Slashdot

An anonymous reader quotes a report from TechCrunch: Lawsuits from disgruntled investors are beginning to stack up after crypto prices plummeted over the past few months, leaving them with steep losses. Billionaire Mark Cuban is the latest celebrity on the receiving end of investor ire. A group of Voyager Digital customers filed a class-action suit in Florida federal court against Cuban, as well as the basketball team he owns, the Dallas Mavericks, alleging their promotion of the crypto platform resulted in more than 3.5 million investors losing $5 billion collectively. Voyager Digital's CEO, Stephen Ehrlich, was also named as a defendant in the suit. Voyager, a New Jersey-based crypto firm, filed for Chapter 11 bankruptcy in July following a crash in crypto prices that instigated a liquidity crunch on the platform. The firm is one of many that got burned after loaning money, in Voyager's case worth ~$600 million, to hedge fund Three Arrows Capital (3AC). 3AC declared bankruptcy in the wake of the Terra collapse, triggering a domino effect throughout the crypto markets when the hedge fund defaulted on more than $3.5 billion worth of obligations to its lenders. The plaintiffs in the suit against Cuban described Voyager as "an unregulated and unsustainable fraud, similar to other Ponzi schemes." They claim in the complaint that Cuban and Ehrlich personally reached out to investors both individually and through a partnership with the Dallas Mavericks, to encourage them to invest with the platform. The lawsuit also specifically calls out Voyager's Earn Program Accounts (EPAs), claiming they are unregistered securities. The Mavericks launched their exclusive, five-year partnership with Voyager in October 2021, giving fans cash rewards for making trades on the platform. The announcement said the cryptocurrencies were "an attractive investment for novice investors who might only have $100 to start." According to the lawsuit filed today, Cuban also promoted the company "as a Voyager customer himself, in a ploy to dupe investors into believing that Voyager was a safe platform." Although the partnership with the Mavericks was disclosed, the lawsuit alleges that Cuban did not disclose the compensation he personally received to promote Voyager. "During the runup in crypto prices, many web3 companies, apparently including Voyager, pretended that existing laws and regulations did not apply to crypto," said Shane Seppinni, founder of law firm Seppinni LLP, who was worked on various crypto and "meme stock" lawsuits. "Even smart people like Mark Cuban got caught up in the hype. But now that crypto prices have crashed it's plain to see that centuries-old legal theories like fraud, breach of fiduciary duty, and civil conspiracy are as applicable to crypto as they are elsewhere."Read more of this story at Slashdot.

The US Federal Election Commission approved a Google plan to let campaign emails bypass Gmail spam filters. From a report: The FEC's advisory opinion adopted in a 4-1 vote said Gmail's pilot program is permissible under the Federal Election Campaign Act and FEC regulations "and would not result in the making of a prohibited in-kind contribution." The FEC said Google's approved plan is for "a pilot program to test new Gmail design features at no cost on a nonpartisan basis to authorized candidate committees, political party committees, and leadership PACs." On July 1, Google asked the FEC for the green light to implement the pilot after Republicans accused the company of giving Democrats an advantage in its algorithms. Republicans reportedly could have avoided some of their Gmail spam problems by using the proper email configuration. At a May 2022 meeting between Senate Republicans and Google's chief legal officer, "the most forceful rebuke" was said to come "from Sen. Marco Rubio (R-Fla.), who claimed that not a single email from one of his addresses was reaching inboxes," The Washington Post reported in late July. "The reason, it was later determined, was that a vendor had not enabled an authentication tool that keeps messages from being marked as spam, according to people briefed on the discussions."Read more of this story at Slashdot.

The Mount Sinai Health System began an effort this week to build a vast database of patient genetic information that can be studied by researchers -- and by a large pharmaceutical company. From a report: The goal is to search for treatments for illnesses ranging from schizophrenia to kidney disease, but the effort to gather genetic information for many patients, collected during routine blood draws, could also raise privacy concerns. The data will be rendered anonymous, and Mount Sinai said it had no intention of sharing it with anyone other than researchers. But consumer or genealogical databases full of genetic information, such as Ancestry.com and GEDmatch, have been used by detectives searching for genetic clues that might help them solve old crimes. Vast sets of genetic sequences can unlock new insights into many diseases and also pave the way for new treatments, researchers at Mount Sinai say. But the only way to compile those research databases is to first convince huge numbers of people to agree to have their genomes sequenced. Beyond chasing the next breakthrough drug, researchers hope the database, when paired with patient medical records, will provide new insights into how the interplay between genetic and socio-economic factors -- such as poverty or exposure to air pollution -- can affect people's health. The health system hopes to eventually amass a database of genetic sequences for 1 million patients, which would mean the inclusion of roughly one out of every 10 New York City residents. The effort began this week, a hospital spokeswoman, Karin Eskenazi, said.Read more of this story at Slashdot.

From a report, shared by a reader: Through the winter mist of the hills of the Terai, in lowland Nepal, 18-year-old Hima Kusunda emerges from the school's boarding house, snug in a pink hooded sweatshirt. Hima is one of the last remaining Kusunda, a tiny indigenous group now scattered across central western Nepal. Their language, also called Kusunda, is unique: it is believed by linguists to be unrelated to any other language in the world. Scholars still aren't sure how it originated. And it has a variety of unusual elements, including lacking any standard way of negating a sentence, words for "yes" or "no", or any words for direction. According to the latest Nepali census data from 2011, there are 273 Kusunda remaining. But only one woman, 48-year-old Kamala Khatri, is known to be fluent.Read more of this story at Slashdot.

Software sold by market leaders tend to be primary purchases for regular consumers. Brand comfort is important but so too is affordability, especially when pirate copies are available for free. Some find a middle ground with purchases of discounted activation keys but, as a new Microsoft lawsuit shows, that can amount to copyright infringement for buyers and sellers alike. From a report: In a complaint filed at a Washington court this week, Microsoft targets Canadian company The Search People Enterprises Ltd (TSPE), assumed director Mehtabjit Singh, and 'John Doe' defendants 1-10. The defendants are described as prolific distributors of "black market access devices," aka activation keys and tokens for Microsoft software. Those who bought keys and tokens may have been under the impression that they were purchasing official software but as Microsoft explains, that is not only misleading but a mischaracterization of the things they were sold. Products including Microsoft Office, Project, Visio, Windows 10, and Windows 11 are all subject to licensing terms that restrict how the products can be used. Microsoft can also provide a product activation key to be entered as part of the installation process, with data about the activation sent to the company's servers. Like software tokens, which enable downloads and automatic software activation, activation keys are anti-piracy tools, and exchanging money for them is not the same as buying a license. Indeed, Microsoft makes itself very clear -- the activation of a piece of software means nothing in the absence of a license. Microsoft's problem is that product activation keys can be 'decoupled' from the software they were meant to authorize and then reused to activate more copies of the software, in some cases more copies than the attached Microsoft license permits.Read more of this story at Slashdot.

Australia's consumer watchdog agency said Friday that Google has been ordered to pay AU$60 million, nearly $43 million, by the Federal Court over the collection of location data on Android phones. From a report: The fine stems from legal action the Australian Competition & Consumer Commission initiated back in 2019. The ACCC accused Google of "making misleading representations to consumers" about the collection and use of personal location data on Android devices between January 2017 and December 2018. The court previously found that Google misled consumers into thinking "Location History" was the only setting that impacted whether the tech giant collected, kept and used location data, when in fact, the "Web & App Activity" setting also allowed Google to collect some of this information, according to the ACCC. An estimated 1.3 million people with Google accounts in Australia may have "viewed a screen found by the Court to have breached the Australian Consumer Law," the ACCC said.Read more of this story at Slashdot.

An anonymous reader shares a report: Physical labour is exhausting. A long run or a hard day's sweat depletes the body's energy stores, resulting in a sense of fatigue. Mental labour can also be exhausting. Even resisting that last glistening chocolate-chip cookie after a long day at a consuming desk job is difficult. Cognitive control, the umbrella term encompassing mental exertion, self-control and willpower, also fades with effort. But unlike the mechanism of physical fatigue, the cause of cognitive fatigue has been poorly understood. Previous accounts were incomplete. One of the most widely known, the biological one, draws from what is known about muscular fatigue. It posits that exerting cognitive control uses up energy in the form of glucose. At the end of a day spent intensely cogitating, the brain is metaphorically running on fumes. The problem with this version of events is that the energy cost associated with thinking is minimal. One analysis of previous studies suggests that cognitively overworked and "depleted" brains use less than one-tenth of a Tic-Tac's worth of additional glucose. If cognitive fatigue is not caused by a lack of energy, then what explains it? A team of scientists led by Antonius Wiehler of Pitie-Salpetriere University Hospital, in Paris, looked at things from what is termed a neurometabolic point of view. They hypothesise that cognitive fatigue results from an accumulation of a certain chemical in the region of the brain underpinning control. That substance, glutamate, is an excitatory neurotransmitter that abounds in the central nervous systems of mammals and plays a role in a multitude of activities, such as learning, memory and the sleep-wake cycle. In other words, cognitive work results in chemical changes in the brain, which present behaviourally as fatigue. This, therefore, is a signal to stop working in order to restore balance to the brain. In their new paper in Current Biology, the researchers describe an experiment they undertook to explain how all this happens.Read more of this story at Slashdot.

An anonymous reader shares a report: The earliest sales pitch for Stadia, the Google streaming service that beams high-end video games to web browsers via the cloud, included the idea that it might work as simply as Googling your favorite game. You might search for a popular game to learn more about it, only to immediately see an option to start playing it inside your web browser, no additional hardware required -- and perhaps no payment, either. Nearly three years after Stadia's official launch -- and 18 months after the service's massive internal downgrade -- that scenario has finally begun to play out. What's more, the feature appears to be streamer-agnostic, as multiple Stadia-like streaming services have started appearing in search results. This week, Google rolled out a limited launch of a "Play Now" tab that appears on searches for select video games on desktop browsers. (As of press time, out of three Google accounts tested, the search results shown in this article only appear on one of them.) This tab can be found in the right-hand "knowledge panel" that is otherwise automatically populated with user reviews, game details, and digital download purchase links. When a Google game search returns a Play Now tab, it will include as many compatible streaming services as possible, including Google Stadia, Microsoft Xbox Cloud Gaming, Amazon Luna, and Nvidia GeForce Now. Each entry shows what kind of fee may be required to play the game. Conveniently enough, many Google Stadia games can now be played for free for the first 30 minutes or as long as 120 minutes, and supported free-trial Stadia games get a bright-green flash of italicized text: "trial available." Other games and services that have appeared thus far have included tags like "premium subscription" or "free-to-play."Read more of this story at Slashdot.

Samsung's de-facto leader secured a pardon Friday of his conviction for bribing a former president in a corruption scandal that toppled a previous South Korean government, an act of leniency that underscored the tech company's huge influence in the nation. From a report: Lee Jae-yong's pardon is partially symbolic since he was released on parole a year ago after serving 18 months of a prison term that would have ended in July, and critics say the billionaire has remained in control of Samsung even while behind bars. Still, the pardon will allow the heir to the electronics juggernaut to fully resume his management duties and could make it easier for the company to pursue investments and mergers. The Justice Ministry said President Yoon Suk Yeol, who as a prosecutor investigated the corruption scandal involving Lee, will issue the pardon Monday, a national holiday when some 1,700 people are set to receive clemency, including other top business leaders. Lee, 54, was convicted in 2017 of bribing former President Park Geun-hye and her close confidante to win government support for a merger between two Samsung affiliates that tightened Lee's control over the corporate empire. Park and the confidante were also convicted in the scandal, which enraged South Koreans, who staged massive protests for months demanding an end to the shady ties between business and politics. The demonstrations eventually led to Park's ouster from office. [...] Justice Minister Han Dong-hoon said the pardons of the business tycoons were aimed at "overcoming the economic crisis through encouraging business activity" at a time when South Koreans are grappling with rising prices, high personal debt and a faltering job market.Read more of this story at Slashdot.

An ongoing dispute over privacy between Apple and Facebook is roiling the digital economy, leading companies to shift billions in ad spending as users continue to limit the data available to advertisers. The feud took off last year, when Apple rolled out iOS 14.5, a version of its mobile operating system that made it easier than ever for iPhone and iPad users to opt out of letting apps like Facebook track their activity on their devices. The two companies weren't always at odds. In fact, they were almost business partners. From a report: In the years before the change, Apple suggested a series of possible arrangements that would earn the iPhone maker a slice of Facebook's revenue, according to people who either participated in the meetings or were briefed about them. As one person recalled: Apple officials said they wanted to "build businesses together." One idea that was discussed: creating a subscription-based version of Facebook that would be free of ads, according to people familiar with the discussions. Because Apple collects a cut of subscription revenue for apps in its App Store, that product could have generated significant revenue for the Cupertino, Calif., giant. The companies also haggled over whether Apple was entitled to a piece of Facebook's sales from so-called boosted posts, said people familiar with the matter. A boost allows a user to pay to increase the number of people that see a post on Facebook or Instagram. Facebook, which considers boosts ads, has always contended that boosts are a form of advertising, in part because they are often used by small businesses to reach a bigger audience, said one of the people. Apple, which doesn't take a cut of advertising from developers, argued that Facebook boosts should be considered in-app purchases, according to a person familiar with the matter. Apple's standard terms would entitle it to take a 30% share of those sales.Read more of this story at Slashdot.

The Dutch government agency responsible for investigating financial crimes said it has arrested an individual suspected of being a developer of the U.S.-sanctioned crypto mixing service Tornado Cash in a move that has rattled some crypto and privacy advocates. From a report: The Fiscal Information and Investigation Service said Friday that the arrested 29-year-old man is suspected to be involved in "concealing criminal financial flows and facilitating money laundering" through the popular crypto mixing service. "Multiple arrests are not ruled out," it said. The agency added that it arrested the individual in Amsterdam. The move comes days after the U.S. government sanctioned Tornado Cash -- a service that allows users to mask their transactions by jumbling funds from different sources before sending them to the ultimate destination -- for its role in enabling billions of dollars' worth of cryptocurrency to be laundered through its platform.Read more of this story at Slashdot.

The world's largest smartphone market is in deep trouble. China saw a 14.7% decline in phone shipments in the second quarter, according to research firm IDC. And multibillion-dollar pillars of the industry like Xiaomi Corp., Vivo and Oppo all reported steep sales declines. From a report: Many factors drove the fall, including a strict Covid Zero policy that torpedoed demand, but the bigger issue is one that's long been feared by the country's smartphone makers. China's 10-year-plus smartphone boom, fueled by new buyers and ceaseless upgrades, is likely coming to an end. China was eager to become a mobile nation a decade ago. It used state capital to build 4G base stations in almost every village, enabling brands like Oppo and Vivo to sell chic-looking devices to hundreds of millions of people in rural areas, most of whom had never tried a touchscreen. Apple, Samsung Electronics and Motorola pursued tech-savvy city dwellers with more expensive options. (Although the latter two quickly fell out of the game due to product flaws, marketing missteps and geopolitical pressures.) More recently, smartphone makers saw an opportunity as China pushed toward advanced 5G networks. But few saw the trouble already brewing. A key problem is that China's massive smartphone market has become highly saturated. The country has more than 1.6 billion active mobile phone accounts by the end of last year compared to its 1.4 billion population. The penetration rate is well above the global average and has led to fierce competition. The need to replace phones has also dwindled. The life cycles of smartphones are getting longer, and can be stretched when the economy isn't doing well. The price of 5G service has prompted many people in China to simply keep their adequate 4G subscriptions.Read more of this story at Slashdot.

The British government declared a drought for parts of southern, eastern and central England on Friday as the country, unaccustomed to such extreme heat, endured another day of scorching conditions. From a report: The declaration came after a group of officials and experts, including the National Drought Group, met to discuss the government's response to "the driest summer in 50 years," the Environment Agency said in a statement. Extreme-heat warnings have also been issued for parts of southern England and Wales, just weeks after Britain withered under some of its highest temperatures on record. "We are currently experiencing a second heat wave after what was the driest July on record for parts of the country," Britain's water minister, Steve Double, said in a statement released after the drought group's meeting. "Action is already being taken by the government and other partners," to deal with the drought, he added. The drought announcement will allow water companies to impose stricter conservation measures. Several water companies have temporarily banned the use of hoses to water yards and gardens and to wash vehicles. The Met Office, Britain's national weather service, issued an extreme-heat warning through Sunday for much of the southern half of England and for parts of Wales, underscoring that the soaring temperatures could not only disrupt travel but also raise the risk of heat-related illnesses for certain groups.Read more of this story at Slashdot.

An anonymous reader quotes a report from Phys.Org: In a new University of California, Irvine-led study, researchers define how the circadian clock influences cell growth, metabolism and tumor progression. Their research also reveals how disruption of the circadian clock impacts genome stability and mutations that can further drive critical tumor-promoting pathways in the intestine. In this study, researchers found that both genetic disruption and environmental disruption of the circadian clock contribute to the mutation of the adenomatous polyposis coli (APC) tumor suppressor, which is found in the vast majority of human colorectal cancers (CRC). APC point mutations, deletions, and loss of heterozygosity (LOH) events have been reported in approximately 80 percent of human CRC cases, and it is these mutations that drive the initiation of intestinal adenoma development. "As a society, we are exposed to several environmental factors that influence our biological clock, including night shift work, extended light exposure, changes in sleep/wake cycles and altered feeding behavior," said Selma Masri, Ph.D., assistant professor of biological chemistry at UCI School of Medicine. "Strikingly, we have seen an alarming increase in several young-onset cancers, including colorectal cancer. The underlying cause of this increased incidence of cancer in adults in their 20s and 30s remains undefined. However, based on our findings, we now believe that disruption of the circadian clock plays an important role." The study has been published in the journal Science Advances.Read more of this story at Slashdot.

From "Batgirl" to "Star Wars Detours" to "Seriously, Dude, I'm Gay," the Hollywood Reporter highlights twelve infamous films and series that made headlines for being canceled -- and are not available anywhere. From the report: The vast majority of axed Hollywood projects are run-of-the-mill concepts that simply didn't work out or eventually find their way online. That's not the case with these titles. The below roundup of films and TV series features projects you cannot see anywhere that have achieved a level of notoriety -- either due to their scandalous content or because fans desperately want to see them (or both). The list includes: 1. Batgirl 2. Ultimate Slip 'N Slide 3. Tremors (2018 TV Pilot) 4. Star Wars: Detours 5. Seriously, Dude, I'm Gay 6. My Best Friend's Birthday 7. 100 Years 8. Uncle Tom's Fairytales 9. Bloodmoon (Game of Thrones Prequel) 10. The Original Game of Thrones Pilot 11. Our Little Genius 12. The Day the Clown Cried Some of the canceled shows were yanked for "creative reasons" or the potential to ruin a company's brand; others were given no reasoning whatsoever, leaving it up to speculation. Under each show included on the list is an explanation of events that help to explain why it's one of the "most legendary of the unseen." You can view the full article here.Read more of this story at Slashdot.

After more than 50 years, molten salt nuclear reactors might be making a comeback. The US Department of Energy (DoE) has tapped Los Alamos National Laboratory (LANL) to lead a $9.25 million study into the structural properties and materials necessary to build them at scale. The Register reports: "The US needs projects like this one to advance nuclear technologies and help us achieve the Biden-Harris administration's goals of clean energy by 2035 and a net-zero economy by 2050," said Asmeret Asefaw Berhe, director of the office of science, in a statement. The study, conducted as part of the Scientific Discovery though Advanced Computing (SciDAC) program, seeks to gain a better understanding of the relationship between corrosion and irradiation effects at the atomic scale in metals exposed to molten salt reactors through simulation. This isn't the first time the DoE has explored this reactor tech. In the middle of last century, Oak Ridge National Laboratory (ORNL) took the lessons learned from the Aircraft Reactor experiment to build a functional nuclear aircraft power source and began construction of a molten salt test reactor. The experiments, conducted between 1957 and 1969, utilized a mixture of lithium, beryllium, zirconium, and uranium fluoride salts. Cooling was also achieved using a fluoride salt mixture, but it lacked the uranium and zirconium found in the fuel. The experiments proved promising, as molten salt reactors were generally smaller and considered safer compared to the pressurized water reactors still used today. But both proved too heavy for powered flight or materials design. Because cooling was achieved by circulating molten salt through a heat exchanger as opposed to water, the risk of a steam explosion is effectively nonexistent. However, as the Oak Ridge National Laboratory found during the Molten Salt Reactor Experiment, fluoride salts are incredibly corrosive and required hardened materials to safely contain them. "ORNL's Molten Salt Reactor Experiment utilized specialized materials fabricated from Hastelloy-N -- a nickel-molybdenum alloy developed by the lab with a high resistance to corrosion even at high temperatures," adds the reports. "The research program announced this week will revisit the material choices and examine a variety of metals using higher-performance compute resources to simulate how they'll perform at scale in these reactors."Read more of this story at Slashdot.

An anonymous reader quotes a report from Phys.Org: A new study corrects an important error in the 3D mathematical space developed by the Nobel Prize-winning physicist Erwin Schrodinger and others, and used by scientists and industry for more than 100 years to describe how your eye distinguishes one color from another. The research has the potential to boost scientific data visualizations, improve TVs and recalibrate the textile and paint industries. [...] "Our original idea was to develop algorithms to automatically improve color maps for data visualization, to make them easier to understand and interpret," [said Roxana Bujack, a computer scientist with a background in mathematics who creates scientific visualizations at Los Alamos National Laboratory and lead author of the paper]. So the team was surprised when they discovered they were the first to determine that the longstanding application of Riemannian geometry, which allows generalizing straight lines to curved surfaces, didn't work. To create industry standards, a precise mathematical model of perceived color space is needed. First attempts used Euclidean spaces -- the familiar geometry taught in many high schools; more advanced models used Riemannian geometry. The models plot red, green and blue in the 3D space. Those are the colors registered most strongly by light-detecting cones on our retinas, and -- not surprisingly -- the colors that blend to create all the images on your RGB computer screen. In the study, which blends psychology, biology and mathematics, Bujack and her colleagues discovered that using Riemannian geometry overestimates the perception of large color differences. That's because people perceive a big difference in color to be less than the sum you would get if you added up small differences in color that lie between two widely separated shades. Riemannian geometry cannot account for this effect. "We didn't expect this, and we don't know the exact geometry of this new color space yet," Bujack said. "We might be able to think of it normally but with an added dampening or weighing function that pulls long distances in, making them shorter. But we can't prove it yet." The findings appear in the journal Proceedings of the National Academy of Science.Read more of this story at Slashdot.

Matt Edmondson, a hacker and digital forensics expert, built a Raspberry Pi-powered anti-tracking tool that "scans for nearby devices and alerts you if the same phone is detected multiple times within the past 20 minutes," reports Wired. The device, which can be carried around or placed in a car, consists of parts that cost around $200 in total. From the report: The homemade system works by scanning for wireless devices around it and then checking its logs to see whether they also were present within the past 20 minutes. It was designed to be used while people are on the move rather than sitting in, say, a coffee shop, where it would pick up too many false readings. The anti-tracking tool, which can sit inside a shoebox-sized case, is made up of a few components. A Raspberry Pi 3 runs its software, a Wi-Fi card looks for nearby devices, a small waterproof case protects it, and a portable charger powers the system. A touchscreen shows the alerts the device produces. Each alert may be a sign that you are being tailed. The device runs Kismet, which is a wireless network detector, and is able to detect smartphones and tablets around it that are looking for Wi-Fi or Bluetooth connections. The phones we use are constantly looking for wireless networks around them, including networks they've connected to before as well as new networks. Edmondson says Kismet makes a record of the first time it sees a device and then the most recent time it was detected. But to make the anti-tracking system work, he had to write code in Python to create lists of what Kismet detects over time. There are lists for devices spotted in the past five to 10 minutes, 10 to 15 minutes, and 15 to 20 minutes. If a device appears twice, an alert flashes up on the screen. The system can show a phone's MAC address, although this is not much use if it's been randomized. It can also record the names of Wi-Fi networks that devices around it are looking for -- a phone that's trying to connect to a Wi-Fi network called Langley may give some clues about its owner. "If you have a device on you, I should see it," he says. In an example, he showed WIRED that a device was looking for a network called SAMSUNGSMART. To stop the system from detecting your own phone or those of other people traveling with you, it has an "ignore" list. By tapping one of the device's onscreen buttons, it's possible to "ignore everything that it has already seen." Edmondson says that in the future, the device could be modified to send a text alert instead of showing them on the screen. He is also interested in adding the capability to detect tire-pressure monitoring systems that could show recurring nearby vehicles. A GPS unit could also be added so you can see where you were when you were being tracked, he says. [...] Edmondson has no plans to make the device into a commercial product, but he says the design could easily be copied and reused by anyone with some technical knowledge. Many of the parts involved are easy to obtain or may be lying around the homes of people in tech communities. For those interested, Edmondson open-sourced its underlying code and plans to present the research project at the Black Hat security conference in Las Vegas this week.Read more of this story at Slashdot.

Meta, the owner of Facebook and Instagram, has been rewriting websites its users visit, letting the company follow them across the web after they click links in its apps, according to new research from an ex-Google engineer. The Guardian reports: The two apps have been taking advantage of the fact that users who click on links are taken to webpages in an "in-app browser," controlled by Facebook or Instagram, rather than sent to the user's web browser of choice, such as Safari or Firefox. "The Instagram app injects their tracking code into every website shown, including when clicking on ads, enabling them [to] monitor all user interactions, like every button and link tapped, text selections, screenshots, as well as any form inputs, like passwords, addresses and credit card numbers," says Felix Krause, a privacy researcher who founded an app development tool acquired by Google in 2017. Krause discovered the code injection by building a tool that could list all the extra commands added to a website by the browser. For normal browsers, and most apps, the tool detects no changes, but for Facebook and Instagram it finds up to 18 lines of code added by the app. Those lines of code appear to scan for a particular cross-platform tracking kit and, if not installed, instead call the Meta Pixel, a tracking tool that allows the company to follow a user around the web and build an accurate profile of their interests. The company does not disclose to the user that it is rewriting webpages in this way. No such code is added to the in-app browser of WhatsApp, according to Krause's research. [...] It is unclear when Facebook began injecting code to track users after clicking links. "We intentionally developed this code to honor people's [Ask to track] choices on our platforms," a Meta spokesperson told The Guardian in a statement. "The code allows us to aggregate user data before using it for targeted advertising or measurement purposes. We do not add any pixels. Code is injected so that we can aggregate conversion events from pixels." They added: "For purchases made through the in-app browser, we seek user consent to save payment information for the purposes of autofill."Read more of this story at Slashdot.

An anonymous reader quotes a report from Motherboard: A group of security researchers found a series of vulnerabilities in the software underlying popular apps like Discord, Microsoft Teams, Spotify and many others, which are used by tens of millions of people all over the world. At the Black Hat cybersecurity conference in Las Vegas on Thursday, the researchers presented their findings, detailing how they could have hacked people who use Discord, Microsoft Teams, and the chat app Element by exploiting the software underlying all of them: Electron, which is a framework built on the open source Chromium and the cross-platform javascript environment Node JS. In all these cases, the researchers submitted vulnerabilities to Electron to get them fixed, which earned them more than $10,000 in rewards. The bugs were fixed before the researchers published their research. Aaditya Purani, one of the researchers who found these vulnerabilities, said that "regular users should know that the Electron apps are not the same as their day-to-day browsers," meaning they are potentially more vulnerable. In the case of Discord, the bug Purani and his colleagues found only required them to send a malicious link to a video. With Microsoft Teams, the bug they found could be exploited by inviting a victim to a meeting. In both cases, if the targets clicked on these links, hackers would have been able to take control of their computers, Purani explained in the talk. For him, one of the main takeaways of their research is that Electron is risky precisely because users are very likely to click on links shared in Discord or Microsoft Teams.Read more of this story at Slashdot.

On Wednesday, Meta announced that the Portal Plus Gen 2 and Portal Go now support Duet Display, an app that can turn a display into a secondary monitor for Macs and PCs. Ars Technica reports: The Portal Plus is the same size as some of the best portable monitors, so it makes sense to repurpose it for that function. Because it's built for video image quality, it has a decent resolution for a portable display -- 2160x1440. Duet Display doesn't require a display to be connected to a computer via a cable, so specific Portals are now portable wireless monitors, too. At a time when webcams are integrated into many laptops, and USB webcams are easier to find again, many consumers don't need a display dedicated primarily to web calls. But an extra monitor? That's more widely appealing. With the addition of Duet Display, Portal owners have further reason to think about their Portal when they're not on a video call. Meta also gave all Portals with a touchscreen -- namely, the Portal Go, Portal Plus, Portal, and Portal Mini -- a Meta Portal Companion app for macOS. The app enables screen sharing during video calls and provides quick access to video call features, like mute and link sharing in Zoom, Workplace, and BlueJeans.Read more of this story at Slashdot.

Patrick Wardle, founder of the Objective-See Foundation, a nonprofit that creates open-source security tools for macOS, has had his code make its way into a number of commercial products over the years -- "all without the users crediting him or licensing and paying for the work," reports The Verge. Wardle, a Mac malware specialist and former employee of the NSA and NASA, will lay out his case in a presentation today at the Black Hat cybersecurity conference with Tom McGuire, a cybersecurity researcher at Johns Hopkins University. From the report: The problem, Wardle says, is that it's difficult to prove that the code was stolen rather than implemented in a similar way by coincidence. Fortunately, because of Wardle's skill in reverse-engineering software, he was able to make more progress than most. "I was only able to figure [the code theft] out because I both write tools and reverse engineer software, which is not super common," Wardle told The Verge in a call before the talk. "Because I straddle both of these disciplines I could find it happening to my tools, but other indie developers might not be able to, which is the concern." One of the central examples in Wardle's case is a software tool called OverSight, which Wardle released in 2016. Oversight was developed as a way to monitor whether any macOS applications were surreptitiously accessing the microphone or webcam, with much success: it was effective not only as a way to find Mac malware that was surveilling users but also to uncover the fact that a legitimate application like Shazam was always listening in the background. [...] But years after Oversight was released, he was surprised to find a number of commercial applications incorporating similar application logic in their own products -- even down to replicating the same bugs that Wardle's code had. Three different companies were found to be incorporating techniques lifted from Wardle's work in their own commercially sold software. None of the offending companies are named in the Black Hat talk, as Wardle says that he believes the code theft was likely the work of an individual employee, rather than a top-down strategy. The companies also reacted positively when confronted about it, Wardle says: all three vendors he approached reportedly acknowledged that his code had been used in their products without authorization, and all eventually paid him directly or donated money to the Objective-See Foundation. The Verge notes that Wardle's cousin Josh Wardle created the popular Wordle game, which was purchased earlier this year by The New York Times.Read more of this story at Slashdot.

An anonymous reader quotes a report from The Guardian: China has overtaken the US as the world leader in both scientific research output and "high impact" studies, according to a report published by Japan's science and technology ministry. The report, which was published by Japan's National Institute of Science and Technology Policy (NISTP) on Tuesday, found that China now publishes the highest number of scientific research papers yearly, followed by the US and Germany. The figures were based on yearly averages between 2018 and 2020, and drawn from data compiled by the analytics firm Clarivate. The Japanese NISTP report also found that Chinese research comprised 27.2% of the world's top 1% most frequently cited papers. The number of citations a research paper receives is a commonly used metric in academia. The more times a study is cited in subsequent papers by other researchers, the greater its "citation impact." The US accounted for 24.9% of the top 1% most highly cited research studies, while UK research was third at 5.5%. China published a yearly average of 407,181 scientific papers, pulling ahead of the US's 293,434 journal articles and accounting for 23.4% of the world's research output, the report found. China accounted for a high proportion of research into materials science, chemistry, engineering and mathematics, while US researchers were more prolific in research into clinical medicine, basic life sciences and physics. "China is one of the top countries in the world in terms of both the quantity and quality of scientific papers," Shinichi Kuroki of the Japan Science and Technology Agency told Nikkei Asia. "In order to become the true global leader, it will need to continue producing internationally recognized research."Read more of this story at Slashdot.

The nation's top public health agency relaxed its COVID-19 guidelines Thursday, dropping the recommendation that Americans quarantine themselves if they come into close contact with an infected person. The Centers for Disease Control and Prevention also said people no longer need to stay at least 6 feet away from others. The Associated Press reports: The changes, which come more than 2 1/2 years after the start of the pandemic, are driven by a recognition that an estimated 95% of Americans 16 and older have acquired some level of immunity, either from being vaccinated or infected, agency officials said. "The current conditions of this pandemic are very different from those of the last two years," said the CDC's Greta Massetti, an author of the guidelines. Perhaps the biggest education-related change is the end of the recommendation that schools do routine daily testing, although that practice can be reinstated in certain situations during a surge in infections, officials said. The CDC also dropped a "test-to-stay" recommendation, which said students exposed to COVID-19 could regularly test -- instead of quarantining at home -- to keep attending school. With no quarantine recommendation anymore, the testing option disappeared too. Masks continue to be recommended only in areas where community transmission is deemed high, or if a person is considered at high risk of severe illness.Read more of this story at Slashdot.

A study found that while some fireflies shrugged off light pollution, members of other species failed to mate even when males and females could find each other. From a report: As dusk deepens the shadow at the forest's edge, a tiny beacon lights up the gloom. Soon, the twilight is full of drifting lights, each winking a message in peculiar semaphore: "Male seeks female for brief union." This courtship plays out on summer nights the world over among beetles of the Lampyridae family, commonly known as fireflies. The darkness in which fireflies have always pursued their liaisons, however, has been breached by the glare of artificial lights. Humans' love affair with illumination has led to much of the Earth's habitable surfaces suffering light pollution at night. In recent years, scientists who study fireflies have heard from people who are worried that the insects may be in decline, said Avalon Owens, an entomologist at Tufts University. "There's this sense of doom. They seem to not be in places where they used to be," she said. So little is known about how fireflies live that it is hard to assess whether they are in danger -- and if so, why, said Dr. Owens. But in a study published Wednesday in the journal Royal Society Open Science, she and Sara Lewis, a professor of biology at Tufts University, shone some light on how fireflies respond to artificial illumination. Experiments in forests and fields as well as the lab showed that while some North American fireflies would mate with wild abandon, regardless of illumination, others did not complete a single successful mating under the glare of the lights. Fireflies seem to rely primarily on flashes of light to find each other, which means light pollution could threaten their ability to see mates. In the four common species the study examines, the females hide on the ground and observe as males wander the skies. When a female responds to a male's flashing with her own, the two enter into a dialogue that can end in a meeting, and eventually mating.Read more of this story at Slashdot.

Epson has gained some scrutiny in recent weeks after the company disabled a printer that was otherwise working fine, leading to accusations of planned obsolescence. Epson knows its printers will stop working without simple maintenance at a predictable point in the future, and it knows that it won't be cost-effective for many owners to send their home printers in for service. So why not build them to be user serviceable in the first place? The Verge: The inciting post from @marktavern mentions that his wife was unable to use her "very expensive Epson printer" after an end-of-service error message appeared. This isn't anything new for Epson printers, sadly. Reports going back several years mention an infamous error message that reads "parts inside the printer have reached the end of their service life." Epson confirmed to The Verge that the error is related to the printer's ink pads, which had likely become saturated through extended use and were now at risk of spilling into the rest of the printer mechanism. In a recently updated support document, Epson offers several solutions to resolve the problem. These include sending the printer into Epson to replace the ink pads or having a local certified technician do it. Previously (via Wayback Machine), just before the issue gained notoriety, Epson conceded that "repair may not be a good investment for lower cost printers because the printer's other components also may be near the end of usable life." It then added that "most consumers who are out of warranty elect to replace a lower-cost printer when they receive an end of life service message." Now, Epson suggests the feel-good option of sending the bricked unit in for recycling.Read more of this story at Slashdot.

Intel has released 48 benchmarks that show its upcoming Arc A750 GPU should be able to trade blows with Nvidia's RTX 3060 running modern games. From a report: While Intel set its expectations low for its Arc GPUs last month, the company has now tested its A750 directly against the RTX 3060 across 42 DirectX 12 titles and six Vulkan games. The results look promising for what will likely be Intel's mainstream GPU later this year. Intel has tested the A750 against popular games like Fortnite, Control, and Call of Duty: Warzone, instead of the cherry picked handful of benchmarks the company released last month. "These are all titles that we picked because they're popular," explains Intel fellow Tom Petersen, in Intel's benchmark video. "Either reviewers are using them or they're high on the Steam survey, or new and exciting. These are not cherry picked titles." We'll have to wait for independent benchmarks, but based on Intel's testing, the A750 looks like it will compete comfortably with Nvidia's RTX 3060. "You'll see we're kinda trading blows with the RTX 3060," says Petersen. "Sometimes we win, sometimes we lose." Intel's performance is, on average, 3 to 5 percent better than Nvidia's when it wins on titles running at 1080p. Over on the 1440p side, it looks like Intel wins on more of the benchmarks. On average it's a win of about 5 percent across the 42 games. Intel has also tested six Vulkan titles, where it seems be trading blows with the RTX 3060 once again.Read more of this story at Slashdot.

LinkedIn has laid off all the employees on the professional social network's global events marketing team amid continued economic uncertainty and layoffs at parent company Microsoft earlier this week. From a report: While a LinkedIn spokesperson did not disclose the exact number of employees affected, they confirmed the entire team was laid off. Affected employees are being encouraged to apply for roles on a new internal team focused on creating virtual, hybrid, and in-person experiences. "The events space has changed so much, and broadly speaking, this new team will focus on creating experiences across virtual, hybrid, and in-person to bring people together," the LinkedIn spokesperson told Insider. Chuck Jones, a senior event marketing manager on LinkedIn's global event marketing team, posted about the layoffs on LinkedIn on Wednesday.Read more of this story at Slashdot.

An anonymous reader shares a report: Technology to build cleaner, more efficient air conditioners does exist. Two major AC manufacturers, Daikin and Gree Electric Appliances, shared the top award at last year's Global Cooling Prize, an international competition focused on designing climate-friendly AC tech. Both companies created ACs with higher internal performance that used less environmentally damaging refrigerants; the new units could reduce their impact on the climate by five times. [...] Another strategy is to double down on heat pumps, which are air conditioners that also work in reverse, using vapor compression to absorb and move heat into a home, instead of releasing it outside. Heat pumps usually cost several thousand dollars, though the Inflation Reduction Act includes a proposal for a significant heat pump rebate, and President Joe Biden has invoked the Defense Production Act to ramp up production. Experts have argued installing heat pumps is critical to another important climate goal: transitioning away from fossil fuel-powered furnaces, which are an even bigger source of emissions than cooling. The holy grail of HVAC would be a heat pump that could provide both heating and cooling but isn't dependent on vapor compression. [...] Another challenge, though, is that heat pumps are not the easiest appliance to install, especially for renters, who don't necessarily have the money or ability to invest in bulky HVAC systems. To address this problem, a company called Gradient has designed a heat pump that easily slides over a windowsill -- it doesn't block light -- and currently uses a refrigerant called R32, which is supposed to have a (comparatively) low global warming potential. Gradient recently won a contract to install its units in New York City public housing.Read more of this story at Slashdot.

The rapid warming of the Arctic, a definitive sign of climate change, is occurring even faster than previously described, researchers in Finland said Thursday. From a report: Over the past four decades the region has been heating up four times faster than the global average, not the commonly reported two to three times. And some parts of the region, notably the Barents Sea north of Norway and Russia, are warming up to seven times faster, they said. The result is faster melting of the Greenland ice sheet, which leads to greater sea-level rise. But it also affects atmospheric circulation in North America and elsewhere, with impacts on weather like extreme rainfall and heat waves, although some of the impacts are a subject of debate among scientists. While scientists have long known that average temperatures in the Arctic are increasing faster than the rest of the planet, the rate has been a source of confusion. Studies and news accounts have estimated it is two to three times faster than the global average. Mika Rantanen, a researcher at the Finnish Meteorological Institute in Helsinki, said he and his colleagues decided to look at the issue in the summer of 2020, when intense heat waves in the Siberian Arctic drew a lot of attention. The new findings are bolstered by those of another recent study, led by scientists at Los Alamos National Laboratory, which found similar rates of warming, although over a different time span.Read more of this story at Slashdot.

Professionals pursuing that 'just right' look for LinkedIn profiles and resumes are tapping high-end headshot photographers who say they can help clients look better, feel better -- and boost their careers. From a report: Nailing your professional headshot seems harder and more clutch than ever at a time of record job changes and on-screen first impressions. The buttoned-up and made-up looks that once dominated business directories and professional profiles now seem stuffy in the work-from-anywhere era. Selfies are free, but some people chasing that just-so photo for their LinkedIn profile are paying $1,000 or more for headshots. Their quests are fueling a cottage industry of headshot photographers who offer facial-expression coaching and promise to help even the most insecure subjects look and feel great. "I'm not a photographer per se," says Peter Hurley, who charges $1,500 for a headshot session and $300 for each image his clients keep. "I consider myself a facial conveyance strategist." His go-to move is telling people to "squinch," by which he means raise the lower eyelids -- just a tad -- in a modified squint. Photographers hoping to mimic his techniques can pay $1,800 for one of his weekend workshops. Mr. Hurley started taking headshots about 20 years ago, having learned the basics of photography while modeling to fund his pursuit of an Olympic sailing berth. (He didn't make the five-ring regatta, but he had a hell of a six-pack.) His early clients were fellow models and actors. Now, shooting at studios in New York and Los Angeles, he estimates 90% are business types tired of their bland, yearbook-style profile pics and willing to shell out to stand out. In certain ways, the importance of a good headshot is measurable. LinkedIn, which enjoys more traffic when profiles are more engaging, reports that bios with headshots get 21 times more views than those without, and users receive nine times more connection requests when they include pictures of themselves. Headshots don't help everyone equally, says executive recruiter Martha Heller. She notes that the leaders of a company trying to fill a key position may have predetermined notions of what the ideal candidate should look like. Historically, they've often pictured a white man, though clients are increasingly seeking people who will diversify the senior ranks, she says. In any case, an applicant's odds of receiving an offer can be diminished by a headshot that doesn't match the picture in the boss's mind. Catalant, an online marketplace for independent consultants, says freelancers with headshots in their profiles are hired more often, but some businesses screen out names and photos because race and gender markers can play into unconscious biases and disadvantage certain candidates.Read more of this story at Slashdot.

In a lengthy document submitted to the Brazilian government as part of its investigation into Microsoft's acquisition of Activision Blizzard, Microsoft has claimed Sony pays developers "blocking rights" to prevent games from appearing on Xbox Game Pass. From a report: The accusation appears in a 27-page rebuttal of Sony's recent objections to Microsoft's Activision Blizzard buyout, made to Brazil's Administrative Council for Economic Defense (CADE) as part of its investigation. Much of Sony's argument had focused on Call of Duty - which it claimed had "no rival" and was "so popular that it influences users' choice of console" -- with the PlayStation maker suggesting, among other things, that the inclusion of Call of Duty on Microsoft's Game Pass service would hamper its ability to compete. Microsoft's response is as wide-ranging as Sony's initial objections, touching on everything from the fact it has previously managed to grow Game Pass without Activision Blizzard's titles -- suggesting Call of Duty mightn't be quite as "essential" as Sony claims -- to a reiteration of its assurances that it won't be making Call of Duty an Xbox console exclusive. It's here that Microsoft takes a swipe at Sony, pointing out (as per a Google-translated version of its filing) that for all its concerns around exclusivity, "the use of exclusive arrangements has been at the heart of Sony's strategy to strengthen its presence in the gaming industry." Microsoft says Sony's concerns are "incoherent", given that, by virtue of PlayStation's dominant market share, the company is a leader in the distribution of digital games - especially when, as Microsoft claims, Sony has actively hampered the growth of Game Pass by paying for "'blocking rights' to prevent developers from adding content to Game Pass and other competing subscription services." Further reading: Microsoft Justifies Activision Blizzard's $69 Billion Acquisition By Telling Regulator Call of Duty Publisher Doesn't Release 'Unique' Games.Read more of this story at Slashdot.

The most ambitious upgrade to the Ethereum blockchain should take place in September, possibly closer to the middle of the month, developers working on the project said during a conference call after what was billed as a final dress rehearsal. From a report: Developers have picked a number of so-called total terminal difficulty required of the final block mined in Ethereum before the network switches to new software. Figuring out the exact date range when the upgrade will occur will require complex calculations, and will be a moving target, depending on changes to the network's use and support, developers said on the call that was broadcast over YouTube on Thursday. The final date range is expected to be approved during another developer call next week, though the software engineers are currently looking at Sept. 16 to Sept. 20. Called the Merge, the software upgrade has been in the works for years, and it will change the way Ethereum orders transactions to become more energy efficient. Instead of using energy-guzzling computers called miners, the network will deploy so-called validators using staked Ether tokens -- a setup called proof of stake. Following years of delays, the time for the Merge is finally being set after Wednesday's completion of the Goerli merge test, which simulated the Merge on a smaller scale. A few problems popped up during the test, developers reported on the call. Goerli merge, which many celebrated with parties broadcast on YouTube, was the final test before the actual Merge was to take place.Read more of this story at Slashdot.

Mailchimp appears to have suspended the accounts of several crypto-related firms, according to the affected outlets. Crypto firms on the chopping board include intelligence platform Messari. From a report: Founder Ryan Selkis posted on Twitter revealing the suspension and expressing his disappointment. Crypto wallet provider Edge, NFT artist Ocarina, and Jesse Friedland -- the founder of NFT collection Cryptoon Goonz -- are among prominent names that appear to have had their accounts suspended in the last several weeks, according to the Decrypt report.Read more of this story at Slashdot.

The Federal Trade Commission is seeking public feedback on a proposed rulemaking to limit what it's dubbed "commerical surveillance" by businesses that sell or share information collected about people. From a report: The advance notice, announced Thursday, would protect the personal data companies such as Alphabet Inc. and Meta Platforms Inc. collect about consumers.Read more of this story at Slashdot.

Google will stop giving snappy answers to stupid questions, the company has announced, as it seeks to improve its search engine's "featured snippets" service. From a report: That means users should see fewer answers to questions such as "When did Snoopy assassinate Abraham Lincoln?", to which the service would once merrily respond with "1865" -- the right date, but very much the wrong assassin. "This clearly isn't the most helpful way to display this result," said the company's head of search, Pandu Nayak, in a blogpost announcing the changes. "We've trained our systems to get better at detecting these sorts of false premises, which are not very common, but there are cases where it's not helpful to show a featured snippet. We've reduced the triggering of featured snippets in these cases by 40% with this update." Snippets, which sometimes show up as a featured response to direct questions asked of Google Search, have long been a cornerstone of the company's AI strategy. The same technology powers its smart speakers and voice assistants, and lets the search engine satisfy search queries without visitors clicking away to other websites. But the snippets, which are automatically generated from the contents of websites, have also been a thorn in Google's side for just as long. [...] In an effort to address the root cause of such mistakes, Google is also rolling out new warnings for times when a search term has hit a "data void" -- a question where a good answer might simply not exist.Read more of this story at Slashdot.

Tim Culpan, writing at Bloomberg: As Washington embarks on a multi-billion dollar, decade-long semiconductor development campaign, Beijing is reckoning with its own 20-year effort that's largely failed to deliver. Both will need to grapple with wasted funds and misguided goals as they play catch-up to Taiwan and South Korea. Architects of China's ambitious efforts may be facing the music for having not produced world-beating technology, Bloomberg News reported this week. Multiple corruption probes announced by authorities stem from anger among the nation's top leaders over an inability to develop semiconductors that could replace American components, it reported. Two of the most scrutinized areas are the $9 billion bailout of Tsinghua Unigroup Co., and the National Integrated Circuit Industry Investment Fund -- known as the Big Fund. For all intents and purposes, China has failed to achieve its semiconductor goals, and those tasked with realizing them are being brought to account. Beijing won't be smarting at the loss of money -- it's been willing to burn cash -- but at the lack of progress such expenditure was supposed to buy. Those looking at China's achievements are mostly finding what they seek, and ignoring the rest. Semiconductor Manufacturing International, for example, got a lot of attention recently when industry analysts TechInsights wrote: "SMIC has been able to fabricate features that are small enough to be considered 7nm."Read more of this story at Slashdot.

An anonymous reader quotes a report from BleepingComputer: Cisco confirmed today that the Yanluowang ransomware group breached its corporate network in late May and that the actor tried to extort them under the threat of leaking stolen files online. The company revealed that the attackers could only harvest and steal non-sensitive data from a Box folder linked to a compromised employee's account. "Cisco experienced a security incident on our corporate network in late May 2022, and we immediately took action to contain and eradicate the bad actors," a Cisco spokesperson told BleepingComputer. "Cisco did not identify any impact to our business as a result of this incident, including Cisco products or services, sensitive customer data or sensitive employee information, intellectual property, or supply chain operations. On August 10 the bad actors published a list of files from this security incident to the dark web. We have also implemented additional measures to safeguard our systems and are sharing technical details to help protect the wider security community." The Yanluowang threat actors gained access to Cisco's network using an employee's stolen credentials after hijacking the employee's personal Google account containing credentials synced from their browser. The attacker convinced the Cisco employee to accept multi-factor authentication (MFA) push notifications through MFA fatigue and a series of sophisticated voice phishing attacks initiated by the Yanluowang gang that impersonated trusted support organizations. The threat actors finally tricked the victim into accepting one of the MFA notifications and gained access to the VPN in the context of the targeted user. Once they gained a foothold on the company's corporate network, Yanluowang operators spread laterally to Citrix servers and domain controllers. "They moved into the Citrix environment, compromising a series of Citrix servers and eventually obtained privileged access to domain controllers," Cisco Talos said. After gaining domain admin, they used enumeration tools like ntdsutil, adfind, and secretsdump to collect more information and installed a series of payloads onto compromised systems, including a backdoor. Ultimately, Cisco detected and evicted them from its environment, but they continued trying to regain access over the following weeks. [...] Last week, the threat actor behind the Cisco hack emailed BleepingComputer a directory listing of files allegedly stolen during the attack. The threat actor claimed to have stolen 2.75GB of data, consisting of approximately 3,100 files. Many of these files are non-disclosure agreements, data dumps, and engineering drawings.Read more of this story at Slashdot.

Researchers from Stanford University and Nvidia have teamed up to help develop VR glasses that look a lot more like regular spectacles. PC Gamer reports: "A major barrier to widespread adoption of VR technology, however, is the bulky form factor of existing VR displays and the discomfort associated with that," the research paper published at Siggraph 2022 says. These aptly named "Holographic Glasses" can deliver a full-colour 3D holographic image using optics that are only 2.5mm thick. Compared to the traditional way a VR headset works, in which a lens magnifies a smaller display some distance away from it, shrinking all the prerequisite parts down to such a small size is quite the spectacular step forward for VR. The Holographic Glasses prototype uses pancake lenses, which is a concept that has been thrown around a couple of times in the past few years. These pancake lenses not only allow for a much smaller profile but reportedly they have a few other benefits, too: the resolution they can offer is said to be unlimited, meaning you can crank up the resolution for VR headsets, and they offer a much wider field of view at up to 200 degrees. [...] The research paper lists the glasses as such: "a coherent light source that is coupled into a pupil-replicating waveguide, which provides the illumination for a phase-only SLM that is mounted on the waveguide in front of the user's eye. This SLM creates a small image behind the device, which is magnified by a thin geometric phase (GP) lens." Though, it's very much a promise of what's to come more than an immediately shippable product today. There are some limitations: while there's scope to have a much higher FOV than current generation VR headsets, this particular wearable prototype only offered an FOV of 22.8 degrees. The benchtop prototype offered even less, at only 16.1 degrees. "[The FOV] is far smaller than commercially available VR/AR displays. However, the FOV was mainly limited by the size of the available SLM and the focal length of the GP lens, both of which could be improved with different components," the researchers say. Another limitation is the likely requirement for a very accurate measurement of the user's pupil, which won't be easy without a well-thought-out design. It would be possible to use an infrared gaze tracker to do this, the researchers note, but you'd need to be able to track the wearer's pupil size constantly as they will adjust often to different light conditions while using the glasses.Read more of this story at Slashdot.

The FCC is canceling $886 million in funding for Starlink to expand access in rural areas, citing the satellite internet system's cost and doubts over whether it can supply fast enough speeds. PC Magazine reports: The agency today announced it had rejected "long-form applications" from both SpaceX and an ISP called LTD Broadband to secure funding from the FCC's Rural Digital Opportunity Fund. "The Commission determined that these applications failed to demonstrate that the providers could deliver the promised service," the FCC said in a statement. FCC Chairwoman Jessica Rosenworcel added: "We cannot afford to subsidize ventures that are not delivering the promised speeds or are not likely to meet program requirements." In December 2020, the FCC awarded $886 million to SpaceX to help its Starlink service supply high-speed broadband to 642,925 locations in 35 states. However, it came with a requirement that SpaceX provide a long-form application about how Starlink would meet its obligations before the federal funding could be fully secured. The FCC's goal with the Rural Digital Opportunity Fund is to supply gigabit internet speeds to over 85% of the selected rural locations and at least 100Mbps download speeds for all 99.7% of the locations in the coming years. "Starlink's technology has real promise," Rosenworcel said. "But the question before us was whether to publicly subsidize its still developing technology for consumer broadband -- which requires that users purchase a $600 dish -- with nearly $900 million in universal service funds until 2032."Read more of this story at Slashdot.

An anonymous reader quotes a report from The Drive: If you don't want to pay for in-car subscriptions every month, no problem: Just pay it all upfront. That's the line from General Motors today after news spread that it's making a three-year, $1,500 OnStar connected services subscription a mandatory "option" for new Buick, GMC, and Cadillac Escalade models. The subscription, which enables things like using your phone as a key fob, data-enabled navigation, audio streaming, and Amazon's Alexa virtual assistant, is still optional on other GM vehicles, with the Premium package running $49.99 a month. But don't be surprised if this new setup spreads across the automaker's full portfolio. The $1,500 charge for OnStar will effectively raise the base prices of these cars, though the exact increase varies from model to model. All Buicks will see a price increase of $1,500. Higher trim GMCs will see an increase of as little as $905 with the Hummer EV getting no MSRP boost. Base model GMC pickups, the Sierra and Canyon, are hit the hardest with a $1,675 increase. By far the most common price hike is $1,500, which also applies to the Cadillac Escalade, Automotive News reports. Speaking to GM Authority, a spokesperson said making customers pay for the service will "enhance [their] vehicle ownership experience." They went on to state that "By including this plan as standard equipment on the vehicle, it provides more customer value and a more seamless onboarding experience." The automaker confirmed to AN that buyers who don't activate OnStar and have no desire to use the services will not be offered a discount. Further reading: BMW Starts Selling Heated Seat Subscriptions For $18 a MonthRead more of this story at Slashdot.

The Internal Revenue Service is seeking to identify customers of cryptocurrency prime dealer SFOX as part of its efforts to force crypto investors to pay taxes on their holdings. Bloombeg reports: In court filings in New York and Los Angeles, the tax authority asked federal judges to let it serve summonses on SFOX and M.Y. Safra Bank, which partnered with SFOX in 2019 to offer its customers cash deposit accounts backed by the Federal Deposit Insurance Corporation. The IRS is seeking account and transaction records for users with cryptocurrency transactions over $20,000 in any year from 2016 to 2021. "Transactions in cryptocurrency have grown substantially in recent years, and the IRS is concerned that taxpayers are not properly reporting these transactions on their tax returns," a lawyer for the government said in court papers filed Monday in Los Angeles. Meanwhile, according to Bloomberg (paywalled), the FTC is "investigating the operators of the BitMart cryptocurrency exchange over a December 2021 hack that led to consumer losses between $150 million and $200 million -- marking the agency's first known probe into crypto markets."Read more of this story at Slashdot.

Iran has announced it used cryptocurrency to pay for imports, raising the prospect that the nation is using digital assets to evade sanctions. The Register reports: Trade minister Alireza Peyman Pak revealed the transaction with the tweet [here], which translates as "This week, the first official import order was successfully placed with cryptocurrency worth ten million dollars. By the end of September, the use of cryptocurrencies and smart contracts will be widespread in foreign trade with target countries." It is unclear what Peman Pak referred to with his mention of widespread use of crypto for foreign trade, and the identity of the foreign countries he mentioned is also obscure. But the intent of the announcement appears clear: Iran will use cryptocurrency to settle cross-border trades.Read more of this story at Slashdot.

As first reported by Music Ally, Spotify is testing a new website to sell tickets directly to fans, "rather than just linking to external ticketing firms." From the report: For now, this is strictly a test rather than a full commercial launch. It kicks off [August 10] with a small number of artists, with pre-sale tickets available to fans through Spotify's app and a newly-launched tickets.spotify.com website. The test is happening in the US, with Annie DiRusso, Tokimonsta, Osees, Dirty Honey, Limbeck, Crows and Four Years Strong the first artists confirmed for the initiative. The tickets will come from those artists' pre-sale allocations for upcoming concerts. Don't get carried away with any 'Spotify takes on Ticketmaster' hyperbole just yet. The company is making it very clear that this is just a test for now, and that it's focused on pre-sales rather than primary ticketing. [...] The theory behind the test kicking off this week is to find out whether Spotify can both widen its involvement in pre-sales while selling the tickets directly. We would expect that to include a share of the revenues, although Spotify declined to give any details of the business model. There's another obvious motivation behind the test. Pre-sales of their own allocations can be an important income stream for artists, so if Spotify can help them do it, that could be a reputation-booster at a time of renewed debate (alright: big arguments) about musicians' streaming royalties. If Spotify can also become one of the ways artists ensure their tickets go to genuine fans rather than touts -- resales are not allowed in the test -- that could also be positive. And in this case, Spotify has the data to prove whether ticket buyers are genuine fans: their listening history. Important caveat: there's no suggestion at this point that Spotify will use this data as a barrier to purchase, in a 'you can't buy this artist's pre-sale ticket because you haven't streamed them enough' way. We're imagining something else: options for artists to promote their native-Spotify pre-sales to their biggest listeners in the cities / regions where the concerts are happening.Read more of this story at Slashdot.

An anonymous reader quotes a report from TechCrunch: Top crypto VCs are constantly touting the potential of video games as one of the most compelling use cases for blockchain technology. [...] TechCrunch talked to Justin Kan, co-founder of Twitch and more recently, Solana-based gaming NFT marketplace Fractal, to get his thoughts on what it will take for this subsector of web3 to live up to the hype. Kan said that web3 gaming has a long way to go -- while there are about 3 billion gamers in the world, including those who play mobile games, he noted, far fewer have bought or interacted with any sort of blockchain-based gaming asset. Kan sees this gap as an opportunity for blockchain technology to fundamentally change how video game studios operate. "I think the idea of creating digital assets, and then taxing everyone for all the transactions around them is a good model," Kan said. In some ways, web3 gaming was been built in response to the success of games such as Fortnite that were able to unlock a lucrative monetization path for gaming studios through micro-transactions from users buying custom items such as outfits and weapons. Web3 game developers hope to take that vision a step further by enabling players to take those custom digital assets between different games, turning gaming into an interoperable, immersive ecosystem, Kan explained. Kan has made around 10 angel investments in web3 gaming startups, including in the studio behind NFT-based shooter game BR1: Infinite Royale, he said. Still, he admitted that building this interoperable ecosystem, which he sees as the future of video games overall, doesn't technically require blockchain technology at all. "Blockchain is just the way that it's going to happen, I think, because there's a lot of cultural momentum around people equating blockchain with openness and trusting things that are decentralized on the blockchain." [T]he appeal of an open gaming ecosystem is more about the principle of the matter than it is about making a living. "I actually think that people equate NFTs and games with this play-to-earn model where people are making money and doing their job [by gaming], and I think that's completely unnecessary," Kan said. "Having digital assets in your game can work and be valuable, even if nobody is making money and there's no speculative appreciation or price appreciation on your assets," he added. It's common for popular games to attract new development on top of their existing intellectual property. Kan shared the example of Counter-Strike: Global Offensive (CSGO), a video game in which custom "skins" have sold for as much as $150,000 each. "I funded a company that builds on top of the CSGO skins," he said. "CSGO changed the rules about what was allowed and actually confiscated over a million dollars just from this company -- so yeah, I don't want to build on top of these non-open platforms anymore." "Kan sees blockchain-based games as just a 'more economically immersive' version of the marketplaces that already exist in video games," adds TechCrunch. "He doesn't think users will flock to blockchain gaming just to make money, though." "I think that web3 games are just being more open and saying, instead of this being a black market, we're going to make this a real market and people's economic participation is going to vary to different levels. There's gonna be people who only play the game and never buy things with money. There's gonna be some people who are making some side money because they're really good at the game, and they're getting some things in the game they're selling [or trading]." He added: "In order for this market to actually be big, it's going to require normal people who want to play games for fun to play these games. That doesn't exist yet. I think most of the market today is people who are crypto-native."Read more of this story at Slashdot.

As part of an effort to make its streaming business profitable, Disney announced that the price of ad-free Disney+ will rise 38% to $10.99 -- "a $3 per month increase," reports CNBC. "The price of Hulu without ads will rise by $2 per month, from $12.99 to $14.99, effective as of Oct. 10. Hulu with ads will go up by $1 per month, rising from $6.99 to $7.99." From the report: The price increases reflect the growing operating loss for Disney's streaming services. Disney+, Hulu and ESPN+ combined to lose $1.1 billion in the fiscal third quarter, $300 million more than the average analyst estimate, reflecting the higher cost of content on the services. The increased operating loss occurred even while Disney added about 15 million new Disney+ subscribers in the quarter, about 5 million more than analysts estimated. Disney has previously stated it plans to lose money on Disney+ until 2024. Average revenue per user for Disney+ decreased by 5% in the quarter in the U.S. and Canada due to more customers taking cheaper multi-product offerings. Overall, the company's quarterly results, also announced Wednesday, beat analysts' expectations on the top and bottom lines. Disney+ subscriptions rose to 152.1 million during the most recent period, higher than Wall Street's projections of 147 million. In a separate article, CNBC reports that Disney now projects between 215 million and 245 million total Disney+ customers by 2024, "down 15 million on both the low end and high end of the company's previous guidance." Previously, the guidance was between 230 million and 260 million by the end of fiscal 2024. They also reaffirmed its expectation that the streaming service will become profitable by the end of 2024.Read more of this story at Slashdot.

Pew Research has published a new report that examines social media usage trends among US teens. The organization found that a whopping 95 percent of them use YouTube, while 19 percent are on the platform "almost constantly." Engadget reports: Perhaps unsurprisingly, two-thirds (67 percent) said they used TikTok, with 16 percent claiming they are on the app "almost constantly." The third most-popular social media platform among teens is Instagram, per Pew, with 62 percent using it. A tenth say they use it almost all the time -- despite the app occasionally telling them to take a break. A previous poll conducted in 2014-15 found that 52 percent were using Instagram (Pew didn't ask about YouTube usage for that survey and TikTok didn't exist at the time). Snapchat also rose among teens, with 59 percent using it in 2022, compared with 41 percent in the previous poll. Facebook was the top social media app among teens seven years ago, with 71 percent of them using it, but that figure has dropped to 32 percent. Teen adoption of Twitter (down from 33 percent to 23 percent) and Tumblr (14 percent to five percent) has fallen over the same period too. The 2014-15 poll didn't ask about Twitch, WhatsApp or Reddit. These days, a fifth of teens use Twitch, 17 percent are on WhatsApp and 14 percent are accessing Reddit.Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: Amazon will expand its Amazon One palm print checkout system to dozens of Whole Foods locations, marking the most significant expansion of the technology that was introduced in 2020. Amazon One allows customers to speedily check out at retail locations using only their palm prints after storing a scan of their hand via an interface at Amazon's kiosks. The palm print data is encrypted and stored on Amazon's servers. And before you worry too much about COVID-19 transmission or future pandemics, Amazon One works when you hover your palm over the scanner -- unlike some handprint tech. Amazon initially added the technology in its Amazon Go stores and the now-shuttered Amazon Books retail locations. It then made its way to several Whole Foods locations in the Seattle area. (Amazon has owned the Whole Foods grocery chain since 2017.) Now, Amazon Go will expand to 65 Whole Foods stores across California. The rollout starts in Malibu and Santa Monica, with more locations adopting it in Los Angeles, Santa Cruz, and the Bay Area over the next few weeks. Amazon previously rolled the tech out to a few select locations in California, but never at this scale.Read more of this story at Slashdot.

LG Display has shown off some interesting ideas as it looks to change the way OLED panels work, from positing bizarre form factors to addressing dimmer brightness levels compared to LED alternatives. Now, the panel maker is exploring a new approach to OLED TV audio. From a report: Today, LG Display announced its creation of a 97-inch OLED EX TV panel that debuts the company's Cinematic Sound OLED (CSO), "which allows the display to vibrate and generate the sound directly from the display without separate speakers." "A 5.1 channel sound system is embedded into the widescreen, creating a performance that offers a cinematic level of immersion," LG Display said. Sony has used similar technology called Acoustic Surface in OLED TVs since 2017. These sets also don't use speakers and instead vibrate actuators behind the display. However, Sony doesn't compare Acoustic Surface to 5.1 surround sound. Instead, it encourages users to connect their own gear to the set and to use the TV as the center channel for a surround sound setup. Considering audio will be coming from a central point rather than all around you, it's hard to imagine LG Display's gargantuan TV panel can deliver the surround sound experience of a movie theater.Read more of this story at Slashdot.

The preliminary Mercury Research CPU market share results are in for the second quarter of 2022, arriving during what is becoming a more dire situation for the PC market as sales cool after several years of stratospheric growth. From a report: According to the recent earnings report from Intel, AMD, and Nvidia, the recovery will be a long one. Still, for now, AMD appears to be weathering the storm better than its opponents as it continued to steal market share from Intel in every segment of the CPU market. The desktop PC market is still on fire, but it isn't a good kind of fire. Intel issued a dire earnings report last week -- the company lost money for the first time in decades, partially driven by PC declines. Intel also announced it was delaying its critical Xeon Sapphire Rapids data center chips and killing off another failing business unit, Optane; the sixth unit retired since new CEO Pat Gelsinger took over. In contrast, AMD's revenue was up 70% year-over-year as the company continued to improve its already-great profitability. AMD is firing on all cylinders and will launch its Ryzen 7000 CPUs, RDNA 3 GPUs, and EPYC Genoa data center processors on schedule. That consistent execution continues to pay off. AMD continued to take big strides in the mobile/laptop market, setting another record for unit share in that segment with 24.8%. AMD also gained in the server market for the 13th consecutive quarter, reaching 13.9% of the market. Notably, AMD's quarterly gain in servers is the highest we've seen with our historical data, which dates back to 2017.Read more of this story at Slashdot.