Slashdot

Academic researchers have devised a new working exploit that commandeers Amazon Echo smart speakers and forces them to unlock doors, make phone calls and unauthorized purchases, and control furnaces, microwave ovens, and other smart appliances. joshuark shares a report: The attack works by using the device's speaker to issue voice commands. As long as the speech contains the device wake word (usually "Alexa" or "Echo") followed by a permissible command, the Echo will carry it out, researchers from Royal Holloway University in London and Italy's University of Catania found. Even when devices require verbal confirmation before executing sensitive commands, it's trivial to bypass the measure by adding the word "yes" about six seconds after issuing the command. Attackers can also exploit what the researchers call the "FVV," or full voice vulnerability, which allows Echos to make self-issued commands without temporarily reducing the device volume. Because the hack uses Alexa functionality to force devices to make self-issued commands, the researchers have dubbed it "AvA," short for Alexa vs. Alexa. It requires only a few seconds of proximity to a vulnerable device while it's turned on so an attacker can utter a voice command instructing it to pair with an attacker's Bluetooth-enabled device. As long as the device remains within radio range of the Echo, the attacker will be able to issue commands. The attack "is the first to exploit the vulnerability of self-issuing arbitrary commands on Echo devices, allowing an attacker to control them for a prolonged amount of time," the researchers wrote in a paper [PDF] published two weeks ago. "With this work, we remove the necessity of having an external speaker near the target device, increasing the overall likelihood of the attack."Read more of this story at Slashdot.

Consumers will still be able to use Mastercard and Visa-branded cards for domestic transactions in Russia, the country's state-backed payments network has said, reducing the impact of the US firms' decision to pull services over the invasion of Ukraine. From a report: Russia's homegrown payments system Mir said the cardholders would still be able to access their funds, make withdrawals and domestic transfers -- at least until their bank cards expire. Mir has processed most domestic payments in Russia since 2015, while foreign operators such as Visa and Mastercard continued to run international transactions. The operator -- which is 100% owned by the country's central bank -- was established on government orders to protect the economy against sanctions imposed over Moscow's annexation of Crimea in 2014. "All cards of these payment systems already issued by Russian banks will continue to work within our country as before," Mir's operator said in the early hours of Sunday. "Until the expiration of their validity, Visa and Mastercard cardholders have access to all the funds on their accounts, as well as all the usual payment transactions -- paying for purchases, transferring funds from card to card, withdrawing cash, etc." Further reading: Visa Discloses Russia, Ukraine Exposure.Read more of this story at Slashdot.

During at least the first few months following a coronavirus infection, even mild cases of Covid-19 are associated with subtle tissue damage and accelerated losses in brain regions tied to the sense of smell, as well as a small loss in the brain's overall volume, a new British study finds. Having mild Covid is also associated with a cognitive function deficit. NBC: These are the striking findings of the new study led by University of Oxford investigators, one that leading Covid researchers consider particularly important because it is the first study of the disease's potential impact on the brain that is based on brain scans taken both before and after participants contracted the coronavirus. "This study design overcomes some of the major limitations of most brain-related studies of Covid-19 to date, which rely on analysis and interpretation at a single time point in people who had Covid-19," said Dr. Serena S. Spudich, a neurologist at the Yale University School of Medicine, who was not involved in the research. The research, which was published Monday in Nature, also stands out because the lion's share of its participants apparently had mild Covid -- by far, the most common outcome of coronavirus infections. Most of the brain-related studies in this field have focused on those with moderate to severe Covid. Gwenaelle Douaud, an associate professor at the Nuffield Department of Clinical Neurosciences at Oxford and the paper's lead author, said that the excess loss of brain volume she and her colleagues observed in brain scans of hundreds of British individuals is equivalent to at least one extra year of normal aging. "It is brain damage, but it is possible that it is reversible," she said. "But it is still relatively scary because it was in mildly infected people."Read more of this story at Slashdot.

It is the dominant American maker of smartphones, a household name to billions and for many makers of high-tech parts their most important customer ever. Just don't ask who it is. WSJ: In Asia, it's surreptitiously referred to as "the fruit company" or sometimes "Fuji," referring to the variety of the specific fruit in question that's cultivated in Japan. Other descriptors include "the three-trillion-dollar company" -- which slightly overstates its market value -- "the honored North American customer" and simply "the big A." In a January securities filing, O-Film Group, a Chinese maker of smartphone camera modules said it estimated a loss of up to $426 million in 2021. One reason was lost business with "a certain customer beyond these borders." Which customer? An O-Film spokesperson didn't respond to the question. In contrast to Lord Voldemort of the Harry Potter series, the Client Who Must Not Be Named doesn't cast deadly spells or converse with serpents. Its powers, nonetheless, are fearsome. It can award -- or take away -- contracts for electronic parts and services worth hundreds of millions of dollars. That is why suppliers' public presentations and even private conversations hardly ever include the name of the company they're discussing, for fear of offending someone or accidentally revealing competitive information. The reluctance to spell out the remaining four letters beyond "A" is more than just custom. A 2014 court filing related to a former supplier's bankruptcy gave details about its confidentiality agreement with the customer. The supplier, GT Advanced Technologies, promised to pay $50 million for each breach of secrecy, according to the filing. The agreement defined breaches to include not just the usual trade secrets but also the very existence of the relationship. At an earnings call in June 2020 by chip maker Broadcom, an analyst mentioned, without naming names, that "growth in Q3 from a seasonal perspective" might be lacking. He asked for "some more color around how we should think about the wireless expected recovery into Q4." Broadcom Chief Executive Hock E. Tan immediately knew what was up. He said he understood what the analyst was implying: Broadcom was indeed designing chips for "those big flagship phones" made by "our large North American OEM phone maker." He confirmed the delay in the OEM's products.Read more of this story at Slashdot.

An anonymous reader shares a report: If blockchain technology is to reach true mass adoption, it will have to become cheaper and more efficient. Low transaction throughput on some of the most popular blockchains, most notably Ethereum, has kept gas fees high and hindered scalability. A host of new projects has cropped up to improve efficiency in the blockchain space, each with its own set of tradeoffs, including proof-of-capacity blockchain Subspace, which announced its $32.9 million Series A last week. Now, a team of researchers from Stanford University's applied cryptography research group has entered the fray. The team is coming out of stealth mode with Espresso, a new layer one blockchain they are building to allow for higher throughput and lower gas fees while prioritizing user privacy and decentralization. Espresso aims to optimize for both privacy and scalability by leveraging zero-knowledge proofs, a cryptographic tool that allows a party to prove a statement is true without revealing the evidence behind that statement, CEO Ben Fisch told TechCrunch in an interview. Espresso Systems, the company behind the blockchain project, is led by Fisch, chief operating officer Charles Lu, and chief scientist Benedikt Banz, collaborators at Stanford who have each worked on other high-profile web3 projects, including the anonymity-focused Monero blockchain and BitTorrent co-founder Bram Cohen's Chia. They've teamed up with chief strategy officer Jill Gunter, a former crypto investor at Slow Ventures who is the fourth Espresso Systems co-founder, to take their blockchain and associated products to market. To achieve greater throughput, Espresso uses ZK-Rollups, a solution based on zero-knowledge proofs that allow transactions to be processed off-chain. ZK-Rollups consolidate multiple transactions into a single, easily-verifiable proof, thus reducing the bandwidth and computational load on the consensus protocol. The method has already gained popularity on the Ethereum blockchain through scaling solution providers like StarkWare and zkSync, according to Fisch.Read more of this story at Slashdot.

Zelle, the payments platform used by millions of customers, is a popular target of scammers. But banks have been reluctant to make fraud victims whole -- despite owning the system. From a report: Consumers love payment apps like Zelle because they're free, fast and convenient. Created in 2017 by America's largest banks to enable instant digital money transfers, Zelle comes embedded in banking apps and is now by far the country's most widely used money transfer service. Last year, people sent $490 billion through Zelle, compared with $230 billion through Venmo, its closest rival. Zelle's immediacy has also made it a favorite of fraudsters. Other types of bank transfers or transactions involving payment cards typically take at least a day to clear. But once crooks scare or trick victims into handing over money via Zelle, they can siphon away thousands of dollars in seconds. There's no way for customers -- and in many cases, the banks themselves -- to retrieve the money. Nearly 18 million Americans were defrauded through scams involving digital wallets and person-to-person payment apps in 2020, according to Javelin Strategy & Research, an industry consultant. "Organized crime is rampant," said John Buzzard, Javelin's lead fraud analyst. "A couple years ago, we were just starting to talk about it" on apps like Zelle and Venmo, Mr. Buzzard said. "Now, it's common and everywhere." The banks are aware of the widespread fraud on Zelle. When Mr. Faunce called Wells Fargo to report the crime, the customer service representative told him, "A lot of people are getting scammed on Zelle this way." Getting ripped off for $500 was "actually really good," Mr. Faunce said the rep told him, because "many people were getting hit for thousands of dollars."Read more of this story at Slashdot.

Briefly banned in Ukraine, U.S. mobile-phone app Premise does defense work globally and has faced contributor safety issues. From a report: In 2019, Ukrainian users of a U.S.-based mobile-phone app offering paid, short-term tasks got what sounded like a straightforward assignment: Go into rural Ukraine and take smartphone photos of certain fields and farms around Odessa and Kyiv. But for one contributor, the job turned out to be anything but ordinary when one of the fields turned out to lie next to a military checkpoint. The contributor was chased off by armed soldiers, according to people familiar with the matter. The app's owner, Premise Data, said it immediately deleted the task from its platform after learning of the military checkpoint. What that and other Ukrainian gig workers were doing was harvesting data for a U.S. Defense Department-funded research project. Descartes Labs, a government contractor that works with U.S. military and intelligence agencies, hired Premise to have its gig workers gauge how accurately the company's satellite algorithms were performing, the people said. Could they, for example, accurately tell barley from wheat in photos taken from space? Descartes's work was funded by DARPA, a research arm of the Pentagon, a Defense Department spokesperson said. Descartes declined to comment. Based in San Francisco, Premise is one of a number of companies offering a service that uses iPhone and Android smartphones around the world as tools for gathering intelligence and commercial information from afar, sometimes without the users knowing specifically who they are working for. The business model of companies like Premise has prompted questions about the safety and propriety of enlisting such people for government work --especially in potential or active conflict zones.Read more of this story at Slashdot.

Samsung on Monday confirmed that the company recently suffered a cyberattack, but said that it doesn't anticipate any impact on its business or customers. From a report: Last week, South American hacking group Lapsus$ claimed it had stolen 190GB of confidential data, including source code, from the South Korean tech giant's servers. The group also posted snapshots of the alleged data online. Samsung has now confirmed in a statement, without naming the hacking group, that there was a security breach, but it asserted that no personal information of customers was compromised.Read more of this story at Slashdot.

NBC News reports that energy analysts "still expect most solar energy production in the near future to come from utility-scale projects, in part because of the savings that comes with massive installations." Unfortunately, "It's those projects that are facing pushback."Local governments in states such as California, Indiana, Maine, New York and Virginia have imposed moratoriums on large-scale solar farms, as a national push for cleaner energy has collided with complaints about how the projects affect wildlife and scenic views. In one Nevada town west of Las Vegas, residents are trying to block a proposed 2,300-acre solar field. NBC News counted 57 cities, towns and counties across the country where residents have proposed solar moratoriums since the start of 2021, according to local news reports, and not every proposed ban gets local news coverage. At least 40 of those approved the measures. Other localities did so in earlier years. That resistance is a threat to the big ambitions of the solar energy movement. The current workaround? Solar panel installations "in unexpected places..."[Walmart] told NBC News it has more than 550 renewable energy projects, including solar and wind, implemented or under development. Several have opened recently in California, including with parking lot canopies. The company has a goal of using 100 percent renewable energy by 2035, up from 36 percent by its estimate now.... Houston has chosen the 240-acre site of a former landfill to install what the city said will be the largest infill solar project in the nation. In a neighborhood named Sunnyside, the project will generate enough electricity for 5,000 homes, according to the city. Similar projects have been built on landfills throughout New Jersey. An energy firm is building a solar project on a former coal mine on the border of Kentucky and West Virginia, while in New York state, researchers at Cornell University are testing putting solar panels in a field where sheep graze. A city in Northern California says it has the largest floating solar farm in the U.S. at its wastewater treatment plant, and in January, a China-based energy company said it had built the world's largest floating solar array on a reservoir there. And last year, the Biden administration encouraged the development of solar projects on highway right-of-way, with a notice from the Federal Highway Administration telling field offices to work with states on ideas. Researchers at the University of Texas at Austin, including Webber, have said most states have more than 200 miles of interstate frontage suitable for solar development, especially near exits and rest stops. Creative locations have a particular benefit: fewer potential neighbors who might complain.Read more of this story at Slashdot.

Business Insider reports:Serhiy Storchaka, a Ukrainian developer, is the second-most prolific recent contributor to Python and tenth-most prolific of all time, according to Lukasz Langa, the Python Software Foundation's developer in residence, based in PoznaÅ, Poland... Storchaka faced an impossible choice as Russia invaded his country. Like many young male programmers in Ukraine, he decided to stay.... Storchaka lives outside of Konotop, a city in northeastern Ukraine which is occupied by Russian forces. He tweeted on February 26, "Russian tanks were on the road 2km from my house, and Russian armored vehicles were passing by my windows. Most likely, I will find myself in the occupied zone, where the law does not apply...." Insider was unable to contact Storchaka, but spoke with Langa... [A]s the military crisis worsened on Friday and over the weekend, the Python developer community rallied to help Storchaka's younger family members. Communicating with Storchaka's family through Google Translate, Langa managed to secure temporary housing for Storchaka's niece and best friend, aged 11. They crossed the border to Poland via bus with their mother, and met Langa, who drove over 300km to Warsaw to pick up keys and secure basic necessities for the family. "Two little 11-year-old girls (my niece and her best friend) are now safe thanks to @llanga," Storchaka tweeted last Monday, adding "My sister and I are immensely grateful." (He'd been especially worried because their town was near one of Ukraine's nuclear power plants, "a strategic target".) Business Insider points out Storchaka is just one of many Python core developers from Ukraine, and one of many Ukrainians working in its tech sector.Andrew Svetlov, another influential Python developer who specializes in asynchronous networking support, also remains in Ukraine.... Svetlov is in Kyiv, where Russian troops have surrounded the city.... "Neither of them wanted to leave their country, even in the face of the great risk this poses for them," Langa told Insider.Read more of this story at Slashdot.

"Every day, several petabytes of data are generated on the internet," says Kasra Tabatabaei, a researcher at the Beckman Institute for Advanced Science and Technology. "Only one gram of DNA would be sufficient to store that data." So the Institute is now announcing the results of a project Tabatabaei worked on "to transform the double helix into a robust, sustainable data storage platform." CNET reports:Tabatabaei is the co-author of a new study, published in last month's edition of the journal Nano Letters... Essentially, the study team is the first to artificially extend the DNA alphabet, which could allow for massive storage capacities and accommodate a pretty extreme level of digital data.... DNA encodes genetic information with four molecules called nucleotides. There's adenine, guanine, cytosine and thymine, or A, G, C and T. In a sense, DNA has a four-letter alphabet, and different letter combinations represent different bits of data.... But what if we had a longer alphabet? Presumably, that'd give us a much deeper capacity. Following this line of thought, the team behind the new study artificially added seven new letters to the DNA repertoire.... "Instead of converting zeroes and ones to A, G, C and T, we can convert zeroes and ones to A, G, C, T and the seven new letters in the storage alphabet." One of the study's co-principal investigators said their work "provides an exciting proof-of-principle demonstration of extending macromolecular data storage to non-natural chemistries, which hold the potential to drastically increase storage density in non-traditional storage media."Read more of this story at Slashdot.

Researchers at the University of Texas at Austin have identified a previously unknown structure of the protein that's responsible for making edits to the wrong sections of DNA. After some tweaking, they were able to reduce the likelihood of off-target mutations by 4,000 times. New Atlas reports: CRISPR tools use certain proteins, most often Cas9, to make precise edits to specific DNA sequences in living cells. This can involve cutting out problematic genes, such as those that cause disease, and/or slotting in beneficial ones. The problem is that sometimes the tool can make changes to the wrong parts, potentially triggering a range of other health issues. And in the new study, the UT researchers discovered how some of these errors can happen. Usually, the Cas9 protein is hunting for a specific sequence of 20 letters in the DNA code, but if it finds one where 18 out of 20 match its target, it might make its edit anyway. To find out why this occurs, the team used cryo-electron microscopy to observe what Cas9 is doing when it interacts with a mismatched sequence. To their surprise, they discovered a strange finger-like structure that had never been observed before. This finger reached out and stabilized the DNA sequence so the protein could still make its edit. Having uncovered this mechanism, the team tweaked this finger so that it no longer stabilized the DNA, instead pushing away from it. That prevents Cas9 from editing that sequence, making the tool 4,000 times less likely to produce off-target mutations. The team calls the new protein SuperFi-Cas9. The research was published in the journal Nature.Read more of this story at Slashdot.

The California Public Utilities Commission (CPUC) on Monday issued permits to self-driving units of General Motors and Alphabet to allow for passenger service in autonomous vehicles with safety drivers present. Reuters reports: CPUC said the GM unit Cruise and Alphabet's Waymo are under Drivered Deployment permits authorized to collect fares from passengers and may offer shared rides. Prior to the announcement Cruise and Waymo had been permitted to provide passenger service only on a testing basis with no fare collection permitted. Starting Monday, Cruise is allowed to provide the "Drivered Deployment" service on some public roads in San Francisco between the hours of 10 p.m. and 6 a.m. at speeds of up to 30 miles per hour, while Waymo can offer service in parts of San Francisco and San Mateo counties at speeds of up to 65 miles per hour, CPUC said. Neither company is allowed to operate during heavy fog or heavy rain. [...] Waymo said it has tens of thousands of riders on a waitlst in California after it launched a tester program in August. "We'll begin offering paid trips through the program in the coming weeks," the company said.Read more of this story at Slashdot.

In a statement to TechCrunch, a Samsung spokesperson said the company will release a software update to allow users to have more control over throttling. "Samsung has not provided details about when the update will roll out to users," notes the report. From the report: "Our priority is to deliver the best mobile experience for consumers. We value the feedback we receive about our products and after careful consideration, we plan to roll out a software update soon so users can control the performance while running game apps," a spokesperson from Samsung said in an email. Samsung's promise follows reports that the tech giant's phones are throttling the performance of around 10,000 apps, as first reported by Android Authority, and via Twitter complaints, plus Samsung's Korean community forums. The company's Game Optimizing Service (GOS) software, which optimizes the performance of CPU and GPU to prevent excessive heating when playing a game for a long time, appeared to be at the core of the issue, but the list of affected apps wasn't limited to games. However, Samsung has disputed claims that Game Optimizing Service was throttling non-gaming apps. "The Game Optimizing Service (GOS) has been designed to help game apps achieve a great performance while managing device temperature effectively. GOS does not manage the performance of non-gaming apps," the spokesperson said.Read more of this story at Slashdot.

An anonymous reader quotes a report from ABC News: State attorneys general have launched a nationwide investigation into TikTok and its possible harmful effects on young users' mental health, widening government scrutiny of the wildly popular video platform. The investigation was announced Wednesday by a number of states led by California, Florida, Kentucky, Massachusetts, Nebraska, New Jersey, Tennessee and Vermont. U.S. lawmakers and federal regulators have criticized TikTok, citing practices and computer-driven promotion of content they say can endanger the physical and mental health of young users. The platform has an estimated 1 billion monthly users and is especially popular with teens and younger children. Last month, Texas opened an investigation into TikTok's alleged violations of children's privacy and facilitation of human trafficking. "Our children are growing up in the age of social media -- and many feel like they need to measure up to the filtered versions of reality that they see on their screens," California Attorney General Rob Bonta said in a news release. "We know this takes a devastating toll on children's mental health and well-being." Bonta said the investigation aims determine if TikTok is violating the law in promoting its platform to young people. Government officials and child-safety advocates maintain that TikTok's computer algorithms pushing video content to users can promote eating disorders and even self-harm and suicide to young viewers. "We care deeply about building an experience that helps to protect and support the well-being of our community, and appreciate that the state attorneys general are focusing on the safety of younger users," the company said Wednesday. "We look forward to providing information on the many safety and privacy protections we have for teens."Read more of this story at Slashdot.

The Wikimedia Foundation has issued a statement supporting Russian Wikipedia volunteers after a censorship demand from internet regulators. From a report: On Tuesday, tech and communications regulator Roskomnadzor threatened to block Wikipedia over the Russian-language page covering Russia's invasion of Ukraine, claiming it contained "false messages" about war casualties and the effects of economic sanctions, among other things. "On March 1st 2022 the Wikimedia Foundation received a Russian government demand to remove content related to the unprovoked invasion of Ukraine posted by volunteer contributors to Russian Wikipedia," reads the statement sent to The Verge via email. "As ever, Wikipedia is an important source of reliable, factual information in this crisis. In recognition of this important role, we will not back down in the face of efforts to censor and intimidate members of our movement. We stand by our mission to deliver free knowledge to the world."Read more of this story at Slashdot.

Apple has set an April 11 deadline for corporate employees in the U.S. to return to offices like Apple Park, according to Bloomberg's Mark Gurman. MacRumors reports: Apple is planning for a hybrid in-office and at-home work schedule going forward. The report states that Apple employees will be required to work from the office at least one day per week by April 11, at least two days per week by May 2, and at least three days per week by May 23. Those three days would be Mondays, Tuesdays, and Thursdays, with most employees having the option to work remotely on Wednesdays and Fridays. "For many of you, I know that returning to the office represents a long-awaited milestone and a positive sign that we can engage more fully with the colleagues who play such an important role in our lives," said Apple CEO Tim Cook, in a memo to employees obtained by Bloomberg. "For others, it may also be an unsettling change." Apple's corporate employees have largely been working from home since the start of the pandemic. Apple executives have routinely made it clear that employees would eventually need to return to the office once it is safer to do so, despite some employees objecting. Apple's decisions comes just a few days after Google said that its employees would need to return to offices starting April 4.Read more of this story at Slashdot.

A leading American Internet service provider, Cogent Communications, said it was severing relations with Russian customers on Friday, a move that gives Ukrainian officials another victory in their campaign to isolate Russia online. The Washington Post reports: Cogent chief executive Dave Schaeffer said the company did not want to keep ordinary Russians off the Internet but did want to prevent the Russian government from using Cogent's networks to launch cyberattacks or deliver propaganda targeting Ukraine at a time of war. "Our goal is not to hurt anyone. It's just to not empower the Russian government to have another tool in their war chest," Schaeffer said in an interview with The Washington Post. Cogent, based in Washington, D.C., is one of the world's largest providers of what's known as Internet backbone -- roughly comparable to the interstate highway system, providing the primary conduit for data flows that local companies then route to individual domains. Schaeffer said Cogent's networks carry about one-quarter of the world's Internet traffic. Cogent has several dozen customers in Russia, with many of them, such as state-owned telecommunications giant Rostelecom, being close to the government. Russia, like most nations, is connected to the world by several backbone providers, but Cogent is among its largest. The company began terminating its Russian companies at noon Friday but was doing so gradually. Some customers asked for a delay of up to several days while they found other Internet sources, Schaeffer said, and the company is trying to accommodate those requests. "We're pretty confident that we're not interfering with anyone's ability to get some information," he said, though he acknowledged the likelihood of slowdowns and other disruptions with Russia. "In light of the unwarranted and unprovoked invasion of Ukraine, Cogent is terminating all of your services effective at 5 p.m. GMT on March 4, 2022," wrote Cogent in a letter to one of their Russian customers. "The economic sanctions put in place as a result of the invasion and the increasingly uncertain security situation make it impossible for Cogent to continue to provide you with service. All Cogent-provided ports and IP address space will be reclaimed as of the termination date."Read more of this story at Slashdot.

An anonymous reader quotes a report from BuzzFeed News: Facebook and Twitter on Friday were blocked in Russia, amid President Vladimir Putin's ongoing military invasion of Ukraine. In a statement issued on Friday, Roskomnadzor, the country's communications regulator, explained the decision was made to "block access to the Facebook network" after at least 26 cases of "discrimination against Russian media and information resources" since October 2020. The agency highlighted Facebook's recent restriction of Kremlin-tied media sources RT News and Sputnik News across the EU. Hours later, Russian news agency Interfax reported that Roskomnadzor had also begun blocking Twitter. "Soon millions of ordinary Russians will find themselves cut off from reliable information, deprived of their everyday ways of connecting with family and friends and silenced from speaking out," Nick Clegg, president of global affairs for Facebook parent Meta, wrote on Twitter in response. "We will continue to do everything we can to restore our services so they remain available to people to safely and securely express themselves and organize for action." Yesterday, Russian state-controlled news network RT announced it would be "ceasing production" and laying off most of its staff after YouTube blocked its channels.Read more of this story at Slashdot.

HTC's slow-motion fall from smartphone grace is reportedly set to continue in 2022, with the company said to be working on a new "metaverse"-focused phone in April as the remnants of the once-flagship smartphone company continues to desperately cling to whatever zeitgeist term it can to stay afloat, according to DigiTimes. The Verge: The news comes from Charles Huang, HTC's general manager for the Asia-Pacific region, who reportedly commented at MWC 2022 that the company would be introducing a new high-end smartphone next month with unspecified "metaverse" features. Details are slim, including any specs, markets it'll be released in, or even what kind of AR or VR features the new device will offer. The news sounds a lot like HTC's last major pivot towards relevancy: its Exodus line of blockchain phones that its offered for the past few years. Promising decentralized apps ("Dapps") and a built-in cryptocurrency wallet, the phones could run blockchain nodes and even mine paltry amounts of cryptocurrency, but -- like many instances of blockchain technology -- it was a solution largely in search of a problem that never really took off.Read more of this story at Slashdot.

shanen shares a report: Data extortionists who stole up to 1 terabyte of data from Nvidia have delivered one of the most unusual ultimatums ever in the annals of cybercrime: allow Nvidia's graphics cards to mine cryptocurrencies faster or face the imminent release of the company's crown-jewel source code. A ransomware group calling itself Lapsus$ first claimed last week that it had hacked into Nvidia's corporate network and stolen more than 1TB of data. Included in the theft, the group claims, are schematics and source code for drivers and firmware. A relative newcomer to the ransomware scene, Lapsus$ has already published one tranche of leaked files, which among other things included the usernames and cryptographic hashes for 71,335 of the chipmaker's employees.Read more of this story at Slashdot.

After years of zooming through deep space, a presumed leftover piece of a Chinese rocket slammed into the Moon today, just as space tracking experts expected it would. From a report: At least, it should have hit the Moon around 7:30AM ET this morning, as long as the law of gravity has not changed. The collision brings an end to the rocket's life in space and likely leaves a fresh new crater on the Moon that may be up to 65 feet wide. The now-expired rocket has caused quite a buzz this past month. First of all, the vehicle was never intended to crash into the Moon, making it a rare piece of space debris to find its way to the lunar surface by accident. Additionally, there was some confusion over its identity, with various groups trying to nail down exactly where the rocket came from. Originally, space trackers thought it was a leftover piece of a SpaceX Falcon 9 rocket that had launched a weather satellite back in 2015. But after careful analysis, various groups of space trackers confirmed that the rocket was likely leftover from the launch of China's Chang'e 5-T1 mission -- a flight that launched in 2014 to test out technology needed to bring samples back from the Moon. That mission, launched on a Chinese Long March 3C rocket, sent a spacecraft looping around the Moon in an attempt to see if China could send a vehicle to the Moon and then bring it back to Earth. Given the flight profile of the Chang'e 5-T1 mission and the tracking of the mystery object, astronomers are fairly certain that a chunk of the Long March 3C rocket has remained in an extremely elongated orbit around Earth ever since, only to find its way to the far side of the Moon.Read more of this story at Slashdot.

Two of the world's biggest cryptocurrency exchanges, Coinbase and Binance, rejected calls on Friday for a blanket ban on all Russian users to stop their platforms from being used as a way round Western sanctions. From a report: "We believe everyone deserves access to basic financial services unless the law says otherwise," Coinbase Chief Executive Officer Brian Armstrong said in a series of tweets on Friday. The exchange, however, would enforce such a blanket ban if the U.S. government decides to impose one, Armstrong added. "We are not going to unilaterally freeze millions of innocent users' accounts," a spokesperson of Binance, the world's biggest crypto exchange, said in an emailed statement to Reuters. Both cryptocurrency exchanges have said they will comply with government sanctions. Major crypto exchanges have been urged to ban their services in Russia to prevent sanctioned entities from parking their assets using cryptocurrencies. The exchanges, however, insist they are well equipped to avoid abuse of their platforms.Read more of this story at Slashdot.

An anonymous reader quotes a report from TechCrunch: When Erik Johnson couldn't get his university's mobile student ID app to reliably work, he sought to find a workaround. The app is fairly important, since it allows him and every other student at his university to pay for meals, get into events and even unlock doors to dorm rooms, labs and other facilities across campus. The app is called GET Mobile, and it's developed by CBORD, a technology company that brings access control and payment systems to hospitals and universities. But Johnson -- and the many who left the app one-star reviews in frustration -- said the app was slow and would take too long to load. There had to be a better way. And so by analyzing the app's network data at the same time he unlocked his dorm room door, Johnson found a way to replicate the network request and unlock the door by using a one-tap Shortcut button on his iPhone. For it to work, the Shortcut has to first send his precise location along with the door unlock request or his door won't open. Johnson said as a security measure students have to be physically in proximity to unlock doors using the app, seen as a measure aimed at preventing accidental door openings across campus. It worked, but why stop there? If he could unlock a door without needing the app, what other tasks could he replicate? Johnson didn't have to look far for help. CBORD publishes a list of commands available through its API, which can be controlled using a student's credentials, like his. But he soon found a problem: The API was not checking if a student's credentials were valid. That meant Johnson, or anyone else on the internet, could communicate with the API and take over another student's account without having to know their password. Johnson said the API only checked the student's unique ID, but warned that these are sometimes the same as a university-issued student username or student ID number, which some schools publicly list on their online student directories, and as such cannot be considered a secret. Johnson described the password bug as a "master key" to his university -- at least to the doors that are controlled by CBORD. As for needing to be in close proximity to a door to unlock it, Johnson said the bug allowed him to trick the API into thinking he was physically present -- simply by sending back the approximate coordinates of the lock itself. The vulnerability was fixed and session keys were invalidated shortly after TechCrunch shared details of the bug with CBORD.Read more of this story at Slashdot.

BleepingComputer was recently contacted by an alleged "venture capitalist" firm that wanted to invest or purchase our site. However, as we later discovered, this was a malicious campaign designed to install malware that provides remote access to our devices. Lawrence Abrams from BleepingComputer writes: Last week, BleepingComputer received an email to our contact form from an IP address belonging to a United Kingdom virtual server company. Writing about cybersecurity for so long, I am paranoid regarding email, messaging, and visiting unknown websites. So, I immediately grew suspicious of the email, fired up a virtual machine and VPN, and did a search for Vuxner. Google showed only a few results for 'Vuxner,' with one being for a well-designed and legitimate-looking vuxner[.]com, a site promoting "Vuxner Chat -- Next level of privacy with free instant messaging." As this appeared to be the "Vuxner chat" the threat actors referenced in their email, BleepingComputer attempted to download it and run it on a virtual machine. BleepingComputer found that the VuxnerChat.exe download [VirusTotal] actually installs the "Trillian" messaging app and then downloads further malware onto the computer after Trillian finishes installing. As this type of campaign looked similar to other campaigns that have pushed remote access and password-stealing trojans in the past, BleepingComputer reached out to cybersecurity firm Cluster25 who has previously helped BleepingComputer diagnose similar malware attacks in the past. Cluster25 researchers explain in a report coordinated with BleepingComputer that the Vuxner[.]com is hosted behind Cloudflare, however they could still determine hosting server's actual address at 86.104.15[.]123. The researchers state that the Vuxner Chat program is being used as a decoy for installing a remote desktop software known as RuRAT, which is used as a remote access trojan. Once a user installs the Vuxner Trillian client and exits the installer, it will download and execute a Setup.exe executable [VirusTotal] from https://vuxner[.]com/setup.exe. When done, the victim will be left with a C:\swrbldin folder filled with a variety of batch files, VBS scripts, and other files used to install RuRAT on the device. Cluster25 told BleepingComputer that the threat actors are using this attack to gain initial access to a device and then take control over the host. Once they control the host, they can search for credentials and sensitive data or use the device as a launchpad to spread laterally in a network.Read more of this story at Slashdot.

cartechboy writes: Rivian's CEO, RJ Scaringe, admitted the company messed up. In a lengthy apology, the executive said the company broke people's trust. Rivian's walking back the large, in some cases 20%, price increases introduced earlier in the week for any preorder holder prior to March 1. [However, the price increases stay in effect for anyone who ordered after March 1.] "We wrongly decided to make these changes apply to all future deliveries, including pre-existing configured preorders," Scaringe said, noting that the company "failed to to appreciate" how customers viewed their configurations and pricing. Scaringe also acknowledged the company "wrongly assumed" the newly announced dual-motor models and standard battery pack would provide satisfactory price points similar to the original configurations.Read more of this story at Slashdot.

Russian forces shelled Europe's largest nuclear plant early Friday in the battle for control of a crucial energy-producing city, and the power station was on fire. The Associated Press reports: Plant spokesman Andriy Tuz told Ukrainian television that shells were falling directly on the Zaporizhzhia plant and had set fire to one of the facility's six reactors. That reactor is under renovation and not operating, but there is nuclear fuel inside, he said. Firefighters cannot get near the fire because they are being shot at, Tuz said. A government official told The Associated Press that elevated levels of radiation were detected near the site of the plant, which provides about 25% of Ukraine's power generation. The official spoke on condition of anonymity because the information has not yet been publicly released. Tuz said it is urgent to stop the fighting to put out the flames. Mayor Dmytro Orlov and the Ukrainian state atomic energy company reported that a Russian military column was heading toward the nuclear plant. Loud shots and rocket fire were heard late Thursday. [...] Ukrainian Prime Minister Denys Shmyhal called on the West to close the skies over the country's nuclear plants as fighting intensified. "It is a question of the security of the whole world!" he said in a statement. The U.S. and NATO allies have ruled out creating a no-fly zone since the move would pit Russian and Western military forces against each other.Read more of this story at Slashdot.

A new finding suggests Samsung is throttling the performance of thousands of Android apps on Galaxy smartphones, including Google and Samsung's first-party apps. XDA Developers reports: Samsung has an app called Game Optimization Service that comes preinstalled on many Galaxy phones. Although the name suggests the app helps improve gaming performance, it's apparently being used to limit the performance of non-gaming apps. Users on the Korean tech forum Meeco have posted a list of affected apps that are subject to performance throttling. The list includes 10,000 popular apps, including Instagram, TikTok, Netflix, Microsoft Office, Google Keep, Spotify, Snapchat, YouTube Music, and more. Samsung's own apps such as Samsung Pay, Secure Folder, Bixby, and others are also on the list. Notably, there are no benchmark apps on this blacklist. A video posted by Korean YouTuber shows how blacklisted apps are subject to inferior performance while benchmark apps are given a free hand. In his test, the YouTuber changed the package name of the 3DMark benchmark app to Genshin Impact, one of the apps on the blacklist. The unmodified version of 3D Mark scored 2618 points in the Wild Life Extreme test. When he ran the same test with the spoofed version, there was a significant drop in the score -- 1141 points. In other words, the spoofed version performed 56% worse than the unmodified version. It's not immediately clear if the Game Optimization Service app is installed on every Galaxy phone. Samsung is reportedly aware of the issue and conducting an internal investigation. "While Samsung hasn't clarified why it's throttling Android apps, it's likely in an attempt to improve battery life," notes XDA.Read more of this story at Slashdot.

An anonymous reader quotes a report from TorrentFreak: Sci-Hub founder Alexandra Elbakyan says that following a legal process, the Federal Bureau of Investigations has gained access to data in her Google account. Google itself informed her of the data release this week noting that due to a court order, the company wasn't allowed to inform her sooner. In January 2021, Twitter suspended the official Sci-Hub account so when site updates are published, they now tend to appear on Elbakyan's personal account. A new tweet this week reveals that Google was also required to hand over her account data. In an email to Elbakyan dated March 2, 2022, Google advises that following a legal process issued by the FBI, Google was required to hand over data associated with Elbakyan's account. Exactly what data was targeted isn't made clear but according to Google, a court order required the company to keep the request a secret. [...] Google notes that since it is "not in a position" to provide Elbakyan with legal advice or to discuss the substance of the legal process, the Sci-Hub founder may wish to contact an attorney. The big question remains -- what exactly is the investigation about? Given the scale of Sci-Hub and its notoriety around the world, it's certainly possible that a criminal copyright infringement investigation is underway in the United States that could feasibly lead to an indictment for Elbakyan and any cohorts involved in the operation. However, more serious allegations have been made in the past. Back in December 2019, The Washington Post reported that Elbakyan was being investigated by the US Justice Department on suspicion that she "may" be working with Russian intelligence to "steal U.S. military secrets from defense contractors." No solid evidence was published to back up those allegations but the publication did note that Elbakyan may have collected log-in credentials from journal subscribers in order to access academic literature, presumably so that it can be offered on Sci-Hub. "I know there are some reasons to suspect me: after all, I have education in computer security and was a hobby hacker in teenage years," said Elbakyan in a statement. "But hacking is not my occupation, and I do not have any job within any intelligence, either Russian or some another." She added: "I think that whether I can be a Russian spy is being investigated by U.S. government since they learned about Sci-Hub, because that is very logical: a Russian project, that uses university accounts to access some information, of course that is suspicious. But in fact Sci-Hub has always been my personal enterprise."Read more of this story at Slashdot.

Russia has decided to stop supplying rocket engines to the United States in retaliation for its sanctions against Russia over Ukraine. Reuters reports: "In a situation like this we can't supply the United States with our world's best rocket engines. Let them fly on something else, their broomsticks, I don't know what," [Dmitry Rogozin, head of the state space agency Roscosmos, said on state Russian television]. According to Rogozin, Russia has delivered a total of 122 RD-180 engines to the U.S. since 1990s, of which 98 have been used to power Atlas launch vehicles. Roscosmos will also stop servicing rocket engines it had previously delivered to the U.S., Rogozin said, adding that the U.S. still had 24 engines that would now be left without Russian technical assistance. Russia has earlier said it was suspending cooperation with Europe on space launches from the Kourou spaceport in French Guiana in response to Western sanctions over Ukraine. Moscow has also demanded guarantees from British satellite company OneWeb that its satellites would not be used for military purposes. OneWeb, in which the British government has a stake, said on Thursday it was suspending all launches from Russia's Baikonur Cosmodrome in Kazakhstan. Rogozin said Russia would now focus on creating dual-purpose spacecraft in line with the needs of Roscosmos and the Defence Ministry.Read more of this story at Slashdot.

Meta, formerly Facebook, has said that its grand ambition of building the ultimate "metaverse" won't be possible if there aren't drastic improvements in today's telecoms networks. CNBC reports: Dan Rabinovitsj, VP of connectivity at Meta, told CNBC at the Mobile World Congress tech event Monday that home networks and cellular networks aren't yet ready for the metaverse. "We're working closely with our colleagues to think about what's the next step in terms of innovation," he said, adding that Meta is also working with cellular partners. "If you really look at the pace of innovation in the telecom world, compared to other markets, it's been harder to go faster in this space," Rabinovitsj said. "One of the things that we've tried to change is that trajectory of innovation." "We need to develop a common language around the performance of networks," Rabinovitsj said. "We're actually big believers in measurement as foundational in this next phase of work." Mark Zuckerberg, Meta's founder and CEO, said in a statement Sunday that "creating a true sense of presence in virtual worlds delivered to smart glasses and VR headsets will require massive advances in connectivity." Zuckerberg said this will need to be "bigger than any of the step changes we've seen before," adding that things like wide-scale immersive video streaming will take entirely new types of networks. In response, Marc Allera, CEO of the consumer division of U.K. mobile network BT, told CNBC Wednesday that he expects the metaverse to place a strain on today's networks. However, he said the telecoms industry is spending billions on new technology. "When you stop and think about what you're able to do on a smartphone today, compared to 10 years ago, that's as a result of this industry and network operators investing huge amounts of money with no contribution made by content companies on these networks," Allera said ahead of a meeting with representatives from Meta. "I'll try and understand what their role in supporting this ecosystem is other than just asking what we're doing about it," he added.Read more of this story at Slashdot.

An anonymous reader quotes a report from the New York Times: The Russian state-controlled news network RT said on Thursday that it would start broadcasting on the video site Rumble, two days after YouTube announced that it would be blocking channels connected to RT and another Russian state-backed outlet, Sputnik, across Europe. "After a multitude of platforms have moved to knock out our broadcast and limit social media, you can stay on top of our LIVE broadcast," RT posted on Twitter Thursday. Rumble, which was founded in 2013 to compete with YouTube, is one of several alternative platforms that have attracted millions of users with the promise of a space untethered by what many on the American right have called a censorship of conservative voices. Prominent voices on the platform include Stephen Bannon, former President Donald J. Trump's onetime chief strategist, and Sean Hannity of Fox News. On Thursday afternoon, Misha Solodovnikov, the general manager of the production company behind RT America, T&R Productions, told staff that RT "will be ceasing production" and "must lay off most of its staff who work at all its locations," according to a company memo seen by The New York Times. RT America has offices in Miami, New York, Los Angeles and Washington. Mr. Solodovnikov cited "unforeseen business interruption events" as a reason for the company's announcement.Read more of this story at Slashdot.

Two widely used ConsenSys software products, MetaMask and Infura, announced that they "are unavailable in certain jurisdictions due to legal compliance." From a report: The post did not give further information about the compliance issues or the affected jurisdictions, but subsequent tweets point to U.S. and international sanctions on Russia regarding the war in Ukraine. Decrypt has reached out to ConsenSys for clarification regarding its policy of geoblocking IP addresses. The announcement took on added importance after Venezuelans found themselves all but cut off from the Ethereum network today, with many reporting they had been blocked from their wallets. Infura, which hosts Ethereum nodes and operates the blockchain infrastructure on behalf of companies, tweeted that the outage resulted from reconfiguring settings to comply with fresh sanctions. "We mistakenly configured the settings more broadly than they needed to be." The project says it's since resolved the issue and restored access. Around the same time, MetaMask explained that the Infura reconfiguration resulted in a knock-on effect for wallet users.Read more of this story at Slashdot.

Backblaze has published its first SSD edition of the Drive Stats report. A Slashdot reader writes: This edition focuses exclusively on their SSDs as opposed to their quarterly and annual Drive Stats reports which, until last year, focused exclusively on HDDs. Initially they expect to publish the SSD edition twice a year, although that could change depending on its value to readers. They'll continue to publish the HDD Drive Stats reports quarterly. It's an interesting look at SSD reliability in a commercial environment and may be useful to anyone wondering what drive they should (or shouldn't) consider for their own deployment.Read more of this story at Slashdot.

The international non-profit that coordinates management of the internet told Ukraine it will not intervene in the country's war with Russia, rebuffing a request to cut Russia off from the global internet. From a report: Ukraine's proposal is neither technically feasible nor within the mission of ICANN, said the Internet Corporation for Assigned Names and Numbers, according to a letter ICANN sent to Ukrainian officials on Wednesday. s you know, the Internet is a decentralized system. No one actor has the ability to control it or shut it down," ICANN CEO Goran Marby wrote in the the letter. Marby expressed his personal concern about Ukrainians' well-being as well as the "terrible toll being exacted on your country." But, he wrote, "our mission does not extend to taking punitive actions, issuing sanctions, or restricting access against segments of the Internet -- regardless of the provocations."Read more of this story at Slashdot.

The Moscow branch of a Chinese state bank has seen a surge in enquiries from Russian firms wanting to open new accounts, Reuters a person familiar with the matter said, as the country's businesses struggle with international sanctions after its invasion of Ukraine. From a report: "Over the past few days, 200-300 companies have approached us, wanting to open new accounts," the person, who works at the Moscow branch of a Chinese state bank and has direct knowledge of its operations, told Reuters. It was not clear how widespread Russian demand for new accounts at Chinese banks was, but the banker source told Reuters many of the companies seeking new accounts do business with China and that he expected yuan transactions by such firms to increase.Read more of this story at Slashdot.

Alphabet's Google Maps and the travel search platform Tripadvisor temporarily blocked users from posting new reviews to some listings in Russia, Ukraine and Belarus, the companies said. From a report: The suspensions were made in response to an influx of political statements posted as reviews to businesses and tourist destinations in the region, boosted by a campaign that saw pro-Ukraine activists using the travel platforms to try to communicate with Russians partially cut off from other media platforms. A social-media campaign promoted by the global hacker collective Anonymous encouraged followers to visit Google Maps, find a restaurant or other business in Russia and write a review explaining "what is happening in Ukraine." The group on Monday suggested users leverage the review sites to tell Russian readers to "Stand up to your dictator," among other directions. Other social-media accounts encouraged the posting of similar messages on Russian Tripadvisor pages.Read more of this story at Slashdot.

Ukraine's "IT army" of volunteer hackers announced a new set of targets on Thursday - including the Belarusian railway network and Russia's homegrown satellite-based navigation system, GLONASS. From a report: "We need to mobilise and intensify our efforts as much as possible," a post on the "IT army" Telegram channel said. The post listed the top priorities targeted by the group, including Belarus' railway, Russian telecom companies, and GLONASS, which is Russia's alternative to the Global Positioning System (GPS) satellite navigation network. Ukraine has called on its hacker underground to help protect critical infrastructure and conduct cyber spying missions against Russian troops, Reuters previously reported. Kyiv announced the formation of its "IT army" on Saturday. A hacking team focused on Belarus, which has been used as a key staging post for Russia's invasion of Ukraine, called the Belarusian Cyber Partisans told Reuters on Tuesday they had disabled railway traffic systems there and attacked the network because it had been used to transport Russian soldiers.Read more of this story at Slashdot.

An overview of Tencent's burgeoning games dominance. From a report: In the West, tech giant Tencent is not yet a household name. While its size and acquisitions have made frequent headlines, its presence has remained understated relative to competitors like Amazon and Google, with the name occasionally peppered into conversations as an example of China's burgeoning influence on technology and entertainment around the world. But in China, Tencent is everywhere. It's behind the nation's most popular messaging app, WeChat, with over 1.2 billion monthly active users. It's the behemoth that created QQ.com, one of the country's largest web portals and the world's fourth most visited website. And with Tencent Music, it also owns the majority of China's music services, with 841 million active users. It's also China's -- and the world's -- biggest game company. And with a growing presence internationally, we recently decided to take a closer look at how it operates and what it owns.Read more of this story at Slashdot.

Researchers have a new view of HR 6819: two stars, one of them a "vampire." From a report: Astronomers who thought they had discovered a black hole on our cosmic doorstep have said they were mistaken, instead revealing they have found a two-star system involving a stellar "vampire." The system, known as HR 6819 in the constellation Telescopium, was in the headlines in 2020 when researchers announced it contained a black hole. At just 1,000 light years from Earth, it was the closest yet found to our planet. At the time the team behind the work said the presence of a black hole was necessary to make sense of the movement of two stars in the system, suggesting a black hole and one star orbited each other while the second star moved in a wider orbit. Now the researchers say they were mistaken: the black hole does not exist. Dietrich Baade, an emeritus astronomer at European Southern Observatory (ESO) and a co-author of the work, said just one blob of light was previously detected, containing the hallmarks of two stars. Since both stars are of similar brightness and the same age, they would normally have the same mass and would whirl each other around with similar, high velocity. "Since we saw that only one of the stars was whirled around at high velocity by some massive object, which we didn't see, we assumed this unseen massive object to be a third body, namely a black hole," he said.Read more of this story at Slashdot.

The U.S. Securities and Exchange Commission is scrutinizing creators of NFTs and the crypto exchanges where they trade to determine if some of the assets run afoul of the agency's rules, Bloomberg News reported Thursday, citing people familiar with the matter. From the report: A focus of the probe is on whether certain nonfungible tokens, digital assets that can be used to denote ownership of things like a painting or sports memorabilia, are being utilized to raise money like traditional securities, said the people. Over the past several months, attorneys in the SEC's enforcement unit have sent subpoenas demanding information about the token offerings. The inquiry is the latest attempt by the SEC under Chair Gary Gensler to ensure the crypto market adheres to its regulations. In February, the commission and state regulators levied a record $100 million fine against BlockFi, a popular virtual-currency exchange, for failing to register products that pay customers high interest rates to lend out their digital tokens.Read more of this story at Slashdot.

Well-known open source advocate and developer Miguel de Icaza, who joined Microsoft in 2016 when it acquired Xamarin, the mobile-tool company he cofounded, is leaving Microsoft. From a report: De Icaza -- a Microsoft distinguished engineer -- confirmed to me on March 2 that he has decided to leave and will be taking some time off before moving to a new job. Ever since de Icaza's colleague and former Xamarin CEO Nat Friedman left Microsoft in November 2021, there's been speculation that de Icaza also would leave Microsoft. Friedman was the CEO of Microsoft's GitHub division. Friedman said late last year he had decided to go back to his startup roots. De Icaza has been with Microsoft for just over six years. Most recently, he has been working on various AI projects with the ONNX team. ONNX, the Open Neural Network Exchange, is an evolving standard format for machine learning models that is being championed by Microsoft, Meta and Amazon. De Icaza worked with the team to get the ONNX runtime on Android and iOS to support mobile developers using Xamarin.Read more of this story at Slashdot.

The Wordle clones are back on the App Store, just a few weeks after Apple wiped out nearly all the copycat games in January. From a report: A quick glance at the top free apps on the App Store reveals at least two prominently placed Wordle-alikes, while diving into Apple's more specific word games category (or simply searching "Wordle") surfaces plenty of other copycats, many of which appear to have been part of Apple's first wave of takedowns a few months ago. None of the new games are actively passing themselves off as Wordle -- at least, not in name. Instead, the clones have creatively rebranded to "Wordus," "Word Guess," "Wordl," and other thinly veiled references to the original game. But all of them offer some variant on Wordle's gameplay, down to the same gameplay, UI, design, and color scheme.Read more of this story at Slashdot.

Ukraine has scrapped a plan to reward people who donated to its fight against a Russian invasion with newly created crypto assets, following complications with the project. From a report: The official verified Twitter account for Ukraine said on Wednesday it planned to issue a so-called "airdrop," a common tool for early-stage crypto platforms to attract users by offering free tokens to jump start a project. But a day later, Ukraine's Vice Prime Minister Mykhailo Federov said in a tweet that the nation had decided to cancel the project. The tweet wasn't independently verified by Bloomberg News. "Every day there are more and more people willing to help Ukraine to fight back the aggression," Federov said in a tweet from his personal verified Twitter account on Thursday. He added that Ukraine will announce a drop of nonfungible tokens to support the Ukrainian Armed Forces soon, but that it has no plans to issue any fungible tokens such as cryptocurrencies.Read more of this story at Slashdot.

An anonymous reader quotes a report from Reuters: Senator Elizabeth Warren and three other Democratic lawmakers on Wednesday urged the Treasury Department to ensure the cryptocurrency industry is complying with sanctions imposed on Russia, expressing concern that digital assets could be used to undermine U.S. foreign policy goals. In a letter sent to Treasury Secretary Janet Yellen, Warren along with Senators Sherrod Brown, Mark Warner and Jack Reed questioned whether the department's Office of Foreign Assets Control (OFAC) had effective guidelines in place to enforce sanctions compliance within the crypto industry. "Strong enforcement of sanctions compliance in the cryptocurrency industry is critical given that digital assets, which allow entities to bypass the traditional financial system, may increasingly be used as a tool for sanctions evasion," the letter said. Biden administration officials have said that they do not believe Russia would be able to use cryptocurrency to completely evade sanctions. "The scale that the Russian state would need to successfully circumvent all U.S. and partners' financial sanctions would almost certainly render cryptocurrency as an ineffective primary tool for the state," said Carol House, the director of cybersecurity for the National Security Council, during a webinar on Wednesday. But the Democratic lawmakers said it was unclear whether OFAC had appropriate guidelines to effectively monitor the crypto industry's compliance with sanctions, noting that the agency has become "increasingly reliant upon voluntary self-disclosure."Read more of this story at Slashdot.

Microsoft's latest Windows 11 test build is another substantial one, adding two important features: payment information, and a new security feature called Smart App Control that will watch over new apps and games that you add to your PC. PCWorld reports: Microsoft released Windows 11 Insider Preview Build 22567 for the Dev Channel on Wednesday with other changes, tooâ"including a tweak to Windows Update, so that now you can configure your PC to turn on an update when renewable energy is at its most plentiful. (Remember, code that Microsoft tests within the Dev Channel may make its way to your PC eventually -- or not.) Asking for credit-card information within Windows isn't that startling, as you've probably already entered payment information into the Microsoft ecosystem either for buying apps or movies on the Microsoft Store app or for making similar purchases via your Xbox. Still, those transactions are normally performed via your Microsoft Account web page, which manages all of that online and behind the scenes. (You can reach them via the Windows 11 Settings > Accounts > Your Microsoft account.) Microsoft considers the additional credit-card info as part of the subscription option it added last month. Now, if your subscription risks falling through because of an expired credit card, Microsoft will alert you. Conceptually, however, it implies that your PC is as much a tool to make purchases as it is to simply work and game. Another interesting addition is what Microsoft calls Smart App Control, or SAC. Microsoft describes it as a "new security feature for Windows 11 that blocks untrusted or potentially dangerous applications." What those applications are, apparently, is up to Microsoft. And yes, there's always a concern that SAC would flag otherwise innocuous applications that it simply hasn't seen before. But Microsoft is gently easing SAC onto your PC. For one thing, you'll need to perform a clean install to enable it. For another, SAC won't immediately insert itself. Other tweaks and changes include the ability to have Windows update your PC when clean energy is more commonly available (via Microsoft's partners electricityMap or WattTime) and better integration between your Android phone and PC via Windows 11 OOBE (Out of the Box Experience). Additionally, "Microsoft now offers wider availability of speech packs to improve transcription, the ability to choose a mic for dictation/ transcription, and the ability to mute your speakers by simply clicking the volume icon in the hardware indicator for volume," reports PCWorld.Read more of this story at Slashdot.

sciencehabit shares a report from Science.org: Physicists in Australia have programmed a quantum computer half a world away to make, or at least simulate, a record-size time crystal -- a system of quantum particles that locks into a perpetual cycle in time, somewhat akin to the repeating spatial pattern of atoms in an actual crystal. The new time crystal comprises 57 quantum particles, more than twice the size of a 20-particle time crystal simulated last year by scientists at Google. That's so big that no conventional computer could simulate it, says Chetan Nayak, a condensed matter physicist at Microsoft, who was not involved in the work. "So that's definitely an important advance." The work shows the power of quantum computers to simulate complex systems that may otherwise exist only in physicists' theories. [Philipp Frey and Stephan Rachel, theorists at the University of Melbourne] performed the simulation remotely, using quantum computers built and run by IBM in the United States. The qubits, which can be set to 0, 1, or 1 and 0 at once, can be programmed to interact like magnets. For certain settings of their interactions, the researchers found, any initial setting of the 57 qubits, such as 01101101110 ..., remains stable, returning to its original state every two pulses, the researchers report today in Science Advances. [...] Whereas more than 100 researchers worked on the Google simulation, Frey and Rachel worked alone to perform their larger demonstration, submitting it to the IBM computers over the internet. "It was just me, my graduate student, and a laptop," Rachel says, adding that "Philipp is brilliant!" The entire project took about 6 months, he estimates. The demonstration isn't perfect, Rachel says. The flipping pattern ought to last indefinitely, he says, but the qubits in IBM's machines can only hold their states long enough to simulate about 50 cycles. Ultimately, the stabilizing effect of the interactions might be used to store the state of a string of qubits in a kind of memory for a quantum computer, he notes, but realizing such an advance will take -- what else? -- time.Read more of this story at Slashdot.

An anonymous reader quotes a report from Reuters: Alphabet's Google from April 4 will require employees back about three days a week in some of its U.S., U.K. and Asia Pacific offices, its first step to end policies that allowed remote work because of COVID-19 concerns. An internal email on Wednesday seen by Reuters told employees in the San Francisco Bay Area that "advances in prevention and treatment, the steady decline in cases we continue to see and the improved safety measures we have implemented ... now mean we can officially begin the transition to the hybrid work week." Google expects most employees will be in offices about three days a week, with some variance by team and role. Everyone coming to the office must be fully vaccinated against COVID-19 or have an approved exemption, according to the email from John Casey, Google's vice president of global benefits. Unvaccinated workers without an exemption will be given an option to seek one or apply for permanent remote work. Fully vaccinated workers will not have to wear masks in Bay Area offices, Casey said. Employees not prepared to return April 4 also can seek a remote-work extension, Google said. Google largely has restored office perks such as free meals, massages and transit. But while business visitors and meetings are permitted, employees cannot yet bring back families or children to dine or visit with them.Read more of this story at Slashdot.

BrendaEM shares a report from The Register: Ukrainian news website Ukrainska Pravda says the nation's Centre for Defense Strategies think tank has obtained the personal details of 120,000 Russian servicemen fighting in Ukraine. The publication has now shared this data freely on its website. The Register and others have been unable to fully verify the accuracy of the data from the leak. The records include what appears to be names, addresses, passport numbers, unit names, and phone numbers. Some open source intelligence researchers on Twitter said they found positive matches, as did sources who spoke confidentially to El Reg; others said they couldn't verify dip-sampled data. Rumors swirled on the internet that activists were behind the disclosure. The Ukrainian news agency said the personnel records were obtained from "reliable sources." Whether or not the database's contents is real, the impact on Russian military morale -- knowing that your country's enemies have your personal details and can contact your family if you're captured, killed, or even still alive -- won't be insignificant.Read more of this story at Slashdot.

In a 15-minute-long video, YouTuber Quinn Nelson from Snazzy Labs explains how he managed to shrink the current M1 Mac Mini by 78% without harming performance. 9to5Mac reports: In conclusion, by rearranging the internals and swapping out the power supply, Nelson was able to reduce the size of the Mac mini enclosure by 78%. He organized all the parts inside a 3D-printed body with a mini Mac Pro motif. The reason that theoretical space savings are so huge is because when Apple released the first round of Apple Silicon computers, they did not change the hardware industrial design at all. So the current Mac Mini enclosure is designed to fit an Intel CPU and circuit board, including having to accommodate the large fans and heat sinks the Intel chip required. But with the power efficiency of the M1, Apple has the headroom to do something much more drastic. Indeed, a lot of the M1 Mac mini internals is just empty space. The Snazzy Labs video gives a glimpse at what is possible if Apple is more ambitious with the next-generation Mac mini design, and tries to create something truly mini. The CAD files and schematics can be viewed here.Read more of this story at Slashdot.