Slashdot

Microsoft is preparing to send reminders to Windows 8.1 users that support will end on January 10th 2023. The software giant will start sending notifications to existing Windows 8.1 devices next month, as a first reminder leading up to the January 2023 support cutoff. From a report: The notifications will be similar to ones Microsoft has used in the past to remind Windows 7 users about end of support dates. Microsoft originally sunset Windows 8 support in 2016, but the Windows 8.1 update will cease support fully in January 2023. Microsoft will not be offering an Extended Security Update (ESU) program for Windows 8.1, so businesses won't be able to pay for additional security patches and will have to upgrade or accept the risk of running software without security updates.Read more of this story at Slashdot.

Intel has told lawmakers and officials that it is delaying indefinitely the groundbreaking ceremony for a planned multibillion-dollar chip-manufacturing facility in Ohio, signaling frustration over uncertainty in Congress about legislation that would provide support for the U.S. chip industry. From a report: The ceremony had been tentatively scheduled for July 22. Intel informed the office of Ohio Gov. Mike DeWine and members of Ohio's congressional delegation on Wednesday that it was delaying the groundbreaking "due in part to uncertainty around" the chips-related legislation, known as the Bipartisan Innovation Act, according to an email reviewed by The Wall Street Journal. Intel still plans to build the facility and hasn't pushed back the start of construction, said Intel spokesman Will Moss. Intel, which announced the plant plans in January, said it intended to invest at least $20 billion in the Ohio facility, with construction expected to begin in late 2022 and production to start in 2025. The company said in its announcement that spending on the Ohio project could reach around $100 billion over the next decade, but that the expansion depends in part on progress on the U.S. chips legislation.Read more of this story at Slashdot.

The fourth and most recent attempt at a full launch rehearsal of NASA's Space Launch System went reasonably well, and despite some lingering issues and uncertainties, the agency is sending the rocket back to the hangar for final preparations in advance of its first flight. That inaugural launch will represent Artemis 1, the first mission in NASA's Artemis lunar program. Gizmodo reports: In a press release today, NASA -- to my surprise -- said it is done testing SLS after reviewing data from the recent launch rehearsal. That another full-blown rehearsal would be required seemed likely to me on account of an unresolved hydrogen leak linked to a faulty quick-connect fitting, which subsequently prevented ground teams from practicing the fully scheduled launch countdown on Monday. The goal was to reach T-10 seconds, but the launch controllers decided to quit the rehearsal at T-29 seconds for safety reasons. "NASA plans to return SLS and Orion to the pad for launch in late August," says the release. "NASA will set a specific target launch date after replacing hardware associated with the leak." Despite the hydrogen leak and the incomplete countdown, Monday's wet dress did appear to go well. The ground teams finally managed to fully load SLS with propellants. Upwards of 755,000 gallons of cryogenic liquid oxygen and liquid hydrogen were supplied to the rocket's two stages, which the teams had failed to do during the first three attempts. What's more, all of the issues experienced during the first three wet dress rehearsals appear to have been resolved. The Orion spacecraft, currently sitting atop the rocket, also performed well during the test. Said Tom Whitmeyer, NASA's exploration systems manager, during a media teleconference on Tuesday: "We think that we had a really successful rehearsal," adding that there is "relative risk" is running a fifth wet dress, with the 322-foot-tall (98-meter) rocket standing fully exposed on the launch pad.Read more of this story at Slashdot.

An anonymous reader quotes a report from TechCrunch: The co-founder and CEO of Solana, Anatoly Yakovenko, had a Steve Jobs moment when he stood in front of an auditorium in New York City and announced the launch of Saga, an Android web3-focused smartphone. "This is something that I fundamentally believe the industry needs to do," Yakovenko said. "We didn't see a single crypto feature at the Apple developer conference 13 years after Bitcoin was alive." People will pull out their laptops in the middle of dates so they don't miss an NFT minting opportunity, Yakovenko joked. "So I think it's time for crypto to go mobile," Yakovenko added. Saga aims to implement digital asset products and services, so users can easily transact with their cryptocurrency through the device, opposed to a laptop browser. In addition to the announcement of Saga, Yakovenko shared the launch of the Solana Mobile Stack, or SMS, which is a web3 layer for Solana built on the phone. SMS will consist of a number of products including a seed vault, a custody solution, a mobile wallet adapter, Solana Pay for Android and its decentralized application (dApp) store. It "provides a new set of libraries for wallets and apps, allowing developers to create rich mobile experiences on Solana," a press release said. A number of crypto companies including FTX, Phantom and Magic Eden will partner with SMS and there is also a $10 million developer fund for people who build apps on it. "The builders are coming and they are higher quality than before," Raj Gokal, COO at Solana Labs said. "They're ready for the next leg of user growth." The $1,000 device will have 512 GB of storage with a 6.67-inch OLED display and is available for preorder with a $100 deposit and deliveries will occur in Q1 2023, Yakovenko said.Read more of this story at Slashdot.

An anonymous reader quotes a report from BleepingComputer: The National Security Agency (NSA) and cybersecurity partner agencies issued an advisory today recommending system administrators to use PowerShell to prevent and detect malicious activity on Windows machines. PowerShell is frequently used in cyberattacks, leveraged mostly in the post-exploitation stage, but the security capabilities embedded in Microsoft's automation and configuration tool can also benefit defenders in their forensics efforts, improve incident response, and to automate repetitive tasks. The NSA and cyber security centers in the U.S. (CISA), New Zealand (NZ NCSC), and the U.K. (NCSC-UK) have created a set of recommendations for using PowerShell to mitigate cyber threats instead of removing or disabling it, which would lower defensive capabilities. Reducing the risk of threat actors abusing PowerShell requires leveraging capabilities in the framework such as PowerShell remoting, which does not expose plain-text credentials when executing commands remotely on Windows hosts. Administrators should be aware that enabling this feature on private networks automatically adds a new rule in Windows Firewall that permits all connections. Customizing Windows Firewall to allow connections only from trusted endpoints and networks helps reduce an attacker's chance for successful lateral movement. For remote connections, the agencies advise using the Secure Shell protocol (SSH), supported in PowerShell 7, to add the convenience and security of public-key authentication: - remote connections don't need HTTPS with SSL certificates - no need for Trusted Hosts, as required when remoting over WinRM outside a domain - secure remote management over SSH without a password for all commands and connections - PowerShell remoting between Windows and Linux hosts Another recommendation is to reduce PowerShell operations with the help of AppLocker or Windows Defender Application Control (WDAC) to set the tool to function in Constrained Language Mode (CLM), thus denying operations outside the policies defined by the administrator. Recording PowerShell activity and monitoring the logs are two recommendations that could help administrators find signs of potential abuse. The NSA and its partners propose turning on features like Deep Script Block Logging (DSBL), Module Logging, and Over-the-Shoulder transcription (OTS). The first two enable building a comprehensive database of logs that can be used to look for suspicious or malicious PowerShell activity, including hidden action and the commands and scripts used in the process. With OTS, administrators get records of every PowerShell input or output, which could help determine an attacker's intentions in the environment. The full document, titled "Keeping PowerShell: Security Measures to Use and Embrace" is available here (PDF).Read more of this story at Slashdot.

The Dutch joined Germany and Austria in reverting to coal power on Monday following an energy crisis provoked by Russia's invasion of Ukraine. France 24 reports: The Netherlands said it would lift all restrictions on power stations fired by the fossil fuel, which were previously limited to just over a third of output. Berlin and Vienna made similar announcements on Sunday as Moscow, facing biting sanctions over Ukraine, cuts gas supplies to energy-starved Europe. "The cabinet has decided to immediately withdraw the restriction on production for coal-fired power stations from 2002 to 2024," Dutch climate and energy minister Rob Jetten told journalists in The Hague. The Dutch minister said his country had "prepared this decision with our European colleagues over the past few days." Germany however said it still aimed to close its coal power plants by 2030, in light of the greater emissions of climate-changing CO2 from the fossil fuel. "The 2030 coal exit date is not in doubt at all," economy ministry spokesman Stephan Gabriel Haufe said at a regular news conference. The target was "more important than ever," he added. Austria's government meanwhile announced Sunday that it would reopen a mothballed coal power station because of power shortages arising from reduced deliveries of gas from Russia. The authorities would work with the Verbund group, the country's main electricity supplier, to get the station in the southern city of Mellach back in action, said the Chancellery. The European Commission noted Monday that "some of the existing coal capacities might be used longer than initially expected" because of the new energy landscape in Europe.Read more of this story at Slashdot.

Long-time Slashdot reader Mr_Blank shares a report from Gerona: China has enacted new regulation for the live-streaming industry, listing 31 prohibited conducts and raising the bar for influencers to speak out on specific topics, in the government's latest effort to regulate the booming digital economy. The 18-point guideline, released Wednesday by the National Radio and Television Administration and the Department of Culture and Tourism, requires influencers to have relevant qualifications to cover some subjects, including law, finance, medicine and education discuss, although the authorities have not specified the necessary qualifications. The 31 prohibited conducts during live-streaming sessions include posting content that weakens or distorts the leadership of the Chinese Communist Party, the socialist system, or the country's reform and opening-up. Other prohibited behaviors include using deepfake technologies to manipulate the images of party or state leaders and intentionally 'building up' sensitive issues and attracting public attention. Live streamers are also prohibited from showing an extravagant lifestyle, such as showing luxury products and cash, the policy said. This article originally appeared in the South China Morning Post.Read more of this story at Slashdot.

An anonymous reader quotes a report from Motherboard: Scientists have discovered a bacteria with cells that measure a full centimeter in length, an astonishing size that makes it by far the largest bacterial species ever found and even "challenges our concept of a bacterial cell," reports a new study. Bacteria are an extraordinarily diverse group of organisms that have inhabited Earth for billions of years and have evolved to occupy a dizzying variety of niches. Still, almost all of these microbes are composed of simple cells that measure about two microns in diameter, which is about 40 times smaller than a strand of human hair. Thiomargarita magnifica, a bacteria discovered on sunken red mangrove leaves in Guadeloupe, Lesser Antilles, has blown this standard scale out of the water. The species has evolved filamentary cells that are "larger than all other known giant bacteria by ~50-fold," making them "visible to the naked eye," according to a study published on Thursday in Science. Scientists led by Jean-Marie Volland, a marine biologist who holds joint appointments at the Laboratory for Research in Complex Systems and the Joint Genome Institute (JGI), a U.S. Department of Energy office at Lawrence Berkeley National Laboratory, suspect that this record-breaking adaptation is partly due to the astonishing number of duplicated genes wielded by T. magnifica, an ability that is known as polyploidy. [...] The results revealed that these bacteria contain DNA clusters in their cells, which are located in compartments bordered by membranes that the team called "pepins." These organized pepins provide a stark contrast to the free-floating DNA seen in the cells of most bacteria. In addition, the team's genetic sequencing revealed that T. magnifica contains hundreds of thousands of genome copies that are dispersed across the cell, adding up to about three times the number of genes in most bacteria, which is an extreme example of polyploidy. "These cellular features likely allow the organism to grow to an unusually large size and circumvent some of the biophysical and bioenergetic limitations on growth," Volland and his colleagues said.Read more of this story at Slashdot.

In a blog post today, OpenAI says they've "trained a neural network to play Minecraft by Video PreTraining (VPT) on a massive unlabeled video dataset of human Minecraft play, while using only a small amount of labeled contractor data." The model can reportedly learn to craft diamond tools, "a task that usually takes proficient humans over 20 minutes (24,000 actions)," they note. From the post: In order to utilize the wealth of unlabeled video data available on the internet, we introduce a novel, yet simple, semi-supervised imitation learning method: Video PreTraining (VPT). We start by gathering a small dataset from contractors where we record not only their video, but also the actions they took, which in our case are keypresses and mouse movements. With this data we train an inverse dynamics model (IDM), which predicts the action being taken at each step in the video. Importantly, the IDM can use past and future information to guess the action at each step. This task is much easier and thus requires far less data than the behavioral cloning task of predicting actions given past video frames only, which requires inferring what the person wants to do and how to accomplish it. We can then use the trained IDM to label a much larger dataset of online videos and learn to act via behavioral cloning. We chose to validate our method in Minecraft because it (1) is one of the most actively played video games in the world and thus has a wealth of freely available video data and (2) is open-ended with a wide variety of things to do, similar to real-world applications such as computer usage. Unlike prior works in Minecraft that use simplified action spaces aimed at easing exploration, our AI uses the much more generally applicable, though also much more difficult, native human interface: 20Hz framerate with the mouse and keyboard. Trained on 70,000 hours of IDM-labeled online video, our behavioral cloning model (the âoeVPT foundation modelâ) accomplishes tasks in Minecraft that are nearly impossible to achieve with reinforcement learning from scratch. It learns to chop down trees to collect logs, craft those logs into planks, and then craft those planks into a crafting table; this sequence takes a human proficient in Minecraft approximately 50 seconds or 1,000 consecutive game actions. Additionally, the model performs other complex skills humans often do in the game, such as swimming, hunting animals for food, and eating that food. It also learned the skill of "pillar jumping," a common behavior in Minecraft of elevating yourself by repeatedly jumping and placing a block underneath yourself. For more information, OpenAI has a paper (PDF) about the project.Read more of this story at Slashdot.

According to the Wall Street Journal, Comcast's NBCUniversal subsidiary and Google are the "top contenders" for Netflix's upcoming ad-supported streaming tier. "After many years of resisting ads, Netflix CEO Reed Hastings announced the plan for an ad-supported tier in April," reports Ars Technica. "Netflix's stock price dropped 35 percent the day of that announcement, and Netflix revenue growth has been slowing amid a loss in subscribers." From the report: A deal with NBCUniversal would likely mean that "Comcast's video ad unit, FreeWheel, would supply technology to help serve up ads, while NBCUniversal's ad-sales team would help sell ads in the US and Europe," the report said. The Alphabet-owned Google, of course, has plenty of experience serving ads, including on its own YouTube and YouTube TV video platforms. Netflix already uses Google's ad-buying tools. A deal with either NBCUniversal or Google would likely be exclusive, the WSJ report said. Comcast/NBCUniversal and Google aren't the only contenders, as "Roku has also had early talks with Netflix about ad partnerships," the report said. The Information reported last week that Netflix executives recently "met with representatives of both Roku and Comcast to discuss arrangements under which those companies would handle either the ad sales or the technical infrastructure for Netflix's forthcoming ad-supported tier of service." Netflix "is looking to start doing some pre-roll ads, which run before a show starts, in the fourth quarter," The Information report said. Netflix is also negotiating with entertainment companies to put ads into shows that Netflix doesn't create itself. Licensing TV shows and movies for both ad-free and ad-supported streaming will cost Netflix about 20 percent more than for ad-free streaming alone, The Information report said. Variety has confirmed the streamer is "letting go of roughly 300 staffers [...] across multiple business functions in the company, with the bulk of the jobs lost in the U.S." Netflix also laid off 150 employees, and dozens of contractors and part-time workers in May. "Today we sadly let go of around 300 employees," a Netflix spokesperson told Variety. "While we continue to invest significantly in the business, we made these adjustments so that our costs are growing in line with our slower revenue growth. We are so grateful for everything they have done for Netflix and are working hard to support them through this difficult transition."Read more of this story at Slashdot.

An anonymous reader quotes a report from TechCrunch: Another strike against use of Google Analytics in Europe: The Italian data protection authority has found a local web publisher's use of the popular analytics tool to be non-compliant with EU data protection rules owing to user data being transferred to the U.S. -- a country that lacks an equivalent legal framework to protect the info from being accessed by US spooks. The Garante found the web publisher's use of Google Analytics resulted in the collection of many types of user data, including device IP address, browser information, OS, screen resolution, language selection, plus the date and time of the site visit, which were transferred to the U.S. without adequate supplementary measures being applied to raise the level of protection to the necessary EU legal standard. Protections applied by Google were not sufficient to address the risk, it added, echoing the conclusion of several other EU DPAs who have also found use of Google Analytics violates the bloc's data protection rules over the data export issue. Italy's DPA has given the publisher in question (a company called Caffeina Media Srl) 90 days to fix the compliance violation. But the decision has wider significance as it has also warned other local websites that are using Google Analytics to take note and check their own compliance, writing in a press release [translated from Italian with machine translation]: "[T]he Authority draws the attention of all Italian managers of websites, public and private, to the illegality of transfers made to the United States through GA [Google Analytics], also in consideration of the numerous reports and questions that are being received by the Office, and invites all data controllers to verify the compliance of the methods of use of cookies and other tracking tools used on its websites, with particular attention to Google Analytics and other similar services, with the legislation on the protection of personal data." A Google spokesperson issued the following statement: "People want the websites they visit to be well designed, easy to use, and respectful of their privacy. Google Analytics helps publishers understand how well their sites and apps are working for their visitors -- but not by identifying individuals or tracking them across the web. These organizations, not Google, control what data is collected with these tools, and how it is used. Google helps by providing a range of safeguards, controls and resources for compliance." Google is reviewing the Italian DPA's decision, according to the spokesperson.Read more of this story at Slashdot.

The White House and 11 governors from East Coast states forged a new partnership on Thursday to build up domestic supply chains for offshore wind farms and related infrastructure. From a report: The new Federal-State Offshore Wind Implementation Partnership includes governors from Connecticut, Delaware, Maine, Maryland, Massachusetts, New Hampshire, New Jersey, New York, North Carolina, Pennsylvania, and Rhode Island. As part of the announcement, the Biden administration committed to the facilitation of "timely and effective permitting and environmental reviews" for offshore wind projects and lease sales. In the past, permitting has been a significant bottleneck for advancing offshore wind projects. Crucially, President Joe Biden also moved to ease another major bottleneck: securing the specialized ships needed to erect turbines as tall as skyscrapers in the open ocean. Projects compete for time with the few installation vessels available worldwide, which number just over 30. The US faces additional restrictions because of the Jones Act, which stipulates that ships moving between two points in the US need to be built, owned, crewed, and registered in the US.Read more of this story at Slashdot.

Physical futures crypto exchange CoinFLEX is pausing withdrawals citing "extreme market conditions" along with uncertainty around a certain counterparty, its CEO Mark Lamb said in a blog post Thursday. CoinDesk reports: Lamb said the counterparty is not Three Arrows Capital or "any lending firm." CoinFLEX expects to resume withdrawals "in a better position as soon as possible." Additionally, FLEX Coin trading is being halted for perpetual swaps and spot trading in the short term.Read more of this story at Slashdot.

Scientists have designed a tiny robot-fish that is programmed to remove microplastics from seas and oceans by swimming around and adsorbing them on its soft, flexible, self-healing body. From a report: Microplastics are the billions of tiny plastic particles which fragment from the bigger plastic things used every day such as water bottles, car tyres and synthetic T-shirts. They are one of the 21st century's biggest environmental problems because once they are dispersed into the environment through the breakdown of larger plastics they are very hard to get rid of, making their way into drinking water, produce, and food, harming the environment and animal and human health. "It is of great significance to develop a robot to accurately collect and sample detrimental microplastic pollutants from the aquatic environment," said Yuyan Wang, a researcher at the Polymer Research Institute of Sichuan University and one of the lead authors on the study. Her team's novel invention is described in a research paper in the journal Nano Letters. "To the best of our knowledge, this is the first example of such soft robots." Researchers at Sichuan University have revealed an innovative solution to track down these pollutants when it comes to water contamination: designing a tiny self-propelled robo-fish that can swim around, latch on to free-floating microplastics, and fix itself if it gets cut or damaged while on its expedition.Read more of this story at Slashdot.

The group responsible for developing and updating the PCI Express standard, the PCI-SIG, aims to update that standard roughly every three years. From a report: Version 6.0 was released earlier this year, and the group has announced that PCIe version 7.0 is currently on track to be finalized sometime in 2025. Like all new PCI Express versions, its goal is to double the available bandwidth of its predecessor, which in PCIe 7.0's case means that a single PCIe 7.0 lane will be able to transmit at speeds of up to 32GB per second. That's a doubling of the 16GB per second promised by PCIe 6.0, but it's even more striking when compared to PCIe 4.0, the version of the standard used in high-end GPUs and SSDs today. A single PCIe 4.0 lane provides bandwidth of about 4GB per second, and you need eight of those lanes to offer the same speeds as a single PCIe 7.0 lane. Increasing speeds opens the door to ever-faster GPUs and storage devices, but bandwidth gains this large would also make it possible to do the same amount of work with fewer PCIe lanes. Today's SSDs normally use four lanes of PCIe bandwidth, and GPUs normally use 16 lanes. You could use the same number of lanes to support more SSDs and GPUs while still providing big increases in bandwidth compared to today's accessories, something that could be especially useful in servers.Read more of this story at Slashdot.

Intel is seeking to be paid interest of $624 million on the overturned $1.1 billion fine it received from the European Commission back in 2009. From a report: The antitrust ruling was overturned at the beginning of the year, and so Intel has gone to EU General Court seeking compensation and interest on the fine. In fact, Intel is claiming back almost half of that original fine, based on the European Central Bank's refinancing rates. In case you need a reminder on all of this: Intel allegedly took part in anti-competitive practices that saw it offer conditional rebates to key OEMs such as Dell, HP, and Lenovo, making it difficult for competitors (read AMD, or ARM if you prefer, but really AMD) to compete with their own CPUs. The European Commission concluded in 2009 that Intel had indeed behaved in such a way between October 2002 and December 2007 and hit it with one of the largest ever fines at the time at a cool $1.1 billion. Intel appealed the decision unsuccessfully in 2012, but in 2014 it brought the case to the European Court of Justice, which sent it back to the General Court in 2017. The case has been going back and fourth ever since.Read more of this story at Slashdot.

At its re:Mars conference, Amazon today announced the launch of CodeWhisperer, an AI pair programming tool similar to GitHub's Copilot that can autocomplete entire functions based on only a comment or a few keystrokes. From a report: The company trained the system, which currently supports Java, JavaScript and Python, on billions of lines of publicly available open-source code and its own codebase, as well as publicly available documentation and code on public forums. It's now available in preview as part of the AWS IDE Toolkit, which means developers can immediately use it right inside their preferred IDEs, including Visual Studio Code, IntelliJ IDEA, PyCharm, WebStorm and Amazon's own AWS Cloud 9. Support for the AWS Lambda Console is also coming soon. Ahead of today's announcement, Vasi Philomin, Amazon's VP in charge of its AI services, stressed that the company didn't simply create this in order to offer a copy of Copilot. He noted that with CodeGuru, its AI code reviewer and performance profiler, and DevOps Guru, its tool for finding operation issues, the company laid the groundwork for today's launch quite a few years ago.Read more of this story at Slashdot.

Google is still useful for many, but the harder question is why its results feel more sterile than they did five years ago. From a report: SEO expert Marie Haynes's theory is that this is the result of Google trying to crack down on misinformation and low-quality content -- especially around consequential search topics. In 2017, the company started talking publicly about a Search initiative called EAT, which stands for "expertise, authoritativeness, and trustworthiness." The company has rolled out numerous quality rater guidelines, which help judge content to determine authenticity. One such effort, titled Your Money or Your Life, applies rigorous standards to any pages that show up when users search for medical or financial information. "Take crypto," Haynes explained. "It's an area with a lot of fraud, so unless a site has a big presence around the web and Google gets the sense they're known for expertise on that topic, it'll be difficult to get them to rank." What this means, though, is that Google's results on any topic deemed sensitive enough will likely be from established sources. Medical queries are far more likely to return WebMD or Mayo Clinic pages, instead of personal testimonials. This, Haynes said, is especially challenging for people looking for homeopathic or alternative-medicine remedies. There's a strange irony to all of this. For years, researchers, technologists, politicians, and journalists have agonized and cautioned against the wildness of the internet and its penchant for amplifying conspiracy theories, divisive subject matter, and flat-out false information. Many people, myself included, have argued for platforms to surface quality, authoritative information above all else, even at the expense of profit. And it's possible that Google has, in some sense, listened (albeit after far too much inaction) and, maybe, partly succeeded in showing higher-quality results in a number of contentious categories. But instead of ushering in an era of perfect information, the changes might be behind the complainers' sense that Google Search has stopped delivering interesting results.Read more of this story at Slashdot.

Broadcom's $69bn acquisition of cloud software company VMware is set for a lengthy antitrust investigation in Brussels over regulatory concerns that the deal will harm competition across the global technology industry. From a report: Broadcom is already in preliminary discussions with EU officials who will be looking into worries that the merger may lead to abusive behaviour, including potential future price rises by the US chipmaker, three people with direct knowledge of the transaction said. Many large acquisitions receive similar interrogation, known in EU circles as a "phase 1" investigation, which typically takes a few months to complete. But those close to the situation suggest that EU authorities plan to push forward with a more detailed "phase 2" investigation, which could take well over a year and may ultimately derail the deal altogether. Nvidia eventually walked away from a proposed $66bn purchase of chip designer Arm after being subject to a lengthy EU antitrust probe.Read more of this story at Slashdot.

Security researchers at Lookout recently tied a previously unattributed Android mobile spyware, dubbed Hermit, to Italian software house RCS Lab. Now, Google threat researchers have confirmed much of Lookout's findings, and are notifying Android users whose devices were compromised by the spyware. From a report: Hermit is a commercial spyware known to be used by governments, with victims in Kazakhstan and Italy, according to Lookout and Google. Lookout says it's also seen the spyware deployed in northern Syria. The spyware uses various modules, which it downloads from its command and control servers as they are needed, to collect call logs, record ambient audio, redirect phone calls and collect photos, messages, emails, and the device's precise location from a victim's device. Lookout said in its analysis that Hermit, which works on all Android versions, also tries to root an infected Android device, granting the spyware even deeper access to the victim's data. Lookout said that targeted victims are sent a malicious link by text message and tricked into downloading and installing the malicious app -- which masquerades as a legitimate branded telco or messaging app -- from outside of the app store.Read more of this story at Slashdot.

A security researcher found vulnerabilities in Jacuzzi's SmartTub interface that allowed access to the personal data of every hot tub owner. From a report: Jacuzzi's SmartTub feature, like most Internet of Things (IoT) systems, lets users connect to their hot tub remotely via a companion Android or iPhone app. Marketed as a "personal hot tub assistant," users can make use of the app to control water temperature, switch on and off jets, and change the lights. But as documented by hacker Eaton Zveare, this functionality could also be abused by threat actors to access the personal information of hot tub owners worldwide, including their names and email addresses. It's unclear how many users are potentially impacted, but the SmartTub app has been downloaded more than 10,000 times on Google Play. "The main concern is their name and email being leaked," Zveare told TechCrunch, adding that attackers could also potentially heat up someone else's hot tub or change the filtration cycles. "That would make things unpleasant the next time the person checked their tub," he said. "But I don't think there is anything truly dangerous that could have been done -- you have to do all chemicals by hand." Eaton first noticed a problem when he tried to log in using the SmartTub web interface, which uses third-party identity provider Auth0, and found that the login page returned an "unauthorized" error. But for the briefest moment Zveare saw the full admin panel populated with user data flash on his screen.Read more of this story at Slashdot.

Today, the U.S. Food and Drug Administration issued marketing denial orders (MDOs) to JUUL Labs for all of their products currently marketed in the United States. From a report: As a result, the company must stop selling and distributing these products. In addition, those currently on the U.S. market must be removed, or risk enforcement action. The products include the JUUL device and four types of JUULpods: Virginia tobacco flavored pods at nicotine concentrations of 5.0% and 3.0% and menthol flavored pods at nicotine concentrations of 5.0% and 3.0%. Retailers should contact JUUL with any questions about products in their inventory. "Today's action is further progress on the FDA's commitment to ensuring that all e-cigarette and electronic nicotine delivery system products currently being marketed to consumers meet our public health standards," said FDA Commissioner Robert M. Califf, M.D. "The agency has dedicated significant resources to review products from the companies that account for most of the U.S. market. We recognize these make up a significant part of the available products and many have played a disproportionate role in the rise in youth vaping." Further reading: Biden Administration Targets Removal of Most Nicotine From Cigarettes.Read more of this story at Slashdot.

China is grappling with extreme weather emergencies across the country, with the worst flooding in decades submerging houses and cars in the south and record-high heat waves in the northern and central provinces causing roads to buckle. From a report: Water levels in more than a hundred rivers across the country have surged beyond flood warning levels, according to the People's Daily, the ruling Communist Party's mouthpiece. The authorities in Guangdong Province on Tuesday raised alerts to the highest level after days of rainfall and floods, closing schools, businesses and public transport in affected areas. The flooding has disrupted the lives of almost half a million people in southern China. Footage on state media showed rescue crews on boats paddling across waterlogged roads to relieve trapped residents. In Shaoguan, a manufacturing hub, factories were ordered to halt production, as water levels have reached a 50-year high, state television reported. Guangdong's emergency management department said that the rainfall has affected 479,600 people, ruined nearly 30 hectares of crops and caused the collapse of more than 1,700 houses, with financial losses totaling $261 million, the official Xinhua News Agency reported.Read more of this story at Slashdot.

Speaking this week at the Linux Foundation's Open-Source Summit, Linus Torvalds talked up the possibilities of Rust within the Linux kernel and that it could be landing quite soon -- possibly even for the next kernel cycle. From a report: Linus Torvalds and Dirk Hohndel had their usual Open-Source Summit keynote/chat where Linus commented on Rust programming language code within the kernel. Torvalds commented that real soon they expect to have the Rust infrastructure merged within the kernel, possibly even for the next release -- meaning Linux 5.20. There hasn't yet been any Rust for Linux pull request sent in or merged yet, but things have begun settling down in the initial Rust enablement code for the kernel with the basic infrastructure, a few basic sample drivers, etc. Last month saw the most recent Rust Linux kernel patches posted that got more functionality into shape and additional reviews completed. As noted plenty of times before, this Rust support within the Linux kernel will remain optional when building the kernel depending upon whether you want the support or any of the kernel features to be implemented just in Rust code.Read more of this story at Slashdot.

An anonymous reader quotes a report from Search Engine Land: Twitter is testing a new feature that would eliminate the constraints of its 280-character tweet limit and allow users to publish long-form tweets. Twitter confirmed the test via a tweet. When this will become available to all Twitter users? It's unclear. Twitter noted: "We're excited for the moment when everyone can use Notes, but for now, our focus is on building it right. A large part of that is engaging with writers and building community." For now, Twitter plans to test it over the next two months with a small group of writers from Canada, Ghana, the UK and the U.S. In Twitter Notes, it looks like you will be able to add: - Formatting: Bold, italic and strikethrough text; insert ordered/unordered lists; add links. - Media: You can add one GIF, one video, or up to four images. - Tweets: You can either embed tweets by pasting URLs or from bookmarked tweets. Notes also has a "Focus mode," that makes the article composer full-screen.Read more of this story at Slashdot.

eBay made its biggest move yet into the world of digital collectibles with news today of the company acquiring NFT marketplace KnownOrigin. The online auction company is keeping lips sealed on the deal's value but confirmed in the press release that the deal is closed as of June 21st. The Verge reports: "This partnership will help us attract a new wave of NFT creators and collectors," said KnownOrigin co-founder David Moore. KnownOrigin describes itself as "one the world's first, and largest, NFT Marketplaces," and it currently ranks No. 12 on all-time trading volume for Ethereum-backed NFTs at $7.8 million, according to DappRadar. Higher ranked, more popular marketplaces include OpenSea (No. 1) with an all-time trading value at $30.43 billion and Decentraland (No. 8) at $155.66 million. eBay started allowing NFT sales on its site last year. With the KnownOrigin acquisition, eBay has the opportunity to control a proper digital marketplace where NFT transactions can be both monitored and controlled -- not just offered with the fingers-crossed hope the seller transfers an NFT to the buyer's wallet correctly.Read more of this story at Slashdot.

NASA announced on Tuesday that it's contracting three suppliers to provide concept designs for nuclear fission energy systems designed for use on the moon. TechCrunch reports: The winning bids for this award came from Lockheed Martin, Westinghouse and IX (a joint venture from Intuitive Machines and X-Energy). Each will be working with a few partners to develop their systems, which will be "initial concepts" only for the purposes of satisfying this particular contract, and each will receive roughly $5 million for their work, expected to take around 12 months. NASA is aptly partnering with the Department of Energy (DOE) on this project, and the specs include a 40-kilowatt power generation capability, capable of generating that for at least a decade. That's about what a full charge on a current entry-level Nissan Leaf contains -- but as a fission generator it would obviously provide that continuously. It may not seem like much, but deployed singularly or in groups to support a lunar base, it could solve a lot of the challenges of the kind of prolonged occupancy of the moon that NASA plans to eventually establish through its Artemis program, which seeks to return humans to our largest natural satellite for ongoing science missions. NASA also notes that the work done for this contract could have other future applications for propulsion systems for long-range spacecraft for deep space explorations.Read more of this story at Slashdot.

An anonymous reader quotes a report from the Guardian: More than half the UK backs the idea of rewriting the DNA of human embryos to prevent severe or life-threatening diseases, according to a survey. Commissioned by the Progress Educational Trust (PET), a fertility and genomics charity, the Ipsos poll found that 53% of people support the use of human genome editing to prevent children from developing serious conditions such as cystic fibrosis. There was less enthusiasm for use of the procedure to prevent milder conditions such as asthma, with only 36% in favor, and to create designer babies, with only a fifth expressing support, but views on the technology differed dramatically with age. Younger generations were far more in favor of designer babies than older people, with 38% of 16- to 24-year-olds and 31% of 25- to 34-year-olds supporting the use of gene editing to allow parents to choose features such as their child's height and eye and hair color. In the UK and many other countries it is illegal to perform genome editing on embryos that are intended for pregnancies, but the restrictions could be lifted if research shows the procedure can safely prevent severe diseases.Read more of this story at Slashdot.

The U.S. Food and Drug Administration is preparing to order Juul Labs Inc to take its e-cigarettes off the market in the United States, the Wall Street Journal reported on Wednesday, citing people familiar with the matter. Reuters reports: Juul has faced heightened scrutiny from regulators, lawmakers and state attorneys general over the appeal of its nicotine products to teenagers. Under pressure, the company in late 2019 had halted U.S. sales of several flavors. "This clearly comes as a surprise to the market ... we would expect that Juul would appeal the decision, and remain on the market through that process, which would likely take a year or more," Cowen analyst Vivien Azer said. The looming verdict comes nearly two years after Juul had applied for approval to keep selling e-cigarettes in the country. The FDA's review of the applications was based on whether the e-cigarettes are effective in getting smokers to quit and, if so, whether the benefits to smokers outweigh the health damage to new users, including teenagers. [...] The estimated fair value of Altria's investment in Juul was $1.6 billion as of March end, a fraction of the $12.8 billion it paid in 2018, as a crackdown on vaping has upended the once fast-growing industry.Read more of this story at Slashdot.

Monica Alleven writes via Fierce Wireless: So much for the "win-win-win" scenario that Dish Network envisioned for the 12 GHz band. Dish and fellow MVDDS licensee RS Access have argued that the 12 GHz band can be used by both satellite players like SpaceX's Starlink and by companies like Dish that want to use it for 5G, all for the public's benefit. SpaceX on Tuesday submitted its own analysis (PDF) of the effect of terrestrial mobile deployment on non-geostationary orbit fixed satellite service (NGSO FSS) downlink operations. The upshot: The SpaceX study shows terrestrial mobile service would cause harmful interference to SpaceX's Starlink terminals in the 12.2-12.7 GHz band more than 77% of the time, resulting in full outages 74% of the time. Although entities like RS Access note that SpaceX has access to plenty of other spectrum to accomplish its broadband mission, SpaceX insists that the 12 GHz band has become one of the most important and intensely used spectrum bands for Americans who depend on satellite services. In fact, SpaceX said it depends on the 12 GHz band for the workhorse frequencies in critical downlink services to serve Americans "in every corner of the nation." [...] SpaceX would like the FCC to drop the 12 GHz proceeding, but Dish and RS Access have been urging the FCC for years to change the rules so that their MVDDS licenses can be used for two-way 5G services. In response to SpaceX's submission, the 5G for 12 GHz Coalition, issued the following statement: "We understand that SpaceX has -- after 18 months and both a robust comment and reply period -- just filed its own in-house technical submission to the 12 GHz proceeding. Our engineers and technical experts are reviewing the filing in depth and remain committed to working in good faith with the FCC and stakeholders to ensure that the American public is able to reap the immense benefits of 5G services in this band."Read more of this story at Slashdot.

Coinbase shares fell almost 10% on Wednesday after rival crypto exchange Binance.US said it's dropping certain trading fees for customers. CNBC reports: Binance.US, the U.S. affiliate of the largest crypto exchange in the world by trading volume, said it will allow users to make spot bitcoin trades for the U.S. dollar and stablecoins tether, USD Coin and Binance USD without paying spot trading fees. Shares of Coinbase were down 9.7%. Robinhood slipped by less than 1%. In a separate report, Barron's Daren Fonda speculates that a price war could be next. "It's the beginning of the end of Coinbase's high-fee business model," says Mizuho Securities analyst Dan Dolev. "We've said that the fees will eventually go close to zero. And it could be pretty rapid -- it may be months. The market is very competitive and getting tighter."Read more of this story at Slashdot.

An anonymous reader quotes a report from TechCrunch: At its annual re:Mars conference today in Las Vegas, Amazon's Senior Vice President and Head Scientist for Alexa, Rohit Prasad, announced a spate of new and upcoming features for the company's smart assistant. The most head turning of the bunch was a potential new feature that can synthesize short audio clips into longer speech. In the scenario presented at the event, the voice of a deceased loved one (a grandmother, in this case), is used to read a grandson a bedtime story. Prasad notes that, using the new technology, the company is able to accomplish some very impressive audio output, using just one minute of speech. Details are scant, at the moment. There's no timeline or further specifics, but -- at very least -- this is the kind of news that will likely invite all manner of scrutiny over potential applications beyond something as banal or even heartwarming as reading a child The Wizard of Oz.Read more of this story at Slashdot.

Crypto's structural flaws make it an unsuitable basis for a monetary system, according to the Bank for International settlements (BIS). Instead, monetary systems could be built around central bank digital currencies (CBDCs), which are digital representations of central bank money. CoinDesk reports: The BIS, an association of the world's major central banks, dedicates a 42-page chapter in its "2022 Annual Economic Report" to laying out a blueprint for the future of the global monetary system. In that vision, there is room for only some of crypto's underlying technical features, like programmability and tokenization, not for cryptocurrencies themselves. "Our broad conclusion is captured in the motto, "Anything that crypto can do, CBDCs can do better,'" said Hyun Song Shin, an economic adviser and head of research at the BIS, during a press briefing on Monday. The chapter, which will be published Tuesday ahead of the full report, identifies a number of limitations of crypto, including the lack of a stable nominal anchor. In monetary policy that is a variable -- such as a currency peg -- that can be used to control price levels. Stablecoins, cryptocurrencies pegged to the value of assets like sovereign currencies, are the crypto world's search for such an anchor, Shin said. Stablecoins attempt to "piggyback on the stability of real money issued by central banks." Shin said the recent crash of terraUSD, a dollar stablecoin with a market capitalization of $18 billion in early May that rapidly lost its peg, illustrated how stablecoins, despite their name, are unstable and don't make good units of account. Unlike other leading stablecoins, such as USDC and USDT, which are reportedly backed by dollar-denominated reserves, terraUSD is an algorithmic stablecoin backed by another cryptocurrency (in this case LUNA) with an algorithm in place to regulate supply and demand of the stablecoin and maintain its peg. "The second important finding is that crypto and stablecoins fail to achieve the full network effects that we normally expect of money," Shin said. Money, Shin said, is the perfect example of a virtuous circle of greater use and greater acceptance. Crypto's decentralized nature, on the other hand, achieves exactly the opposite, namely fragmentation.Read more of this story at Slashdot.

Mullvad has taken the decision to completely remove the ability to create new subscriptions -- all in the name of storing less data about their users. TechRadar reports: "Subscriptions clearly offer a lot of convenience but as we've seen that convenience comes at a cost and we no longer think this is an acceptable trade-off. We care deeply about usability but when it comes down to it, privacy has to win," wrote the provider in a blog post. This move is a step forward in Mullvad's commitment to its users' privacy. It's actually one of the few services not to ask for any email address or other personal information to create an account. However, when it came to recurring subscription, the provider was forced to retain record of payments in order to provide refunds, charge the user again after their initial period of cover or recover a missing account. Therefore, one-time payments appear to be the only solution. "We are constantly looking for ways to reduce the amount of data we store while still providing a usable service. Nowhere is the tension between privacy and usability more apparent than in the area of payments." Mullvad's monthly fee has always been the same on every plan - around $5.50. This is very different than almost every other consumer VPN, but there's no need to stress about a price rise. What's more, those who currently have an active Mullvad subscription do not need to worry either. Their account will keep running as usual for at least six months, or until their subscription comes to the end of a term.Read more of this story at Slashdot.

An anonymous reader quotes a report from the Electronic Frontier Foundation: Copyright law cannot be used as a shortcut around the First Amendment's strong protections for anonymous internet users, a federal trial court ruled on Tuesday. The decision by a judge in the United States District Court for the Northern District of California confirms that copyright holders issuing subpoenas under the Digital Millennium Copyright Act must still meet the Constitution's test before identifying anonymous speakers. The case is an effort to unmask an anonymous Twitter user (@CallMeMoneyBags) who posted photos and content that implied a private equity billionaire named Brian Sheth was romantically involved with the woman who appeared in the photographs. Bayside Advisory LLC holds the copyright on those images, and used the DMCA to demand that Twitter take down the photos, which it did. Bayside also sent Twitter a DMCA subpoena to identify the user. Twitter refused and asked a federal magistrate judge to quash Bayside's subpoena. The magistrate ruled late last year that Twitter must disclose the identity of the user because the user failed to show up in court to argue that they were engaged in fair use when they tweeted Bayside's photos. When Twitter asked a district court judge to overrule the magistrate's decision, EFF and the ACLU Foundation of Northern California filed an amicus brief in the case, arguing that the magistrate's ruling sidestepped the First Amendment when it focused solely on whether the user's tweets constituted fair use of the copyrighted works. [...] EFF is pleased with the district court's decision, which ensures that DMCA subpoenas cannot be used as a loophole to the First Amendment's protections. The reality is that copyright law is often misused to silence lawful speech or retaliate against speakers. For example, in 2019 EFF successfully represented an anonymous Reddit user that the Watchtower Bible and Tract Society sought to unmask via a DMCA subpoena, claiming that they posted Watchtower's copyrighted material. We are also grateful that Twitter stood up for its user's First Amendment rights in court.Read more of this story at Slashdot.

Cyborg locust brains can help spot the telltale signs of human cancer in the lab, a new study has shown. The team behind the work hopes it could one day lead to an insect-based breath test that could be used in cancer screening, or inspire an artificial version that works in much the same way. From a report: Other animals have been taught to spot signs that humans are sick. For example, dogs can be trained to detect when their owners' blood sugar levels start to drop, or if they develop cancer, tuberculosis, or even covid. In all cases, the animals are thought to be sensing chemicals that people emit through body odor or breath. The mix of chemicals can vary depending on a person's metabolism, which is thought to change when we get sick. But dogs are expensive to train and look after. And making a device that mimics a dog's nose has proved extremely difficult to do, says Debajit Saha, one of the scientists behind the latest work, which has not yet been peer-reviewed. "These changes are almost in parts per trillion," says Saha, a neural engineer at Michigan State University. This makes them hard to pick up even with state-of-the-art technologies, he adds. But animals have evolved to interpret such subtle changes in scents. So he and his colleagues decided to "hijack" an animal brain instead.Read more of this story at Slashdot.

Russia has levied dozens of cyber espionage campaigns in 42 countries since it invaded Ukraine in February, according to a new Microsoft report. From a report: The report says those efforts have targeted entities across six continents and primarily focused on NATO allies and groups supporting Ukraine. "The Russian invasion relies in part on a cyber strategy that includes at least three distinct and sometimes coordinated efforts -- destructive cyberattacks within Ukraine, network penetration and espionage outside Ukraine and cyber influence operations targeting people around the world," Microsoft President Brad Smith said in the report. The tech giant previously detailed Russian cyber operations against Ukraine itself during the invasion in April. Sixty-three percent of the observed Russian activity in the 42 countries beyond Ukraine targeted NATO members, according to the new report. The United States has been Russia's top target, but the company also noted a large amount of activity in Poland -- which borders Ukraine and has provided significant military and humanitarian assistance to the country -- as well as the Baltic states.Read more of this story at Slashdot.

Brave blog: One year ago, we launched Brave Search to give everyone online a real choice over Big Tech: a privacy-protecting, unbiased alternative to Google and Bing, and a truly independent alternative to providers -- such as DuckDuckGo or Startpage -- that rely on Big Tech to run. Today, Brave Search is exiting its beta phase. [...] Brave Search has grown faster than any search provider since Bing. Some numbers: 2.5 billion queries in the past 365 days, a high of 14.1 million queries per day, 5 billion queries annualized (projection based on current monthly totals).Read more of this story at Slashdot.

Colombia has elected its first left-wing president, setting the Latin American nation on a path to wind down its fossil fuel production. From a report: Leftist Gustavo Petro was voted in Sunday night alongside Goldman prize-winning environmental campaigner Francia Marquez, the nation's first black and second female vice-president. In his manifesto, Petro committed to "undertake a gradual de-escalation of economic dependence on oil and coal." He committed not to grant any new licenses for hydrocarbon exploration during his four-year mandate and to halt all pilot fracking projects and the development of offshore fossil fuels. "These are not baby steps but huge steps towards the transition and reducing fossil fuels," said Colombian environmentalist Martin Ramirez. If Petro formalises his commitments to phasedown fossil fuel production, Colombia could become the largest fossil fuel producer to do so. At the Cop26 climate talks in Glasgow last year, Costa Rica and Denmark launched an alliance of countries committed to phasing out oil and gas production known as the Beyond Oil and Gas Alliance, collectively accounting for 0.2% of global oil production. Colombia produces around 1% of the world's coal, oil and gas.Read more of this story at Slashdot.

Wimbledon is turning to big data to help improve fans' tennis knowledge, after discovering even ticket holders at the Championships were not aware of most of the players in the game. From a report: Crowds at this year's tournament -- expected to return to sold-out levels with easing of coronavirus restrictions -- are to be exposed to more facts and figures organisers hope will help get them "closer to the sport." AI-powered stats will seek to better explain the strengths and weaknesses in players' games but also predict upsets and rising stars, with data built in part from trawling newspaper headlines. Alexandra Willis, the All England Club's director of communications and marketing, said the idea had come about before Covid. "We found that most fans didn't watch tennis the rest of the year," she said. "They also hadn't heard of most of the players [and] this was a specific barrier to engagement." Spectators at Wimbledon fortnight, as well as television viewers and app users, will have access to Win Factor, a tool that will aggregate data from a number of sources to better predict a player's chances of victory in a given match. Fans will be able to input their own match predictions while being encouraged to scour more information on some of the game's lesser-known players.Read more of this story at Slashdot.

The Sun shone 20% less brightly on early Earth, and yet fossil evidence shows that our planet had warm shallow seas where stromatolites -- microbial mats -- thrived. Now a study may have solved the "faint young Sun paradox," showing that saltier oceans could have prevented Earth from freezing over during Archean times, 3bn years ago. From a report: We all know that the composition of the atmosphere (particularly the abundance of greenhouse gases) plays a crucial role in tempering Earth's climate, but what about the composition of the oceans? To answer this question researchers used an ocean-atmosphere general circulation model to investigate the impact of salinity. They show that saltier oceans result in warmer climates, partly because the salt depresses the freezing point of seawater and inhibits sea-ice formation, but mostly because the greater density of salty water alters ocean circulation patterns and aids heat transport to the poles. Under their Archean scenario they show that present-day levels of salinity produce a severely glaciated world with only a narrow strip of open water at the equator. But pushing salinity up to 40% greater than today revealed a warmer Archean world, with average surface temperatures of more than 20C, and ice only appearing seasonally at the poles. Their findings are reported in Geophysical Research Letters.Read more of this story at Slashdot.

Chinese President Xi Jinping chaired a meeting Wednesday that approved promoting the "healthy" development of the payment and fintech sectors, a sign that a broad crackdown on tech companies like Ant Group may be easing. From a report: The meeting of the central commission for deepening overall reform also backed enhancing regulation of major payment platforms, state broadcaster China Central Television reported, adding that companies would be encouraged to return to their roots while the authorities will improve regulation. As part of the plans, China would ensure the security of payment and financial infrastructure, and work to prevent and defuse systemic financial risks, CCTV said. The government will also enhance oversight of financial holding companies and financial institutions invested by platform firms, the report said, without adding details.Read more of this story at Slashdot.

Canada approved legislation that targets what video- and audio-sharing platforms like YouTube and TikTok can broadcast to a Canadian audience, as the country follows in Europe's footsteps in imposing a heftier regulatory burden on the digital sector. From a report: This marks the second attempt in as many years by Canada's Liberal government to compel digital platforms, including streaming companies like Netflix, to prominently feature Canadian artists on their services when users with a Canadian internet-protocol address log in. As contemplated under the new measures, users who search for music, television programming, films or do-it-yourself video shorts would get results incorporating a certain quota of Canadian-made content. YouTube, a unit of Alphabet, TikTok, and the big streaming companies, among them Netflix, as well as legal experts and some Canadian artists, have either opposed Canada's move or warned of unintended consequences -- such as hurting the people the new policy is intended to help. Countries like Canada are increasingly turning to regulatory changes to protect domestic interests in light of the big inroads the world's biggest digital companies have made in transforming how households watch programs, listen to music, conduct day-to-day business and consume news.Read more of this story at Slashdot.

A new report finds that blockchain systems might not be working as well as many crypto enthusiasts assume. From a report: The report was commissioned by the Defense Advanced Research Projects Agency, or DARPA, and the work was done by the software security research company Trail of Bits. Trail of Bits CEO Dan Guido says blockchain -- the public ledgers that keep track of cryptocurrencies, which are replicated on computers around the world -- isn't the egalitarian tech its advocates claim. "It's been taken for granted that the blockchain is immutable and decentralized, because the community says so," says Guido. But in practice, he says, these networks have evolved in ways that concentrate power in the hands of certain people or companies, including the large pools of "miners" whose computers earn virtual currency by maintaining the blockchains. Guido's team calls these potential situations "unintended centralities" -- situations in which someone gains leverage over the decentralized system, creating opportunities for tampering with the record of who owns what. Another example in the report of this kind of concentration is the fact that 60% of Bitcoin traffic is handled by just three internet service providers. "Let's say somebody with great top-down control of the internet in their country starts to interfere with that network," Guido says. By slowing down or stopping legitimate blockchain traffic, an attacker could become the "majority" voice in the consensus of what's written to a blockchain at that moment. "They can rewrite history. They can censor transactions. They can make it so that you can't spend your Bitcoin," says Guido. "It's definitely something people would want to do if they want to 'grief' the network."Read more of this story at Slashdot.

More than half the UK backs the idea of rewriting the DNA of human embryos to prevent severe or life-threatening diseases, according to a survey. From a report: Commissioned by the Progress Educational Trust (PET), a fertility and genomics charity, the Ipsos poll found that 53% of people support the use of human genome editing to prevent children from developing serious conditions such as cystic fibrosis. There was less enthusiasm for use of the procedure to prevent milder conditions such as asthma, with only 36% in favour, and to create designer babies, with only a fifth expressing support, but views on the technology differed dramatically with age. Younger generations were far more in favour of designer babies than older people, with 38% of 16- to 24-year-olds and 31% of 25- to 34-year-olds supporting the use of gene editing to allow parents to choose features such as their child's height and eye and hair colour. In the UK and many other countries it is illegal to perform genome editing on embryos that are intended for pregnancies, but the restrictions could be lifted if research shows the procedure can safely prevent severe diseases. Genome editing has been hailed as a potential gamechanger for dealing with a raft of heritable diseases ranging from cystic fibrosis and muscular dystrophy to Tay-Sachs, a rare condition that progressively destroys the nervous system. In principle, the faulty genes that cause the diseases can be rewritten in IVF embryos, allowing those embryos to develop into healthy babies.Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: In the decade since larger-than-life character Kim Dotcom founded Mega, the cloud storage service has amassed 250 million registered users and stores a whopping 120 billion files that take up more than 1,000 petabytes of storage. A key selling point that has helped fuel the growth is an extraordinary promise that no top-tier Mega competitors make: Not even Mega can decrypt the data it stores. On the company's homepage, for instance, Mega displays an image that compares its offerings to Dropbox and Google Drive. In addition to noting Mega's lower prices, the comparison emphasizes that Mega offers end-to-end encryption, whereas the other two do not. Over the years, the company has repeatedly reminded the world of this supposed distinction, which is perhaps best summarized in this blog post. In it, the company claims, "As long as you ensure that your password is sufficiently strong and unique, no one will ever be able to access your data on MEGA. Even in the exceptionally improbable event MEGA's entire infrastructure is seized!" (emphasis added). Third-party reviewers have been all too happy to agree and to cite the Mega claim when recommending the service. Research published on Tuesday shows there's no truth to the claim that Mega, or an entity with control over Mega's infrastructure, is unable to access data stored on the service. The authors say that the architecture Mega uses to encrypt files is riddled with fundamental cryptography flaws that make it trivial for anyone with control of the platform to perform a full key recovery attack on users once they have logged in a sufficient number of times. With that, the malicious party can decipher stored files or even upload incriminating or otherwise malicious files to an account; these files look indistinguishable from genuinely uploaded data. After receiving the researchers' report privately in March, Mega on Tuesday began rolling out an update that makes it harder to perform the attacks. But the researchers warn that the patch provides only an "ad hoc" means for thwarting their key-recovery attack and does not fix the key reuse issue, lack of integrity checks, and other systemic problems they identified. With the researchers' precise key-recovery attack no longer possible, the other exploits described in the research are no longer possible, either, but the lack of a comprehensive fix is a source of concern for them. "This means that if the preconditions for the other attacks are fulfilled in some different way, they can still be exploited," the researchers wrote in an email. "Hence we do not endorse this patch, but the system will no longer be vulnerable to the exact chain of attacks that we proposed." Mega has published an advisory here. However, the chairman of the service says that he has no plans to revise promises that the company cannot access customer data.Read more of this story at Slashdot.

The Israeli Ministry of Defense plans to begin testing of a Medium Robotic Combat Vehicle (M-RCV) next year. New Atlas reports: Developed by the Ministry of Defense's Directorate of Defense Research and Development (DDR&D), the Tank and APC Directorate, and Israeli security industries, the robotic tank is based on a new robotic platform type BLR-2 made by Israeli firm BL. It features a 30-mm autonomous turret originally developed by the Tank and APC Directorate for the Eitan armored personnel carrier; the Elbit Iron Fist Active Protection System, which is a smaller, mountable version of the Iron Dome anti-projectile defense system; fire control and mission management systems; a robotic autonomous operations kit; and active and passive sensors for situational awareness. In addition, the robotic vehicle carries a capsuled drone that it can deploy and retrieve for forward reconnaissance missions. It can also carry a variety of heavy loads, as well as an Israeli Aerospace Industries missile launcher and Rafael Advanced Defense Systems Spike missiles. According to Elbit, the robot can operate in all weathers in a largely autonomous mode and can integrate with uncrewed battlefield arrays. Field tests in representative scenarios are scheduled to start in 2023. You can view the M-RCV in action here.Read more of this story at Slashdot.

Nasa has begun turning off the spacecraft Voyager's systems, signaling the beginning of the end of the probe's 50-year career. The Independent reports: Voyager 1 and Voyager 2 -- two identical probes -- were launched in 1977 and travelled across interstellar space to the edge of the solar system, giving humanity its closest look at the moons of Jupiter and Saturn. Now, however, Nasa must start limiting the Voyagers' processes in order to keep them operating until 2030. "We're at 44 and a half years," says Ralph McNutt, a physicist at the Johns Hopkins University Applied Physics Laboratory, told Scientific American. "So we've done 10 times the warranty on the darn things." The first Voyager craft has four remaining functioning instruments, while Voyager 2 has five, all of which are powered by converting decaying plutonium into electricity. This battery has had its output decreasing by approximately four watts every year, leading to Nasa making some tough choices about what to disable; in 2019, engineers had to turn off the heater for the cosmic-ray detector, a key piece of equipment for detecting when Voyager 2 exited the heliosphere- the magnetosphere, astrosphere and outermost atmospheric layer of the Sun. The final instruments Nasa will disable are likely to be the magnetometer and the plasma science instrument, which are contained in the body of the spacecraft. These are warmed by the excess heat of the computers, while the others are suspended on a 13 meter fiberglass boom, meaning that they are likely to take the longest to get cold. Both craft remain so far from Earth that it takes a radio signal almost 22 hours to reach Voyager 1 and just over 18 for Voyager 2 -- even when traveling at the speed of light.Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: The Federal Aviation Administration says it finally has a plan for the industry to replace or retrofit airplane altimeters that can't filter out transmissions from outside their allotted frequencies. The altimeter problem has prevented AT&T and Verizon from fully deploying 5G on the C-Band spectrum licenses the wireless carriers purchased for a combined $69 billion. The FAA was urging airlines to retrofit or replace altimeters in recent months and now says it has finalized a plan. An FAA statement on Friday said that "airlines and other operators of aircraft equipped with the affected radio altimeters must install filters or other enhancements as soon as possible." AT&T and Verizon said they will be able to accelerate 5G deployments near airports in the coming months, but the carriers agreed to continue some level of "voluntary mitigations" in the airport areas until July 2023. Altimeters are used by airplanes to measure altitude. The FAA said a new "phased approach requires operators of regional aircraft with radio altimeters most susceptible to interference to retrofit them with radio frequency filters by the end of 2022. This work has already begun and will continue on an expedited basis." Additionally, "filters and replacement units for the mainline commercial fleet should be available on a schedule that would permit the work to be largely completed by July 2023," the FAA said, continuing: "The radio-altimeter manufacturers have worked at an unprecedented pace with Embraer, Boeing, Airbus and Mitsubishi Heavy Industries to develop and test filters and installation kits for these aircraft. Customers are receiving the first kits now. In most cases, the kits can be installed in a few hours at airline maintenance facilities. Throughout this process, the FAA will work with both industries to track the pace of the radio altimeter retrofits while also working with the wireless companies to relax mitigations around key airports in carefully considered phases."Read more of this story at Slashdot.

A new breakthrough has allowed physicists to create a beam of atoms that behaves the same way as a laser, and that can theoretically stay on "forever." ScienceAlert reports: At the root of the atom laser is a state of matter called a Bose-Einstein condensate, or BEC. A BEC is created by cooling a cloud of bosons to just a fraction above absolute zero. At such low temperatures, the atoms sink to their lowest possible energy state without stopping completely. When they reach these low energies, the particles' quantum properties can no longer interfere with each other; they move close enough to each other to sort of overlap, resulting in a high-density cloud of atoms that behaves like one 'super atom' or matter wave. However, BECs are something of a paradox. They're very fragile; even light can destroy a BEC. Given that the atoms in a BEC are cooled using optical lasers, this usually means that a BEC's existence is fleeting. Atom lasers that scientists have managed to achieve to date have been of the pulsed, rather than continuous variety; and involve firing off just one pulse before a new BEC needs to be generated. In order to create a continuous BEC, a team of researchers at the University of Amsterdam in the Netherlands realized something needed to change. "In previous experiments, the gradual cooling of atoms was all done in one place. In our setup, we decided to spread the cooling steps not over time, but in space: we make the atoms move while they progress through consecutive cooling steps," explained physicist Florian Schreck. "In the end, ultracold atoms arrive at the heart of the experiment, where they can be used to form coherent matter waves in a BEC. But while these atoms are being used, new atoms are already on their way to replenish the BEC. In this way, we can keep the process going -- essentially forever." The research has been published in the journal Nature.Read more of this story at Slashdot.