second one needed to form the key. "The problem is that both primes are too similar," Bock said in an interview. "So the difference between the two primes is really small." The SafeZone vulnerability is tracked as CVE-2022-26320. Cryptographers have long known that RSA keys that are generated with primes that are too close together can be trivially broken with Fermat's factorization method. French mathematician Pierre de Fermat first described this method in 1643. Fermat's algorithm was based on the fact that any number can be expressed as the difference between two squares. When the factors are near the root of the number, they can be calculated easily and quickly. The method isn't feasible when factors are truly random and hence far apart. The security of RSA keys depends on the difficulty of factoring a key's large composite number (usually denoted as N) to derive its two factors (usually denoted as P and Q). When P and Q are known publicly, the key they make up is broken, meaning anyone can decrypt data protected by the key or use the key to authenticate messages. So far, Bock has identified only a handful of keys in the wild that are vulnerable to the factorization attack. Some of the keys belong to printers originally branded as Fuji Xerox and now belonging to Canon. Printer users can use the keys to generate a Certificate Signing Request. The creation date for the keys was 2020 or later. The weak Canon keys are tracked as CVE-2022-26351. Bock also found four vulnerable PGP keys, typically used to encrypt email, on SKS PGP key servers. A user ID tied to the keys implied they were created for testing, so he doesn't believe they're in active use. Bock said he believes all the keys he found were generated using software or methods not connected to the SafeZone library. If true, other software that generates keys might be easily broken using the Fermat algorithm. It's plausible also that the keys were generated manually, "possibly by people aware of this attack creating test data." The researcher found the keys by searching through billions of public keys that he either had access to, were shared with him by other researchers, or that were available through certificate transparency programs. UPDATE: The headline incorrectly stated that a "600-Year-Old Algorithm" was used. It's been changed to "379-Year-Old-Algorithm" to reflect the updated headline on Ars.Read more of this story at Slashdot.
An anonymous reader quotes a report from Ars Technica: Cryptographic keys generated with older software now owned by technology company Rambus are weak enough to be broken instantly using commodity hardware, a researcher reported on Monday. This revelation is part of an investigation that also uncovered a handful of weak keys in the wild. The software comes from a basic version of the SafeZone Crypto Libraries, which were developed by a company called Inside Secure and acquired by Rambus as part of its 2019 acquisition of Verimatrix, a Rambus representative said. That version was deprecated prior to the acquisition and is distinct from a FIPS-certified version that the company now sells under the Rambus FIPS Security Toolkit brand. Researcher Hanno Bock said that the vulnerable SafeZone library doesn't sufficiently randomize the two prime numbers it used to generate RSA keys. (These keys can be used to secure Web traffic, shells, and other online connections.) Instead, after the SafeZone tool selects one prime number, it chooses a prime in close proximity as the second one needed to form the key. "The problem is that both primes are too similar," Bock said in an interview. "So the difference between the two primes is really small." The SafeZone vulnerability is tracked as CVE-2022-26320. Cryptographers have long known that RSA keys that are generated with primes that are too close together can be trivially broken with Fermat's factorization method. French mathematician Pierre de Fermat first described this method in 1643. Fermat's algorithm was based on the fact that any number can be expressed as the difference between two squares. When the factors are near the root of the number, they can be calculated easily and quickly. The method isn't feasible when factors are truly random and hence far apart. The security of RSA keys depends on the difficulty of factoring a key's large composite number (usually denoted as N) to derive its two factors (usually denoted as P and Q). When P and Q are known publicly, the key they make up is broken, meaning anyone can decrypt data protected by the key or use the key to authenticate messages. So far, Bock has identified only a handful of keys in the wild that are vulnerable to the factorization attack. Some of the keys belong to printers originally branded as Fuji Xerox and now belonging to Canon. Printer users can use the keys to generate a Certificate Signing Request. The creation date for the keys was 2020 or later. The weak Canon keys are tracked as CVE-2022-26351. Bock also found four vulnerable PGP keys, typically used to encrypt email, on SKS PGP key servers. A user ID tied to the keys implied they were created for testing, so he doesn't believe they're in active use. Bock said he believes all the keys he found were generated using software or methods not connected to the SafeZone library. If true, other software that generates keys might be easily broken using the Fermat algorithm. It's plausible also that the keys were generated manually, "possibly by people aware of this attack creating test data." The researcher found the keys by searching through billions of public keys that he either had access to, were shared with him by other researchers, or that were available through certificate transparency programs. UPDATE: The headline incorrectly stated that a "600-Year-Old Algorithm" was used. It's been changed to "379-Year-Old-Algorithm" to reflect the updated headline on Ars.Read more of this story at Slashdot.
An anonymous reader quotes a report from Ars Technica: Cryptographic keys generated with older software now owned by technology company Rambus are weak enough to be broken instantly using commodity hardware, a researcher reported on Monday. This revelation is part of an investigation that also uncovered a handful of weak keys in the wild. The software comes from a basic version of the SafeZone Crypto Libraries, which were developed by a company called Inside Secure and acquired by Rambus as part of its 2019 acquisition of Verimatrix, a Rambus representative said. That version was deprecated prior to the acquisition and is distinct from a FIPS-certified version that the company now sells under the Rambus FIPS Security Toolkit brand. Researcher Hanno Bock said that the vulnerable SafeZone library doesn't sufficiently randomize the two prime numbers it used to generate RSA keys. (These keys can be used to secure Web traffic, shells, and other online connections.) Instead, after the SafeZone tool selects one prime number, it chooses a prime in close proximity as the second one needed to form the key. "The problem is that both primes are too similar," Bock said in an interview. "So the difference between the two primes is really small." The SafeZone vulnerability is tracked as CVE-2022-26320. Cryptographers have long known that RSA keys that are generated with primes that are too close together can be trivially broken with Fermat's factorization method. French mathematician Pierre de Fermat first described this method in 1643. Fermat's algorithm was based on the fact that any number can be expressed as the difference between two squares. When the factors are near the root of the number, they can be calculated easily and quickly. The method isn't feasible when factors are truly random and hence far apart. The security of RSA keys depends on the difficulty of factoring a key's large composite number (usually denoted as N) to derive its two factors (usually denoted as P and Q). When P and Q are known publicly, the key they make up is broken, meaning anyone can decrypt data protected by the key or use the key to authenticate messages. So far, Böck has identified only a handful of keys in the wild that are vulnerable to the factorization attack. Some of the keys belong to printers originally branded as Fuji Xerox and now belonging to Canon. Printer users can use the keys to generate a Certificate Signing Request. The creation date for the keys was 2020 or later. The weak Canon keys are tracked as CVE-2022-26351. Bock also found four vulnerable PGP keys, typically used to encrypt email, on SKS PGP key servers. A user ID tied to the keys implied they were created for testing, so he doesn't believe they're in active use. Bock said he believes all the keys he found were generated using software or methods not connected to the SafeZone library. If true, other software that generates keys might be easily broken using the Fermat algorithm. It's plausible also that the keys were generated manually, "possibly by people aware of this attack creating test data." The researcher found the keys by searching through billions of public keys that he either had access to, were shared with him by other researchers, or that were available through certificate transparency programs.Read more of this story at Slashdot.
Does Apple have a "Pro" problem? "[Y]ears of Apple and competitors slapping the name onto wireless earbuds and slightly fancier phones have made it hard to tell what 'Pro' even means," argues The Verge's Mitchell Clark. It could be the reason behind Apple's recently-launched Mac "Studio." From the report: From the jump, Apple made it clear who the Mac Studio and Studio Display were for. It showed them being used by musicians, 3D artists, and developers in its presentation, and the message was clear: these are products for creative professionals or people who aspire to be creative professionals. You know, the same exact crowd it's targeted with MacBook Pro commercials for years. "My first thought was, 'Oh, I wonder when the iPhone Studio comes out,'" says Jonathan Balck, co-founder and managing director of ad agency Colossus, in an interview with The Verge. "Pro was exclusive, and it was about one way of doing things, but the whole culture is moving toward creativity," he adds while musing whether we could see Apple's Pro branding shift to become Studio branding instead. [T]o me, the Mac Studio line is a clear successor to Apple's iMac Pro. Both computers are powered by monstrous CPUs and come standard with 10Gb Ethernet and a healthy crop of Thunderbolt and USB ports. I'm convinced that, had Apple released the new Studio even two years ago, it would've put "Pro" in the name. (Though, to play devil's advocate, I'm not as sure it would've done so for the Studio Display.) Some marketing experts tell me that the word "Pro" is starting to get long in the tooth, and not just from overuse. "The previous term Pro is, in my opinion, outdated and dry," says Keith Dorsey, founder and CEO of the creative marketing group and management company YoungGuns Entertainment. Balck agrees; "If you look at the word Pro, that is in many ways restrictive," he says in an interview, explaining that when you say a product is "professional," it evokes ideas like job interviews, portfolios, and standoffishness. Pro products, he says, come across as just for those who use creativity to get a paycheck. The reason Apple may need to, though, is because it led the industry in thoroughly overusing the word "Pro" to the point where it's lost all meaning. It's hard to pinpoint where exactly this started (though, in my mind, it was with the two-port MacBook Pro model), but now the word gets slapped on everything. Want to sell wireless earbuds for even more money? Those are Pro earbuds now. Want to have a regular and fancy version of your phone? No problem, call the nice one the Pro. [...] But Apple's new word, "studio," seems to come ready-made to excite the company's target audience.Read more of this story at Slashdot.
An anonymous reader quotes a report from the Wall Street Journal: Foxconn, the biggest assembler of Apple iPhones, is in talks with Saudi Arabia about jointly building a $9 billion multipurpose facility (Warning: source paywalled; alternative source) that could make microchips, electric-vehicle components and other electronics like displays, according to people familiar with the matter. The Saudi government is reviewing an offer from the company, formally known as Hon Hai Precision Industry Co., to build a dual-line foundry for surface-mount technology and wafer fabrication in Neom, a tech-focused city-state the kingdom is developing in the desert, the people said. Discussions over the project started last year, they said. The Saudis are conducting due diligence and benchmarking the offer against others that Foxconn has made for similar projects globally, one of the people said. Besides Saudi Arabia, Foxconn is also talking with the United Arab Emirates about potentially siting the project there, one of the people said. The Taiwan-based company has looked to diversify its manufacturing sites amid rising tensions between China and the U.S. that put it in a potentially vulnerable spot. Riyadh wants the company to guarantee that it would direct at least two-thirds of the foundry's production into Foxconn's existing supply chain, one of the people said, to ensure there are buyers for its products and the project is ultimately profitable. Foxconn is seeking large incentives including financing, tax holidays and subsidies for power and water in exchange for helping set up a high-tech manufacturing sector in the kingdom, the people said, as Saudi Arabia seeks to diversify its economy away from oil. The Saudis could offer direct equity co-investment, industrial development loans, low-interest debt from local banks and export credits to compete with other jurisdictions that Foxconn might consider, said another person familiar with the talks.Read more of this story at Slashdot.
A number of Israeli government websites went down on Monday in what may be the largest-ever cyberattack carried out against the country. Haaretz reports: The Israeli cyber authority confirmed the attack was a DDos (Digital-denial of service) attack that had blocked access to government websites, and that all websites were back online. The websites of the interior, health, justice and welfare ministries had been taken offline, as was that of the Prime Minister's Office. A defense establishment source claims that this was the largest-ever cyberattack carried out against Israel. They believe that a state actor or large organization is carried out the attack, but cannot yet determine who is behind it. The defense establishment and the National Cyber Directorate have declared a state of emergency in order to study the extent of the damage, while checking strategic Israeli websites and government infrastructure, such as Israel's electric and water companies, to see whether they were also attacked.Read more of this story at Slashdot.
Crypto firms in the United Arab Emirates (UAE) are being deluged with requests to liquidate billions of dollars of virtual currency as Russians seek a safe haven for their fortunes, Reuters is reporting, citing company executives and financial sources. From the report: Some clients are using cryptocurrency to invest in real estate in the UAE, while others want to use firms there to turn their virtual money into hard currency and stash it elsewhere, the sources said One crypto firm has received lots of queries in the past 10 days from Swiss brokers asking to liquidate billions of dollars of bitcoin because their clients are afraid Switzerland will freeze their assets, one executive said, adding that none of the requests had been for less than $2 billion.Read more of this story at Slashdot.
Microsoft has begun testing promotions for some of its other products in the File Explorer app on devices running its latest Windows 11 Insider build. From a report: The new Windows 11 "feature" was discovered by a Windows user and Insider MVP who shared a screenshot of an advertisement notification displayed above the listing of folders and files to the File Explorer, the Windows default file manager. As shown in the screenshot, Microsoft will use such ads to promote other Microsoft products, for instance, about how to "write with confidence across documents, email, and the web with advanced writing suggestions from Microsoft Editor. As you can imagine, the reaction to this was adverse, to say the least, with some saying that "File Explorer one of the worst places to show ads," while others added that this is the way to go if Microsoft wants "people ditching Explorer for something else."Read more of this story at Slashdot.
WikiLeaks founder Julian Assange's attempt to appeal extradition was denied by the UK's Supreme Court on Monday. Assange was initially granted the right to petition the court in late January. From a report: The UK's highest court denied Assange's bid because "the application does not raise an arguable point of law," according to a statement released by the court. Assange faces espionage charges relating to WikiLeaks' release of confidential US military records about the wars in Iraq and Afghanistan. Assange could potentially face a 175-year jail sentence, though US officials said, if he's convicted, his sentence would likely be between four and six years.Read more of this story at Slashdot.
Amid the ongoing disruption from Russia, some ethical hackers in Ukraine are feeling lost as bug bounty platform HackerOne has allegedly withheld their payouts. From a report: The loss due to the sudden halt is said to have mounted to hundreds and thousands of dollars. A few of the affected ethical hackers -- also known as cybersecurity researchers -- have taken the issue to social media. Some of them have also written to the platform to get clarity on why exactly it has disabled their payments in the middle of the humanitarian catastrophe in the country. Ethical hackers normally earn payouts ranging from tens and hundreds to over millions of dollars in the form of rewards through bug bounty platforms for reporting flaws in various Internet-based solutions. However, HackerOne is said to have suddenly stopped payouts for some Ukrainian hackers. Earlier this month, HackerOne CEO Marten Mickos had announced, "[A]s we work to comply with the new sanctions, we'll withdraw all programmes for customers based in Russia, Belarus, and the occupied areas of Ukraine." On Monday, he clarified that the restrictions were for sanctioned regions - Russia and Belarus, not mentioning any clear details about the status of Ukraine. "That's a really weird situation," said independent security researcher Bob Diachenko, who has been associated with the San Francisco, California-based platform for the last two-three years now. The security researcher tweeted on Sunday that HackerOne stopped paying bounties worth around $3,000 for the flaws he reported. Alongside stopping payouts, HackerOne has removed its 'Clear' status from all Ukraine accounts. The status essentially allows ethical hackers to participate in private programmes run by various companies to earn a minimum of $2,000 for a high-severity vulnerability or $5,000 for a critical one. It requires background-check for researchers to participate in the listed programmes.Read more of this story at Slashdot.
Russia followed through on its threat to block Meta-owned Instagram on Monday, cutting off access to tens of millions of users in the country. From a report: Instagram is popular in Russia. It's Meta's second most popular app there, according to data from Sensor Tower, behind ubiquitous messaging service WhatsApp. The app has been installed 166 million times across the Russian App Store and Google Play since 2014, making it three times as popular as Facebook. After Russian censor Roskomnadzor announced that the government would restrict access to the app following a 48-hour "transition period," Head of Instagram Adam Mosseri condemned Russia's actions, which will affect 80 million people in the country.Read more of this story at Slashdot.
sciencehabit writes: A debate over claims of room temperature superconductivity has now boiled over into the realm of scientific publishing. Administrators of arXiv, the widely used physics preprint server, recently removed or refused to post several papers from the opposing sides, saying their manuscripts include inflammatory content and unprofessional language. ArXiv has also banned one of the authors, Jorge Hirsch, a theoretical physicist at the University of California, San Diego (UCSD), from posting papers for 6 months. The ban is "very unfair," Hirsch says. "I can't work if I can't publish papers." To some other scientists, arXiv's ban and removal of papers amount to stifling scientific debate. "The scientists that care about the issue and have the expertise to evaluate the arguments on both sides should be allowed to do so by accessing the preprints in question," Nigel Goldenfeld, a physicist at UCSD, wrote in an email to a wide range of physicists last week. "The alternative is that for cases such as this, we'll return to the pre-arXiv days when the science of the day is discussed in privately circulated preprints that are not accessible to the wider community." Daniel Arovas, another UCSD physicist, agreed: "Squelching what is essentially a purely scientific exchange -- even one where the respective parties engage in some distasteful accusations -- is highly problematic." But arXiv administrators argue the decision wasn't about science. "There are no papers in this whole chain that were rejected because we did not like the scientific content," says Ralph Wijers, a physicist at the University of Amsterdam who is the preprint server's board chair. "People's emotions became too affected. They got acrimonious."Read more of this story at Slashdot.
Facebook parent Meta Platforms clarified on Sunday that it is against the company's user rules to share a post that "calls for the death of a head of state" -- likely a reference to Russian President Vladimir Putin. From a report: Last week, Facebook temporarily relaxed its policies so that Ukrainian users could post threats of violence against the Russian military, which invaded its neighbor in late February. The change led to some public confusion as to what was allowed, and what was not, on Facebook and Instagram. Meta's President of Global Affairs Nick Clegg posted a statement Friday saying the move is aimed at protecting Ukrainian rights and doesn't signal tolerance for "discrimination, harassment or violence towards Russians." On Sunday, he tried to further explain the company's stance to employees in an internal post. "We are now narrowing the focus to make it explicitly clear in the guidance that it is never to be interpreted as condoning violence against Russians in general," Clegg wrote in the internal post, which was reviewed by Bloomberg.Read more of this story at Slashdot.
High tea took on a whole new meaning for Andrew Hughes and his climbing crew. From a report: The group of adventurers held a tea party at 21,312 feet above sea level at Mount Everest's Camp 2 in Nepal last year, setting a new 'Guinness World Record -- which was officially recognized by Guinness this month -- for the highest tea party ever held. Hughes, a self-described high-endurance athlete from Seattle, Washington, said he first had the idea for the tea party early in the pandemic when Covid-19 travel restrictions and shutdowns meant expeditions were not possible. He said the isolation made him realize he missed the community more than the summits. "The greatest things in life are often those shared," Hughes said, adding he hopes the feat -- held on May 5, 2021 -- will "inspire others to seek their own dreams, no matter the heights." According to a news release, Hughes' "highest of high tea parties ... exceeded the previous mark by thousands of feet in altitude and was full of complexities, including carrying supplies through the treacherous Khumbu Icefalls."Read more of this story at Slashdot.
Mark Zuckerberg's Meta Platforms is among the most vocal proponents of the future of the metaverse, but one gaming industry veteran is particularly skeptical about its vision. From a report: Like the cloud five years ago and even the internet of 20 years past, every business is now trying to latch onto the metaverse, said former Nintendo of America President and COO Reggie Fils-Aime. Instead of Facebook's parent, the digital future will be driven by smaller companies that are really innovating, while companies like Epic Games are doing "really compelling" things, he said. "Facebook itself is not an innovative company," Fils-Aime told Emily Chang at the South by Southwest event in Austin, Texas, on Saturday. "They have either acquired interesting things like Oculus and Instagram, or they've been a fast follower of people's ideas. I don't think their current definition will be successful."Read more of this story at Slashdot.
Hong Kong is struggling to get a handle on its worst coronavirus outbreak since the start of the pandemic, warning that it doesn't have the testing capacity to carry out the strict strategy handed down by Beijing. From a report: In Shenzhen and Shanghai, in mainland China, officials imposed restrictions on millions of people within days of local outbreaks in order to test every single resident. But Hong Kong's chief executive, Carrie Lam, noted on Monday that her city doesn't have the same ability. "Hong Kong is very different from many mainland cities and therefore we cannot have any comparison," Mrs. Lam told reporters at a news conference. The difference amounts to resources and systems of governance, Mrs. Lam said. Shenzhen and Shanghai can test millions of people a day; Hong Kong's health officials can only test between 200,000 and 300,000 people a day. Hong Kong, one of the last places in the world that is still trying to get rid of the virus instead of living with it, has reported more than 700,000 cases and 4,066 deaths since late January. It is a strategy that has been dictated by Beijing but one that appears increasingly out of reach for Hong Kong, which continues to hold freedoms that don't exist in the mainland. In the Chinese cities of Wuhan and Xian, officials halted daily life and confined residents to their homes for weeks until there were no more local cases. In Tianjin, they began testing every single resident after just 20 cases of coronavirus were reported. Further separating Hong Kong from the mainland's approach, Mrs. Lam said she would not consider tightening social-distancing measures because she had to take into how residents felt about them.Read more of this story at Slashdot.
Chinese technology giant Tencent is facing a potential record fine for violations of some central bank regulations by its WeChat Pay mobile network, as Beijing toughens its regulations for fintech platforms, WSJ reported Monday, citing people familiar with the matter. From a report: Financial regulators recently discovered that WeChat Pay had flouted China's anti-money-laundering rules and had lapses in compliance with "know your customer" and "know your business" regulations, among other things, some of the people said. Tencent's ubiquitous mobile payments network was also found to have allowed the transfer and laundering of funds with illicit transactions such as gambling, the people added. For WeChat Pay, "know your customer" and "know your business" procedures mean it must verify the identities of users and merchants transacting on its platform and the source of funds for those transactions. The People's Bank of China, the country's central bank, uncovered the breaches during a routine inspection of WeChat Pay that concluded in late 2021, the people familiar with the matter said. The size of the fine is still under deliberation and it could be at least hundreds of millions of yuan, some of the people said. That would be much larger than the fines regulators typically imposed on nonbank payment companies for anti-money-laundering rule violations in the past.Read more of this story at Slashdot.
Mumbai announced detailed plans to zero out carbon emissions by 2050, a target that puts it two decades ahead of India's national goal and makes it the first city in South Asia to set such a timeline. From a report: In the plan announced Sunday, India's financial center, home to south Asia's biggest corporations, stock bourses and the central bank, has proposed exhaustive changes to the way it manages energy, water, air, waste, green spaces and transport for its 19 million residents. "We don't have the luxury of time," said Aaditya Thackeray, environment minister of the state of Maharashtra of which Mumbai is the capital. Without intervention, the effects of climate change could cost India $35 trillion over the next 50 years. India's richest city, Mumbai is also home to tremendous poverty, with slums and fishing villages along the southern coast that date to British rule. By 2050, rising sea levels are expected to flood those parts of the city. In total, unabated climate change could cost the city $920 million.Read more of this story at Slashdot.
Pi day is here — 3/14. And to celebrate, NASA released their ninth annual NASA Pi Day Challenge — "some math problems related to current and future NASA missions." MIT Bloggers released a videogame-themed video to welcome the class of 2026. If you Google "pi day" (or Pi), you're given an interactive doodle that (when you click the pi symbol in the upper-left) presents a Simon-like game challenging you to type in approximations of pi to an ever-increasingnumber of digits. Guinness World Records points out that the most accurate value of pi is 62,831,853,071,796 digits, "achieved by University of Applied Sciences (Switzerland) in Chur, Switzerland, on 19 August 2021." (Note: the number of digits looks suspiciously significant....) And USA Today published an article which shares the history of how Pi Day got started.Former physicist Larry Shaw, who connected March 14 with 3.14, celebrated the first Pi Day at the Exploratorium with fruit pies and tea in 1988. The museum said Shaw led Pi Day parades there every year until his passing in 2017. In 2009, the U.S. House of Representatives passed a resolution marking March 14 as National Pi Day. The date is significant in the world of science. Albert Einstein was born on this day in 1879. The Exploratorium said it added a celebration of Einstein's life as part of its Pi Day activities after Shaw's daughter, Sara, realized the coincidence. March 14 also marks the death of renowned theoretical physicist Stephen Hawking, who passed away in 2018. And "For those who don't enjoy math, you get pie," the article quips, noting that numerous pizza chains and restaurants are offering appropriately-adjusted one-day sale prices on pizza (and fruit) pies. Instacart has even released a list showing which pie flavors enjoy the highest popularity over the national average in each of America's 50 states. ("New York — Boston Cream Pie. Washington — Marionberry Pie....")Read more of this story at Slashdot.
The Verge reports:Ford will soon start selling and shipping some Ford Explorers without the chips that power rear air conditioning and heating controls, according to a report from Automotive News. The automaker will instead ship the missing semiconductors to dealers within one year, which they will then install in customers' vehicles after purchase. Ford spokesperson Said Deep told The Verge that heating and air condition will still be controllable from the front seats, and that customers who choose to purchase a vehicle without the rear controls will receive a price reduction. According to Deep, Ford is doing this as a way to bring new Explorers to customers faster, and that the change is only temporary. The automaker originally had plans to ship partially-built, undrivable vehicles to dealers last year, but now, the unchipped vehicles will be both driveable and sellable. As pointed out by Automotive News, Ford's decision comes as an attempt to move the partially-built vehicles crowding its factory lots. Last month, hundreds of new Ford Broncos were spotted sitting idly in the snow-covered lots near Ford's Michigan Assembly Plant, all of which await chip-related installations.... Other automakers have also had to make sacrifices due to the chip shortage, with GM dropping wireless charging, HD radios, and a fuel management module that made some pickup trucks operate more efficiently.Read more of this story at Slashdot.
Power blackouts and rising electricity costs have inspired "a small but growing number of Californians" to leave the power grid altogether for their own home-generated energy, reports the New York Times. And thanks to "a stunning drop" in the cost of solar panels and batteries, "Some homeowners who have built new, off-grid homes say they have even saved money because their systems were cheaper than securing a new utility connection...."Nobody is quite sure how many off-grid homes there are but local officials and real estate agents said there were dozens here in Nevada County, a picturesque part of the Sierra Nevada range between Sacramento and Lake Tahoe. Some energy experts say that millions of people could eventually go off the grid as costs drop.... People going off the grid argue that utilities are not moving fast enough to address climate change and are causing other problems. In Northern California, Pacific Gas & Electric's safety record has alienated many residents. The company's equipment caused the 2018 Camp Fire, which killed dozens and destroyed the town of Paradise, about 70 miles north of Nevada City. The utility's effort to prevent fires by cutting off power to homes and businesses has also angered people. One of those residents is Alan Savage, a real estate agent in Grass Valley, who bought an off-grid home six years ago and has sold hundreds of such properties. He said he never loses power, unlike PG&E customers. "I don't think I'll ever go back to being on the grid," Mr. Savage said. For people like him, it is not enough to take the approach favored by most homeowners with solar panels and batteries. Those homeowners use their systems to supplement the electricity they get from the grid, provide emergency backup power and sell excess energy to the grid. The appeal of off-grid homes has grown in part because utilities have become less reliable. As natural disasters linked to climate change have increased, there have been more extended blackouts in California, Texas, Louisiana and other states.... Installing off-grid solar and battery systems is expensive, but once the systems are up and running, they typically require modest maintenance and homeowners no longer have an electric bill. RMI, a research organization formerly known as the Rocky Mountain Institute, has projected that by 2031 most California homeowners will save money by going off the grid as solar and battery costs fall and utility rates increase. That phenomenon will increasingly play out in less sunny regions like the Northeast over the following decades, the group forecasts.... Some energy experts worry that people who are going off the grid could unwittingly hurt efforts to reduce greenhouse gas emissions. That is because the excess electricity that rooftop solar panels produce will no longer reach the grid, where it can replace power from coal or natural gas plants. "We don't need everybody to cut the cord and go it alone," said Mark Dyson, senior principal with the carbon-free electricity unit of RMI.... Scott Aaronson, a senior vice president for security and preparedness at the Edison Electric Institute, a utility industry trade group, said that while off-grid living might appeal to some, it was "like having a computer not connected to the internet.... You're getting some value but you're not part of a greater whole," he said. "When something goes wrong, that's wholly on you...." Off-grid systems are particularly attractive to people building new homes. That's because installing a 125- to 300-foot overhead power line to a new home costs about $20,000, according to the California Public Utilities Commission. In places where lines have to be buried, installation runs about $78,000 for 100 feet. The article ends by pointing out that off-the-grid residents will soon also have a handy alternative to the giant electric batteries that store the excess energy from their solar panels: electric cars like the Ford F-150 Lightning and the Hyundai Ioniq 5.Read more of this story at Slashdot.
This week Silicon Valley's Computer History Museum posted a PDF transcript (and video excerpts) from an interview with 81-year-old Margaret Hamilton, the programmer/systems designer who in the 1960s became director of the Software Engineering Division at the MIT Instrumentation Laboratory which developed the on-board flight software for NASA's Apollo program. Prior to that Hamilton had worked on software to detect an airplane's radar signature, but thought, "You know, 'I guess I should delay graduate school again because I'd like to work on this program that puts all these men on the Moon....'" "There was always one thing that stood out in my mind, being in the onboard flight software, was that it was 'man rated,' meaning if it didn't work a person's life was at stake if not over. That was always uppermost in my mind and probably many others as well." Interestingly, Hamilton had originally received two job offers from the Apollo Space Program, and had told them to flip a coin to settle it. ("The other job had to do with support systems. It was software, but it wasn't the onboard flight software.") But what's fascinating is the interview's glimpses at some of the earliest days of the programming profession:There was all these engineers, okay? Hardware engineers, aeronautical engineers and all this, a lot of them out of MIT... But the whole idea of software and programming...? Dick Batten, Dr. Batten, when they told him that they were going to be responsible for the software...he went home to his wife and said he was going to be in charge of software and he thought it was some soft clothing... Hamilton also remembers in college taking a summer job as a student actuary at Travelers Insurance in the mid-1950s, and "all of a sudden one day word was going around Travelers that there were these new things out there called computers that were going to take away all of their jobs... Pretty soon they wouldn't have jobs. And so everybody was talking about it. They were scared they wouldn't have a way to make a living. "But, of course, it ended up being more jobs were created with the computers than there were...." Hamilton's story about Apollo 8 is amazing...Read more of this story at Slashdot.
"We're here to mourn the passing of YouTube Vanced," writes the site Android Police:If you weren't too fond of the official YouTube app, there were many alternatives at your disposal. One of them was YouTube Vanced — a modded version of the original app that added features like ad blocking, background playback, and many more without charging users like YouTube's Premium tier. We even put it on our list of the best indie apps you can get. It further gained popularity by bringing back dislike counts in videos just as Google removed them from their service... The folks behind the project announced Sunday in the app's official Telegram channel and on the Vanced Twitter account that it will be discontinued. No clear reason was given as to why it was killed off, so we can only speculate — but it's likely due to Google's legal department taking notice of Vanced... Vanced was never the only alternative YouTube app. Others include open-source NewPipe, which is more lightweight than the official app. But YouTube Vanced had a huge user base, and we'll miss it. It won't be updated anymore, but you can still get the last version. Do it quickly, though — the download links will soon be gone.Read more of this story at Slashdot.
Slashdot reader quonset shares this report from Reuters:Instagram users in Russia have been notified that the service will cease as of midnight on Sunday after its owner Meta Platforms said last week it would allow social media users in Ukraine to post messages such as "Death to the Russian invaders". An email message from the state communications regulator told users to move their photos and videos from Instagram before it was shut down, and encouraged them to switch to Russia's own "competitive internet platforms". Meta, which also owns Facebook, said Friday that the temporary change in its hate speech policy applied only to Ukraine, in the wake of Russia's Feb. 24 invasion. The company said it would be wrong to prevent Ukrainians from "expressing their resistance and fury at the invading military forces".... The message to Instagram users from the state media regulator, Roskomnadzor, described the decision to allow calls for violence against Russians as a breach of international law. "We need to ensure the psychological health of citizens, especially children and adolescents, to protect them from harassment and insults online," it said, explaining the decision to close down the platform. "The tears were flowing Sunday among Russia's airbrushed Instagram influencers, who begged their followers in farewell posts to join them on alternative social media platforms..." reports the Washington Post:On the platform, emotions ran high Sunday among Russians who were about to lose thousands of dollars they received to promote various products, as well as access to millions of followers amassed over the years. "I'm writing this post now and crying," Olga Buzova, a Russian reality television star, wrote, saying she hoped "it's all not true and we will remain here...." The ban on Instagram is the latest example of how Russia's citizens are being isolated from the rest of the world as a result of Moscow's war against Ukraine. Since Russian President Vladimir Putin launched the invasion on Feb. 24, his government has also pulled the plug on Russia's opposition-oriented radio and television networks, part of a broader effort to squelch domestic dissent in response to the war. Thousands of Russians have been arrested for attempting to protest the invasion.... But perhaps no move is more isolating than removing Russians from social media platforms that connect them directly to other users around the world. Instagram counted nearly 60 million users in Russia in 2021, according to the market data firm Statista, about 40 percent of the country's population. The platform is also a huge revenue source for its users, who rake in cash from sponsors by posting promotional content. "We know that over 80 percent of people in Russia on Instagram follow an account from outside of Russia," Instagram head Adam Mosseri said in a video, according to the Post's article. It adds that "It is unclear how many Russians will continue to be able to access Instagram using Virtual Private Networks, or VPNs."Read more of this story at Slashdot.
Reuters reports:Ukraine's defense ministry on Saturday began using Clearview AI's facial recognition technology, the company's chief executive told Reuters, after the U.S. startup offered to uncover Russian assailants, combat misinformation and identify the dead. Ukraine is receiving free access to Clearview AI's powerful search engine for faces, letting authorities potentially vet people of interest at checkpoints, among other uses, added Lee Wolosky, an adviser to Clearview and former diplomat under U.S. presidents Barack Obama and Joe Biden. The plans started forming after Russia invaded Ukraine and Clearview Chief Executive Hoan Ton-That sent a letter to Kyiv offering assistance, according to a copy seen by Reuters. Clearview said it had not offered the technology to Russia, which calls its actions in Ukraine a "special operation...." The Clearview founder said his startup had more than 2 billion images from the Russian social media service VKontakte at its disposal, out of a database of over 10 billion photos total. That database can help Ukraine identify the dead more easily than trying to match fingerprints and works even if there is facial damage, Ton-That wrote.... Ton-That's letter also said Clearview's technology could be used to reunite refugees separated from their families, identify Russian operatives and help the government debunk false social media posts related to the war. The exact purpose for which Ukraine's defense ministry is using the technology is unclear, Ton-That said. Other parts of Ukraine's government are expected to deploy Clearview in the coming days, he and Wolosky said.Read more of this story at Slashdot.
"News of a fresh Spectre BHB vulnerability that only impacts Intel and Arm processors emerged this week," reports Tom's Hardware, "but Intel's research around these new attack vectors unearthed another issue. "One of the patches that AMD has used to fix the Spectre vulnerabilities has been broken since 2018."Intel's security team, STORM, found the issue with AMD's mitigation. In response, AMD has issued a security bulletin and updated its guidance to recommend using an alternative method to mitigate the Spectre vulnerabilities, thus repairing the issue anew.... Intel's research into AMD's Spectre fix begins in a roundabout way — Intel's processors were recently found to still be susceptible to Spectre v2-based attacks via a new Branch History Injection variant, this despite the company's use of the Enhanced Indirect Branch Restricted Speculation (eIBRS) and/or Retpoline mitigations that were thought to prevent further attacks. In need of a newer Spectre mitigation approach to patch the far-flung issue, Intel turned to studying alternative mitigation techniques. There are several other options, but all entail varying levels of performance tradeoffs. Intel says its ecosystem partners asked the company to consider using AMD's LFENCE/JMP technique. The "LFENCE/JMP" mitigation is a Retpoline alternative commonly referred to as "AMD's Retpoline." As a result of Intel's investigation, the company discovered that the mitigation AMD has used since 2018 to patch the Spectre vulnerabilities isn't sufficient — the chips are still vulnerable. The issue impacts nearly every modern AMD processor spanning almost the entire Ryzen family for desktop PCs and laptops (second-gen to current-gen) and the EPYC family of datacenter chips.... In response to the STORM team's discovery and paper, AMD issued a security bulletin (AMD-SB-1026) that states it isn't aware of any currently active exploits using the method described in the paper. AMD also instructs its customers to switch to using "one of the other published mitigations (V2-1 aka 'generic retpoline' or V2-4 aka 'IBRS')." The company also published updated Spectre mitigation guidance reflecting those changes [PDF].... AMD's security bulletin thanks Intel's STORM team by name and noted it engaged in the coordinated vulnerability disclosure, thus allowing AMD enough time to address the issue before making it known to the public. Thanks to Slashdot reader Hmmmmmm for submitting the story...Read more of this story at Slashdot.
Right now an asteroid is zooming past earth "at a relatively close distance" reports Newsweek, "and the event can be viewed live."The asteroid, called 2022 ES3, will be traveling at 41,000 miles per hour when it comes between the moon and the Earth at around 2:18 p.m. ET on Sunday, March 13, according to NASA's Center for Near Earth Object Studies (CNEOS). The space rock isn't expected to hit Earth. Instead, it will pass by at a distance of about 206,000 miles, which is about 87 percent of the distance between us and the moon. The event provides a great viewing opportunity. An Italian astronomy organization called the Virtual Telescope Project, which often tracks asteroids and other space objects through the sky, is due to host a livestream of what it calls 2022 ES3's "very close, but safe, encounter with us" on its WebTV page starting at 18:30 UTC on March 13th. Astronomers don't consider 2022 ES3 to be potentially hazardous, probably due to its size. The asteroid is predicted to be somewhere between 33 and 72 feet in diameter — about as wide as the length of a bowling lane.... [S]cientists track more than 28,000 near-Earth asteroids as they travel through the solar system. Around 900 of these are more than one kilometer, or 3,280 feet, in size.Read more of this story at Slashdot.
Princeton University has a research center studying "digital technologies in public life," which runs a web site with commentary and analysis "from the digital frontier, written by the Center's faculty, students, and friends." Long-time Slashdot reader theodp summarizes the site's recent warning on the dangers of "philanthrocapitalism," in a piece noting ominously that "The tech industry controls CS conference funding." "Research about the influence of computing technologies, such as artificial intelligence (AI), on society relies heavily upon the financial support of the very companies that produce those technologies," writes Princeton Research Fellow Klaudia Jazwinska of the dangers of 'philanthrocapitalism'. "Corporations like Google, Microsoft, and IBM spend millions of dollars each year to sponsor labs, professorships, PhD programs, and conferences in fields like computer science (CS) and AI ethics at some of the world's top institutions. Industry is the main consumer of academic CS research, and 84% percent of CS professors receive at least some industry funding." "Relying on large companies and the resources they control can create significant limitations for the kinds of CS research that are proposed, funded and published. The tech industry plays a large hand in deciding what is and isn't worthy of examination, or how issues are framed. [...] The scope of what is reasonable to study is therefore shaped by what is of value to tech companies. There is little incentive for these corporations to fund academic research about issues that they consider more marginal or which don't relate to their priorities." Jazwinska concludes, "Given the extent of financial entanglement between Big Tech and academia, it might be unrealistic to expect CS scholars to completely resist accepting any industry funding—instead, it may be more practicable to make a concerted effort to establish higher standards for and greater transparency regarding sponsorship.Read more of this story at Slashdot.
The Washington Post shares a story that hasn't been previously disclosed. "Russian agents came to the home of Google's top executive in Moscow to deliver a frightening ultimatum last September: take down an app that had drawn the ire of Russian President Vladimir Putin within 24 hours or be taken to prison."Google quickly moved the woman to a hotel where she checked in under an assumed name and might be protected by the presence of other guests and hotel security, according to people with knowledge of the matter. The same agents — believed by company officials to be from Russia's FSB, a successor to the KGB intelligence service — then showed up at her room to tell her the clock was still ticking. Within hours, an app designed to help Russians register protest votes against Putin could no longer be downloaded from Google or Apple, whose main representative in Moscow faced a similarly harrowing sequence.... The unnerving encounters, which have not previously been disclosed, were part of a broader campaign that Putin intensified last year to erode sources of internal opposition — moves now helping him maintain his hold on power amid a global backlash over the invasion of Ukraine. In a single year, Putin had his political nemesis Alexei Navalny imprisoned after a poisoning attempt failed to kill him; pushed independent news outlets to the brink of extinction; orchestrated a Kremlin-controlled takeover of Russia's Facebook equivalent; and issued "liquidation" orders against human rights organizations. Amid this internal offensive, Putin also moved to bring foreign technology companies to heel. Moscow deployed new devices that let it degrade or even block Russians' access to Facebook and Twitter, imposed fines totaling $120 million on firms accused of defying Kremlin censors, and ordered 13 of the world's largest technology companies to keep employees in Russia and thus exposed to potential arrest or other punishment for their employers' actions — a measure that U.S. executives refer to as the "hostage law." On their own, these moves were seen as disparate signs of Russia' descent into authoritarianism. But they also laid the groundwork for the Soviet-style suppression of free expression now underway in Russia, much as the months-long military buildup set the stage for the invasion of Ukraine. The article also notes "preliminary evidence that the suppression strategy is working. "Polls, whose reliability is always uncertain in Russia, show that a majority of Russians support the war. In interviews with Western journalists that have gone viral online, Russians who rely on state-controlled media have consistently echoed Kremlin falsehoods about eradicating alleged Nazism in Ukraine while seeming to be genuinely oblivious to the war's carnage." The article also notes how Apple is responding to Ukraine's crisis — but also includes this anecdote:Apple has similarly kept employees in Russia and taken other steps to placate the Kremlin. The company last year began configuring iPhones sold in Russia to promote Kremlin-backed social media companies, enabling users to activate them with a single click. It is an accommodation Apple has rarely made elsewhere and advances Putin's goal of migrating Russian people to platforms controlled by the government, according to Russia analysts.Read more of this story at Slashdot.
"A long duration C2 solar flare launched an asymmetrical full halo coronal mass ejection into space," tweeted the nonprofit science site SpaceWeatherLive (sharing a black-and-white video). "The solar plasma cloud is likely to arrive at Earth late on Sunday, 13 March. Minor G1 geomagnetic storm conditions are likely with a chance of moderate G2 conditions." Long-time Slashdot reader PuddleBoy shared this additional report from their web site:The solar flare lasted for hours and launched an asymmetrical full halo coronal mass ejection into space. Most of the ejecta is heading north-west but a significant part of the plasma cloud is expected to arrive at our planet. The coronal mass ejection was launched at a speed of about 600km/s which is a fairly average speed. This puts the likely arrival time at Earth late on Sunday, 13 March. Minor G1 geomagnetic storm conditions (Kp5) are likely with a chance of moderate G2 conditions which equals a Kp-value of 6. Middle latitude locations might catch a glimpse of the aurora near the northern (or southern) horizon under optimal conditions.Read more of this story at Slashdot.
The New York Times looks at Mindway AI, a company that predicts future problem gambling.Built using research at Aarhus University by its founder, Kim Mouridsen, the company uses psychologists to train A.I. algorithms in identifying behaviors associated with problem gambling. One significant challenge is that there is no sole indicator of whether someone is a problem gambler, said Rasmus Kjærgaard, Mindway's chief executive. And at most casinos, human detection of problem gambling focuses on just a few factors — mostly money spent and time played. Mindway's system takes into account 14 different risks. Those include money and time but also canceled bank withdrawals, shifts in the time of day the player is playing and erratic changes of wagers. Each factor is given a score from 1 to 100, and the A.I. then builds out a risk assessment of each player, improving itself with each hand of poker or spin of the roulette wheel. Players are scored from green (you're doing fine) to blood red (immediately step away from the game).... The trickiest step, though, according to Brett Abarbanel, director of research at U.N.L.V.'s International Gaming Institute, is taking that data and explaining it to a player. "If my algorithm flags someone, and it thinks that they're a problem gambler, I'm not going to send them a note and say, 'Hey, great news, my algorithm has identified you as potentially a problem gambler. You should stop gambling right away!'" The response would be obvious, Dr. Abarbanel said, deploying a middle finger: "That's what will happen...." Since starting in 2018, Mindway has contracted its services to seven Danish operators, two each in Germany and the Netherlands, one global operator and a U.S. sports-gambling operator, Mr. Kjærgaard said. The online gambling giants Flutter Entertainment and Entain have both partnered with Mindway as well, according to the companies' annual reports. Since this technology is so new and there's no regulatory body setting a standard, Mindway and similar companies are, for now, essentially on their own.Read more of this story at Slashdot.
Friday the Verge reported:The Main Directorate for Combating Organized Crime and Corruption of Belarus (GUBOPiK) has detained prominent Wikipedia editor Mark Bernstein, according to the Belarusian publication Zerkalo. The arrest comes after Bernstein's personal information was shared on GOBUPiK's public Telegram channel. Bernstein is one of the top 50 editors of Russian Wikipedia. The Verge was able to confirm that Bernstein's information — including his social media, Wikipedia handle, and place of work — had been shared in GUBOPik's channel on the messaging app. A video of Bernstein's arrest was also posted alongside his photo and personal details. In the photo itself, Bernstein is accused of "distributing fake anti-Russian information." The channel has since been made private.... In an activity log of Bernstein's purported Wikimedia username, you can see that he's made over 200,000 edits to Russian Wikipedia articles. Currently, his account is described as "blocked indefinitely." "Earlier in March, Slate reported on the same Wikipedia editor and his efforts to ensure the correct information hits pages about the invasion," adds The Byte. On Saturday the human rights site Charter 97 reported that Bernstein was given 15 days of arrest, "according to the Viasna human rights center."Read more of this story at Slashdot.
"The European Space Agency has announced it has chosen a team to make oxygen on the moon," reports Digital Trends. "The team, led by aerospace manufacturer Thales Alenia Space, will design and build a payload to create oxygen from lunar soil."[C]arrying oxygen into space using rockets is inefficient, so it would be better if astronauts could find ways to make what they need in the places they are exploring. This principle is called in-situ resource utilization and is a key idea for future missions to the moon and Mars. The payload for the moon will be designed to create between 50 and 100 grams of oxygen from the dusty material which covers the moon, called regolith. The aim is to extract 70% of the available oxygen in the sample within a 10 day period. That time limit is because it will need to operate within the window of available solar power in a lunar day, which is around two weeks long. Previous experiments and concepts have shown that it is possible to extract oxygen from lunar regolith, which is made up of around 40 — 45% oxygen by weight. Now, the challenge is to make a workable system within the constraints of size and materials. A systems engineer from the space agency's design facility has high hopes for the project, according to a statement released Wednesday. "Being able to extract oxygen from moonrock, along with useable metals, will be a game-changer for lunar exploration, allowing the international explorers set to return to the Moon to 'live off the land' without being dependent on long and expensive terrestrial supply lines."Read more of this story at Slashdot.
"People around the world are using a new website to circumvent the Kremlin's propaganda machine by sending individual messages about the war in Ukraine to random people in Russia," reports the Wall Street Journal. "The website was developed by a group of Polish programmers who obtained some 20 million cellphone numbers and close to 140 million email addresses owned by Russian individuals and companies." A Tuesday report from the Daily Dot:Created by the hacking group known as Squad303, the tool, hosted at the domain 1920.in, loads a pre-written statement into a user's native SMS app that attempts to inform Russians about the ongoing conflict. "Dear Russians, your media is being censored. The Kremlin is lying," the statement reads. "Find out the truth about Ukraine on the free internet and in the Telegram app. Time to overthrow dictator Putin!" In a statement to the Daily Dot, a member of Squad303 described the effort as a "non-violent communication project" aimed at bypassing Russia's crackdown on independent news sources. The domain name for the tool refers to Poland's surprise victory against Russian forces in 1920. "We know that people wanted to get engaged to help Ukrainians. We wanted to deliver them a tool to start a dialog with Russians," the group said.... Squad303 claims that its tool has already been used to send out more than 6.3 million text messages, although the Daily Dot was unable to confirm the number.Read more of this story at Slashdot.
On the VRChat platform, there's a fake law-enforcement agency called The Loli Police Department, reports Input magazine. Though it began as a joke, after four years its Discord channel now has 11,000 members, and "The tightly run community allows members to experience a fantasy version of police life and prides itself on being a source of chaotic good in the strange world of virtual reality."Members move through the ranks — from cadet on up — based on their activity level, which is tracked via the group's Discord. Everything is carefully orchestrated to mimic IRL police.... Karet, a 29-year-old game developer and LPD captain from Texas, says that the hard work of volunteers allows users to roleplay police activities in a realistic environment. "We have some of our own worlds — like the hospital for our medical division, where we can pretend someone is getting treatment, or the jail where we put criminals," says Karet, who designed the LPD station and jail. One of Karet's favorite things to do is mess with users at random. "Lots of people in VRChat like to sit in front of mirrors," he says. "I will go up to the mirror and do a 'mirror inspection.' Then I say it's an illegal mirror and start looking for someone to blame and arrest. They just don't know how to handle that," he laughs. There are other ways to get people into trouble, too. "I can pull out a bag of weed and make it look like it came out of someone's pocket," Karet says. "They always say it's not theirs." Being a VRChat police officer comes with its share of challenges. Members are aware that their form of roleplay — which frames spot checks and fake drug busts as harmless fun — doesn't sit well with some members of the community.... Despite the power dynamics at play, LPD members are not moderators of the VR world and ultimately can't make much in the way of real change. "One of our new officers came to me upset because they stepped in when they saw harassment, but then they got the brunt of the attack from the harasser," says Karet. "I commended him, but it's not what we do. We're just trying to have fun. So usually when we encounter something like that, we just leave the world." Thankfully, Karet says, the LPD can help their community somewhat. "We encourage LPD officers to help out new users. It's easy to spot them, so we often go and give them a hand, show them how things work," he says. The LPD used to run events for this purpose, but they were recently brought to a halt. "The events are on hiatus because it became a bit cult-y. Everyone was trying to recruit people into the LPD."Read more of this story at Slashdot.
Walgreens and other retailers replaced some fridge and freezer doors with iPad-like screens, reports CNN. "And some shoppers absolutely hate it."The screens, which were developed by the startup Cooler Screens, use a system of motion sensors and cameras to display what's inside the doors — as well as product information, prices, deals and, most appealing to brands, paid advertisements. The tech provides stores with an additional revenue stream and a way to modernize the shopping experience. But for customers who just want to peek into the freezer and grab their ice cream, Walgreens risks angering them by solving a problem that shoppers didn't know existed. The company wants to engage more people with advertising, but the reaction, so far, is annoyance and confusion. "Why would Walgreens do this?" one befuddled shopper who encountered the screens posted on TikTok. "Who on God's green earth thought this was a good idea?" "The digital cooler screens at Walgreens made me watch an ad before it allowed me to know which door held the frozen pizzas," said someone on Twitter.... Walgreens began testing the screens in 2018 and has since expanded the pilot to a couple thousand locations nationwide. Several other major retailers are launching their own tests with Cooler Screens, including Kroger, CVS, GetGo convenience stores and Chevron gas stations. "I hope that we will one day be able to expand across all parts of the store," said Cooler Screens co-founder and CEO Arsen Avakian in an interview with CNN Business. Currently the startup has about 10,000 screens in stores, which are viewed by approximately 90 million consumers monthly, according to the company.... Politifact last month debunked a viral Facebook video that claimed "Walgreens refrigerators are scanning shoppers' hands and foreheads for 'the mark of the beast.'" Avakian insists the tech is "identity-blind" and protects consumers' privacy. The freezers have front-facing sensors used to anonymously track shoppers interacting with the platform, while internally facing cameras track product inventory... The items on display don't always match up with what's inside because products are out of stock..... "This is the future of retail and shopping," Avakian said. CNN notes that major corporations are backing the company Cooler Screens, which "has raised more than $100 million from backers including Microsoft and Verizon." But long-time Slashdot reader davidwr points out it's been done before. "Some gas stations have had video ads at the pump for years now. I boycott those stations on principle." And Slashdot reader quonset wonders if we're one step closer to Futurama's vision of a world where advertisers enter our dreams.Read more of this story at Slashdot.
Slashdot