Feed slashdot Slashdot

Favorite IconSlashdot

Link https://slashdot.org/
Feed https://rss.slashdot.org/Slashdot/slashdotMain
Copyright Copyright Slashdot Media. All Rights Reserved.
Updated 2025-07-11 09:00
Lufthansa Says Passengers Can't Use Apple AirTags to Track Checked Bags
Citing rules issued by the International Civil Aviation Organization (ICAO), German airliner Lufthansa says it is banning activated Apple AirTags from luggage "as they are classified as dangerous and need to be turned off." Slashdot reader AmiMoJo first shared the news with us. The New York Times reports: Lufthansa, a German airline, set off confusion recently after telling passengers that they could not use trackers like Apple AirTags in checked baggage because of international guidelines for personal electronic devices. Apple rejected that interpretation on Tuesday, saying its trackers comply with all regulations. It does not appear that any other airlines are requiring passengers to turn off the trackers, which have become popular as a way to find lost baggage. Lufthansa found itself in the middle of the issue when reports surfaced in the German news media that the devices were prohibited. Though Lufthansa said it has no desire to prohibit the devices that it deemed safe, the airline seems to have stepped in a mess based on the reading of obscure international guidelines and regulations, with no clear consensus on what is and is not allowed in Europe. Lufthansa said on Sunday on Twitter that the trackers must be deactivated in checked baggage on its flights, citing the International Civil Aviation Organization's guidelines for dangerous goods as well as the trackers' "transmission function." Shutting off the trackers renders them useless. The airline has not issued a specific policy prohibiting baggage trackers. Rather, it says it is at the mercy of the rules. On Tuesday, the airline said it was "in close contact with the respective institutions to find a solution as quickly as possible." It also indicated its own examination saw no danger from their use. "The Lufthansa Group has conducted its own risk assessment with the result that tracking devices with very low battery and transmission power in checked luggage do not pose a safety risk," said Martin Leutke, a Lufthansa spokesman. "We have never issued a ban on devices like that. It is on the authorities to adapt regulations that right now limit the use of these devices for airline passengers in checked luggage." In its statement, Apple said that AirTags are "compliant with international airline travel safety regulations for carry-on and checked baggage."Read more of this story at Slashdot.
Many US Drivers Treat Partially Automated Cars As Self-Driving
An anonymous reader quotes a report from Reuters: Drivers using advanced driver assistance systems like Tesla Autopilot or General Motors Super Cruise often treat their vehicles as fully self-driving despite warnings, a new study has found. The Insurance Institute for Highway Safety (IIHS), an industry funded group that prods automakers to make safer vehicles, said on Tuesday a survey found regular users of Super Cruise, Nissan/Infiniti ProPILOT Assist and Tesla Autopilot "said they were more likely to perform non-driving-related activities like eating or texting while using their partial automation systems than while driving unassisted." The IIHS study of 600 active users found 53% of Super Cruise, 42% of Autopilot and 12% of ProPILOT Assist owners "said that they were comfortable treating their vehicles as fully self-driving." About 40% of users of Autopilot and Super Cruise -- two systems with lockout features for failing to pay attention -- reported systems had at some point switched off while they were driving and would not reactivate. "The big-picture message here is that the early adopters of these systems still have a poor understanding of the technology's limits," said IIHS President David Harkey.Read more of this story at Slashdot.
Nike Moves To Crimp Resellers and Might Cancel Orders Made Using Bots
Nike wants to keep a closer eye on resellers. In a sweeping update to its rules for U.S. shoppers this month, the sneaker giant said it could cancel orders placed with automated ordering software or technology on its website or apps. From a report: The company also said it could charge restocking fees, decline to issue refunds or suspend the accounts of people it determines are buying its shoes, apparel or other items with the intent to resell them. Orders that exceed product purchase limits -- which Nike can implement on highly coveted items -- could be rejected, according to the revised rules posted on Nike's website. Nike previously prohibited the purchase of products for resale but the rules update expands the company's response if it identifies such activity taking place. Its rules had also banned purchases deemed to be fraudulent but didn't explicitly mention the use of specialized software, known as bots.Read more of this story at Slashdot.
Meta Announces Legs
Meta didn't hold back with their announcements at Meta Connect this year. As Facebook has done every year or so, the company is shaking up their avatar products. From a report: This year as Meta focuses more heavily on the metaverse, the company made a big addition to their updated higher-detail avatars: legs. The announcement that the avatars, which were previously floating torsos with arms and heads, now have evolved to walk was something Zuckerberg was very excited about with his avatar jumping for joy during the keynote.Read more of this story at Slashdot.
Epic Games and Match Look To Expand Their Antitrust Claims Against Google
Epic Games and Match Group are looking to fortify their antitrust lawsuits against Google by adding new counts to their initial complaint, filed last year, which illustrate the lengths Google supposedly went to in order to dominate the Android app market. From a report: The companies on Friday filed a motion to amend their complaints in their cases against Google, which now allege that Google paid off business rivals not to start other app stores that would put them in competition with Google Play. This would be a direct violation of U.S. antitrust law known as the Sherman Act, the amended complaint states. [...] Now, Epic Games and Match Group are looking to add to their complaint with two new allegations specifying how Google had either paid or otherwise induced its potential competitors to agree to not distribute apps on Android in competition with the Play Store, including through their own competing app stores. Google, it says, had identified developers who were "most at risk...of attrition from Play" and then approached them with an offer of an agreement. The complaint now deems this a "per se" violation of Section 1 of the Sherman Act, which prohibits "every contract, combination in the form of trust or otherwise, or conspiracy, in restraint of trade or commerce among the several States, or with foreign nations," it says.Read more of this story at Slashdot.
Intel and Google Cloud Launch New Chip To Improve Data Center Performance
Intel and Google Cloud on Tuesday said they have launched a co-designed chip that can make data centers more secure and efficient. From a report: The E2000 chip, code named Mount Evans, takes over the work of packaging data for networking from the expensive central processing units (CPU) that do the main computing. It also offers better security between different customers that may be sharing CPUs in the cloud, explained Google's vice president of engineering, Amin Vahdat. Chips are made up of basic processors called cores. There can be hundreds of cores on a chip and sometimes information can bleed between them. The E2000 creates secure routes to each core to prevent such a scenario. Companies are running increasingly complex algorithms, using progressively bigger data sets, at a time when the performance improvement of chips like CPUs is slowing down. Cloud companies are therefore looking for ways to make the data center itself more productive.Read more of this story at Slashdot.
Google Selects Coinbase To Take Cloud Payments With Cryptocurrencies and Will Use Its Custody Tool
Google said Tuesday that it will rely on Coinbase to start letting some customers pay for cloud services with cryptocurrencies early in 2023, while Coinbase said it would draw on Google's cloud infrastructure. From a report: The deal, announced at Google's Cloud Next conference, might succeed in luring cutting-edge companies to Google in a fierce, fast-growing market, where Google's top competitors do not currently permit clients to pay with digital currencies. The cloud business helps diversify Google parent Alphabet away from advertising, and it now accounts for 9% of revenue, up from less than 6% three years ago, as it is expanding more quickly than Alphabet as a whole. Coinbase, which generates a majority of its revenue from retail transactions, will move data-related applications to Google from the market-leading Amazon Web Services cloud, which Coinbase has relied on for years, said Jim Migdal, Coinbase's vice president of business development. The Google Cloud Platform infrastructure service will initially accept cryptocurrency payments from a handful of customers in the Web3 world who want to pay with cryptocurrency, thanks to an integration with the Coinbase Commerce service, said Amit Zavery, vice president and general manager and head of platform at Google Cloud, in an interview with CNBC.Read more of this story at Slashdot.
Brands Are Spamming WhatsApp Users in India, Facebook's Largest Market
As Meta makes deeper inroads with businesses on WhatsApp, its biggest bet to monetize the instant messaging app with over 2 billion users, we are getting an early glimpse at how user experience might change on the free app. It's not great. From a report: Scores of people in India, WhatsApp's largest market by users with over 500 million accounts, have complained about getting too many spam texts from businesses in recent months. WhatsApp, which quickly displaced the SMS app in the country by offering free texts, is increasingly looking like that SMS app, users say. Thousands of brands in India have signed up for WhatsApp, consistently succeeding in reaching eyeballs of more than 80% users, a person familiar with the matter said, a figure miles ahead of campaigns run on emails and traditional texts. What's more annoying is that even after users have blocked some businesses, many return to the inbox from different phone numbers, according to author's account.Read more of this story at Slashdot.
Starlink Makes Maiden Asia Foray With Japan Launch
Starlink has debuted in Japan, making it the first Asian nation to receive SpaceX's satellite internet service. From a report: Much of the country's north, including Tokyo, can now receive Starlink's signals, according to a map the startup shared on Twitter. Other areas including southern Japan and Hokkaido are expected to receive the service by the fourth quarter, before neighboring South Korea early next year.Read more of this story at Slashdot.
Biden Proposal Could Lead To Employee Status for Gig Workers
The Labor Department on Tuesday unveiled a proposal that would make it more likely for millions of janitors, home-care and construction workers and gig drivers to be classified as employees rather than independent contractors. From a report: Companies are required to provide certain benefits and protections to employees but not to contractors, such as paying a minimum wage, overtime, a portion of a worker's Social Security taxes and contributions to unemployment insurance. The proposed rule is essentially a test that the Labor Department will apply to determine whether workers are contractors or employees for companies. The test considers factors such as how much control workers have over how they do their jobs and how much opportunity they have to increase their earnings by doing things like offering new services. Workers who have little of either are often considered employees. The new version of the test lowers the bar for that employee classification from the current test, which the Trump's administration's Labor Department created. The proposal is intended as a so-called interpretive rule that doesn't have the legal force of a regulation specifically authorized by Congress, and it applies only to laws that the department enforces, such as the federal minimum wage. States and other federal agencies, like the Internal Revenue Service, set their own criteria for employment status, and the rule would not directly affect what they decided about the status of gig workers. But many employers and regulators in other jurisdictions are likely to consider the department's interpretation when making decisions about worker classification, and many judges are likely to use it as a guide. As a result, the proposal is a potential blow to gig companies and other service providers that argue their workers are contractors, though it would not immediately affect the status of those workers.Read more of this story at Slashdot.
A Turbine Prototype Just Broke a 24-Hour Wind Power World Record
An anonymous reader quotes a report from Electrek: Siemens Gamesa's 14-222 DD offshore wind turbine prototype has, according to the Spanish-German wind giant today, set a world record for the most power output by a single wind turbine in a 24-hour period: 359 megawatt-hours. This would be enough energy, according to the company, for a mid-sized electric vehicle -- think a Tesla Model 3 -- to drive around 1.12 million miles (1.8 million km). Siemens Gamesa's huge wind turbine achieved this power output milestone only 10 months after it produced its first electricity and delivered it to the grid at the test center in Osterild, Denmark. The SG 14-222 DD is a 14 megawatt (MW) offshore wind turbine with a capacity of up to 15 MW with Power Boost. It features a 222-meter (728 feet) diameter rotor, 108-meter-long (354-feet-long) B108 blades that are cast in a single piece and can now be recycled, and a swept area of 39,000 square meters (419,792 square feet). The SG 14-222 DD can provide enough energy to power around 18,000 households annually. In June, Siemens Gamesa was awarded a firm order for 60 of its SG 14-222 DD offshore wind turbines, which will be installed at the 882-megawatt (MW) Moray West offshore wind farm in Scotland. It will be the first installation of this model. Siemens Gamesa writes: "By increasing the rotor diameter to 222 meters with 108 meter-long blades, the SG 14-222 DD delivers more than 25% [annual energy production] AEP compared to its predecessor."Read more of this story at Slashdot.
SpaceX Competitor Lynk Testing 5G Cellphone Service From Space
Lynk, a competitor to the much larger SpaceX, plans to offer an experimental 5G cellular base station aboard a mission in December, working alongside an undisclosed cellular partner. Space.com reports: The experimental payload will launch on Lynk's second commercial satellite, company officials said. "This test will demonstrate the ability to send a 5G signal from space to standard mobile devices on Earth," Lynk officials wrote in late September. The test is a shot across the bow to SpaceX, which has already signed a deal with T-Mobile for cellular service but, unlike Lynk, does not yet have Federal Communications Commission (FCC) approval. Lynk received the prized FCC thumbs-up just a few weeks ago. Lynk and SpaceX are jostling for market access to people living in rural areas who lack access to standard internet service. Lynk already tested a satellite-to-phone service link last year, according to Via Satellite, and is ramping up service fast in a bid to keep ahead of the competition. "We are actively testing satellite-direct-to-phone-services in 12 countries on five continents," Dan Dooley, chief commercial officer of Lynk, said in the same company statement. The company's patent allows the orbiting cell tower to link up with standard 5G devices in 55 countries, Lynk says.Read more of this story at Slashdot.
Stoke Space Aims To Build Rapidly Reusable Rocket With a Completely Novel Design
Andy Lapsa and Tom Feldman, former Blue Origin engineers and the founders of Stoke Space, are working to develop the first fully recyclable space rocket -- one that features a reusable first and second stage. Here's an excerpt from Ars Technica's exclusive report, written by Eric Berger: In the 20 months since its initial seed round of funding, Stoke has built a second-stage engine, a prototype for the second stage, turbopumps, and manufacturing facilities. It also increased its headcount to 72 people and finalized the overall design for the rocket, which has a lift capacity of 1.65 metric tons to low-Earth orbit, in fully reusable mode. Last month, the company started to test-fire its upper-stage engines at a facility in Moses Lake, Washington. The images and video show an intriguing-looking ring with 15 discrete thrusters firing for several seconds. The circular structure is 13 feet in diameter, and this novel-looking design is Stoke's answer to one of the biggest challenges of getting a second stage back from orbit. Most commonly, a traditional rocket has an upper stage with a single engine. This second-stage rocket engine has a larger nozzle -- often bell-shaped -- to optimize the flow of engine exhaust in a vacuum. Because all parts of a rocket are designed to be as light as possible, such extended nozzles are often fairly fragile because they're only exposed above Earth's atmosphere. So one problem with getting an upper stage back from Earth, especially if you want to use the engine to control and slow its descent, is protecting this large nozzle. One way to do that is to bury the engine nozzle in a large heat shield, but that would require more structure and mass, and it may not be dynamically stable. Stoke's answer was using a ring of 30 smaller thrusters. (The tests last month only employed 15 of the 30 thrusters). In a vacuum, the plumes from these nozzles are designed to merge and act as one. And during reentry, with a smaller number of smaller thrusters firing, it's easier to protect the nozzles. "What you're seeing in the photos of the test is a high-performance upper-stage engine that can operate within atmosphere at deep throttle to support vertical landing but then also perform at a higher ISP than some variants of the RL 10 engine in space," Lapsa said. Another significant second-stage problem is protecting the whole vehicle from the super-heated atmosphere during reentry. NASA's Space Shuttle accomplished this with brittle thermal tiles, but these required 30,000 employee hours to inspect, test, and refurbish between flights. SpaceX is using a different type of ceramic tile, designed to be more reusable, for Starship. Given Stoke's background in rocket engines, Lapsa said it made the most sense to try a regeneratively cooled heat shield. The vehicle's ductile metallic outer layer will be lined with small cavities to flow propellant through the material to keep it cool during reentry. The second stage, therefore, will return to Earth somewhat like a space capsule -- base first, with the regeneratively cooled heat shield. Stoke Space has a very long road ahead of it to reach space. Engine tests are an important step, but they're only the first step of many. Next up for the company is "hop" tests with a full-scale version of the second stage at the Moses Lake facility in central Washington. This prototype won't have a fairing as it would during launch, but it will still stand 19 feet tall. Initially, the tests will be low-altitude, probably measured in hundreds of feet. If there's an engineering need to go higher, the company will consider that, Lapsa said. But for now, the goal is to prove the capability to control the rocket during ascent and descent and make a soft landing. This is a shockingly difficult guidance, navigation, and control problem, especially with a novel system of distributed thrusters. "This is kind of a final proof point of this architecture," Lapsa said. "It is new. It's different. It's weird. It's original. There were a lot of questions that we had about how this thing is going to work. But we've already mitigated a lot of risk." If Stoke can manage to land the upper stage, it can move ahead with the first stage and start to turn the yet-unnamed rocket into an orbital vehicle. It sounds easy, but it's not...Read more of this story at Slashdot.
Hollywood and Netflix Report Top Piracy Threats To US Government
An anonymous reader quotes a report from TorrentFreak: The Motion Picture Association (MPA) has sent its latest overview of notorious piracy markets to the US Government. The Hollywood group, which also represents Netflix, lists a broad variety of online piracy threats. Aside from traditional pirate sites, it also includes domain registries, hosting providers, advertisers, and apps. [...] The MPA report typically provides a detailed overview of the piracy landscape. This year, the USTR further asked rightsholders to explain how piracy impacts US workers. According to the movie industry group, the effect is significant. "In 2020, there were an estimated 137.2 billion visits to film and TV piracy sites globally, which cost the U.S. economy at least $29.2 billion in lost revenue each year. Specifically, piracy has been estimated to reduce employment in our industry between 230,000 and 560,000 jobs," MPA writes, citing external research. The MPA notes that piracy is a global problem that requires cooperation from the broader Internet ecosystem. Services that see themselves as neutral intermediaries, operating parts of the core Internet infrastructure, should take responsibility. "All stakeholders in the internet ecosystem -- including hosting providers, DNS providers, cloud services, advertising networks, payment processors, social networks, and search engines -- should actively seek to reduce support for notoriously infringing sites," MPA writes. The industry group views Cloudflare as part of this group and mentions the US company by name in its submission. "Cloudflare's customers include some of the most notorious, longstanding pirate websites in the world, including the massively popular streaming site cuevana3.me and The Pirate Bay," MPA notes, adding that repeated notices of infringement elicited no action on Cloudflare's part. The notorious markets list is limited to non-US operations, so Cloudflare itself isn't one of the MPA's targets. Various other Internet services are, including several third-party intermediaries. The MPA's list of notorious markets calls out domain name registries, including the Russian .RU registry, and the companies that maintain the records for the .CH, .CC, .IO, .ME and .TO domain names. These continue to keep pirate sites on board, despite numerous complaints. The same is true for the payment provider VoguePay, which is reportedly quite popular among IPTV services. In addition, advertisers such as 1XBET and Propeller Ads are called out as well. The latter company rebutted MPA's accusations last year but that didn't prevent it from being highlighted again. Hosting companies are also cited as intermediaries that could and should do more. Instead, some find themselves appealing to pirate services with products such as "bulletproof" hosting. Squitter.eu and Amaratu are two such examples, the MPA reports. In addition to third-party intermediaries, there is also a category of services that caters to pirates directly. These "piracy as a service" (PaaS) companies offer tools that allow people to start a pirate site with minimal effort. "PaaS encompasses a suite of often off-the-shelf services that make it easy for would-be pirates without any technical knowledge to create, operate, and monetize a fully functioning pirate operation," MPA writes. [...] Actual pirate sites themselves are also mentioned, including the usual suspects The Pirate Bay, RARBG and YTS. In addition to torrent sites, the MPA also lists direct download hubs, streaming portals and linking sites, including Uptobox.com, Fmovies.to and Egy.best. Various dedicated piracy apps get a mention as well, and the MPA further includes a long list of unauthorized IPTV services. The anti-piracy group says that it has identified more than a thousand pirate IPTV platforms, so the list provided to the USTR is certainly not exhaustive. In fact, the MPA says that all companies, sites, and services are part of a broader piracy problem. Those flagged in the MPA's report are just examples of some of the worst offenders, nothing more. A list of all sites and services that are highlighted and categorized in MPA's notorious markets submission (PDF) can be found in the article.Read more of this story at Slashdot.
More Than 4 In 10 PCs Still Can't Upgrade To Windows 11
Nearly 43 percent of millions of devices studied by asset management provider Lansweeper are unable to upgrade to Windows 11 due to the hardware requirements Microsoft set out for the operating system. The Register reports: Lansweeper said 42.76 percent of the estimated 27 million PCs it tested across 60,000 organizations failed the CPU test, albeit better than the 57.26 percent in its last test a year ago. Altogether 71.5 percent of the PCs failed the RAM test and 14.66 percent the TPM test. "We know that those who can't update to Windows 11... will continue to use Windows 10," said Roel Decneut, chief strategy officer at Lansweeper, whose customers include Sony, Pepsico, Cerner, MiT and Hilton hotels. He said that even if enterprises are prepared to upgrade their PC fleet to meet the system requirements of Microsoft's latest OS, there are "broader issues affecting adoption that are out of Microsoft's control." "Global supply chain disruption has created chip a processor shortage, while many are choosing to stick with what hardware they have at the moment due to the global financial uncertainty." Other findings from Lansweeper show adoption rates for the latest OS are improving, running on 1.44 percent of computers versus 0.52 percent in January. This means the latest incarnation has overtaken Windows 8 in the popularity stakes but remains behind market share for Windows 7, despite that software going end of life in January 2020. Adoption is, unsurprisingly, higher in the consumer space. Some 4.82 percent of the biz devices researched were running an OS that wasn't fully supported and 0.91 percent had servers in their estate that are end of life.Read more of this story at Slashdot.
Crypto and Payments Firm MobileCoin Launches Stablecoin -- 'Electronic Dollars'
Privacy-focused cryptocurrency and payments firm MobileCoin, in collaboration with stablecoin platform Reserve, has launched a stablecoin dubbed "Electronic Dollars" (eUSD). CoinDesk reports: According to MobileCoin, eUSD is backed by a basket of other stablecoins, namely, USD coin (USDC), Pax dollar (USDP) and trueUSD (TUSD). Each transaction is said to be encrypted using end-to-end zero-knowledge encryption. In other words, only the transacting parties can see their own transactional data, thanks to encryption that uses zero knowledge proofs (a way of proving something without revealing sensitive information). The stablecoin eUSD is built on the MobileCoin blockchain, which, according to MobileCoin, is optimized for mobile devices. Apparently, MobileCoin was originally designed for integration with encrypted mobile messaging app, Signal. Consequently, eUSD will inherit the features of MobileCoin's native cryptocurrency, MOB, although eUSD users will pay transaction fees (a flat $0.0026 per transaction) in eUSD and not MOB. The eUSD relies on what seems to be a centralized governance structure where the MobileCoin Foundation acts as the primary governing body. The foundation elects "governors" who are authorized to mint and burn eUSD. The stablecoin's collateral is held in a popular Ethereum multisignature (multisig) wallet called Safe (formerly "Gnosis Safe"). New eUSD is only minted after governors confirm an equivalent amount of collateral has been transferred to the Safe wallet. "Anybody can inspect the contract holding this basket [of collateral], to see what the current balances are. It's a Gnosis safe, which is also one of the most highly regarded contracts on Ethereum for holding assets," Henry Holtzman, MobileCoin's chief innovation officer explained during an interview with CoinDesk. Similarly, if a user redeems eUSD, the token is "verifiably burned" and governors release the corresponding collateral. Verifiable burning is when burned eUSD is sent to a "burn address" that renders it "visible" for transparency purposes, "but unspendable." However, everyday users won't typically engage in burning and minting. An individual seeking eUSD would simply purchase it on an exchange. Approved liquidity providers (LPs) would be the ones minting large amounts of eUSD. To our knowledge, no project has created a native stablecoin with privacy properties, which is a first-class citizen in the ecosystem, and which never requires the use of 'non-private' transaction technologies to use normally. In short, no one has yet actually created a private digital dollar," MobileCoin stated in the eUSD white paper. Holtzman said that eUSD uses a "reserve-auditor" program that "connects to the Safe wallet via an application programming interface (API) and verifies that each newly minted eUSD has a corresponding amount of collateral in the wallet." Holtzman added: "We'll release it all open source. So if you want to run your own copy [of the reserve auditor], you can. You can examine it to make sure we really are backed exactly as we claim," Holtzman told CoinDesk.Read more of this story at Slashdot.
Doom Runs At 60 FPS In Notepad
Game developer Sam Chiet has found another use for Microsoft Notepad. The ingenious creator has gotten Doom (1993) to run at 60 FPS through the boring text editor in Windows. Tom's Hardware reports: Chiet highlighted that he didn't have to modify the Notepad application. Dubbed "NotepadDOOM," the project is fully playable. Although Chiet didn't explain how the mod works, has committed to launching NotepadDOOM for other Doom fans to try out. Chiet said in a subsequent tweet that "it'll take some work to polish NotepadDOOM into something releasable, but it'll almost certainly happen over the next couple days." John Romero, one of Doom's creators, was impressed and replied to Chiet in a tweet that the mod was "incredible." You can see the iconic 1993 shooter running in its full glory on Chiet's YouTube channel. It's Notepad, so obviously, Chiet replaced the graphics with characters and numbers. The gameplay looks pretty smooth, although we did catch some screen tearing. However, that could be because Notepad can't write the text fast enough on screen.Read more of this story at Slashdot.
Toyota Discloses Data Leak After Access Key Exposed On GitHub
An anonymous reader quotes a report from BleepingComputer: Toyota Motor Corporation is warning that customers' personal information may have been exposed after an access key was publicly available on GitHub for almost five years. Toyota T-Connect is the automaker's official connectivity app that allows owners of Toyota cars to link their smartphone with the vehicle's infotainment system for phone calls, music, navigation, notifications integration, driving data, engine status, fuel consumption, and more. Toyota discovered recently that a portion of the T-Connect site source code was mistakenly published on GitHub and contained an access key to the data server that stored customer email addresses and management numbers. This made it possible for an unauthorized third party to access the details of 296,019 customers between December 2017 and September 15, 2022, when access to the GitHub repository was restricted. On September 17, 2022, the database's keys were changed, purging all potential access from unauthorized third parties. The announcement explains that customer names, credit card data, and phone numbers have not been compromised as they weren't stored in the exposed database. Toyota blamed a development subcontractor for the error but recognized its responsibility for the mishandling of customer data and apologized for any inconvenience caused. The Japanese automaker concludes that while there are no signs of data misappropriation, it cannot rule out the possibility of someone having accessed and stolen the data. For this reason, all users of T-Connect who registered between July 2017 and September 2022 are advised to be vigilant against phishing scams and avoid opening email attachments from unknown senders claiming to be from Toyota.Read more of this story at Slashdot.
Amazon To Invest Over 1 Billion Euros in European Electric Van, Truck Fleet
Amazon said on Monday it will invest more than 1 billion euros ($974.8 million) over the next five years in electric vans, trucks and low-emission package hubs across Europe, accelerating its drive to achieve net-zero carbon. From a report: The retailer said the investment was also aimed at spurring innovation across the transportation industry and encouraging more public charging infrastructure for electric vehicles (EVs). The U.S. online retailer said the investment would help its electric van fleet in Europe more than triple from 3,000 vehicles to more than 10,000 by 2025. The company did not say what percentage of its European last-mile delivery fleet is electric today, but said those 3,000 zero-emission vans delivered over 100 million packages in 2021. Amazon said it also hopes to purchase more than 1,500 electric heavy goods vehicles - used for "middle-mile" shipments to package hubs - in the coming years.Read more of this story at Slashdot.
Upcoming Call of Duty Has Annoying Phone Number Verification Requirement
Call of Duty: Modern Warfare II will require players to register with a phone number on Battle.net to play the game, in order to make players responsible for their actions. The game is set for release later this month on October 28th. The Verge reports: It's a repeat of the practice that caused issues for Overwatch 2 players last week, PCGamer reports. A Battle.net support page lists the upcoming CoD shooter as one of its three games that "require that you add a phone number to your Battle.net account" to play, alongside Overwatch 2 and 2019's Modern Warfare. The phone verification system, which Activision Blizzard calls SMS Protect, is meant to cut down on toxic behavior from players, preventing them from creating endless new accounts to evade bans or to cheat. "Limiting the number of free accounts that a single person can create helps keep players accountable for their actions and, in turn, reduces toxicity and cheating and ensures a positive community experience for all players," Activision Blizzard's support page reads. The problem is that SMS Protect is designed for text-enabled mobile phones, and doesn't treat all phone numbers equally. A separate Battle.net support page notes that "mobile phones with prepaid plans may not work with the phone notification service." It also doesn't work with VoIP numbers. That restricts the service to players with postpaid cellular plans, which may not be affordable or easily accessible to many players around the world. Requiring players to provide a phone number isn't new (Dota 2 and Rainbow Six Siege both require them for ranked play) but there haven't been widespread reports of problems with prepaid phone plans with these previous implementations. One player we spoke to was blocked from playing Overwatch 2 when they entered the same number they'd used to successfully play Dota 2 for years. It's unclear whether Activision Blizzard's phone number requirements will apply equally for Modern Warfare II players across both Battle.net and Steam, given the game is available across both PC digital stores.Read more of this story at Slashdot.
Germany's Cybersecurity Chief Faces Dismissal, Reports Say
German Interior Minister Nancy Faeser wants to dismiss the country's cybersecurity chief due to possible contacts with people involved with Russian security services, German media reported late on Sunday, citing government sources. Reuters reports: Arne Schoenbohm, president of the BSI federal information security agency, could have had such contacts through the Cyber Security Council of Germany, various outlets reported. Schoenbohm was a founder of the association, which counts as a member a German company that is a subsidiary of a Russian cybersecurity firm founded by a former KGB employee, they wrote. "These accusations must be decisively investigated," said Konstantin von Notz, the head of the parliamentary oversight committee for Germany's intelligence agencies.Read more of this story at Slashdot.
Windows 95 Went the Extra Mile To Ensure Compatibility of SimCity, Other Games
An anonymous reader quotes a report from Ars Technica: It's still possible to learn a lot of interesting things about old operating systems. Sometimes, those things are already documented (on a blog post) that miraculously still exist. One such quirk showed up recently when someone noticed how Microsoft made sure that SimCity and other popular apps worked on Windows 95. A recent tweet by @Kalyoshika highlights an excerpt from a blog post by Fog Creek Software co-founder, Stack Overflow co-creator, and longtime software blogger Joel Spolsky. The larger post is about chicken-and-egg OS/software appeal and demand. The part that caught the eye of a Hardcore Gaming 101 podcast co-host is how the Windows 3.1 version of SimCity worked on the Windows 95 system. Windows 95 merged MS-DOS and Windows apps, upgraded APIs from 16 to 32-bit, and was hyper-marketed. A popular app like SimCity, which sold more than 5 million copies, needed to work without a hitch. Spolsky's post summarizes how SimCity became Windows 95-ready, as he heard it, without input from Maxis or user workarounds: "Jon Ross, who wrote the original version of SimCity for Windows 3.x, told me that he accidentally left a bug in SimCity where he read memory that he had just freed. Yep. It worked fine on Windows 3.x, because the memory never went anywhere. Here's the amazing part: On beta versions of Windows 95, SimCity wasn't working in testing. Microsoft tracked down the bug and added specific code to Windows 95 that looks for SimCity. If it finds SimCity running, it runs the memory allocator in a special mode that doesn't free memory right away. That's the kind of obsession with backward compatibility that made people willing to upgrade to Windows 95." Spolsky (in 2000) considers this a credit to Microsoft and an example of how to break the chicken-and-egg problem: "provide a backwards compatibility mode which either delivers a truckload of chickens, or a truckload of eggs, depending on how you look at it, and sit back and rake in the bucks." Windows developers may have deserved some sit-back time, seeing the extent of the tweaks they often have to make for individual games and apps in Windows 95. Further in @Kalyoshika's replies, you can find another example, pulled from the Compatibility Administrator in Windows' Assessment and Deployment Kit (ADK). A screenshot from @code_and_beer shows how Windows NT, upon detecting files typically installed with Final Fantasy VII, will implement a fittingly titled compatibility fix: "Win95VersionLie." Simply telling the game that it's on Windows 95 seems to fix a major issue with its operation, along with a few other emulation and virtualization tweaks. "Mike Perry, former creative director at Sim empire Maxis (and later EA), noted later that there was, technically, a 32-bit Windows 95 version of Sim City available, as shown by the 'Deluxe Edition' bundle of the game," adds Ars. "He also states that Ross worked for Microsoft after leaving Maxis, which would further explain why Microsoft was so keen to ensure people could keep building parks in the perfect grid position to improve resident happiness."Read more of this story at Slashdot.
Why a $158,000 Drug With Unclear Benefits Hurts Whole Health System
Price tag for a recently approved ALS drug illustrates broad industry problems. From a report: Like many patients suffering from amyotrophic lateral sclerosis, or ALS -- also known as Lou Gehrig's disease -- Layne Oliff didn't have any time to waste. Even before the drug Relyvrio was approved late last month by the Food and Drug Administration, he has had his own do-it-yourself method: he gets sodium phenylbutyrate in liquid form from a New Jersey pharmacy and taurursodiol online from Amazon. That costs him over $7,000 a year, but he says it has been well worth it because he feels the combination has helped stabilize a disease that often causes death within a few years. Now that the drug combining those two known compounds has been approved in the U.S., the official list price is going to be $158,000 for a year's supply, or over 20 times more than he was spending. While that may be excellent news for Amylyx, which makes the drug and whose shares are up 159% over the past 6 months, the exorbitant price tag is bad news for the U.S. healthcare system. Patients won't be footing the entire bill themselves -- insurers pick up most of the tab, which is finalized after rebates are made by pharmaceutical companies to get the drug covered. And of course making the drug available through the proper channels will be a more affordable and more reliable way for patients to take the medication, especially those who can't afford the out-of-pocket costs Mr. Oliff was able to pay for his unorthodox, but doctor-supervised method. But the jarring price difference underscores just how out of whack drug prices have become in the U.S. Each time a drug is priced up in the stratosphere, it sets a precedent for the next manufacturer to do the same, sending drug costs in an upward spiral with no real ceiling except for public outcry.Read more of this story at Slashdot.
It's Lonely in the Metaverse: Decentraland's 38 Daily Active Users in a $1.3B Ecosystem
What's going on in the metaverse these days, you might ask. Looking at two of the biggest companies with over $1 billion valuations, the answer is surprising: Not much, or at least not enough to bring users back every day. From a report: According to data from DappRadar, the Ethereum-based virtual world Decentraland had 38 active users in the past 24 hours, while competitor The Sandbox boasted 522 active users in that same time. An active user, according to DappRadar, is defined as a unique wallet address' interaction with the platform's smart contract. For example, logging onto The Sandbox or Decentraland to make a purchase with SAND or MANA, each platform's respective native utility token, is counted as an "active use." This means that DappRadar's compilation of daily active users doesn't account for people who log in and mosey around a metaverse platform or drop in briefly for an event, such as a virtual fashion week. It also likely means that these spaces are not where people are making transactions such as buying non-fungible tokens (NFT). A developer might defend the low daily stats with the familiar phrase, "don't hate the player, hate the game" but it seems it's not just one quiet day for the two metaverse platforms. The largest number of daily users ever on Decentraland was 675, according to DappRadar. For The Sandbox, that number was larger at about 4,503.Read more of this story at Slashdot.
Fungi Find Their Way Into Cancer Tumors, But What They're Doing There is a Mystery
Angus Chen, reporting for StatNews: For a while, scientists thought the trillions of microbes on our bodies lived in landscapes connected to the outside world -- our skin, hair, and gut -- but research in the last few years has shown that's not so. When Ravid Straussman, a cancer biologist at the Weizmann Institute of Science in Israel, looked deeper, he and several other research groups around the world found bacteria in the milieu of tumors. Then, he and other scientists began wondering: if tumors are home to bacteria, then what about another major resident of our microbiome, fungi? Now, two new papers published in Cell, one from Straussman's lab and collaborators at the University of California San Diego and another from researchers at Weill Cornell Medicine and Duke University, have found genetic footprints of fungi in tumors across the human body. Together, the studies provide a "nice, rigorous association" between fungi and cancer, said Ami Bhatt, an associate professor of medicine and genetics at Stanford University who did not work on either paper. "It provides pretty compelling evidence there may be rare fungi within tumors," she said. But the work raises far more questions than it answers. "Are they alive or not? And assuming they really are there, then why are they there? And how did they get there?"Read more of this story at Slashdot.
Subjecting Workers To Webcam Monitoring Violates Privacy, Dutch Court Rules
A Florida-headquartered company has been ordered to pay about $73,000 in compensation and other fees after firing a Netherlands-based remote worker who refused to keep their webcam on all day, NL Times reports. The Verge: The company, Chetu, said the unnamed employee was required to attend a virtual classroom with their webcam turned on for the entire day and their screen remotely monitored. But when the employee refused, saying that leaving their webcam on for "9 hours a day" made them feel uncomfortable and was an invasion of their privacy, the company dismissed them, citing âoerefusal to workâ and "insubordination."Read more of this story at Slashdot.
Samsung Seeks Smart TV Growth With First Tizen OS Licensing Deals
Samsung has confirmed the first third-party smart TV makers to ship with its Tizen operating system (OS), with several manufacturers preparing to launch Tizen-powered TVs this year across Europe and Australasia. From a report: Tizen, for the uninitiated, is a Linux-based OS hosted by the Linux Foundation for more than a decade, though Samsung has been the primary developer and driving force behind the project, using it across myriad devices, including smartwatches, kitchen appliances, cameras, smartphones and TVs. Although Samsung has essentially abandoned Tizen in smartphones and smart watches, TVs have remained fertile ground for Tizen to flourish, chiefly due to the fact that Samsung is the biggest selling TV maker globally. But while recent figures from Dataxis show that Tizen's market share in 2020 was roughly one-third in terms of installation base, the number has been slowly creeping downward with the likes of Android TV and Roku edging upward.Read more of this story at Slashdot.
Russian-Speaking Hackers Knock Multiple US Airport Websites Offline
More than a dozen public-facing airport websites, including those for some of the nation's largest airports, appeared inaccessible Monday morning, and Russian-speaking hackers claimed responsibility. From a report: No immediate signs of impact to actual air travel were reported, suggesting the issue may be an inconvenience for people seeking travel information. "Obviously, we're tracking that, and there's no concern about operations being disrupted," Kiersten Todt, Chief of Staff of the US Cybersecurity and Infrastructure Security Agency (CISA), said Monday at a security conference in Sea Island, Georgia. The 14 websites include the one for Atlanta's Hartsfield-Jackson International Airport. An employee there told CNN there were no operational impacts. The Los Angeles International Airport website was offline earlier but appeared to be restored shortly before 9 a.m. Eastern.Read more of this story at Slashdot.
A Minecraft Player Set Out To Build the Known Universe, Block by Block
Christopher Slayton spent two months exploring black holes, identifying the colors of Saturn's rings and looking at his home planet from outer space. Mr. Slayton, 18, didn't have to leave his desk to do so. He set out to build the entire observable universe, block by block, in Minecraft, a video game where users build and explore worlds. From a report: By the end, he felt as if he had traveled to every corner of the universe. "Everyone freaks out about the power and expansiveness of the universe, which I never really got that much," he said. But after working for a month and 15 days to build it and additional two weeks to create a YouTube video unveiling it, "I realized even more how beautiful it is." Mr. Slayton, known as ChrisDaCow on his Minecraft-focused YouTube, Reddit, Twitter, Instagram and TikTok accounts, has been playing the game for almost a decade, and he's not a user of any other games, he said. He started posting videos of his "builds," which are landscapes he creates inside the game, on YouTube in 2019. This channel has become his main priority since he graduated high school this spring. [...] Exploring and learning concepts via Minecraft can be seen as a generational shift, said Ken Thompson, an assistant professor of digital game design at the University of Connecticut. About two-thirds of Americans play video games, according to a 2022 industry report. Professor Thompson said young people, such as Mr. Slayton, could apply problem solving and critical thinking when tackling projects such as the universe creation. "There are very serious applications," he said, adding, "then there's also this wonderful science side of it where we're experimenting with systems that are otherwise really hard to conceptualize." In 2022, some students at his university held a commencement ceremony in Minecraft, organized by the gaming club, after the in-person event was canceled because of the coronavirus pandemic. They created the campus and avatars representing students and even faculty to stage the virtual gathering.Read more of this story at Slashdot.
Farmers in Bangladesh Pump So Much Water It May Help Reduce Floods
Millions of smallholder farmers in Bangladesh pump huge amounts of groundwater for irrigation, helping to triple the country's rice production and possibly mitigate floods during monsoon season. From a report: Intensive irrigation and other agricultural improvements since the 1980s have enabled Bangladesh to produce enough food each year to be nearly self-sufficient. "In Bangladesh we rely heavily on groundwater for irrigation," says Kazi Matin Ahmed at the University of Dhaka in Bangladesh. He says Bangladesh has a lot of groundwater but there are concerns it could be depleted. Using millions of groundwater measurements from 465 sites across Bangladesh, Ahmed and his colleagues estimated how much groundwater was pumped by more than 16 million farmers between 1988 and 2018. Together, the farmers operate more than 1 million diesel and electric pumps to flood rice paddies during the dry season, which has enabled more food to be produced on more land. Thanks to irrigation and other agricultural improvements, rice production in the 2018-2019 season was more than triple what it was in the early 1970s. At roughly 25 per cent of the sites, the records showed depleting groundwater levels. At around 40 per cent levels during the dry season and monsoon remained steady. In the remaining 35 per cent, levels declined during the dry season due to irrigation but aquifers were completely refilled during the monsoon.Read more of this story at Slashdot.
PC Shipments Are Still on the Decline - Unless You're Apple
Global PC shipments declined in calendar Q3 by 15 percent year-on-year thanks to reduced demand and lingering supply chain issues, according to number cruncher IDC. From a report: The Q3 slowdown is similar to that seen in Q2 2022, when shipments crashed by 15.3 percent year-on-year. The slowed growth didn't just start this year. Signs first emerged in Q3 2021 as Chromebooks hit market saturation. For perspective, volumes still remain higher than before the COVID-19 pandemic. Shipments also aren't as low as they could be thanks to companies like Apple that drove business with promotions. As industry-wide supply hit record lows, Apple supply increased to make up for lost orders during China's Q2 lockdowns, according to IDC research manager Jitesh Ubrani. [...] Apple came in fourth place in terms of market share for Q3 PC shipments behind Lenovo (first), HP (second), and Dell (third). While other companies declined in year-on-year growth, Apple soared with a net positive 40.2 percent increase in shipments year-on-year to 10.06 million Macs.Read more of this story at Slashdot.
India Facing a Pandemic of Antibiotics-Resistant Superbugs
An anonymous reader shares a report: At the 1,000-bed not-for-profit Kasturba Hospital in the western Indian state of Maharashtra, doctors are grappling with a rash of antibiotic-resistant "superbug infections." This happens when bacteria change over time and become resistant to drugs that are supposed to defeat them and cure the infections they cause. Such resistance directly caused 1.27 million deaths worldwide in 2019, according to The Lancet, a medical journal. Antibiotics -- which are considered to be the first line of defence against severe infections -- did not work on most of these cases. India is one of the countries worst hit by what doctors call "antimicrobial resistance" -- antibiotic-resistant neonatal infections alone are responsible for the deaths of nearly 60,000 newborns each year. A new government report paints a startling picture of how things are getting worse. Tests carried out at Kasturba Hospital to find out which antibiotic would be most effective in tackling five main bacterial pathogens have found that a number of key drugs were barely effective. A new report by Indian Council of Medical Research (ICMR) says that resistance to a powerful class of antibiotics called carbapenems - it defeats a number of pathogens - had risen by up to 10% in just one year alone. The report collects data on antibiotic resistance from up to 30 public and private hospitals every year. "The reason why this is alarming is that it is a great drug to treat sepsis [a life-threatening condition] and sometimes used as a first line of treatment in hospitals for very sick patients in ICUs," says Dr Kamini Walia, a scientist at Indian Council of Medical Research (ICMR) and lead author of the study.Read more of this story at Slashdot.
Nations Agree To Curb Emissions From Flying by 2050
After almost a decade of talks, the nations of the world have committed to drastically lower emissions of planet-warming gases from the world's airplanes by 2050, a milestone in efforts to ease the climate effects of a fast-growing sector. From a report: The target to reach "net zero" emissions -- a point in which air travel is no longer pumping any additional carbon dioxide into the atmosphere -- would require the aviation industry to significantly step up its climate efforts. Previously, companies had relied on offsetting aviation's emissions growth through tree-planting programs or through yet-to-be-proven technology to pull carbon dioxide out of the air. But to reach net zero, companies and governments would need to invest hundreds of billions of dollars in increasingly efficient planes and cleaner fuels to sharply reduce emissions from air travel itself. And even those investments are unlikely to be enough, compelling countries and companies to adopt policies to curb flying itself, by scrapping fuel subsidies or halting airport expansion plans, for example, or ending frequent flier programs. That puts the onus on the world's richest countries, which account for the bulk of global air travel. The richest 20 percent of people worldwide take 80 percent of the flights, according to estimates by the International Council on Clean Transportation, a nonprofit think tank. The top 2 percent of frequent fliers take about 40 percent of the flights. Emissions from global commercial aviation made up about 3 percent of global emissions in 2019, and had surged more than 30 percent over the previous decade before the coronavirus pandemic hit and traffic slumped. But air travel has come back with a vengeance, making action to address rising emissions imperative. The aviation industry has been slow to address its emissions, which aren't covered by the Paris accord, the 2015 agreement among the nations of the world to fight climate change. Instead, a United Nations-like body called the International Civil Aviation Organization has overseen the climate talks. Those talks quickly became a microcosm of the politics involved in global climate negotiations, with less wealthy nations arguing that they should not face the same restrictions as richer nations.Read more of this story at Slashdot.
California Passes Law Banning Single-Use Plastic Grocery Bags by 2025
You know how grocery stores have rolls of tear-off plastic bags in their produce sections for holding vegetables and fruit? Last week California's governor signed a law that will force supermarkets to discontinue them before 2025, reports the Bay Area Newsgroup, replacing them with either recycled paper bags or bags made of compostable plastic:"This kind of plastic film is not recyclable...." said Nick Lapis, director of advocacy for Californians Against Waste, an environmental group that supported the bill. "It flies around landfills and flies out of trucks. It gets stuck on gears at recycling facilities. And it contaminates compost. It's a problematic product we want to get rid of...." "We're not banning the bags," Lapis said. "We are just requiring a more-sustainable type of bags. You'll still have a place to put your fruits and vegetables that won't leak." The article notes that Trader Joe's is already using compostable produce bags, and Eben Schwartz, marine debris manager for the California Coastal Commission suggests that consumers can also just try opting for paper bags. "It's significantly more recyclable. And it will break down if it finds its way into the marine environment." But he also offered one more piece of advice: "Decide whether you really need your bananas in a bag. You probably don't."Read more of this story at Slashdot.
Your Boss Can Monitor Your Activities Without Special Software
"Your boss probably has enough data about your digital activities to get a snapshot of your workday — without using any special monitoring software...." reports the Washington Post. "Workers should be aware that many online work apps offer data about their daily activities...."Commonly used network-connected apps such as Zoom, Slack and Microsoft Office give managers the ability to find everything from the number of video meetings in which you've actively participated, to how much you chatted online with co-workers and the number of documents you saved to the cloud.... At the beginning of 2022, global demand for employee monitoring software increased 65 percent from 2019, according to internet security and digital rights firm Top10VPN. But popular work apps also offer data. On Microsoft 365, an account administrator can pull data — though it may not be easy and would be tracked in compliance logs — on how many emails workers sent, how many files they saved on a shared drive and how many messages they sent as well as video meetings they participated in on the messaging and video tool Microsoft Teams. Google Workspace, Google's suite of work tools, allows administrators, for security and audit purposes, to see how many emails a user sent and received, how many files they saved and accessed on Google Drive, and when a user started a video meeting, from where they joined meetings, and who was in a meeting. Select administrators on both services can also access the content of emails and calendar items. On paid Slack accounts, managers can see how many days users have been active and how many messages they've sent over a set period of time. Zoom allows account administrators to see how many meetings users participated in, the length of the meetings, and whether users enabled their camera and microphone during them. And if employees have company-issued phones or use office badges or tech that requires them to sign in at the office, managers can track phone usage and office attendance. To be sure, several software companies say their reports are not for employee evaluation and surveillance. Microsoft has stated that using technology to monitor employees is counterproductive and suggested that some managers may have "productivity paranoia." In the help section of its website, Slack states that the analytics data it offers should be "used for understanding your whole team's use of Slack, not evaluating an individual's performance." "Several workplace experts agree on one thing: The data doesn't properly represent a worker's productivity," the article concludes. "Activities such as in-person mentoring, taking time to brainstorm, sketching out a plan or using offline software won't appear in the data. And measuring quantity might discount the quality of one's work or interactions."Read more of this story at Slashdot.
United Airlines Hopes to Use Electric Planes for Flights Under 200 Miles By 2030
It's one of the largest airlines in the world. But now Futurism reports that United Airlines "is projecting it could have electric powered commercial flights by the tail end of this decade, potentially laying the groundwork for a much more environmentally friendly future for air travel.""Initially we want to fly on routes that are 200 miles or less," Mike Leskinen, president of United Airlines Ventures, told CNBC [at CNBC's ESG Impact Virtual Conference on Thursday]. "But as that energy density increases, that same aircraft will have a range of 250 miles, 300 miles, which is going to give us a lot more utility here connecting our hubs." In other words, the battery-powered planes will get a chance to prove themselves in regional, short-haul flights, according to Leskinen. United set their plans in motion last year, purchasing 100 battery-powered planes that can seat 19 passengers from the Swedish startup Heart Aerospace. Its founder Anders Forslund, who also attended the conference, said that the planes will be able to recharge in "under half an hour," which is about on par with industry standards. The airplane won't be taking off any time soon, however, as it still requires certification, but Forslund predicts they'll get approval by 2028. For the long-haul flights, United has already announced plans to use sustainable fuel in its efforts to be carbon neutral by 2050.Read more of this story at Slashdot.
Intel Confirms Alder Lake BIOS Source Code Leaked
Tom's Hardware reports:We recently broke the news that Intel's Alder Lake BIOS source code had been leaked to 4chan and Github, with the 6GB file containing tools and code for building and optimizing BIOS/UEFI images. We reported the leak within hours of the initial occurrence, so we didn't yet have confirmation from Intel that the leak was genuine. Intel has now issued a statement to Tom's Hardware confirming the incident: "Our proprietary UEFI code appears to have been leaked by a third party. We do not believe this exposes any new security vulnerabilities as we do not rely on obfuscation of information as a security measure. This code is covered under our bug bounty program within the Project Circuit Breaker campaign, and we encourage any researchers who may identify potential vulnerabilities to bring them our attention through this program...." The BIOS/UEFI of a computer initializes the hardware before the operating system has loaded, so among its many responsibilities, is establishing connections to certain security mechanisms, like the TPM (Trusted Platform Module). Now that the BIOS/UEFI code is in the wild and Intel has confirmed it as legitimate, both nefarious actors and security researchers alike will undoubtedly probe it to search for potential backdoors and security vulnerabilities.... Intel hasn't confirmed who leaked the code or where and how it was exfiltrated. However, we do know that the GitHub repository, now taken down but already replicated widely, was created by an apparent LC Future Center employee, a China-based ODM that manufactures laptops for several OEMs, including Lenovo. Thanks to Slashdot reader Hmmmmmm for sharing the news.Read more of this story at Slashdot.
Protestors Hack Iran's State-Run TV
"Iran's state-run broadcaster was apparently hacked on air Saturday," reports the BBC, "with a news bulletin interrupted by a protest against the country's leader." While such incidents are "historically rare," they add that more recently,this incident follows "widespread open dissent"It comes after at least three people were shot dead when protesters clashed with security forces in new unrest over the death of Mahsa Amini. s Amini was detained in Tehran by morality police for allegedly not covering her hair properly. The 22-year-old Iranian Kurd died in custody on 16 September, three days after her arrest. Her death has sparked an unprecedented wave of protest across the country. Saturday's TV news bulletin at 21:00 (17:30 GMT) was interrupted with images which included Iran's supreme leader with a target on his head, photos of Ms Amini and three other women killed in recent protests. e of the captions read "join us and rise up", whilst another said "our youths' blood is dripping off your paws". The interruption lasted only a few seconds before being cut off. Thanks to Nodsnarb and ttyler (long-time Slashdot reader #20,687) for sharing the story.Read more of this story at Slashdot.
FBI Warns About Counterfeit Batteries
"Scammers are leveraging the vulnerabilities in the global supply chain, as well as the public's continuing need for new batteries, to sell a wide variety of counterfeits or unauthorized replicas online," warns America's FBI. "Do not fall victim to online fraudsters or unauthorized dealers or manufacturers."Counterfeit batteries do not go through the same standardized testing as original equipment manufacturer batteries and can adversely impact the safety and health of the consumer.... Avoid aftermarket batteries when possible because they may be dangerous.... Consumers should avoid all third-party purchases of batteries, as they can appear to be legitimate OEM batteries but are likely counterfeit.... [B]atteries sold at deep discounts or at significantly lower-than-average prices are likely counterfeit. The FBI warns you should always avoid batteries that:are not properly packaged;have misprinted or misspelled labels;have labels that peel off; ordo not have official manufacturer batch numbers."The FBI's warning is not specific to laptops or smartphones," notes ZDNet, "which makes sense given that batteries are now found in everything from cars, scooters, e-bikes, e-cigarettes and trains to drones and more." Thanks to Slashdot reader joshuark for sharing the story.Read more of this story at Slashdot.
A Strange Pumpkin-Orange Full Moon Rises in the Sky Tonight
Look at the full moon! Tonight it may appear larger and more orange than usual, reports Space.com, "taking on a fitting appearance for the fall season and for the build-up to Halloween."This is the result of something called the 'moon illusion' and the fact it is being viewed close to the horizon. The orange color comes about because as we look at the full moon close to the horizon, the light that it reflects towards us is passing through more of the Earth's atmosphere than when it is close to overhead. Molecules in Earth's atmosphere are really good at scattering photons of blue light which have shorter wavelengths than red light. This means that blue photons bounce around the sky before hitting our eyeâS — âS and that's why the sky is blue. Longer wavelength red photons slip right through these molecules and straight to our eye for the most part. When red photons reflected by the moon have to pass through the thickest part of the atmosphere at the horizon, the chance of them being bounced around is increased. That's why the moon appears redder when we look at it close to the horizon....Read more of this story at Slashdot.
'How California's Bullet Train Went Off the Rails'
In 2008 California's voters approved the first bonds for a $33 billion San Francisco-to-Los Angeles bullet train. 14 years later, the New York Times is now calling the project "a case study in how ambitious public works projects can become perilously encumbered by political compromise, unrealistic cost estimates, flawed engineering and a determination to persist on projects that have become... too big to fail...."Political compromises, the records show, produced difficult and costly routes through the state's farm belt. They routed the train across a geologically complex mountain pass in the Bay Area. And they dictated that construction would begin in the center of the state, in the agricultural heartland, not at either of the urban ends where tens of millions of potential riders live. The pros and cons of these routing choices have been debated for years. Only now, though, is it becoming apparent how costly the political choices have been. Collectively, they turned a project that might have been built more quickly and cheaply into a behemoth so expensive that, without a major new source of funding, there is little chance it can ever reach its original goal of connecting California's two biggest metropolitan areas in two hours and 40 minutes.... Fourteen years later, construction is now underway on part of a 171-mile "starter" line connecting a few cities in the middle of California, which has been promised for 2030. But few expect it to make that goal. Meanwhile, costs have continued to escalate. When the California High-Speed Rail Authority issued its new 2022 draft business plan in February, it estimated an ultimate cost as high as $105 billion. Less than three months later, the "final plan" raised the estimate to $113 billion. The rail authority said it has accelerated the pace of construction on the starter system, but at the current spending rate of $1.8 million a day, according to projections widely used by engineers and project managers, the train could not be completed in this century.... As of now, there is no identified source of funding for the $100 billion it will take to extend the rail project from the Central Valley to its original goals, Los Angeles and San Francisco, in part because lawmakers, no longer convinced of the bullet train's viability, have pushed to divert additional funding to regional rail projects.... The Times's review, though, revealed that political deals created serious obstacles in the project from the beginning. Speaking candidly on the subject for the first time, some of the high-speed rail authority's past leaders say the project may never work.Read more of this story at Slashdot.
The iPhone 14's 'Crash Detection' Keeps Calling 911 on Rollercoasters
"The iPhone 14's new Crash Detection feature, which is supposed to alert authorities when it detects you've been in a car accident, has an unexpected side effect," reports the Verge. "It dials 911 on rollercoasters."According to a report from The Wall Street Journal, the feature has had law enforcement sent to amusement parks on numerous occasions after mistaking a thrill ride's twists, turns, and hard braking for a real emergency.... If the sensors detect that you've been in an accident, your iPhone will display an alert and call emergency services if you don't dismiss it within 20 seconds. When it calls law enforcement, it will play an audio message that alerts authorities you've been in a crash, and also provides them with your location.... [WSJ reporter Joanna Stern] says Warren County, where Kings Island is located, received six emergency calls triggered by park rides since the iPhone 14's release. She also points out that other users have experienced similar issues in amusement parks across the country. "My time on the crash-detection beat has proven that the feature can absolutely save a life," Stern acknowledged on Twitter. "There's already proof of it helping in real crashes. But there are situations where it works and it shouldn't and others where it doesn't work and it should. "Such is the story of technology!" Thanks to long-time Slashdot reader schwit1 for sharing the story.Read more of this story at Slashdot.
'AI Music Generators Could Be a Boon For Artists - But Also Problematic'
"Our new robot overlords are making a whole lot of progress in the space of AI music generation," quips TechCrunch, discussing a new project called "Harmonai" backed by Stability AI (creators of the open source AI image generator Stable Diffusion):In late September, Harmonai released Dance Diffusion, an algorithm and set of tools that can generate clips of music by training on hundreds of hours of existing songs.... Dance Diffusion remains in the testing stages — at present, the system can only generate clips a few seconds long. But the early results provide a tantalizing glimpse at what could be the future of music creation, while at the same time raising questions about the potential impact on artists.... Google's AudioLM, detailed for the first time earlier this week, shows... an uncanny ability to generate piano music given a short snippet of playing. But it hasn't been open sourced. Dance Diffusion aims to overcome the limitations of previous open source tools by borrowing technology from image generators such as Stable Diffusion. The system is what's known as a diffusion model, which generates new data (e.g., songs) by learning how to destroy and recover many existing samples of data. As it's fed the existing samples — say, the entire Smashing Pumpkins discography — the model gets better at recovering all the data it had previously destroyed to create new works.... It's not the most intuitive idea. But as DALL-E 2, Stable Diffusion and other such systems have shown, the results can be remarkably realistic. Its lyrics are gibberish, TechCrunch concedes — though their article also features several audio clips (including a style transfer of Smash Mouth's vocals onto the Tetris theme). And the article also notes a new tool letting artists opt of of being used in AI training sets, before raising the obvious concern... The project's lead stresses that "All of the models that are officially being released as part of Dance Diffusion are trained on public domain data, Creative Commons-licensed data and data contributed by artists in the community." But even with that, TechCrunch notes that "Assuming Dance Diffusion one day reaches the point where it can generate coherent whole songs, it seems inevitable that major ethical and legal issues will come to the fore." For example, beyond the question of whether "training" is itself a copyright violation, there's the possibility that the algorithm might accidentally duplicate a copyrighted melody...Read more of this story at Slashdot.
Pro-Russian 'Hacktivists' Temporarily Disrupted Some US State Government Web Sites
"Russian-speaking hackers on Wednesday claimed responsibility for knocking offline state government websites in Colorado, Kentucky and Mississippi, among other states," reports CNN, calling it "the latest example of apparent politically motivated hacking following Russia's invasion of Ukraine.... The websites in Colorado, Kentucky and Mississippi were sporadically available Wednesday morning and afternoon as administrators appeared to try to bring them online."The Kentucky Board of Elections' website, which posts information on how to register to vote, was also temporarily offline on Wednesday, but it was not immediately clear what caused that outage. The board of elections' website is also managed by the Kentucky government, though the hackers did not specifically list the board as a target.... Websites like that of the Kentucky Board of Elections are not directly involved in the casting or counting of votes, but they can provide useful information for voters.... The hacking group claiming responsibility for Wednesday's website outage is known as Killnet and stepped up their activity after Russia's February invasion of Ukraine to target organizations in NATO countries. They are a loose band of so-called "hacktivists" — politically motivated hackers who support the Kremlin but whose ties to that government are unknown. The group also claimed responsibility for briefly downing a US Congress website in July, and for cyberattacks on organizations in Lithuania after the Baltic country blocked the shipment of some goods to the Russian enclave of Kaliningrad in June.... Officials at the FBI and CISA reiterated this week that any efforts by hackers to breach election infrastructure are "unlikely to result in largescale disruptions or prevent voting." Government Technology supplies some context:Amsterdam-based threat intelligence technology and services provider EclecticIQ's Threat Research team said in a blog post that Killnet appears to only have the capacity to launch DDoS attacks with short-term impact, and falls short of dealing lasting damage to victims' network infrastructure. "Analysts believe that Killnet supporters are novice users with zero or limited experience with DDoS attacks, based on an analysis of Telegram messaging data and open-source reporting," EclecticIQ wrote. CNN described Killnet's typical attacks as "crude hacks that temporarily knock websites offline but don't do further damage to infrastructure. "Killnet thrives off of public attention and bravado, and cybersecurity experts have to strike a balance between being mindful of Killnet's online antics and not hyping a low-level threat."Read more of this story at Slashdot.
Research Shows Recommender Systems Can Use AI To Manipulate Our Preferences
Slashdot reader silverjacket writes:Research presented at the International Conference on Machine Learning shows that when recommender systems use reinforcement learning to increase engagement, they can have the side effect of shifting our preferences to increase engagement. The researchers also showed ways to detect and reduce such manipulation. Google and Facebook have used reinforcement learning in their recommender systems but didn't respond to questions.Read more of this story at Slashdot.
YouTube, Spotify Remove QAnon Anthem After Original Composer Asserts Copyright
The Washington Post calls it "the gauzy, schmaltzy, vaguely creepy orchestral music unofficially dubbed the QAnon anthem." They also report that it's been "unceremoniously yanked from YouTube and Spotify for violating a harassment policy and alleged copyright infringement, respectively." NBC News reports:In an email to NBC News, composer Will Van De Crommert wrote that he was "exploring legal options" and that "this particular track, which was originally entitled Mirrors, is available to license online. I however was not notified of any licenses for political rallies, nor did I authorize such use." A YouTube representative said in an email Monday that the company "removed the video in question for violating our harassment policy, which prohibits content targeting someone by suggesting they're complicit in a conspiracy theory used to justify real-world violence, such as QAnon." A Spotify representative said that "the content in question was removed following an infringement claim...." Van De Crommert said the uploads in question are identical to his and that he has no association with the account that put his music online alongside QAnon language. "I do not align with the views of QAnon, and this individual has unlawfully distributed my music under their own name," he said. The Post credits the song's morose strings for its impact, describing it as "the kind of stock sentimental, algorithmically emotional pablum regularly employed to sell us trucks, insurance, petrochemicals, diapers, more trucks, pharmaceuticals, whole-grain bread and presidents."Read more of this story at Slashdot.
'In the Battle With Robots, Human Workers Are Winning'
Despite warnings that AI will rob humans of jobs, "Somehow we sacks of meat — though prone to exhaustion, distraction, injury and sometimes spectacular error — remain in high demand," writes New York Times columnist Farhad Majoo. AI has yet to replace humans in supposedly at-risk professions like truck driving and fast-food services. Majoo's conclusion? "Humans have been underestimated."It turns out that we (well, many of us) are really amazing at what we do, and for the foreseeable future we are likely to prove indispensable across a range of industries, especially column-writing. Computers, meanwhile, have been overestimated. Though machines can look indomitable in demonstrations, in the real world A.I. has turned out to be a poorer replacement for humans than its boosters have prophesied. What's more, the entire project of pitting A.I. against people is beginning to look pretty silly, because the likeliest outcome is what has pretty much always happened when humans acquire new technologies — the technology augments our capabilities rather than replaces us. Is "this time different," as many Cassandras took to warning over the past few years? It's looking like not. Decades from now I suspect we'll have seen that artificial intelligence and people are like peanut butter and jelly: better together. It was a recent paper by Michael Handel, a sociologist at the Bureau of Labor Statistics, that helped me clarify the picture. Handel has been studying the relationship between technology and jobs for decades, and he's been skeptical of the claim that technology is advancing faster than human workers can adapt to the changes. In the recent analysis, he examined long-term employment trends across more than two dozen job categories that technologists have warned were particularly vulnerable to automation. Among these were financial advisers, translators, lawyers, doctors, fast-food workers, retail workers, truck drivers, journalists and, poetically, computer programmers. His upshot: Humans are pretty handily winning the job market. Job categories that a few years ago were said to be doomed by A.I. are doing just fine. The data show "little support" for "the idea of a general acceleration of job loss or a structural break with trends pre-dating the A.I. revolution," Handel writes. Handel notes that despite AI's high performance in analyzing X-rays, the number of (human) radiologists keeps increasing, with worries that the supply of (human) radiologists may not keep up with demand. One Stanford radiologist recently argued that instead, "The right answer is: Radiologists who use A.I. will replace radiologists who don't."Read more of this story at Slashdot.
Canonical Launches New Free Tier for Its Security-Focused 'Ubuntu Pro'
"Starting with the Ubuntu 16.04 edition and including the later LTS versions, Canonical will offer expanded security coverage for critical, high, and medium Common Vulnerabilities and Exposures (CVEs) to all of Ubuntu's open-source applications and toolchains for ten years," reports ZDNet. "Yes, you read that right, you get security patches not just for the operating system, but for all of Ubuntu's open-source applications for a decade."Most of these are server programs, such as Ansible, Apache Tomcat, Drupal, Nagios, Redis, and WordPress. But, it also includes such developer essentials as Docker, Node.js, phpMyAdmin, Python 2, and Rust. Altogether, Canonical is supporting more than 23,000 packages. Indeed, it's now offering security for, as Mark Shuttleworth, Canonical's CEO, said, "Security coverage to every single package in the Ubuntu distribution." Canonical isn't doing this on its own. It's offering free, improved security in partnership with the security management company Tenable. Robert Huber, Tenable's Chief Security Officer, said, "Ubuntu Pro offers security patch assurance for a broad spectrum of open-source software. Together, we give customers a foundation for trustworthy open source." Beyond ordinary security, Canonical is backporting security fixes from newer application versions. This enables Ubuntu Pro users to use the Ubuntu release of their choice for long-term security without forced upgrades. Happy to keep using Ubuntu 20.04? No problem. You can run it until April 2030. Knock yourself out.... Users can obtain a free personal Ubuntu Pro subscription at ubuntu.com/pro for up to five machines. This free tier is for personal and small-scale commercial use. Mark Shuttleworth, CEO of Ubuntu's parent company company Canonical, explains in a new video that Ubuntu "is now the world's most widely used Linux..." "What makes most proud, though, is that we have found a way to make this available free of charge to anybody for their personal and for small-scale commercial use.... full commercial use for you, and any business you own, on up to five machines."Read more of this story at Slashdot.
Ransomware Attack Delays Patient Care at Several Hospitals Across the US
"One of the largest hospital chains in the U.S. was hit with a suspected ransomware cyberattack this week," reports NBC News, "leading to delayed surgeries, hold ups in patient care and rescheduled doctor appointments across the country."CommonSpirit Health, ranked as the fourth-largest health system in the country by Becker's Hospital Review, said Tuesday that it had experienced "an IT security issue" that forced it to take certain systems offline. While CommonSpirit declined to share specifics, a person familiar with its remediation efforts confirmed to NBC News that it had sustained a ransomware attack. CommonSpirit, which has more than 140 hospitals in the U.S., also declined to share information on how many of its facilities were experiencing delays. Multiple hospitals, however, including CHI Memorial Hospital in Tennessee, some St. Luke's hospitals in Texas, and Virginia Mason Franciscan Health in Seattle all have announced they were affected. One Texas woman, who spoke to NBC News on the condition of anonymity to protect her family's medical privacy, said that she and her husband had arrived at a CommonSpirit-affiliated hospital on Wednesday for long-scheduled major surgery, only for his doctor to recommend delaying it until the hospital's technical issues were resolved. The surgeon "told me it could potentially delay post-op care, and he didn't want to risk it," she said. Wednesday the company confirmed that "We have taken certain systems offline."Read more of this story at Slashdot.
Alleged Poker-Cheating Scandal Gets Weirder: Employee Stole $15,000 In Chips
An experienced poker player lost to a relative newcomer. But then, "Somehow, the Robbi Jade Lew-Garrett Adelstein scandal diving the poker world just got weirder," reports the New York Post:An internal investigation conducted by Hustler Casino Live — which streamed the game from Los Angeles — has shown that one of their High Stakes Poker Productions employees stole three $5,000 chips from Lew's stack after the broadcast concluded on September 29. The employee, Bryan Sagbigsal, was terminated from his position after he admitted to taking $15,000 in chips from Lew's stack... The $15,000 worth of chips taken by Sagbigsal was seen as some as him taking his cut of a cheating scam. "There is zero evidence that I cheated," Lew posted on Twitter, "simply because I did not. I have been thrust into a bizarre situation where I am being asked to prove my innocence continually, and as of yet, there is not a single thread of direct evidence illustrating my guilt. My accusers, now having exhausted buzzing seats, camera rings, microphone water bottles, and other spy paraphernalia, have now moved on to me having an alleged conspiring relationship with someone I do not know... who, in fact, stole from me." As a precaution the casino's technology and security protocols are now being audited — but the publicity seems good for business. Hustler Casino Live is now calling the hand "The most insane hero call in poker history," and it's already racked up over half a million views on YouTube. Here's what I see. (Am I missing something?) After three of the five "community" cards were dealt face up, Garrett Adelstein had four of the five cards needed for a straight flush — leaving nine clubs in the deck left to draw for a flush, and an additional six that would've at least given him a straight. But with no help from the fourth "community" card, Garrett had just a 53% chance of winning. He bet $10,000, but instead of backing down Robbi raised him by $10,000. Garrett then tried an even larger bet, daring Robbi to go all-in with her $109,000 in chips — or fold. Did she sense that this suddenly-higher bet was a bluff? With nothing but a high-card jack, Robbi refused to fold — and won the hand when the fifth card failed to help either her or Garrett.Read more of this story at Slashdot.
...351352353354355356357358359360...