Sandwich chain Subway can be sued over claims it is allegedly misleading customers when it says its tuna products are in fact "100% tuna," a federal judge in California said Monday. From a report: The suit, originally brought by Oakland-area resident Nilima Amin in January 2021, claims Subway's tuna "partially or wholly lack tuna as an ingredient" and "contain other fish species, animal products, or miscellaneous products aside from tuna." The claims are based on testing performed at a UCLA marine biology laboratory. Subway has responded by saying any product that is not tuna in its tuna products would most likely be the result of cross-contact occurring as one of its employees prepares a sandwich.Read more of this story at Slashdot.
PyPI or the Python Package Index is giving away 4,000 Google Titan security keys as part of its move to mandatory two-factor authentication (2FA) for critical projects built in the Python programming language. ZDNet reports: PyPI, which is managed by the Python Software Foundation, is the main repository where Python developers can get third-party developed open-source packages for their projects. [...] One way developers can protect themselves from stolen credentials is by using two-factor authentication and the PSF is now making it mandatory for developers behind "critical projects" to use 2FA in coming months. PyPI hasn't declared a specific date for the requirement. "We've begun rolling out a 2FA requirement: soon, maintainers of critical projects must have 2FA enabled to publish, update, or modify them," the PSF said on its PyPI Twitter account. As part of the security drive, it is giving away 4,000 Google Titan hardware security keys to project maintainers gifted by Google's open source security team. "In order to improve the general security of the Python ecosystem, PyPI has begun implementing a two-factor authentication (2FA) requirement for critical projects. This requirement will go into effect in the coming months," PSF said in a statement. "To ensure that maintainers of critical projects have the ability to implement strong 2FA with security keys, the Google Open Source Security Team, a sponsor of the Python Software Foundation, has provided a limited number of security keys to distribute to critical project maintainers. PSF says it deems any project in the top 1% of downloads over the prior six months as critical. Presently, there are more than 350,000 projects on PyPI, meaning that more than 3,500 projects are rated as critical. PyPI calculates this on a daily basis so the Titan giveaway should go a long way to cover a chunk of key maintainers but not all of them. In the name of transparency, PyPI is also publishing 2FA account metrics here. There are currently 28,336 users with 2FA enabled, with nearly 27,000 of them using a 2FA app like Microsoft Authenticator. There are over 3,800 projects rated as "critical" and 8,241 PyPI users in this group. The critical group is also likely to grow since projects that have been designated as critical remain so indefinitely while new projects are added to mandatory 2FA over time. The 2FA rule applies to both project maintainers and owners.Read more of this story at Slashdot.
An anonymous reader quotes a report from The Drive: Hackers have uncovered ways to unlock and start nearly all modern Honda-branded vehicles by wirelessly stealing codes from an owner's key fob. Dubbed "Rolling Pwn," the attack allows any individual to "eavesdrop" on a remote key fob from nearly 100 feet away and reuse them later to unlock or start a vehicle in the future without owner's knowledge. Despite Honda's dispute that the technology in its key fobs "would not allow the vulnerability," The Drive has independently confirmed the validity of the attack with its own demonstration. Older vehicles used static codes for keyless entry. These static codes are inherently vulnerable, as any individual can capture and replay them at will to lock and unlock a vehicle. Manufacturers later introduced rolling codes to improve vehicle security. Rolling codes work by using a Pseudorandom Number Generator (PRNG). When a lock or unlock button is pressed on a paired key fob, the fob sends a unique code wirelessly to the vehicle encapsulated within the message. The vehicle then checks the code sent to it against its internal database of valid PRNG-generated codes, and if the code is valid, the car grants the request to lock, unlock, or start the vehicle. The database contains several allowed codes, as a key fob may not be in range of a vehicle when a button is pressed and may transmit a different code than what the vehicle is expecting to be next chronologically. This series of codes is also known as a "window," When a vehicle receives a newer code, it typically invalidates all previous codes to protect against replay attacks. This attack works by eavesdropping on a paired keyfob and capturing several codes sent by the fob. The attacker can later replay a sequence of valid codes and re-sync the PRNG. This allows the attacker to re-use older codes that would normally be invalid, even months after the codes have been captured. [...] Contrary to Honda's claim, I independently confirmed the vulnerability by capturing and replaying a sequence of lock and unlock requests with my 2021 Honda Accord and a Software-Defined Radio. Despite being able to start and unlock the car, the vulnerability doesn't allow the attacker to actually drive off with the vehicle due to the proximity functionality of the key fob. However, the fact that a bad actor can get this far is already a bad sign. At this time, the following vehicles may be affected by the vulnerability: 2012 Honda Civic, 2018 Honda X-RV, 2020 Honda C-RV, 2020 Honda Accord, 2021 Honda Accord, 2020 Honda Odyssey, 2021 Honda Inspire, 2022 Honda Fit, 2022 Honda Civic, 2022 Honda VE-1, and 2022 Honda Breeze. It's not yet clear if this affects any Acura-branded vehicles. "[W]e've looked into past similar allegations and found them to lack substance," said a Honda spokesperson in a statement to The Drive. "While we don't yet have enough information to determine if this report is credible, the key fobs in the referenced vehicles are equipped with rolling code technology that would not allow the vulnerability as represented in the report. In addition, the videos offered as evidence of the absence of rolling code do not include sufficient evidence to support the claims."Read more of this story at Slashdot.
The Financial Stability Board (FSB) said on Monday it would propose "robust" global rules for cryptocurrencies in October, following recent turmoil in markets that has highlighted the need to regulate the "speculative" sector. From a report: The FSB, a body of regulators, treasury officials and central bankers from the Group of 20 economies (G20), has so far limited itself to monitoring the crypto sector, saying it did not pose a systemic risk. But recent turmoil in crypto markets has highlighted their volatility, structural vulnerabilities and increasing links to the wider financial system, the FSB said.Read more of this story at Slashdot.
Nearly all industrial scale Bitcoin miners in Texas have shut off their machines as the companies brace for a heat wave that is expected to push the state's power grid near its breaking point. From a report: Miners such as Riot Blockchain, Argo Blockchain and Core Scientific, who operate millions of energy-intensive computers to secure the Bitcoin blockchain network and earn rewards in the token, flocked to the Lone Star State thanks to its low energy costs and liberal regulations on crypto mining. The state has become one of the largest crypto-mining hubs by computing power in the world. "There are over 1,000 megawatts worth of Bitcoin mining load that responded to ERCOTs conservation request by turning off their machines to conserve energy for the grid." Lee Bratcher, president of Texas Blockchain Association told Bloomberg in an email response. "This represents nearly all industrial scale Bitcoin mining load in Texas and allows for over 1% of total grid capacity to be pushed back onto the grid for retail and commercial use." Miners may see a drop in profitability as the heat wave keeps their machines off by sending energy prices soaring and further stressing the state's power grid. The miners are already struggling to repay debt and raise additional capital with Bitcoin prices in sharp decline.Read more of this story at Slashdot.
We're a couple of months out from Apple officially rolling out the next major versions of its various operating systems. However, you can try out iOS 16, iPadOS 16, watchOS 9, macOS Ventura and tvOS 16 right now. Apple has released a public beta, a few weeks after it offered up the first developer betas. To access them, you'll need to sign up for the Apple Beta Software Program and follow the directions.Read more of this story at Slashdot.
Adding salt to meals at the table is linked to an earlier death, according to a study of 500,000 middle-aged Britons. From a report: Researchers found that always adding salt to food knocks more than two years off life expectancy for men and one-and-a-half years for women. This does not include seasoning during the cooking process. The study did not definitively rule out other factors, such as salt consumption being a proxy for a generally less healthy lifestyle, but the team behind the work said the evidence was compelling enough that people should consider avoiding seasoning their meals. "To my knowledge, our study is the first to assess the relation between adding salt to foods and premature death," said Prof Lu Qi of Tulane University School of Public Health and Tropical Medicine in New Orleans, who led the work. "Even a modest reduction in sodium intake, by adding less or no salt to food at the table, is likely to result in substantial health benefits, especially when it is achieved in the general population." The findings were based on research involving more than 500,000 participants in the UK Biobank study, who were followed for an average of nine years. When joining the study between 2006 and 2010, they were asked, via a touchscreen questionnaire, whether they added salt to their foods and how often they did so.Read more of this story at Slashdot.
The world's largest crypto exchange, Binance, continued to process trades by clients in Iran despite U.S. sanctions and a company ban on doing business there, a Reuters investigation has found. From the report: In 2018, the United States reimposed sanctions that had been suspended three years earlier as part of Iran's nuclear deal with major world powers. That November, Binance informed traders in Iran it would no longer serve them, telling them to liquidate their accounts. September last year, only losing access after the exchange tightened its anti-money laundering checks a month earlier. Until that point, customers could trade by registering with just an email address.Read more of this story at Slashdot.
Microsoft is still planning to block Visual Basic for Applications (VBA) macros by default in Office apps. From a report: The software giant rolled back planned changes last week, surprising IT admins who had been preparing for Microsoft to prevent Office users from easily enabling macros in Office files downloaded from the internet. The change, designed to improve security in Office, was supposed to go live in June before Microsoft suddenly reverted the block on June 30th. "Following user feedback, we have rolled back this change temporarily while we make some additional changes to enhance usability," explains Kellie Eickmeyer, principal product manager at Microsoft, in a blog post update. "This is a temporary change, and we are fully committed to making the default change for all users."Read more of this story at Slashdot.
Klarna Bank's valuation has been slashed to $6.7 billion in its latest funding round, in a dramatic reversal for one of Europe's most high-profile startups. From a report: The buy-now-pay-later giant said it raised $800 million from new and existing investors, according to a statement Monday. Its new valuation is down from the $45.6 billion it achieved in June 2021, with Klarna reducing its ambitions several times during the latest talks with investors. Once one of the world's most valuable startups, Klarna was discussing valuations as high as $60 billion as recently as February. That was before the war in Ukraine and rising rates helped to spark a market-wide collapse.Read more of this story at Slashdot.
Security reporter Brian Krebs: Twice in the past month KrebsOnSecurity has heard from readers who had their accounts at big-three credit bureau Experian hacked and updated with a new email address that wasn't theirs. In both cases the readers used password managers to select strong, unique passwords for their Experian accounts. Research suggests identity thieves were able to hijack the accounts simply by signing up for new accounts at Experian using the victim's personal information and a different email address. John Turner is a software engineer based in Salt Lake City. Turner said he created the account at Experian in 2020 to place a security freeze on his credit file, and that he used a password manager to select and store a strong, unique password for his Experian account. Turner said that in early June 2022 he received an email from Experian saying the email address on his account had been changed. Experian's password reset process was useless at that point because any password reset links would be sent to the new (impostor's) email address. An Experian support person Turner reached via phone after a lengthy hold time asked for his Social Security Number (SSN) and date of birth, as well as his account PIN and answers to his secret questions. But the PIN and secret questions had already been changed by whoever re-signed up as him at Experian.Read more of this story at Slashdot.
Myanmar's junta government is installing Chinese-built cameras with facial recognition capabilities in more cities across the country, Reuters reported Monday, citing three people with direct knowledge of the matter. From the report: In tenders to procure and install the security cameras and facial recognition technology, the plans are described as safe city projects aimed at maintaining security and, in some cases, preserving civil peace, said the people who are or have been involved in the projects. Since the February 2021 coup, local authorities have started new camera surveillance projects for at least five cities including Mawlamyine - the country's fourth-largest city, according to information from the three people who asked not to be identified for fear of reprisals by the junta. The new projects are in addition to five cities where camera systems touted as crime prevention measures were either installed or planned by the previous government led by Aung San Suu Kyi, according to the sources and local media.Read more of this story at Slashdot.
In a twist, a massive trove of stolen bitcoins will repay the dark web market creator's $183 million restitution. Wired: Ross Ulbricht, the convicted creator of the legendary Silk Road dark web market for drugs, has never gotten much mercy from the US legal system. In 2015, he was sentenced to life in prison without parole. His appeal was denied, as was the pardon he sought from President Trump. But a little over a year ago, it appears Ulbricht finally got a break of a different kind: The nine-figure debt he owed to the US government as part of his sentence will be erased -- all thanks to the fortuitous hoarding of a hacker who'd stolen a massive trove of bitcoins from his market. Last year, prosecutors quietly signed an agreement with Ulbricht stipulating that a portion of a newfound trove of Silk Road bitcoins, seized from an unnamed hacker, will be used to cancel out the more than $183 million in restitution Ulbricht was ordered to pay as part of his 2015 sentence, a number calculated from the total illegal sales of the Silk Road based on exchange rates at the time of each transaction. Despite the fact that the more recently unearthed stash of bitcoins -- now worth billions of dollars -- was itself criminal proceeds, the Justice Department appears to have made a deal with Ulbricht to avoid any claim he might have made to the money: In exchange for Ulbricht's agreement to waive any ownership he might have of the bitcoins, a portion of them will be used to pay off his restitution in its entirety. "The parties agree that the net proceeds realized from the sale of the [bitcoins] forfeited pursuant to this agreement shall be credited toward any unpaid balance of the Money Judgment," reads a court filing from last year, using the phrase "money judgment" to refer to Ulbricht's 2015 restitution order. The document, filed in February of 2021, is signed by both Ulbricht and David Countryman, a prosecutor in the asset forfeiture unit of the US Attorney's office for the Northern District of California. The Department of Justice didn't respond to WIRED's request for comment. Ulbricht, of course, still faces life in prison. He has already served eight years of that sentence at jails in New York and penitentiaries in Colorado and Arizona. But the repayment of his restitution could mean that he's able to earn money in prison to share with family or friends without it being seized or garnished to pay his debts -- or even keep any previously unknown caches of bitcoins that he may possess, so long as they aren't tied to the Silk Road or other criminal sources. And if his sentence is eventually commuted, as his supporters and a years-long Free Ross campaign have petitioned for since even before his sentencing, he would reenter the world as a free man without hundreds of millions of dollars in debt.Read more of this story at Slashdot.
Popular Science reports:A raft of thin-film silicon bubbles deployed from Earth into outer space and stretching to the size of Brazil could potentially block the Sun's solar radiation from further warming Earth, possibly helping to not only stave off climate change, but potentially reverse it. This new "space bubbles" plan offered by scientists at the Massachusetts Institute of Technology rifts off a concept first offered by astronomer Roger Angel. The multidisciplinary team of architects, civil and mechanical engineers, physicists and material scientists have worked on the technical and social aspects of what the group calls a "planetary-scale project" in an effort to find a non-Earth-bound solution to climate change. The MIT group believes that if the raft of bubbles can deflect 1.8 percent of incident solar radiation before it hits Earth, they can fully reverse today's global warming. Even if they can't establish a 1.8 percent shading, they trust a smaller percentage provides enough benefit to help mitigate global warming. To make it happen, the group proposes deploying small, inflatable bubbles into outer space that they could then manufacture into a space raft the size of Brazil and suspend near the L1 Lagrangian Point, the location between the Earth and Sun where the gravitational influence of both bodies cancel out. The team does suggest having some sort of system to ensure the raft stays in place and that may provide the ability to move the bubbles closer to the Sun for optimal impact.... MIT cautions they don't view the project as a replacement to current adaption and mitigation efforts, but as a backup solution should climate change spin out of control... They plan to investigate low vapor-pressure materials to rapidly inflate and assemble the rafts, whether with a silicon-based melt or a graphene-reinforced ionic liquid... The team also believes a bit of science fiction may help in finding "novel ways" of shipping the material to space, such as a magnetic accelerator, known as a railgun.Read more of this story at Slashdot.
Elon Musk just tweeted a picture of himself laughing — along with a caption he'd apparently added himself. "They said I couldn't buy Twitter. Then they wouldn't disclose bot info. Now they want to force me to buy Twitter in court. Now they have to disclose bot info in court." In fact, tonight The Register cited one of the documents Twitter filed in court after Musk's lawyer argued Twitter had "failed or refused" to provide info on spam accounts. But so far it's just a letter Musk's lawyer wrote to the court on Friday, explaining in more detail why Musk wants to call off the acquisition:One segment of the document claims that Musk and his team sought "a variety of board materials, including a working, bottom-up financial model for 2022, a budget for 2022, an updated draft plan or budget, and a working copy of Goldman Sachs' valuation model underlying its fairness opinion." "Twitter has provided only a pdf copy of Goldman Sachs' final Board presentation." Other disclosures, the document states, "come with strings attached, use limitations or other artificial formatting features, which has rendered some of the information minimally useful to Mr. Musk and his advisors. "For example, when Twitter finally provided access to the eight developer 'APIs' first explicitly requested by Mr. Musk in the May 25 Letter, those APIs contained a rate limit lower than what Twitter provides to its largest enterprise customers. Twitter only offered to provide Mr. Musk with the same level of access as some of its customers after we explained that throttling the rate limit prevented Mr. Musk and his advisors from performing the analysis that he wished to conduct in any reasonable period of time. "Additionally, those APIs contained an artificial 'cap' on the number of queries that Mr. Musk and his team can run regardless of the rate limit — an issue that initially prevented Mr. Musk and his advisors from completing an analysis of the data in any reasonable period of time," the document states. Musk and his team raised the issue of query limits on June 29, but Twitter did not change the limit until July 6 — after Musk asked for its removal a second time.... Musk felt Twitter was in breach of the merger agreement. So he pulled the plug, leaving open the questions of why Twitter might have provided only limited access to its APIs, or why it could not offer more access given it operates at significant scale. In fact, it's one of three reasons for ending the acquisition that Musk's lawyer makes in the letter. Materially-relevant figures on spam accounts were reason number one. ("Twitter has not provided information that Mr. Musk has requested for nearly two months notwithstanding his repeated, detailed clarifications intended to simplify Twitter's identification, collection, and disclosure of the most relevant information sought in Mr. Musk's original requests.") But there's more... Musk's lawyer also argues Twitter is in breach of the merger agreement because of "materially inaccurate representations" — specifically their figures on monetizable daily active users. While Musk's analysis "remains ongoing, all indications suggest that several of Twitter's public disclosures...are either false or materially misleading." While Twitter has claimed they have a reasoned process for calculating monetizable daily active users (and the percentage of spam accounts), Musk's lawyer argues that instead the process "appears to be arbitrary and ad hoc," rendering Twitter's statements "false and misleading." And thus, "Mr. Musk has the right to seek rescission of the Merger Agreement in the event these material representations are determined to be false." But finally Musk's lawyer provides a third reason for ending the acquisition. Twitter was required to "seek and obtain consent before deviating from its obligation to conduct its business in the ordinary course and 'preserve substantially intact the material components of its current business organization.'" The lawyer's letter argues that didn't happen:Twitter's conduct in firing two key, high-ranking employees, its Revenue Product Lead and the General Manager of Consumer, as well as announcing on July 7 that it was laying off a third of its talent acquisition team, implicates the ordinary course provision. Twitter has also instituted a general hiring freeze which extends even to reconsideration of outstanding job offers. Moreover, three executives have resigned from Twitter since the Merger Agreement was signed: the Head of Data Science, the Vice President of Twitter Service, and a Vice President of Product Management for Health, Conversation, and Growth. But Twitter hadn't received "consent for changes in the conduct of its business, including for the specific changes listed above," according to Musk's lawyer, which "therefore constitute a material breach of Section 6.1 of the Merger Agreement."Read more of this story at Slashdot.
The New York Times describes Pegasus as "a 'zero-click' hacking tool that can remotely extract everything from a target's mobile phone [and] turn the mobile phone into a tracking and recording device." But they also report that the tool's "notorious" maker, NSO Group, was visited "numerous times" in recent months by a executives from American military contractor L3Harris — makes of the cellphone-tracking Stingray tool — who'd wanted to negotiate a purchase of the company. Their first problem? The U.S. government had blacklisted NSO Group in November, saying Pegasus had been used to compromise phones of political leaders, human rights activists and journalists.But five people familiar with the negotiations said that the L3Harris team had brought with them a surprising message that made a deal seem possible. American intelligence officials, they said, quietly supported its plans to purchase NSO, whose technology over the years has been of intense interest to many intelligence and law enforcement agencies around the world, including the F.B.I. and the C.I.A. The talks continued in secret until last month, when word of NSO's possible sale leaked and sent all the parties scrambling. White House officials said they were outraged to learn about the negotiations, and that any attempt by American defense firms to purchase a blacklisted company would be met by serious resistance.... Left in place are questions in Washington, other allied capitals and Jerusalem about whether parts of the U.S. government — with or without the knowledge of the White House — had seized an opportunity to try to bring control of NSO's powerful spyware under U.S. authority, despite the administration's very public stance against the Israeli firm.... [NSO Group] had seen a deal with the American defense contractor as a potential lifeline after being blacklisted by the Commerce Department, which has crippled its business. American firms are not allowed to do business with companies on the blacklist, under penalty of sanctions. As a result, NSO cannot buy any American technology to sustain its operations — whether it be Dell servers or Amazon cloud storage — and the Israeli firm has been hoping that being sold to a company in the United States could lead to the sanctions being lifted.... L3 Harris's representatives told the Israelis that U.S. intelligence agencies supported the acquisition as long as certain conditions were met, according to five people familiar with the discussions. One of the conditions, those people said, was that NSO's arsenal of "zero days" — the vulnerabilities in computer source code that allow Pegasus to hack into mobile phones — could be sold to all of the United States' partners in the so-called Five Eyes intelligence sharing relationship. The other partners are Britain, Canada, Australia and New Zealand. "Several people familiar with the talks said there have been attempts to resuscitate the negotiations..."Read more of this story at Slashdot.
Microsoft describes "thriving" at work as being "energized and empowered to do meaningful work." So Microsoft's "people analytics" chief and its "culture measurements" director teamed up for a report in Harvard Business Review exploring "as we enter the hybrid work era... how thriving can be unlocked across different work locations, professions, and ways of working." ZDNet columnist Chris Matyszczyk took special note of the researchers' observation that "Employees who weren't thriving talked about experiencing siloes, bureaucracy, and a lack of collaboration," asking playfully, "Does that sound like Microsoft to you?"Klinghoffer and McCune were undeterred in their search for the secret of happiness. They examined those who spoke most positively about thriving at work and work-life balance. They reached a startling picture of a happy Microsoft employee. They said: "By combining sentiment data with de-identified calendar and email metadata, we found that those with the best of both worlds had five fewer hours in their workweek span, five fewer collaboration hours, three more focus hours, and 17 fewer employees in their internal network size." Five fewer collaboration hours? 17 fewer employees in their internal network? Does this suggest that the teamwork mantra isn't working so well? Does it, in fact, intimate that collaboration may have become a buzzword for a collective that is more a bureaucracy than a truly productive organism? Klinghoffer and McCune say collaboration isn't bad in itself. However, they say: "It is important to be mindful of how intense collaboration can impact work-life balance, and leaders and employees alike should guard against that intensity becoming 24/7." If you're a leader, you have a way to stop it. If you're an employee, not so much. The Microsoft researchers' conclusion? "Thriving takes a village" (highlighting the importance of managers), and that "the most common thread among those who were not thriving was a feeling of exclusion — from a lack of collaboration to feeling left out of decisions to struggling with politics and bureaucracy." Matyszczyk's conclusion? "It's heartening to learn, though, that perhaps the most important element to making an employee happy at work is giving them time to, well, actually work."Read more of this story at Slashdot.
"Aside from drawing photo-realistic images and holding seemingly sentient conversations, AI has failed on many promises," writes the cofounder and CEO of Serve Robotics:The resulting rise in AI skepticism leaves us with a choice: We can become too cynical and watch from the sidelines as winners emerge, or find a way to filter noise and identify commercial breakthroughs early to participate in a historic economic opportunity. There's a simple framework for differentiating near-term reality from science fiction. We use the single most important measure of maturity in any technology: its ability to manage unforeseen events commonly known as edge cases. As a technology hardens, it becomes more adept at handling increasingly infrequent edge cases and, as a result, gradually unlocking new applications... Here's an important insight: Today's AI can achieve very high performance if it is focused on either precision, or recall. In other words, it optimizes one at the expense of the other (i.e., fewer false positives in exchange for more false negatives, and vice versa). But when it comes to achieving high performance on both of those simultaneously, AI models struggle. Solving this remains the holy grail of AI.... Delivery Autonomous Mobile Robots (AMRs) are the first application of urban autonomy to commercialize, while robo-taxis still await an unattainable hi-fi AI performance. The rate of progress in this industry, as well as our experience over the past five years, has strengthened our view that the best way to commercialize AI is to focus on narrower applications enabled by lo-fi AI, and use human intervention to achieve hi-fi performance when needed. In this model, lo-fi AI leads to early commercialization, and incremental improvements afterwards help drive business KPIs. By targeting more forgiving use cases, businesses can use lo-fi AI to achieve commercial success early, while maintaining a realistic view of the multi-year timeline for achieving hi-fi capabilities. After all, sci-fi has no place in business planning.Read more of this story at Slashdot.
"If I want AWS to ignore me completely all I have to do is open a pull request against one of their repositories," quipped cloud economist Corey Quinn in April, while also complaining that the real problem is "how they consistently and in my opinion incorrectly try to shape a narrative where they're contributing to the open source ecosystem at a level that's on par with their big tech company peers." But on Friday tech columnist Matt Asay argued that AWS is quietly getting better at open source. "Agreed," tweeted tech journalist Steven J. Vaughan-Nichols in response, commending "Good open source people, good open-source work." (And Vaughan-Nichols later retweeted an AWS principle software engineer's announcement that "Over at Amazon Linux we are hiring, and also trying to lead and better serve customers by being more involved in upstream communities.") Mark Atwood, principle engineer for open source at Amazon, also joined Asay's thread, tweeting "I'm glad that people are noticing. Me and my team have been doing heavy work for years to get to this point. Generally we don't want to sit at the head of the table, but we are seeing the value of sitting at the table." Asay himself was AWS's head of developer marketing/Open Source strategy for two years, leaving in August of 2021. But Friday Asay's article noted a recent tweet where AWS engineer Divij Vaidya announced he'd suddenly become one of the top 10 contributors to Apache Kafka after three months as the founding engineer for AWS's Apache Kafka open source team. (Vaida added "We are hiring for a globally distributed fully remote team to work on open source Apache Kafka! Join us.") Asay writes:Apache Kafka is just the latest example of this.... This is exactly what critics have been saying AWS doesn't do. And, for years, they were mostly correct. AWS was, and is, far more concerned with taking care of customers than being popular with open-source audiences. So, the company has focused on being "the best place for customers to build and run open-source software in the cloud." Historically, that tended to not involve or require contributing to the open-source projects it kept building managed services around. Many felt that was a mistake — that a company so dependent on open source for its business was putting its supply chain at risk by not sustaining the projects upon which it depended... PostgreSQL contributor (and sometime AWS open-source critic) Paul Ramsey has noticed. As he told me recently, it "[f]eels like a switch flipped at AWS a year or two ago. The strategic value of being a real stakeholder in the software they spin is now recognized as being worth the dollars spent to make it happen...." What seems to be happening at AWS, if quietly and usually behind the scenes, is a shift toward AWS service teams taking greater ownership in the open-source projects they operationalize for customers. This allows them to more effectively deliver results because they can help shape the roadmap for customers, and it ensures AWS customers get the full open-source experience, rather than a forked repo with patches that pile up as technical debt. Vaidya and the Managed Service for Kafka team is an example along with Madelyn Olson, an engineer with AWS's ElastiCache team and one of five core maintainers for Redis. And then there are the AWS employees contributing to Kubernetes, etcd and more. No, AWS is still not the primary contributor to most of these. Not yet. Google, Microsoft and Red Hat tend to top many of the charts, to Quinn's point above. This also isn't somehow morally wrong, as Quinn also argued: "Amazon (and any company) is there to make money, not be your friend." But slowly and surely, AWS product teams are discovering that a key element of obsessing over customers is taking care of the open-source projects upon which those customers depend. In other words, part of the "undifferentiated heavy lifting" that AWS takes on for customers needs to be stewardship for the open-source projects those same customers demand. UPDATE: Reached for a comment today, Asay clarified his position on Quinn's original complaints about AWS's low level of open source contributions. "What I was trying to say was that while Corey's point had been more-or-less true, it wasn't really true anymore."Read more of this story at Slashdot.
In the last two weeks, six new Linux laptops have hit the market (or were announced). "The Linux hardware scene is getting better by the day," writes the site FOSS Weekly:Star Labs teases its new StarFighter Linux Laptop with a 4K (10-bit IPS) display. MNT Research introduces a "more affordable" 7-inch mini Linux laptop, the MNT Pocket Reform. KDE's Slimbook 4 is here with AMD Ryzen 7 5700U processor and a better battery, starting from $1,000. "Buying from Slimbook supports KDE development too," notes Gaming on Linux, adding that there's a choice of 14 or 15.6 inch displays. TUXEDO's Pulse 15 — Gen2 (also with an AMD Ryzen 7 5700U processor) has a 15-inch HiDPI WQHD 165Hz display, along with eight cores and 16 threads. (And the Register notes its twin cooling fans, "allowing them to overclock the chip and run it at 35W," and a choice of distros.)Pre-orders have opened for the Roma — the first RISC-V Laptop (which may ship in September). Ars Technica reports they're offering "free Silicon upgrades" — that is free system-on-a-chip and system-on-module upgrades for its quad-core RISC-V CPU. And there's also a companion NPU/GPU, notes a blog post at RISCV.org, "for the fastest, seamless RISC-V native software development available." (As well as "early access to next-generation laptop and accessory upgrades at generous discounts or for free.") The blog post calls it a "Web3-friendly platform with NFT creation and publication plus integrated MetaMask-style wallet." System 76's "Lemur" Alder Lake- and coreboot-powered laptop arrives with 14 hours of battery life.Read more of this story at Slashdot.
"Today at the Electronic Frontier Foundation, we're celebrating 32 years of fighting for technology users around the world," reads a new announcement posted at EFF.org:If you were online back in the 90s, you might remember that it was pretty wild. We had bulletin boards, FTP, Gopher, and, a few years later, homespun websites. You could glimpse a future where anyone, anywhere in the world could access information, float new ideas, and reach each other across vast distances. It was exciting and the possibilities seemed endless. But the founders of EFF also knew that a better future wasn't automatic. You don't organize a team of lawyers, technologists, and activists because you think technology will magically fix everything — you do it because you expect a fight. Three decades later, thanks to those battles, the internet does much of what it promised: it connects and lifts up major grassroots movements for equity, civil liberties, and human rights and allows people to connect and organize to counteract the ugliness of the world. But we haven't yet won that future we envisioned. Just as the web connects us, it also serves as a hunting ground for those who want to surveil and control our actions, those who wish to harass and spread hate, as well as others who seek to monetize our every move and thought. Information collected for one purpose is freely repurposed in ways that oppress us, rather than lift us up. The truth is that digital tools allow those with horrible ideas to connect with each other just as it does those with beautiful, healing ones. EFF has always seen both the beauty and destructive potential of the internet, and we've always put our marker down on the side of justice, freedom, and innovation. We work every day toward a future we want to live in, and we don't do it alone. Support from the public makes every one of EFF's activism campaigns, software projects, and court filings possible. Together, we anchor the movement for a better digital world, and ensure that technology supports freedom, justice, and innovation for all people of the world. In fact, I invite every digital freedom supporter to join EFF during our summer membership drive. Right now, you can be a member for as little as $20, get some special new gear, and ensure that tech users always have a formidable defender in EFF. So how does the EFF team celebrate this auspicious anniversary? EFF does what it does best: stand up for users and innovators in the courts, in the halls of power, in the public conversation. We build privacy-protecting tools, teach skills to community members, share knowledge with allies, and preserve the best aspects of the wild web. In other words, we use every tool in our deep arsenal to fight for a better and brighter digital future for all. Thank you for standing with EFF when it counts.Read more of this story at Slashdot.
The Washington Post shares details from "a trove of more than 124,000 previously undisclosed Uber records." For example, in 2015 Uber CEO Travis Kalanick often pulled an emergency kill switch on its data — that is, "ordered the computer systems in Amsterdam cut off from Uber's internal network, making data inaccessible to authorities as they raided its European headquarters, documents show." "Please hit the kill switch ASAP," Kalanick had emailed, ordering a subordinate to block the office laptops and other devices from Uber's internal systems. "Access must be shut down in AMS," referring to Amsterdam. Uber's use of what insiders called the "kill switch" was a brazen example of how the company employed technological tools to prevent authorities from successfully investigating the company's business practices as it disrupted the global taxi industry, according to the documents. During this era, as Uber's valuation was surging past $50 billion, government raids occurred with such frequency that the company distributed a Dawn Raid Manual to employees on how to respond. It ran more than 2,600 words with 66 bullet points. They included "Move the Regulators into a meeting room that does not contain any files" and "Never leave the Regulators alone." That document, like the text and email exchanges related to the Amsterdam raid, are part of the Uber Files, an 18.7-gigabyte trove of data obtained by the Guardian and shared with the International Consortium of Investigative Journalists, a nonprofit newsroom in Washington that helped lead the project, and dozens of other news organizations, including The Washington Post. The files, spanning 2013 to 2017, include 83,000 emails and other communications, presentations and direct messages. They show that Uber developed extensive systems to confound official inquiries, going well past what has been known about its efforts to trip up regulators, government inspectors and police. Far from simply developing software to connect drivers and customers seeking rides, Uber leveraged its technological capabilities in many cases to gain a covert edge over authorities.... According to the documents and interviews with former employees, the company used a program called Greyball to keep authorities from hailing cars — and potentially impounding them and arresting their drivers. It used a technology called "geofencing" that, based on location data, blocked ordinary use of the app near police stations and other places where authorities might be working. And it used corporate networking management software to remotely cut computers' access to network files after they had been seized by authorities.... Greyball was created as a fraud-fighting tool to limit scammers' access to the app, a former executive said, and was at times used to frustrate violent Uber opponents hunting drivers. But Uber operations executives took control of the program and redeployed it against the government, former employees said. The International Consortium of Investigative Journalists describes their trove of documents as "the secret story of how the tech giant won access to world leaders, cozied up to oligarchs and dodged taxes amid chaotic global expansion."Read more of this story at Slashdot.
Bun is "a modern JavaScript runtime like Node or Deno," according to its newly-launched web site, "built from scratch to focus on three main things." - Start fast (it has the edge in mind).- New levels of performance (extending JavaScriptCore, the engine).- Being a great and complete tool (bundler, transpiler, package manager). Bun is designed as a drop-in replacement for your current JavaScript & TypeScript apps or scripts — on your local computer, server or on the edge. Bun natively implements hundreds of Node.js and Web APIs, including ~90% of Node-API functions (native modules), fs, path, Buffer and more. [And Bun also implements Node.js' module resolution algorithm, so you can use npm packages in bun.js] The goal of Bun is to run most of the world's JavaScript outside of browsers, bringing performance and complexity enhancements to your future infrastructure, as well as developer productivity through better, simpler tooling.... Why is Bun fast? An enormous amount of time spent profiling, benchmarking and optimizing things. The answer is different for every part of Bun, but one general theme: [it's written in Zig.] Zig's low-level control over memory and lack of hidden control flow makes it much simpler to write fast software. An infographic on the site claims its server-side rendering of React is more than three times faster than Node or Deno. And Bun.js can even automatically load environment variables from .env files, according to the site.No more require("dotenv").load() Hackaday describes it as "a performant all-in-one approach," including "bundling, transpiling, module resolution, and a fantastic foreign-function interface."Many Javascript projects have a bundling and transpiling step that takes the source and packages it together in a more standard format. Typescript needs to be packaged into javascript, and modules need to be resolved. Bun bakes all this in. Typescript and JSX "just work." This dramatically simplifies many projects as much of the build infrastructure is part of Bun itself, lowering cognitive load when trying to understand a project...Some web-specific APIs, such as fetch and Websockets, are also built-in. "What's even wilder is that Bun is written by one person, Jared Sumner," the article points out — adding that the all the code is available on GitHub under the MIT License ("excluding dependencies which have various licenses.")Read more of this story at Slashdot.
"There are now more than 11,000 wind turbines on and offshore, which produce nearly a quarter of the UK's electricity," reports the BBC. But rather than rely on future windfarms to build their own connections to the grid, the country's national grid operator, National Grid ESO, plans to spend £54 billion ($64B) on its biggest network upgrade in 60 years:National Grid ESO, which runs the electricity network, said the plan it has laid out would enable the government to deliver 50GW of offshore wind power by 2030 — a third of the UK's electricity demand — while creating 168,000 jobs. It claimed the network could lead to more than £50bn of investments over the next eight years.... These network upgrades are deemed essential to accommodate and integrate a new raft of renewable energy projects also announced on Thursday. A total of 23 gigawatts (GW) of electricity — 24 million homes worth at current power usage — worth of contracts were awarded this morning to bidders wishing to build new renewable facilities. The auction saw offshore wind prices hit a new record low at a quarter of the current cost of gas generated power. The article notes 21,000 people signed a petition urging longer offshore networking instead. One advocacy group complains that building onshore power lines through regions like rural East Anglia is "short-sighted and shameful."Read more of this story at Slashdot.
Researchers from two Germany universities 'have demonstrated quantum entanglement of two atoms separated by 33 km (20.5 miles) of fiber optics," reports New Atlas. Besides being a new distance record, "The team says this is an important step on the way to realizing a practical quantum internet."In their experiments, the team entangled two rubidium atoms kept in optical traps in two different buildings on the Ludwig-Maximilians-University Munich campus. They were separated by 700 m (2,297 ft) of fiber optics, which was extended out to 33 km with extra spools of cable. Each atom was excited with a laser pulse, which causes it to emit a photon that's quantum entangled with the atom. The photons are then sent down the fiber optic cables to meet at a receiving station in the middle. There, the photons undergo a joint measurement, which entangles them — and because they're each already entangled with their own atom, the two atoms become entangled with each other as well. While photons have been entangled over great distances before, this study marks a new distance record for entangling two atoms, which could function as "quantum memory" nodes, over fiber optics.Read more of this story at Slashdot.
Long-time Slashdot reader schwit1 quotes a (paywalled) article from Bloomberg: There has been a sense in financial circles that the fever among American executives to shorten supply lines and bring production back home would prove short-lived. As soon as the pandemic started to fade, so too would the fad, the thinking went. And yet, two years in, not only is the trend still alive, it appears to be rapidly accelerating. "This is just economics," says one executive who made the move National Review shared some telling excerpts from the article:The construction of new manufacturing facilities in the US has soared 116% over the past year... There are massive chip factories going up in Phoenix: Intel is building two just outside the city; Taiwan Semiconductor Manufacturing is constructing one in it. And aluminum and steel plants that are being erected all across the south... Scores of smaller companies are making similar moves, according to Richard Branch, the chief economist at Dodge. Not all are examples of reshoring. Some are designed to expand capacity. But they all point to the same thing — a major re-assessment of supply chains in the wake of port bottlenecks, parts shortages and skyrocketing shipping costs that have wreaked havoc on corporate budgets in the US and across the globe.... In January, a UBS survey of C-suite executives revealed the magnitude of this shift. More than 90% of those surveyed said they either were in the process of moving production out of China or had plans to do so. And about 80% said they were considering bringing some of it back to the US. (Mexico has also become a popular choice.)Read more of this story at Slashdot.
15-year-old Ellis Pinsky stole $23.8 million worth of cryptocurrency — and his life was never the same. For example, Rolling Stone reports, in his last year of high school, "Four men wearing ski masks and gloves, armed with knives, rope, brass knuckles, and a fake 9 mm," crept around the back of his home in the suburbs:Two weeks before the break-in, a lawsuit had been filed against him, and news stories had circulated connecting him to the hack. He knew that the thieves wanted this money, the millions and millions of dollars he had stolen. He also knew that he couldn't give it to them. He didn't have it. Not anymore. The magazine paints the portrait of "an anxious young man in Invisalign braces" who describes the revelation he'd had at the age of 13. "The internet held such secrets. All he had to do was uncover them."As he soon found, there were plenty of people working to uncover them all the time, and willing to share their methods — for a price.... Realizing that a lot of the information social engineers used came from hacked databases, he began teaching himself to program, particularly to do the Structured Query Language injections and cross-site scripting that allowed him to attack companies' database architecture. The terabyte upon terabyte of databases he extracted, traded, and hoarded made him valuable to OGUsers as well as to others, like the Russian hackers he was able to converse with thanks to his fluency with his mother's native language... By the time he was 14, he tells me, "I think it's fair to say I had the capabilities to hack anyone." The article describes him as "attending high school by day and extracting the source code of major corporations by night.... He was 14 years old and taken with the thrill of possessing a hidden superpower, of spending his nights secretly tapping into an underground world where he was esteemed and even feared. And then, in the morning, being called downstairs to breakfast."He wrote a Python script to comb through social media networks and seek out any mentions of working for a [cellphone] carrier. Then he'd reach out with an offer of compensation for helping him with a task. Every fifth or sixth person — underpaid and often working a short-term contract — would say they were game, as Pinsky tells it. For a couple hundred dollars' worth of bitcoin, they'd be willing to do a SIM swap, no questions asked. Eventually, Pinsky says, he had employees at every major carrier also working for him. Then the stakes got even higher. It was only a matter of time before OG hackers, known to each other as "the Community," realized that if they could use the SIM-swapping method to steal usernames, they could just as easily use it to steal cryptocurrency... In one massive heist Pinksky stole 10% of all the Trigger altcoins on the market from crypto impresario Michael Terpin. ("As Pinsky's money launderers were converting it, the market was crashing in real time.") Pinsky recruited a crew to launder the money — at least one of which simply kept it — but even with all the conversion fees, he still made off with millions. And then...For a while, he half-expected the FBI to knock on his door at any moment, just like in the movies; but as time passed, he grew less anxious.... He says he moved on to learning different types of programming. He ran a sneaker business that used bots and scripts to snap up limited pairs then flip them... He went to soccer practice. He and his friends had started hanging out with girls on the weekend, driving down to the docks where you could see the glowing lights from the Tappan Zee Bridge. Until Terpin figured out it was Pinsky who'd robbed him:Pinsky and his legal team preempted his arrest by contacting the U.S. attorney directly and offering his cooperation. In February 2020, he voluntarily returned every last thing he says he got from the Terpin heist: 562 bitcoins, the Patek watch, and the cash he'd stored in the safe under his bed.... When I ask if he has also worked with the FBI to help bring down other hackers, he blinks quickly and then changes the subject. Pinsky has not been criminally charged — partly because he was a minor, but also because of his cooperation with law enforcement. But filing a civil suit, Terpin wants to be compensated with triple the amount stolen, arguing that the teenager who robbed him was running an organized crime racket and that he should be heavily punished to set an example. Rolling Stone's article raisees the question: what should happen next?Read more of this story at Slashdot.
An anonymous reader shares this article from WION:A report from the Boston Consulting Group (BCG) has revealed that investments in plant-based meat alternatives lead to far greater cuts in climate-heating emissions than other green investments. The improved investment in the production of meat and dairy alternatives resulted in three times more greenhouse gas reductions compared with investment in green cement technology, seven times more than green buildings and 11 times more than zero-emission cars, The Guardian reported citing the report. "Widespread adoption of alternative proteins can play a critical role in tackling climate change," Malte Clausen, a partner at BCG told the UK-based newspaper. "We call it the untapped climate opportunity — you're getting more impact from your investment in alternative proteins than in any other sector of the economy." From the Guardian's report:Investments in the plant-based alternatives to meat delivered this high impact on emissions because of the big difference between the greenhouse gases emitted when producing conventional meat and dairy products, and when growing plants. Beef, for example, results in six-to-30 times more emissions than tofu. Investment in alternative proteins, also including fermented products and cell-based meat, has jumped from $1bn (£830m) in 2019 to $5bn in 2021, BCG said. Alternatives make up 2% of meat, egg and dairy products sold, but will rise to 11% in 2035 on current growth trends, the report said. This would reduce emissions by an amount almost equivalent to global aviation's output. But BCG said meat alternatives could grow much faster with technological progress resulting in better products, scaled-up production and regulatory changes making marketing and sales easier... "There's been a lot of investments into electric vehicles, wind turbines and solar panels, which is all great and helpful to reduce emissions, but we have not seen comparable investment yet [in alternative proteins], even though it's rising rapidly," he said. "If you really care about impact as an investor, this is an area that you definitely need to understand...." Scientists have concluded that avoiding meat and dairy products is the single biggest way to reduce your environmental impact on the planet and that large cuts in meat consumption in rich nations are essential to ending the climate crisis.Read more of this story at Slashdot.
Elon Musk no longer wants to buy Twitter, which now will "pursue legal action" simply to "enforce" their planned merger agreement, according to the company's chairman. But however that plays out, Twitter is now in a worst-case scenario, one Wall Street analyst argues to NBC News:Dan Ives, a managing director and senior equity research analyst covering the technology sector at Wedbush Securities, said Twitter's stock price stands to suffer significant damage.... "The company has been in pure chaos — people have left in droves, and now competitors are going to seize on the ad dollars. With the employee turnover, it's going to be viewed as damaged goods from another potential buyer...." Ives believes the damage to Twitter's value has only just begun. "When you have a cult figure like Musk — one of, if not the, most followed person in world — calling out Twitter, now it has a ripple effect that's hard to quantify," Ives said. "From advertisers to employees to the political firestorm that could ensue," he said. "For Twitter, it's not about the court battle and the legal ramifications, and how that plays out, that will be debated by lawyers. But it's a public company that needs to be run, and now it's hanging in the wind."Read more of this story at Slashdot.
"Mexico's president submitted a bill Tuesday to end daylight saving time, putting an end to the practice of changing clocks twice a year," reports the Associated Press:Health Secretary Jorge Alcocer said Mexico should return to "God's clock," or standard time, arguing that setting clocks back or forward damages people's health... The change would mean central Mexican time, which covers most of the country, potentially could be permanently two hours behind the east coast of the United States; it is now one hour behind for most of the year. Here's how Reuters summarizes the Mexican government's position. Changing to daylight saving time in 1996 "was unpopular and did not generate many benefits for the country."Read more of this story at Slashdot.
Earlier this week, long-time Slashdot reader ThinkPad760 wrote:How is this not news everywhere? KDDI, Japan's 2nd largest mobile phone provider and carrier to multiple critical government agencies — including the weather service — failed for 86 hours. After failing to inform users and the government about the problems, questions are starting to be asked. Japan's government "will set up an expert panel to compile measures to prevent a recurrence," reports Japan Today, citing Japan's Internal Affairs and Communications Minister.The network failure occurred when a router for voice calls was replaced during regular maintenance, with repair work triggering a concentration of traffic that led the company to reduce user access. During that time, the carrier experienced a cascade of technical problems that further prolonged the connection difficultie 40 million users were affected by the outage, Reuters reports — adding that it's not the first time for something like this:Japan's three big telcos have all had widespread network failures in recent years. NTT Docomo's [29-hour] outage last October affected 12.9 customers, while disruption to SoftBank Corp's network in late 2018 cast a shadow over its bumper public listing.Read more of this story at Slashdot.
"Lawmakers in the European Union voted to include nuclear power and natural gas in the bloc's list of investments deemed sustainable," reports the Wall Street Journal, in a move the EU hopes leads to greater funding for a transition away from coal:Burning natural gas produces about half the carbon dioxide that is generated by coal, and nuclear-power plants don't produce carbon dioxide when they are operating. But environmentalists, lawmakers and some investors have argued the plan risks diluting investments in other projects such as renewable energy. More U.S. political leaders are also warming to nuclear power, reports the New York Times, "driven by the difficulty of meeting clean energy goals and by surging electricity demands."The Biden administration has established a $6 billion fund to help troubled nuclear plant operators keep their reactors running and make them more economically competitive against cheaper resources like solar and wind power.... In addition to the $6 billion fund, the administration is providing $2.5 billion for two projects meant to demonstrate new nuclear technology, in Washington State and Wyoming. A separate bipartisan measure introduced last year is aimed at preserving and expanding nuclear energy in the United States. The bill, whose backers include Senators Shelley Moore Capito, Republican of West Virginia, and Cory Booker, Democrat of New Jersey, would provide financial assistance like tax credits, according to the Tax Foundation, a nonprofit tax policy organization.... The rising costs of other sources of power have made nuclear energy more competitive around the world, including in the United States, which has the largest fleet of nuclear plants of any country. They produce about 20 percent of the nation's electricity and 50 percent of the clean energy. The United States maintains 92 reactors, though a dozen have closed over the last decade — including, a month ago, the Palisades Nuclear Generating Station in Michigan, about 55 miles southwest of Grand Rapids.... Industry leaders recognize that the age of new large-scale nuclear plants in the United States has passed, chiefly because of runaway costs... But many in the industry say smaller reactors that can be expanded over time offer promise of avoiding long delays and high cost. These reactors, they say, can be built in factories and delivered to approved sites. And the reactors' high-temperature steam could also yield significant amounts of hydrogen, a carbon-free alternative fuel to natural gas. The project locations can plan for as many as a dozen units but start with just one. But a plant with 12 units would produce half the electricity or even a little less than many other large nuclear facilities. None of the smaller reactors have been certified by the Nuclear Regulatory Commission, which approves licenses and operations of the nation's nuclear power plants. But NuScale Power, a company that designs and markets small reactors in Oregon, expects to receive certification of its design by the end of the summer. A developer then would need approval for a license to build and operate the unit. Thomas Mundy, chief commercial officer for NuScale Power, said his company's product could be built and put into use in about three years, a fraction of the time it takes to build larger reactor units. And the cost, Mr. Mundy said, is competitive with new natural gas facilities at a levelized cost — the electricity price needed to break even at the end of the plant's life — of $45 to $65 a megawatt-hour.Read more of this story at Slashdot.
From the world of proprietary software comes this report by Popular Science. "Despite the increasing number of more economical options (read also: free) on the market, many people still prefer Microsoft Office over the alternatives available..." "The only setback? A license can be expensive, especially if you're the one shouldering the fees instead of your company. If you wish to have access to the suite for personal use, you either have to pay recurring fees for a subscription or cough up hundreds in one go for an annual license." Sounds pretty rough. But through Thursday they're at least getting a temporary price drop:If none of these options appeal to you, maybe this Microsoft Office Home and Business: Lifetime License deal can. For our Deals Day sale, you can grab it on sale for only $39.99 — no coupon needed. This bundle is designed for families, students, and small businesses who want unlimited access to MS Office apps and email without breaking the bank. The license package includes programs you already likely use on the regular, including Word, Excel, PowerPoint, Outlook, Teams, and OneNote. Upon purchase, you get access to your software license keys and download links instantly. You also get free updates for life across all programs, along with free customer service that offers the best support in case any of the apps run into trouble. The best part? You only have to pay once and you're set for life. The Microsoft Office Home and Business: Lifetime License normally goes for $349, but from today until July 14, you can get it for only $39.99 thanks to the special Deals Day event. Click here for Mac and here for Windows.Read more of this story at Slashdot.
It's the world's largest particle accelerator — and after a three-year pause for upgrades, CERN's Large Hadron Collider now detects more data, runs at higher speeds, and performs at its highest energy level ever — a whopping 13.6 trillion electron volts. Will that prove the existence of dark matter? The Washington Post reports:Though scientists largely believe dark matter is real, none have been able to see or create it. Data collection and power upgrades made to the particle smasher could provide researchers one of their best chances to visualize and understand the substance.... Inside the collider, superconducting magnets are chilled to roughly minues-456 degrees Fahrenheit — colder than space — while two particle beams traveling close to the speed of light are made to collide. Using advanced sensors and monitors, scientists analyze the substances created by those collisions, which replicate conditions similar to the Big Bang. It allows them to learn about the earliest moments of the universe... During the Large Hadron Collider's four-year experiment, scientists are hoping to find evidence of dark matter. As they fire up the machine, protons will spin at nearly the speed of light. The hope, researchers said, is that when they collide, it creates new particles resembling the properties of dark matter.... "High-energy colliders remain the most powerful microscope at our disposal to explore nature at the smallest scales and to discover the fundamental laws that govern the universe," said Gian Giudice, head of CERN's theory department.... If CERN scientists do not discover dark matter in the next four years, they have more upgrades in the works. The upgrades are likely to take three years after the current run stops, leaving the fourth round of data collection and experiments to start in 2029. As planned, the trial could capture 10 times more data than previous experiments, according to CERN's website.Read more of this story at Slashdot.
"I need your help," reads an email that Jimmy Wales just sent to financial supporters of his ad-free social network, WikiTribune Social (which currently has 494,296 members):All the problems in the world that I've set out to try to solve with WikiTribune Social are as bad as ever... WikiTribune has a different model. A strange model, to be sure, but it's one that I believe in. We don't want our platform to grow by focussing on having as many pageviews as possible by maximizing addiction and outrage. We want to build something that people like you care enough about to support voluntarily, financially. It's a "pay if you want" model. I've joked many times — it may not be a great business model to give things away and hope people will voluntarily support them — but this is how I've built my career so far! We are severely short on funds There's no simple way to avoid saying it. I've chosen not to raise venture capital money because I want to maintain full creative control to build the vision that I have in mind. Over the past two years, I've been personally the major funder of the project — but it's straining my personal resources. Over the past several months, we've gone back to the codebase and completely re-architected it from scratch pulling from everything that we've learned so far. We've got a great small community and the new software will have new ways to support and reward people for making quality posts (instead of how all other social networks reward people for making viral addictive fluff). Finishing this redesign will have a huge impact. I'm excited about it! But to finish, I need your support. I have to pay for the development work to finish the new version of the site, and I need to do some PR and marketing to get the word out. I need to really start pushing this forward as a relaunch. If each of you can afford to give even a little, I think we have a real shot at making something revolutionary and new. We won't know unless we keep trying. This is our chance to break the back of toxic social media by offering a better alternative... so please donate today. Jimmy WalesRead more of this story at Slashdot.
On June 2nd California approved General Motors' Cruise robotaxi service. The Drive describes an accident that happened the next day:The autonomous car made an unprotected left turn and was hit by a Toyota Prius on June 3, though the accident wasn't reported until Wednesday. When reached for comment by The Drive, the San Francisco Police Department explained that the Cruise vehicle had three passengers, all in the backseat, while the Prius had two occupants in total.... According to the incident report Cruise filed with the California DMV, the Cruise taxi was making a green light left turn from Geary Boulevard onto Spruce Street in downtown San Francisco. It began the turn and stopped in the middle of the intersection, presumably noticing the Toyota headed for it. The Prius then hit the right rear of the Chevy Bolt. Cruise explained that afterward, "occupants of both vehicles received medical treatment for allegedly minor injuries." GM's incident report points out the Prius was speeding at the time of the accident, and was in the right turn lane before heading straight and hitting the Bolt. SFPD told The Drive that "no arrest or citation was issued at the time of the initial investigation," which is still ongoing. The National Highway Traffic Safety Administration has opened up a special crash investigation into the accident, but there are no public results yet. Wired reports:In response to that crash, Cruise temporarily reprogrammed its vehicles to make fewer unprotected left turns, according to internal messages seen by WIRED. At an internal meeting Jeff Bleich, Cruise's chief legal officer, said the company was investigating the incident, according to a recording reviewed by WIRED. He also warned employees not working on that investigation to try and tune out crashes or related news reports, saying they were unavoidable and would increase in frequency as the company scaled up its operations. "We just have to understand that at some point this is now going to be a part of the work that we do, and that means staying focused on the work ahead," he said. Wikipedia's entry for Cruise notes a few other incidents:In April 2022, the San Francisco Police Department stopped an empty (operating without any human safety attendants) Cruise AV for driving at night without its headlights on.... Also in April 2022, an empty Cruise AV blocked the path of a San Francisco Fire Department truck responding to a fire. But Wired also reports on a more troubling incident that happened "around midnight" on June 28th: Internal messages seen by WIRED show that nearly 60 vehicles were disabled across the city over a 90-minute period after they lost touch with a Cruise server. As many as 20 cars, some of them halted in crosswalks, created a jam in the city's downtown in an incident first reported by the San Francisco Examiner and detailed in photos posted to Reddit.... The June 28 outage wasn't Cruise's first. On the evening of May 18, the company lost touch with its entire fleet for 20 minutes as its cars sat stopped in the street, according to internal documentation viewed by WIRED. Company staff were unable to see where the vehicles were located or communicate with riders inside. Worst of all, the company was unable to access its system which allows remote operators to safely steer stopped vehicles to the side of the road. A letter sent anonymously by a Cruise employee to the California Public Utilities Commission that month, which was reviewed by WIRED, alleged that the company loses contact with its driverless vehicles "with regularity," blocking traffic and potentially hindering emergency vehicles. The vehicles can sometimes only be recovered by tow truck, the letter said. Images and video posted on social media in May and June show Cruise vehicles stopped in San Francisco traffic lanes seemingly inexplicably, as the city's pedestrians and motorists navigate around them.Read more of this story at Slashdot.
"It's Friday night and I'm meant to be on my first vacation in a year," tweeted a senior writer at Wired. "But instead I've been bargaining with Wired management all day — and will tonight and into the weekend to get a fair deal." 65 editorial workers at Wired are threatening to strike for two days if they can't reach a contract agreement with their publisher, Condé Nast, by July 12. "The employees argue they aren't being paid equitably despite the fact that their work helps drive some of the company's most lucrative traffic days," reports Axios:High-profile writers are joining the union's push, arguing Wired workers should be treated equally to those at other Condé Nast-owned publications, especially when it comes to rights over their work. "While Condé Nast owns our work, it's fair practice to allow writers and creators to share in the bounty when the work they produce is resold to others — and the company has agreed to that principle by giving full-time New Yorker writers a piece of the action when their work is reprinted by others, or sold to filmmakers," Steven Levy, editor at large at Wired and a contributor there since the magazine's 1993 launch, said in a statement provided to Axios by the union. "We've been asking for exactly the same terms that the New Yorker writers got in their contract, but Condé Nast won't even discuss this with us." "It's insulting to imply that Wired creators are less deserving than other Condé employees," he said. "And it's not like our work isn't valued outside the company — a Wired story was the basis of a best-picture-of-the-year Oscar...!" The first union to come out of Condé Nast was on behalf of employees at The New Yorker in June 2018. Ars Technica and Pitchfork launched their own unions the following year. Wired voted to unionize in April 2020.... Earlier this year, Condé Nast employees from publications that hadn't yet unionized, including Vogue, Bon Appétit and others, formed a union representing around 500 editorial workers. The article also notes successful negotiations at tech sites BuzzFeed News and Vox Media — and shares one more strategic detail: The Wired workers threatening to walk are asking their supporters to sign an online petition pledging "no contracts, no clicks." (That is, if the workers fail to reach a deal by Tuesday July 12th, "do not click on any WIRED links or shop through WIRED on July 12th and July 13th. Do not cross the picket line.") But if they do reach a deal by Tuesday, "please continue to click. Support union publications!"Read more of this story at Slashdot.
Microsoft has "delayed enforcement" of what could be a controversial policy change, according to the Software Freedom Conservancy:A few weeks ago, Microsoft quietly updated its Microsoft [app] Store Policies, adding new policies (which go into effect next week), that include this text: all pricing ... must ... [n]ot attempt to profit from open-source or other software that is otherwise generally available for free [meaning, in price, not freedom]. Wednesday, a number of Microsoft Store users discovered this and started asking questions. Quickly, those of us (including our own organization) that provide Free and Open Source Software (FOSS) via the Microsoft Store started asking our own questions too.... Since all (legitimate) FOSS is already available (at least in source code form) somewhere "for free" (as in "free beer"), this term (when enacted) will apply to all FOSS... Sadly, these days, companies like Microsoft have set up these app stores as gatekeepers of the software industry. The primary way that commercial software distributors reach their customers (or non-profit software distributors reach their donors) is via app stores. Microsoft has closed its iron grasp on the distribution chain of software (again) — to squeeze FOSS from the marketplace. If successful, even app store users will come to believe that the only legitimate FOSS is non-commercial FOSS. This is first and foremost an affront to all efforts to make a living writing open source software. This is not a merely hypothetical consideration. Already many developers support their FOSS development (legitimately so, at least under the FOSS licenses themselves) through app store deployments that Microsoft recently forbid in their Store.... Microsoft counter-argues that this is about curating content for customers and/or limiting FOSS selling to the (mythical) "One True Developer". But, even a redrafted policy (that Giorgio Sardo [General Manager of Apps at Microsoft] hinted at publicly early Thursday) will mandate only toxic business models for FOSS (such as demo-ware, less-featureful versions available as FOSS, while the full-featured proprietary version is available for a charge). The Conservancy argues that FOSS "was designed specifically to allow both the original developers and downstream redistributors to profit fairly from the act of convenient redistribution (such as on app stores)." But it also speculates about the sincerity of Microsoft's intentions. "We're cognizant that Microsoft probably planned all this, anyway — including the community outrage followed by their usual political theater of feigned magnanimity." The Conservancy's post Thursday received an update Friday about Microsoft's coming policy update:After we and others pointed out this problem, a Microsoft employee claimed via Twitter that they would "delay enforcement" of their new anti-FOSS regulation [giving as their reason that "it could be perceived differently than intended."] We do hope Microsoft will ultimately rectify the matter, and look forward to the change they intend to enact later. Twitter is a reasonable place to promote such a change once it's made, but an indication of non-enforcement by one executive on their personal account is a suboptimal approach. This is a precarious situation for FOSS projects who currently raise funds on the Microsoft Store; they deserve a definitive answer. Given the tight timetable (just five days!) until the problematic policy actually does go into effect, we call on Microsoft to officially publish a corrected policy now that addresses this point and move the roll-out date at least two months into the future. (We suggest September 16, 2022.) This will allow FOSS projects to digest the new policy with a reasonable amount of time, and give Microsoft time to receive feedback from the impacted projects and FOSS experts.Read more of this story at Slashdot.
An anonymous reader quotes a report from Axios: The Federal Communications Commission on Thursday told carriers to stop delivering those annoying auto warranty robocalls and said it has launched a formal investigation. The scam has resulted in more than 8 billion unwanted and possibly illegal phone calls. It has been the top consumer robocall complaint for the past two years. The FCC said it is working with a number of other agencies, including the Ohio attorney general, which is suing Roy Cox, Jr., Aaron Michael Jones, their Sumco Panama companies and other international associates said to be a part of the scam. The agency's enforcement bureau said it sent cease-and-desist letters to Call Pipe, Fugle Telecom, Geist Telecom, Global Lynks, Mobi Telecom, South Dakota Telecom, SipKonnect and Virtual Telecom to warn them to stop carrying this suspicious robocall traffic within 48 hours. The FCC said that its inquiry shows that the operation is still generating millions of apparently unlawful calls to consumers on a daily basis.Read more of this story at Slashdot.
Howard Altman writes via The Drive: In an effort to protect those with information about unidentified aerial phenomena (UAP) and increase the influx of reports about them, Rep. Mike Gallagher (R-Wisc) has introduced (PDF) an amendment to the Fiscal Year 2023 National Defense Authorization Act. "The amendment would establish a process within the government for reporting UAPs and provide whistleblower-like protections," Gallagher's spokesman Jordan Dunn told The War Zone Thursday morning. For a multitude of reasons, U.S. troops and government contractors have traditionally been reluctant to come forward with information about these incidents, regardless of their validity. Beyond that, there have also been long-standing allegations that the government and defense contractors could be hiding previous UFO-related programs and evidence. This would allow those with information to come forward without retribution. Some have even posited that language like that in Gallagher's amendment could lead to "UFO disclosure." In essence, it says that regardless of any previous written or oral non-disclosure agreements "that could be interpreted as a legal constraint on reporting by a witness of an unidentified aerial phenomena," those with information about UAPs, more commonly known as UFOs, would not be violating federal classified information laws if they come forward. The amendment also calls for the head of the new Airborne Object Identification and Management Synchronization Group (AOIMSG), tasked with investigating UAPs on behalf of the Defense Secretary and Director of National Intelligence, to establish "a secure system" for receiving reports of "any events relating to" UAPs and any government or government contractor activity or program related to UAPs. The reporting system shall be administered by "designated and widely known, easily accessible, and appropriately cleared Department of Defense and intelligence community employees or contractors" as part of AOIMSG, which is a much enhanced and more deeply mandated effort that replaced the Unidentified Aerial Phenomena Task Force. Any information would first be screened "to prevent unauthorized public reporting or compromise of properly classified military and intelligence systems, programs, and related activity, including all categories and levels of special access and compartmented access programs, current, historical, and future." However, federal agencies and contractors working with the government would be precluded from taking actions, including suspending security clearances, for those who report UAP incidents and information. And those who are retaliated against "may bring a private civil action for all appropriate remedies, including injunctive relief and compensatory and punitive damages, against the Government or other employer who took the personnel action, in the United States Court of Federal Claims," the amendment states.Read more of this story at Slashdot.
In October 2020, the agency's OSIRIS-REx spacecraft nearly sank into the surface of the rubbly asteroid while picking up rocks for shipment to Earth in 2023, team members revealed Thursday (July 7). The spacecraft only escaped getting stuck or sinking into oblivion within Bennu by firing its thrusters at the right moment. Space.com reports: "We expected the surface to be pretty rigid," principal investigator Dante Lauretta, a planetary scientist at the University of Arizona, told Space.com. "We saw a giant wall of debris flying away from the sample site. For spacecraft operators, it was really frightening." Now that the spacecraft (more formally known as Origins, Spectral Interpretation, Resource Identification, Security-Regolith Explorer) is safely on its way back to our planet to deliver its precious cargo, scientists are digging into the science implications of the dramatic moment. "It turns out that the particles making up Bennu's exterior are so loosely packed and lightly bound to each other that they act more like a fluid than a solid," Lauretta said in a University of Arizona statement. That structure is why the OSIRIS-REx sampling probe had such a close call, he and his colleagues determined. The loose surface, made up of particles jostling against each other like plastic balls in a children's play area, has implications for how asteroids were formed and also for planetary defense techniques to protect against potential rogue space rocks coming near our planet, NASA added in a second statement.Read more of this story at Slashdot.
An anonymous reader quotes a report from Ars Technica: An Ohio man created a fake broadband provider in order to scam low-income consumers who thought they were getting government-funded discounts on Internet service and devices, according to the Federal Communications Commission. In a Notice of Apparent Liability for Forfeiture released Friday, the FCC proposed a fine of $220,210 against alleged scammer Kyle Traxler. Traxler created an entity called Cleo Communications that sought authorization to be a provider in the FCC's Emergency Broadband Benefit (EBB) program, which provided $50 monthly discounts on Internet service and discounts for devices. "Cleo apparently existed for the sole purpose of taking financial advantage of customers under the disguise of being a legitimate EBB Program provider," the FCC notice said. "Cleo Communications has had no business activity outside of the EBB Program and no other business purpose." The FCC began investigating after receiving complaints from consumers in at least eight states who ordered devices and/or "hotspot service." In some cases, consumers said that Cleo threatened to sue them after they asked for refunds for items and service they didn't receive. Cleo's terms of service stated that it never issues refunds and that attempting to get refunds via bank chargebacks is a "breach of contract," according to the FCC. The FCC said it got no response to a subpoena it issued to Traxler and Cleo in December 2021. The now-discontinued EBB program and its replacement, the $30-per-month Affordable Connectivity Program, have provided money directly to participating broadband providers that offer monthly discounts. Some forms of telecom fraud involve the use of fictitious, ineligible, or duplicate customers to obtain payments from FCC programs, but the FCC said Traxler instead scammed consumers directly...Read more of this story at Slashdot.
Tesla plans to begin opening its Supercharger network to other electric vehicles by the end of the year, according to a White House memo that shared the automaker's plans. TechCrunch reports: The U.S. government said in April that it needs to increase its own network of about 1,100 charging stations a hundred-fold to meet coming demand. Tesla's plans call for expanding capacity at its Gigafactory in Buffalo, New York, where more than 1,600 employees produce Supercharging stations and solar panels, the memo said. "Later this year, Tesla will begin production of new Supercharger equipment that will enable non-Tesla EV drivers in North America to use Tesla Superchargers," according to the memo. The expansion -- and exposure to customers of other EVs brands -- could help Tesla capture more revenue and attention as automakers begin launching new EVs over the next couple of years. The memo did not mention how much money Tesla will invest in adding stations to its fast-charging network, but said that the EV maker is ramping up production of "power electronics components that convert alternating current to direct current, charging cabinets, posts and cables."Read more of this story at Slashdot.
A new study published by the IMDEA Networks Institute shows just how common it is for government websites to install third-party cookies in visitors' web browsers. HotHardware reports: The study makes a distinction between third-party (TP) cookies and third-party tracking (TPT) cookies, because not all third-party cookies are "set by domains that are known to be tracking users for data collection purposes." The chart [here] shows the percentage of government websites for each country that install at least one third-party cookie, as well as the percentage of said cookies that are associated with domains that are known to be tracking users. Russia tops out the list with over 90% of its government websites installing third-party cookies in visitors' web browsers. Meanwhile, nearly 60% of US government websites install at least one third-party cookie. Germany sits at the bottom of the list with a little under 30% of government websites serving up third-party cookies. Most of the third-party cookies installed by government websites are known tracking cookies, except in the case of Germany, where under 10% of third-party cookies are associated with domains that are known to track users. The researchers also found that, depending on the country, 20% to 60% of the third party cookies installed by government websites remain in visitors' browsers without expiring for a year or more. That's a long time for a tracker installed without your knowledge or consent to remain active. Beyond specifically tracking cookies, the researchers measured the number of trackers of any kind present on government websites. The Russian gov.ru has the most trackers out of any government website analyzed by the researchers, numbering 31 trackers in total. However, Brazil and Canada aren't far behind, with 25 trackers present on both investexportbrasil.gov.br and nac-cna.ca. The US government website with the most trackers is hhs.gov, which has 13. The researchers point out that both third-party tracking cookies are automatically installed in visitors' web browsers without their consent. However, the researchers guess that web developers and administrators likely include third-party content without intending to add trackers to their websites. A great many websites now rely on third-party resources and include social content that come with trackers built-in.Read more of this story at Slashdot.
An anonymous reader quotes a report from Car and Driver, written by Ezra Dyer: Politicians have to run on some kind of platform, and Ben Moss -- my incoming state House representative here in North Carolina's District 52 -- decided that his animating principle is Being Mad at Electricity. To prove his animosity toward this invisible menace, he's sponsoring House Bill 1049, which would allocate $50,000 to destroy free public car chargers. It contains some other enlightened ideas, but that's the main theme: We've simply got to do something about these free public chargers, even if it costs us $50,000! Those things cost tens of cents per hour, when they're being used. Of course, there's a caveat here. Moss isn't saying that free public Level 2 chargers -- of which there are three in my town, with plans in the works to convert to paid kiosks -- definitely need to get crushed by a monster truck. That rule only comes into play if a town refuses to build free gas and diesel pumps next to the EV chargers. So anyway, warm up El Toro Loco, we're smashin' some car zappers! But what about private businesses? you ask. Don't worry, Moss hasn't forgotten that a business might put a charger on its property as an inducement for EV owners to patronize the establishment. And small business is the heart of the local economy. That's why he's staying out of the way when it comes to private property. Just kidding! Ben Moss cares about the consumers being harmed by these hypothetical free chargers -- namely, any customer who arrived via internal-combustion vehicle, or on foot, or in a sedan chair. Why is someone else gaining some advantage based on a decision they made? That's not how life works. Thus, House Bill 1049 decrees that all customer receipts will have to show what share of the bill went toward the charger out in the lot. That way, anyone who showed up for dinner in an F-150 (not the electric one) can get mad that their jalapeno poppers helped pay for a business expense not directly related to them. It's the same way you demand to know how much Applebee's spends to keep the lights on in its parking lot overnight, when you're not there. Sure, this will be an accounting nightmare, but it'll all be worth it if we can prevent even one person from adding 16 miles of charge to a Nissan Leaf while eating a bloomin' onion -- not that restaurants around here have free chargers, but you can't be too careful. Now, there is a charger at the neighborhood Ford dealership, which is marking up Broncos by $20,000. Coincidence? I think not. "Critics of this bill might point out that increasing the number of electric cars could actually benefit owners of internal-combustion vehicles, thanks to reduced demand for petroleum products," adds Dyer. "Electron heads, as I call them, also like to point out that electricity is generated domestically, so your transportation dollars are staying in the U.S. rather than going to, say, Saudi Arabia."Read more of this story at Slashdot.
EU antitrust regulators are investigating the video licensing policy of the Alliance for Open Media (AOM), whose members include Alphabet Google, Amazon, Apple and Meta , the European Commission said on Thursday. Reuters reports: Founded in 2015, the group aims to create a new standard software for streaming higher-quality 4K video on browsers, devices, apps, and gaming, known as AV1. While the AV1 software is not yet adopted widely, Netflix and YouTube have started using it for some customers, and browsers such as Google Chrome and Firefox have started to support the new format. Intel, Huawei, Mozilla, Samsung and Nvidia are also AOM members, according to its website. In a questionnaire sent to some companies earlier this year and seen by Reuters, the EU watchdog said it was investigating alleged anti-competitive behavior related to the license terms of AV1 by AOM and its members in Europe. "The Commission has information that AOM and its members may be imposing licensing terms (mandatory royalty-free cross licensing) on innovators that were not a part of AOM at the time of the creation of the AV1 technical, but whose patents are deemed essential to (its) technical specifications," the paper said. It said this action may be restricting the innovators' ability to compete with the AV1 technical specification, and also eliminate incentives for them to innovate. The questionnaire also asked about the impact of an AOM patent license clause in which licensees would have their patent licenses terminated immediately if they launched patent lawsuits asserting that implementation infringes their claims. Companies risk fines of up to 10% of their global turnover for breaching EU antitrust rules.Read more of this story at Slashdot.
In the first six months of 2022, Web3 projects have lost more than $2 billion to hacks and exploits -- more than all of 2021 combined. The Verge reports: That's according to research from blockchain auditing and security company CertiK, which on Thursday released its quarterly Web3 security report covering Q2 of this year. The report paints a sobering picture of a cryptocurrency space still plagued by hacks, scams, and phishing schemes while also facing relatively new threats like flash loan attacks. CertiK puts particular focus on this last category of threat, which has been created by the invention of flash loans: a decentralized finance mechanism that lets borrowers access extremely large amounts of cryptocurrency for very short periods of time. If used maliciously, flash loans can be used to manipulate the value of a certain token on exchanges or buy up all of the governance tokens in a project and vote to withdraw all of the funds, as happened to Beanstalk in April. In total, CertiK's report claims that a total of $308 million was lost across 27 flash loan attacks in Q2 2022 -- an enormous increase compared to just $14 million lost to flash loans in Q1. Phishing attacks also increased in frequency between Q1 and Q2 of this year, with CertiK recording 290 in the most recent quarter compared with 106 in the first three months of the year. Discord was the vector for the vast majority of phishing attempts, a signal of its continuing popularity as the social network of choice for the cryptocurrency and NFT scene, despite ongoing security concerns. CertiK also found that so-called "rug pulls" -- where the founders of a project halt development and abscond with the funds -- were down 16.5 percent from the previous quarter.Read more of this story at Slashdot.
An anonymous reader quotes a report from Ars Technica: Arizona passed a law making it harder to record police by limiting how close bystanders can be while recording specified law enforcement activity. [...] The new Arizona law requires any bystanders recording police activity in the state to stand at a minimum of 8 feet away from the action. If bystanders move closer after police have warned them to back off, they risk being charged with a misdemeanor and incurring fines of up to $500, jail time of up to 30 days, or probation of up to a year. Sponsored by Republican state representative John Kavanagh, the law known as H.B. 2319 makes it illegal to record police at close range. In a USA Today op-ed, Kavanagh said it is important to leave this buffer for police to protect law enforcement from being assaulted by unruly bystanders. He said "there's no reason" to come closer and predicted tragic outcomes for those who do, saying, "Such an approach is unreasonable, unnecessary, and unsafe, and should be made illegal." This week, Kavanagh has succeeded in making close-range recording illegal in Arizona, with only a few exceptions. Perhaps most critically, the person involved in the police activity -- someone being questioned, arrested, or handled by police -- can record, as long as it doesn't interfere with police actions. The same exception extends to anyone recording while in a vehicle involved in a police stop. Additionally, anyone recording activity from an enclosed structure on private property still has a right to record police within 8 feet -- unless law enforcement "determines that the person is interfering" or "it is not safe" for them to be in the area. That caveat potentially gives police a lot of discretion over who can record and when. Kavanagh said he decided to push for this change in Arizona law after some Tucson officers complained that bystanders sometimes stood a foot or two behind them while recording arrests. The state representative also told USA Today that his decision to set the minimum distance at 8 feet "is based upon 8 feet being established by the US Supreme Court as being a reasonable distance as they applied it to people entering and leaving abortion clinics when faced with protesters." Responding to critics who think citizens should be able to get closer to law enforcement activity, Kavanagh said, "The argument that filming from 8 feet away does not allow for a proper view of the scene is ridiculous." He cited impactful police brutality recordings that were recorded from further distances, including Rodney King (100 feet) and Freddie Gray ("clearly 8 to 10 feet away"). In 2017, a federal appeals court ruled that the First Amendment protects individuals' right to film police officers performing their official duties. The ACLU says this law is a "chilling" use of the "public's most effective tool against police wrongdoing in violation of our First Amendment rights." ACLU staff attorney K.M. Bell added: "By limiting our ability to record police interactions, this law will undoubtedly make it even more difficult to hold police officers accountable for misconduct."Read more of this story at Slashdot.
Elon Musk wants to end his deal to buy Twitter, reports CNBC citing a letter sent by a lawyer on his behalf. From the report: In the letter, disclosed in a Securities and Exchange Commission filing, Skadden Arps attorney Mike Ringler charged that "Twitter has not complied with its contractual obligations." Ringler claimed that Twitter did not provide Musk with relevant business information he requested, as Ringler said the contract would require. Musk has previously said he wanted to assess Twitter's claims that about 5% of its monetizable daily active users (mDAUs) are spam accounts. "Twitter has failed or refused to provide this information," Ringler claimed. "Sometimes Twitter has ignored Mr. Musk's requests, sometimes it has rejected them for reasons that appear to be unjustified, and sometimes it has claimed to comply while giving Mr. Musk incomplete or unusable information." Ringler also charged in the letter that Twitter breached the merger agreement because it allegedly contains "materially inaccurate representations." This accusation is based on Musk's own preliminary review of spam accounts on Twitter's platform. Twitter has said it's not possible to calculate spam accounts from solely public information and that a team of experts conducts a review to reach the 5% figure. "While this analysis remains ongoing, all indications suggest that several of Twitter's public disclosures regarding its mDAUs are either false or materially misleading," Ringer alleged. He also claimed Twitter breached its obligations under the agreement to get Musk's consent before changing its ordinary course of business, pointing to recent layoffs at the company. Twitter shares were down about 5% after hours on Friday. The $44 billion deal was first announced by Twitter on April 25th but was placed "on hold" two weeks later after the social network reported that false or spam accounts comprised less than 5 percent of its 226 million monetizable daily active users, a figure that Musk says the company was not able to prove. "Twitter deal temporarily on hold pending details supporting calculation that spam/fake accounts do indeed represent less than 5% of users," Musk tweeted at the time. However, in a follow-up tweet, he added that he was "still committed to [the] acquisition." Yesterday, Twitter executives told reporters in a briefing that the social network removes more than 1 million spam accounts each day. This raises the question... how many new real accounts does it get each day? UPDATE: Twitter says it's going to sue Musk for trying to back out of the deal. "The Twitter Board is committed to closing the transaction on the price and terms agreed upon with Mr. Musk and plans to pursue legal action to enforce the merger agreement," tweeted Twitter's chairman, Bret Taylor, less than an hour after Musk's legal team said he wanted out of the deal in a filing with the Securities and Exchange Commission. "We are confident we will prevail in the Delaware Court of Chancery."Read more of this story at Slashdot.
A Miami-based CEO has been arrested for allegedly importing $1 billion worth of counterfeit Cisco equipment from China and then selling it on Amazon and eBay. From a report: The Justice Department announced today that it had indicted 38-year-old Onur "Ron" Aksoy for selling the counterfeit Cisco gear via numerous online storefronts. Allegedly, Aksoy imported tens of thousands of fraudulent Cisco devices from China and Hong Kong. He then created at least 19 companies in New Jersey and Florida, dubbed the "Pro Network," to help him resell the hardware as genuine through the e-commerce sites. "The operation allegedly generated over $100 million in revenue, and Aksoy received millions of dollars for his personal gain," the Justice Department said. The Cisco equipment Aksoy allegedly sold was usually older, lower-end models that were previously bought or discarded. Counterfeiters in China then modified the equipment, making the devices appear as if they were newer or more expensive Cisco product models. "As alleged, the Chinese counterfeiters often added pirated Cisco software and unauthorized, low-quality, or unreliable components -- including components to circumvent technological measures added by Cisco to the software to check for software license compliance and to authenticate the hardware," the Justice Department said. In addition, the counterfeit products were packaged with authentic-looking labels, boxes, and documentation.Read more of this story at Slashdot.
Slashdot