Slashdot

Facing higher prices for natural gas, Germans are now embracing climate-friendly heat pumps, reports the New York Times. "So much so that heat pumps are often sold out, and the wait for a qualified installer can last months."The German government is among the fans. "This is the technology of the future," Robert Habeck, the minister for the economy, told reporters last month while announcing a government plan to promote heat pumps. "To achieve our goals, we want to get to six million customers by 2030," Mr. Habeck said.... The cost for the electricity needed to power a heat pump is about 35 percent cheaper than natural gas, according to Verivox, a company that compares energy prices for German consumers. The savings are even greater for those who can run their heat pumps off solar panels.... Sales of heat pumps in Germany have more than doubled in the past two years, especially as the price of gas has soared.... To encourage people to make the change, the government is offering subsidies that can cover up to a quarter of the upfront price of a unit, along with subsidies for other energy-efficiency improvements up to a total of €60,000. Germany lags far behind its European neighbors, where imported natural gas was not as affordable or abundant. Residents of Finland and Norway, which rely more on electricity, have 10 times the number of heat pumps as do Germans, according to Agora Energiewende, a policy institute in Berlin. Even the Netherlands, which sits on its own wealth of natural gas but made a push for the more climate-friendly machines several years ago, has double the number of the units that Germany has.Read more of this story at Slashdot.

NVIDIA is proud of its role in the first commercially available smart tractor (which began rolling off the production line Thursday). Monarch Tractor's MK-V "combines electrification, automation, and data analysis to help farmers reduce their carbon footprint, improve field safety, streamline farming operations, and increase their bottom lines," according to NVIDIA's blog. NVIDIA's been touting the ability to accelerate machine learning applications with its low-power Jetson boards (each with a system on a chip integrating an ARM-architecture CPU), and they write that the new tractor "cuts energy costs and diesel emissions, while also helping reduce harmful herbicides, which are expensive and deplete the soil."Mark Schwager, former Tesla Gigafactory chief, is president; Zachary Omohundro, a robotics Ph.D. from Carnegie Mellon, is CTO; Praveen Penmetsa, CEO of Monarch Tractor, is an autonomy and mobility engineer. Penmetsa likens the revolutionary new tractor to paradigm shifts in PCs and smartphones, enablers of world-changing applications. Monarch's role, he said, is as the hub to enable smart implements — precision sprayers, harvesters and more — for computer vision applications to help automate farming.... Tapping into six NVIDIA Jetson Xavier NX SOMs (system on modules), Monarch's Founder Series MK-V tractors are essentially roving robots packing supercomputing. Monarch has harnessed Jetson to deliver tractors that can safely traverse rows within agriculture fields using only cameras. "This is important in certain agriculture environments because there may be no GPS signal," said Penmetsa. "It's also crucial for safety as the Monarch is intended for totally driverless operation."The Founder Series MK-V runs two 3D cameras and six standard cameras. In one pilot test a tractor lowered energy costs (compared to a diesel tractor) by $2,600 a year, according to NVIDIA's blog post. And the tractor collects and analyzes crop data daily, so hopes are high for the system. Monarch has already raised more than $110 million in funding, reports the Verge:Many tractors out in farming fields have semiautonomous modes but largely require a driver to be seated. They also mostly run on diesel gas, so the MK-V, with its fully electric design and driver-optional smarts, is claiming it's the first production model of its kind.Read more of this story at Slashdot.

Marc Tessier-Lavigne is president of Stanford University. He's also "the subject of a university investigation," reports SFGate, "following a report from the school's newspaper, the Stanford Daily, that he committed scientific research misconduct" in papers he co-authored years ago which may contain altered images. More from the Washington Post:The university launched the inquiry after the Stanford Daily, a campus newspaper, reported that a well-known research journal was looking into concerns raised about a 2008 paper co-authored by Marc Tessier-Lavigne. The Daily reported that in addition to the paper in the European Molecular Biology Organization Journal, there were questions about other published research. Some of those complaints were first made many years ago, and Tessier-Lavigne had tried to correct papers at one journal in 2015, according to its editor.... Tessier-Lavigne said in a statement that he supports the inquiry. "Scientific integrity is of the utmost importance both to the university and to me personally," Tessier-Lavigne said. "I support this process and will fully cooperate with it, and I appreciate the oversight by the Board of Trustees...." Elisabeth Bik, who had been a staff scientist at Stanford doing postdoctoral microbiology research until 2016 and is now a well-known research integrity consultant who specializes in photographic images, said she heard about the questions about some papers of which Tessier-Lavigne is one of the authors a few years after they were first raised, and identified additional possible problems. Most appeared to be minor concerns, and they could have been honest mistakes, she said. This week, Bik said, she spotted a more troubling instance in a paper from 1999 with multiple authors where it appeared photos had been altered, which she said was suggestive of copying and pasting. The Los Angeles Times describes Tessier-Lavigne as "a neuroscientist and biotech entrepreneur widely known for his Alzheimer's research" who "has authored or co-authored about 300 scientific papers."Read more of this story at Slashdot.

Axios reports:"Although a quantum computer isn't expected until 2030, at the earliest, updating current encryption standards will take just as long," writes Axios, "creating a high-stakes race filled with unanswerable questions for national security and cybersecurity officials alike."As scientists, academics and international policymakers attended the first-ever Quantum World Congress conference in Washington this week, alarmism around the future of secure data was undercut by foundational questions of what quantum computing will mean for the world. "We don't even know what we don't know about what quantum can do," said Michael Redding, chief technology officer at Quantropi, during a panel about cryptography at the Quantum World Congress.... Some governments are believed to have already started stealing enemies' encrypted secrets now, so they can unlock them as soon as quantum computing is available. "It's the single-largest economic national-security issue we have ever faced as a Western society," said Denis Mandich, chief technology officer at Qrypt and a former U.S. intelligence official, at this week's conference. "We don't know what happens if they actually decrypt, operationalize and monetize all the data that they already have."Read more of this story at Slashdot.

IEEE Spectrum reports:In October, a startup called Jidu Automotive, backed by Chinese AI giant Baidu and Chinese carmaker Geely, officially released an autonomous electric car, the Robo-01 Lunar Edition. In 2023, the car will go on sale. At roughly US $55,000, the Robo-01 Lunar Edition is a limited edition, cobranded with China's Lunar Exploration Project. It has two lidars, a 5-millimeter-range radar, 12 ultrasonic sensors, and 12 high-definition cameras. It is the first vehicle to offer on-board, AI-assisted voice recognition, with voice response speeds within 700 milliseconds, thanks to the Qualcomm Snapdragon 8295 chip. "It's a car, and, even more so, a robot," said Jidu CEO Joe Xia, during the live-streamed unveiling of the car (as translated from the Mandarin by CNBC). He added that it "can become the standard for self-driving cars." But just how autonomous the car is remains to be seen: In January 2022 Baidu and Jidu said the car would have Level 4 autonomous driving capability, which does not require a human driver to control the vehicle. But the press release at the car's launch made no mention of Level 4, saying only that the car offered "high-level autonomous driving...." In September 2022, Baidu cofounder and CEO Robin Li noted that lower levels of autonomy shield car companies from liability in the event of a crash, because the driver is expected to be in control. With Level 4, the manufacturer of the car or the operator of the "robotaxi" service using the car would be to blame.... Regardless of the car's official autonomy designation, Baidu has billed its self-driving package, Apollo, as having Level 4 capabilities. That includes what the company calls a Point-to-Point Autopilot, designed to handle highway, city street, and parking scenarios. Jidu is conducting further tests in Beijing and Shanghai to ensure that its Point-to-Point Autopilot will cover all major cities in China. Chinese regulations do allow Level 4 in robotaxis that operate within designated geofenced areas, and Apollo has already shown what it can do in Baidu's Apollo Go robotaxis, which have delivered more than 1 million rides in at least 10 cities across China. Baidu recently unveiled its latest autonomous robotaxi, the Level-4 Apollo RT6, which has a detachable steering wheel. The absence of a steering wheel is a statement in itself, and it frees up cabin space for extra seating or even desktops, gaming consoles, and vending machines. Meanwhile CNBC notes that the four-seat Robo-01 "has replaced the dashboard with a long screen extending across the front of the car and removed cockpit buttons — since the driver can use voice control instead, said Jidu CEO Joe Xia. "Theoretically, the half-moon of a steering wheel can fold up, paving the way for a cockpit seat with no window obstructions, once full self-driving is allowed on China's roads...."Xia claimed Jidu "can become the standard for self-driving cars...." Co-investor Geely has pushed into the electric car industry with its own vehicles, and announced in November a multi-year plan to build up the software component of the cars. The automaker said it aimed to commercialize full self-driving under specific conditions, called "Level Four" autonomous driving in a classification system, by 2025.Read more of this story at Slashdot.

The Wall Street Journal reports:In recent weeks, Apple Inc. has accelerated plans to shift some of its production outside China, long the dominant country in the supply chain that built the world's most valuable company, say people involved in the discussions. It is telling suppliers to plan more actively for assembling Apple products elsewhere in Asia, particularly India and Vietnam, they say, and looking to reduce dependence on Taiwanese assemblers led by Foxconn Technology Group. Turmoil at a place called iPhone City helped propel Apple's shift. At the giant city-within-a-city in Zhengzhou, China, as many as 300,000 workers work at a factory run by Foxconn to make iPhones and other Apple products. At one point, it alone made about 85% of the Pro lineup of iPhones, according to market-research firm Counterpoint Research. The Zhengzhou factory was convulsed in late November by violent protests.... Coming after a year of events that weakened China's status as a stable manufacturing center, the upheaval means Apple no longer feels comfortable having so much of its business tied up in one place, according to analysts and people in the Apple supply chain.... One response, say the people involved in Apple's supply chain, is to draw from a bigger pool of assemblers — even if those companies are themselves based in China. Two Chinese companies that are in line to get more Apple business, they say, are Luxshare Precision Industry Co. and Wingtech Technology Co.... Apple's longer-term goal is to ship 40% to 45% of iPhones from India, compared with a single-digit percentage currently, according to Ming-chi Kuo, an analyst at TF International Securities who follows the supply chain. Suppliers say Vietnam is expected to shoulder more of the manufacturing for other Apple products such as AirPods, smartwatches and laptops. For now, consumers doing Christmas shopping are stuck with some of the longest wait timesfor high-end iPhones in the product's 15-year history, stretching until after Christmas.... Accounts vary about how many workers are missing from the Zhengzhou factory, with estimates ranging from the thousands to the tens of thousands. Mr. Kuo said it was running at only about 20% capacity in November, a figure expected to improve to 30% to 40% in December. Foxconn says it accounted for 3.9% of China's exports in 2021, the Journal points out. Yet "A survey by the U.S.-China Business Council this year found American companies' confidence in China has fallen to a record low, with about a quarter of respondents saying they have at least temporarily moved parts of their supply chain out of China over the past year."Read more of this story at Slashdot.

"Graduate students at Northeastern University were able to organize and beat back an attempt at introducing invasive surveillance devices that were quietly placed under desks at their school," reports Motherboard:Early in October, Senior Vice Provost David Luzzi installed motion sensors under all the desks at the school's Interdisciplinary Science & Engineering Complex (ISEC), a facility used by graduate students and home to the "Cybersecurity and Privacy Institute" which studies surveillance. These sensors were installed at night — without student knowledge or consent — and when pressed for an explanation, students were told this was part of a study on "desk usage," according to a blog post by Max von Hippel, a Privacy Institute PhD candidate who wrote about the situation for the Tech Workers Coalition's newsletter.... Students began to raise concerns about the sensors, and an email was sent out by Luzzi attempting to address issues raised by students.... Luzzi wrote, the university had deployed "a Spaceti occupancy monitoring system" that would use heat sensors at groin level to "aggregate data by subzones to generate when a desk is occupied or not." Luzzi added that the data would be anonymized, aggregated to look at "themes" and not individual time at assigned desks, not be used in evaluations, and not shared with any supervisors of the students. Following that email, an impromptu listening session was held in the ISEC. At this first listening session, Luzzi asked that grad student attendees "trust the university since you trust them to give you a degree...." After that, the students at the Privacy Institute, which specialize in studying surveillance and reversing its harm, started removing the sensors, hacking into them, and working on an open source guide so other students could do the same. Luzzi had claimed the devices were secure and the data encrypted, but Privacy Institute students learned they were relatively insecure and unencrypted.... After hacking the devices, students wrote an open letter to Luzzi and university president Joseph E. Aoun asking for the sensors to be removed because they were intimidating, part of a poorly conceived study, and deployed without IRB approval even though human subjects were at the center of the so-called study. von Hippel notes that many members of the computer science department were also in a union, and thus networked together for a quick mass response. Motherboard writes that the controversy ultimately culminated with another listening session in which Luzzi "struggles to quell concerns that the study is invasive, poorly planned, costly, and likely unethical." "Afterwards, von Hippel took to Twitter and shares what becomes a semi-viral thread documenting the entire timeline of events from the secret installation of the sensors to the listening session occurring that day. Hours later, the sensors are removed..."Read more of this story at Slashdot.

A reader submits a report: Artificial Intelligence (AI) research company OpenAI on Wednesday announced ChatGPT, a prototype dialogue-based AI chatbot capable of understanding natural language and responding in natural language. It has since taken the internet by storm, with people marvelling at how intelligent the AI-powered bot sounds. Some even called it a replacement for Google, since it's capable of giving solutions to complex problems directly," almost like a personal know-all teacher. "We've trained a model called ChatGPT which interacts in a conversational way. The dialogue format makes it possible for ChatGPT to answer follow-up questions, admit its mistakes, challenge incorrect premises, and reject inappropriate requests," OpenAI wrote on its announcement page for ChatGPT.ChatGPT is based on GPT-3.5, a language model that uses deep learning to produce human-like text. However, while the older GPT-3 model only took text prompts and tried to continue on that with its own generated text, ChatGPT is more engaging. It's much better at generating detailed text and can even come up with poems. Another unique characteristic is memory. The bot can remember earlier comments in a conversation and recount them to the user.ChatGPT wrote a poem about Slashdot. And another one about Dogecoin. Try ChatGPT for yourself here.Read more of this story at Slashdot.

You can read the news in Military Times magazine. "Coming just after the 25th anniversary of the release of the cult classic Starship Troopers (November 1997), Offworld Industries and Sony Pictures Consumer Projects are bringing the fight against the Arachnids to a computer near you." An official announcement and gameplay teaser were released for the upcoming game this week. "Starship Troopers: Extermination is a co-op FPS that puts you on the far-off front lines of an all-out battle against the Bugs!" explains its page on Steam. "Squad up, grab your rifle, and do your part as an elite Deep Space Vanguard Trooper set to take back planets claimed by the Arachnid threat!" The page says an "Early Access" launch is planned for 2023:In Starship Troopers: Extermination, our vision is to show a galactic war between the Federation and the Arachnid Empire. After our initial launch and throughout the course of Early Access development, players will get to engage with exciting new updates that expand upon the in-game universe, and provide feedback through the Steam Community Hub that our developers can take into consideration.... [W]e will be sharing an exciting and robust roadmap with content already planned for 2023. Throughout Early Access we will provide players with more weapons, an updated class leveling system as well as progression achievements and unlockable skins for both weapons and armor. Additionally we will be adding vehicles special call in attacks including massive Orbital Strikes to help during missions. On the enemy side we will be adding more bugs, flying enemies, and boss battles that require complex player coordination to accomplish. As we progress in development, our goal is to then begin ongoing planetary battles where the player can explore new items and enemies introduced in previous updates as an epic war breaks out. This transition adds a new world as we head to the completion of Early Access. The intent throughout Early Access is to convey that this part of our development cycle is the beginning of the war and the battle will only increase in complexity and ferocity as we move to full release. Starship Troopers: Extermination is expected to be in Early Access for approximately 1 year. The full version of Starship Troopers: Extermination will span multiple worlds to liberate them from the Arachnid Threat. This will include additional weapons, enemies types, class progression upgrades, community events, and encounters. The player will have a more diverse roster of customization options allowing them to tailor their Troopers to fit their playstyle and experience." Starship Troopers: Extermination will launch with a massive map on Planet Valaka. Up to twelve players can team up to complete side and main missions before escaping to the extraction zone. We'll have more to share closer to the Early Access launch in 2023! We plan to work closely with the community on Steam's Community Hub and in the official Starship Troopers: Extermination Discord as we add features, tune gameplay, and develop new content. "Starship Troopers is in a league of its own when it comes to 90s science fiction films," writes Boing Boing's Devin Nealy. "Despite serving as an adaptation of the Robert A. Heinlein book, Starship Troopers forges a unique identity through its striking visuals and deft use of satire." Noting the two "pretty weak" straight-to-video sequels (and two more CGI-animated films), Nealy argues that "Until the franchise finds a creative team that can properly capture the essence of the first film, a video game might be the best option for the series."Read more of this story at Slashdot.

"In an experiment that ticks most of the mystery boxes in modern physics, a group of researchers announced Wednesday that they had simulated a pair of black holes in a quantum computer," reports the New York Times [alternate URL here. But in addition, the researchers also sent a message between their two black holes, the Times reports, "through a shortcut in space-time called a wormhole. "Physicists described the achievement as another small step in the effort to understand the relation between gravity, which shapes the universe, and quantum mechanics, which governs the subatomic realm of particles.... Quanta magazine reports:The wormhole emerged like a hologram out of quantum bits of information, or "qubits," stored in tiny superconducting circuits. By manipulating the qubits, the physicists then sent information through the wormhole, they reported Wednesday in the journal Nature. The team, led by Maria Spiropulu of the California Institute of Technology, implemented the novel "wormhole teleportation protocol" using Google's quantum computer, a device called Sycamore housed at Google Quantum AI in Santa Barbara, California. With this first-of-its-kind "quantum gravity experiment on a chip," as Spiropulu described it, she and her team beat a competing group of physicists who aim to do wormhole teleportation with IBM and Quantinuum's quantum computers. When Spiropulu saw the key signature indicating that qubits were passing through the wormhole, she said, "I was shaken." The experiment can be seen as evidence for the holographic principle, a sweeping hypothesis about how the two pillars of fundamental physics, quantum mechanics and general relativity, fit together.... The holographic principle, ascendant since the 1990s, posits a mathematical equivalence or "duality" between the two frameworks. It says the bendy space-time continuum described by general relativity is really a quantum system of particles in disguise. Space-time and gravity emerge from quantum effects much as a 3D hologram projects out of a 2D pattern. Indeed, the new experiment confirms that quantum effects, of the type that we can control in a quantum computer, can give rise to a phenomenon that we expect to see in relativity — a wormhole.... To be clear, unlike an ordinary hologram, the wormhole isn't something we can see. While it can be considered "a filament of real space-time," according to co-author Daniel Jafferis of Harvard University, lead developer of the wormhole teleportation protocol, it's not part of the same reality that we and the Sycamore computer inhabit. The holographic principle says that the two realities — the one with the wormhole and the one with the qubits — are alternate versions of the same physics, but how to conceptualize this kind of duality remains mysterious. Opinions will differ about the fundamental implications of the result. Crucially, the holographic wormhole in the experiment consists of a different kind of space-time than the space-time of our own universe. It's debatable whether the experiment furthers the hypothesis that the space-time we inhabit is also holographic, patterned by quantum bits. "I think it is true that gravity in our universe is emergent from some quantum [bits] in the same way that this little baby one-dimensional wormhole is emergent" from the Sycamore chip, Jafferis said. "Of course we don't know that for sure. We're trying to understand it." Here's how principal investigator Spiropulu summarizes their experiment. "We found a quantum system that exhibits key properties of a gravitational wormhole yet is sufficiently small to implement on today's quantum hardware."Read more of this story at Slashdot.

"A group of about 20 quality assurance testers at Activision Blizzard's Albany location won their bid for a union Friday afternoon," reports the Washington Post:The workers join the Game Workers Alliance, a union at the gaming company that already includes testers from Wisconsin-based Raven Software. Amanda Laven, a Blizzard Albany quality assurance tester, said that the union vote comes just about a year after the testers first began collecting signatures for a union. "We knew we were gonna win, but it's still extremely exciting and gratifying, especially because tomorrow marks the first anniversary of when we started organizing," Laven said. The testers are the lowest paid workers at Blizzard Albany, formerly called Vicarious Visions, a studio known for its work on the Guitar Hero and Crash Bandicoot franchises. The Game Workers Alliance is the first union at a major video game company in the U.S., and Friday's news marks the union's second significant win in an industry that has historically not organized.... The Blizzard Albany testers took their cues from seeing testers at Call of Duty-maker Raven petition the company and gather signatures. On May 28, Raven testers won their bid to unionize. They're currently undergoing bargaining efforts for a contract.Read more of this story at Slashdot.

CNBC reports:Ford Motor said Friday that it has achieved CEO Jim Farley's goal of becoming the second best-selling automaker of electric vehicles in the U.S. The Detroit automaker, citing third-party industry data, narrowly topped Hyundai/Kia to hit the goal.... Ford said its share of the electric vehicle segment was 7.4% through November, up from 5.7% a year earlier. Ford reported sales of 53,752 all-electric vehicles in the U.S. through November. Tesla, which does not break out domestic results, reported global deliveries of more than 908,000 EVs through the third quarter. Hyundai's sales do not include the Nexo hydrogen fuel cell vehicle. The company says with that vehicle, it slightly outsold Ford in battery- and fuel cell-powered vehicles of 54,043 units through November. The sales come after the South Korean automaker lost incentives that gave buyers of its EVs tax credits of up to $7,500 under the Biden administration's Inflation Reduction Act, which took effect in August. Vehicles such as Ford's EVs that are produced in North America still qualify for the credit. The article notes that General Motors — America's second-largest automaker — also "plans to significantly step up EV production in the coming years." Although so far, through the third quarter of this year, "it reported sales of less than 23,000 EVs."Read more of this story at Slashdot.

"Twitter CEO Elon Musk turned to journalist Matt Taibbi on Friday to reveal the decision-making behind the platform's suppression of a 2020 article from the New York Post regarding Hunter Biden's laptop," reports Newsweek. "Taibbi later deleted a tweet showing [former Twitter CEO] Jack Dorsey's email address," adds the Verge, covering reactions to Taibbi's thread — and the controversial events that the tweets described:At the time, it was not clear if the materials were genuine, and Twitter decided to ban links to or images of the Post's story, citing its policy on the distribution of hacked materials. The move was controversial even then, primarily among Republicans but also with speech advocates worried about Twitter's decision to block a news outlet. While Musk might be hoping we see documents showing Twitter's (largely former) staffers nefariously deciding to act in a way that helped now-President Joe Biden, the communications mostly show a team debating how to finalize and communicate a difficult moderation decision. Taibbi himself tweeted that "Although several sources recalled hearing about a 'general' warning from federal law enforcement that summer about possible foreign hacks, there's no evidence - that I've seen - of any government involvement in the laptop story." More from the Verge:Meanwhile, Taibbi's handling of the emails — which seem to have been handed to him at Musk's direction, though he only refers to "sources at Twitter" — appears to have exposed personal email addresses for two high-profile leaders: Dorsey and Representative Ro Khanna. An email address that belongs to someone Taibbi identifies as Dorsey is included in one message, in which Dorsey forwards an article Taibbi wrote criticizing Twitter's handling of the Post story. Meanwhile, Khanna confirmed to The Verge that his personal Gmail address is included in another email, in which Khanna reaches out to criticize Twitter's decision to restrict the Post's story as well. "As the congressman who represents Silicon Valley, I felt Twitter's actions were a violation of First Amendment principles so I raised those concerns," Khanna said in a statement to The Verge. "Our democracy can only thrive if we are open to a marketplace of ideas and engaging with people with whom we disagree." The story also revealed the names of multiple Twitter employees who were in communications about the moderation decision. While it's not out of line for journalists to report on the involvement of public-facing individuals or major decision makers, that doesn't describe all of the people named in the leaked communications.... "I don't get why naming names is necessary. Seems dangerous," Twitter co-founder Biz Stone wrote Friday in apparent reference to the leaks.... The Verge reached out to Taibbi for comment but didn't immediately hear back. Twitter, which had its communications team dismantled during layoffs last month, also did not respond to a request for comment. Wired adds:What did the world learn about Twitter's handling of the incident from the so-called Twitter Files? Not much. After all, Twitter reversed its decision two days later, and then-CEO Jack Dorsey said the moderation decision was "wrong." In other news, "Twitter will start showing view count for all tweets," Elon Musk announced Friday, "just as view count is shown for all videos." And he shared other insights into his plans for Twitter's future. "Freedom of speech doesn't mean freedom of reach. Negativity should & will get less reach than positivity."Read more of this story at Slashdot.

"Twitter CEO Elon Musk turned to journalist Matt Taibbi on Friday to reveal the decision-making behind the platform's suppression of a 2020 article from the New York Post regarding Hunter Biden's laptop," reports Newsweek. "Taibbi later deleted a tweet showing [former Twitter CEO] Jack Dorsey's email address," adds the Verge, covering reactions to Taibbi's thread — and the controversial events that the tweets described:At the time, it was not clear if the materials were genuine, and Twitter decided to ban links to or images of the Post's story, citing its policy on the distribution of hacked materials. The move was controversial even then, primarily among Republicans but also with speech advocates worried about Twitter's decision to block a news outlet. While Musk might be hoping we see documents showing Twitter's (largely former) staffers nefariously deciding to act in a way that helped now-President Joe Biden, the communications mostly show a team debating how to finalize and communicate a difficult moderation decision.... Taibbi says, "there's no evidence — that I've seen — of any government involvement in the laptop story." Meanwhile, Taibbi's handling of the emails — which seem to have been handed to him at Musk's direction, though he only refers to "sources at Twitter" — appears to have exposed personal email addresses for two high-profile leaders: Dorsey and Representative Ro Khanna. An email address that belongs to someone Taibbi identifies as Dorsey is included in one message, in which Dorsey forwards an article Taibbi wrote criticizing Twitter's handling of the Post story. Meanwhile, Khanna confirmed to The Verge that his personal Gmail address is included in another email, in which Khanna reaches out to criticize Twitter's decision to restrict the Post's story as well. "As the congressman who represents Silicon Valley, I felt Twitter's actions were a violation of First Amendment principles so I raised those concerns," Khanna said in a statement to The Verge. "Our democracy can only thrive if we are open to a marketplace of ideas and engaging with people with whom we disagree." The story also revealed the names of multiple Twitter employees who were in communications about the moderation decision. While it's not out of line for journalists to report on the involvement of public-facing individuals or major decision makers, that doesn't describe all of the people named in the leaked communications.... "I don't get why naming names is necessary. Seems dangerous," Twitter co-founder Biz Stone wrote Friday in apparent reference to the leaks.... The Verge reached out to Taibbi for comment but didn't immediately hear back. Twitter, which had its communications team dismantled during layoffs last month, also did not respond to a request for comment. Wired adds:What did the world learn about Twitter's handling of the incident from the so-called Twitter Files? Not much. After all, Twitter reversed its decision two days later, and then-CEO Jack Dorsey said the moderation decision was "wrong." In other news, "Twitter will start showing view count for all tweets," Elon Musk announced Friday, "just as view count is shown for all videos." And he shared other insights into his plans for Twitter's future. "Freedom of speech doesn't mean freedom of reach. Negativity should & will get less reach than positivity."Read more of this story at Slashdot.

"Maintenance of the software that's used for the hardest physics calculations rests almost entirely with a retiree," reports Quanta magazine, saying the situation "reveals the problematic incentive structure of academia."Particle physicists use some of the longest equations in all of science. To look for signs of new elementary particles in collisions at the Large Hadron Collider, for example, they draw thousands of pictures called Feynman diagrams that depict possible collision outcomes, each one encoding a complicated formula that can be millions of terms long. Summing formulas like these with pen and paper is impossible; even adding them with computers is a challenge. The algebra rules we learn in school are fast enough for homework, but for particle physics they are woefully inefficient. Programs called computer algebra systems strive to handle these tasks. And if you want to solve the biggest equations in the world, for 33 years one program has stood out: FORM. Developed by the Dutch particle physicist Jos Vermaseren, FORM is a key part of the infrastructure of particle physics, necessary for the hardest calculations. However, as with surprisingly many essential pieces of digital infrastructure, FORM's maintenance rests largely on one person: Vermaseren himself. And at 73, Vermaseren has begun to step back from FORM development. Due to the incentive structure of academia, which prizes published papers, not software tools, no successor has emerged. If the situation does not change, particle physics may be forced to slow down dramatically... Without ongoing development, FORM will get less and less usable — only able to interact with older computer code, and not aligned with how today's students learn to program. Experienced users will stick with it, but younger researchers will adopt alternative computer algebra programs like Mathematica that are more user-friendly but orders of magnitude slower. In practice, many of these physicists will decide that certain problems are off-limits — too difficult to handle. So particle physics will stall, with only a few people able to work on the hardest calculations. In April, Vermaseren is holding a summit of FORM users to plan for the future. They will discuss how to keep FORM alive: how to maintain and extend it, and how to show a new generation of students just how much it can do. With luck, hard work and funding, they may preserve one of the most powerful tools in physics. Thanks to long-time Slashdot reader g01d4 for submitting the story.Read more of this story at Slashdot.

America's Transportation Security Administration "has been quietly testing controversial facial recognition technology for passenger screening at 16 major domestic airports — from Washington to Los Angeles," reports the Washington Post. Their article adds that the agency "hopes to expand it across the United States as soon as next year."Kiosks with cameras are doing a job that used to be completed by humans: checking the photos on travelers' IDs to make sure they're not impostors.... You step up to the travel document checker kiosk and stick your ID into a machine. Then you look into a camera for up to five seconds and the machine compares your live photo to the one it sees on your ID. They call this a "one to one" verification system, comparing one face to one ID. Even though the software is judging if you're an impostor, there's still a human agent there to make the final call (at least for now). So how accurate is it? The TSA says it's been better at verifying IDs than the manual process. "This technology is definitely a security enhancement," said [TSA program manager Jason] Lim. "We are so far very satisfied with the performance of the machine's ability to conduct facial recognition accurately...." But the TSA hasn't actually released hard data about how often its system falsely identifies people, through incorrect positive or negative matches. Some of that might come to light next year when the TSA has to make its case to the Department of Homeland Security to convert airports all over the United States into facial recognition systems.... The TSA says it doesn't use facial recognition for law-enforcement purposes. It also says it minimizes holding on to our face data, so it isn't using the scans to build out a new national database of face IDs. "The scanning and match is made and immediately overwritten at the Travel Document Checker podium. We keep neither the live photo nor the photo of the ID," said Lim. But the TSA did acknowledge there are cases in which it holds on to the data for up to 24 months so its science and technology office can evaluate the system's effectiveness.... "None of this facial recognition technology is mandated," said Lim. "Those who do not feel comfortable will still have to present their ID — but they can tell the officer that they do not want their photo taken, and the officer will turn off the live camera." There are also supposed to be signs around informing you of your rights. Here's the TSA's web page about the program. Thanks to long-time Slashdot reader SonicSpike for sharing the article.Read more of this story at Slashdot.

"FTX Japan is looking to restart withdrawals," reports CoinDesk, "after a plan to return deposits was approved by its parent, the failed FTX exchange." "If the plan works out, the collapsed crypto exchange's users in Japan might be some of the first customers to get their money back...."In a notice posted on its website, FTX Japan said it was able to confirm with the company's bankruptcy lawyers in the U.S. that Japanese customers' funds "should not be part of FTX Japan's estate given how these assets are held and property interests under Japanese law." FTX Japan had been working on the plan to restart withdrawals for the last two weeks, and says it was approved by the FTX Trading management team.... "As part of the plan, we are incorporating controls, security audit, reconciliations and reviews to put in place a robust and secure process," the notice said. Meanwhile, America's Department of Justice "has requested that an independent examiner be appointed to review 'substantial and serious allegations of fraud, dishonesty' and 'incompetence'," reports CNBC: FTX's bankruptcy case demands an independent review, the Department of Justice said, because of allegations of fraud and dishonesty which could damage the entire crypto industry. Andrew Vara, the U.S. bankruptcy trustee for FTX's case, said Sam Bankman-Fried and his team mismanaged the company or potentially engaged in fraudulent conduct. The DOJ is seeking an independent examiner to investigate what happened... Former federal prosecutor Renato Mariotti told CNBC that the move "shows a level of interest and attention that they're paying to this that should be troubling to Mr. Bankman-Fried."Read more of this story at Slashdot.

"Childhood friends in Oman who figured out how to turn carbon dioxide into rock are among five winners chosen for the Prince of Wales's prestigious Earthshot Prize," reports the BBC:The annual awards were created by Prince William to fund projects that aim to save the planet. Each winner will receive £1m ($1.2m) to develop their innovation.... "I believe that the Earthshot solutions you have seen this evening prove we can overcome our planet's greatest challenges," Prince William said during the ceremony. "By supporting and scaling them we can change our future," he said. 1,500 projects were nominated, according to the event's web site. Here's the five winners: A Kenya-based company producing stoves powered by processed biomass (made from charcoal, wood and sugarcane) that "burns cleaner, creating 90% less pollution than an open fire," while cutting fuel costs in half.The Indian startup behind Greenhouse-in-a-box. "Plants in the greenhouse require 98% less water than those outdoors and yields are seven-times higher," explains the site, while the greenhouses themselves are 90% cheaper than a standard greenhouse, "more than doubling farmers' incomes [while] using less water and fewer pesticides."A Queensland-based program to expand the network of rangers using drones to monitor reefs and wildfires while sharing information and innovative ideas.London-based start-up Notpla, which created a plastic alternative made from seaweed and plants that's entirely biodegradable. (The seaweed used in its production also captures carbon twenty-times faster than trees.)The company 44.01 removes CO2 permanently by mineralising it in peridotite, accelerating the natural process by pumping carbonated water into peridotite underground. (Unlike carbon storage, "mineralizing" CO2 removes it forever, making the process safer, cost-effective, and scalable.)Five prizes will be awarded each year until 2030.Read more of this story at Slashdot.

CNN reports on the aftermath of last weekend's protests against the Chinese government:A protester told CNN they received a phone call Wednesday from a police officer, who revealed they were tracked because their cellphone signal was recorded in the vicinity of the protest site.... When they denied being there, the caller asked: "Then why did your cellphone number show up there?" In China, all mobile phone users are required by law to register their real name and national identification number with telecom providers. The protester was also told to report to a police station for questioning and to sign a written record.... In Shanghai, where some of the boldest protests took place with crowds calling for Xi's removal on two consecutive nights, police searched residents' cellphones in the streets and in the subway for VPNs that can be used to circumvent China's internet firewall, or apps such as Twitter and Telegram, which though banned in the country have been used by protesters. Police also confiscated the cellphones of protesters under arrest, according to two protesters who spoke to CNN. A protester who was arrested over the weekend said they were told to hand over their phone and password to the police as "evidence." They said they feared police would export the data on their phone after it was confiscated by officers, who told them they could pick it up a week later. Another protester said police returned their phone upon their release, but officers had deleted the photo album and removed the WeChat social media app. One protester told CNN they successfully avoided being contacted by the police as of Thursady afternoon. During the demonstration, they'd kept their phone in airplane mode.Read more of this story at Slashdot.

An anonymous reader quotes a report from BleepingComputer: A previously undocumented data wiper named CryWiper is masquerading as ransomware, but in reality, destroys data beyond recovery in attacks against Russian mayor's offices and courts. CryWiper was first discovered by Kaspersky this fall, where they say the malware was used in an attack against a Russian organization. [...] CryWiper is a 64-bit Windows executable named 'browserupdate.exe' written in C++, configured to abuse many WinAPI function calls. Upon execution, it creates scheduled tasks to run every five minutes on the compromised machine. Next, it contacts a command and control server (C2) with the name of the victim's machine. The C2 responds with either a "run" or "do not run" command, determining whether the wiper will activate or stay dormant. Kaspersky reports seeing execution delays of 4 days (345,600 seconds) in some cases, likely added in the code to help confuse the victim as to what caused the infection. CryWiper will stop critical processes related to MySQL, MS SQL database servers, MS Exchange email servers, and MS Active Directory web services to free locked data for destruction. Next, the malware deletes shadow copies on the compromised machine to prevent the easy restoration of the wiped files. CryWiper also modifies the Windows Registry to prevent RDP connections, likely to hinder intervention and incident response from remote IT specialists. Finally, the wiper will corrupt all enumerated files except for ".exe", ".dll", "lnk", ".sys", ".msi", and its own ".CRY", while also skipping System, Windows, and Boot directories to prevent rendering the computer completely unusable. After this step, CryWiper will generate ransom notes named 'README.txt,' asking for 0.5 Bitcoin (approximately $8,000) in exchange for a decrypter. Unfortunately, this is a false promise, as the corrupted data cannot be restored.Read more of this story at Slashdot.

Apple has decided to call the software that will run on its upcoming AR/VR headset "xrOS," an update from the original "RealityOS or "rOS" naming the company was planning on, according to Bloomberg. MacRumors reports: The name change comes as Apple begins to prepare for the launch of the headset, which is expected at some point in 2023. The headset will feature its own operating system, much like the Apple TV and the Apple Watch, and it will have a dedicated App Store. "XR" is meant to stand for extended reality, which pertains to both augmented and virtual reality. Rumors indicate that the headset Apple is working on will be "mixed reality" like the Microsoft HoloLens, supporting both augmented and virtual reality capabilities. Augmented reality augments what the user is seeing in the real world, while virtual reality is an entirely digital experience. Apple internally referred to the headset's operating system as "rOS" during the development process, but Bloomberg suggests that xrOS is a less generic name that will allow the headset to stand out more. In addition to confirming the name change with unnamed Apple sources, Bloomberg also discovered that a shell company named Deep Dive LLC has been registering the xrOS name across several countries, and Apple could potentially be behind these filings. Apple often uses shell companies to try to secretly register for trademarks for upcoming products.Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: Last month, a Texas-based company announced that it had successfully deployed the largest-ever commercial communications satellite in low-Earth orbit. This BlueWalker 3 demonstration satellite measures nearly 65 square meters, or about one-third the size of a tennis court. Designed and developed by AST SpaceMobile, the expansive BlueWalker 3 satellite is intended to demonstrate the ability of standard mobile phones to directly connect to the Internet via satellite. Large satellites are necessary to connect to mobile devices without a ground-based antenna. [...] Since BlueWalker3's launch in September, astronomers have been tracking the satellite, and their alarm was heightened following its antenna deployment last month. According to the International Astronomical Union, post-deployment measurements showed that BlueWalker 3 had an apparent visual magnitude of around 1 at its brightest, which is nearly as bright as Antares and Spica, the 15th and 16th brightest stars in the night sky. For a few years, astronomers have been expressing concerns about megaconstellations, such as SpaceX's Starlink satellites. While these are more numerous -- there are more than 3,000 Starlink satellites in orbit -- they are much smaller and far less bright than the kinds of satellites AST plans to launch. Eventually, AST plans to launch a constellation of 168 large satellites to provide "substantial" global coverage, a company spokesperson said. Even one is enough for astronomers, however. "BlueWalker 3 is a big shift in the constellation satellite issue and should give us all reason to pause," said Piero Benvenuti, a director at the International Astronomical Union. The organization of astronomers is also concerned about the potential for radio interference from these "cell phone towers in space." They will transmit strong radio waves at frequencies currently reserved for terrestrial cell phone communications but are not subject to the same radio quiet zone restrictions that ground-based cellular networks are. This could severely impact radio astronomy research -- which was used to discover cosmic microwave background radiation, for example -- as well as work in related fields. Astronomers currently build their radio astronomy observatories in remote areas, far from cell tower interference. They are worried that these large, radio-wave transmitting satellites will interfere in unpopulated areas. "We are eager to use the newest technologies and strategies to mitigate possible impacts to astronomy," AST said in a statement to Ars. "We are actively working with industry experts on the latest innovations, including next-generation anti-reflective materials. We are also engaged with NASA and certain working groups within the astronomy community to participate in advanced industry solutions, including potential operational interventions." AST is "committed to avoiding broadcasts inside or adjacent to the National Radio Quiet Zone in the United States [...] as well as additional radioastronomy locations," adds Ars.Read more of this story at Slashdot.

An anonymous reader quotes a report from Forbes: Lawyers representing Norwegian World Chess Champion Magnus Carlsen and online chess platform Chess.com asked a federal judge Friday to toss a $100 million lawsuit filed by chess grandmaster Hans Niemann in October, which marked a dramatic escalation of tensions over cheating allegations levied against the 19-year-old American. The motion to dismiss argued the teenager spent years "trying to curate a reputation as the bad boy of chess" and "now wants to cash in by blaming others" after the allegations derailed his chess career. Niemann acknowledged he cheated during a handful of matches as a young teen but an October report from Chess.com determined he "likely cheated" more than 100 times in online chess matches, after Carlsen released a statement in September saying Niemann "has cheated more -- and more recently -- than he has publicly admitted." Niemann stated in his defamation lawsuit the claims are a conspiracy from the chess community's establishment to smear him after he defeated Carlsen -- the five-time defending world champion -- during a tournament in St. Louis on September 4. The teen claimed the alleged conspiracy was an attempt to save Carlsen, 32, from reputational damage after Chess.com agreed to purchase his "Play Magnus" app for $83 million in August. Friday's motion stated all of Niemann's claims are without merit, arguing he has not disproved the cheating allegations or offered evidence to back up his conspiracy assertion. The lawsuit, filed in the Eastern District of Missouri, also named Chess.com executive Daniel Rensch and a website streaming partner, Hikaru Nakamura, as defendants. "Niemann now seeks to shift blame to reigning World Chess Champion Magnus Carlsen and others, claiming a wholly implausible conspiracy to defame and boycott Niemann that somehow damaged his already dubious reputation to the tune of $100 million," the motion to dismiss states.Read more of this story at Slashdot.

Prime Video has supplanted Netflix as the No. 1 subscription streaming outlet in the U.S. in an annual ranking compiled by research firm Parks Associates. Deadline reports: The company didn't disclose its methodology for how it isolates the number of Prime Video subscribers, a metric long cloaked in secrecy due to Amazon's general reluctance to disclose statistics about its Prime business. Still, Parks has been a reputable tracker of the streaming space for more than a decade. For many years in the 2010s, its rankings looked consistent, with the former "Big 3" of Netflix, Prime Video and Hulu sharing the top three spots, always with Netflix at the top. Today, the rankings are much more fragmented given how many new players have entered the scene. The list reflects total subscribers through September 2022, via the OTT Video Market Tracker, a Parks offering described by the firm as "an exhaustive analysis of market trends and profiles of the nearly 100 over-the-top video service providers in the U.S. and Canada." Amazon said last year it has more than 200 million Prime members, with Prime Video among the program's benefits. Several weeks ago, the company also recently said The Lord of the Rings: The Rings of Power has been viewed by more than 100 million Prime subscribers worldwide. [...] Netflix, meanwhile, has hit a plateau in the U.S., even shedding a small amount of subscribers over recent quarters. The company reported 73.4 million subscribers in the U.S. and Canada as of September 30, up 100,000 from the previous quarter but below levels in 2021 and earlier this year. On a global basis, of course, Netflix continues to lead the field with a bit more than 223 million subscribers. Disney has been hot on its heels, with Disney+ now at 164.2 million and the company overall reaching 235.7 million across Disney+, Hulu and ESPN+. The rest of the 2022 chart looks relatively similar to the 2021 edition, though NBCUniversal's Peacock broke through to take the No. 10 spot as Showtime dropped out of the picture.Read more of this story at Slashdot.

Apple's iPhone 14 Emergency SOS via Satellite Feature was put to the test in Alaska yesterday, when a man became stranded in a rural area. MacRumors reports: In the early hours of the morning on December 1, Alaska State Troopers received an alert that a man traveling by snow machine from Noorvik to Kotzebue had become stranded. The man was in a cold, remote location with no connectivity, and he activated the Emergency SOS via satellite feature on his iPhone 14 to alert authorities to his predicament. Apple's Emergency Response Center worked with local search and rescue teams and the Northwest Arctic Borough Search and Rescue Coordinator to send out volunteer searchers directly to the GPS coordinates that were relayed to Apple using the emergency function. The man was rescued successfully and there were no injuries. The area where he was located is remote and on the fringes of where satellite connectivity is available. Apple says that satellite connectivity might not work in places above 62 degrees latitude, such as northern parts of Canada and Alaska, and Noorvik and Kotzebue are close to 69 degrees latitude. Troopers who helped with the rescue were "impressed with the accuracy and completeness of information included in the initial alert," with the Emergency SOS via Satellite feature designed to ask several questions ahead of when an alert is sent out to expedite rescue missions.Read more of this story at Slashdot.

Electrek recaps yesterday's Tesla's Semi Delivery Event in Nevada: As expected, Tesla delivered the first electric trucks to PepsiCo, a long-time reservation holder, and held a presentation to reveal more details about the production version of the Tesla Semi. There wasn't any big surprise during the presentation. Tesla basically delivered on its original promises made in 2017 when it first unveiled the prototypes of the Tesla Semi. Despite the lack of major changes, it's still a big moment since the electric truck has the potential to change the trucking industry for good by eliminating emissions and significantly reducing costs. In terms of the technology powering the truck, things have changed since the original prototypes, but not in any major ways. Tesla is now using a tri-motor drivetrain that is basically the same as in the Model S and Model X Plaid. Dan Priestley, Tesla Semi Program manager, explained that Tesla is using one of the motors for cruising speed geared toward peak efficiency at highway speeds and the two other motors are used for torque when accelerating in order to create a smooth driving experience never seen in a class 8 truck before. To prove the capacity, Tesla shared a very impressive video of a Tesla Semi loaded at 82,000 lb. passing a diesel truck at 6% incline on the Donner Pass as if it's nothing: Tesla promised a range of 500 miles with a full load five years ago, and it delivered on the promise. Tesla shared data on a 500-mile trip with a full load of just under 82,000 lb. total with the tractor. It started out in the Bay Area with a 97% state of charge and ended up in San Diego with still 4% charge. Tesla reiterated that it can achieve a less-than-2 kWh-per-mile efficiency, which means that trucking companies can achieve up to $70,000 in fuel savings per year depending on their cost of electricity. Once the battery pack is depleted after 500 miles or so, you can expect blazing-fast charging thanks to the new 1-megawatt charging technology developed by Tesla. The automaker also said it will make it to the Cybertruck. In an updated article, Electrek's Fred Lambert says Musk confirmed Tesla Semi's efficiency at 1.7 kWh per mile, "which means it has a roughly 900 kWh battery pack." Tesla didn't reveal the weight of the actual truck or the price. "In 2017, Tesla said the trucks would be $150,000, $180,000, and $200,000, depending on the model, but those prices are expected to have changed over the last five years," reports Lambert.Read more of this story at Slashdot.

An anonymous reader quotes a report from Reuters: An Australian law giving the government power to make internet giants Facebook owner Meta and Alphabet's Google negotiate content supply deals with media outlets has largely worked, a government report said. But the law, which took effect in March 2021 after talks with the big tech firms led to a brief shutdown of Facebook news feeds in the country, may need to be extended to other online platforms, the review said. Since the News Media Bargaining Code (PDF) took effect, the tech firms had inked more than 30 deals with media outlets compensating them for content which generated clicks and advertising dollars, said the Treasury department report, published late Thursday. "At least some of these agreements have enabled news businesses to, in particular, employ additional journalists and make other valuable investments to assist their operations," said the report. "While views on the success or otherwise of the Code will invariably differ, we consider it is reasonable to conclude that the Code has been a success to date." The report mostly recommended that the government consider new methods of assessing the administration and effectiveness of the law, and did not suggest changing the law itself. But it did note the law lacked "a formal mechanism to extend the Code to other platforms", and suggested the government order the competition regulator, which led the design of the law, to "prepare reports on this question." Google director of government affairs and public policy in Australia Lucinda Longcroft said the company had "furthered our significant contribution to the Australian news industry" by signing deals representing 200 mastheads across the country and "the majority of these outlets are regional or local."Read more of this story at Slashdot.

Beerismydad shares a report from the Associated Press: Former U.S. intelligence contractor Edward Snowden, who fled prosecution after revealing highly classified surveillance programs, has received a Russian passport and taken the citizenship oath, Russian news agencies quoted his lawyer as saying Friday. Lawyer Anatoly Kucherena was reported as saying that Snowden got the passport and took the oath on Thursday, about three months after Russian President Vladimir Putin granted him citizenship. The reports did not specify whether Snowden has renounced his U.S. citizenship. The United States revoked his passport in 2013, leading to Snowden being stranded in a Moscow airport for weeks after arriving from Hong Kong, aiming to reach Ecuador. Russia eventually granted him permanent residency. He married American Lindsay Mills in 2017 and the couple has two children. Further reading: Should the U.S. Pardon Edward Snowden?Read more of this story at Slashdot.

Huawei has confirmed the existence of a smartwatch it's working on featuring a pair of built-in wireless earbuds. "Huawei's account on Chinese Twitter-like site Weibo announced the existence of the device on Wednesday and promised all would be revealed on December 2," reports The Register. "But Huawei has since postponed its Winter 2022 consumer kit launch for unexplained reasons." You can view a teaser video on YouTube. The Verge adds: As the name suggests, the Huawei Watch Buds are a pair of earbuds concealed within a smartwatch that looks similar to the Huawei Watch 3. Details are a little sparse so there's no word yet on what kind of performance or battery life you can expect from either of the products, but the watch itself does appear to be running HarmonyOS. The earbuds don't seem to resemble any previous Huawei products, sporting a bare-bones black and silver design. While the concept feels more than a little gimmicky, it could be a neat solution for runners and other sporty folks who don't want to carry a separate earbud case during a workout. (If they don't mind the extra bulk on their wrists.) [...] Addressing the elephant in the room, it's unlikely that you'll be able to buy this wacky gadget in the US anyway, regardless of its legitimacy. Huawei products have been effectively banned in the country since the company was placed on the Commerce Department's Bureau of Industry and Security Entity list in 2019.Read more of this story at Slashdot.

An anonymous reader quotes a report from TechCrunch: The Cuba ransomware gang extorted more than $60 million in ransom payments from victims between December 2021 and August 2022, a joint advisory from CISA and the FBI has warned. The latest advisory is a follow-up to a flash alert (PDF) released by the FBI in December 2021, which revealed that the gang had earned close to $44 million in ransom payments after attacks on more than 49 entities in five critical infrastructure sectors in the United States. Since, the Cuba ransomware gang has brought in an additional $60 million from attacks against 100 organizations globally, almost half of the $145 million it demanded in ransom payments from these victims. "Since the release of the December 2021 FBI Flash, the number of U.S. entities compromised by Cuba ransomware has doubled, with ransoms demanded and paid on the increase," the two federal agencies said on Thursday. Cuba ransomware actors, which have been active since 2019, continue to target U.S. entities in critical infrastructure, including financial services, government facilities, healthcare and public health, critical manufacturing and information technology. [...] FBI and CISA added that the ransomware gang has modified its tactics, techniques and procedures since the start of the year and has been linked to the RomCom malware, a custom remote access trojan for command and control, and the Industrial Spy ransomware. The advisory notes that the group -- which cybersecurity company Profero previously linked to Russian-speaking hackers -- typically extorts victims by threatening to leak stolen data. While this data was typically leaked on Cuba's dark web leak site, it began selling stolen data on Industrial Spy's online market in May this year. CISA and the FBI are urging at-risk organizations to prioritize patching known exploited vulnerabilities, to train employees to spot and report phishing attacks and to enable and enforce phishing-resistant multi-factor authentication.Read more of this story at Slashdot.

A security flaw on the Florida Department of Revenue website exposed at least hundreds of taxpayers' Social Security numbers and bank account numbers, a security researcher found. From a report: Kamran Mohsin said the security flaw -- now fixed -- allowed him, or anyone else who was logged in to the state's business tax registration website, to access, modify and delete the personal data of business owners whose information is on file with the state's tax authority by modifying the part of the web address that contains the taxpayers' application number. Mohsin said that application numbers are sequential, allowing anyone to enumerate taxpayers' information by incrementing the application number by a single digit. Mohsin said there were more than 713,000 applications in the system, which the department did not dispute when reached for comment.Read more of this story at Slashdot.

A group of federal cyber advisers is putting a suspected teen hacking group under the microscope in the second investigation ever conducted by the Cyber Safety Review Board. From a report: The Department of Homeland Security review board -- a group of 15 federal government and private-sector cyber experts -- announced Friday morning that it will study and provide recommendations to fend off the hacking techniques behind the Lapsus$ data extortion group. The Cyber Safety Review Board first investigated and released a report with security recommendations in July about the Log4j open-source software vulnerability that affected millions of devices last year. Lapsus$, which has been outed as a teenage hacking group, is believed to be behind data breaches at Uber, Rockstar Games, Microsoft, Okta and other major companies earlier this year. Data extortion groups break into a company's systems, steal prized information like source codes, and then demand a payment from the company to stop them from leaking the stolen information. Specifically, Lapsus$ targets companies through MFA fatigue, where they use stolen login credentials to log in to a network and then spam account owners with two-factor authentication requests on their phones until they accept one. Suspected members of the gang are believed to be based in the U.K. and have been arrested several times throughout the year.Read more of this story at Slashdot.

guest reader writes: Chipmaker Intel is offering staff in Ireland the opportunity to take three months' leave from their jobs, with the catch being that it is unpaid. The move is part of cost saving measures at the company. According to various reports in the Irish media, thousands of workers at Intel's manufacturing plant in Leixlip, County Kildare, were offered three months' voluntary unpaid leave in a bid to lower overheads. The move follows Intel's announcement in October that it planned to lay off an unspecified number of employees worldwide, and even ditch some product lines, in response to a worsening economic situation. These plans are part of a massive reduction in spending, with Intel looking slash $3 billion annually starting next year and by between $8 billion and $10 billion by 2025. However, this isn't going to stop the chipmaker from continuing to invest in building new chip manufacturing plants, as Intel confirmed this week when the company reiterated its commitment to manufacturing expansions in the US and in Europe that are set to cost billions of dollars. In an official statement sent to The Register, Intel said it was taking steps to reduce costs and improve efficiencies detailed during its recent earnings call, while protecting the investments needed to position the company for long-term growth.Read more of this story at Slashdot.

An anonymous reader shares a report: Nvidia's new RTX 4090 and 4080 GPUs both use a new connector called 12VHPWR to deliver power as a way to satisfy ever-more power-hungry graphics cards without needing to set aside the physical space required for three or four 8-pin power connectors. But that power connector and its specifications weren't created by Nvidia alone -- to ensure interoperability, the spec was developed jointly by the PCI Express Special Interest Group (PCI-SIG), a body that includes Nvidia, AMD, Intel, Arm, IBM, Qualcomm, and others. But the overheating and melting issues experienced by some RTX 4090 owners recently have apparently prompted the PCI-SIG to clarify exactly which parts of the spec it is and is not responsible for. In a statement reported by Tom's Hardware, the group sent its members a reminder that they, not the PCI-SIG, were responsible for safety testing products using connector specs like 12VHPWR. "Members are reminded that PCI-SIG specifications provide necessary technical information for interoperability and do not attempt to address proper design, manufacturing methods, materials, safety testing, safety tolerances, or workmanship," the statement reads. "When implementing a PCI-SIG specification, Members are responsible for the design, manufacturing, and testing, including safety testing, of their products."Read more of this story at Slashdot.

Google is shutting down Duplex on the Web, its AI-powered set of services that navigated sites to simplify the process of ordering food, purchasing movie tickets and more. From a report: According to a note on a Google support page, Google on the Web and any automation features enabled by it will no longer be supported as of this month. Google introduced Duplex on the Web, an outgrowth of its call-automating Duplex technology, during its 2019 Google I/O developer conference. To start, it was focused on a couple of narrow use cases, including opening a movie theater chain's website to fill out all of the necessary information on a user's behalf -- pausing to prompt for choices like seats. But Duplex on the Web later expanded to passwords, helping users automatically change passwords exposed in a data breach, as well as assisted checkout for ecommerce retailers, flight check-in for airline sites and automatic discount finding. The promise of Duplex on the Web was that you'd be able to issue Google Assistant a command like "Book me a car from Hertz" and have Duplex pull up the relevant web page and automatically fill in details like your name, car preferences, trip dates, payment information (using information from Gmail and Chrome autofill), and more.Read more of this story at Slashdot.

The U.S. Army allocated millions of dollars to sponsor a wide range of esports tournaments, individual high profile Call of Duty streamers, and Twitch events in the last year to specifically grow its audience with Gen-Z viewers, and especially women and Black and Hispanic people, according to internal Army documents obtained by Motherboard. From the report: In many cases the sponsorships ultimately did not happen -- the Army ordered a stop of all spending with Call of Duty's publisher Activision after the company faced a wave of sexual harrassment complaints. But the documents provide much greater insight into the Army's goals and intentions behind its planned integrations with Call of Duty and other massive entertainment franchises. "Audience: Gen-Z Prospects (A18-24)," one section of the documents read. "Focus on the growth of females, Black & Hispanics." Motherboard obtained the documents through the Freedom of Information Act (FOIA). A table included in the documents lists the funds the Army planned to spend on various platforms, events, and streamers. At the top, is Twitch and its HBCU [Historically Black Colleges and Universities] Showdown. Previous seasons of this esports league had players compete in Madden and NBA games. The Army planned to spend $1 million on sponsoring the event. The documents show that the U.S. military considered gaming and, in particular, Call of Duty, as a potentially useful branding and recruiting tool.Read more of this story at Slashdot.

"Rust is awesome, for certain things. But think twice before picking it up for a startup that needs to move fast," Matt Welsh, co-founder and chief executive of Fixie.ai and former Google engineering director, writes in a blog post. From the post: I hesitated writing this post, because I don't want to start, or get into, a holy war over programming languages. (Just to get the flame bait out of the way, Visual Basic is the best language ever!) But I've had a number of people ask me about my experience with Rust and whether they should pick up Rust for their projects. So, I'd like to share some of the pros and cons that I see of using Rust in a startup setting, where moving fast and scaling teams is really important. Right up front, I should say that Rust is very good at what it's designed to do, and if your project needs the specific benefits of Rust (a systems language with high performance, super strong typing, no need for garbage collection, etc.) then Rust is a great choice. But I think that Rust is often used in situations where it's not a great fit, and teams pay the price of Rust's complexity and overhead without getting much benefit. My primary experience from Rust comes from working with it for a little more than 2 years at a previous startup. This project was a cloud-based SaaS product that is, more-or-less, a conventional CRUD app: it is a set of microservices that provide a REST and gRPC API endpoint in front of a database, as well as some other back-end microservices (themselves implemented in a combination of Rust and Python). Rust was used primarily because a couple of the founders of the company were Rust experts. Over time, we grew the team considerably (increasing the engineering headcount by nearly 10x), and the size and complexity of the codebase grew considerably as well. As the team and codebase grew, I felt that, over time, we were paying an increasingly heavy tax for continuing to use Rust. Development was sometimes sluggish, launching new features took longer than I would have expected, and the team was feeling a real productivity hit from that early decision to use Rust. Rewriting the code in another language would have, in the long run, made development much more nimble and sped up delivery time, but finding the time for the major rewrite work would have been exceedingly difficult. So we were kind of stuck with Rust unless we decided to bite the bullet and rewrite a large amount of the code. Rust is supposed to be the best thing since sliced bread, so why was it not working so well for us? [...] Despite being some of the smartest and most experienced developers I had worked with, many people on the team (myself included) struggled to understand the canonical ways to do certain things in Rust, how to grok the often arcane error messages from the compiler, or how to understand how key libraries worked (more on this below). We started having weekly "learn Rust" sessions for the team to help share knowledge and expertise. This was all a significant drain on the team's productivity and morale as everyone felt the slow rate of development. As a comparison point of what it looks like to adopt a new language on a software team, one of my teams at Google was one of the first to switch entirely from C++ to Go, and it took no more than about two weeks before the entire 15-odd-person team was quite comfortably coding in Go for the first time.Read more of this story at Slashdot.

Maersk and IBM will wind down their shipping blockchain TradeLens by early 2023, ending the pair's five-year project to improve global trade by connecting supply chains on a permissioned blockchain. From a report: TradeLens emerged during the "enterprise blockchain" era of 2018 as a high-flying effort to make inter-corporate trade more efficient. Open to shipping and freight operators, its members could validate the transaction of goods as recorded on a transparent digital ledger. The idea was to save its member-shipping companies money by connecting their world. But the network was only as strong as its participants; despite some early wins, TradeLens ultimately failed to catch on with a critical mass of its target industry. "TradeLens has not reached the level of commercial viability necessary to continue work and meet the financial expectations as an independent business," Maersk Head of Business Platforms Rotem Hershko said in a statement.Read more of this story at Slashdot.

Japanese camera manufacturers are bidding farewell to a once-major component of their operations, with Panasonic Holdings and Nikon suspending development of entry-level point-and-shoot cameras under their flagship brands. From a report: The companies will instead focus resources on pricier mirrorless models going forward, aiming to navigate a market upended by smartphones. Casual photographers flocked to compact digital cameras in the mid- to late 1990s, embracing their affordability and portability compared with single-lens reflex cameras. Global shipments reached 110 million units in 2008, according to the Camera & Imaging Products Association (CIPA). But as the iPhone and other camera-equipped smartphones won general consumers over, the camera industry fell off a cliff. Global shipments of compact digital cameras plunged 97% from the 2008 level to just 3.01 million units in 2021. Panasonic has been scaling back its model offerings in Lumix compact digital cameras, which debuted in 2001 and enjoyed high spots in domestic rankings at one point. The company has not released any new product for the price range below 50,000 yen ($370 at current rates) or so since 2019 and has no plans to develop a low-priced model going forward. "We've halted developing any new models that can be replaced by a smartphone," a spokesperson said. Panasonic will continue production of current offerings. But its focus going forward will be on developing high-end mirrorless cameras for photography enthusiasts and professionals. Nikon has suspended development of new compact models in its Coolpix line. It now offers just two models with high-powered lenses but it is "closely monitoring market trends" to determine production volumes going forward, according to an official. Nikon has also withdrawn from development of SLR cameras to specialize in upmarket mirrorless single-lens models. These companies are following in rivals' footsteps. Fujifilm has discontinued production of its FinePix compact cameras and will develop only the X100V series and other pricier models.Read more of this story at Slashdot.

America's newest nuclear stealth bomber is making its public debut after years of secret development and as part of the Pentagon's answer to rising concerns over a future conflict with China. From a report: The B-21 Raider is the first new American bomber aircraft in more than 30 years. Almost every aspect of the program is classified. Ahead of its unveiling Friday at an Air Force facility in Palmdale, California, only artists' renderings of the warplane have been released. Those few images reveal that the Raider resembles the black nuclear stealth bomber it will eventually replace, the B-2 Spirit. The bomber is part of the Pentagon's efforts to modernize all three legs of its nuclear triad, which includes silo-launched nuclear ballistic missiles and submarine-launched warheads, as it shifts from the counterterrorism campaigns of recent decades to meet China's rapid military modernization. China is on track to have 1,500 nuclear weapons by 2035, and its gains in hypersonics, cyber warfare, space capabilities and other areas present "the most consequential and systemic challenge to U.S. national security and the free and open international system," the Pentagon said this week in its annual China report.Read more of this story at Slashdot.

Meta is urging policymakers to hold off on creating new rules governing the metaverse. From a report: In a policy paper released Friday, Meta argues that many of the world's existing laws and regulations will also apply to activity in the metaverse -- a catch-all term that refers to an immersive virtual world that doesn't yet exist in which users could someday work, play games, shop and interact. Edward Bowles, Meta's head of fintech policy, told reporters that regulators could "stymie innovation" if they create an entirely new regulatory scheme for the metaverse. It's common for corporations, particularly Silicon Valley titans, to discourage politicians from creating new regulations. But in recent years, lawmakers have become interested in reining in the biggest tech companies -- including their investments in virtual reality. The paper is an effort by Meta to shape future legislation impacting the metaverse, a technology so central to the company's mission that it rebranded to "Meta" from "Facebook" last year.Read more of this story at Slashdot.

A little over a year after buzzy coding bootcamp Lambda School rebranded as Bloom Institute of Technology, the venture-backed startup is conducting massive layoffs, TechCrunch reported, citing sources. From the report: The workforce reduction, per people familiar with the matter, has impacted half of the company's staff across content, product, data and engineering teams. The layoff is expected to have impacted around 88 employees, using metrics provided in BloomTech's 2022 diversity report metrics. Employees were called into an All Hands meeting this morning in which BloomTech CEO Austen Allred notified staff of the impending layoffs. After the meeting, those impacted were notified via e-mail. According to documents seen by TechCrunch, employees will get normal pay and medical benefits until January 31, 2023 and are "expected to work" through that period. Those laid off were also offered optional time with managers to talk.Read more of this story at Slashdot.

An automated status updater for Slack isn't the only thing Mozilla acquired this week. From a report: On Wednesday, the company announced that it snatched up Active Replica, a Vancouver-based startup developing a "web-based metaverse." According to Mozilla SVP Imo Udom, Active Replica will support Mozilla's ongoing work with Hubs, the latter's VR chatroom service and open source project. Specifically, he sees the Active Replica team working on personalized subscription tiers, improving the onboarding experience and introducing new interaction capabilities in Hubs. "Together, we see this as a key opportunity to bring even more innovation and creativity to Hubs than we could alone," Udom said in a blog post. "We will benefit from their unique experience and ability to create amazing experiences that help organizations use virtual spaces to drive impact. They will benefit from our scale, our talent, and our ability to help bring their innovations to the market faster." Active Replica was founded in 2020 by Jacob Ervin and Valerian Denis. Ervin is a software engineer by trade, having held roles at AR/VR startups Metaio, Liminal AR and Occipital. Denis has a history in project management -- he worked for VR firms including BackLight, which specializes in location-based and immersive VR experiences for brands.Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: Hive Social, a social media platform that has seen meteoric growth since Elon Musk took over Twitter, abruptly shut down its service on Wednesday after a security advisory warned the site was riddled with vulnerabilities that exposed all data stored in user accounts. "The issues we reported allow any attacker to access all data, including private posts, private messages, shared media and even deleted direct messages," the advisory, published on Wednesday by Berlin-based security collective Zerforschung, claimed. "This also includes private email addresses and phone numbers entered during login." The post went on to say that after the researchers privately reported the vulnerabilities last Saturday, many of the flaws they reported remained unpatched. They headlined their post "Warning: do not use Hive Social." Hive Social responded by pulling down its entire service. "The Hive team has become aware of security issues that affect the stability of our application and the safety of our users," company officials wrote. "Fixing these issues will require temporarily turning off our servers for a couple of days while we fix this for a better and safer experience." Technical details are being withheld to prevent the active exploitation of them by malicious hackers. According to Business Insider, Hive Social's user base has doubled in the last few weeks, going from about 1 million to 2 million as of last week. The site is only being staffed by two people, "neither of whom had much of a background in security," reports Ars.Read more of this story at Slashdot.

Scientists hoping to harness nuclear fusion -- the same energy source that powers the Sun and other stars -- have confirmed that magnetic fields can enhance the energy output of their experiments, reports a new study. The results suggest that magnets may play a key role in the development of this futuristic form of power, which could theoretically provide a virtually limitless supply of clean energy. Motherboard reports: Fusion power is generated by the immense energy released as atoms in extreme environments merge together to create new configurations. The Sun, and all the stars in the night sky, are fueled by this explosive process, which occurs in their cores at incredibly high temperatures and pressures. Scientists have spent roughly a century unraveling the mechanics of nuclear fusion in nature, and trying to artificially replicate this starry mojo in laboratories. Now, a team at the National Ignition Facility (NIF), which is a fusion experiment based at the U.S. Department of Energy's Lawrence Livermore National Laboratory, has reported that the magnetic fields can boost the temperature of the fusion "hot spot" in experiments by 40 percent and more than triple its energy output, which is "approaching what is required for fusion ignition" according to a study published this month in Physical Review Letters. "The magnetic field comes in and acts kind of like an insulator," said John Moody, a senior scientist at the NIF who led the study, in a call with Motherboard. "You have what we call the hot spot. It's millions of degrees, and around it is just room temperature. All that heat wants to flow out because heat always goes from the hot to the cold and the magnetic field prevents that from happening." "When we go in and we put the magnetic field on this hotspot, and we insulate it, now that heat stays in there, and so we're able to get the hot spot to a higher temperature," he continued. "You get more [fusion] reactions as you go up in temperature, and that's why we see this improvement in the reactivity." The hot spots in the NIF's fusion experiments are created by shooting nearly 200 lasers at a tiny pellet of fuel made of heavier isotopes (or versions) of hydrogen, such as deuterium and tritium. These laser blasts generate X-rays that make the small capsule implode, producing the kinds of extreme pressures and temperatures that are necessary for the isotopes to fuse together and release their enormous stores of energy. NIF has already brought their experiments to the brink of ignition, which is the point at which fusion reactions become self-sustaining in plasmas. The energy yields created by these experiments are completely outweighed by the energy that it takes to make these self-sustaining reactions in the plasmas in the first place. Still, achieving ignition is an important step toward creating a possible "breakeven" system that produces more energy output than input. Moody and his colleagues developed their magnetized experiment at NIF by wrapping a coil around a version of the pellet made with specialized metals.Read more of this story at Slashdot.

The Viking 1 lander arrived on the Martian surface 46 years ago to investigate the planet. It dropped down into what was thought to be an ancient outflow channel. Now, a team of researchers believes they've found evidence of an ancient megatsunami that swept across the planet billions of years ago, less than 600 miles from where Viking landed. Gizmodo reports: In a new paper published today in Scientific Reports, a team identified a 68-mile-wide impact crater in Mars' northern lowlands that they suspect is leftover from an asteroid strike in the planet's ancient past. "The simulation clearly shows that the megatsunami was enormous, with an initial height of approximately 250 meters, and highly turbulent," said Alexis Rodriguez, a researcher at the Planetary Science Institute and lead author of the paper, in an email to Gizmodo. "Furthermore, our modeling shows some radically different behavior of the megatsunami to what we are accustomed to imagining." Rodriguez's team studied maps of the Martian surface and found the large crater, now named Pohl. Based on Pohl's position on previously dated rocks, the team believes the crater is about 3.4 billion years old -- an extraordinarily long time ago, shortly after the first signs of life we know of appeared on Earth. According to the research team's models, the asteroid impact could have been so intense that material from the seafloor may have dislodged and been carried in the water's debris flows. Based on the size of the crater, the team believes the impacting asteroid could have been 1.86 miles wide or 6 miles wide, depending on the amount of ground resistance the asteroid encountered. The impact could have released between 500,000 megatons and 13 million megatons of TNT energy (for comparison, the Tsar Bomba nuclear test was about 57 megatons of TNT energy.) "A clear next step is to propose a landing site to investigate these deposits in detail to understand the ocean's evolution and potential habitability," Rodriguez said. "First, we would need a detailed geologic mapping of the area to reconstruct the stratigraphy. Then, we need to connect the surface modification history to specific processes through numerical modeling and analog studies, including identifying possible mud volcanoes and glacier landforms."Read more of this story at Slashdot.

An anonymous reader quotes a report from Motherboard: Motility -- the scientific term for being able to move independently -- is one of the most important features for living organisms on Earth. But where cells' ability to move came from has been a mystery for many scientists. However, new research in which scientists created the world's smallest moving organism provides one idea of how cell motility came to be. As the authors write in their paper, "motility is observed in various phyla and arguably one of the major determinants of survival." According to the paper, cell motility is believed to originate from small movements of housekeeping proteins that are transmitted to a cell, but the proposed process hasn't been experimentally demonstrated. Their study is thus a way to test out this theory. In this experiment, the researchers genetically engineered a synthetic bacterium named JCVI-syn-3b, or syn-3, which is non-motile. To reconstitute syn-3, the group introduced seven genes that code for proteins that are likely involved in the swimming motion of Spiroplasma bacteria. Spiroplasma is a small bacteria known to "swim" by essentially switching around its cytoskeleton. The proteins introduced evolved from the bacterial actin protein MreB. Actin are multi-functional proteins that are often responsible for motility in cells. In an email to Motherboard, Miyata confirmed that prior to this experiment, nobody had succeeded in making a motile minimal synthetic bacterium. By introducing the proteins responsible for motility in Spiroplasma into syn-3, the researchers were able to make the previously non-motile bacteria swim, as evident in a video published on the University's YouTube account. The researchers also wanted to see how the expression of different combinations of the motility genes would affect the genetically engineered bacteria to swim. In doing so, they found that the expression of only two proteins was necessary for promoting motility in syn-3, likely indicating that many of the proteins were redundant and demonstrating a minimal system for motility. "To the best of our knowledge, the motility system comprising only two actin superfamily proteins is the smallest system established till date," the authors write. "Therefore, we may call this a 'minimal motile cell.'" Although this study is primarily a proof of concept, it gives scientists a better understanding of how cell motility could have potentially originated and evolved. "In addition to the sheer novelty of creating such a smol swimmer, the new study sheds light on the origin of movement in the first mobile lifeforms that arose on Earth," adds Motherboard. "For instance, Miyata said that the actin protein MreB is not involved in the motility of many other bacterial species, which confirms that there are multiple different evolutionary pathways that led to microbial movement." The study has been published in the journal Science Advances.Read more of this story at Slashdot.

OpenAI has released a prototype general purpose chatbot that demonstrates a fascinating array of new capabilities but also shows off weaknesses familiar to the fast-moving field of text-generation AI. And you can test out the model for yourself right here. The Verge reports: ChatGPT is adapted from OpenAI's GPT-3.5 model but trained to provide more conversational answers. While GPT-3 in its original form simply predicts what text follows any given string of words, ChatGPT tries to engage with users' queries in a more human-like fashion. As you can see in the examples below, the results are often strikingly fluid, and ChatGPT is capable of engaging with a huge range of topics, demonstrating big improvements to chatbots seen even a few years ago. But the software also fails in a manner similar to other AI chatbots, with the bot often confidently presenting false or invented information as fact. As some AI researchers explain it, this is because such chatbots are essentially "stochastic parrots" -- that is, their knowledge is derived only from statistical regularities in their training data, rather than any human-like understanding of the world as a complex and abstract system. [...] Enough preamble, though: what can this thing actually do? Well, plenty of people have been testing it out with coding questions and claiming its answers are perfect. ChatGPT can also apparently write some pretty uneven TV scripts, even combining actors from different sitcoms. It can explain various scientific concepts. And it can write basic academic essays.And the bot can combine its fields of knowledge in all sorts of interesting ways. So, for example, you can ask it to debug a string of code ... like a pirate, for which its response starts: "Arr, ye scurvy landlubber! Ye be makin' a grave mistake with that loop condition ye be usin'!" Or get it to explain bubble sort algorithms like a wise guy gangster. ChatGPT also has a fantastic ability to answer basic trivia questions, though examples of this are so boring I won't paste any in here. And someone else saying the code ChatGPT provides in the very answer above is garbage. I'm not a programmer myself, so I won't make a judgment on this specific case, but there are plenty of examples of ChatGPT confidently asserting obviously false information. Here's computational biology professor Carl Bergstrom asking the bot to write a Wikipedia entry about his life, for example, which ChatGPT does with aplomb -- while including several entirely false biographical details. Another interesting set of flaws comes when users try to get the bot to ignore its safety training. If you ask ChatGPT about certain dangerous subjects, like how to plan the perfect murder or make napalm at home, the system will explain why it can't tell you the answer. (For example, "I'm sorry, but it is not safe or appropriate to make napalm, which is a highly flammable and dangerous substance.") But, you can get the bot to produce this sort of dangerous information with certain tricks, like pretending it's a character in a film or that it's writing a script on how AI models shouldn't respond to these sorts of questions.Read more of this story at Slashdot.

Last year, Google announced Android Open Source Project (AOSP) support for Rust, and today the company provided an update, while highlighting the decline in memory safety vulnerabilities. 9to5Google reports: Google says the "number of memory safety vulnerabilities have dropped considerably over the past few years/releases."; Specifically, the number of annual memory safety vulnerabilities fell from 223 to 85 between 2019 and 2022. They are now 35% of Android's total vulnerabilities versus 76% four years ago. In fact, "2022 is the first year where memory safety vulnerabilities do not represent a majority of Android's vulnerabilities." That count is for "vulnerabilities reported in the Android security bulletin, which includes critical/high severity vulnerabilities reported through our vulnerability rewards program (VRP) and vulnerabilities reported internally." During that period, the amount of new memory-unsafe code entering Android has decreased: "Android 13 is the first Android release where a majority of new code added to the release is in a memory safe language. " Rust makes up 21% of all new native code in Android 13, including the Ultra-wideband (UWB) stack, DNS-over-HTTP3, Keystore2, Android's Virtualization framework (AVF), and "various other components and their open source dependencies." Google considers it significant that there have been "zero memory safety vulnerabilities discovered in Android's Rust code" so far across Android 12 and 13. Google's blog post today also talks about non-memory-safety vulnerabilities, and its future plans: "... We're implementing userspace HALs in Rust. We're adding support for Rust in Trusted Applications. We've migrated VM firmware in the Android Virtualization Framework to Rust. With support for Rust landing in Linux 6.1 we're excited to bring memory-safety to the kernel, starting with kernel drivers.Read more of this story at Slashdot.

Vulnerabilities in mobile apps exposed Hyundai and Genesis car models after 2012 to remote attacks that allowed unlocking and even starting the vehicles. BleepingComputer reports: Security researchers at Yuga Labs found the issues and explored similar attack surfaces in the SiriusXM "smart vehicle" platform used in cars from other makers (Toyota, Honda, FCA, Nissan, Acura, and Infinity) that allowed them to "remotely unlock, start, locate, flash, and honk" them. At this time, the researchers have not published detailed technical write-ups for their findings but shared some information on Twitter, in two separate threads. The mobile apps of Hyundai and Genesis, named MyHyundai and MyGenesis, allow authenticated users to start, stop, lock, and unlock their vehicles. After intercepting the traffic generated from the two apps, the researchers analyzed it and were able to extract API calls for further investigation. They found that validation of the owner is done based on the user's email address, which was included in the JSON body of POST requests. Next, the analysts discovered that MyHyundai did not require email confirmation upon registration. They created a new account using the target's email address with an additional control character at the end. Finally, they sent an HTTP request to Hyundai's endpoint containing the spoofed address in the JSON token and the victim's address in the JSON body, bypassing the validity check. To verify that they could use this access for an attack on the car, they tried to unlock a Hyundai car used for the research. A few seconds later, the car unlocked. The multi-step attack was eventually baked into a custom Python script, which only needed the target's email address for the attack. Yuga Labs analysts found that the mobile apps for Acura, BMW, Honda, Hyundai, Infiniti, Jaguar, Land Rover, Lexus, Nissan, Subaru, and Toyota, use SiriusXM technology to implement remote vehicle management features. They inspected the network traffic from Nissan's app and found that it was possible to send forged HTTP requests to the endpoint only by knowing the target's vehicle identification number (VIN). The response to the unauthorized request contained the target's name, phone number, address, and vehicle details. Considering that VINs are easy to locate on parked cars, typically visible on a plate where the dashboard meets the windshield, an attacker could easily access it. These identification numbers are also available on specialized car selling websites, for potential buyers to check the vehicle's history. In addition to information disclosure, the requests can also carry commands to execute actions on the cars. [...] Before posting the details, Yuga Labs informed both Hyundai and SiriusXM of the flaws and associated risks. The two vendors have fixed the vulnerabilities.Read more of this story at Slashdot.