Slashdot

An anonymous reader quotes a report from Scientific American: New research, published in the journal Physiological Entomology, suggests that the palm-sized Joro spider, which swarmed North Georgia by the millions last September, has a special resilience to the cold. This has led scientists to suggest that the 3-inch (7.6 centimeters) bright-yellow-striped spiders -- whose hatchlings disperse by fashioning web parachutes to fly as far as 100 miles (161 kilometers) -- could soon dominate the Eastern Seaboard. Since the spider hitchhiked its way to the northeast of Atlanta, Georgia, inside a shipping container in 2014, its numbers and range have expanded steadily across Georgia, culminating in an astonishing population boom last year that saw millions of the arachnids drape porches, power lines, mailboxes and vegetable patches across more than 25 state counties with webs as thick as 10 feet (3 meters) deep, Live Science previously reported. Common to China, Taiwan, Japan and Korea, the Joro spider is part of a group of spiders known as "orb weavers" because of their highly symmetrical, circular webs. The spider gets its name from Jorgumo, a Japanese spirit, or Ykai, that is said to disguise itself as a beautiful woman to prey upon gullible men. True to its mythical reputation, the Joro spider is stunning to look at, with a large, round, jet-black body cut across with bright yellow stripes, and flecked on its underside with intense red markings. But despite its threatening appearance and its fearsome standing in folklore, the Joro spider's bite is rarely strong enough to break through the skin, and its venom poses no threat to humans, dogs or cats unless they are allergic. That's perhaps good news, as the spiders are destined to spread far and wide across the continental U.S., researchers say. The scientists came to this conclusion after comparing the Joro spider to a close cousin, the golden silk spider, which migrated from tropical climates 160 years ago to establish an eight-legged foothold in the southern United States. By tracking the spiders' locations in the wild and monitoring their vitals as they subjected caught specimens to freezing temperatures, the researchers found that the Joro spider has about double the metabolic rate of its cousin, along with a 77% higher heart rate and a much better survival rate in cold temperatures. Additionally, Joro spiders exist in most parts of their native Japan -- warm and cold -- which has a very similar climate to the U.S. and sits across roughly the same latitude. [...] While most invasive species tend to destabilize the ecosystems they colonize, entomologists are so far optimistic that the Joro spider could actually be beneficial, especially in Georgia where, instead of lovesick men, they kill off mosquitos, biting flies and another invasive species -- the brown marmorated stink bug, which damages crops and has no natural predators. In fact, the researchers say that the Joro is much more likely to be a nuisance than a danger, and that it should be left to its own devices.Read more of this story at Slashdot.

For the last two years, Unified Patents, an international organization of over 200 businesses, has been winning the battle against patent trolls "to keep them from stealing from the companies and organizations that actually use patents' intellectual property (IP)," writes ZDNet's Steven Vaughan Nichols. "This is their story to date." From the report: Unified Patents brings the fight to the trolls. It deters patent trolls from attacking its members by making it too expensive for the troll to win. The group does this by examining troll patents and their activities in various technology sectors (Zones). The United Patents Open Source Software Zone (OSS Zone) is the newest of these Zones. [...] Even before OSS Zone was formally launched, Unified Patents along with the Open Invention Network (OIN), the world's largest patent non-aggression group, launched legal cases against poor quality PAE-owned (Patent Assertion Entities) patents. The Linux Foundation and Microsoft have also joined the OSS Zone to battle these bad patents. [...] Together, United Patents uses open-source software evidence as proof to establish that the trolls often don't have a case. This is done using Inter Partes Review (IPR), a 2012 legal tool for showing that a bad patent never should have been granted in the first place. [Linux Foundation Executive Director Jim Zemlin] notes, "The Patent Trial and Appeal Board (PTAB)'s discretionary rulings on IPRs have changed the landscape around NPEs. These cases take a long time to be resolved. Typically, it takes from 12 to 24 months. That also makes them expensive for both the OSS Zone and the trolls. Keith Bergelt, the OIN's CEO, said "In other technology areas when patents go through the IPR process or are reexamined, there is a settlement around 20% of the time. In the OSS Zone, there are few settlements. This makes it more costly and difficult to administer, but also is difficult on the PAEs. When the success rate against their patents is over 95%, certain PAEs that would otherwise hope to settle have essentially given up on defending their patents." Still, with such a high success rate, it's worth the expense. To date, Unified has overseen and managed 43 challenges. Of these, 12 patents were found invalid, another 23 cases have been instituted, and six are still in process. This has led to multiple settlements for Unified Patents members. These, in turn directly pass through to OIN's 3,600+ community members. For example, an Accelerated Memory Tech patent 6,513,062, was used by the troll IP Investments Group to claim that the open-source Redis, which manages cache resources on the cloud, violated the patent. Redis, not having any money, IP Investments Group instead went after Hulu, Citrix Systems, Barracuda Networks, Kemp Technologies, and F5 Networks for their use of Redis software. IP Investments Group gave up rather than fighting it out. Everyone who uses Redis wins. It's one small victory, but that's how the patent troll wars are won. And, with the United Patents' high-success rate in knocking out bad patents, slowly but surely the patent trolls are being driven back from not only open-source software but all software.Read more of this story at Slashdot.

Researchers have now harnessed the power of artificial intelligence to infer how pigs are feeling on the basis of their grunts. The Guardian reports: Scientists believe that the AI pig translator -- which turns oinks, snuffles, grunts and squeals into emotions -- could be used to automatically monitor animal wellbeing and pave the way for better livestock treatment on farms and elsewhere. "We have trained the algorithm to decode pig grunts," said Dr Elodie Briefer, an expert in animal communication who co-led the work at the University of Copenhagen. "Now we need someone who wants to develop the algorithm into an app that farmers can use to improve the welfare of their animals." Working with an international team of colleagues, Briefer trained a neural network to learn whether pigs were experiencing positive emotions, such as happiness or excitement, or negative emotions, such as fear and distress, using audio recordings and behavioral data from pigs in different situations, from birth through to death. Writing in the journal Scientific Reports, the researchers describe how they used the AI to analyze the acoustic signatures of 7,414 pig calls recorded from more than 400 animals. While most of the recordings came from farms and other commercial settings, others came from experimental enclosures where pigs were given toys, food and unfamiliar objects to nose around and explore. The scientists used the algorithm to distinguish calls linked to positive emotions from those linked to negative emotions. The different noises represented emotions across the spectrum and reflected positive situations, such as huddling with littermates, suckling their mothers, running about and being reunited with the family, to negative situations ranging from piglet fights, crushing, castration and waiting in the abattoir. The researchers found that there were more high-pitched squeals in negative situations. Meanwhile, low-pitched grunts and barks were heard across the board, regardless of their predicament. Short grunts, however, were generally a good sign of porcine contentment.Read more of this story at Slashdot.

An anonymous reader quotes a report from Interesting Engineering: Green Hydrogen International (GHI) has unveiled its plans to build a 60 GW green hydrogen production facility near the Piedras Pintas salt dome in Texas. The facility will be the largest of its kind in the world, the company claimed in a press release. While the world seeks cleaner alternatives to the energy that can power long-haul flights and stand in as a substitute for natural gas, green hydrogen appears to be one of the front runners. With countries such as China, Saudi Arabia, Chile, Spain having initiated green hydrogen projects on a pilot basis, GHI would have to make a big splash to announce its arrival. The company is hopeful that its proposed plant, capable of producing 2.5 billion kilograms of green hydrogen every year, will do exactly that. According to its website, GHI has seven projects that are under development with a combined output of one terawatt. The largest and the first one to get off the ground is Hydrogen City in Texas. Using onshore wind and solar energy, the project aims to produce 60 gigawatts of green hydrogen every year. The Piedras Pintas salt dome in Duval County will serve as the hydrogen storage facility for the project which in its initial stages will see a 2-gigawatt production facility being drawn up. Green hydrogen production is expected to begin by 2026 and it will tap into renewable energy from the Texan electricity grid. Green hydrogen produced at the facility will be piped to the coastal city of Corpus Christi and Brownsville, where industries will convert them to other products. "Hydrogen City is a massive, world-class undertaking that will put Texas on the map as a leading green hydrogen producer," GHI's founder and CEO Brian Maxwell said. "Texas has been the world leader in energy innovation for over 100 years and this project is intended to cement that leadership for the next century and beyond."Read more of this story at Slashdot.

Over 170 million U.S.-born people who were adults in 2015 were exposed to harmful levels of lead as children, a new study estimates. The Associated Press reports: Researchers used blood-lead level, census and leaded gasoline consumption data to examine how widespread early childhood lead exposure was in the country between 1940 and 2015. In a paper published in the Proceedings of the National Academy of Sciences on Monday, they estimated that half the U.S. adult population in 2015 had been exposed to lead levels surpassing five micrograms per deciliter -- the Centers for Disease Control and Prevention threshold for harmful lead exposure at the time. The scientists from Florida State University and Duke University also found that 90% of children born in the U.S. between 1950 and 1981 had blood-lead levels higher than the CDC threshold. And the researchers found significant impact on cognitive development: on average, early childhood exposure to lead resulted in a 2.6-point drop in IQ. The researchers only examined lead exposure caused by leaded gasoline, the dominant form of exposure from the 1940s to the late 1980s, according to data from the U.S. Geological Survey. Leaded gasoline for on-road vehicles was phased out starting in the 1970s, then finally banned in 1996.Read more of this story at Slashdot.

According to Deadline, Prime Video is turning PlayStation's mythology-themed game franchise God of War into a live-action TV series. From the report: I hear the series adaptation comes from The Expanse creators/executive producers Mark Fergus and Hawk Ostby and The Wheel of Time executive producer/showrunner Rafe Judkins as well as Sony Pictures Television and PlayStation Productions, which collaborate on all TV series based on PlayStation games. This would mark the latest big deal for a TV series based on a popular video game title in a red-hot streaming marketplace for gaming IP. Peacock just landed another SPT/PlayStation property, Twisted Metal, with a series order and Anthony Mackie starring. HBO has coming up the high-profile PlayStation game-based series The Last of Us, starring Pedro Pascal and Bella Ramsey. Netflix has a Resident Evil TV series in the works, while Paramount+ is about to debut Halo.[...] The God of War franchise from Sony's Santa Monica Studio spans a total of seven games across four PlayStation consoles. The action game series launched in 2005 on the PlayStation 2, with the first God of War. At the center is ex-Spartan warrior Kratos and his perilous journey to exact revenge on the Ares, the Greek God of War, after killing his loved ones under the deity's influence. After becoming the ruthless God of War himself, Kratos finds himself constantly looking for a chance to change his fate. Following several titles on various PlayStation consoles including the PS3 and the handheld PSP, Santa Monica Studio brought new life to the franchise with the 2018 game on the PlayStation 4. In it, Kratos comes to the Norse wilds where he gets a second chance at fatherhood with his son Atreus. The installment a slew of honors at the 2018 Game Awards, including Game of the Year. An eighth God of War installment, God of War: Ragnorok, is in the works for PlayStation 4 and PlayStation 5 and is set to drop this year.Read more of this story at Slashdot.

With sanctions against Russia starting to bite, the Kremlin is mulling ways to keep businesses and the government running. The latest is a creative twist on state asset seizures, only instead of the government taking over an oil refinery, for example, Russia is considering legalizing software piracy. Ars Technica reports: Russian law already allows for the government to authorize -- "without consent of the patent holder" -- the use of any intellectual property "in case of emergency related to ensuring the defense and security of the state." The government hasn't taken that step yet, but it may soon, according to a report from Russian business newspaper Kommersant, spotted and translated by Kyle Mitchell, an attorney who specializes in technology law. It's yet another sign of a Cyber Curtain that's increasingly separating Russia from the West. The plan would create "a compulsory licensing mechanism for software, databases, and technology for integrated microcircuits," the Kommersant said. It would only apply to companies from countries that have imposed sanctions. While the article doesn't name names, many large Western firms -- some of which would be likely targets -- have drastically scaled back business in Russia. So far, Microsoft has suspended sales of new products and services in Russia, Apple has stopped selling devices, and Samsung has stopped selling both devices and chips. Presumably, any move by the Kremlin to "seize" IP would exempt Chinese companies, which are reportedly considering how to press their advantage. Smartphone-makers Xiaomi and Honor stand to gain, as do Chinese automakers. Still, any gains aren't guaranteed since doing business in Russia has become riddled with problems, spanning everything from logistics to finance.Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: YouTube is still gearing up for a big podcast push. After hiring an executive in charge of podcasting last year, YouTube is now offering cash to popular podcasts that are willing to make the jump to video. Bloomberg is reporting that YouTube's content push works out to "offers of $50,000 to individual shows and $200,000 and $300,000 to podcast networks." The report says these "grants" are meant to help with the high start-up costs of producing video, which requires cameras, lighting, a studio, and a lot of other equipment you don't need to just do audio. We still don't know the extent of YouTube's podcasting plans. The project sounds like another instance of YouTube developing a specific content vertical with a specialized interface and custom branding. We've already seen this play out when YouTube's plethora of gaming content led to YouTube Gaming, when all the company's music deals created YouTube Music, and when kids' content got a "YouTube Kids" vertical. If podcasting follows a similar playbook, expect a "YouTube Podcasts" app and website, or at least a special section in the Music app.Read more of this story at Slashdot.

A research center housing a nuclear neutron source facility held at the Kharkiv Institute of Physics and Technology in eastern Ukraine was hit by Russian forces on Sunday, per a report from the state nuclear inspectorate. Motherboard reports: In a release published Sunday evening, the inspectorate called the blast "nuclear terrorism," spelling out a list of damages: a substation, which connects the plant to the electrical grid, on which the plant runs; cables within the facility's cooling system, which effectively prevent the plant from a meltdown; a heating line between structures in the facility; surface damages to the building that houses the structure; and windows across a number of buildings within the installation. "This list of damages is not complete so far. Currently, information on the consequences of the damages is being specified by the personnel," the report reads. An updated report following further inspection located no additional damage this morning. The Security Service of Ukraine's Kharkiv branch said destruction of the facility could lead to "environmental disaster," the Kyiv Independent reported Sunday. Russian state-owned news agency TASS reported Sunday that the attacks were in fact brought on by Ukraine, a line that has since been debunked. The reactor, known as the NSA "Neutron Source" was built with support from the Illinois-based Argonne National Laboratory in service of an agreement signed between the U.S. and Ukraine at the 2010 Nuclear Security Summit in Washington, D.C. The U.S. invested $73 million in the project, which promised that the Kharkiv Institute of Physics and Technology would be "given the opportunity to build state-of-the-art technology in nuclear research that will contribute to "solving problems of nuclear power industry and extending technical lifetime of nuclear power plants,'" according to a report from the European Union Non-Proliferation Consortium.Read more of this story at Slashdot.

Amazon has continued to work with companies in China accused of using forced labor despite public warnings about their work practices, according to a report published Monday by a nonprofit watchdog group. NBC News reports: The report from the Tech Transparency Project, a research group that is run by the nonprofit Campaign for Accountability and is often critical of large tech companies, found that Amazon's public list of suppliers includes five companies previously linked by journalists and think tank researchers to "labor transfer" programs in China. The suppliers help produce Amazon-branded devices and products sold under house labels like Amazon Basics. The report also warned that some of Amazon's third-party sellers may be offering products made using labor from the western Chinese region of Xinjiang, such as cotton imports that are already the subject of U.S. sanctions. The Tech Transparency Project identified three Amazon suppliers that have been linked to forced labor in China directly: Luxshare Precision Industry, AcBel Polytech and Lens Technology. It's not clear what specific Amazon items they may be responsible for producing. According to its public supplier list, Amazon works with two subsidiaries of Luxshare: Dongguan Luxshare Precision Industry and Shenzhen Luxshare Electro Acoustic Technology. Chinese government documents reported by The Information in May showed Luxshare Precision Industry, an electronics manufacturer, had allegedly accepted "as many as hundreds of Xinjiang laborers" between 2017 and 2020. Lens Technology, a company known for producing glass screens for laptops and smartphones, has accepted thousands of Uyghur workers in recent years, according to Chinese government documents first reported by The Washington Post. After receiving negative attention about its labor practices, the company reportedly began phasing out Uyghur workers from its factories. [...] The Tech Transparency Project identified two additional Amazon suppliers -- GoerTek and Hefei BOE Optoelectronics -- that were themselves accused of working with companies that have allegedly used forced labor. Neither supplier responded to requests for comment. The Tech Transparency Project researchers also found that Amazon continued listing two subsidiaries of the textiles manufacturer Esquel on its supplier list over a year after another subsidiary was sanctioned by the Department of Commerce for allegedly using forced labor. The U.S. government placed sanctions on Changji Esquel Textile in July 2020. But the other subsidiaries remained on Amazon's website until as recently as December 2021, according to the Tech Transparency Project. [...] The Tech Transparency Project also found evidence of Xinjiang labor on Amazon's third-party marketplace. The Tech Transparency Project said the findings raise "questions about Amazon's monitoring of such sellers."Read more of this story at Slashdot.

An anonymous reader quotes a report from Bloomberg Quint: Cryptocurrency trading platform Coinbase said it blocked over 25,000 wallet addresses related to Russian individuals or entities that it believes to be engaging in illicit activity. The blocked addresses represent about 0.2% of Coinbase's 11.4 million monthly transacting users, based on 2021 data. In a company blog, Paul Grewal, Coinbase's chief legal officer, said the largest U.S. crypto exchange has banned access for sanctioned individuals and is using blockchain analytics to identify addresses potentially linked to them, which it also adds to an internal blocklist. "Today, Coinbase blocks over 25,000 addresses related to Russian individuals or entities we believe to be engaging in illicit activity, many of which we have identified through our own proactive investigations," Grewal wrote. "We shared them with the government to further support sanctions enforcement."Read more of this story at Slashdot.

The British government has asked its nuclear regulator to start the process for approving Rolls-Royce's planned small- scale modular nuclear reactor, which policymakers hope will help cut dependence on fossil fuels and lower carbon emissions. From a report: Britain last year backed a $546 million funding round at the company to develop the country's first small modular nuclear reactor (SMR), part of its drive to reach net zero carbon emissions and promote new technology with export potential. Energy minister Kwasi Kwarteng has also said new nuclear projects will play an important part in Britain's efforts to reduce its reliance on expensive gas, which hit fresh record high prices on Monday amid the crisis in Ukraine. SMRs can be made in factories, with parts small enough to be transported on trucks and barges and assembled more quickly and cheaply than large-scale reactors. Each mini plant can power around one million homes and Rolls-Royce has forecast the SMR business could create up to 40,000 jobs based on British and export demand.Read more of this story at Slashdot.

The Environmental Protection Agency (EPA) on Monday said it was proposing new rules to cut smog-forming and greenhouse gas emissions from heavy duty vehicles. From a report: The agency is proposing to require cuts in nitrogen oxide emissions from heavy trucks of 47 percent to 60 percent by 2045. The new standards would begin in the 2027 model year. Separately, the Transportation Department is announcing nearly $1.5 billion in funding for 2022 to help state and local governments purchase U.S.-built electric transit buses and low-emission models. The department is also announcing $2.2 billion in funding to 35 transit agencies across 18 states. The EPA is also proposing stricter new greenhouse gas emissions standards for some types of heavy vehicles.Read more of this story at Slashdot.

As Google announced today, version 99 of Chrome on macOS manages to score 300 points on the Speedometer benchmark, which was originally developed by Apple's WebKit team. This, Google points out, is the fastest performance of any browser yet. TechCrunch: Speedometer 2.0 tests for responsiveness, which makes it a good proxy for user experience. It's been a while since competition in the browser market focused on speed, especially now that most vendors bet on the same Chromium codebase to build their browsers (with the exception of Mozilla's Firefox and Apple's WebKit-based Safari). But that doesn't mean that the various development teams stopped thinking about how to speed up the user experience. As with a lot of mature technologies, we're just not seeing major breakthroughs these days. That doesn't mean the rivalry between the different vendors has stopped, even as they are now getting together as part of Interop 2022 to better align their browsers with web standards.Read more of this story at Slashdot.

In mid-February, hackers gained access to computers belonging to current and former employees at nearly two dozen major natural gas suppliers and exporters, including Chevron, Cheniere Energy and Kinder Morgan, according to research shared exclusively with Bloomberg News. From the report: The attacks targeted companies involved with the production of liquefied natural gas, or LNG, and they were the first stage in an effort to infiltrate an increasingly critical sector of the energy industry, according to Gene Yoo, chief executive officer of Los Angeles-based Resecurity, which discovered the operation. They occurred on the eve of Russia's invasion of Ukraine, when energy markets were already roiled by tight supplies. Resecurity's investigation began last month when the firm's researchers spotted a small number of hackers, including one linked to a wave of attacks in 2018 against European organizations that Microsoft attributed to Strontium, the company's nickname for a hacking group associated with Russia's GRU military intelligence service. The hackers were looking to pay top dollar on the dark web for access to personal computers belonging to workers at large natural gas companies in the U.S., which were used as a back door into company networks, Yoo said. The researchers located the hackers' servers and found a vulnerability in the software, which allowed them to obtain files from the machines and see what the attackers had already done, Yoo said.Read more of this story at Slashdot.

Academic researchers have devised a new working exploit that commandeers Amazon Echo smart speakers and forces them to unlock doors, make phone calls and unauthorized purchases, and control furnaces, microwave ovens, and other smart appliances. joshuark shares a report: The attack works by using the device's speaker to issue voice commands. As long as the speech contains the device wake word (usually "Alexa" or "Echo") followed by a permissible command, the Echo will carry it out, researchers from Royal Holloway University in London and Italy's University of Catania found. Even when devices require verbal confirmation before executing sensitive commands, it's trivial to bypass the measure by adding the word "yes" about six seconds after issuing the command. Attackers can also exploit what the researchers call the "FVV," or full voice vulnerability, which allows Echos to make self-issued commands without temporarily reducing the device volume. Because the hack uses Alexa functionality to force devices to make self-issued commands, the researchers have dubbed it "AvA," short for Alexa vs. Alexa. It requires only a few seconds of proximity to a vulnerable device while it's turned on so an attacker can utter a voice command instructing it to pair with an attacker's Bluetooth-enabled device. As long as the device remains within radio range of the Echo, the attacker will be able to issue commands. The attack "is the first to exploit the vulnerability of self-issuing arbitrary commands on Echo devices, allowing an attacker to control them for a prolonged amount of time," the researchers wrote in a paper [PDF] published two weeks ago. "With this work, we remove the necessity of having an external speaker near the target device, increasing the overall likelihood of the attack."Read more of this story at Slashdot.

Consumers will still be able to use Mastercard and Visa-branded cards for domestic transactions in Russia, the country's state-backed payments network has said, reducing the impact of the US firms' decision to pull services over the invasion of Ukraine. From a report: Russia's homegrown payments system Mir said the cardholders would still be able to access their funds, make withdrawals and domestic transfers -- at least until their bank cards expire. Mir has processed most domestic payments in Russia since 2015, while foreign operators such as Visa and Mastercard continued to run international transactions. The operator -- which is 100% owned by the country's central bank -- was established on government orders to protect the economy against sanctions imposed over Moscow's annexation of Crimea in 2014. "All cards of these payment systems already issued by Russian banks will continue to work within our country as before," Mir's operator said in the early hours of Sunday. "Until the expiration of their validity, Visa and Mastercard cardholders have access to all the funds on their accounts, as well as all the usual payment transactions -- paying for purchases, transferring funds from card to card, withdrawing cash, etc." Further reading: Visa Discloses Russia, Ukraine Exposure.Read more of this story at Slashdot.

During at least the first few months following a coronavirus infection, even mild cases of Covid-19 are associated with subtle tissue damage and accelerated losses in brain regions tied to the sense of smell, as well as a small loss in the brain's overall volume, a new British study finds. Having mild Covid is also associated with a cognitive function deficit. NBC: These are the striking findings of the new study led by University of Oxford investigators, one that leading Covid researchers consider particularly important because it is the first study of the disease's potential impact on the brain that is based on brain scans taken both before and after participants contracted the coronavirus. "This study design overcomes some of the major limitations of most brain-related studies of Covid-19 to date, which rely on analysis and interpretation at a single time point in people who had Covid-19," said Dr. Serena S. Spudich, a neurologist at the Yale University School of Medicine, who was not involved in the research. The research, which was published Monday in Nature, also stands out because the lion's share of its participants apparently had mild Covid -- by far, the most common outcome of coronavirus infections. Most of the brain-related studies in this field have focused on those with moderate to severe Covid. Gwenaelle Douaud, an associate professor at the Nuffield Department of Clinical Neurosciences at Oxford and the paper's lead author, said that the excess loss of brain volume she and her colleagues observed in brain scans of hundreds of British individuals is equivalent to at least one extra year of normal aging. "It is brain damage, but it is possible that it is reversible," she said. "But it is still relatively scary because it was in mildly infected people."Read more of this story at Slashdot.

It is the dominant American maker of smartphones, a household name to billions and for many makers of high-tech parts their most important customer ever. Just don't ask who it is. WSJ: In Asia, it's surreptitiously referred to as "the fruit company" or sometimes "Fuji," referring to the variety of the specific fruit in question that's cultivated in Japan. Other descriptors include "the three-trillion-dollar company" -- which slightly overstates its market value -- "the honored North American customer" and simply "the big A." In a January securities filing, O-Film Group, a Chinese maker of smartphone camera modules said it estimated a loss of up to $426 million in 2021. One reason was lost business with "a certain customer beyond these borders." Which customer? An O-Film spokesperson didn't respond to the question. In contrast to Lord Voldemort of the Harry Potter series, the Client Who Must Not Be Named doesn't cast deadly spells or converse with serpents. Its powers, nonetheless, are fearsome. It can award -- or take away -- contracts for electronic parts and services worth hundreds of millions of dollars. That is why suppliers' public presentations and even private conversations hardly ever include the name of the company they're discussing, for fear of offending someone or accidentally revealing competitive information. The reluctance to spell out the remaining four letters beyond "A" is more than just custom. A 2014 court filing related to a former supplier's bankruptcy gave details about its confidentiality agreement with the customer. The supplier, GT Advanced Technologies, promised to pay $50 million for each breach of secrecy, according to the filing. The agreement defined breaches to include not just the usual trade secrets but also the very existence of the relationship. At an earnings call in June 2020 by chip maker Broadcom, an analyst mentioned, without naming names, that "growth in Q3 from a seasonal perspective" might be lacking. He asked for "some more color around how we should think about the wireless expected recovery into Q4." Broadcom Chief Executive Hock E. Tan immediately knew what was up. He said he understood what the analyst was implying: Broadcom was indeed designing chips for "those big flagship phones" made by "our large North American OEM phone maker." He confirmed the delay in the OEM's products.Read more of this story at Slashdot.

An anonymous reader shares a report: If blockchain technology is to reach true mass adoption, it will have to become cheaper and more efficient. Low transaction throughput on some of the most popular blockchains, most notably Ethereum, has kept gas fees high and hindered scalability. A host of new projects has cropped up to improve efficiency in the blockchain space, each with its own set of tradeoffs, including proof-of-capacity blockchain Subspace, which announced its $32.9 million Series A last week. Now, a team of researchers from Stanford University's applied cryptography research group has entered the fray. The team is coming out of stealth mode with Espresso, a new layer one blockchain they are building to allow for higher throughput and lower gas fees while prioritizing user privacy and decentralization. Espresso aims to optimize for both privacy and scalability by leveraging zero-knowledge proofs, a cryptographic tool that allows a party to prove a statement is true without revealing the evidence behind that statement, CEO Ben Fisch told TechCrunch in an interview. Espresso Systems, the company behind the blockchain project, is led by Fisch, chief operating officer Charles Lu, and chief scientist Benedikt Banz, collaborators at Stanford who have each worked on other high-profile web3 projects, including the anonymity-focused Monero blockchain and BitTorrent co-founder Bram Cohen's Chia. They've teamed up with chief strategy officer Jill Gunter, a former crypto investor at Slow Ventures who is the fourth Espresso Systems co-founder, to take their blockchain and associated products to market. To achieve greater throughput, Espresso uses ZK-Rollups, a solution based on zero-knowledge proofs that allow transactions to be processed off-chain. ZK-Rollups consolidate multiple transactions into a single, easily-verifiable proof, thus reducing the bandwidth and computational load on the consensus protocol. The method has already gained popularity on the Ethereum blockchain through scaling solution providers like StarkWare and zkSync, according to Fisch.Read more of this story at Slashdot.

Zelle, the payments platform used by millions of customers, is a popular target of scammers. But banks have been reluctant to make fraud victims whole -- despite owning the system. From a report: Consumers love payment apps like Zelle because they're free, fast and convenient. Created in 2017 by America's largest banks to enable instant digital money transfers, Zelle comes embedded in banking apps and is now by far the country's most widely used money transfer service. Last year, people sent $490 billion through Zelle, compared with $230 billion through Venmo, its closest rival. Zelle's immediacy has also made it a favorite of fraudsters. Other types of bank transfers or transactions involving payment cards typically take at least a day to clear. But once crooks scare or trick victims into handing over money via Zelle, they can siphon away thousands of dollars in seconds. There's no way for customers -- and in many cases, the banks themselves -- to retrieve the money. Nearly 18 million Americans were defrauded through scams involving digital wallets and person-to-person payment apps in 2020, according to Javelin Strategy & Research, an industry consultant. "Organized crime is rampant," said John Buzzard, Javelin's lead fraud analyst. "A couple years ago, we were just starting to talk about it" on apps like Zelle and Venmo, Mr. Buzzard said. "Now, it's common and everywhere." The banks are aware of the widespread fraud on Zelle. When Mr. Faunce called Wells Fargo to report the crime, the customer service representative told him, "A lot of people are getting scammed on Zelle this way." Getting ripped off for $500 was "actually really good," Mr. Faunce said the rep told him, because "many people were getting hit for thousands of dollars."Read more of this story at Slashdot.

Briefly banned in Ukraine, U.S. mobile-phone app Premise does defense work globally and has faced contributor safety issues. From a report: In 2019, Ukrainian users of a U.S.-based mobile-phone app offering paid, short-term tasks got what sounded like a straightforward assignment: Go into rural Ukraine and take smartphone photos of certain fields and farms around Odessa and Kyiv. But for one contributor, the job turned out to be anything but ordinary when one of the fields turned out to lie next to a military checkpoint. The contributor was chased off by armed soldiers, according to people familiar with the matter. The app's owner, Premise Data, said it immediately deleted the task from its platform after learning of the military checkpoint. What that and other Ukrainian gig workers were doing was harvesting data for a U.S. Defense Department-funded research project. Descartes Labs, a government contractor that works with U.S. military and intelligence agencies, hired Premise to have its gig workers gauge how accurately the company's satellite algorithms were performing, the people said. Could they, for example, accurately tell barley from wheat in photos taken from space? Descartes's work was funded by DARPA, a research arm of the Pentagon, a Defense Department spokesperson said. Descartes declined to comment. Based in San Francisco, Premise is one of a number of companies offering a service that uses iPhone and Android smartphones around the world as tools for gathering intelligence and commercial information from afar, sometimes without the users knowing specifically who they are working for. The business model of companies like Premise has prompted questions about the safety and propriety of enlisting such people for government work --especially in potential or active conflict zones.Read more of this story at Slashdot.

Samsung on Monday confirmed that the company recently suffered a cyberattack, but said that it doesn't anticipate any impact on its business or customers. From a report: Last week, South American hacking group Lapsus$ claimed it had stolen 190GB of confidential data, including source code, from the South Korean tech giant's servers. The group also posted snapshots of the alleged data online. Samsung has now confirmed in a statement, without naming the hacking group, that there was a security breach, but it asserted that no personal information of customers was compromised.Read more of this story at Slashdot.

NBC News reports that energy analysts "still expect most solar energy production in the near future to come from utility-scale projects, in part because of the savings that comes with massive installations." Unfortunately, "It's those projects that are facing pushback."Local governments in states such as California, Indiana, Maine, New York and Virginia have imposed moratoriums on large-scale solar farms, as a national push for cleaner energy has collided with complaints about how the projects affect wildlife and scenic views. In one Nevada town west of Las Vegas, residents are trying to block a proposed 2,300-acre solar field. NBC News counted 57 cities, towns and counties across the country where residents have proposed solar moratoriums since the start of 2021, according to local news reports, and not every proposed ban gets local news coverage. At least 40 of those approved the measures. Other localities did so in earlier years. That resistance is a threat to the big ambitions of the solar energy movement. The current workaround? Solar panel installations "in unexpected places..."[Walmart] told NBC News it has more than 550 renewable energy projects, including solar and wind, implemented or under development. Several have opened recently in California, including with parking lot canopies. The company has a goal of using 100 percent renewable energy by 2035, up from 36 percent by its estimate now.... Houston has chosen the 240-acre site of a former landfill to install what the city said will be the largest infill solar project in the nation. In a neighborhood named Sunnyside, the project will generate enough electricity for 5,000 homes, according to the city. Similar projects have been built on landfills throughout New Jersey. An energy firm is building a solar project on a former coal mine on the border of Kentucky and West Virginia, while in New York state, researchers at Cornell University are testing putting solar panels in a field where sheep graze. A city in Northern California says it has the largest floating solar farm in the U.S. at its wastewater treatment plant, and in January, a China-based energy company said it had built the world's largest floating solar array on a reservoir there. And last year, the Biden administration encouraged the development of solar projects on highway right-of-way, with a notice from the Federal Highway Administration telling field offices to work with states on ideas. Researchers at the University of Texas at Austin, including Webber, have said most states have more than 200 miles of interstate frontage suitable for solar development, especially near exits and rest stops. Creative locations have a particular benefit: fewer potential neighbors who might complain.Read more of this story at Slashdot.

Business Insider reports:Serhiy Storchaka, a Ukrainian developer, is the second-most prolific recent contributor to Python and tenth-most prolific of all time, according to Lukasz Langa, the Python Software Foundation's developer in residence, based in PoznaÅ, Poland... Storchaka faced an impossible choice as Russia invaded his country. Like many young male programmers in Ukraine, he decided to stay.... Storchaka lives outside of Konotop, a city in northeastern Ukraine which is occupied by Russian forces. He tweeted on February 26, "Russian tanks were on the road 2km from my house, and Russian armored vehicles were passing by my windows. Most likely, I will find myself in the occupied zone, where the law does not apply...." Insider was unable to contact Storchaka, but spoke with Langa... [A]s the military crisis worsened on Friday and over the weekend, the Python developer community rallied to help Storchaka's younger family members. Communicating with Storchaka's family through Google Translate, Langa managed to secure temporary housing for Storchaka's niece and best friend, aged 11. They crossed the border to Poland via bus with their mother, and met Langa, who drove over 300km to Warsaw to pick up keys and secure basic necessities for the family. "Two little 11-year-old girls (my niece and her best friend) are now safe thanks to @llanga," Storchaka tweeted last Monday, adding "My sister and I are immensely grateful." (He'd been especially worried because their town was near one of Ukraine's nuclear power plants, "a strategic target".) Business Insider points out Storchaka is just one of many Python core developers from Ukraine, and one of many Ukrainians working in its tech sector.Andrew Svetlov, another influential Python developer who specializes in asynchronous networking support, also remains in Ukraine.... Svetlov is in Kyiv, where Russian troops have surrounded the city.... "Neither of them wanted to leave their country, even in the face of the great risk this poses for them," Langa told Insider.Read more of this story at Slashdot.

"Every day, several petabytes of data are generated on the internet," says Kasra Tabatabaei, a researcher at the Beckman Institute for Advanced Science and Technology. "Only one gram of DNA would be sufficient to store that data." So the Institute is now announcing the results of a project Tabatabaei worked on "to transform the double helix into a robust, sustainable data storage platform." CNET reports:Tabatabaei is the co-author of a new study, published in last month's edition of the journal Nano Letters... Essentially, the study team is the first to artificially extend the DNA alphabet, which could allow for massive storage capacities and accommodate a pretty extreme level of digital data.... DNA encodes genetic information with four molecules called nucleotides. There's adenine, guanine, cytosine and thymine, or A, G, C and T. In a sense, DNA has a four-letter alphabet, and different letter combinations represent different bits of data.... But what if we had a longer alphabet? Presumably, that'd give us a much deeper capacity. Following this line of thought, the team behind the new study artificially added seven new letters to the DNA repertoire.... "Instead of converting zeroes and ones to A, G, C and T, we can convert zeroes and ones to A, G, C, T and the seven new letters in the storage alphabet." One of the study's co-principal investigators said their work "provides an exciting proof-of-principle demonstration of extending macromolecular data storage to non-natural chemistries, which hold the potential to drastically increase storage density in non-traditional storage media."Read more of this story at Slashdot.

Researchers at the University of Texas at Austin have identified a previously unknown structure of the protein that's responsible for making edits to the wrong sections of DNA. After some tweaking, they were able to reduce the likelihood of off-target mutations by 4,000 times. New Atlas reports: CRISPR tools use certain proteins, most often Cas9, to make precise edits to specific DNA sequences in living cells. This can involve cutting out problematic genes, such as those that cause disease, and/or slotting in beneficial ones. The problem is that sometimes the tool can make changes to the wrong parts, potentially triggering a range of other health issues. And in the new study, the UT researchers discovered how some of these errors can happen. Usually, the Cas9 protein is hunting for a specific sequence of 20 letters in the DNA code, but if it finds one where 18 out of 20 match its target, it might make its edit anyway. To find out why this occurs, the team used cryo-electron microscopy to observe what Cas9 is doing when it interacts with a mismatched sequence. To their surprise, they discovered a strange finger-like structure that had never been observed before. This finger reached out and stabilized the DNA sequence so the protein could still make its edit. Having uncovered this mechanism, the team tweaked this finger so that it no longer stabilized the DNA, instead pushing away from it. That prevents Cas9 from editing that sequence, making the tool 4,000 times less likely to produce off-target mutations. The team calls the new protein SuperFi-Cas9. The research was published in the journal Nature.Read more of this story at Slashdot.

The California Public Utilities Commission (CPUC) on Monday issued permits to self-driving units of General Motors and Alphabet to allow for passenger service in autonomous vehicles with safety drivers present. Reuters reports: CPUC said the GM unit Cruise and Alphabet's Waymo are under Drivered Deployment permits authorized to collect fares from passengers and may offer shared rides. Prior to the announcement Cruise and Waymo had been permitted to provide passenger service only on a testing basis with no fare collection permitted. Starting Monday, Cruise is allowed to provide the "Drivered Deployment" service on some public roads in San Francisco between the hours of 10 p.m. and 6 a.m. at speeds of up to 30 miles per hour, while Waymo can offer service in parts of San Francisco and San Mateo counties at speeds of up to 65 miles per hour, CPUC said. Neither company is allowed to operate during heavy fog or heavy rain. [...] Waymo said it has tens of thousands of riders on a waitlst in California after it launched a tester program in August. "We'll begin offering paid trips through the program in the coming weeks," the company said.Read more of this story at Slashdot.

In a statement to TechCrunch, a Samsung spokesperson said the company will release a software update to allow users to have more control over throttling. "Samsung has not provided details about when the update will roll out to users," notes the report. From the report: "Our priority is to deliver the best mobile experience for consumers. We value the feedback we receive about our products and after careful consideration, we plan to roll out a software update soon so users can control the performance while running game apps," a spokesperson from Samsung said in an email. Samsung's promise follows reports that the tech giant's phones are throttling the performance of around 10,000 apps, as first reported by Android Authority, and via Twitter complaints, plus Samsung's Korean community forums. The company's Game Optimizing Service (GOS) software, which optimizes the performance of CPU and GPU to prevent excessive heating when playing a game for a long time, appeared to be at the core of the issue, but the list of affected apps wasn't limited to games. However, Samsung has disputed claims that Game Optimizing Service was throttling non-gaming apps. "The Game Optimizing Service (GOS) has been designed to help game apps achieve a great performance while managing device temperature effectively. GOS does not manage the performance of non-gaming apps," the spokesperson said.Read more of this story at Slashdot.

An anonymous reader quotes a report from ABC News: State attorneys general have launched a nationwide investigation into TikTok and its possible harmful effects on young users' mental health, widening government scrutiny of the wildly popular video platform. The investigation was announced Wednesday by a number of states led by California, Florida, Kentucky, Massachusetts, Nebraska, New Jersey, Tennessee and Vermont. U.S. lawmakers and federal regulators have criticized TikTok, citing practices and computer-driven promotion of content they say can endanger the physical and mental health of young users. The platform has an estimated 1 billion monthly users and is especially popular with teens and younger children. Last month, Texas opened an investigation into TikTok's alleged violations of children's privacy and facilitation of human trafficking. "Our children are growing up in the age of social media -- and many feel like they need to measure up to the filtered versions of reality that they see on their screens," California Attorney General Rob Bonta said in a news release. "We know this takes a devastating toll on children's mental health and well-being." Bonta said the investigation aims determine if TikTok is violating the law in promoting its platform to young people. Government officials and child-safety advocates maintain that TikTok's computer algorithms pushing video content to users can promote eating disorders and even self-harm and suicide to young viewers. "We care deeply about building an experience that helps to protect and support the well-being of our community, and appreciate that the state attorneys general are focusing on the safety of younger users," the company said Wednesday. "We look forward to providing information on the many safety and privacy protections we have for teens."Read more of this story at Slashdot.

The Wikimedia Foundation has issued a statement supporting Russian Wikipedia volunteers after a censorship demand from internet regulators. From a report: On Tuesday, tech and communications regulator Roskomnadzor threatened to block Wikipedia over the Russian-language page covering Russia's invasion of Ukraine, claiming it contained "false messages" about war casualties and the effects of economic sanctions, among other things. "On March 1st 2022 the Wikimedia Foundation received a Russian government demand to remove content related to the unprovoked invasion of Ukraine posted by volunteer contributors to Russian Wikipedia," reads the statement sent to The Verge via email. "As ever, Wikipedia is an important source of reliable, factual information in this crisis. In recognition of this important role, we will not back down in the face of efforts to censor and intimidate members of our movement. We stand by our mission to deliver free knowledge to the world."Read more of this story at Slashdot.

Apple has set an April 11 deadline for corporate employees in the U.S. to return to offices like Apple Park, according to Bloomberg's Mark Gurman. MacRumors reports: Apple is planning for a hybrid in-office and at-home work schedule going forward. The report states that Apple employees will be required to work from the office at least one day per week by April 11, at least two days per week by May 2, and at least three days per week by May 23. Those three days would be Mondays, Tuesdays, and Thursdays, with most employees having the option to work remotely on Wednesdays and Fridays. "For many of you, I know that returning to the office represents a long-awaited milestone and a positive sign that we can engage more fully with the colleagues who play such an important role in our lives," said Apple CEO Tim Cook, in a memo to employees obtained by Bloomberg. "For others, it may also be an unsettling change." Apple's corporate employees have largely been working from home since the start of the pandemic. Apple executives have routinely made it clear that employees would eventually need to return to the office once it is safer to do so, despite some employees objecting. Apple's decisions comes just a few days after Google said that its employees would need to return to offices starting April 4.Read more of this story at Slashdot.

A leading American Internet service provider, Cogent Communications, said it was severing relations with Russian customers on Friday, a move that gives Ukrainian officials another victory in their campaign to isolate Russia online. The Washington Post reports: Cogent chief executive Dave Schaeffer said the company did not want to keep ordinary Russians off the Internet but did want to prevent the Russian government from using Cogent's networks to launch cyberattacks or deliver propaganda targeting Ukraine at a time of war. "Our goal is not to hurt anyone. It's just to not empower the Russian government to have another tool in their war chest," Schaeffer said in an interview with The Washington Post. Cogent, based in Washington, D.C., is one of the world's largest providers of what's known as Internet backbone -- roughly comparable to the interstate highway system, providing the primary conduit for data flows that local companies then route to individual domains. Schaeffer said Cogent's networks carry about one-quarter of the world's Internet traffic. Cogent has several dozen customers in Russia, with many of them, such as state-owned telecommunications giant Rostelecom, being close to the government. Russia, like most nations, is connected to the world by several backbone providers, but Cogent is among its largest. The company began terminating its Russian companies at noon Friday but was doing so gradually. Some customers asked for a delay of up to several days while they found other Internet sources, Schaeffer said, and the company is trying to accommodate those requests. "We're pretty confident that we're not interfering with anyone's ability to get some information," he said, though he acknowledged the likelihood of slowdowns and other disruptions with Russia. "In light of the unwarranted and unprovoked invasion of Ukraine, Cogent is terminating all of your services effective at 5 p.m. GMT on March 4, 2022," wrote Cogent in a letter to one of their Russian customers. "The economic sanctions put in place as a result of the invasion and the increasingly uncertain security situation make it impossible for Cogent to continue to provide you with service. All Cogent-provided ports and IP address space will be reclaimed as of the termination date."Read more of this story at Slashdot.

An anonymous reader quotes a report from BuzzFeed News: Facebook and Twitter on Friday were blocked in Russia, amid President Vladimir Putin's ongoing military invasion of Ukraine. In a statement issued on Friday, Roskomnadzor, the country's communications regulator, explained the decision was made to "block access to the Facebook network" after at least 26 cases of "discrimination against Russian media and information resources" since October 2020. The agency highlighted Facebook's recent restriction of Kremlin-tied media sources RT News and Sputnik News across the EU. Hours later, Russian news agency Interfax reported that Roskomnadzor had also begun blocking Twitter. "Soon millions of ordinary Russians will find themselves cut off from reliable information, deprived of their everyday ways of connecting with family and friends and silenced from speaking out," Nick Clegg, president of global affairs for Facebook parent Meta, wrote on Twitter in response. "We will continue to do everything we can to restore our services so they remain available to people to safely and securely express themselves and organize for action." Yesterday, Russian state-controlled news network RT announced it would be "ceasing production" and laying off most of its staff after YouTube blocked its channels.Read more of this story at Slashdot.

HTC's slow-motion fall from smartphone grace is reportedly set to continue in 2022, with the company said to be working on a new "metaverse"-focused phone in April as the remnants of the once-flagship smartphone company continues to desperately cling to whatever zeitgeist term it can to stay afloat, according to DigiTimes. The Verge: The news comes from Charles Huang, HTC's general manager for the Asia-Pacific region, who reportedly commented at MWC 2022 that the company would be introducing a new high-end smartphone next month with unspecified "metaverse" features. Details are slim, including any specs, markets it'll be released in, or even what kind of AR or VR features the new device will offer. The news sounds a lot like HTC's last major pivot towards relevancy: its Exodus line of blockchain phones that its offered for the past few years. Promising decentralized apps ("Dapps") and a built-in cryptocurrency wallet, the phones could run blockchain nodes and even mine paltry amounts of cryptocurrency, but -- like many instances of blockchain technology -- it was a solution largely in search of a problem that never really took off.Read more of this story at Slashdot.

shanen shares a report: Data extortionists who stole up to 1 terabyte of data from Nvidia have delivered one of the most unusual ultimatums ever in the annals of cybercrime: allow Nvidia's graphics cards to mine cryptocurrencies faster or face the imminent release of the company's crown-jewel source code. A ransomware group calling itself Lapsus$ first claimed last week that it had hacked into Nvidia's corporate network and stolen more than 1TB of data. Included in the theft, the group claims, are schematics and source code for drivers and firmware. A relative newcomer to the ransomware scene, Lapsus$ has already published one tranche of leaked files, which among other things included the usernames and cryptographic hashes for 71,335 of the chipmaker's employees.Read more of this story at Slashdot.

After years of zooming through deep space, a presumed leftover piece of a Chinese rocket slammed into the Moon today, just as space tracking experts expected it would. From a report: At least, it should have hit the Moon around 7:30AM ET this morning, as long as the law of gravity has not changed. The collision brings an end to the rocket's life in space and likely leaves a fresh new crater on the Moon that may be up to 65 feet wide. The now-expired rocket has caused quite a buzz this past month. First of all, the vehicle was never intended to crash into the Moon, making it a rare piece of space debris to find its way to the lunar surface by accident. Additionally, there was some confusion over its identity, with various groups trying to nail down exactly where the rocket came from. Originally, space trackers thought it was a leftover piece of a SpaceX Falcon 9 rocket that had launched a weather satellite back in 2015. But after careful analysis, various groups of space trackers confirmed that the rocket was likely leftover from the launch of China's Chang'e 5-T1 mission -- a flight that launched in 2014 to test out technology needed to bring samples back from the Moon. That mission, launched on a Chinese Long March 3C rocket, sent a spacecraft looping around the Moon in an attempt to see if China could send a vehicle to the Moon and then bring it back to Earth. Given the flight profile of the Chang'e 5-T1 mission and the tracking of the mystery object, astronomers are fairly certain that a chunk of the Long March 3C rocket has remained in an extremely elongated orbit around Earth ever since, only to find its way to the far side of the Moon.Read more of this story at Slashdot.

Two of the world's biggest cryptocurrency exchanges, Coinbase and Binance, rejected calls on Friday for a blanket ban on all Russian users to stop their platforms from being used as a way round Western sanctions. From a report: "We believe everyone deserves access to basic financial services unless the law says otherwise," Coinbase Chief Executive Officer Brian Armstrong said in a series of tweets on Friday. The exchange, however, would enforce such a blanket ban if the U.S. government decides to impose one, Armstrong added. "We are not going to unilaterally freeze millions of innocent users' accounts," a spokesperson of Binance, the world's biggest crypto exchange, said in an emailed statement to Reuters. Both cryptocurrency exchanges have said they will comply with government sanctions. Major crypto exchanges have been urged to ban their services in Russia to prevent sanctioned entities from parking their assets using cryptocurrencies. The exchanges, however, insist they are well equipped to avoid abuse of their platforms.Read more of this story at Slashdot.

An anonymous reader quotes a report from TechCrunch: When Erik Johnson couldn't get his university's mobile student ID app to reliably work, he sought to find a workaround. The app is fairly important, since it allows him and every other student at his university to pay for meals, get into events and even unlock doors to dorm rooms, labs and other facilities across campus. The app is called GET Mobile, and it's developed by CBORD, a technology company that brings access control and payment systems to hospitals and universities. But Johnson -- and the many who left the app one-star reviews in frustration -- said the app was slow and would take too long to load. There had to be a better way. And so by analyzing the app's network data at the same time he unlocked his dorm room door, Johnson found a way to replicate the network request and unlock the door by using a one-tap Shortcut button on his iPhone. For it to work, the Shortcut has to first send his precise location along with the door unlock request or his door won't open. Johnson said as a security measure students have to be physically in proximity to unlock doors using the app, seen as a measure aimed at preventing accidental door openings across campus. It worked, but why stop there? If he could unlock a door without needing the app, what other tasks could he replicate? Johnson didn't have to look far for help. CBORD publishes a list of commands available through its API, which can be controlled using a student's credentials, like his. But he soon found a problem: The API was not checking if a student's credentials were valid. That meant Johnson, or anyone else on the internet, could communicate with the API and take over another student's account without having to know their password. Johnson said the API only checked the student's unique ID, but warned that these are sometimes the same as a university-issued student username or student ID number, which some schools publicly list on their online student directories, and as such cannot be considered a secret. Johnson described the password bug as a "master key" to his university -- at least to the doors that are controlled by CBORD. As for needing to be in close proximity to a door to unlock it, Johnson said the bug allowed him to trick the API into thinking he was physically present -- simply by sending back the approximate coordinates of the lock itself. The vulnerability was fixed and session keys were invalidated shortly after TechCrunch shared details of the bug with CBORD.Read more of this story at Slashdot.

BleepingComputer was recently contacted by an alleged "venture capitalist" firm that wanted to invest or purchase our site. However, as we later discovered, this was a malicious campaign designed to install malware that provides remote access to our devices. Lawrence Abrams from BleepingComputer writes: Last week, BleepingComputer received an email to our contact form from an IP address belonging to a United Kingdom virtual server company. Writing about cybersecurity for so long, I am paranoid regarding email, messaging, and visiting unknown websites. So, I immediately grew suspicious of the email, fired up a virtual machine and VPN, and did a search for Vuxner. Google showed only a few results for 'Vuxner,' with one being for a well-designed and legitimate-looking vuxner[.]com, a site promoting "Vuxner Chat -- Next level of privacy with free instant messaging." As this appeared to be the "Vuxner chat" the threat actors referenced in their email, BleepingComputer attempted to download it and run it on a virtual machine. BleepingComputer found that the VuxnerChat.exe download [VirusTotal] actually installs the "Trillian" messaging app and then downloads further malware onto the computer after Trillian finishes installing. As this type of campaign looked similar to other campaigns that have pushed remote access and password-stealing trojans in the past, BleepingComputer reached out to cybersecurity firm Cluster25 who has previously helped BleepingComputer diagnose similar malware attacks in the past. Cluster25 researchers explain in a report coordinated with BleepingComputer that the Vuxner[.]com is hosted behind Cloudflare, however they could still determine hosting server's actual address at 86.104.15[.]123. The researchers state that the Vuxner Chat program is being used as a decoy for installing a remote desktop software known as RuRAT, which is used as a remote access trojan. Once a user installs the Vuxner Trillian client and exits the installer, it will download and execute a Setup.exe executable [VirusTotal] from https://vuxner[.]com/setup.exe. When done, the victim will be left with a C:\swrbldin folder filled with a variety of batch files, VBS scripts, and other files used to install RuRAT on the device. Cluster25 told BleepingComputer that the threat actors are using this attack to gain initial access to a device and then take control over the host. Once they control the host, they can search for credentials and sensitive data or use the device as a launchpad to spread laterally in a network.Read more of this story at Slashdot.

cartechboy writes: Rivian's CEO, RJ Scaringe, admitted the company messed up. In a lengthy apology, the executive said the company broke people's trust. Rivian's walking back the large, in some cases 20%, price increases introduced earlier in the week for any preorder holder prior to March 1. [However, the price increases stay in effect for anyone who ordered after March 1.] "We wrongly decided to make these changes apply to all future deliveries, including pre-existing configured preorders," Scaringe said, noting that the company "failed to to appreciate" how customers viewed their configurations and pricing. Scaringe also acknowledged the company "wrongly assumed" the newly announced dual-motor models and standard battery pack would provide satisfactory price points similar to the original configurations.Read more of this story at Slashdot.

Russian forces shelled Europe's largest nuclear plant early Friday in the battle for control of a crucial energy-producing city, and the power station was on fire. The Associated Press reports: Plant spokesman Andriy Tuz told Ukrainian television that shells were falling directly on the Zaporizhzhia plant and had set fire to one of the facility's six reactors. That reactor is under renovation and not operating, but there is nuclear fuel inside, he said. Firefighters cannot get near the fire because they are being shot at, Tuz said. A government official told The Associated Press that elevated levels of radiation were detected near the site of the plant, which provides about 25% of Ukraine's power generation. The official spoke on condition of anonymity because the information has not yet been publicly released. Tuz said it is urgent to stop the fighting to put out the flames. Mayor Dmytro Orlov and the Ukrainian state atomic energy company reported that a Russian military column was heading toward the nuclear plant. Loud shots and rocket fire were heard late Thursday. [...] Ukrainian Prime Minister Denys Shmyhal called on the West to close the skies over the country's nuclear plants as fighting intensified. "It is a question of the security of the whole world!" he said in a statement. The U.S. and NATO allies have ruled out creating a no-fly zone since the move would pit Russian and Western military forces against each other.Read more of this story at Slashdot.

A new finding suggests Samsung is throttling the performance of thousands of Android apps on Galaxy smartphones, including Google and Samsung's first-party apps. XDA Developers reports: Samsung has an app called Game Optimization Service that comes preinstalled on many Galaxy phones. Although the name suggests the app helps improve gaming performance, it's apparently being used to limit the performance of non-gaming apps. Users on the Korean tech forum Meeco have posted a list of affected apps that are subject to performance throttling. The list includes 10,000 popular apps, including Instagram, TikTok, Netflix, Microsoft Office, Google Keep, Spotify, Snapchat, YouTube Music, and more. Samsung's own apps such as Samsung Pay, Secure Folder, Bixby, and others are also on the list. Notably, there are no benchmark apps on this blacklist. A video posted by Korean YouTuber shows how blacklisted apps are subject to inferior performance while benchmark apps are given a free hand. In his test, the YouTuber changed the package name of the 3DMark benchmark app to Genshin Impact, one of the apps on the blacklist. The unmodified version of 3D Mark scored 2618 points in the Wild Life Extreme test. When he ran the same test with the spoofed version, there was a significant drop in the score -- 1141 points. In other words, the spoofed version performed 56% worse than the unmodified version. It's not immediately clear if the Game Optimization Service app is installed on every Galaxy phone. Samsung is reportedly aware of the issue and conducting an internal investigation. "While Samsung hasn't clarified why it's throttling Android apps, it's likely in an attempt to improve battery life," notes XDA.Read more of this story at Slashdot.

An anonymous reader quotes a report from TorrentFreak: Sci-Hub founder Alexandra Elbakyan says that following a legal process, the Federal Bureau of Investigations has gained access to data in her Google account. Google itself informed her of the data release this week noting that due to a court order, the company wasn't allowed to inform her sooner. In January 2021, Twitter suspended the official Sci-Hub account so when site updates are published, they now tend to appear on Elbakyan's personal account. A new tweet this week reveals that Google was also required to hand over her account data. In an email to Elbakyan dated March 2, 2022, Google advises that following a legal process issued by the FBI, Google was required to hand over data associated with Elbakyan's account. Exactly what data was targeted isn't made clear but according to Google, a court order required the company to keep the request a secret. [...] Google notes that since it is "not in a position" to provide Elbakyan with legal advice or to discuss the substance of the legal process, the Sci-Hub founder may wish to contact an attorney. The big question remains -- what exactly is the investigation about? Given the scale of Sci-Hub and its notoriety around the world, it's certainly possible that a criminal copyright infringement investigation is underway in the United States that could feasibly lead to an indictment for Elbakyan and any cohorts involved in the operation. However, more serious allegations have been made in the past. Back in December 2019, The Washington Post reported that Elbakyan was being investigated by the US Justice Department on suspicion that she "may" be working with Russian intelligence to "steal U.S. military secrets from defense contractors." No solid evidence was published to back up those allegations but the publication did note that Elbakyan may have collected log-in credentials from journal subscribers in order to access academic literature, presumably so that it can be offered on Sci-Hub. "I know there are some reasons to suspect me: after all, I have education in computer security and was a hobby hacker in teenage years," said Elbakyan in a statement. "But hacking is not my occupation, and I do not have any job within any intelligence, either Russian or some another." She added: "I think that whether I can be a Russian spy is being investigated by U.S. government since they learned about Sci-Hub, because that is very logical: a Russian project, that uses university accounts to access some information, of course that is suspicious. But in fact Sci-Hub has always been my personal enterprise."Read more of this story at Slashdot.

Russia has decided to stop supplying rocket engines to the United States in retaliation for its sanctions against Russia over Ukraine. Reuters reports: "In a situation like this we can't supply the United States with our world's best rocket engines. Let them fly on something else, their broomsticks, I don't know what," [Dmitry Rogozin, head of the state space agency Roscosmos, said on state Russian television]. According to Rogozin, Russia has delivered a total of 122 RD-180 engines to the U.S. since 1990s, of which 98 have been used to power Atlas launch vehicles. Roscosmos will also stop servicing rocket engines it had previously delivered to the U.S., Rogozin said, adding that the U.S. still had 24 engines that would now be left without Russian technical assistance. Russia has earlier said it was suspending cooperation with Europe on space launches from the Kourou spaceport in French Guiana in response to Western sanctions over Ukraine. Moscow has also demanded guarantees from British satellite company OneWeb that its satellites would not be used for military purposes. OneWeb, in which the British government has a stake, said on Thursday it was suspending all launches from Russia's Baikonur Cosmodrome in Kazakhstan. Rogozin said Russia would now focus on creating dual-purpose spacecraft in line with the needs of Roscosmos and the Defence Ministry.Read more of this story at Slashdot.

Meta, formerly Facebook, has said that its grand ambition of building the ultimate "metaverse" won't be possible if there aren't drastic improvements in today's telecoms networks. CNBC reports: Dan Rabinovitsj, VP of connectivity at Meta, told CNBC at the Mobile World Congress tech event Monday that home networks and cellular networks aren't yet ready for the metaverse. "We're working closely with our colleagues to think about what's the next step in terms of innovation," he said, adding that Meta is also working with cellular partners. "If you really look at the pace of innovation in the telecom world, compared to other markets, it's been harder to go faster in this space," Rabinovitsj said. "One of the things that we've tried to change is that trajectory of innovation." "We need to develop a common language around the performance of networks," Rabinovitsj said. "We're actually big believers in measurement as foundational in this next phase of work." Mark Zuckerberg, Meta's founder and CEO, said in a statement Sunday that "creating a true sense of presence in virtual worlds delivered to smart glasses and VR headsets will require massive advances in connectivity." Zuckerberg said this will need to be "bigger than any of the step changes we've seen before," adding that things like wide-scale immersive video streaming will take entirely new types of networks. In response, Marc Allera, CEO of the consumer division of U.K. mobile network BT, told CNBC Wednesday that he expects the metaverse to place a strain on today's networks. However, he said the telecoms industry is spending billions on new technology. "When you stop and think about what you're able to do on a smartphone today, compared to 10 years ago, that's as a result of this industry and network operators investing huge amounts of money with no contribution made by content companies on these networks," Allera said ahead of a meeting with representatives from Meta. "I'll try and understand what their role in supporting this ecosystem is other than just asking what we're doing about it," he added.Read more of this story at Slashdot.

An anonymous reader quotes a report from the New York Times: The Russian state-controlled news network RT said on Thursday that it would start broadcasting on the video site Rumble, two days after YouTube announced that it would be blocking channels connected to RT and another Russian state-backed outlet, Sputnik, across Europe. "After a multitude of platforms have moved to knock out our broadcast and limit social media, you can stay on top of our LIVE broadcast," RT posted on Twitter Thursday. Rumble, which was founded in 2013 to compete with YouTube, is one of several alternative platforms that have attracted millions of users with the promise of a space untethered by what many on the American right have called a censorship of conservative voices. Prominent voices on the platform include Stephen Bannon, former President Donald J. Trump's onetime chief strategist, and Sean Hannity of Fox News. On Thursday afternoon, Misha Solodovnikov, the general manager of the production company behind RT America, T&R Productions, told staff that RT "will be ceasing production" and "must lay off most of its staff who work at all its locations," according to a company memo seen by The New York Times. RT America has offices in Miami, New York, Los Angeles and Washington. Mr. Solodovnikov cited "unforeseen business interruption events" as a reason for the company's announcement.Read more of this story at Slashdot.

Two widely used ConsenSys software products, MetaMask and Infura, announced that they "are unavailable in certain jurisdictions due to legal compliance." From a report: The post did not give further information about the compliance issues or the affected jurisdictions, but subsequent tweets point to U.S. and international sanctions on Russia regarding the war in Ukraine. Decrypt has reached out to ConsenSys for clarification regarding its policy of geoblocking IP addresses. The announcement took on added importance after Venezuelans found themselves all but cut off from the Ethereum network today, with many reporting they had been blocked from their wallets. Infura, which hosts Ethereum nodes and operates the blockchain infrastructure on behalf of companies, tweeted that the outage resulted from reconfiguring settings to comply with fresh sanctions. "We mistakenly configured the settings more broadly than they needed to be." The project says it's since resolved the issue and restored access. Around the same time, MetaMask explained that the Infura reconfiguration resulted in a knock-on effect for wallet users.Read more of this story at Slashdot.

Backblaze has published its first SSD edition of the Drive Stats report. A Slashdot reader writes: This edition focuses exclusively on their SSDs as opposed to their quarterly and annual Drive Stats reports which, until last year, focused exclusively on HDDs. Initially they expect to publish the SSD edition twice a year, although that could change depending on its value to readers. They'll continue to publish the HDD Drive Stats reports quarterly. It's an interesting look at SSD reliability in a commercial environment and may be useful to anyone wondering what drive they should (or shouldn't) consider for their own deployment.Read more of this story at Slashdot.

The international non-profit that coordinates management of the internet told Ukraine it will not intervene in the country's war with Russia, rebuffing a request to cut Russia off from the global internet. From a report: Ukraine's proposal is neither technically feasible nor within the mission of ICANN, said the Internet Corporation for Assigned Names and Numbers, according to a letter ICANN sent to Ukrainian officials on Wednesday. s you know, the Internet is a decentralized system. No one actor has the ability to control it or shut it down," ICANN CEO Goran Marby wrote in the the letter. Marby expressed his personal concern about Ukrainians' well-being as well as the "terrible toll being exacted on your country." But, he wrote, "our mission does not extend to taking punitive actions, issuing sanctions, or restricting access against segments of the Internet -- regardless of the provocations."Read more of this story at Slashdot.